static void cmd_parser(int argc, char **argv)
{
const char *rest = NULL;
int optct = optionProcess(&gnutls_cli_debugOptions, argc, argv);
argc -= optct;
argv += optct;
if (rest == NULL && argc > 0)
rest = argv[0];
if (HAVE_OPT(PORT))
port = OPT_VALUE_PORT;
else {
if (HAVE_OPT(STARTTLS_PROTO))
port = starttls_proto_to_port(OPT_ARG(STARTTLS_PROTO));
else
port = 443;
}
if (rest == NULL)
hostname = "localhost";
else
hostname = rest;
if (HAVE_OPT(DEBUG))
debug = OPT_VALUE_DEBUG;
if (HAVE_OPT(VERBOSE))
verbose++;
}
static void verify_response(gnutls_datum_t *nonce)
{
gnutls_datum_t dat;
size_t size;
gnutls_x509_crt_t signer;
int v;
if (HAVE_OPT(LOAD_RESPONSE))
dat.data =
(void *) read_binary_file(OPT_ARG(LOAD_RESPONSE),
&size);
else
dat.data = (void *) fread_file(infile, &size);
if (dat.data == NULL) {
fprintf(stderr, "error reading response\n");
exit(1);
}
dat.size = size;
signer = load_signer();
v = _verify_response(&dat, nonce, signer);
if (v && !HAVE_OPT(IGNORE_ERRORS))
exit(1);
}
/*
* processEmbeddedOptions
*
* This routine processes the text contained within "/\*==--"
* and "=\*\/" as a single option. If that option is the SUBBLOCK
* option, it will need to be massaged for use.
*/
LOCAL void
processEmbeddedOptions(char* pzText)
{
tSCC zStStr[] = "/*=--";
tSCC zEndSt[] = "=*/";
for (;;) {
char* pzStart = strstr(pzText, zStStr);
char* pzEnd;
int sblct = 0;
if (pzStart == NULL)
return;
if (HAVE_OPT(SUBBLOCK))
sblct = STACKCT_OPT(SUBBLOCK);
pzEnd = strstr(pzStart, zEndSt);
if (pzEnd == NULL)
return;
pzStart = compressOptionText(pzStart + sizeof(zStStr)-1, pzEnd);
optionLoadLine(&getdefsOptions, pzStart);
if (HAVE_OPT(SUBBLOCK) && (sblct != STACKCT_OPT(SUBBLOCK))) {
tCC** ppz = STACKLST_OPT(SUBBLOCK);
ppz[ sblct ] = fixupSubblockString(ppz[sblct]);
}
pzText = pzEnd + sizeof(zEndSt);
}
}
static void ask_server(const char* url)
{
gnutls_datum_t resp_data;
int ret, v;
gnutls_x509_crt_t cert, issuer;
cert = load_cert();
issuer = load_issuer();
ret = send_ocsp_request(url, cert, issuer, &resp_data, ENABLED_OPT(NONCE));
if (ret < 0)
{
fprintf(stderr, "Cannot send OCSP request\n");
exit(1);
}
_response_info (&resp_data);
if (HAVE_OPT(LOAD_SIGNER) || HAVE_OPT(LOAD_TRUST))
{
fprintf(outfile, "\n");
v = _verify_response(&resp_data);
}
else
{
fprintf(stderr, "\nResponse could not be verified (use --load-signer).\n");
v = 0;
}
if (HAVE_OPT(OUTFILE) && v == 0)
{
fwrite(resp_data.data, 1, resp_data.size, outfile);
}
}
static void ask_server(const char *url)
{
gnutls_datum_t resp_data;
