c28749e97052f09388969427adf7df641cdcdc22kais/*
c28749e97052f09388969427adf7df641cdcdc22kais * CDDL HEADER START
c28749e97052f09388969427adf7df641cdcdc22kais *
c28749e97052f09388969427adf7df641cdcdc22kais * The contents of this file are subject to the terms of the
c892ebf1bef94f4f922f282c11516677c134dbe0krishna * Common Development and Distribution License (the "License").
c892ebf1bef94f4f922f282c11516677c134dbe0krishna * You may not use this file except in compliance with the License.
c28749e97052f09388969427adf7df641cdcdc22kais *
c28749e97052f09388969427adf7df641cdcdc22kais * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
c28749e97052f09388969427adf7df641cdcdc22kais * or http://www.opensolaris.org/os/licensing.
c28749e97052f09388969427adf7df641cdcdc22kais * See the License for the specific language governing permissions
c28749e97052f09388969427adf7df641cdcdc22kais * and limitations under the License.
c28749e97052f09388969427adf7df641cdcdc22kais *
c28749e97052f09388969427adf7df641cdcdc22kais * When distributing Covered Code, include this CDDL HEADER in each
c28749e97052f09388969427adf7df641cdcdc22kais * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
c28749e97052f09388969427adf7df641cdcdc22kais * If applicable, add the following below this CDDL HEADER, with the
c28749e97052f09388969427adf7df641cdcdc22kais * fields enclosed by brackets "[]" replaced with your own identifying
c28749e97052f09388969427adf7df641cdcdc22kais * information: Portions Copyright [yyyy] [name of copyright owner]
c28749e97052f09388969427adf7df641cdcdc22kais *
c28749e97052f09388969427adf7df641cdcdc22kais * CDDL HEADER END
c28749e97052f09388969427adf7df641cdcdc22kais */
c28749e97052f09388969427adf7df641cdcdc22kais/*
c892ebf1bef94f4f922f282c11516677c134dbe0krishna * Copyright 2006 Sun Microsystems, Inc. All rights reserved.
c28749e97052f09388969427adf7df641cdcdc22kais * Use is subject to license terms.
c28749e97052f09388969427adf7df641cdcdc22kais */
c28749e97052f09388969427adf7df641cdcdc22kais
c28749e97052f09388969427adf7df641cdcdc22kais#pragma ident "%Z%%M% %I% %E% SMI"
c28749e97052f09388969427adf7df641cdcdc22kais
c28749e97052f09388969427adf7df641cdcdc22kais#include <ctype.h>
c28749e97052f09388969427adf7df641cdcdc22kais#include <stdio.h>
c28749e97052f09388969427adf7df641cdcdc22kais#include <stdlib.h>
c28749e97052f09388969427adf7df641cdcdc22kais#include <unistd.h>
c28749e97052f09388969427adf7df641cdcdc22kais#include <fcntl.h>
c28749e97052f09388969427adf7df641cdcdc22kais#include <strings.h>
c28749e97052f09388969427adf7df641cdcdc22kais#include <libscf.h>
c28749e97052f09388969427adf7df641cdcdc22kais#include <sys/errno.h>
c28749e97052f09388969427adf7df641cdcdc22kais#include <errno.h>
c28749e97052f09388969427adf7df641cdcdc22kais#include <sys/stropts.h>
c28749e97052f09388969427adf7df641cdcdc22kais#include "kssladm.h"
c28749e97052f09388969427adf7df641cdcdc22kais
c28749e97052f09388969427adf7df641cdcdc22kais
c28749e97052f09388969427adf7df641cdcdc22kais/*
c28749e97052f09388969427adf7df641cdcdc22kais * kssladm(1M)
c28749e97052f09388969427adf7df641cdcdc22kais *
c28749e97052f09388969427adf7df641cdcdc22kais * Command to manage the entries in kernel SSL proxy table. This is
c28749e97052f09388969427adf7df641cdcdc22kais * a private command called indirectly from ksslcfg(1M).
