99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys/*
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys * CDDL HEADER START
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys *
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys * The contents of this file are subject to the terms of the
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys * Common Development and Distribution License (the "License").
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys * You may not use this file except in compliance with the License.
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys *
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys * or http://www.opensolaris.org/os/licensing.
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys * See the License for the specific language governing permissions
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys * and limitations under the License.
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys *
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys * When distributing Covered Code, include this CDDL HEADER in each
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys * If applicable, add the following below this CDDL HEADER, with the
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys * fields enclosed by brackets "[]" replaced with your own identifying
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys * information: Portions Copyright [yyyy] [name of copyright owner]
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys *
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys * CDDL HEADER END
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys *
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys *
30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys * Copyright 2007 Sun Microsystems, Inc. All rights reserved.
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys * Use is subject to license terms.
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys */
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys#pragma ident "%Z%%M% %I% %E% SMI"
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys#include <stdio.h>
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys#include <strings.h>
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys#include <ctype.h>
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys#include <libgen.h>
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys#include <libintl.h>
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys#include <locale.h>
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys#include <errno.h>
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys#include <kmfapiP.h>
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys#include "util.h"
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllysint
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllyskc_import(int argc, char *argv[])
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys{
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys int rv = KC_OK;
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys char *filename = NULL;
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys char *infile = NULL;
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys char *policyname = NULL;
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys POLICY_LIST *plclist = NULL, *pnode;
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys int opt, found = 0;
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys extern int optind_av;
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys extern char *optarg_av;
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys while ((opt = getopt_av(argc, argv,
30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys "d:(dbfile)p:(policy)i:(infile)")) != EOF) {
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys switch (opt) {
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys case 'd':
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys filename = get_string(optarg_av, &rv);
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (filename == NULL) {
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys (void) fprintf(stderr,
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys gettext("Error dbfile input.\n"));
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys break;
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys case 'p':
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys policyname = get_string(optarg_av, &rv);
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (policyname == NULL) {
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys (void) fprintf(stderr,
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys gettext("Error policy name.\n"));
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys break;
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys case 'i':
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys infile = get_string(optarg_av, &rv);
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (infile == NULL) {
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys (void) fprintf(stderr,
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys gettext("Error infile input.\n"));
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys break;
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys default:
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys (void) fprintf(stderr,
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys gettext("Error input option.\n"));
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys rv = KC_ERR_USAGE;
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys break;
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (rv != KC_OK)
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys goto out;
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys /* No additional args allowed. */
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys argc -= optind_av;
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (argc) {
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys (void) fprintf(stderr,
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys gettext("Error input option\n"));
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys rv = KC_ERR_USAGE;
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys goto out;
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (filename == NULL) {
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys filename = strdup(KMF_DEFAULT_POLICY_FILE);
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (filename == NULL) {
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys rv = KC_ERR_MEMORY;
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys goto out;
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (policyname == NULL) {
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys (void) fprintf(stderr,
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys gettext("You must specify a policy name\n"));
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys rv = KC_ERR_USAGE;
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys goto out;
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (infile == NULL) {
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys (void) fprintf(stderr,
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys gettext("You must specify a input DB file\n"));
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys rv = KC_ERR_USAGE;
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys goto out;
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (strcmp(filename, KMF_DEFAULT_POLICY_FILE) == 0 &&
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys strcmp(policyname, KMF_DEFAULT_POLICY_NAME) == 0) {
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys (void) fprintf(stderr,
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys gettext("Can not import the default policy record to "
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys "the system default policy database\n"));
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys rv = KC_ERR_USAGE;
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys goto out;
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys rv = load_policies(infile, &plclist);
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (rv != KMF_OK)
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys goto out;
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys pnode = plclist;
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys while (pnode != NULL && !found) {
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (strcmp(policyname, pnode->plc.name) == 0) {
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys KMF_RETURN ret;
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys found++;
30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys ret = kmf_verify_policy(&pnode->plc);
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (ret != KMF_OK) {
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys print_sanity_error(ret);
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys rv = KC_ERR_VERIFY_POLICY;
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys break;
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }
30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys rv = kmf_add_policy_to_db(&pnode->plc, filename,
30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys B_FALSE);
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys pnode = pnode->next;
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (!found) {
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys (void) fprintf(stderr,
30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys gettext("Could not find policy \"%s\" in %s\n"),
30a5e8fa1253cb33980ee4514743cf683f584b4ewyllys policyname, infile);
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys rv = KC_ERR_FIND_POLICY;
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys }
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllysout:
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (filename != NULL)
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys free(filename);
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (policyname != NULL)
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys free(policyname);
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys if (infile != NULL)
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys free(infile);
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys free_policy_list(plclist);
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys return (rv);
99ebb4ca412cb0a19d77a3899a87c055b9c30fa8wyllys}