int ret, v = 0;
gnutls_x509_crt_t cert, issuer;
unsigned char noncebuf[23];
gnutls_datum_t nonce = { noncebuf, sizeof(noncebuf) };
gnutls_datum_t *n;
cert = load_cert();
issuer = load_issuer();
if (ENABLED_OPT(NONCE)) {
ret =
gnutls_rnd(GNUTLS_RND_NONCE, nonce.data, nonce.size);
if (ret < 0) {
fprintf(stderr, "gnutls_rnd: %s\n",
gnutls_strerror(ret));
exit(1);
}
n = &nonce;
} else {
n = NULL;
}
ret =
send_ocsp_request(url, cert, issuer, &resp_data, n);
if (ret < 0) {
fprintf(stderr, "Cannot send OCSP request\n");
exit(1);
}
_response_info(&resp_data);
if (HAVE_OPT(LOAD_TRUST)) {
v = _verify_response(&resp_data, n, NULL);
} else if (HAVE_OPT(LOAD_SIGNER)) {
v = _verify_response(&resp_data, n, load_signer());
} else {
fprintf(stderr,
"\nAssuming response's signer = issuer (use --load-signer to override).\n");
v = _verify_response(&resp_data, n, issuer);
}
if (HAVE_OPT(OUTFILE) && (v == 0 || HAVE_OPT(IGNORE_ERRORS))) {
fwrite(resp_data.data, 1, resp_data.size, outfile);
}
if (v && !HAVE_OPT(IGNORE_ERRORS))
exit(1);
}
static gnutls_x509_crt_t
load_cert (void)
{
gnutls_x509_crt_t crt;
int ret;
gnutls_datum_t dat;
size_t size;
if (!HAVE_OPT(LOAD_CERT))
error (EXIT_FAILURE, 0, "missing --load-cert");
ret = gnutls_x509_crt_init (&crt);
if (ret < 0)
error (EXIT_FAILURE, 0, "crt_init: %s", gnutls_strerror (ret));
dat.data = (void*)read_binary_file (OPT_ARG(LOAD_CERT), &size);
dat.size = size;
if (!dat.data)
error (EXIT_FAILURE, errno, "reading --load-cert: %s", OPT_ARG(LOAD_CERT));
ret = gnutls_x509_crt_import (crt, &dat, encoding);
free (dat.data);
if (ret < 0)
error (EXIT_FAILURE, 0, "importing --load-cert: %s: %s",
OPT_ARG(LOAD_CERT), gnutls_strerror (ret));
return crt;
}
int run(void)
{
#ifdef USE_ST
st_usleep(1); //force context switch so timers will work
#endif
g_hash_table_foreach(hash, create_q_threads, NULL);
#ifdef USE_ST
if (debug > 3) { LOG(LOG_DEBUG, "waiting for all threads to finish"); }
while (thread_count) {
st_usleep(10000); /* 10 ms */
}
#endif
if (HAVE_OPT(HANGUPSCRIPT) && online) {
int status;
status = system(OPT_ARG(HANGUPSCRIPT));
if (WIFEXITED(status)) {
if (WEXITSTATUS(status) != 0) {
LOG(LOG_WARNING, "%s: error %d", OPT_ARG(HANGUPSCRIPT), WEXITSTATUS(status));
}
} else {
LOG(LOG_ERR, "%s exited abnormally", OPT_ARG(HANGUPSCRIPT));
}
}
online = FALSE;
uw_setproctitle("sleeping");
return 0;
}
/*
* Redirect logging to a file if requested with -l.
* The ntp.conf logfile directive does not use this code, see
* config_vars() in ntp_config.c.
