13089Swyllys /*
23089Swyllys * CDDL HEADER START
33089Swyllys *
43089Swyllys * The contents of this file are subject to the terms of the
53089Swyllys * Common Development and Distribution License (the "License").
63089Swyllys * You may not use this file except in compliance with the License.
73089Swyllys *
83089Swyllys * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
93089Swyllys * or http://www.opensolaris.org/os/licensing.
103089Swyllys * See the License for the specific language governing permissions
113089Swyllys * and limitations under the License.
123089Swyllys *
133089Swyllys * When distributing Covered Code, include this CDDL HEADER in each
143089Swyllys * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
153089Swyllys * If applicable, add the following below this CDDL HEADER, with the
163089Swyllys * fields enclosed by brackets "[]" replaced with your own identifying
173089Swyllys * information: Portions Copyright [yyyy] [name of copyright owner]
183089Swyllys *
193089Swyllys * CDDL HEADER END
203089Swyllys *
213089Swyllys *
22*5051Swyllys * Copyright 2007 Sun Microsystems, Inc. All rights reserved.
233089Swyllys * Use is subject to license terms.
243089Swyllys */
253089Swyllys
263089Swyllys #pragma ident "%Z%%M% %I% %E% SMI"
273089Swyllys
283089Swyllys #include <stdio.h>
293089Swyllys #include <strings.h>
303089Swyllys #include <ctype.h>
313089Swyllys #include <libgen.h>
323089Swyllys #include <libintl.h>
333089Swyllys #include <locale.h>
343089Swyllys #include <errno.h>
353089Swyllys #include <kmfapiP.h>
363089Swyllys
373089Swyllys #include "util.h"
383089Swyllys
393089Swyllys int
kc_export(int argc,char * argv[])403089Swyllys kc_export(int argc, char *argv[])
413089Swyllys {
423089Swyllys int rv = KC_OK;
433089Swyllys char *filename = NULL;
443089Swyllys char *outfile = NULL;
453089Swyllys char *policyname = NULL;
463089Swyllys POLICY_LIST *plclist = NULL, *pnode;
473089Swyllys int opt, found = 0;
483089Swyllys extern int optind_av;
493089Swyllys extern char *optarg_av;
503089Swyllys
513089Swyllys while ((opt = getopt_av(argc, argv,
52*5051Swyllys "d:(dbfile)p:(policy)o:(outfile)")) != EOF) {
533089Swyllys switch (opt) {
543089Swyllys case 'd':
553089Swyllys filename = get_string(optarg_av, &rv);
563089Swyllys if (filename == NULL) {
573089Swyllys (void) fprintf(stderr,
583089Swyllys gettext("Error dbfile input.\n"));
593089Swyllys }
603089Swyllys break;
613089Swyllys case 'p':
623089Swyllys policyname = get_string(optarg_av, &rv);
633089Swyllys if (policyname == NULL) {
643089Swyllys (void) fprintf(stderr,
653089Swyllys gettext("Error policy name.\n"));
663089Swyllys }
673089Swyllys break;
683089Swyllys case 'o':
693089Swyllys outfile = get_string(optarg_av, &rv);
703089Swyllys if (outfile == NULL) {
713089Swyllys (void) fprintf(stderr,
723089Swyllys gettext("Error outfile input.\n"));
733089Swyllys }
743089Swyllys break;
753089Swyllys default:
763089Swyllys (void) fprintf(stderr,
773089Swyllys gettext("Error input option.\n"));
783089Swyllys rv = KC_ERR_USAGE;
793089Swyllys break;
803089Swyllys }
813089Swyllys
823089Swyllys if (rv != KC_OK)
833089Swyllys goto out;
843089Swyllys }
853089Swyllys
863089Swyllys /* No additional args allowed. */
873089Swyllys argc -= optind_av;
883089Swyllys if (argc) {
893089Swyllys (void) fprintf(stderr,
903089Swyllys gettext("Error input option\n"));
913089Swyllys rv = KC_ERR_USAGE;
923089Swyllys goto out;
933089Swyllys }
943089Swyllys
953089Swyllys if (filename == NULL) {
963089Swyllys filename = strdup(KMF_DEFAULT_POLICY_FILE);
973089Swyllys if (filename == NULL) {
983089Swyllys rv = KC_ERR_MEMORY;
993089Swyllys goto out;
1003089Swyllys }
1013089Swyllys }
1023089Swyllys
1033089Swyllys if (policyname == NULL) {
1043089Swyllys (void) fprintf(stderr,
1053089Swyllys gettext("You must specify a policy name\n"));
1063089Swyllys rv = KC_ERR_USAGE;
1073089Swyllys goto out;
1083089Swyllys }
1093089Swyllys
1103089Swyllys if (outfile == NULL) {
1113089Swyllys (void) fprintf(stderr,
1123089Swyllys gettext("You must specify a output DB file\n"));
1133089Swyllys rv = KC_ERR_USAGE;
1143089Swyllys goto out;
1153089Swyllys }
1163089Swyllys
1173089Swyllys if (strcmp(outfile, KMF_DEFAULT_POLICY_FILE) == 0 &&
1183089Swyllys strcmp(policyname, KMF_DEFAULT_POLICY_NAME) == 0) {
1193089Swyllys (void) fprintf(stderr,
1203089Swyllys gettext("Can not export the default policy record to "
1213089Swyllys "the system default policy database\n"));
1223089Swyllys rv = KC_ERR_USAGE;
1233089Swyllys goto out;
1243089Swyllys }
1253089Swyllys
1263089Swyllys rv = load_policies(filename, &plclist);
1273089Swyllys if (rv != KMF_OK)
1283089Swyllys goto out;
1293089Swyllys
1303089Swyllys pnode = plclist;
1313089Swyllys while (pnode != NULL && !found) {
1323089Swyllys if (strcmp(policyname, pnode->plc.name) == 0) {
1333089Swyllys KMF_RETURN ret;
1343089Swyllys
1353089Swyllys found++;
136*5051Swyllys ret = kmf_verify_policy(&pnode->plc);
1373089Swyllys if (ret != KMF_OK) {
1383089Swyllys print_sanity_error(ret);
1393089Swyllys rv = KC_ERR_VERIFY_POLICY;
1403089Swyllys break;
1413089Swyllys }
142*5051Swyllys rv = kmf_add_policy_to_db(&pnode->plc, outfile,
143*5051Swyllys B_FALSE);
1443089Swyllys }
1453089Swyllys pnode = pnode->next;
1463089Swyllys }
1473089Swyllys
1483089Swyllys if (!found) {
1493089Swyllys (void) fprintf(stderr,
1503089Swyllys gettext("Could not find policy \"%s\" in %s\n"),
1513089Swyllys policyname, filename);
1523089Swyllys rv = KC_ERR_FIND_POLICY;
1533089Swyllys }
1543089Swyllys
1553089Swyllys out:
1563089Swyllys if (filename != NULL)
1573089Swyllys free(filename);
1583089Swyllys
1593089Swyllys if (policyname != NULL)
1603089Swyllys free(policyname);
1613089Swyllys
1623089Swyllys if (outfile != NULL)
1633089Swyllys free(outfile);
1643089Swyllys
1653089Swyllys free_policy_list(plclist);
1663089Swyllys
1673089Swyllys return (rv);
1683089Swyllys }
169