xref: /illumos-gate/usr/src/cmd/cmd-crypto/scripts/i.kcfconf (revision 45d3dd981abb9025d8ac994cf4cc8ce8cb1a9480)
1#
2# Copyright 2005 Sun Microsystems, Inc.  All rights reserved.
3# Use is subject to license terms.
4#
5# CDDL HEADER START
6#
7# The contents of this file are subject to the terms of the
8# Common Development and Distribution License, Version 1.0 only
9# (the "License").  You may not use this file except in compliance
10# with the License.
11#
12# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
13# or http://www.opensolaris.org/os/licensing.
14# See the License for the specific language governing permissions
15# and limitations under the License.
16#
17# When distributing Covered Code, include this CDDL HEADER in each
18# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
19# If applicable, add the following below this CDDL HEADER, with the
20# fields enclosed by brackets "[]" replaced with your own identifying
21# information: Portions Copyright [yyyy] [name of copyright owner]
22#
23# CDDL HEADER END
24#
25# ident	"%Z%%M%	%I%	%E% SMI"
26#
27# Class action script for "kcfconf" class files.
28#
29# This script appends the input file from the package to the
30# /etc/crypto/kcf.conf file.
31#
32# The syntax of the input file for a kernel software provider package is
33# <provider_name>:supportedlist=<mechlist>
34#   where
35#     <provider_name> ::= the kernel software module base name
36#     <mechlist> ::= <mechanism>{,<mechanism>}*
37#     <mechanism> ::= a mechanism name as specified by the RSA PKCS#11 spec.
38#
39# The syntax of the input file for a cryptographic provider device driver(s)
40# package is
41# driver_names=<driver_name_list>
42#   where
43#     <driver_name_list> ::= <name>{,<name>}*
44#     <name> ::= a device driver name
45#
46pkg_start="# Start $PKGINST"
47pkg_end="# End $PKGINST"
48tmpfile=/tmp/$$kcfconf
49error=no
50
51while read src dest
52do
53	[ "$src" = /dev/null ] && continue
54
55	if [ -f "$dest" ]
56	then
57		# For multiple input files; exit if error occurred in previous
58		# input file.
59		if [ "$error" = yes ]
60		then
61			echo "$0: failed to update $lastdest for $PKGINST."
62			exit 2
63		fi
64		lastdest=$dest
65
66		#
67		# If the package has been already installed, remove old entries
68		#
69		start=0;
70		end=0;
71		egrep -s "$pkg_start" $dest && start=1
72		egrep -s "$pkg_end" $dest && end=1
73
74		if [ $start -ne $end ]
75		then
76			echo "$0: missing Start or End delimiters for \
77			    $PKGINST in $dest."
78			echo "$0: $dest may be corrupted and was not updated."
79			error=yes
80			continue
81		fi
82
83		if [ $start -eq 1 ]
84		then
85			sed -e "/$pkg_start/,/$pkg_end/d" $dest > $tmpfile \
86			|| error=yes
87		else
88			cp $dest $tmpfile || error=yes
89		fi
90
91		#
92		# Check the input file syntax and append the input entries
93		# with the package delimiters.
94		#
95		line_count=`wc -l $src | awk '{ print $1}'`
96
97		grep "driver_names" $src > /dev/null
98		if [ $? -eq 0 ]
99		then
100			#
101			# This is a device driver package.
102			# - $src should contain only one line.
103			# - If syntax of $src is correct, append the package
104			#   start delimiter with the driver_names string.
105			#
106			if [ $line_count -ne 1 ]; then
107				echo "$0: Syntax Error - $src for $PKGINST."
108				error=yes
109				continue
110			else
111				echo "$pkg_start `cat $src`" >> $tmpfile \
112				|| error=yes
113			fi
114		else
115			#
116			# This is a kernel software provider package.
117			# - Each line in $src should contain "supportedlist".
118			# - If syntax of $src is correct, append the package
119			#   start delimiter and the $src file.
120			#
121			supported_count=`grep supportedlist $src |wc -l`
122			if [ $line_count -ne $supported_count ]
123			then
124				echo "$0: Syntax Error - $src for $PKGINST."
125				error=yes
126				continue
127			else
128				echo "$pkg_start" >> $tmpfile || error=yes
129				cat $src >> $tmpfile || error=yes
130			fi
131		fi
132		echo "$pkg_end" >> $tmpfile || error=yes
133
134		# Install the updated config file and clean up the tmp file
135                if [ "$error" = no ]
136                then
137			mv $tmpfile $dest || error=yes
138		fi
139		rm -f $tmpfile
140	else
141		echo "$0: ERROR - $dest doesn't exist for $PKGINST."
142		exit 2
143	fi
144done
145
146if [ "$error" = yes ]
147then
148	echo "$0: ERROR - failed to update $lastdest for $PKGINST."
149	exit 2
150fi
151
152exit 0
153