*/
void
setup_logfile(
void
)
{
if (HAVE_OPT( LOGFILE )) {
const char *my_optarg = OPT_ARG( LOGFILE );
FILE *new_file;
if(strcmp(my_optarg, "stderr") == 0)
new_file = stderr;
else if(strcmp(my_optarg, "stdout") == 0)
new_file = stdout;
else
new_file = fopen(my_optarg, "a");
if (new_file != NULL) {
NLOG(NLOG_SYSINFO)
msyslog(LOG_NOTICE, "logging to file %s", my_optarg);
if (syslog_file != NULL &&
fileno(syslog_file) != fileno(new_file))
(void)fclose(syslog_file);
syslog_file = new_file;
syslogit = 0;
}
else
msyslog(LOG_ERR,
"Cannot open log file %s",
my_optarg);
}
}
static
unsigned opt_to_flags(void)
{
unsigned flags = 0;
if (HAVE_OPT(MARK_PRIVATE)) {
if (ENABLED_OPT(MARK_PRIVATE)) {
flags |= GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE;
} else {
flags |= GNUTLS_PKCS11_OBJ_FLAG_MARK_NOT_PRIVATE;
}
}
if (ENABLED_OPT(MARK_TRUSTED))
flags |=
GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED;
if (ENABLED_OPT(MARK_CA))
flags |=
GNUTLS_PKCS11_OBJ_FLAG_MARK_CA;
if (ENABLED_OPT(MARK_WRAP))
flags |= GNUTLS_PKCS11_OBJ_FLAG_MARK_KEY_WRAP;
if (ENABLED_OPT(LOGIN))
flags |= GNUTLS_PKCS11_OBJ_FLAG_LOGIN;
if (ENABLED_OPT(SO_LOGIN))
flags |= GNUTLS_PKCS11_OBJ_FLAG_LOGIN_SO;
return flags;
}
static void
request_info (void)
{
gnutls_ocsp_req_t req;
int ret;
gnutls_datum_t dat;
size_t size;
ret = gnutls_ocsp_req_init (&req);
if (ret < 0)
error (EXIT_FAILURE, 0, "ocsp_req_init: %s", gnutls_strerror (ret));
if (HAVE_OPT(LOAD_REQUEST))
dat.data = (void*)read_binary_file (OPT_ARG(LOAD_REQUEST), &size);
else
dat.data = (void*)fread_file (infile, &size);
if (dat.data == NULL)
error (EXIT_FAILURE, errno, "reading request");
dat.size = size;
ret = gnutls_ocsp_req_import (req, &dat);
free (dat.data);
if (ret < 0)
error (EXIT_FAILURE, 0, "importing request: %s", gnutls_strerror (ret));
ret = gnutls_ocsp_req_print (req, GNUTLS_OCSP_PRINT_FULL, &dat);
if (ret != 0)
error (EXIT_FAILURE, 0, "ocsp_req_print: %s", gnutls_strerror (ret));
printf ("%.*s", dat.size, dat.data);
gnutls_free (dat.data);
gnutls_ocsp_req_deinit (req);
}
/*
* This is where you should define all your AutoGen AutoOpts option parsing.
* Any user specified option should have it's bit turned on in the 'provides'
* bit mask.
* Returns: TCPEDIT_ERROR | TCPEDIT_OK | TCPEDIT_WARN
*/
int
dlt_user_parse_opts(tcpeditdlt_t *ctx)
{
tcpeditdlt_plugin_t *plugin;
user_config_t *config;
assert(ctx);
plugin = tcpedit_dlt_getplugin(ctx, dlt_value);
config = plugin->config;
/*
* --user-dlt will override the output DLT type, otherwise we'll use
* the DLT of the decoder
*/
if (HAVE_OPT(USER_DLT)) {
config->dlt = OPT_VALUE_USER_DLT;
} else {
config->dlt = ctx->decoder->dlt;
}
/* --user-dlink */
if (HAVE_OPT(USER_DLINK)) {
int ct = STACKCT_OPT(USER_DLINK);
char **list = STACKLST_OPT(USER_DLINK);
int first = 1;
do {
char *p = *list++;
if (first) {
config->length = read_hexstring(p, config->l2server, USER_L2MAXLEN);
memcpy(config->l2client, config->l2server, config->length);
} else {
if (config->length != read_hexstring(p, config->l2client, USER_L2MAXLEN)) {
tcpedit_seterr(ctx->tcpedit, "%s",
"both --dlink's must contain the same number of bytes");
return TCPEDIT_ERROR;
}
}
first = 0;
} while (--ct > 0);
}
return TCPEDIT_OK; /* success */
}
/*
* This is where you should define all your AutoGen AutoOpts option parsing.
