OpenSolaris_b135/lib/libnwam/common/libnwam_loc.c
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* or http://www.opensolaris.org/os/licensing.
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2010 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
#include <assert.h>
#include <ctype.h>
#include <sys/param.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <stdio.h>
#include <stdlib.h>
#include <strings.h>
#include <unistd.h>
#include <libscf.h>
#include "libnwam_impl.h"
#include <libnwam_priv.h>
#include <libnwam.h>
/*
* Functions to support creating, modifying, destroying, querying the
* state of and changing the state of location objects. Locations
* represent the configuration to be applied once basic network configuration
* has been established - name services, IPsec config, etc, and can be enabled
* either manually or conditionally for a combination of the set of
* available conditions (an IP address is present, an ENM is active etc).
*/
#define NSSWITCH_PREFIX "/etc/nsswitch."
typedef nwam_error_t (*nwam_loc_prop_validate_func_t)(nwam_value_t);
static nwam_error_t valid_loc_activation_mode(nwam_value_t);
static nwam_error_t valid_loc_condition(nwam_value_t);
static nwam_error_t valid_nameservices(nwam_value_t);
static nwam_error_t valid_configsrc(nwam_value_t);
struct nwam_prop_table_entry loc_prop_table_entries[] = {
{NWAM_LOC_PROP_ACTIVATION_MODE, NWAM_VALUE_TYPE_UINT64, B_FALSE, 1, 1,
valid_loc_activation_mode,
"specifies the location activation mode - valid values are:\n"
"\'manual\', \'conditional-any\' and \'conditional-all\'",
NWAM_TYPE_ANY, NWAM_CLASS_ANY},
{NWAM_LOC_PROP_CONDITIONS, NWAM_VALUE_TYPE_STRING, B_FALSE, 0,
NWAM_MAX_NUM_VALUES, valid_loc_condition,
"specifies the activation condition. Conditions are of the form:\n"
"ncp|ncu|enm name is|is-not active\n"
"ip-address is|is-not|is-in-range|is-not-in-range| 1.2.3.4[/24]\n"
"advertised-domain is|is-not|contains|does-not-contain string\n"
"system-domain is|is-not|contains|does-not-contain string\n"
"essid is|is-not|contains|does-not-contain string\n"
"bssid is|is-not string",
NWAM_TYPE_ANY, NWAM_CLASS_ANY},
{NWAM_LOC_PROP_ENABLED, NWAM_VALUE_TYPE_BOOLEAN, B_TRUE, 1, 1,
nwam_valid_boolean,
"specifies if location is to be enabled",
NWAM_TYPE_ANY, NWAM_CLASS_ANY},
{NWAM_LOC_PROP_NAMESERVICES, NWAM_VALUE_TYPE_UINT64, B_FALSE, 1,
NWAM_MAX_NUM_VALUES, valid_nameservices,
"specifies name service(s) to be used - valid values are:\n"
"\'files\', \'dns\', \'nis\', and \'ldap\'",
NWAM_TYPE_ANY, NWAM_CLASS_ANY},
{NWAM_LOC_PROP_NAMESERVICES_CONFIG_FILE, NWAM_VALUE_TYPE_STRING,
B_FALSE, 0, 1, nwam_valid_file,
"specifies path to configuration file for name services switch "
"for this location - see nsswitch.conf(4)",
NWAM_TYPE_ANY, NWAM_CLASS_ANY},
{NWAM_LOC_PROP_DNS_NAMESERVICE_CONFIGSRC, NWAM_VALUE_TYPE_UINT64,
B_FALSE, 0, NWAM_MAX_NUM_VALUES, valid_configsrc,
"specifies sources of DNS configuration parameters - valid values "
"are:\n\'dhcp\', or \'manual\'",
NWAM_TYPE_ANY, NWAM_CLASS_ANY},
{NWAM_LOC_PROP_DNS_NAMESERVICE_DOMAIN, NWAM_VALUE_TYPE_STRING, B_FALSE,
0, 1, nwam_valid_domain,
"specifies DNS domain name to be set for this location",
NWAM_TYPE_ANY, NWAM_CLASS_ANY},
{NWAM_LOC_PROP_DNS_NAMESERVICE_SERVERS, NWAM_VALUE_TYPE_STRING, B_FALSE,
0, NWAM_MAX_NUM_VALUES, nwam_valid_host_any,
"specifies DNS server host address(es)",
NWAM_TYPE_ANY, NWAM_CLASS_ANY},
{NWAM_LOC_PROP_DNS_NAMESERVICE_SEARCH, NWAM_VALUE_TYPE_STRING, B_FALSE,
0, NWAM_MAX_NUM_VALUES, nwam_valid_domain,
"specifies DNS search list for host name lookup",
NWAM_TYPE_ANY, NWAM_CLASS_ANY},
{NWAM_LOC_PROP_NIS_NAMESERVICE_CONFIGSRC, NWAM_VALUE_TYPE_UINT64,
B_FALSE, 0, NWAM_MAX_NUM_VALUES, valid_configsrc,
"specifies sources of NIS configuration parameters - valid values "
"are:\n\'dhcp\', or \'manual\'",