c28749e97052f09388969427adf7df641cdcdc22kais */
c28749e97052f09388969427adf7df641cdcdc22kais
c28749e97052f09388969427adf7df641cdcdc22kaisboolean_t verbose = B_FALSE;
c28749e97052f09388969427adf7df641cdcdc22kais
c28749e97052f09388969427adf7df641cdcdc22kaisstatic void
c28749e97052f09388969427adf7df641cdcdc22kaisusage_all(void)
c28749e97052f09388969427adf7df641cdcdc22kais{
c28749e97052f09388969427adf7df641cdcdc22kais (void) fprintf(stderr, "Usage:\n");
c28749e97052f09388969427adf7df641cdcdc22kais usage_create(B_FALSE);
c28749e97052f09388969427adf7df641cdcdc22kais usage_delete(B_FALSE);
c28749e97052f09388969427adf7df641cdcdc22kais}
c28749e97052f09388969427adf7df641cdcdc22kais
c28749e97052f09388969427adf7df641cdcdc22kaisint
c28749e97052f09388969427adf7df641cdcdc22kaismain(int argc, char **argv)
c28749e97052f09388969427adf7df641cdcdc22kais{
c28749e97052f09388969427adf7df641cdcdc22kais int rv = SUCCESS;
c28749e97052f09388969427adf7df641cdcdc22kais
c28749e97052f09388969427adf7df641cdcdc22kais if (argc < 2) {
c28749e97052f09388969427adf7df641cdcdc22kais usage_all();
c28749e97052f09388969427adf7df641cdcdc22kais return (SMF_EXIT_ERR_CONFIG);
c28749e97052f09388969427adf7df641cdcdc22kais }
c28749e97052f09388969427adf7df641cdcdc22kais
c28749e97052f09388969427adf7df641cdcdc22kais if (strcmp(argv[1], "create") == 0) {
c28749e97052f09388969427adf7df641cdcdc22kais rv = do_create(argc, argv);
c28749e97052f09388969427adf7df641cdcdc22kais } else if (strcmp(argv[1], "delete") == 0) {
c28749e97052f09388969427adf7df641cdcdc22kais rv = do_delete(argc, argv);
c28749e97052f09388969427adf7df641cdcdc22kais } else {
c28749e97052f09388969427adf7df641cdcdc22kais (void) fprintf(stderr, "Unknown sub-command: %s\n", argv[1]);
c28749e97052f09388969427adf7df641cdcdc22kais usage_all();
c28749e97052f09388969427adf7df641cdcdc22kais rv = SMF_EXIT_ERR_CONFIG;
c28749e97052f09388969427adf7df641cdcdc22kais }
c28749e97052f09388969427adf7df641cdcdc22kais
c28749e97052f09388969427adf7df641cdcdc22kais return (rv);
c28749e97052f09388969427adf7df641cdcdc22kais}
c28749e97052f09388969427adf7df641cdcdc22kais
c28749e97052f09388969427adf7df641cdcdc22kais
c28749e97052f09388969427adf7df641cdcdc22kais/*
c28749e97052f09388969427adf7df641cdcdc22kais * Read a passphrase from the file into the supplied buffer.
c28749e97052f09388969427adf7df641cdcdc22kais * A space character and the characters that follow
c28749e97052f09388969427adf7df641cdcdc22kais * the space character will be ignored.
c28749e97052f09388969427adf7df641cdcdc22kais * Return 0 when no valid passphrase was found in the file.
c28749e97052f09388969427adf7df641cdcdc22kais */
c28749e97052f09388969427adf7df641cdcdc22kaisstatic int
c28749e97052f09388969427adf7df641cdcdc22kaisread_pass_from_file(const char *filename, char *buffer, size_t bufsize)
c28749e97052f09388969427adf7df641cdcdc22kais{
c28749e97052f09388969427adf7df641cdcdc22kais char *line;
c28749e97052f09388969427adf7df641cdcdc22kais char *p;
c28749e97052f09388969427adf7df641cdcdc22kais FILE *fp;
c28749e97052f09388969427adf7df641cdcdc22kais
c28749e97052f09388969427adf7df641cdcdc22kais fp = fopen(filename, "r");
c28749e97052f09388969427adf7df641cdcdc22kais if (fp == NULL) {
c28749e97052f09388969427adf7df641cdcdc22kais (void) fprintf(stderr,
c28749e97052f09388969427adf7df641cdcdc22kais "Unable to open password file for reading");
c28749e97052f09388969427adf7df641cdcdc22kais return (1);
c28749e97052f09388969427adf7df641cdcdc22kais }
c28749e97052f09388969427adf7df641cdcdc22kais
c28749e97052f09388969427adf7df641cdcdc22kais line = fgets(buffer, bufsize, fp);
c28749e97052f09388969427adf7df641cdcdc22kais (void) fclose(fp);
c28749e97052f09388969427adf7df641cdcdc22kais if (line == NULL) {
c28749e97052f09388969427adf7df641cdcdc22kais return (0);