* Any user specified option should have it's bit turned on in the 'provides'
* bit mask.
* Returns: TCPEDIT_ERROR | TCPEDIT_OK | TCPEDIT_WARN
*/
int
dlt_hdlc_parse_opts(tcpeditdlt_t *ctx)
{
tcpeditdlt_plugin_t *plugin;
hdlc_config_t *config;
assert(ctx);
plugin = tcpedit_dlt_getplugin(ctx, dlt_value);
config = plugin->config;
if (HAVE_OPT(HDLC_CONTROL)) {
config->control = (uint16_t)OPT_VALUE_HDLC_CONTROL;
}
if (HAVE_OPT(HDLC_ADDRESS)) {
config->address = (uint16_t)OPT_VALUE_HDLC_ADDRESS;
}
return TCPEDIT_OK; /* success */
}
int init(void)
{
if (!HAVE_OPT(OUTPUT)) {
LOG(LOG_ERR, "missing output option");
return 0;
}
daemonize = TRUE;
every = EVERY_MINUTE;
xmlSetGenericErrorFunc(NULL, UpwatchXmlGenericErrorFunc);
return(1);
}
static xmlNodePtr
printHeader( xmlDocPtr pDoc )
{
tSCC zDef[] = "AutoGen Definitions %s%s;\n";
char const* pzSfx = ".tpl";
xmlNodePtr pRootNode = xmlDocGetRootElement( pDoc );
xmlChar* pTpl = NULL;
xmlChar* pzTpl;
if (pRootNode == NULL) {
fprintf( stderr, "Root node not found\n" );
exit( EXIT_FAILURE );
}
if (HAVE_OPT( OVERRIDE_TPL )) {
if (strchr( OPT_ARG( OVERRIDE_TPL ), '.' ) != NULL)
pzSfx = "";
pzTpl = (xmlChar*)(void*)OPT_ARG( OVERRIDE_TPL );
}
else {
pTpl = xmlGetProp( pRootNode, (xmlChar*)(void*)"template" );
if (pTpl == NULL) {
fprintf( stderr, "No template was specified.\n" );
exit( EXIT_FAILURE );
}
pzTpl = pTpl;
if (strchr( (char*)pzTpl, '.' ) != NULL)
pzSfx = "";
}
fprintf( outFp, zDef, pzTpl, pzSfx );
if (pTpl != NULL)
free( pTpl );
if (pDoc->name != NULL)
fprintf( outFp, "XML-name = '%s';\n", TRIM( pDoc->name, NULL ));
if (pDoc->version != NULL)
fprintf( outFp, "XML-version = '%s';\n", TRIM( pDoc->version, NULL ));
if (pDoc->encoding != NULL)
fprintf( outFp, "XML-encoding = '%s';\n", TRIM( pDoc->encoding, NULL ));
if (pDoc->URL != NULL)
fprintf( outFp, "XML-URL = '%s';\n", TRIM( pDoc->URL, NULL ));
if (pDoc->standalone)
fputs( "XML-standalone = true;\n", outFp );
return pRootNode;
}
/*
* check_exit_conditions()
*
* If sntp has a reply, ask the event loop to stop after this round of
* callbacks, unless --wait was used.
*/
void
check_exit_conditions(void)
{
if ((0 == n_pending_ntp && 0 == n_pending_dns) ||
(time_derived && !HAVE_OPT(WAIT))) {
event_base_loopexit(base, NULL);
shutting_down = TRUE;
} else {
TRACE(2, ("%d NTP and %d name queries pending\n",
n_pending_ntp, n_pending_dns));
}
}
static void
exec_autogen(char ** pzBase)
{
char const ** paparg;
char const ** pparg;
int argCt = 5;
/*
* IF we don't have template search directories,
* THEN allocate the default arg counter of pointers and
* set the program name into it.
