199ebb4caSwyllys /* 299ebb4caSwyllys * CDDL HEADER START 399ebb4caSwyllys * 499ebb4caSwyllys * The contents of this file are subject to the terms of the 599ebb4caSwyllys * Common Development and Distribution License (the "License"). 699ebb4caSwyllys * You may not use this file except in compliance with the License. 799ebb4caSwyllys * 899ebb4caSwyllys * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 999ebb4caSwyllys * or http://www.opensolaris.org/os/licensing. 1099ebb4caSwyllys * See the License for the specific language governing permissions 1199ebb4caSwyllys * and limitations under the License. 1299ebb4caSwyllys * 1399ebb4caSwyllys * When distributing Covered Code, include this CDDL HEADER in each 1499ebb4caSwyllys * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 1599ebb4caSwyllys * If applicable, add the following below this CDDL HEADER, with the 1699ebb4caSwyllys * fields enclosed by brackets "[]" replaced with your own identifying 1799ebb4caSwyllys * information: Portions Copyright [yyyy] [name of copyright owner] 1899ebb4caSwyllys * 1999ebb4caSwyllys * CDDL HEADER END 2099ebb4caSwyllys * 2130a5e8faSwyllys * Copyright 2007 Sun Microsystems, Inc. All rights reserved. 2299ebb4caSwyllys * Use is subject to license terms. 2399ebb4caSwyllys */ 2499ebb4caSwyllys 2599ebb4caSwyllys #include <stdio.h> 2699ebb4caSwyllys #include <strings.h> 2799ebb4caSwyllys #include <ctype.h> 2899ebb4caSwyllys #include <libgen.h> 2999ebb4caSwyllys #include <libintl.h> 3099ebb4caSwyllys 3199ebb4caSwyllys #include <libxml/tree.h> 3299ebb4caSwyllys #include <libxml/parser.h> 3399ebb4caSwyllys 3499ebb4caSwyllys #include <kmfapiP.h> 3599ebb4caSwyllys #include "util.h" 3699ebb4caSwyllys 37431deaa0Shylee 3899ebb4caSwyllys /* Supporting structures and global variables for getopt_av(). */ 3999ebb4caSwyllys typedef struct av_opts_s { 4099ebb4caSwyllys int shortnm; /* short name character */ 4199ebb4caSwyllys char *longnm; /* long name string, NOT terminated */ 4299ebb4caSwyllys int longnm_len; /* length of long name string */ 4399ebb4caSwyllys boolean_t has_arg; /* takes optional argument */ 4499ebb4caSwyllys } av_opts; 4599ebb4caSwyllys 4699ebb4caSwyllys static av_opts *opts_av = NULL; 4799ebb4caSwyllys static const char *_save_optstr = NULL; 4899ebb4caSwyllys static int _save_numopts = 0; 4999ebb4caSwyllys int optind_av = 1; 5099ebb4caSwyllys char *optarg_av = NULL; 5199ebb4caSwyllys 5299ebb4caSwyllys void 5399ebb4caSwyllys free_policy_list(POLICY_LIST *plist) 5499ebb4caSwyllys { 5599ebb4caSwyllys POLICY_LIST *n = plist, *old; 5699ebb4caSwyllys 5799ebb4caSwyllys if (plist == NULL) 5899ebb4caSwyllys return; 5999ebb4caSwyllys 6099ebb4caSwyllys while (n != NULL) { 6199ebb4caSwyllys old = n; 6230a5e8faSwyllys kmf_free_policy_record(&n->plc); 6399ebb4caSwyllys n = n->next; 6499ebb4caSwyllys free(old); 6599ebb4caSwyllys } 6699ebb4caSwyllys plist = NULL; 6799ebb4caSwyllys } 6899ebb4caSwyllys 6999ebb4caSwyllys int 7099ebb4caSwyllys load_policies(char *file, POLICY_LIST **policy_list) 7199ebb4caSwyllys { 7299ebb4caSwyllys int rv = KC_OK; 7399ebb4caSwyllys KMF_RETURN kmfrv = KMF_OK; 7499ebb4caSwyllys POLICY_LIST *newitem, *plist = NULL; 7599ebb4caSwyllys xmlParserCtxtPtr ctxt; 7699ebb4caSwyllys xmlDocPtr doc = NULL; 7799ebb4caSwyllys xmlNodePtr cur, node; 7899ebb4caSwyllys 7999ebb4caSwyllys /* Create a parser context */ 8099ebb4caSwyllys ctxt = xmlNewParserCtxt(); 8199ebb4caSwyllys if (ctxt == NULL) 8299ebb4caSwyllys return (KMF_ERR_POLICY_DB_FORMAT); 8399ebb4caSwyllys 8499ebb4caSwyllys /* Read the policy DB and verify it against the schema. */ 8599ebb4caSwyllys doc = xmlCtxtReadFile(ctxt, file, NULL, 8699ebb4caSwyllys XML_PARSE_DTDVALID | XML_PARSE_NOERROR | XML_PARSE_NOWARNING); 8799ebb4caSwyllys if (doc == NULL || ctxt->valid == 0) { 8899ebb4caSwyllys kmfrv = KMF_ERR_POLICY_DB_FORMAT; 8999ebb4caSwyllys goto end; 9099ebb4caSwyllys } 9199ebb4caSwyllys 9299ebb4caSwyllys cur = xmlDocGetRootElement(doc); 9399ebb4caSwyllys if (cur == NULL) { 9499ebb4caSwyllys kmfrv = KMF_ERR_POLICY_DB_FORMAT; 9599ebb4caSwyllys goto end; 9699ebb4caSwyllys } 9799ebb4caSwyllys 9899ebb4caSwyllys node = cur->xmlChildrenNode; 9999ebb4caSwyllys while (node != NULL) { 10099ebb4caSwyllys char *c; 10199ebb4caSwyllys /* 10299ebb4caSwyllys * Search for the policy that matches the given name. 10399ebb4caSwyllys */ 10499ebb4caSwyllys if (!xmlStrcmp((const xmlChar *)node->name, 10599ebb4caSwyllys (const xmlChar *)KMF_POLICY_ELEMENT)) { 10699ebb4caSwyllys /* Check the name attribute */ 10799ebb4caSwyllys c = (char *)xmlGetProp(node, 10899ebb4caSwyllys (const xmlChar *)KMF_POLICY_NAME_ATTR); 10999ebb4caSwyllys 11099ebb4caSwyllys /* If a match, parse the rest of the data */ 11199ebb4caSwyllys if (c != NULL) { 11299ebb4caSwyllys xmlFree(c); 11399ebb4caSwyllys newitem = malloc(sizeof (POLICY_LIST)); 11499ebb4caSwyllys if (newitem != NULL) { 11599ebb4caSwyllys (void) memset(newitem, 0, 11699ebb4caSwyllys sizeof (POLICY_LIST)); 11799ebb4caSwyllys kmfrv = parsePolicyElement(node, 11899ebb4caSwyllys &newitem->plc); 11999ebb4caSwyllys } else { 12099ebb4caSwyllys kmfrv = KMF_ERR_MEMORY; 12199ebb4caSwyllys goto end; 12299ebb4caSwyllys } 12399ebb4caSwyllys /* add to linked list */ 12499ebb4caSwyllys if (plist == NULL) { 12599ebb4caSwyllys plist = newitem; 12699ebb4caSwyllys } else { 12799ebb4caSwyllys POLICY_LIST *n = plist; 12899ebb4caSwyllys while (n->next != NULL) 12999ebb4caSwyllys n = n->next; 13099ebb4caSwyllys 13199ebb4caSwyllys n->next = newitem; 13299ebb4caSwyllys newitem->next = NULL; 13399ebb4caSwyllys } 13499ebb4caSwyllys } 13599ebb4caSwyllys } 13699ebb4caSwyllys node = node->next; 13799ebb4caSwyllys } 13899ebb4caSwyllys 13999ebb4caSwyllys