Print this page
10126 smatch fix for kmfcfg
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/cmd/cmd-crypto/kmfcfg/kmfcfg.c
+++ new/usr/src/cmd/cmd-crypto/kmfcfg/kmfcfg.c
1 1 /*
2 2 * CDDL HEADER START
3 3 *
4 4 * The contents of this file are subject to the terms of the
5 5 * Common Development and Distribution License (the "License").
6 6 * You may not use this file except in compliance with the License.
7 7 *
8 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 9 * or http://www.opensolaris.org/os/licensing.
10 10 * See the License for the specific language governing permissions
11 11 * and limitations under the License.
12 12 *
13 13 * When distributing Covered Code, include this CDDL HEADER in each
|
↓ open down ↓ |
13 lines elided |
↑ open up ↑ |
14 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 15 * If applicable, add the following below this CDDL HEADER, with the
16 16 * fields enclosed by brackets "[]" replaced with your own identifying
17 17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 18 *
19 19 * CDDL HEADER END
20 20 *
21 21 * Copyright (c) 2006, 2010, Oracle and/or its affiliates. All rights reserved.
22 22 */
23 23
24 +/*
25 + * Copyright (c) 2018, Joyent, Inc.
26 + */
27 +
24 28 #include <stdio.h>
25 29 #include <strings.h>
26 30 #include <ctype.h>
27 31 #include <libgen.h>
28 32 #include <libintl.h>
29 33 #include <locale.h>
30 34
31 35 #include <kmfapiP.h>
32 36
33 37 #include "util.h"
34 38
35 39 /*
36 40 * The verbcmd construct allows genericizing information about a verb so
37 41 * that it is easier to manipulate. Makes parsing code easier to read,
38 42 * fix, and extend with new verbs.
39 43 */
40 44 typedef struct verbcmd_s {
41 45 char *verb;
42 46 int (*action)(int, char *[]);
43 47 char *synopsis;
44 48 } verbcmd;
45 49
46 50 int kc_list(int argc, char *argv[]);
47 51 int kc_delete(int argc, char *argv[]);
48 52 int kc_create(int argc, char *argv[]);
49 53 int kc_modify(int argc, char *argv[]);
50 54 int kc_export(int argc, char *argv[]);
51 55 int kc_import(int argc, char *argv[]);
52 56 int kc_install(int argc, char *argv[]);
53 57 int kc_uninstall(int argc, char *argv[]);
54 58
55 59 static int kc_help();
56 60
57 61 static verbcmd cmds[] = {
58 62 { "list", kc_list,
59 63 "list [dbfile=dbfile] [policy=policyname]\n"
60 64 "\tlist plugin" },
61 65 { "delete", kc_delete, "delete [dbfile=dbfile] "
62 66 "policy=policyname" },
63 67 { "create", kc_create,
64 68 "create [dbfile=dbfile] policy=policyname\n"
65 69 "\t\t[ignore-date=true|false]\n"
66 70 "\t\t[ignore-unknown-eku=true|false]\n"
67 71 "\t\t[ignore-trust-anchor=true|false]\n"
68 72 "\t\t[validity-adjusttime=adjusttime]\n"
69 73 "\t\t[ta-name=trust anchor subject DN]\n"
70 74 "\t\t[ta-serial=trust anchor serial number]\n"
71 75 "\t\t[ocsp-responder=URL]\n"
72 76 "\t\t[ocsp-proxy=URL]\n"
73 77 "\t\t[ocsp-use-cert-responder=true|false]\n"
74 78 "\t\t[ocsp-response-lifetime=timelimit]\n"
75 79 "\t\t[ocsp-ignore-response-sign=true|false]\n"
76 80 "\t\t[ocsp-responder-cert-name=Issuer DN]\n"
77 81 "\t\t[ocsp-responder-cert-serial=serial number]\n"
78 82 "\t\t[crl-basefilename=basefilename]\n"
79 83 "\t\t[crl-directory=directory]\n"
80 84 "\t\t[crl-get-crl-uri=true|false]\n"
81 85 "\t\t[crl-proxy=URL]\n"