* ELSE insert each one into the arg list.
*/
if (! HAVE_OPT(AGARG)) {
paparg = pparg = (char const **)malloc(argCt * sizeof(char*));
*pparg++ = pzAutogen;
} else {
int ct = STACKCT_OPT(AGARG);
char const ** ppz = STACKLST_OPT(AGARG);
argCt += ct;
paparg = pparg = (char const **)malloc(argCt * sizeof(char*));
*pparg++ = pzAutogen;
do {
*pparg++ = *ppz++;
} while (--ct > 0);
}
*pparg++ = *pzBase;
*pparg++ = "--";
*pparg++ = "-";
*pparg++ = NULL;
#ifdef DEBUG
fputc('\n', stderr);
pparg = paparg;
for (;;) {
fputs(*pparg++, stderr);
if (*pparg == NULL)
break;
fputc(' ', stderr);
}
fputc('\n', stderr);
fputc('\n', stderr);
#endif
execvp(pzAutogen, (char**)(void*)paparg);
fserr_die("exec of %s %s %s %s\n", paparg[0], paparg[1], paparg[2],
paparg[3]);
}
int init(void)
{
if (!HAVE_OPT(OUTPUT)) {
LOG(LOG_ERR, "missing output option");
return 0;
}
daemonize = TRUE;
every = EVERY_MINUTE;
startsec = OPT_VALUE_BEGIN;
g_thread_init(NULL);
xmlSetGenericErrorFunc(NULL, UpwatchXmlGenericErrorFunc);
return(1);
}
int main(int argc, char **argv)
{
int ret;
if ((ret = gnutls_global_init()) < 0) {
fprintf(stderr, "global_init: %s\n", gnutls_strerror(ret));
exit(1);
}
optionProcess(&ocsptoolOptions, argc, argv);
gnutls_global_set_log_function(tls_log_func);
gnutls_global_set_log_level(OPT_VALUE_DEBUG);
if (HAVE_OPT(OUTFILE)) {
outfile = fopen(OPT_ARG(OUTFILE), "wb");
if (outfile == NULL) {
fprintf(stderr, "%s\n", OPT_ARG(OUTFILE));
exit(1);
}
} else
outfile = stdout;
if (HAVE_OPT(INFILE)) {
infile = fopen(OPT_ARG(INFILE), "rb");
if (infile == NULL) {
fprintf(stderr, "%s\n", OPT_ARG(INFILE));
exit(1);
}
} else
infile = stdin;
if (ENABLED_OPT(INDER))
encoding = GNUTLS_X509_FMT_DER;
else
encoding = GNUTLS_X509_FMT_PEM;
if (HAVE_OPT(REQUEST_INFO))
request_info();
else if (HAVE_OPT(RESPONSE_INFO))
response_info();
else if (HAVE_OPT(GENERATE_REQUEST))
generate_request(NULL);
else if (HAVE_OPT(VERIFY_RESPONSE))
verify_response(NULL);
else if (HAVE_OPT(ASK))
ask_server(OPT_ARG(ASK));
else {
USAGE(1);
}
return 0;
}
/*
* compar_text
*
* merely returns the relative ordering of two input strings.
* The arguments are pointers to pointers to NUL-terminated strings.
* IF the definiton was mal-formed, an error message was printed
* earlier. When we get here, we wil fail to find the "zNameTag"
* string and EXIT_FAILURE.