end: 14099ebb4caSwyllys if (ctxt != NULL) 14199ebb4caSwyllys xmlFreeParserCtxt(ctxt); 14299ebb4caSwyllys 14399ebb4caSwyllys if (doc != NULL) 14499ebb4caSwyllys xmlFreeDoc(doc); 14599ebb4caSwyllys 14699ebb4caSwyllys if (kmfrv != KMF_OK) { 14799ebb4caSwyllys free_policy_list(plist); 14899ebb4caSwyllys rv = KC_ERR_LOADDB; 14999ebb4caSwyllys } else { 15099ebb4caSwyllys *policy_list = plist; 15199ebb4caSwyllys } 15299ebb4caSwyllys 15399ebb4caSwyllys return (rv); 15499ebb4caSwyllys } 15599ebb4caSwyllys 15699ebb4caSwyllys /* 15799ebb4caSwyllys * Return 0 if there is any error in the input string. 15899ebb4caSwyllys */ 15999ebb4caSwyllys uint16_t 16099ebb4caSwyllys parseKUlist(char *kustring) 16199ebb4caSwyllys { 16299ebb4caSwyllys uint16_t cur_bit; 16399ebb4caSwyllys uint16_t kubits = 0; 16499ebb4caSwyllys char *p; 16599ebb4caSwyllys 16699ebb4caSwyllys p = strtok(kustring, ","); 16799ebb4caSwyllys while (p != NULL) { 16830a5e8faSwyllys cur_bit = kmf_string_to_ku(p); 16999ebb4caSwyllys if (cur_bit == 0) { 17099ebb4caSwyllys kubits = 0; 17199ebb4caSwyllys break; 17299ebb4caSwyllys } 17399ebb4caSwyllys kubits |= cur_bit; 17499ebb4caSwyllys p = strtok(NULL, ","); 17599ebb4caSwyllys } 17699ebb4caSwyllys 17799ebb4caSwyllys return (kubits); 17899ebb4caSwyllys } 17999ebb4caSwyllys 18099ebb4caSwyllys static void 18199ebb4caSwyllys addToEKUList(KMF_EKU_POLICY *ekus, KMF_OID *newoid) 18299ebb4caSwyllys { 18399ebb4caSwyllys if (newoid != NULL && ekus != NULL) { 18499ebb4caSwyllys ekus->eku_count++; 18599ebb4caSwyllys ekus->ekulist = realloc( 18630a5e8faSwyllys ekus->ekulist, ekus->eku_count * sizeof (KMF_OID)); 18799ebb4caSwyllys if (ekus->ekulist != NULL) { 18899ebb4caSwyllys ekus->ekulist[ekus->eku_count-1] = *newoid; 18999ebb4caSwyllys } 19099ebb4caSwyllys } 19199ebb4caSwyllys } 19299ebb4caSwyllys 19399ebb4caSwyllys int 19499ebb4caSwyllys parseEKUNames(char *ekulist, KMF_POLICY_RECORD *plc) 19599ebb4caSwyllys { 19699ebb4caSwyllys int rv = KC_OK; 19799ebb4caSwyllys char *p; 19899ebb4caSwyllys KMF_OID *newoid; 19999ebb4caSwyllys KMF_EKU_POLICY *ekus = &plc->eku_set; 20099ebb4caSwyllys 20199ebb4caSwyllys if (ekulist == NULL || !strlen(ekulist)) 20299ebb4caSwyllys return (0); 20399ebb4caSwyllys 20499ebb4caSwyllys /* 20599ebb4caSwyllys * The list should be comma separated list of EKU Names. 20699ebb4caSwyllys */ 20799ebb4caSwyllys p = strtok(ekulist, ","); 20899ebb4caSwyllys 20999ebb4caSwyllys /* If no tokens found, then maybe its just a single EKU value */ 21099ebb4caSwyllys if (p == NULL) { 21130a5e8faSwyllys newoid = kmf_ekuname_to_oid(ekulist); 21299ebb4caSwyllys if (newoid != NULL) { 21399ebb4caSwyllys addToEKUList(ekus, newoid); 21499ebb4caSwyllys free(newoid); 21599ebb4caSwyllys } else { 21699ebb4caSwyllys rv = KC_ERR_USAGE; 21799ebb4caSwyllys } 21899ebb4caSwyllys } 21999ebb4caSwyllys 22099ebb4caSwyllys