82 86 "\t\t[crl-ignore-crl-sign=true|false]\n"
83 87 "\t\t[crl-ignore-crl-date=true|false]\n"
84 88 "\t\t[keyusage=digitalSignature|nonRepudiation\n\t"
85 89 "\t\t|keyEncipherment | dataEncipherment |\n\t"
86 90 "\t\tkeyAgreement |keyCertSign |\n\t"
87 91 "\t\tcRLSign | encipherOnly | decipherOnly],[...]\n"
88 92 "\t\t[ekunames=serverAuth | clientAuth |\n\t"
89 93 "\t\tcodeSigning | emailProtection |\n\t"
90 94 "\t\tipsecEndSystem | ipsecTunnel |\n\t"
91 95 "\t\tipsecUser | timeStamping |\n\t"
92 96 "\t\tOCSPSigning],[...]\n"
93 97 "\t\t[ekuoids=OID,OID,OID...]\n"
94 98 "\t\t[mapper-name=name of mapper library]\n"
95 99 "\t\t[mapper-directory=dir where mapper library resides]\n"
96 100 "\t\t[mapper-path=full pathname of mapper library]\n"
97 101 "\t\t[mapper-options=mapper options]\n"},
98 102 { "modify", kc_modify,
99 103 "modify [dbfile=dbfile] policy=policyname\n"
100 104 "\t\t[ignore-date=true|false]\n"
101 105 "\t\t[ignore-unknown-eku=true|false]\n"
102 106 "\t\t[ignore-trust-anchor=true|false]\n"
103 107 "\t\t[validity-adjusttime=adjusttime]\n"
104 108 "\t\t[ta-name=trust anchor subject DN | search]\n"
105 109 "\t\t[ta-serial=trust anchor serial number]\n"
106 110 "\t\t[ocsp-responder=URL]\n"
107 111 "\t\t[ocsp-proxy=URL]\n"
108 112 "\t\t[ocsp-use-cert-responder=true|false]\n"
109 113 "\t\t[ocsp-response-lifetime=timelimit]\n"
110 114 "\t\t[ocsp-ignore-response-sign=true|false]\n"
111 115 "\t\t[ocsp-responder-cert-name=Issuer DN]\n"
112 116 "\t\t[ocsp-responder-cert-serial=serial number]\n"
113 117 "\t\t[ocsp-none=true|false]\n"
114 118 "\t\t[crl-basefilename=basefilename]\n"
115 119 "\t\t[crl-directory=directory]\n"
116 120 "\t\t[crl-get-crl-uri=true|false]\n"
117 121 "\t\t[crl-proxy=URL]\n"
118 122 "\t\t[crl-ignore-crl-sign=true|false]\n"
119 123 "\t\t[crl-ignore-crl-date=true|false]\n"
120 124 "\t\t[crl-none=true|false]\n"
121 125 "\t\t[keyusage=digitalSignature|nonRepudiation\n\t"
122 126 "\t\t|keyEncipherment | dataEncipherment |\n\t"
123 127 "\t\tkeyAgreement |keyCertSign |\n\t"
124 128 "\t\tcRLSign | encipherOnly | decipherOnly],[...]\n"
125 129 "\t\t[keyusage-none=true|false]\n"
126 130 "\t\t[ekunames=serverAuth | clientAuth |\n\t"
127 131 "\t\tcodeSigning | emailProtection |\n\t"
128 132 "\t\tipsecEndSystem | ipsecTunnel |\n\t"
129 133 "\t\tipsecUser | timeStamping |\n\t"
130 134 "\t\tOCSPSigning],[...]\n"
131 135 "\t\t[ekuoids=OID,OID,OID...]\n"
132 136 "\t\t[eku-none=true|false]\n\n"
133 137 "\t\t[mapper-name=name of mapper library]\n"
134 138 "\t\t[mapper-directory=dir where mapper library resides]\n"
135 139 "\t\t[mapper-path=full pathname of mapper library]\n"
136 140 "\t\t[mapper-options=mapper options]\n"
137 141 "\tmodify plugin keystore=keystorename option=optionstring\n"},
138 142
139 143 { "import", kc_import, "import [dbfile=dbfile] policy=policyname "
140 144 "infile=inputdbfile\n" },
141 145 { "export", kc_export, "export [dbfile=dbfile] policy=policyname "
142 146 "outfile=newdbfile\n" },
143 147 { "install", kc_install, "install keystore=keystorename "
144 148 "modulepath=path [option=optionstring]\n"},
145 149 { "uninstall", kc_uninstall, "uninstall keystore=keystorename\n"},
146 150 { "-?", kc_help, "help"},
147 151 { "help", kc_help, ""}
148 152 };
149 153