*/
static int
compar_text(const void* p1, const void* p2)
{
char* pz1 = strstr(*(char const * const *)p1, zNameTag);
char* pe1;
char* pz2 = strstr(*(char const * const *)p2, zNameTag);
char* pe2;
int res;
if (pz1 == NULL) {
if (strncmp(*(char const * const *)p1, zGlobal, sizeof(zGlobal)-1) == 0)
return -1;
die(zBogusDef, *(char const * const *)p1);
}
if (pz2 == NULL) {
if (strncmp(*(char const * const *)p2, zGlobal, sizeof(zGlobal)-1) == 0)
return 1;
die(zBogusDef, *(char const * const *)p2);
}
pz1 += sizeof(zNameTag)-1;
pe1 = strchr(pz1, '\'');
if (pe1 == NULL)
die(zBogusDef, *(char const * const *)p1);
pz2 += sizeof(zNameTag)-1;
pe2 = strchr(pz2, '\'');
if (pe2 == NULL)
die(zBogusDef, *(char const * const *)p2);
*pe1 = *pe2 = NUL;
/*
* We know ordering is enabled because we only get called when
* it is enabled. If the option was also specified, then
* we sort without case sensitivity (and we compare '-', '_'
* and '^' as being equal as well). Otherwise, we do a
* strict string comparison.
*/
if (HAVE_OPT(ORDERING))
res = streqvcmp(pz1, pz2);
else res = strcmp(pz1, pz2);
*pe1 = *pe2 = '\'';
return res;
}
void debug_msg(char *message) {
if(HAVE_OPT(FILELOG)) {
time_t cur_time = time(NULL);
char *timestamp = ctime(&cur_time);
fprintf(stderr, "%s: %s\n", timestamp, message);
}
else {
syslog(LOG_DEBUG
#ifdef LOG_PERROR
| LOG_PERROR
#endif
| LOG_CONS, "%s", message);
}
}
static FILE*
open_ag_file(char ** pzBase)
{
switch (WHICH_IDX_AUTOGEN) {
case INDEX_OPT_OUTPUT:
{
static char const zFileFmt[] = " * %s\n";
FILE* fp;
if (*pzBase != NULL)
free(*pzBase);
if (strcmp(OPT_ARG(OUTPUT), "-") == 0)
return stdout;
unlink(OPT_ARG(OUTPUT));
fp = fopen(OPT_ARG(OUTPUT), "w" FOPEN_BINARY_FLAG);
fprintf(fp, zDne, OPT_ARG(OUTPUT));
if (HAVE_OPT(INPUT)) {
int ct = STACKCT_OPT(INPUT);
char const ** ppz = STACKLST_OPT(INPUT);
do {
fprintf(fp, zFileFmt, *ppz++);
} while (--ct > 0);
}
fputs(" */\n", fp);
return fp;
}
case INDEX_OPT_AUTOGEN:
if (! ENABLED_OPT(AUTOGEN)) {
if (*pzBase != NULL)
free(*pzBase);
return stdout;
}
if ( ( OPT_ARG(AUTOGEN) != NULL)
&& (*OPT_ARG(AUTOGEN) != NUL ))
pzAutogen = OPT_ARG(AUTOGEN);
break;
}
return NULL;
}
static void
verify_response (void)
{
gnutls_datum_t dat;
size_t size;
if (HAVE_OPT(LOAD_RESPONSE))
dat.data = (void*)read_binary_file (OPT_ARG(LOAD_RESPONSE), &size);
else
dat.data = (void*)fread_file (infile, &size);
if (dat.data == NULL)
error (EXIT_FAILURE, errno, "reading response");
dat.size = size;
_verify_response(&dat);
}
/**
* Copy wrapup. If "quiet" has not been specified, then
* print a message to the curses screen about this thread being done.
*
* @param[in] fseg file segment descriptor.