while (p != NULL) { 22130a5e8faSwyllys newoid = kmf_ekuname_to_oid(p); 22299ebb4caSwyllys if (newoid != NULL) { 22399ebb4caSwyllys addToEKUList(ekus, newoid); 22499ebb4caSwyllys free(newoid); 22599ebb4caSwyllys } else { 22699ebb4caSwyllys rv = KC_ERR_USAGE; 22799ebb4caSwyllys break; 22899ebb4caSwyllys } 22999ebb4caSwyllys p = strtok(NULL, ","); 23099ebb4caSwyllys } 23199ebb4caSwyllys 23299ebb4caSwyllys if (rv != KC_OK) 23330a5e8faSwyllys kmf_free_eku_policy(ekus); 23499ebb4caSwyllys 23599ebb4caSwyllys return (rv); 23699ebb4caSwyllys } 23799ebb4caSwyllys 23899ebb4caSwyllys int 23999ebb4caSwyllys parseEKUOIDs(char *ekulist, KMF_POLICY_RECORD *plc) 24099ebb4caSwyllys { 24199ebb4caSwyllys int rv = KC_OK; 24299ebb4caSwyllys char *p; 243*6b35cb3cSRichard PALO KMF_OID newoid = { 0, NULL }; 24499ebb4caSwyllys KMF_EKU_POLICY *ekus = &plc->eku_set; 24599ebb4caSwyllys 24699ebb4caSwyllys if (ekulist == NULL || !strlen(ekulist)) 24799ebb4caSwyllys return (0); 24899ebb4caSwyllys 24999ebb4caSwyllys /* 25099ebb4caSwyllys * The list should be comma separated list of EKU Names. 25199ebb4caSwyllys */ 25299ebb4caSwyllys p = strtok(ekulist, ","); 25399ebb4caSwyllys if (p == NULL) { 25430a5e8faSwyllys if (kmf_string_to_oid(ekulist, &newoid) == KMF_OK) { 25530a5e8faSwyllys addToEKUList(ekus, &newoid); 25699ebb4caSwyllys } else { 25799ebb4caSwyllys rv = KC_ERR_USAGE; 25899ebb4caSwyllys } 25999ebb4caSwyllys } 26099ebb4caSwyllys 26199ebb4caSwyllys while (p != NULL && rv == 0) { 26230a5e8faSwyllys if (kmf_string_to_oid(p, &newoid) == KMF_OK) { 26330a5e8faSwyllys addToEKUList(ekus, &newoid); 26499ebb4caSwyllys } else { 26599ebb4caSwyllys rv = KC_ERR_USAGE; 26699ebb4caSwyllys break; 26799ebb4caSwyllys } 26899ebb4caSwyllys p = strtok(NULL, ","); 26999ebb4caSwyllys } 27099ebb4caSwyllys 27199ebb4caSwyllys if (rv != KC_OK) 27230a5e8faSwyllys kmf_free_eku_policy(ekus); 27399ebb4caSwyllys 27499ebb4caSwyllys return (rv); 27599ebb4caSwyllys } 27699ebb4caSwyllys 27799ebb4caSwyllys int 27899ebb4caSwyllys get_boolean(char *arg) 27999ebb4caSwyllys { 28099ebb4caSwyllys if (arg == NULL) 28199ebb4caSwyllys return (-1); 28299ebb4caSwyllys if (strcasecmp(arg, "true") == 0) 28399ebb4caSwyllys return (1); 28499ebb4caSwyllys if (strcasecmp(arg, "false") == 0) 28599ebb4caSwyllys return (0); 28699ebb4caSwyllys return (-1); 28799ebb4caSwyllys } 28899ebb4caSwyllys 28999ebb4caSwyllys /* 29099ebb4caSwyllys * This function processes the input string. It removes the beginning 29199ebb4caSwyllys * and ending blank's first, makes a copy of the resulting string and 29299ebb4caSwyllys * return it. 29399ebb4caSwyllys * 29499ebb4caSwyllys * This function returns NULL, if there is an error in the 29599ebb4caSwyllys * input string or when the system is out of memory. The output 29699ebb4caSwyllys * "err_flag" argument will record the error code, if