NWAM_TYPE_ANY, NWAM_CLASS_ANY},
{NWAM_LOC_PROP_NIS_NAMESERVICE_SERVERS, NWAM_VALUE_TYPE_STRING, B_FALSE,
0, NWAM_MAX_NUM_VALUES, nwam_valid_host_any,
"specifies NIS server host address(es)",
NWAM_TYPE_ANY, NWAM_CLASS_ANY},
{NWAM_LOC_PROP_LDAP_NAMESERVICE_CONFIGSRC, NWAM_VALUE_TYPE_UINT64,
B_FALSE, 0, NWAM_MAX_NUM_VALUES, valid_configsrc,
"specifies sources of NIS configuration parameters - currently, "
"the only valid value is \'manual\'",
NWAM_TYPE_ANY, NWAM_CLASS_ANY},
{NWAM_LOC_PROP_LDAP_NAMESERVICE_SERVERS, NWAM_VALUE_TYPE_STRING,
B_FALSE, 0, NWAM_MAX_NUM_VALUES, nwam_valid_host_or_domain,
"specifies LDAP server host address(es)",
NWAM_TYPE_ANY, NWAM_CLASS_ANY},
{NWAM_LOC_PROP_DEFAULT_DOMAIN, NWAM_VALUE_TYPE_STRING, B_FALSE, 0, 1,
nwam_valid_domain,
"specifies the domainname(1M) to be set for this location",
NWAM_TYPE_ANY, NWAM_CLASS_ANY},
{NWAM_LOC_PROP_NFSV4_DOMAIN, NWAM_VALUE_TYPE_STRING, B_FALSE, 0, 1,
nwam_valid_domain,
"specifies an NFSv4 domain for this location",
NWAM_TYPE_ANY, NWAM_CLASS_ANY},
{NWAM_LOC_PROP_IPFILTER_CONFIG_FILE, NWAM_VALUE_TYPE_STRING, B_FALSE,
0, 1, nwam_valid_file,
"specifies an absolute path to an ipf.conf(4) file for this "
"location",
NWAM_TYPE_ANY, NWAM_CLASS_ANY},
{NWAM_LOC_PROP_IPFILTER_V6_CONFIG_FILE, NWAM_VALUE_TYPE_STRING,
B_FALSE, 0, 1, nwam_valid_file,
"specifies an absolute path to an ipf6.conf file for this "
"location",
NWAM_TYPE_ANY, NWAM_CLASS_ANY},
{NWAM_LOC_PROP_IPNAT_CONFIG_FILE, NWAM_VALUE_TYPE_STRING, B_FALSE, 0,
1, nwam_valid_file,
"specifies an absolute path to an ipnat.conf(4) file for this "
"location",
NWAM_TYPE_ANY, NWAM_CLASS_ANY},
{NWAM_LOC_PROP_IPPOOL_CONFIG_FILE, NWAM_VALUE_TYPE_STRING, B_FALSE, 0,
1, nwam_valid_file,
"specifies an absolute path to an ippool.conf(4) file for this "
"location",
NWAM_TYPE_ANY, NWAM_CLASS_ANY},
{NWAM_LOC_PROP_IKE_CONFIG_FILE, NWAM_VALUE_TYPE_STRING, B_FALSE, 0, 1,
nwam_valid_file,
"specifies an absolute path to an ike config file "
"(see ike.config(4))",
NWAM_TYPE_ANY, NWAM_CLASS_ANY},
{NWAM_LOC_PROP_IPSECPOLICY_CONFIG_FILE, NWAM_VALUE_TYPE_STRING,
B_FALSE, 0, 1, nwam_valid_file,
"specifies an absolute path to an IPsec policy configuration file "
"(see ipsecconf(1M)",
NWAM_TYPE_ANY, NWAM_CLASS_ANY},
};
#define NWAM_NUM_LOC_PROPS (sizeof (loc_prop_table_entries) / \
sizeof (*loc_prop_table_entries))
struct nwam_prop_table loc_prop_table =
{ NWAM_NUM_LOC_PROPS, loc_prop_table_entries };
static uint64_t
nwam_loc_activation_to_flag(nwam_activation_mode_t activation)
{
switch (activation) {
case NWAM_ACTIVATION_MODE_MANUAL:
return (NWAM_FLAG_ACTIVATION_MODE_MANUAL);
case NWAM_ACTIVATION_MODE_SYSTEM:
return (NWAM_FLAG_ACTIVATION_MODE_SYSTEM);
case NWAM_ACTIVATION_MODE_CONDITIONAL_ANY:
return (NWAM_FLAG_ACTIVATION_MODE_CONDITIONAL_ANY);
case NWAM_ACTIVATION_MODE_CONDITIONAL_ALL:
return (NWAM_FLAG_ACTIVATION_MODE_CONDITIONAL_ALL);
default:
return (0);
}
}
nwam_error_t
nwam_loc_read(const char *name, uint64_t flags, nwam_loc_handle_t *lochp)
{
return (nwam_read(NWAM_OBJECT_TYPE_LOC, NWAM_LOC_CONF_FILE, name,
flags, lochp));
}
nwam_error_t
nwam_loc_create(const char *name, nwam_loc_handle_t *lochp)
{
nwam_error_t err;
nwam_value_t val = NULL;
char *nsswitch = NULL;
assert(lochp != NULL && name != NULL);
if ((err = nwam_create(NWAM_OBJECT_TYPE_LOC, NWAM_LOC_CONF_FILE, name,
lochp)) != NWAM_SUCCESS)
return (err);
/* Create new object list for loc */
if ((err = nwam_alloc_object_list(&((*lochp)->nwh_data)))
!= NWAM_SUCCESS)
goto finish;
/* NWAM_LOC_PROP_ACTIVATION_MODE is mandatory */
if ((err = nwam_value_create_uint64(NWAM_ACTIVATION_MODE_MANUAL, &val))
!= NWAM_SUCCESS) {
goto finish;
}
if ((err = nwam_set_prop_value((*lochp)->nwh_data,
NWAM_LOC_PROP_ACTIVATION_MODE, val)) != NWAM_SUCCESS) {
goto finish;
}
nwam_value_free(val);
val = NULL;
/*
* NWAM_LOC_PROP_ENABLED defaults to false.
