int do_create(int argc, char *argv[]) { char c; char *buf, *ptr, *instance_name; char *inaddr_any_name = NULL; int i, status, len, pcnt; const char *token_label = NULL; const char *filename = NULL; const char *certname = NULL; const char *username = NULL; const char *proxy_port = NULL; char *format = NULL; boolean_t quote_next; char address_port[MAX_ADRPORT_LEN + 1]; argc -= 1; argv += 1; /* * Many of these arguments are passed on to kssladm command * in the start method of the SMF instance created. So, we do only * the basic usage checks here and let kssladm check the validity * of the arguments. This is the reason we ignore optarg * for some of the cases below. */ while ((c = getopt(argc, argv, "vT:d:f:h:i:p:c:C:t:u:x:z:")) != -1) { switch (c) { case 'd': break; case 'c': break; case 'C': certname = optarg; break; case 'f': format = optarg; break; case 'h': break; case 'i': filename = optarg; break; case 'T': token_label = optarg; break; case 'p': break; case 't': break; case 'u': username = optarg; break; case 'x': proxy_port = optarg; break; case 'v': verbose = B_TRUE; break; case 'z': break; default: goto err; } } if (format == NULL || proxy_port == NULL) { goto err; } if (get_portnum(proxy_port, NULL) == 0) { (void) fprintf(stderr, gettext("Error: Invalid proxy port value %s\n"), proxy_port); goto err; } if (strcmp(format, "pkcs11") == 0) { if (token_label == NULL || certname == NULL) { goto err; } } else if (strcmp(format, "pkcs12") == 0 || strcmp(format, "pem") == 0) { if (filename == NULL) { goto err; } } else { goto err; } pcnt = argc - optind; if (pcnt == 1) { if (strlen(argv[optind]) < MAX_ADRPORT_LEN) { (void) strcpy(address_port, argv[optind]); } else { (void) fprintf(stderr, gettext( "argument too long -- %s\n"), argv[optind]); return (FAILURE); } } else if (pcnt == 2) { if ((len = strlen(argv[optind])) + (strlen(argv[optind + 1])) < MAX_ADRPORT_LEN) { (void) strcpy(address_port, argv[optind]); address_port[len] = ' '; (void) strcpy(address_port + len + 1, argv[optind + 1]); } else { (void) fprintf(stderr, gettext( "arguments too long -- %s %s\n"), argv[optind], argv[optind + 1]); return (FAILURE); } } else { goto err; } /* * We need to create the kssladm command line in * the SMF instance from the current arguments. * * Construct a buffer with all the arguments except * the -u argument. We have to quote the string arguments, * -T and -C, as they can contain white space. */ len = 0; for (i = 1; i < optind; i++) { len += strlen(argv[i]) + 3; } if ((buf = malloc(len)) == NULL) { return (FAILURE); } ptr = buf; quote_next = B_FALSE; for (i = 1; i < optind; i++) { int arglen = strlen(argv[i]) + 1; if (strncmp(argv[i], "-u", 2) == 0) { i++; continue; } if (quote_next) { (void) snprintf(ptr, len, "\"%s\" ", argv[i]); quote_next = B_FALSE; arglen += 2; } else { (void) snprintf(ptr, len, "%s ", argv[i]); } quote_next = (strncmp(argv[i], "-T", 2) == 0 || strncmp(argv[i], "-C", 2) == 0); ptr += arglen; len -= arglen; } KSSL_DEBUG("buf=%s\n", buf); instance_name = create_instance_name(address_port, &inaddr_any_name, B_TRUE); if (instance_name == NULL || inaddr_any_name == NULL) { free(buf); return (FAILURE); } KSSL_DEBUG("instance_name=%s\n", instance_name); KSSL_DEBUG("inaddr_any_name=%s\n", inaddr_any_name); if (username == NULL) username = "******"; status = create_service(instance_name, address_port, buf, username, inaddr_any_name); if (status == INSTANCE_OTHER_EXISTS || status == INSTANCE_ANY_EXISTS) { if (status == INSTANCE_ANY_EXISTS && (strcmp(instance_name, inaddr_any_name) != SUCCESS)) { /* * The following could result in a misconfiguration. * Better bail out with an error. */ (void) fprintf(stderr, gettext("Error: INADDR_ANY instance exists." " Can not create a new instance %s.