it is not NULL. 29799ebb4caSwyllys */ 29899ebb4caSwyllys char * 29999ebb4caSwyllys get_string(char *str, int *err_flag) 30099ebb4caSwyllys { 30199ebb4caSwyllys char *p; 30299ebb4caSwyllys int len, i; 30399ebb4caSwyllys char *retstr = NULL; 30499ebb4caSwyllys 30599ebb4caSwyllys if (str == NULL) { 30699ebb4caSwyllys if (err_flag != NULL) 30799ebb4caSwyllys *err_flag = KC_ERR_USAGE; 30899ebb4caSwyllys return (NULL); 30999ebb4caSwyllys } 31099ebb4caSwyllys 31199ebb4caSwyllys /* Remove beginning whitespace */ 31299ebb4caSwyllys p = str; 31399ebb4caSwyllys while (p != NULL && isspace(*p)) 31499ebb4caSwyllys p++; 31599ebb4caSwyllys 31699ebb4caSwyllys if (p == NULL) { 31799ebb4caSwyllys if (err_flag != NULL) 31899ebb4caSwyllys *err_flag = KC_ERR_USAGE; 31999ebb4caSwyllys return (NULL); 32099ebb4caSwyllys } 32199ebb4caSwyllys 32299ebb4caSwyllys /* Remove the trailing blanks */ 32399ebb4caSwyllys len = strlen(p); 32499ebb4caSwyllys while (len > 0 && isspace(p[len-1])) 32599ebb4caSwyllys len--; 32699ebb4caSwyllys 32799ebb4caSwyllys if (len == 0) { 32899ebb4caSwyllys if (err_flag != NULL) 32999ebb4caSwyllys *err_flag = KC_ERR_USAGE; 33099ebb4caSwyllys return (NULL); 33199ebb4caSwyllys } 33299ebb4caSwyllys 33399ebb4caSwyllys /* Check if there is any non-printable character */ 33499ebb4caSwyllys i = 0; 33599ebb4caSwyllys while (i < len) { 33699ebb4caSwyllys if (isprint(p[i])) 33799ebb4caSwyllys i++; 33899ebb4caSwyllys else { 33999ebb4caSwyllys if (err_flag != NULL) 34099ebb4caSwyllys *err_flag = KC_ERR_USAGE; 34199ebb4caSwyllys return (NULL); 34299ebb4caSwyllys } 34399ebb4caSwyllys } 34499ebb4caSwyllys 34599ebb4caSwyllys /* Make a copy of the string and return it */ 34699ebb4caSwyllys retstr = malloc(len + 1); 34799ebb4caSwyllys if (retstr == NULL) { 34899ebb4caSwyllys if (err_flag != NULL) 34999ebb4caSwyllys *err_flag = KC_ERR_MEMORY; 35099ebb4caSwyllys return (NULL); 35199ebb4caSwyllys } 35299ebb4caSwyllys 35399ebb4caSwyllys if (err_flag != NULL) 35499ebb4caSwyllys *err_flag = KC_OK; 35599ebb4caSwyllys 35699ebb4caSwyllys (void) strncpy(retstr, p, len); 35799ebb4caSwyllys retstr[len] = '\0'; 35899ebb4caSwyllys return (retstr); 35999ebb4caSwyllys } 36099ebb4caSwyllys 36199ebb4caSwyllys /* 36299ebb4caSwyllys * Breaks out the getopt-style option string into a structure that can be 36399ebb4caSwyllys * traversed later for calls to getopt_av(). Option string is NOT altered, 36499ebb4caSwyllys * but the struct fields point to locations within option string. 