*/
if ((err = nwam_value_create_boolean(B_FALSE, &val)) != NWAM_SUCCESS)
goto finish;
if ((err = nwam_set_prop_value((*lochp)->nwh_data,
NWAM_LOC_PROP_ENABLED, val)) != NWAM_SUCCESS)
goto finish;
nwam_value_free(val);
val = NULL;
/*
* Initialize name service properties: use DNS, configured
* via DHCP, with default nsswitch (/etc/nsswitch.dns).
*/
if ((err = nwam_value_create_uint64(NWAM_NAMESERVICES_DNS, &val)) !=
NWAM_SUCCESS)
goto finish;
if ((err = nwam_set_prop_value((*lochp)->nwh_data,
NWAM_LOC_PROP_NAMESERVICES, val)) != NWAM_SUCCESS)
goto finish;
nwam_value_free(val);
val = NULL;
if ((err = nwam_value_create_uint64(NWAM_CONFIGSRC_DHCP, &val)) !=
NWAM_SUCCESS)
goto finish;
if ((err = nwam_set_prop_value((*lochp)->nwh_data,
NWAM_LOC_PROP_DNS_NAMESERVICE_CONFIGSRC, val)) != NWAM_SUCCESS)
goto finish;
nwam_value_free(val);
val = NULL;
/* concatenate these two strings */
nsswitch = strdup(NSSWITCH_PREFIX NWAM_NAMESERVICES_DNS_STRING);
if (nsswitch == NULL) {
err = NWAM_NO_MEMORY;
goto finish;
}
if ((err = nwam_value_create_string(nsswitch, &val)) != NWAM_SUCCESS)
goto finish;
err = nwam_set_prop_value((*lochp)->nwh_data,
NWAM_LOC_PROP_NAMESERVICES_CONFIG_FILE, val);
finish:
if (nsswitch != NULL)
free(nsswitch);
if (val != NULL)
nwam_value_free(val);
if (err != NWAM_SUCCESS) {
nwam_loc_free(*lochp);
*lochp = NULL;
}
return (err);
}
nwam_error_t
nwam_loc_get_name(nwam_loc_handle_t loch, char **namep)
{
return (nwam_get_name(loch, namep));
}
nwam_error_t
nwam_loc_set_name(nwam_loc_handle_t loch, const char *name)
{
return (nwam_set_name(loch, name));
}
boolean_t
nwam_loc_can_set_name(nwam_loc_handle_t loch)
{
return (!loch->nwh_committed);
}
/* ARGSUSED2 */
static int
loc_selectcb(struct nwam_handle *hp, uint64_t flags, void *data)
{
nwam_loc_handle_t loch = hp;
char *locname;
uint64_t activation, actflag, walkfilter;
nwam_value_t activationval;
/* Skip the Legacy location in all cases */
if (nwam_loc_get_name(loch, &locname) != NWAM_SUCCESS)
return (NWAM_INVALID_ARG);
if (strcmp(locname, NWAM_LOC_NAME_LEGACY) == 0) {
free(locname);
return (NWAM_INVALID_ARG);
}
free(locname);
/*
* Get a bitmapped flag value corresponding to this loc's
* activation.
*/
if (nwam_loc_get_prop_value(loch, NWAM_LOC_PROP_ACTIVATION_MODE,
&activationval) != NWAM_SUCCESS) {
return (NWAM_INVALID_ARG);
}
if (nwam_value_get_uint64(activationval, &activation) != NWAM_SUCCESS) {
nwam_value_free(activationval);
return (NWAM_INVALID_ARG);
}
actflag = nwam_loc_activation_to_flag(activation);
nwam_value_free(activationval);
if ((walkfilter = (flags & NWAM_WALK_FILTER_MASK)) == 0)
walkfilter = NWAM_FLAG_ACTIVATION_MODE_ALL;
if (actflag & walkfilter)
return (NWAM_SUCCESS);
return (NWAM_INVALID_ARG);
}
nwam_error_t
nwam_walk_locs(int(*cb)(nwam_loc_handle_t, void *), void *data, uint64_t flags,
int *retp)
{
nwam_error_t err = nwam_valid_flags(flags,
NWAM_FLAG_ACTIVATION_MODE_ALL | NWAM_FLAG_BLOCKING);
if (err != NWAM_SUCCESS)
return (err);
return (nwam_walk(NWAM_OBJECT_TYPE_LOC, NWAM_LOC_CONF_FILE,
cb, data, flags, retp, loc_selectcb));
}
void
nwam_loc_free(nwam_loc_handle_t loch)
{
nwam_free(loch);
}
nwam_error_t
nwam_loc_delete_prop(nwam_loc_handle_t loch, const char *propname)
{
nwam_error_t err;
boolean_t ro;
void *olddata;
assert(loch != NULL && propname != NULL);
if ((err = nwam_loc_prop_read_only(propname, &ro)) != NWAM_SUCCESS)
return (err);
if (ro)
return (NWAM_ENTITY_READ_ONLY);
/*
* Duplicate data, remove property and validate. If validation
* fails, revert to data duplicated prior to remove.
