1*0Sstevel@tonic-gate /* 2*0Sstevel@tonic-gate * CDDL HEADER START 3*0Sstevel@tonic-gate * 4*0Sstevel@tonic-gate * The contents of this file are subject to the terms of the 5*0Sstevel@tonic-gate * Common Development and Distribution License, Version 1.0 only 6*0Sstevel@tonic-gate * (the "License"). You may not use this file except in compliance 7*0Sstevel@tonic-gate * with the License. 8*0Sstevel@tonic-gate * 9*0Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10*0Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing. 11*0Sstevel@tonic-gate * See the License for the specific language governing permissions 12*0Sstevel@tonic-gate * and limitations under the License. 13*0Sstevel@tonic-gate * 14*0Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each 15*0Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16*0Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the 17*0Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying 18*0Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner] 19*0Sstevel@tonic-gate * 20*0Sstevel@tonic-gate * CDDL HEADER END 21*0Sstevel@tonic-gate */ 22*0Sstevel@tonic-gate /* 23*0Sstevel@tonic-gate * Copyright 2005 Sun Microsystems, Inc. All rights reserved. 24*0Sstevel@tonic-gate * Use is subject to license terms. 25*0Sstevel@tonic-gate */ 26*0Sstevel@tonic-gate #pragma ident "%Z%%M% %I% %E% SMI" 27*0Sstevel@tonic-gate 28*0Sstevel@tonic-gate #include <fcntl.h> 29*0Sstevel@tonic-gate #include <sys/types.h> 30*0Sstevel@tonic-gate #include <sys/stat.h> 31*0Sstevel@tonic-gate #include <door.h> 32*0Sstevel@tonic-gate #include <libintl.h> 33*0Sstevel@tonic-gate #include <string.h> 34*0Sstevel@tonic-gate #include <errno.h> 35*0Sstevel@tonic-gate #include <signal.h> 36*0Sstevel@tonic-gate #include <libscf.h> 37*0Sstevel@tonic-gate 38*0Sstevel@tonic-gate #include <cryptoutil.h> 39*0Sstevel@tonic-gate #include <sys/crypto/elfsign.h> 40*0Sstevel@tonic-gate #include "cryptoadm.h" 41*0Sstevel@tonic-gate 42*0Sstevel@tonic-gate int 43*0Sstevel@tonic-gate start_daemon(void) 44*0Sstevel@tonic-gate { 45*0Sstevel@tonic-gate closefrom(0); 46*0Sstevel@tonic-gate (void) open("/dev/null", O_RDONLY); 47*0Sstevel@tonic-gate (void) open("/dev/null", O_WRONLY); 48*0Sstevel@tonic-gate (void) dup(1); 49*0Sstevel@tonic-gate (void) setsid(); 50*0Sstevel@tonic-gate 51*0Sstevel@tonic-gate return (execl(_PATH_KCFD, _PATH_KCFD, (char *)0)); 52*0Sstevel@tonic-gate } 53*0Sstevel@tonic-gate 54*0Sstevel@tonic-gate int 55*0Sstevel@tonic-gate stop_daemon(void) 56*0Sstevel@tonic-gate { 57*0Sstevel@tonic-gate int fd = -1; 58*0Sstevel@tonic-gate int err = 0; 59*0Sstevel@tonic-gate struct door_info dinfo; 60*0Sstevel@tonic-gate 61*0Sstevel@tonic-gate /* read PID of kcfd process from kcfd lock file */ 62*0Sstevel@tonic-gate if ((fd = open(_PATH_KCFD_DOOR, O_RDONLY)) == -1) { 63*0Sstevel@tonic-gate err = errno; 64*0Sstevel@tonic-gate cryptodebug("Can not open %s: %s", _PATH_KCFD_DOOR, 65*0Sstevel@tonic-gate strerror(err)); 66*0Sstevel@tonic-gate goto stop_fail; 67*0Sstevel@tonic-gate } 68*0Sstevel@tonic-gate 69*0Sstevel@tonic-gate if (door_info(fd, &dinfo) == -1 || dinfo.di_target == -1) { 70*0Sstevel@tonic-gate err = ENOENT; /* no errno if di_target == -1 */ 71*0Sstevel@tonic-gate cryptodebug("no door server listening on %s", _PATH_KCFD_DOOR); 72*0Sstevel@tonic-gate goto stop_fail; 73*0Sstevel@tonic-gate } 74*0Sstevel@tonic-gate 75*0Sstevel@tonic-gate cryptodebug("Sending SIGINT to %d", dinfo.di_target); 76*0Sstevel@tonic-gate /* send a signal to kcfd process */ 77*0Sstevel@tonic-gate if ((kill(dinfo.di_target, SIGINT)) != 0) { 78*0Sstevel@tonic-gate err = errno; 79*0Sstevel@tonic-gate cryptodebug("failed to send a signal to kcfd: %s", 80*0Sstevel@tonic-gate strerror(errno)); 81*0Sstevel@tonic-gate goto stop_fail; 82*0Sstevel@tonic-gate } 83*0Sstevel@tonic-gate 84*0Sstevel@tonic-gate stop_fail: 85*0Sstevel@tonic-gate if (fd != -1) 86*0Sstevel@tonic-gate (void) close(fd); 87*0Sstevel@tonic-gate 88*0Sstevel@tonic-gate if (err != 0) { 89*0Sstevel@tonic-gate cryptoerror(LOG_STDERR, gettext( 90*0Sstevel@tonic-gate "failed to stop cryptographic framework daemon - %s."), 91*0Sstevel@tonic-gate strerror(err)); 92*0Sstevel@tonic-gate return (SMF_EXIT_MON_OFFLINE); 93*0Sstevel@tonic-gate } 94*0Sstevel@tonic-gate 95*0Sstevel@tonic-gate return (SMF_EXIT_OK); 96*0Sstevel@tonic-gate } 97