xref: /titanic_50/usr/src/cmd/cmd-inet/usr.sbin/kssl/kssladm/kssladm.c (revision e8031f0a8ed0e45c6d8847c5e09424e66fd34a4b)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License, Version 1.0 only
6  * (the "License").  You may not use this file except in compliance
7  * with the License.
8  *
9  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10  * or http://www.opensolaris.org/os/licensing.
11  * See the License for the specific language governing permissions
12  * and limitations under the License.
13  *
14  * When distributing Covered Code, include this CDDL HEADER in each
15  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16  * If applicable, add the following below this CDDL HEADER, with the
17  * fields enclosed by brackets "[]" replaced with your own identifying
18  * information: Portions Copyright [yyyy] [name of copyright owner]
19  *
20  * CDDL HEADER END
21  */
22 /*
23  * Copyright 2005 Sun Microsystems, Inc.  All rights reserved.
24  * Use is subject to license terms.
25  */
26 
27 #pragma ident	"%Z%%M%	%I%	%E% SMI"
28 
29 #include <ctype.h>
30 #include <stdio.h>
31 #include <stdlib.h>
32 #include <unistd.h>
33 #include <fcntl.h>
34 #include <strings.h>
35 #include <libscf.h>
36 #include <sys/errno.h>
37 #include <errno.h>
38 #include <sys/stropts.h>
39 #include "kssladm.h"
40 
41 
42 /*
43  * kssladm(1M)
44  *
45  * Command to manage the entries in kernel SSL proxy table. This is
46  * a private command called indirectly from ksslcfg(1M).
47  */
48 
49 boolean_t verbose = B_FALSE;
50 
51 static void
52 usage_all(void)
53 {
54 	(void) fprintf(stderr, "Usage:\n");
55 	usage_create(B_FALSE);
56 	usage_delete(B_FALSE);
57 }
58 
59 int
60 main(int argc, char **argv)
61 {
62 	int rv = SUCCESS;
63 
64 	if (argc < 2) {
65 		usage_all();
66 		return (SMF_EXIT_ERR_CONFIG);
67 	}
68 
69 	if (strcmp(argv[1], "create") == 0) {
70 		rv = do_create(argc, argv);
71 	} else if (strcmp(argv[1], "delete") == 0) {
72 		rv = do_delete(argc, argv);
73 	} else {
74 		(void) fprintf(stderr, "Unknown sub-command: %s\n", argv[1]);
75 		usage_all();
76 		rv = SMF_EXIT_ERR_CONFIG;
77 	}
78 
79 	return (rv);
80 }
81 
82 
83 /*
84  * Read a passphrase from the file into the supplied buffer.
85  * A space character and the characters that follow
86  * the space character will be ignored.
87  * Return 0 when no valid passphrase was found in the file.
88  */
89 static int
90 read_pass_from_file(const char *filename, char *buffer, size_t bufsize)
91 {
92 	char *line;
93 	char *p;
94 	FILE *fp;
95 
96 	fp = fopen(filename, "r");
97 	if (fp == NULL) {
98 		(void) fprintf(stderr,
99 		    "Unable to open password file for reading");
100 		return (1);
101 	}
102 
103 	line = fgets(buffer, bufsize, fp);
104 	(void) fclose(fp);
105 	if (line == NULL) {
106 		return (0);
107 	}
108 
109 	for (p = buffer; *p != '\0'; p++) {
110 		if (isspace(*p)) {
111 			*p = '\0';
112 			break;
113 		}
114 	}
115 
116 	return (p - buffer);
117 }
118 
119 
120 int
121 get_passphrase(const char *password_file, char *buf, int buf_size)
122 {
123 	if (password_file == NULL) {
124 		char *passphrase = getpassphrase("Enter passphrase: ");
125 		if (passphrase) {
126 			return (strlcpy(buf, passphrase, buf_size));
127 		}
128 
129 		return (0);
130 	}
131 
132 	return (read_pass_from_file(password_file, buf, buf_size));
133 }
134 
135 
136 int
137 kssl_send_command(char *buf, int cmd)
138 {
139 	int ksslfd;
140 	int rv;
141 
142 	ksslfd = open("/dev/kssl", O_RDWR);
143 	if (ksslfd < 0) {
144 		perror("Cannot open /dev/kssl");
145 		return (EBADF);
146 	}
147 
148 	if ((rv = ioctl(ksslfd, cmd, buf)) < 0) {
149 		switch (errno) {
150 		case EEXIST:
151 			(void) fprintf(stderr,
152 			    "Error: Can not create a INADDR_ANY instance"
153 			    " while another instance exists.\n");
154 			break;
155 		case EADDRINUSE:
156 			(void) fprintf(stderr,
157 			    "Error: Another instance with the same"
158 			    " proxy port exists.\n");
159 			break;
160 		default:
161 			perror("ioctl failure");
162 			break;
163 		}
164 	}
165 
166 	(void) close(ksslfd);
167 
168 	return (rv);
169 }
170