*/
if ((err = nwam_dup_object_list(loch->nwh_data, &olddata))
!= NWAM_SUCCESS)
return (err);
if ((err = nwam_delete_prop(loch->nwh_data, propname))
!= NWAM_SUCCESS) {
nwam_free_object_list(loch->nwh_data);
loch->nwh_data = olddata;
return (err);
}
if ((err = nwam_loc_validate(loch, NULL)) != NWAM_SUCCESS) {
nwam_free_object_list(loch->nwh_data);
loch->nwh_data = olddata;
return (err);
}
nwam_free_object_list(olddata);
return (NWAM_SUCCESS);
}
nwam_error_t
nwam_loc_set_prop_value(nwam_loc_handle_t loch, const char *propname,
nwam_value_t value)
{
nwam_error_t err;
boolean_t ro;
assert(loch != NULL && propname != NULL && value != NULL);
if ((err = nwam_loc_validate_prop(loch, propname, value))
!= NWAM_SUCCESS ||
(err = nwam_loc_prop_read_only(propname, &ro)) != NWAM_SUCCESS)
return (err);
if (ro)
return (NWAM_ENTITY_READ_ONLY);
return (nwam_set_prop_value(loch->nwh_data, propname, value));
}
nwam_error_t
nwam_loc_get_prop_value(nwam_loc_handle_t loch, const char *propname,
nwam_value_t *valuep)
{
return (nwam_get_prop_value(loch->nwh_data, propname, valuep));
}
nwam_error_t
nwam_loc_walk_props(nwam_loc_handle_t loch,
int (*cb)(const char *, nwam_value_t, void *),
void *data, uint64_t flags, int *retp)
{
return (nwam_walk_props(loch, cb, data, flags, retp));
}
nwam_error_t
nwam_loc_commit(nwam_loc_handle_t loch, uint64_t flags)
{
nwam_error_t err;
assert(loch != NULL && loch->nwh_data != NULL);
if ((err = nwam_loc_validate(loch, NULL)) != NWAM_SUCCESS)
return (err);
return (nwam_commit(NWAM_LOC_CONF_FILE, loch, flags));
}
nwam_error_t
nwam_loc_destroy(nwam_loc_handle_t loch, uint64_t flags)
{
nwam_error_t err;
nwam_value_t actval;
uint64_t activation;
/*
* Automatic and NoNet are not destroyable and Legacy is
* destroyable by netadm only. These have system activation-mode.
*/
if ((err = nwam_loc_get_prop_value(loch, NWAM_LOC_PROP_ACTIVATION_MODE,
&actval)) != NWAM_SUCCESS)
return (err);
err = nwam_value_get_uint64(actval, &activation);
nwam_value_free(actval);
if (err != NWAM_SUCCESS)
return (err);
if (activation == NWAM_ACTIVATION_MODE_SYSTEM) {
if (strcmp(loch->nwh_name, NWAM_LOC_NAME_LEGACY) == 0) {
if (!nwam_uid_is_netadm())
return (NWAM_ENTITY_NOT_DESTROYABLE);
} else {
return (NWAM_ENTITY_NOT_DESTROYABLE);
}
}
return (nwam_destroy(NWAM_LOC_CONF_FILE, loch, flags));
}
nwam_error_t
nwam_loc_get_prop_description(const char *propname, const char **descriptionp)
{
return (nwam_get_prop_description(loc_prop_table, propname,
descriptionp));
}
nwam_error_t
nwam_loc_prop_read_only(const char *propname, boolean_t *readp)
{
return (nwam_prop_read_only(loc_prop_table, propname, readp));
}
static nwam_error_t
valid_loc_activation_mode(nwam_value_t value)
{
uint64_t activation_mode;
if (nwam_value_get_uint64(value, &activation_mode) != NWAM_SUCCESS)
return (NWAM_ENTITY_INVALID_VALUE);
switch (activation_mode) {
case NWAM_ACTIVATION_MODE_MANUAL:
case NWAM_ACTIVATION_MODE_SYSTEM:
case NWAM_ACTIVATION_MODE_CONDITIONAL_ANY:
case NWAM_ACTIVATION_MODE_CONDITIONAL_ALL:
return (NWAM_SUCCESS);
}
return (NWAM_ENTITY_INVALID_VALUE);
}
/*
* Identical to nwam_valid_condition(), except locations cannot specify other
* location's activation as a condition, e.g. loc2 cannot specify
* "loc1 is active" since only one location is active at a time, and
* as a consequence the condition is unsatisfiable.
