431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee/*
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee * CDDL HEADER START
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee *
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee * The contents of this file are subject to the terms of the
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee * Common Development and Distribution License (the "License").
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee * You may not use this file except in compliance with the License.
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee *
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee * or http://www.opensolaris.org/os/licensing.
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee * See the License for the specific language governing permissions
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee * and limitations under the License.
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee *
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee * When distributing Covered Code, include this CDDL HEADER in each
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee * If applicable, add the following below this CDDL HEADER, with the
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee * fields enclosed by brackets "[]" replaced with your own identifying
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee * information: Portions Copyright [yyyy] [name of copyright owner]
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee *
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee * CDDL HEADER END
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee *
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee * Copyright 2007 Sun Microsystems, Inc. All rights reserved.
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee * Use is subject to license terms.
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee */
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee#pragma ident "%Z%%M% %I% %E% SMI"
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee#include <stdio.h>
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee#include <strings.h>
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee#include <ctype.h>
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee#include <libgen.h>
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee#include <libintl.h>
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee#include <errno.h>
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee#include <kmfapiP.h>
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee#include <sys/stat.h>
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee#include <sys/param.h>
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee#include <cryptoutil.h>
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee#include "util.h"
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee
431deaa01ac039d796fdfaf86b909a75e7d9ac48hyleestatic int err; /* To store errno which may be overwritten by gettext() */
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee
431deaa01ac039d796fdfaf86b909a75e7d9ac48hyleeint
431deaa01ac039d796fdfaf86b909a75e7d9ac48hyleekc_uninstall(int argc, char *argv[])
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee{
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee int rv = KC_OK;
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee int opt;
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee extern int optind_av;
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee extern char *optarg_av;
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee char *keystore_name = NULL;
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee conf_entry_t *entry = NULL;
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee FILE *pfile = NULL;
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee FILE *pfile_tmp = NULL;
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee char tmpfile_name[MAXPATHLEN];
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee char buffer[MAXPATHLEN];
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee char buffer2[MAXPATHLEN];
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee boolean_t found;
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee boolean_t in_package;
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee while ((opt = getopt_av(argc, argv, "k:(keystore)")) != EOF) {
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee switch (opt) {
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee case 'k':
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee if (keystore_name != NULL)
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee rv = KC_ERR_USAGE;
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee else {
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee keystore_name = get_string(optarg_av, &rv);
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee if (keystore_name == NULL) {
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee (void) fprintf(stderr, gettext(
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee "Error keystore input.\n"));
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee }
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee }
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee break;
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee default:
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee (void) fprintf(stderr,
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee gettext("Error input option.\n"));
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee rv = KC_ERR_USAGE;
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee break;
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee }
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee if (rv != KC_OK)
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee goto out;
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee }
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee /* No additional args allowed. */
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee argc -= optind_av;
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee if (argc) {
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee (void) fprintf(stderr,
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee gettext("Error input option\n"));
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee rv = KC_ERR_USAGE;
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee goto out;
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee }
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee if (keystore_name == NULL) {
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee (void) fprintf(stderr,
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee gettext("Error input option\n"));
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee rv = KC_ERR_USAGE;
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee goto out;
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee }
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee if (strcasecmp(keystore_name, "nss") == 0 ||
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee strcasecmp(keystore_name, "pkcs11") == 0 ||
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee strcasecmp(keystore_name, "file") == 0) {
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee (void) fprintf(stderr,
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee gettext("Can not uninstall the built-in keystore %s\n"),
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee keystore_name);
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee rv = KC_ERR_UNINSTALL;
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee goto out;
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee }
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee entry = get_keystore_entry(keystore_name);
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee if (entry == NULL) {
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee (void) fprintf(stderr, gettext("%s does not exist.\n"),
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee keystore_name);
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee rv = KC_ERR_USAGE;
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee goto out;
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee }
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee if ((pfile = fopen(_PATH_KMF_CONF, "r+")) == NULL) {
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee err = errno;
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee (void) fprintf(stderr,
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee gettext("failed to update the configuration - %s\n"),
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee strerror(err));
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee rv = KC_ERR_ACCESS;
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee goto out;
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee }
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee if (lockf(fileno(pfile), F_TLOCK, 0) == -1) {
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee err = errno;
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee (void) fprintf(stderr,
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee gettext("failed to lock the configuration - %s\n"),
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee strerror(err));
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee rv = KC_ERR_UNINSTALL;
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee goto out;
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee }
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee /*
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee * Create a temporary file in the /etc/crypto directory.
