xref: /onnv-gate/usr/src/cmd/cmd-crypto/scripts/i.kcfconf (revision 0:68f95e015346) 
1*0Sstevel@tonic-gate#
2*0Sstevel@tonic-gate# Copyright 2005 Sun Microsystems, Inc.  All rights reserved.
3*0Sstevel@tonic-gate# Use is subject to license terms.
4*0Sstevel@tonic-gate#
5*0Sstevel@tonic-gate# CDDL HEADER START
6*0Sstevel@tonic-gate#
7*0Sstevel@tonic-gate# The contents of this file are subject to the terms of the
8*0Sstevel@tonic-gate# Common Development and Distribution License, Version 1.0 only
9*0Sstevel@tonic-gate# (the "License").  You may not use this file except in compliance
10*0Sstevel@tonic-gate# with the License.
11*0Sstevel@tonic-gate#
12*0Sstevel@tonic-gate# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
13*0Sstevel@tonic-gate# or http://www.opensolaris.org/os/licensing.
14*0Sstevel@tonic-gate# See the License for the specific language governing permissions
15*0Sstevel@tonic-gate# and limitations under the License.
16*0Sstevel@tonic-gate#
17*0Sstevel@tonic-gate# When distributing Covered Code, include this CDDL HEADER in each
18*0Sstevel@tonic-gate# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
19*0Sstevel@tonic-gate# If applicable, add the following below this CDDL HEADER, with the
20*0Sstevel@tonic-gate# fields enclosed by brackets "[]" replaced with your own identifying
21*0Sstevel@tonic-gate# information: Portions Copyright [yyyy] [name of copyright owner]
22*0Sstevel@tonic-gate#
23*0Sstevel@tonic-gate# CDDL HEADER END
24*0Sstevel@tonic-gate#
25*0Sstevel@tonic-gate# ident	"%Z%%M%	%I%	%E% SMI"
26*0Sstevel@tonic-gate#
27*0Sstevel@tonic-gate# Class action script for "kcfconf" class files.
28*0Sstevel@tonic-gate#
29*0Sstevel@tonic-gate# This script appends the input file from the package to the
30*0Sstevel@tonic-gate# /etc/crypto/kcf.conf file.
31*0Sstevel@tonic-gate#
32*0Sstevel@tonic-gate# The syntax of the input file for a kernel software provider package is
33*0Sstevel@tonic-gate# <provider_name>:supportedlist=<mechlist>
34*0Sstevel@tonic-gate#   where
35*0Sstevel@tonic-gate#     <provider_name> ::= the kernel software module base name
36*0Sstevel@tonic-gate#     <mechlist> ::= <mechanism>{,<mechanism>}*
37*0Sstevel@tonic-gate#     <mechanism> ::= a mechanism name as specified by the RSA PKCS#11 spec.
38*0Sstevel@tonic-gate#
39*0Sstevel@tonic-gate# The syntax of the input file for a cryptographic provider device driver(s)
40*0Sstevel@tonic-gate# package is
41*0Sstevel@tonic-gate# driver_names=<driver_name_list>
42*0Sstevel@tonic-gate#   where
43*0Sstevel@tonic-gate#     <driver_name_list> ::= <name>{,<name>}*
44*0Sstevel@tonic-gate#     <name> ::= a device driver name
45*0Sstevel@tonic-gate#
46*0Sstevel@tonic-gatepkg_start="# Start $PKGINST"
47*0Sstevel@tonic-gatepkg_end="# End $PKGINST"
48*0Sstevel@tonic-gatetmpfile=/tmp/$$kcfconf
49*0Sstevel@tonic-gateerror=no
50*0Sstevel@tonic-gate
51*0Sstevel@tonic-gatewhile read src dest
52*0Sstevel@tonic-gatedo
53*0Sstevel@tonic-gate	[ "$src" = /dev/null ] && continue
54*0Sstevel@tonic-gate
55*0Sstevel@tonic-gate	if [ -f "$dest" ]
56*0Sstevel@tonic-gate	then
57*0Sstevel@tonic-gate		# For multiple input files; exit if error occurred in previous
58*0Sstevel@tonic-gate		# input file.
59*0Sstevel@tonic-gate		if [ "$error" = yes ]
60*0Sstevel@tonic-gate		then
61*0Sstevel@tonic-gate			echo "$0: failed to update $lastdest for $PKGINST."
62*0Sstevel@tonic-gate			exit 2
63*0Sstevel@tonic-gate		fi
64*0Sstevel@tonic-gate		lastdest=$dest
65*0Sstevel@tonic-gate
66*0Sstevel@tonic-gate		#
67*0Sstevel@tonic-gate		# If the package has been already installed, remove old entries
68*0Sstevel@tonic-gate		#
69*0Sstevel@tonic-gate		start=0;
70*0Sstevel@tonic-gate		end=0;
71*0Sstevel@tonic-gate		egrep -s "$pkg_start" $dest && start=1
72*0Sstevel@tonic-gate		egrep -s "$pkg_end" $dest && end=1
73*0Sstevel@tonic-gate
74*0Sstevel@tonic-gate		if [ $start -ne $end ]
75*0Sstevel@tonic-gate		then
76*0Sstevel@tonic-gate			echo "$0: missing Start or End delimiters for \
77*0Sstevel@tonic-gate			    $PKGINST in $dest."
78*0Sstevel@tonic-gate			echo "$0: $dest may be corrupted and was not updated."
79*0Sstevel@tonic-gate			error=yes
80*0Sstevel@tonic-gate			continue
81*0Sstevel@tonic-gate		fi
82*0Sstevel@tonic-gate
83*0Sstevel@tonic-gate		if [ $start -eq 1 ]
84*0Sstevel@tonic-gate		then
85*0Sstevel@tonic-gate			sed -e "/$pkg_start/,/$pkg_end/d" $dest > $tmpfile \
86*0Sstevel@tonic-gate			|| error=yes
87*0Sstevel@tonic-gate		else
88*0Sstevel@tonic-gate			cp $dest $tmpfile || error=yes
89*0Sstevel@tonic-gate		fi
90*0Sstevel@tonic-gate
91*0Sstevel@tonic-gate		#
92*0Sstevel@tonic-gate		# Check the input file syntax and append the input entries
93*0Sstevel@tonic-gate		# with the package delimiters.
94*0Sstevel@tonic-gate		#
95*0Sstevel@tonic-gate		line_count=`wc -l $src | awk '{ print $1}'`
96*0Sstevel@tonic-gate
97*0Sstevel@tonic-gate		grep "driver_names" $src > /dev/null
98*0Sstevel@tonic-gate		if [ $? -eq 0 ]
99*0Sstevel@tonic-gate		then
100*0Sstevel@tonic-gate			#
101*0Sstevel@tonic-gate			# This is a device driver package.
102*0Sstevel@tonic-gate			# - $src should contain only one line.
103*0Sstevel@tonic-gate			# - If syntax of $src is correct, append the package
104*0Sstevel@tonic-gate			#   start delimiter with the driver_names string.
105*0Sstevel@tonic-gate			#
106*0Sstevel@tonic-gate			if [ $line_count -ne 1 ]; then
107*0Sstevel@tonic-gate				echo "$0: Syntax Error - $src for $PKGINST."
108*0Sstevel@tonic-gate				error=yes
109*0Sstevel@tonic-gate				continue
110*0Sstevel@tonic-gate			else
111*0Sstevel@tonic-gate				echo "$pkg_start `cat $src`" >> $tmpfile \
112*0Sstevel@tonic-gate				|| error=yes
113*0Sstevel@tonic-gate			fi
114*0Sstevel@tonic-gate		else
115*0Sstevel@tonic-gate			#
116*0Sstevel@tonic-gate			# This is a kernel software provider package.
117*0Sstevel@tonic-gate			# - Each line in $src should contain "supportedlist".
118*0Sstevel@tonic-gate			# - If syntax of $src is correct, append the package
119*0Sstevel@tonic-gate			#   start delimiter and the $src file.
120*0Sstevel@tonic-gate			#
121*0Sstevel@tonic-gate			supported_count=`grep supportedlist $src |wc -l`
122*0Sstevel@tonic-gate			if [ $line_count -ne $supported_count ]
123*0Sstevel@tonic-gate			then
124*0Sstevel@tonic-gate				echo "$0: Syntax Error - $src for $PKGINST."
125*0Sstevel@tonic-gate				error=yes
126*0Sstevel@tonic-gate				continue
127*0Sstevel@tonic-gate			else
128*0Sstevel@tonic-gate				echo "$pkg_start" >> $tmpfile || error=yes
129*0Sstevel@tonic-gate				cat $src >> $tmpfile || error=yes
130*0Sstevel@tonic-gate			fi
131*0Sstevel@tonic-gate		fi
132*0Sstevel@tonic-gate		echo "$pkg_end" >> $tmpfile || error=yes
133*0Sstevel@tonic-gate
134*0Sstevel@tonic-gate		# Install the updated config file and clean up the tmp file
135*0Sstevel@tonic-gate                if [ "$error" = no ]
136*0Sstevel@tonic-gate                then
137*0Sstevel@tonic-gate			mv $tmpfile $dest || error=yes
138*0Sstevel@tonic-gate		fi
139*0Sstevel@tonic-gate		rm -f $tmpfile
140*0Sstevel@tonic-gate	else
141*0Sstevel@tonic-gate		echo "$0: ERROR - $dest doesn't exist for $PKGINST."
142*0Sstevel@tonic-gate		exit 2
143*0Sstevel@tonic-gate	fi
144*0Sstevel@tonic-gatedone
145*0Sstevel@tonic-gate
146*0Sstevel@tonic-gateif [ "$error" = yes ]
147*0Sstevel@tonic-gatethen
148*0Sstevel@tonic-gate	echo "$0: ERROR - failed to update $lastdest for $PKGINST."
149*0Sstevel@tonic-gate	exit 2
150*0Sstevel@tonic-gatefi
151*0Sstevel@tonic-gate
152*0Sstevel@tonic-gateexit 0
153