150 154 static int num_cmds = sizeof (cmds) / sizeof (verbcmd);
151 155 static char *prog;
152 156
153 157 static void
154 158 usage(void)
155 159 {
156 160 int i;
157 161
158 162 /* Display this block only in command-line mode. */
159 163 (void) fprintf(stdout, gettext("Usage:\n"));
160 164 (void) fprintf(stdout, gettext("\t%s -?\t(help and usage)\n"), prog);
161 165 (void) fprintf(stdout, gettext("\t%s subcommand [options...]\n"), prog);
162 166 (void) fprintf(stdout, gettext("where subcommands may be:\n"));
163 167
164 168 /* Display only those verbs that match the current tool mode. */
165 169 for (i = 0; i < num_cmds; i++) {
166 170 /* Do NOT i18n/l10n. */
167 171 (void) fprintf(stdout, "\t%s\n", cmds[i].synopsis);
168 172 }
169 173 }
170 174
171 175 static int
172 176 kc_help()
173 177 {
174 178 usage();
175 179 return (0);
176 180 }
177 181
178 182 int
179 183 main(int argc, char *argv[])
180 184 {
181 185 int ret;
|
↓ open down ↓ |
148 lines elided |
↑ open up ↑ |
182 186 int found;
183 187 int i;
184 188
185 189 (void) setlocale(LC_ALL, "");
186 190 #if !defined(TEXT_DOMAIN) /* Should be defined by cc -D. */
187 191 #define TEXT_DOMAIN "SYS_TEST" /* Use this only if it isn't. */
188 192 #endif
189 193 (void) textdomain(TEXT_DOMAIN);
190 194
191 195 prog = basename(argv[0]);
192 - argv++; argc--;
196 + argv++;
197 + argc--;
193 198
194 199 if (argc == 0) {
195 200 usage();
196 201 exit(1);
197 202 }
198 203
199 204 if (argc == 1 && argv[0][0] == '-') {
200 205 switch (argv[0][1]) {
201 206 case '?':
202 207 return (kc_help());
203 208 default:
204 209 usage();
205 210 exit(1);
206 211 }
207 212 }
208 213
209 214 found = -1;
210 215 for (i = 0; i < num_cmds; i++) {
211 216 if (strcmp(cmds[i].verb, argv[0]) == 0) {
212 217 found = i;
213 218 break;
214 219 }
215 220 }
216 221
217 222 if (found < 0) {
218 223 (void) fprintf(stderr, gettext("Invalid command: %s\n"),
219 224 argv[0]);
220 225 exit(1);
221 226 }
222 227
223 228 /*
224 229 * Note the action functions can return values from
225 230 * the key management framework, and those values can conflict
226 231 * with the utility error codes.
227 232 */
228 233 ret = (*cmds[found].action)(argc, argv);
229 234
230 235 switch (ret) {
231 236 case KC_OK:
232 237 break;
233 238 case KC_ERR_USAGE:
234 239 break;
235 240 case KC_ERR_LOADDB:
236 241 (void) fprintf(stderr,
237 242 gettext("Error loading database\n"));
238 243 break;
239 244 case KC_ERR_FIND_POLICY:
240 245 break;
241 246 case KC_ERR_DELETE_POLICY:
242 247 (void) fprintf(stderr, gettext("Error deleting policy "
243 248 "from database.\n"));
244 249 break;
245 250 case KC_ERR_ADD_POLICY:
246 251 break;
247 252 case KC_ERR_VERIFY_POLICY:
248 253 break;
249 254 case KC_ERR_INCOMPLETE_POLICY:
250 255 break;
251 256 case KC_ERR_MEMORY:
252 257 (void) fprintf(stderr, gettext("Out of memory.\n"));
253 258 break;
254 259 case KC_ERR_ACCESS:
255 260 break;
256 261 case KC_ERR_INSTALL:
257 262 break;
258 263 case KC_ERR_UNINSTALL:
259 264 break;
260 265 default:
261 266 (void) fprintf(stderr, gettext("%s operation failed. "
262 267 "error 0x%02x\n"), cmds[found].verb, ret);
263 268 break;
264 269 }
265 270
266 271 return (ret);
267 272 }
|
↓ open down ↓ |
65 lines elided |
↑ open up ↑ |
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX