1/* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21/* 22 * Copyright 2006 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 */ 25 26#pragma ident "%Z%%M% %I% %E% SMI" 27 28#include <ctype.h> 29#include <stdio.h> 30#include <stdlib.h> 31#include <unistd.h> 32#include <fcntl.h> 33#include <strings.h> 34#include <libscf.h> 35#include <sys/errno.h> 36#include <errno.h> 37#include <sys/stropts.h> 38#include "kssladm.h" 39 40 41/* 42 * kssladm(1M) 43 * 44 * Command to manage the entries in kernel SSL proxy table. This is 45 * a private command called indirectly from ksslcfg(1M). 46 */ 47 48boolean_t verbose = B_FALSE; 49 50static void 51usage_all(void) 52{ 53 (void) fprintf(stderr, "Usage:\n"); 54 usage_create(B_FALSE); 55 usage_delete(B_FALSE); 56} 57 58int 59main(int argc, char **argv) 60{ 61 int rv = SUCCESS; 62 63 if (argc < 2) { 64 usage_all(); 65 return (SMF_EXIT_ERR_CONFIG); 66 } 67 68 if (strcmp(argv[1], "create") == 0) { 69 rv = do_create(argc, argv); 70 } else if (strcmp(argv[1], "delete") == 0) { 71 rv = do_delete(argc, argv); 72 } else { 73 (void) fprintf(stderr, "Unknown sub-command: %s\n", argv[1]); 74 usage_all(); 75 rv = SMF_EXIT_ERR_CONFIG; 76 } 77 78 return (rv); 79} 80 81 82/* 83 * Read a passphrase from the file into the supplied buffer. 84 * A space character and the characters that follow 85 * the space character will be ignored. 86 * Return 0 when no valid passphrase was found in the file. 87 */ 88static int 89read_pass_from_file(const char *filename, char *buffer, size_t bufsize) 90{ 91 char *line; 92 char *p; 93 FILE *fp; 94 95 fp = fopen(filename, "r"); 96 if (fp == NULL) { 97 (void) fprintf(stderr, 98 "Unable to open password file for reading"); 99 return (1); 100 } 101 102 line = fgets(buffer, bufsize, fp); 103 (void) fclose(fp); 104 if (line == NULL) { 105 return (0); 106 } 107 108 for (p = buffer; *p != '\0'; p++) { 109 if (isspace(*p)) { 110 *p = '\0'; 111 break; 112 } 113 } 114 115 return (p - buffer); 116} 117 118 119int 120get_passphrase(const char *password_file, char *buf, int buf_size) 121{ 122 if (password_file == NULL) { 123 char *passphrase = getpassphrase("Enter passphrase: "); 124 if (passphrase) { 125 return (strlcpy(buf, passphrase, buf_size)); 126 } 127 128 return (0); 129 } 130 131 return (read_pass_from_file(password_file, buf, buf_size)); 132} 133 134 135int 136kssl_send_command(char *buf, int cmd) 137{ 138 int ksslfd; 139 int rv; 140 141 ksslfd = open("/dev/kssl", O_RDWR); 142 if (ksslfd < 0) { 143 perror("Cannot open /dev/kssl"); 144 return (-1); 145 } 146 147 if ((rv = ioctl(ksslfd, cmd, buf)) < 0) { 148 switch (errno) { 149 case EEXIST: 150 (void) fprintf(stderr, 151 "Error: Can not create a INADDR_ANY instance" 152 " while another instance exists.\n"); 153 break; 154 case EADDRINUSE: 155 (void) fprintf(stderr, 156 "Error: Another instance with the same" 157 " proxy port exists.\n"); 158 break; 159 default: 160 perror("ioctl failure"); 161 break; 162 } 163 } 164 165 (void) close(ksslfd); 166 167 return (rv); 168} 169