1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License, Version 1.0 only 6 * (the "License"). You may not use this file except in compliance 7 * with the License. 8 * 9 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10 * or http://www.opensolaris.org/os/licensing. 11 * See the License for the specific language governing permissions 12 * and limitations under the License. 13 * 14 * When distributing Covered Code, include this CDDL HEADER in each 15 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16 * If applicable, add the following below this CDDL HEADER, with the 17 * fields enclosed by brackets "[]" replaced with your own identifying 18 * information: Portions Copyright [yyyy] [name of copyright owner] 19 * 20 * CDDL HEADER END 21 */ 22 /* 23 * Copyright 2005 Sun Microsystems, Inc. All rights reserved. 24 * Use is subject to license terms. 25 */ 26 27 #pragma ident "%Z%%M% %I% %E% SMI" 28 29 #include <ctype.h> 30 #include <stdio.h> 31 #include <stdlib.h> 32 #include <unistd.h> 33 #include <fcntl.h> 34 #include <strings.h> 35 #include <libscf.h> 36 #include <sys/errno.h> 37 #include <errno.h> 38 #include <sys/stropts.h> 39 #include "kssladm.h" 40 41 42 /* 43 * kssladm(1M) 44 * 45 * Command to manage the entries in kernel SSL proxy table. This is 46 * a private command called indirectly from ksslcfg(1M). 47 */ 48 49 boolean_t verbose = B_FALSE; 50 51 static void 52 usage_all(void) 53 { 54 (void) fprintf(stderr, "Usage:\n"); 55 usage_create(B_FALSE); 56 usage_delete(B_FALSE); 57 } 58 59 int 60 main(int argc, char **argv) 61 { 62 int rv = SUCCESS; 63 64 if (argc < 2) { 65 usage_all(); 66 return (SMF_EXIT_ERR_CONFIG); 67 } 68 69 if (strcmp(argv[1], "create") == 0) { 70 rv = do_create(argc, argv); 71 } else if (strcmp(argv[1], "delete") == 0) { 72 rv = do_delete(argc, argv); 73 } else { 74 (void) fprintf(stderr, "Unknown sub-command: %s\n", argv[1]); 75 usage_all(); 76 rv = SMF_EXIT_ERR_CONFIG; 77 } 78 79 return (rv); 80 } 81 82 83 /* 84 * Read a passphrase from the file into the supplied buffer. 85 * A space character and the characters that follow 86 * the space character will be ignored. 87 * Return 0 when no valid passphrase was found in the file. 88 */ 89 static int 90 read_pass_from_file(const char *filename, char *buffer, size_t bufsize) 91 { 92 char *line; 93 char *p; 94 FILE *fp; 95 96 fp = fopen(filename, "r"); 97 if (fp == NULL) { 98 (void) fprintf(stderr, 99 "Unable to open password file for reading"); 100 return (1); 101 } 102 103 line = fgets(buffer, bufsize, fp); 104 (void) fclose(fp); 105 if (line == NULL) { 106 return (0); 107 } 108 109 for (p = buffer; *p != '\0'; p++) { 110 if (isspace(*p)) { 111 *p = '\0'; 112 break; 113 } 114 } 115 116 return (p - buffer); 117 } 118 119 120 int 121 get_passphrase(const char *password_file, char *buf, int buf_size) 122 { 123 if (password_file == NULL) { 124 char *passphrase = getpassphrase("Enter passphrase: "); 125 if (passphrase) { 126 return (strlcpy(buf, passphrase, buf_size)); 127 } 128 129 return (0); 130 } 131 132 return (read_pass_from_file(password_file, buf, buf_size)); 133 } 134 135 136 int 137 kssl_send_command(char *buf, int cmd) 138 { 139 int ksslfd; 140 int rv; 141 142 ksslfd = open("/dev/kssl", O_RDWR); 143 if (ksslfd < 0) { 144 perror("Cannot open /dev/kssl"); 145 return (EBADF); 146 } 147 148 if ((rv = ioctl(ksslfd, cmd, buf)) < 0) { 149 switch (errno) { 150 case EEXIST: 151 (void) fprintf(stderr, 152 "Error: Can not create a INADDR_ANY instance" 153 " while another instance exists.\n"); 154 break; 155 case EADDRINUSE: 156 (void) fprintf(stderr, 157 "Error: Another instance with the same" 158 " proxy port exists.\n"); 159 break; 160 default: 161 perror("ioctl failure"); 162 break; 163 } 164 } 165 166 (void) close(ksslfd); 167 168 return (rv); 169 } 170