*/
nwam_error_t
valid_loc_condition(nwam_value_t value)
{
char **conditions;
uint_t i, numvalues;
nwam_condition_object_type_t object_type;
nwam_condition_t condition;
if (nwam_value_get_string_array(value, &conditions, &numvalues)
!= NWAM_SUCCESS)
return (NWAM_ENTITY_INVALID_VALUE);
for (i = 0; i < numvalues; i++) {
char *object_name = NULL;
if (nwam_condition_string_to_condition(conditions[i],
&object_type, &condition, &object_name) != NWAM_SUCCESS)
return (NWAM_ENTITY_INVALID_VALUE);
if (object_type == NWAM_CONDITION_OBJECT_TYPE_LOC &&
condition == NWAM_CONDITION_IS) {
free(object_name);
return (NWAM_ENTITY_INVALID_VALUE);
}
if (object_name != NULL)
free(object_name);
}
return (NWAM_SUCCESS);
}
static nwam_error_t
valid_nameservices(nwam_value_t value)
{
uint64_t *nameservices;
uint_t i, numvalues;
if (nwam_value_get_uint64_array(value, &nameservices, &numvalues)
!= NWAM_SUCCESS)
return (NWAM_ENTITY_INVALID_VALUE);
for (i = 0; i < numvalues; i++) {
if (nameservices[i] > NWAM_NAMESERVICES_LDAP)
return (NWAM_ENTITY_INVALID_VALUE);
}
return (NWAM_SUCCESS);
}
static nwam_error_t
valid_configsrc(nwam_value_t value)
{
uint64_t *configsrcs;
uint_t i, numvalues;
if (nwam_value_get_uint64_array(value, &configsrcs, &numvalues)
!= NWAM_SUCCESS)
return (NWAM_ENTITY_INVALID_VALUE);
for (i = 0; i < numvalues; i++) {
if (configsrcs[i] > NWAM_CONFIGSRC_DHCP)
return (NWAM_ENTITY_INVALID_VALUE);
}
return (NWAM_SUCCESS);
}
/*
* Validates that the activation-mode is system for Automatic and NoNet
* locations, and not system for all other locations.
*/
static nwam_error_t
nwam_loc_validate_activation_mode(nwam_loc_handle_t loch, nwam_value_t actval)
{
nwam_error_t err;
uint64_t activation;
if ((err = nwam_value_get_uint64(actval, &activation)) != NWAM_SUCCESS)
return (err);
if (NWAM_LOC_NAME_PRE_DEFINED(loch->nwh_name)) {
if (activation != NWAM_ACTIVATION_MODE_SYSTEM)
return (NWAM_ENTITY_INVALID_VALUE);
} else {
if (activation == NWAM_ACTIVATION_MODE_SYSTEM)
return (NWAM_ENTITY_INVALID_VALUE);
}
return (NWAM_SUCCESS);
}
/*
* Helper function to validate one nameservice, used by
* nwam_loc_validate_all_nameservices().
*
* requiredprop denotes the property that is mandatory when the
* configsrcprop is manual. errpropp is used to return the invalid
* property.
*/
static nwam_error_t
nwam_loc_validate_one_nameservice(nwam_loc_handle_t loch,
const char *configsrcprop, const char *requiredprop, const char **errpropp)
{
nwam_value_t configsrcval, requiredval;
uint64_t *configsrcs;
uint_t i, numvalues;
if (nwam_loc_get_prop_value(loch, configsrcprop, &configsrcval)
!= NWAM_SUCCESS) {
if (errpropp != NULL)
*errpropp = configsrcprop;
return (NWAM_ENTITY_MISSING_MEMBER);
}
if (nwam_value_get_uint64_array(configsrcval, &configsrcs, &numvalues)
!= NWAM_SUCCESS) {
if (errpropp != NULL)
*errpropp = configsrcprop;
nwam_value_free(configsrcval);
return (NWAM_ENTITY_NO_VALUE);
}
/* If -configsrc is manual, requiredprop is required */
for (i = 0; i < numvalues; i++) {
if (configsrcs[i] == NWAM_CONFIGSRC_MANUAL) {
if (nwam_loc_get_prop_value(loch, requiredprop,
&requiredval) != NWAM_SUCCESS) {
if (errpropp != NULL)
*errpropp = requiredprop;
return (NWAM_ENTITY_MISSING_MEMBER);
}
nwam_value_free(requiredval);
}
}
nwam_value_free(configsrcval);
return (NWAM_SUCCESS);
}
/*
* Helper function to validate LDAP nameservice, used by
* nwam_loc_validate_all_nameservices(). Separated because LDAP must be
* configured manually only and both default-domain and -servers are required.
*/
static nwam_error_t
nwam_loc_validate_ldap_nameservice(nwam_loc_handle_t loch,
const char **errpropp)
{
nwam_value_t val;
uint64_t *configsrcs;
uint_t i, numvalues;
if (nwam_loc_get_prop_value(loch,
NWAM_LOC_PROP_LDAP_NAMESERVICE_CONFIGSRC, &val) != NWAM_SUCCESS) {
if (errpropp != NULL)
*errpropp = NWAM_LOC_PROP_LDAP_NAMESERVICE_CONFIGSRC;
return (NWAM_ENTITY_MISSING_MEMBER);
}
/* -configsrc is defined as an array */
if (nwam_value_get_uint64_array(val, &configsrcs, &numvalues)
!= NWAM_SUCCESS) {
if (errpropp != NULL)
*errpropp = NWAM_LOC_PROP_LDAP_NAMESERVICE_CONFIGSRC;
nwam_value_free(val);
return (NWAM_ENTITY_NO_VALUE);
}
/* -configsrc must be manual */
for (i = 0; i < numvalues; i++) {
if (configsrcs[i] != NWAM_CONFIGSRC_MANUAL) {
if (errpropp != NULL)
*errpropp =
NWAM_LOC_PROP_LDAP_NAMESERVICE_CONFIGSRC;
nwam_value_free(val);
return (NWAM_ENTITY_INVALID_VALUE);
}
}
nwam_value_free(val);
/* both default-domain and -servers are required */
if (nwam_loc_get_prop_value(loch,
NWAM_LOC_PROP_DEFAULT_DOMAIN, &val) != NWAM_SUCCESS) {
if (errpropp != NULL)
*errpropp = NWAM_LOC_PROP_DEFAULT_DOMAIN;
return (NWAM_ENTITY_MISSING_MEMBER);
}
nwam_value_free(val);
if (nwam_loc_get_prop_value(loch,
NWAM_LOC_PROP_LDAP_NAMESERVICE_SERVERS, &val) != NWAM_SUCCESS) {
if (errpropp != NULL)
*errpropp = NWAM_LOC_PROP_LDAP_NAMESERVICE_SERVERS;
return (NWAM_ENTITY_MISSING_MEMBER);
}
nwam_value_free(val);
return (NWAM_SUCCESS);
}
/*
* Validates the different nameservices properties.