c28749e97052f09388969427adf7df641cdcdc22kais }
c28749e97052f09388969427adf7df641cdcdc22kais
c28749e97052f09388969427adf7df641cdcdc22kais for (p = buffer; *p != '\0'; p++) {
c28749e97052f09388969427adf7df641cdcdc22kais if (isspace(*p)) {
c28749e97052f09388969427adf7df641cdcdc22kais *p = '\0';
c28749e97052f09388969427adf7df641cdcdc22kais break;
c28749e97052f09388969427adf7df641cdcdc22kais }
c28749e97052f09388969427adf7df641cdcdc22kais }
c28749e97052f09388969427adf7df641cdcdc22kais
c28749e97052f09388969427adf7df641cdcdc22kais return (p - buffer);
c28749e97052f09388969427adf7df641cdcdc22kais}
c28749e97052f09388969427adf7df641cdcdc22kais
c28749e97052f09388969427adf7df641cdcdc22kais
c28749e97052f09388969427adf7df641cdcdc22kaisint
c28749e97052f09388969427adf7df641cdcdc22kaisget_passphrase(const char *password_file, char *buf, int buf_size)
c28749e97052f09388969427adf7df641cdcdc22kais{
c28749e97052f09388969427adf7df641cdcdc22kais if (password_file == NULL) {
c28749e97052f09388969427adf7df641cdcdc22kais char *passphrase = getpassphrase("Enter passphrase: ");
c28749e97052f09388969427adf7df641cdcdc22kais if (passphrase) {
c28749e97052f09388969427adf7df641cdcdc22kais return (strlcpy(buf, passphrase, buf_size));
c28749e97052f09388969427adf7df641cdcdc22kais }
c28749e97052f09388969427adf7df641cdcdc22kais
c28749e97052f09388969427adf7df641cdcdc22kais return (0);
c28749e97052f09388969427adf7df641cdcdc22kais }
c28749e97052f09388969427adf7df641cdcdc22kais
c28749e97052f09388969427adf7df641cdcdc22kais return (read_pass_from_file(password_file, buf, buf_size));
c28749e97052f09388969427adf7df641cdcdc22kais}
c28749e97052f09388969427adf7df641cdcdc22kais
c28749e97052f09388969427adf7df641cdcdc22kais
c28749e97052f09388969427adf7df641cdcdc22kaisint
c28749e97052f09388969427adf7df641cdcdc22kaiskssl_send_command(char *buf, int cmd)
c28749e97052f09388969427adf7df641cdcdc22kais{
c28749e97052f09388969427adf7df641cdcdc22kais int ksslfd;
c28749e97052f09388969427adf7df641cdcdc22kais int rv;
c28749e97052f09388969427adf7df641cdcdc22kais
c28749e97052f09388969427adf7df641cdcdc22kais ksslfd = open("/dev/kssl", O_RDWR);
c28749e97052f09388969427adf7df641cdcdc22kais if (ksslfd < 0) {
c28749e97052f09388969427adf7df641cdcdc22kais perror("Cannot open /dev/kssl");
c892ebf1bef94f4f922f282c11516677c134dbe0krishna return (-1);
c28749e97052f09388969427adf7df641cdcdc22kais }
c28749e97052f09388969427adf7df641cdcdc22kais
c28749e97052f09388969427adf7df641cdcdc22kais if ((rv = ioctl(ksslfd, cmd, buf)) < 0) {
c28749e97052f09388969427adf7df641cdcdc22kais switch (errno) {
c28749e97052f09388969427adf7df641cdcdc22kais case EEXIST:
c28749e97052f09388969427adf7df641cdcdc22kais (void) fprintf(stderr,
c28749e97052f09388969427adf7df641cdcdc22kais "Error: Can not create a INADDR_ANY instance"
c28749e97052f09388969427adf7df641cdcdc22kais " while another instance exists.\n");
c28749e97052f09388969427adf7df641cdcdc22kais break;
c28749e97052f09388969427adf7df641cdcdc22kais case EADDRINUSE:
c28749e97052f09388969427adf7df641cdcdc22kais (void) fprintf(stderr,
c28749e97052f09388969427adf7df641cdcdc22kais "Error: Another instance with the same"
c28749e97052f09388969427adf7df641cdcdc22kais " proxy port exists.\n");
c28749e97052f09388969427adf7df641cdcdc22kais break;
c28749e97052f09388969427adf7df641cdcdc22kais default:
c28749e97052f09388969427adf7df641cdcdc22kais perror("ioctl failure");
c28749e97052f09388969427adf7df641cdcdc22kais break;
c28749e97052f09388969427adf7df641cdcdc22kais }
c28749e97052f09388969427adf7df641cdcdc22kais }
c28749e97052f09388969427adf7df641cdcdc22kais
c28749e97052f09388969427adf7df641cdcdc22kais (void) close(ksslfd);
c28749e97052f09388969427adf7df641cdcdc22kais
c28749e97052f09388969427adf7df641cdcdc22kais return (rv);
c28749e97052f09388969427adf7df641cdcdc22kais}