36599ebb4caSwyllys */ 36699ebb4caSwyllys static int 36799ebb4caSwyllys populate_opts(char *optstring) 36899ebb4caSwyllys { 36999ebb4caSwyllys int i; 37099ebb4caSwyllys av_opts *temp; 37199ebb4caSwyllys char *marker; 37299ebb4caSwyllys 37399ebb4caSwyllys if (optstring == NULL || *optstring == '\0') 37499ebb4caSwyllys return (0); 37599ebb4caSwyllys 37699ebb4caSwyllys /* 37799ebb4caSwyllys * This tries to imitate getopt(3c) Each option must conform to: 37899ebb4caSwyllys * <short name char> [ ':' ] [ '(' <long name string> ')' ] 37999ebb4caSwyllys * If long name is missing, the short name is used for long name. 38099ebb4caSwyllys */ 38199ebb4caSwyllys for (i = 0; *optstring != '\0'; i++) { 38299ebb4caSwyllys if ((temp = (av_opts *)((i == 0) ? malloc(sizeof (av_opts)) : 38399ebb4caSwyllys realloc(opts_av, (i+1) * sizeof (av_opts)))) == NULL) { 38499ebb4caSwyllys free(opts_av); 38599ebb4caSwyllys opts_av = NULL; 38699ebb4caSwyllys return (0); 38799ebb4caSwyllys } else 38899ebb4caSwyllys opts_av = (av_opts *)temp; 38999ebb4caSwyllys 39099ebb4caSwyllys marker = optstring; /* may need optstring later */ 39199ebb4caSwyllys 39299ebb4caSwyllys opts_av[i].shortnm = *marker++; /* set short name */ 39399ebb4caSwyllys 39499ebb4caSwyllys if (*marker == ':') { /* check for opt arg */ 39599ebb4caSwyllys marker++; 39699ebb4caSwyllys opts_av[i].has_arg = B_TRUE; 39799ebb4caSwyllys } 39899ebb4caSwyllys 39999ebb4caSwyllys if (*marker == '(') { /* check and set long name */ 40099ebb4caSwyllys marker++; 40199ebb4caSwyllys opts_av[i].longnm = marker; 40299ebb4caSwyllys opts_av[i].longnm_len = strcspn(marker, ")"); 40399ebb4caSwyllys optstring = marker + opts_av[i].longnm_len + 1; 40499ebb4caSwyllys } else { 40599ebb4caSwyllys /* use short name option character */ 40699ebb4caSwyllys opts_av[i].longnm = optstring; 40799ebb4caSwyllys opts_av[i].longnm_len = 1; 40899ebb4caSwyllys optstring = marker; 40999ebb4caSwyllys } 41099ebb4caSwyllys } 41199ebb4caSwyllys 41299ebb4caSwyllys return (i); 41399ebb4caSwyllys } 41499ebb4caSwyllys 41599ebb4caSwyllys /* 41699ebb4caSwyllys * getopt_av() is very similar to getopt(3c) in that the takes an option 41799ebb4caSwyllys * string, compares command line arguments for matches, and returns a single 41899ebb4caSwyllys * letter option when a match is found. However, getopt_av() differs from 41999ebb4caSwyllys * getopt(3c) by allowing both longname options and values be found 42099ebb4caSwyllys * on the command line. 42199ebb4caSwyllys */ 42299ebb4caSwyllys int 42399ebb4caSwyllys getopt_av(int argc, char * const *argv, const char *optstring) 42499ebb4caSwyllys { 42599ebb4caSwyllys int i; 42699ebb4caSwyllys int len; 42799ebb4caSwyllys 42899ebb4caSwyllys if (optind_av >= argc) 42999ebb4caSwyllys return (EOF); 43099ebb4caSwyllys 43199ebb4caSwyllys /* First time or when optstring changes from previous one */ 43299ebb4caSwyllys if (_save_optstr != optstring) { 43399ebb4caSwyllys if (opts_av != NULL) 43499ebb4caSwyllys free(opts_av); 43599ebb4caSwyllys opts_av = NULL; 43699ebb4caSwyllys _save_optstr = optstring; 43799ebb4caSwyllys _save_numopts = populate_opts((char *)optstring); 43899ebb4caSwyllys } 43999ebb4caSwyllys 44099ebb4caSwyllys for (i = 0; i < _save_numopts; i++) { 44199ebb4caSwyllys if (strcmp(argv[optind_av], "--") == 0) { 44299ebb4caSwyllys optind_av++; 44399ebb4caSwyllys break; 44499ebb4caSwyllys } 44599ebb4caSwyllys 44699ebb4caSwyllys len = strcspn(argv[optind_av], "="); 44799ebb4caSwyllys 44899ebb4caSwyllys if (len == opts_av[i].longnm_len && strncmp(argv[optind_av], 44999ebb4caSwyllys opts_av[i].longnm, opts_av[i].longnm_len) == 0) { 45099ebb4caSwyllys /* matched */ 45199ebb4caSwyllys if (!opts_av[i].has_arg) { 45299ebb4caSwyllys optind_av++; 45399ebb4caSwyllys return (opts_av[i].shortnm); 45499ebb4caSwyllys } 45599ebb4caSwyllys 45699ebb4caSwyllys /* needs optarg */ 45799ebb4caSwyllys if (argv[optind_av][len] == '=') { 45899ebb4caSwyllys optarg_av = &(argv[optind_av][len+1]); 45999ebb4caSwyllys optind_av++; 46099ebb4caSwyllys return (opts_av[i].shortnm); 46199ebb4caSwyllys } 46299ebb4caSwyllys 46399ebb4caSwyllys optarg_av = NULL; 46499ebb4caSwyllys optind_av++; 46599ebb4caSwyllys return ((int)'?'); 46699ebb4caSwyllys } 46799ebb4caSwyllys } 46899ebb4caSwyllys 46999ebb4caSwyllys return (EOF); 47099ebb4caSwyllys } 47199ebb4caSwyllys 47299ebb4caSwyllys void 47399ebb4caSwyllys print_sanity_error(KMF_RETURN ret) 47499ebb4caSwyllys { 47599ebb4caSwyllys switch (ret) { 47699ebb4caSwyllys case KMF_ERR_POLICY_NAME: 47799ebb4caSwyllys (void) fprintf(stderr, gettext("Error in the policy name\n")); 47899ebb4caSwyllys break; 47999ebb4caSwyllys case KMF_ERR_TA_POLICY: 48099ebb4caSwyllys (void) fprintf(stderr, 48199ebb4caSwyllys gettext("Error in trust anchor attributes\n")); 48299ebb4caSwyllys break; 48399ebb4caSwyllys case KMF_ERR_OCSP_POLICY: 48499ebb4caSwyllys (void) fprintf(stderr, 48599ebb4caSwyllys gettext("Error in OCSP policy attributes\n")); 48699ebb4caSwyllys break; 48799ebb4caSwyllys default: 48899ebb4caSwyllys break; 48999ebb4caSwyllys } 49099ebb4caSwyllys } 491431deaa0Shylee 492431deaa0Shylee 493431deaa0Shylee conf_entry_t * 494431deaa0Shylee get_keystore_entry(char *kstore_name) 495431deaa0Shylee { 496431deaa0Shylee conf_entrylist_t *phead = NULL; 497431deaa0Shylee conf_entrylist_t *ptr; 498431deaa0Shylee conf_entry_t *rtn_entry = NULL; 499431deaa0Shylee 500431deaa0Shylee if (kstore_name == NULL) 501431deaa0Shylee return (NULL); 502431deaa0Shylee 503431deaa0Shylee if (get_entrylist(&phead) != KMF_OK) 504431deaa0Shylee return (NULL); 505431deaa0Shylee 506431deaa0Shylee ptr = phead; 507431deaa0Shylee while (ptr != NULL) { 508431deaa0Shylee if (strcmp(ptr->entry->keystore, kstore_name) == 0) 509431deaa0Shylee break; 510431deaa0Shylee ptr = ptr->next; 511431deaa0Shylee } 512431deaa0Shylee 513431deaa0Shylee if (ptr != NULL) /* found the entry */ 514431deaa0Shylee rtn_entry = dup_entry(ptr->entry); 515431deaa0Shylee 516431deaa0Shylee free_entrylist(phead); 517431deaa0Shylee return (rtn_entry); 518431deaa0Shylee } 519