xref: /titanic_44/usr/src/cmd/cmd-inet/usr.sbin/kssl/kssladm/kssladm.c (revision 4a16f9a6c1cc74aeed5ff36b4723c3e43bc67666)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
23  * Use is subject to license terms.
24  */
25 
26 #pragma ident	"%Z%%M%	%I%	%E% SMI"
27 
28 #include <ctype.h>
29 #include <stdio.h>
30 #include <stdlib.h>
31 #include <unistd.h>
32 #include <fcntl.h>
33 #include <strings.h>
34 #include <libscf.h>
35 #include <sys/errno.h>
36 #include <errno.h>
37 #include <sys/stropts.h>
38 #include "kssladm.h"
39 
40 
41 /*
42  * kssladm(1M)
43  *
44  * Command to manage the entries in kernel SSL proxy table. This is
45  * a private command called indirectly from ksslcfg(1M).
46  */
47 
48 boolean_t verbose = B_FALSE;
49 
50 static void
51 usage_all(void)
52 {
53 	(void) fprintf(stderr, "Usage:\n");
54 	usage_create(B_FALSE);
55 	usage_delete(B_FALSE);
56 }
57 
58 int
59 main(int argc, char **argv)
60 {
61 	int rv = SUCCESS;
62 
63 	if (argc < 2) {
64 		usage_all();
65 		return (SMF_EXIT_ERR_CONFIG);
66 	}
67 
68 	if (strcmp(argv[1], "create") == 0) {
69 		rv = do_create(argc, argv);
70 	} else if (strcmp(argv[1], "delete") == 0) {
71 		rv = do_delete(argc, argv);
72 	} else {
73 		(void) fprintf(stderr, "Unknown sub-command: %s\n", argv[1]);
74 		usage_all();
75 		rv = SMF_EXIT_ERR_CONFIG;
76 	}
77 
78 	return (rv);
79 }
80 
81 
82 /*
83  * Read a passphrase from the file into the supplied buffer.
84  * A space character and the characters that follow
85  * the space character will be ignored.
86  * Return 0 when no valid passphrase was found in the file.
87  */
88 static int
89 read_pass_from_file(const char *filename, char *buffer, size_t bufsize)
90 {
91 	char *line;
92 	char *p;
93 	FILE *fp;
94 
95 	fp = fopen(filename, "r");
96 	if (fp == NULL) {
97 		(void) fprintf(stderr,
98 		    "Unable to open password file for reading");
99 		return (1);
100 	}
101 
102 	line = fgets(buffer, bufsize, fp);
103 	(void) fclose(fp);
104 	if (line == NULL) {
105 		return (0);
106 	}
107 
108 	for (p = buffer; *p != '\0'; p++) {
109 		if (isspace(*p)) {
110 			*p = '\0';
111 			break;
112 		}
113 	}
114 
115 	return (p - buffer);
116 }
117 
118 
119 int
120 get_passphrase(const char *password_file, char *buf, int buf_size)
121 {
122 	if (password_file == NULL) {
123 		char *passphrase = getpassphrase("Enter passphrase: ");
124 		if (passphrase) {
125 			return (strlcpy(buf, passphrase, buf_size));
126 		}
127 
128 		return (0);
129 	}
130 
131 	return (read_pass_from_file(password_file, buf, buf_size));
132 }
133 
134 
135 int
136 kssl_send_command(char *buf, int cmd)
137 {
138 	int ksslfd;
139 	int rv;
140 
141 	ksslfd = open("/dev/kssl", O_RDWR);
142 	if (ksslfd < 0) {
143 		perror("Cannot open /dev/kssl");
144 		return (-1);
145 	}
146 
147 	if ((rv = ioctl(ksslfd, cmd, buf)) < 0) {
148 		switch (errno) {
149 		case EEXIST:
150 			(void) fprintf(stderr,
151 			    "Error: Can not create a INADDR_ANY instance"
152 			    " while another instance exists.\n");
153 			break;
154 		case EADDRINUSE:
155 			(void) fprintf(stderr,
156 			    "Error: Another instance with the same"
157 			    " proxy port exists.\n");
158 			break;
159 		default:
160 			perror("ioctl failure");
161 			break;
162 		}
163 	}
164 
165 	(void) close(ksslfd);
166 
167 	return (rv);
168 }
169