*/
void
copy_wrap(file_seg_t * fseg)
{
if (HAVE_OPT(QUIET))
return;
pthread_mutex_lock(&tty_mutex);
move(ENTRY_LINE + 1, 0);
clrtoeol();
move(ENTRY_LINE, 0);
clrtoeol();
printw("th %2d DONE - copied 0x%08X bytes in %lu seconds",
fseg->idx, fseg->end - fseg->start, get_time_delta() / BILLION);
refresh();
pthread_mutex_unlock(&tty_mutex);
}
/**
* post AutoGen argument processing
*/
void
post_args(_U_ int argc, _U_ char *argv[])
{
char ebuf[PCAP_ERRBUF_SIZE];
#ifdef DEBUG
if (HAVE_OPT(DBUG))
debug = OPT_VALUE_DBUG;
#else
if (HAVE_OPT(DBUG))
warn("not configured with --enable-debug. Debugging disabled.");
#endif
#ifdef ENABLE_VERBOSE
if (HAVE_OPT(VERBOSE))
options.verbose = 1;
if (HAVE_OPT(DECODE))
tcpdump.args = safe_strdup(OPT_ARG(DECODE));
#endif
#ifdef ENABLE_FRAGROUTE
if (HAVE_OPT(FRAGROUTE))
options.fragroute_args = safe_strdup(OPT_ARG(FRAGROUTE));
options.fragroute_dir = FRAGROUTE_DIR_BOTH;
if (HAVE_OPT(FRAGDIR)) {
if (strcmp(OPT_ARG(FRAGDIR), "c2s") == 0) {
options.fragroute_dir = FRAGROUTE_DIR_C2S;
} else if (strcmp(OPT_ARG(FRAGDIR), "s2c") == 0) {
options.fragroute_dir = FRAGROUTE_DIR_S2C;
} else if (strcmp(OPT_ARG(FRAGDIR), "both") == 0) {
options.fragroute_dir = FRAGROUTE_DIR_BOTH;
} else {
errx(-1, "Unknown --fragdir value: %s", OPT_ARG(FRAGDIR));
}
}
#endif
/* open up the input file */
options.infile = safe_strdup(OPT_ARG(INFILE));
if ((options.pin = pcap_open_offline(options.infile, ebuf)) == NULL)
errx(-1, "Unable to open input pcap file: %s", ebuf);
#ifdef HAVE_PCAP_SNAPSHOT
if (pcap_snapshot(options.pin) < 65535)
warnx("%s was captured using a snaplen of %d bytes. This may mean you have truncated packets.",
options.infile, pcap_snapshot(options.pin));
#endif
}
static void request_info(void)
{
gnutls_ocsp_req_t req;
int ret;
gnutls_datum_t dat;
size_t size;
ret = gnutls_ocsp_req_init(&req);
if (ret < 0) {
fprintf(stderr, "ocsp_req_init: %s\n", gnutls_strerror(ret));
exit(1);
}
if (HAVE_OPT(LOAD_REQUEST))
dat.data =
(void *) read_binary_file(OPT_ARG(LOAD_REQUEST),
&size);
else
dat.data = (void *) fread_file(infile, &size);
if (dat.data == NULL) {
fprintf(stderr, "error reading request\n");
exit(1);
}
dat.size = size;
ret = gnutls_ocsp_req_import(req, &dat);
free(dat.data);
if (ret < 0) {
fprintf(stderr, "error importing request: %s\n",
gnutls_strerror(ret));
exit(1);
}
ret = gnutls_ocsp_req_print(req, GNUTLS_OCSP_PRINT_FULL, &dat);
if (ret != 0) {
fprintf(stderr, "ocsp_req_print: %s\n",
gnutls_strerror(ret));
exit(1);
}
printf("%.*s", dat.size, dat.data);
gnutls_free(dat.data);
gnutls_ocsp_req_deinit(req);
}
xmlNodePtr newnode(xmlDocPtr doc, char *name)
{
char buffer[24];
xmlNodePtr node;
time_t now = time(NULL);
node = xmlNewChild(xmlDocGetRootElement(doc), NULL, name, NULL);
if (HAVE_OPT(REALM)) {
xmlSetProp(node, "realm", OPT_ARG(REALM));
}
sprintf(buffer, "%ld", OPT_VALUE_SERVERID); xmlSetProp(node, "server", buffer);
xmlSetProp(node, "ipaddress", ipaddress);
sprintf(buffer, "%d", (int) now); xmlSetProp(node, "date", buffer);
sprintf(buffer, "%d", ((int)now)+((unsigned)OPT_VALUE_EXPIRES*60));
xmlSetProp(node, "expires", buffer);
xmlSetProp(node, "color", "200");
sprintf(buffer, "%ld", OPT_VALUE_INTERVAL); xmlSetProp(node, "interval", buffer);
return node;
}
/*
* doalarm - send a string out the port, if we have one.
