postinstall revision b6c3f7863936abeae522e48a13887dddeb691a45
2d0611ffc9f91c5fc2ddccb93f9a3d17791ae650takashi# CDDL HEADER START
f73f2c2fae0ded6c8273c28d025ba8aa8136a0fend# The contents of this file are subject to the terms of the
5d8c229294268bca44bd1400700b175c999f41feyoshiki# Common Development and Distribution License (the "License").
d0e5d6b1ca9d19c88060ad6a97fe4bb1f5d58859jim# You may not use this file except in compliance with the License.
f73f2c2fae0ded6c8273c28d025ba8aa8136a0fend# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
50c04f297d76a57ead2fa6b73845f7563b1fc788sf# See the License for the specific language governing permissions
f73f2c2fae0ded6c8273c28d025ba8aa8136a0fend# and limitations under the License.
f73f2c2fae0ded6c8273c28d025ba8aa8136a0fend# When distributing Covered Code, include this CDDL HEADER in each
d9b843d090f14405079b4a61a493316cd3f1e5b9minfrin# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
c9c5542f81fad2ca5439df7a808acc3cb1b5f2e0yoshiki# If applicable, add the following below this CDDL HEADER, with the
8951c7d73bfa2ae5a2c8fe5bd27f3e677be02564noirin# fields enclosed by brackets "[]" replaced with your own identifying
909ce17e2bd0faef7b1c294f2307f009793fd493nd# information: Portions Copyright [yyyy] [name of copyright owner]
0ce5630695a7aa568811a9dd0aceedd685f040dend# CDDL HEADER END
42af92a661a06b3cebc88d585aad75064a309d51nd# Copyright 2006 Sun Microsystems, Inc. All rights reserved.
8951c7d73bfa2ae5a2c8fe5bd27f3e677be02564noirin# Use is subject to license terms.
f73f2c2fae0ded6c8273c28d025ba8aa8136a0fend# ident "%Z%%M% %I% %E% SMI"
101bf3584c853027d9e51df6edfff5ff70c80238jim# This postinstall script "clones" the policy for aes/arcfour/blowfish to the
101bf3584c853027d9e51df6edfff5ff70c80238jim# encryption kit aes256, arcfour2048, and blowfish448 modules.
f73f2c2fae0ded6c8273c28d025ba8aa8136a0fend# Because we want to do the policy cloning and only have one of the kernel
43f6cc6aa3312619633538b8978619a48c0ce52eminfrin# providers enabled we can't use the i.kcfconf class action script.
412bf2d2fd3ee0608bc0767e2281e47ea317963end# We can't run cryptoadm(1m) here because it might not be available yet.
f73f2c2fae0ded6c8273c28d025ba8aa8136a0fendif [ ! -r $kcfconf ]; then
4cf7cf20e77128a5b75ab519e2db0286b24fef68yoshiki echo "/etc/crypto/kcf.conf not found, this may be an attempt to \c"
f73f2c2fae0ded6c8273c28d025ba8aa8136a0fend echo "install this package on an incorrect release of Solaris"
0ce5630695a7aa568811a9dd0aceedd685f040dend# No release that has kcf.conf does NOT have ipsecalgs, so no need to check.
e8b603fa9ccf7b17b11b42df6d8916fd97c2331dndcp $kcfconf ${kcfconf}.tmp
2f39535ac2206b346dcfbcaf271e3addc901f520rbowensed -e 's/^aes:/aes256:/' -e 's/^blowfish:/blowfish448:/' -e \
f73f2c2fae0ded6c8273c28d025ba8aa8136a0fend 's/^arcfour:/arcfour2048:/' \
2a9d60313e1c967b4bc51ec3de3fbd3f7ae454d6nd $kcfconf > ${kcfconf}.tmp
f73f2c2fae0ded6c8273c28d025ba8aa8136a0fendmv -f ${kcfconf}.tmp $kcfconf
4cf7cf20e77128a5b75ab519e2db0286b24fef68yoshikicp $ipsecalgs ${ipsecalgs}.tmp
f73f2c2fae0ded6c8273c28d025ba8aa8136a0fendsed -e 's/_CBC|128\/32-128,8/_CBC|128\/32-448,8/' \
03a4ff9ac4c9b8009249010e7c53bb86ff05915and -e 's/AES_CBC|128|/AES_CBC|128\/128-256,64|/' \
343a568a3281a6a0a4c562407aef7b0dfc299b98minfrin $ipsecalgs > ${ipsecalgs}.tmp
1e367a83311e5243e04d68857d007d04765a48f9chrisdmv -f ${ipsecalgs}.tmp $ipsecalgs
b062c76dff08accbdae415e6fed10ad6696b5a80takashiif [ ${BASEDIR:="/"} = "/" ]; then