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee */
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee (void) strlcpy(tmpfile_name, CONF_TEMPFILE, sizeof (tmpfile_name));
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee if (mkstemp(tmpfile_name) == -1) {
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee err = errno;
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee (void) fprintf(stderr,
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee gettext("failed to create a temporary file - %s\n"),
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee strerror(err));
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee rv = KC_ERR_UNINSTALL;
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee goto out;
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee }
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee if ((pfile_tmp = fopen(tmpfile_name, "w")) == NULL) {
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee err = errno;
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee (void) fprintf(stderr,
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee gettext("failed to open a temporary file - %s\n"),
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee strerror(err));
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee rv = KC_ERR_UNINSTALL;
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee goto out;
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee }
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee /*
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee * Loop thru the config file. If the plugin to be uninstalled is in
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee * a package, then just comment it off.
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee */
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee in_package = B_FALSE;
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee while (fgets(buffer, MAXPATHLEN, pfile) != NULL) {
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee found = B_FALSE;
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee if (buffer[0] != ' ' && buffer[0] != '\n' &&
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee buffer[0] != '\t') {
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee if (strstr(buffer, " Start ") != NULL) {
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee in_package = B_TRUE;
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee } else if (strstr(buffer, " End ") != NULL) {
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee in_package = B_FALSE;
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee } else if (buffer[0] != '#') {
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee char *name;
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee int len;
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee /*
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee * make a copy of the original buffer to
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee * buffer2. Also get rid of the trailing
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee * '\n' from buffer2.
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee */
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee (void) strlcpy(buffer2, buffer, MAXPATHLEN);
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee /* get rid of trailing '\n' */
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee len = strlen(buffer2);
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee if (buffer2[len-1] == '\n') {
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee len--;
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee }
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee buffer2[len] = '\0';
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee if ((name = strtok(buffer2, SEP_COLON)) ==
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee NULL) {
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee rv = KC_ERR_UNINSTALL;
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee goto out;
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee }
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee if (strcmp(keystore_name, name) == 0)
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee found = B_TRUE;
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee }
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee }
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee if (found) {
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee /*
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee * If found and not in_package, then don't write
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee * this line to the result file.
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee */
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee if (in_package) {
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee (void) snprintf(buffer2, sizeof (buffer2),
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee "%s%s", "#", buffer);
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee if (fputs(buffer2, pfile_tmp) == EOF) {
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee rv = KC_ERR_UNINSTALL;
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee goto out;
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee }
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee }
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee } else {
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee if (fputs(buffer, pfile_tmp) == EOF) {
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee rv = KC_ERR_UNINSTALL;
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee goto out;
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee }
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee }
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee }
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee
431deaa01ac039d796fdfaf86b909a75e7d9ac48hyleeout:
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee if (pfile != NULL)
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee (void) fclose(pfile);
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee if (rv != KC_OK && pfile_tmp != NULL)
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee (void) unlink(tmpfile_name);
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee if (pfile_tmp != NULL)
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee (void) fclose(pfile_tmp);
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee if (rv == KC_OK) {
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee if (rename(tmpfile_name, _PATH_KMF_CONF) == -1) {
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee err = errno;
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee (void) fprintf(stderr, gettext(
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee "failed to update the configuration - %s"),
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee strerror(err));
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee return (KC_ERR_UNINSTALL);
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee }
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee if (chmod(_PATH_KMF_CONF,
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH) == -1) {
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee err = errno;
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee (void) fprintf(stderr, gettext(
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee "failed to update the configuration - %s\n"),
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee strerror(err));
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee return (KC_ERR_UNINSTALL);
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee }
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee }
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee return (rv);
431deaa01ac039d796fdfaf86b909a75e7d9ac48hylee}