*
* If "nameservices" property has more than one nameservice to configure,
* "nameservices-config-file" must be specified. If only one nameservice
* is configured and "nameservices-config-file" is missing, set the
* property with the appropriately suffixed nsswitch file.
*
* For any nameservice being configured, the respective -configsrc property
* must be specified. For DNS, -servers is required if -configsrc is
* manual. For NIS and LDAP, default-domain is required if -configsrc is
* manual. For LDAP, -configsrc must be manual and -servers is required.
*/
static nwam_error_t
nwam_loc_validate_all_nameservices(nwam_loc_handle_t loch,
nwam_value_t nameservicesval, const char **errpropp)
{
nwam_error_t err;
nwam_value_t val;
uint64_t *nameservices;
uint_t i, numvalues;
if ((err = nwam_value_get_uint64_array(nameservicesval, &nameservices,
&numvalues)) != NWAM_SUCCESS)
return (err);
/*
* nameservices-config-file is required if nameservices has more
* than one value.
*/
if (numvalues > 1) {
if (nwam_loc_get_prop_value(loch,
NWAM_LOC_PROP_NAMESERVICES_CONFIG_FILE, &val)
!= NWAM_SUCCESS) {
if (errpropp != NULL)
*errpropp =
NWAM_LOC_PROP_NAMESERVICES_CONFIG_FILE;
return (NWAM_ENTITY_MISSING_MEMBER);
}
nwam_value_free(val);
} else if (numvalues == 1) {
/*
* If only one nameservice is being configured and
* nameservices-config-file doesn't exist, create it to
* point to the respective nsswitch file.
*/
err = nwam_loc_get_prop_value(loch,
NWAM_LOC_PROP_NAMESERVICES_CONFIG_FILE, &val);
if (err == NWAM_INVALID_ARG || err == NWAM_ENTITY_NOT_FOUND) {
char *nsswitch;
const char *nsswitch_suffix;
/* get the single nameservice being configured */
if ((err = nwam_uint64_get_value_string(
NWAM_LOC_PROP_NAMESERVICES, nameservices[0],
&nsswitch_suffix)) != NWAM_SUCCESS)
goto config_file_fail;
if ((nsswitch = malloc(MAXPATHLEN)) == NULL) {
err = NWAM_NO_MEMORY;
goto config_file_fail;
}
/* create appropriately suffixed nsswitch name */
(void) snprintf(nsswitch, MAXPATHLEN, "%s%s",
NSSWITCH_PREFIX, nsswitch_suffix);
if ((err = nwam_value_create_string(nsswitch, &val))
!= NWAM_SUCCESS) {
free(nsswitch);
goto config_file_fail;
}
err = nwam_set_prop_value(loch->nwh_data,
NWAM_LOC_PROP_NAMESERVICES_CONFIG_FILE, val);
free(nsswitch);
nwam_value_free(val);
if (err != NWAM_SUCCESS) {
nwam_value_free(val);
goto config_file_fail;
}
} else if (err != NWAM_SUCCESS) {
goto config_file_fail;
} else {
nwam_value_free(val);
}
}
/*
* validate the -configsrc property and the required default-domain
* and/or -servers property for each nameservice being configured.
*/
for (i = 0; i < numvalues; i++) {
switch (nameservices[i]) {
case NWAM_NAMESERVICES_DNS:
if ((err = nwam_loc_validate_one_nameservice(loch,
NWAM_LOC_PROP_DNS_NAMESERVICE_CONFIGSRC,
NWAM_LOC_PROP_DNS_NAMESERVICE_SERVERS, errpropp))
!= NWAM_SUCCESS)
return (err);
break;
case NWAM_NAMESERVICES_NIS:
if ((err = nwam_loc_validate_one_nameservice(loch,
NWAM_LOC_PROP_NIS_NAMESERVICE_CONFIGSRC,
NWAM_LOC_PROP_DEFAULT_DOMAIN, errpropp))
!= NWAM_SUCCESS)
return (err);
break;
case NWAM_NAMESERVICES_LDAP:
if ((err = nwam_loc_validate_ldap_nameservice(loch,
errpropp)) != NWAM_SUCCESS)
return (err);
break;
case NWAM_NAMESERVICES_FILES:
break;
default:
return (NWAM_ENTITY_INVALID_VALUE);
}
}
return (NWAM_SUCCESS);
config_file_fail:
if (errpropp != NULL)
*errpropp = NWAM_LOC_PROP_NAMESERVICES_CONFIG_FILE;
return (err);
}
nwam_error_t
nwam_loc_validate(nwam_loc_handle_t loch, const char **errpropp)
{
nwam_error_t err;
nwam_value_t activationval, conditionval, nameservicesval;
uint64_t activation;
char **conditions, *name;
uint_t i, numvalues;
nwam_condition_object_type_t object_type;
nwam_condition_t condition;
assert(loch != NULL);
/*
* Make sure loc is internally consistent: if activation type is
* conditional, the condition string must be specified.