*/
int
doalarm(
int fd
)
{
int n;
if (! HAVE_OPT(COMMAND))
return;
n = write(fd, cmd, cmdlen);
if (n < 0) {
(void) fprintf(stderr, "%s: write(): ", progname);
perror("");
} else if (n < cmdlen) {
(void) printf("Short write (%d bytes, should be %d)\n",
n, cmdlen);
}
}
static void response_info(void)
{
gnutls_datum_t dat;
size_t size;
if (HAVE_OPT(LOAD_RESPONSE))
dat.data =
(void *) read_binary_file(OPT_ARG(LOAD_RESPONSE),
&size);
else
dat.data = (void *) fread_file(infile, &size);
if (dat.data == NULL) {
fprintf(stderr, "error reading response\n");
exit(1);
}
dat.size = size;
_response_info(&dat);
gnutls_free(dat.data);
}
void add_systemp(xmlNodePtr node)
{
char buffer[24];
int systemp = 0;
if (HAVE_OPT(SYSTEMP_COMMAND)) {
char cmd[1024];
FILE *in;
sprintf(cmd, "%s > /tmp/.uw_sysstat.tmp", OPT_ARG(SYSTEMP_COMMAND));
uw_setproctitle("running %s", OPT_ARG(SYSTEMP_COMMAND));
system(cmd);
in = fopen("/tmp/.uw_sysstat.tmp", "r");
if (in) {
fscanf(in, "%d", &systemp);
fclose(in);
}
unlink("tmp/.uw_sysstat.tmp");
}
sprintf(buffer, "%d", systemp);
xmlNewChild(node, NULL, "systemp", buffer);
}
/**
* \brief Call this to parse AutoOpts arguments for the DLT encoder plugin
*
* Was previously part of tcpedit_dlt_init(), but moved into it's own function
* to allow a full programtic API. Basically, if you're not using this function
* you'll need to roll your own!
* Returns 0 on success, -1 on error
*/
int
tcpedit_dlt_post_args(tcpedit_t *tcpedit)
{
tcpeditdlt_t *ctx;
const char *dst_dlt_name = NULL;
int rcode;
assert(tcpedit);
ctx = tcpedit->dlt_ctx;
assert(ctx);
/* Select the encoder plugin */
dst_dlt_name = OPT_ARG(DLT) ? OPT_ARG(DLT) : ctx->decoder->name;
if ((ctx->encoder = tcpedit_dlt_getplugin_byname(ctx, dst_dlt_name)) == NULL) {
tcpedit_seterr(tcpedit, "No output DLT plugin available for: %s", dst_dlt_name);
return TCPEDIT_ERROR;
}
/* Figure out if we're skipping braodcast & multicast */
if (HAVE_OPT(SKIPL2BROADCAST))
ctx->skip_broadcast = 1;
/* init encoder plugin if it's not the decoder plugin */
if (ctx->encoder->dlt != ctx->decoder->dlt) {
if ((rcode = ctx->encoder->plugin_init(ctx)) != TCPEDIT_OK) {
/* plugin should generate the error */
return TCPEDIT_ERROR;
}
}
/* parse the DLT specific options */
if ((rcode = tcpedit_dlt_parse_opts(ctx)) != TCPEDIT_OK) {
/* parser should generate the error */
return TCPEDIT_ERROR;
}
/* we're OK */
return tcpedit_dlt_post_init(ctx);
}
