13089Swyllys /*
23089Swyllys * CDDL HEADER START
33089Swyllys *
43089Swyllys * The contents of this file are subject to the terms of the
53089Swyllys * Common Development and Distribution License (the "License").
63089Swyllys * You may not use this file except in compliance with the License.
73089Swyllys *
83089Swyllys * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
93089Swyllys * or http://www.opensolaris.org/os/licensing.
103089Swyllys * See the License for the specific language governing permissions
113089Swyllys * and limitations under the License.
123089Swyllys *
133089Swyllys * When distributing Covered Code, include this CDDL HEADER in each
143089Swyllys * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
153089Swyllys * If applicable, add the following below this CDDL HEADER, with the
163089Swyllys * fields enclosed by brackets "[]" replaced with your own identifying
173089Swyllys * information: Portions Copyright [yyyy] [name of copyright owner]
183089Swyllys *
193089Swyllys * CDDL HEADER END
203089Swyllys *
213089Swyllys *
22*5051Swyllys * Copyright 2007 Sun Microsystems, Inc. All rights reserved.
233089Swyllys * Use is subject to license terms.
243089Swyllys */
253089Swyllys
263089Swyllys #pragma ident "%Z%%M% %I% %E% SMI"
273089Swyllys
283089Swyllys #include <stdio.h>
293089Swyllys #include <strings.h>
303089Swyllys #include <ctype.h>
313089Swyllys #include <libgen.h>
323089Swyllys #include <libintl.h>
333089Swyllys #include <locale.h>
343089Swyllys #include <errno.h>
353089Swyllys
363089Swyllys #include <kmfapiP.h>
373089Swyllys
383089Swyllys #include "util.h"
393089Swyllys
403089Swyllys int
kc_import(int argc,char * argv[])413089Swyllys kc_import(int argc, char *argv[])
423089Swyllys {
433089Swyllys int rv = KC_OK;
443089Swyllys char *filename = NULL;
453089Swyllys char *infile = NULL;
463089Swyllys char *policyname = NULL;
473089Swyllys POLICY_LIST *plclist = NULL, *pnode;
483089Swyllys int opt, found = 0;
493089Swyllys extern int optind_av;
503089Swyllys extern char *optarg_av;
513089Swyllys
523089Swyllys while ((opt = getopt_av(argc, argv,
53*5051Swyllys "d:(dbfile)p:(policy)i:(infile)")) != EOF) {
543089Swyllys switch (opt) {
553089Swyllys case 'd':
563089Swyllys filename = get_string(optarg_av, &rv);
573089Swyllys if (filename == NULL) {
583089Swyllys (void) fprintf(stderr,
593089Swyllys gettext("Error dbfile input.\n"));
603089Swyllys }
613089Swyllys break;
623089Swyllys case 'p':
633089Swyllys policyname = get_string(optarg_av, &rv);
643089Swyllys if (policyname == NULL) {
653089Swyllys (void) fprintf(stderr,
663089Swyllys gettext("Error policy name.\n"));
673089Swyllys }
683089Swyllys break;
693089Swyllys case 'i':
703089Swyllys infile = get_string(optarg_av, &rv);
713089Swyllys if (infile == NULL) {
723089Swyllys (void) fprintf(stderr,
733089Swyllys gettext("Error infile input.\n"));
743089Swyllys }
753089Swyllys break;
763089Swyllys default:
773089Swyllys (void) fprintf(stderr,
783089Swyllys gettext("Error input option.\n"));
793089Swyllys rv = KC_ERR_USAGE;
803089Swyllys break;
813089Swyllys }
823089Swyllys
833089Swyllys if (rv != KC_OK)
843089Swyllys goto out;
853089Swyllys
863089Swyllys }
873089Swyllys
883089Swyllys /* No additional args allowed. */
893089Swyllys argc -= optind_av;
903089Swyllys if (argc) {
913089Swyllys (void) fprintf(stderr,
923089Swyllys gettext("Error input option\n"));
933089Swyllys rv = KC_ERR_USAGE;
943089Swyllys goto out;
953089Swyllys }
963089Swyllys
973089Swyllys if (filename == NULL) {
983089Swyllys filename = strdup(KMF_DEFAULT_POLICY_FILE);
993089Swyllys if (filename == NULL) {
1003089Swyllys rv = KC_ERR_MEMORY;
1013089Swyllys goto out;
1023089Swyllys }
1033089Swyllys }
1043089Swyllys
1053089Swyllys if (policyname == NULL) {
1063089Swyllys (void) fprintf(stderr,
1073089Swyllys gettext("You must specify a policy name\n"));
1083089Swyllys rv = KC_ERR_USAGE;
1093089Swyllys goto out;
1103089Swyllys }
1113089Swyllys
1123089Swyllys if (infile == NULL) {
1133089Swyllys (void) fprintf(stderr,
1143089Swyllys gettext("You must specify a input DB file\n"));
1153089Swyllys rv = KC_ERR_USAGE;
1163089Swyllys goto out;
1173089Swyllys }
1183089Swyllys
1193089Swyllys if (strcmp(filename, KMF_DEFAULT_POLICY_FILE) == 0 &&
1203089Swyllys strcmp(policyname, KMF_DEFAULT_POLICY_NAME) == 0) {
1213089Swyllys (void) fprintf(stderr,
1223089Swyllys gettext("Can not import the default policy record to "
1233089Swyllys "the system default policy database\n"));
1243089Swyllys rv = KC_ERR_USAGE;
1253089Swyllys goto out;
1263089Swyllys }
1273089Swyllys
1283089Swyllys rv = load_policies(infile, &plclist);
1293089Swyllys if (rv != KMF_OK)
1303089Swyllys goto out;
1313089Swyllys
1323089Swyllys pnode = plclist;
1333089Swyllys while (pnode != NULL && !found) {
1343089Swyllys if (strcmp(policyname, pnode->plc.name) == 0) {
1353089Swyllys KMF_RETURN ret;
1363089Swyllys
1373089Swyllys found++;
138*5051Swyllys ret = kmf_verify_policy(&pnode->plc);
1393089Swyllys if (ret != KMF_OK) {
1403089Swyllys print_sanity_error(ret);
1413089Swyllys rv = KC_ERR_VERIFY_POLICY;
1423089Swyllys break;
1433089Swyllys }
144*5051Swyllys rv = kmf_add_policy_to_db(&pnode->plc, filename,
145*5051Swyllys B_FALSE);
1463089Swyllys }
1473089Swyllys pnode = pnode->next;
1483089Swyllys }
1493089Swyllys
1503089Swyllys if (!found) {
1513089Swyllys (void) fprintf(stderr,
152*5051Swyllys gettext("Could not find policy \"%s\" in %s\n"),
153*5051Swyllys policyname, infile);
1543089Swyllys rv = KC_ERR_FIND_POLICY;
1553089Swyllys }
1563089Swyllys
1573089Swyllys out:
1583089Swyllys if (filename != NULL)
1593089Swyllys free(filename);
1603089Swyllys
1613089Swyllys if (policyname != NULL)
1623089Swyllys free(policyname);
1633089Swyllys
1643089Swyllys if (infile != NULL)
1653089Swyllys free(infile);
1663089Swyllys
1673089Swyllys free_policy_list(plclist);
1683089Swyllys
1693089Swyllys return (rv);
1703089Swyllys }
171