*/
if (nwam_loc_get_prop_value(loch, NWAM_LOC_PROP_ACTIVATION_MODE,
&activationval) != NWAM_SUCCESS) {
if (errpropp != NULL)
*errpropp = NWAM_LOC_PROP_ACTIVATION_MODE;
return (NWAM_ENTITY_MISSING_MEMBER);
}
if (nwam_value_get_uint64(activationval, &activation)
!= NWAM_SUCCESS) {
if (errpropp != NULL)
*errpropp = NWAM_LOC_PROP_ACTIVATION_MODE;
nwam_value_free(activationval);
return (NWAM_ENTITY_NO_VALUE);
}
/* validate activation against the location first */
if ((err = nwam_loc_validate_activation_mode(loch, activationval))
!= NWAM_SUCCESS) {
if (errpropp != NULL)
*errpropp = NWAM_LOC_PROP_ACTIVATION_MODE;
nwam_value_free(activationval);
return (err);
}
nwam_value_free(activationval);
if (activation == NWAM_ACTIVATION_MODE_CONDITIONAL_ANY ||
activation == NWAM_ACTIVATION_MODE_CONDITIONAL_ALL) {
if (nwam_loc_get_prop_value(loch, NWAM_LOC_PROP_CONDITIONS,
&conditionval) != NWAM_SUCCESS) {
if (errpropp != NULL)
*errpropp = NWAM_LOC_PROP_CONDITIONS;
return (NWAM_ENTITY_MISSING_MEMBER);
}
/*
* Are conditions self-referential? In other words, do any
* of the activation conditions refer to this location?
*/
if (nwam_value_get_string_array(conditionval, &conditions,
&numvalues) != NWAM_SUCCESS) {
nwam_value_free(conditionval);
if (errpropp != NULL)
*errpropp = NWAM_LOC_PROP_CONDITIONS;
return (NWAM_ENTITY_INVALID_VALUE);
}
if (nwam_loc_get_name(loch, &name) != NWAM_SUCCESS) {
nwam_value_free(conditionval);
return (NWAM_INVALID_ARG);
}
for (i = 0; i < numvalues; i++) {
char *object_name = NULL;
if (nwam_condition_string_to_condition(conditions[i],
&object_type, &condition, &object_name)
!= NWAM_SUCCESS) {
if (errpropp != NULL)
*errpropp = NWAM_LOC_PROP_CONDITIONS;
free(name);
nwam_value_free(conditionval);
return (NWAM_ENTITY_INVALID_VALUE);
}
if (object_name != NULL &&
object_type == NWAM_CONDITION_OBJECT_TYPE_LOC &&
strcmp(object_name, name) == 0) {
if (errpropp != NULL)
*errpropp = NWAM_LOC_PROP_CONDITIONS;
free(name);
free(object_name);
nwam_value_free(conditionval);
return (NWAM_ENTITY_INVALID_VALUE);
}
free(object_name);
}
free(name);
nwam_value_free(conditionval);
}
/* validate namerservices */
if (nwam_loc_get_prop_value(loch, NWAM_LOC_PROP_NAMESERVICES,
&nameservicesval) != NWAM_SUCCESS) {
if (errpropp != NULL)
*errpropp = NWAM_LOC_PROP_NAMESERVICES;
return (NWAM_ENTITY_MISSING_MEMBER);
}
err = nwam_loc_validate_all_nameservices(loch, nameservicesval,
errpropp);
nwam_value_free(nameservicesval);
if (err != NWAM_SUCCESS)
return (err);
return (nwam_validate(loc_prop_table, loch, errpropp));
}
nwam_error_t
nwam_loc_validate_prop(nwam_loc_handle_t loch, const char *propname,
nwam_value_t value)
{
nwam_error_t err;
assert(loch != NULL);
if (strcmp(propname, NWAM_LOC_PROP_ACTIVATION_MODE) == 0) {
if ((err = nwam_loc_validate_activation_mode(loch, value))
!= NWAM_SUCCESS)
return (err);
}
return (nwam_validate_prop(loc_prop_table, loch, propname, value));
}
nwam_error_t
nwam_loc_copy(nwam_loc_handle_t oldloch, const char *newname,
nwam_loc_handle_t *newlochp)
{
nwam_error_t err;
nwam_value_t val;
if ((err = nwam_copy(NWAM_LOC_CONF_FILE, oldloch, newname, newlochp))
!= NWAM_SUCCESS)
return (err);
/* If the activation-mode is system, change it to manual */
if ((err = nwam_loc_get_prop_value(*newlochp,
NWAM_LOC_PROP_ACTIVATION_MODE, &val)) != NWAM_SUCCESS)
goto finish;
err = nwam_loc_validate_activation_mode(*newlochp, val);
nwam_value_free(val);
if (err != NWAM_SUCCESS) {
if ((err = nwam_value_create_uint64(NWAM_ACTIVATION_MODE_MANUAL,
&val)) != NWAM_SUCCESS)
goto finish;
err = nwam_set_prop_value((*newlochp)->nwh_data,
NWAM_LOC_PROP_ACTIVATION_MODE, val);
nwam_value_free(val);
if (err != NWAM_SUCCESS)
goto finish;
if ((err = nwam_value_create_boolean(B_FALSE, &val))
!= NWAM_SUCCESS)
goto finish;
err = nwam_set_prop_value((*newlochp)->nwh_data,
NWAM_LOC_PROP_ENABLED, val);
nwam_value_free(val);
if (err != NWAM_SUCCESS)
goto finish;
}
return (NWAM_SUCCESS);
finish:
nwam_loc_free(*newlochp);
*newlochp = NULL;
return (err);
}
/*
* Given a property, return expected property data type
*/
nwam_error_t
nwam_loc_get_prop_type(const char *propname, nwam_value_type_t *typep)
{
return (nwam_get_prop_type(loc_prop_table, propname, typep));
}
nwam_error_t
nwam_loc_prop_multivalued(const char *propname, boolean_t *multip)
{
return (nwam_prop_multivalued(loc_prop_table, propname, multip));
}
/*
* Determine if the location has manual activation-mode or not.