\n"), instance_name); free(instance_name); free(inaddr_any_name); free(buf); return (status); } /* * Delete the existing instance and create a new instance * with the supplied arguments. */ KSSL_DEBUG("Deleting duplicate instance\n"); if (delete_instance(instance_name) != SUCCESS) { (void) fprintf(stderr, gettext( "Error: Can not delete existing instance %s.\n"), instance_name); } else { (void) fprintf(stdout, gettext( "Note: reconfiguring the existing instance %s.\n"), instance_name); status = create_service(instance_name, address_port, buf, username, inaddr_any_name); } } free(instance_name); free(inaddr_any_name); free(buf); return (status); err: usage_create(B_TRUE); return (ERROR_USAGE); }
/* * An instance name is formed using either the host name in the fully * qualified domain name form (FQDN) which should map to a specific IP address * or using INADDR_ANY which means all IP addresses. * * We do a lookup or reverse lookup to get the host name. It is assumed that * the returned name is in the FQDN form. i.e. DNS is used. */ char * create_instance_name(const char *arg, char **inaddr_any_name, boolean_t is_create) { int len; uint16_t port; char *cname; char *instance_name; const char *prefix = "kssl-"; char *first_space; first_space = strchr(arg, ' '); if (first_space == NULL) { /* No host name. Use INADDR_ANY. */ if (get_portnum(arg, &port) == 0) { (void) fprintf(stderr, gettext("Error: Invalid port value -- %s\n"), arg); return (NULL); } KSSL_DEBUG("port=%d\n", port); if ((cname = strdup(ANY_ADDR)) == NULL) return (NULL); } else { char *temp_str; char *ptr; struct hostent *hp; boolean_t do_warn; int error_num; in_addr_t v4addr; in6_addr_t v6addr; if (get_portnum(first_space + 1, &port) == 0) { (void) fprintf(stderr, gettext("Error: Invalid port value -- %s\n"), first_space + 1); return (NULL); } KSSL_DEBUG("port=%d\n", port); if ((temp_str = strdup(arg)) == NULL) return (NULL); *(strchr(temp_str, ' ')) = '\0'; if (inet_pton(AF_INET6, temp_str, &v6addr) == 1) { /* Do a reverse lookup for the IPv6 address */ hp = getipnodebyaddr(&v6addr, sizeof (v6addr), AF_INET6, &error_num); } else if (inet_pton(AF_INET, temp_str, &v4addr) == 1) { /* Do a reverse lookup for the IPv4 address */ hp = getipnodebyaddr(&v4addr, sizeof (v4addr), AF_INET, &error_num); } else { /* Do a lookup for the host name */ hp = getipnodebyname(temp_str, AF_INET6, AI_DEFAULT, &error_num); } if (hp == NULL) { (void) fprintf(stderr, gettext("Error: Unknown host -- %s\n"), temp_str); free(temp_str); return (NULL); } if ((ptr = cname = strdup(hp->h_name)) == NULL) { freehostent(hp); free(temp_str); return (NULL); } freehostent(hp); do_warn = B_TRUE; /* "s/./-/g" */ while ((ptr = strchr(ptr, '.')) != NULL) { if (do_warn) do_warn = B_FALSE; *ptr = '-'; ptr++; } if (do_warn && is_create) { (void) fprintf(stderr, gettext("Warning: %s does not appear to have a" " registered DNS name.\n"), temp_str); } free(temp_str); } KSSL_DEBUG("Cannonical host name =%s\n", cname); len = strlen(prefix) + strlen(cname) + 10; if ((instance_name = malloc(len)) == NULL) { (void) fprintf(stderr, gettext("Error: memory allocation failure.\n")); return (NULL); } (void) snprintf(instance_name, len, "%s%s-%d", prefix, cname, port); if (is_create) { len = strlen(prefix) + strlen(ANY_ADDR) + 10; if ((*inaddr_any_name = malloc(len)) == NULL) { (void) fprintf(stderr, gettext("Error: memory allocation failure.\n")); free(instance_name); free(cname); return (NULL); } (void) snprintf(*inaddr_any_name, len, "%s%s-%d", prefix, ANY_ADDR, port); } free(cname); KSSL_DEBUG("instance_name=%s\n", instance_name); return (instance_name); }