xref: /titanic_41/usr/src/cmd/cmd-crypto/kmfcfg/uninstall.c (revision 0bb073995ac5a95bd35f2dd790df1ea3d8c2d507) 
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  *
21  * Copyright 2007 Sun Microsystems, Inc.  All rights reserved.
22  * Use is subject to license terms.
23  */
24 
25 #pragma ident	"%Z%%M%	%I%	%E% SMI"
26 
27 #include <stdio.h>
28 #include <strings.h>
29 #include <ctype.h>
30 #include <libgen.h>
31 #include <libintl.h>
32 #include <errno.h>
33 #include <kmfapiP.h>
34 #include <sys/stat.h>
35 #include <sys/param.h>
36 #include <cryptoutil.h>
37 #include "util.h"
38 
39 static int err; /* To store errno which may be overwritten by gettext() */
40 
41 int
42 kc_uninstall(int argc, char *argv[])
43 {
44 	int 		rv = KC_OK;
45 	int		opt;
46 	extern int	optind_av;
47 	extern char	*optarg_av;
48 	char 		*keystore_name = NULL;
49 	conf_entry_t	*entry = NULL;
50 	FILE		*pfile = NULL;
51 	FILE		*pfile_tmp = NULL;
52 	char		tmpfile_name[MAXPATHLEN];
53 	char		buffer[MAXPATHLEN];
54 	char		buffer2[MAXPATHLEN];
55 	boolean_t 	found;
56 	boolean_t	in_package;
57 
58 	while ((opt = getopt_av(argc, argv, "k:(keystore)")) != EOF) {
59 		switch (opt) {
60 		case 'k':
61 			if (keystore_name != NULL)
62 				rv = KC_ERR_USAGE;
63 			else {
64 				keystore_name = get_string(optarg_av, &rv);
65 				if (keystore_name == NULL) {
66 					(void) fprintf(stderr, gettext(
67 					    "Error keystore input.\n"));
68 				}
69 			}
70 			break;
71 		default:
72 			(void) fprintf(stderr,
73 			    gettext("Error input option.\n"));
74 			rv = KC_ERR_USAGE;
75 			break;
76 		}
77 		if (rv != KC_OK)
78 			goto out;
79 	}
80 
81 	/* No additional args allowed. */
82 	argc -= optind_av;
83 	if (argc) {
84 		(void) fprintf(stderr,
85 		    gettext("Error input option\n"));
86 		rv = KC_ERR_USAGE;
87 		goto out;
88 	}
89 
90 	if (keystore_name == NULL) {
91 		(void) fprintf(stderr,
92 		    gettext("Error input option\n"));
93 		rv = KC_ERR_USAGE;
94 		goto out;
95 	}
96 
97 	if (strcasecmp(keystore_name, "nss") == 0 ||
98 	    strcasecmp(keystore_name, "pkcs11") == 0 ||
99 	    strcasecmp(keystore_name, "file") == 0) {
100 		(void) fprintf(stderr,
101 		    gettext("Can not uninstall the built-in keystore %s\n"),
102 		    keystore_name);
103 		rv = KC_ERR_UNINSTALL;
104 		goto out;
105 	}
106 
107 	entry = get_keystore_entry(keystore_name);
108 	if (entry == NULL) {
109 		(void) fprintf(stderr, gettext("%s does not exist.\n"),
110 		    keystore_name);
111 		rv = KC_ERR_USAGE;
112 		goto out;
113 	}
114 
115 	if ((pfile = fopen(_PATH_KMF_CONF, "r+")) == NULL) {
116 		err = errno;
117 		(void) fprintf(stderr,
118 		    gettext("failed to update the configuration - %s\n"),
119 		    strerror(err));
120 		rv = KC_ERR_ACCESS;
121 		goto out;
122 	}
123 
124 	if (lockf(fileno(pfile), F_TLOCK, 0) == -1) {
125 		err = errno;
126 		(void) fprintf(stderr,
127 		    gettext("failed to lock the configuration - %s\n"),
128 		    strerror(err));
129 		rv = KC_ERR_UNINSTALL;
130 		goto out;
131 	}
132 
133 	/*
134 	 * Create a temporary file in the /etc/crypto directory.
135 	 */
136 	(void) strlcpy(tmpfile_name, CONF_TEMPFILE, sizeof (tmpfile_name));
137 	if (mkstemp(tmpfile_name) == -1) {
138 		err = errno;
139 		(void) fprintf(stderr,
140 		    gettext("failed to create a temporary file - %s\n"),
141 		    strerror(err));
142 		rv = KC_ERR_UNINSTALL;
143 		goto out;
144 	}
145 
146 	if ((pfile_tmp = fopen(tmpfile_name, "w")) == NULL) {
147 		err = errno;
148 		(void) fprintf(stderr,
149 		    gettext("failed to open a temporary file - %s\n"),
150 		    strerror(err));
151 		rv = KC_ERR_UNINSTALL;
152 		goto out;
153 	}
154 
155 	/*
156 	 * Loop thru the config file. If the plugin to be uninstalled is in
157 	 * a package, then just comment it off.
158 	 */
159 	in_package = B_FALSE;
160 	while (fgets(buffer, MAXPATHLEN, pfile) != NULL) {
161 		found = B_FALSE;
162 		if (buffer[0] != ' ' && buffer[0] != '\n' &&
163 		    buffer[0] != '\t') {
164 			if (strstr(buffer, " Start ") != NULL) {
165 				in_package = B_TRUE;
166 			} else if (strstr(buffer, " End ") != NULL) {
167 				in_package = B_FALSE;
168 			} else if (buffer[0] != '#') {
169 				char *name;
170 				int len;
171 
172 				/*
173 				 * make a copy of the original buffer to
174 				 * buffer2.  Also get rid of the trailing
175 				 * '\n' from buffer2.
176 				 */
177 				(void) strlcpy(buffer2, buffer, MAXPATHLEN);
178 				/* get rid of trailing '\n' */
179 				len = strlen(buffer2);
180 				if (buffer2[len-1] == '\n') {
181 					len--;
182 				}
183 				buffer2[len] = '\0';
184 
185 				if ((name = strtok(buffer2, SEP_COLON)) ==
186 				    NULL) {
187 					rv = KC_ERR_UNINSTALL;
188 					goto out;
189 				}
190 
191 				if (strcmp(keystore_name, name) == 0)
192 					found = B_TRUE;
193 			}
194 		}
195 
196 		if (found) {
197 			/*
198 			 * If found and not in_package, then don't write
199 			 * this line to the result file.
200 			 */
201 			if (in_package) {
202 				(void) snprintf(buffer2, sizeof (buffer2),
203 				    "%s%s", "#", buffer);
204 
205 				if (fputs(buffer2, pfile_tmp) == EOF) {
206 					rv = KC_ERR_UNINSTALL;
207 					goto out;
208 				}
209 			}
210 		} else {
211 			if (fputs(buffer, pfile_tmp) == EOF) {
212 				rv = KC_ERR_UNINSTALL;
213 				goto out;
214 			}
215 		}
216 	}
217 
218 out:
219 	if (pfile != NULL)
220 		(void) fclose(pfile);
221 
222 	if (rv != KC_OK && pfile_tmp != NULL)
223 		(void) unlink(tmpfile_name);
224 
225 	if (pfile_tmp != NULL)
226 		(void) fclose(pfile_tmp);
227 
228 	if (rv == KC_OK) {
229 		if (rename(tmpfile_name, _PATH_KMF_CONF) == -1) {
230 			err = errno;
231 			(void) fprintf(stderr, gettext(
232 			    "failed to update the configuration - %s"),
233 			    strerror(err));
234 			return (KC_ERR_UNINSTALL);
235 		}
236 
237 		if (chmod(_PATH_KMF_CONF,
238 		    S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH) == -1) {
239 			err = errno;
240 			(void) fprintf(stderr, gettext(
241 			    "failed to update the configuration - %s\n"),
242 			    strerror(err));
243 			return (KC_ERR_UNINSTALL);
244 		}
245 	}
246 
247 	return (rv);
248 }
249