*/
nwam_error_t
nwam_loc_is_manual(nwam_loc_handle_t loch, boolean_t *manualp)
{
nwam_error_t err;
nwam_value_t actval;
uint64_t activation;
assert(loch != NULL);
if ((err = nwam_loc_get_prop_value(loch, NWAM_LOC_PROP_ACTIVATION_MODE,
&actval)) != NWAM_SUCCESS)
return (err);
err = nwam_value_get_uint64(actval, &activation);
nwam_value_free(actval);
if (err != NWAM_SUCCESS)
return (err);
if (activation == NWAM_ACTIVATION_MODE_MANUAL)
*manualp = B_TRUE;
else
*manualp = B_FALSE;
return (NWAM_SUCCESS);
}
/* Determine if location is enabled or not */
static nwam_error_t
nwam_loc_is_enabled(nwam_loc_handle_t loch, boolean_t *enabledp)
{
nwam_error_t err;
nwam_value_t enabledval;
assert(loch != NULL);
if ((err = nwam_loc_get_prop_value(loch, NWAM_LOC_PROP_ENABLED,
&enabledval)) != NWAM_SUCCESS)
return (err);
err = nwam_value_get_boolean(enabledval, enabledp);
nwam_value_free(enabledval);
return (err);
}
/*
* Callback to disable all locations other than one to enable, the handle
* of which we pass in as an argument. If the argument is NULL, we disable
* all locations.
*/
static int
loc_set_enabled(nwam_loc_handle_t loch, void *data)
{
nwam_value_t enabledval;
boolean_t enabled = B_FALSE;
nwam_loc_handle_t testloch = data;
nwam_error_t err = NWAM_SUCCESS;
if (testloch != NULL) {
char *name, *testname;
if (nwam_loc_get_name(loch, &name) == NWAM_SUCCESS &&
nwam_loc_get_name(testloch, &testname) == NWAM_SUCCESS &&
strcmp(name, testname) == 0) {
/* We enable this location. */
enabled = B_TRUE;
}
}
if (nwam_value_create_boolean(enabled, &enabledval) != NWAM_SUCCESS)
return (0);
if (nwam_set_prop_value(loch->nwh_data, NWAM_LOC_PROP_ENABLED,
enabledval) == NWAM_SUCCESS)
err = nwam_loc_commit(loch, NWAM_FLAG_ENTITY_ENABLE);
nwam_value_free(enabledval);
return (err);
}
/*
* Update the enabled property for this location (and for all others
* if necessary.
*/
static int
nwam_loc_update_enabled(nwam_loc_handle_t loch, boolean_t enabled)
{
nwam_error_t err;
int cb_ret;
if (enabled) {
/*
* Disable all other locations that are manually enabled
* and enable this one - a maximum of 1 location can be
* enabled at once.
*/
err = nwam_walk_locs(loc_set_enabled, loch, 0, &cb_ret);
if (err != NWAM_SUCCESS && err != NWAM_WALK_HALTED)
cb_ret = err;
} else {
cb_ret = loc_set_enabled(loch, NULL);
}
return (cb_ret);
}
nwam_error_t
nwam_loc_enable(nwam_loc_handle_t loch)
{
nwam_error_t err;
boolean_t enabled;
assert(loch != NULL);
/* Make sure location is not enabled */
if ((err = nwam_loc_is_enabled(loch, &enabled)) != NWAM_SUCCESS)
return (err);
if (enabled)
return (NWAM_SUCCESS);
if ((err = nwam_loc_update_enabled(loch, B_TRUE)) != NWAM_SUCCESS)
return (err);
err = nwam_enable(NULL, loch);
/* nwamd may not be running, that's okay. */
if (err == NWAM_ERROR_BIND)
return (NWAM_SUCCESS);
else
return (err);
}
nwam_error_t
nwam_loc_disable(nwam_loc_handle_t loch)
{
nwam_error_t err;
boolean_t enabled;
assert(loch != NULL);
/* Make sure location is enabled */
if ((err = nwam_loc_is_enabled(loch, &enabled)) != NWAM_SUCCESS)
return (err);
if (!enabled)
return (NWAM_SUCCESS);
if ((err = nwam_loc_update_enabled(loch, B_FALSE)) != NWAM_SUCCESS)
return (err);
err = nwam_disable(NULL, loch);
/* nwamd may not be running, that's okay. */
if (err == NWAM_ERROR_BIND)
return (NWAM_SUCCESS);
else
return (err);
}
nwam_error_t
nwam_loc_get_default_proplist(const char ***prop_list, uint_t *numvaluesp)
{
return (nwam_get_default_proplist(loc_prop_table,
NWAM_TYPE_ANY, NWAM_CLASS_ANY, prop_list, numvaluesp));
}
nwam_error_t
nwam_loc_get_state(nwam_loc_handle_t loch, nwam_state_t *statep,
nwam_aux_state_t *auxp)
{
return (nwam_get_state(NULL, loch, statep, auxp));
}