void
usage (int status)
{
if (status != EXIT_SUCCESS)
fprintf (stderr, _("Try `%s --help' for more information.\n"),
program_name);
else
{
printf (_("\
Usage: %s NUMBER[SUFFIX]...\n\
or: %s OPTION\n\
Pause for NUMBER seconds. SUFFIX may be `s' for seconds (the default),\n\
`m' for minutes, `h' for hours or `d' for days. Unlike most implementations\n\
that require NUMBER be an integer, here NUMBER may be an arbitrary floating\n\
point number. Given two or more arguments, pause for the amount of time\n\
specified by the sum of their values.\n\
\n\
"),
program_name, program_name);
fputs (HELP_OPTION_DESCRIPTION, stdout);
fputs (VERSION_OPTION_DESCRIPTION, stdout);
emit_bug_reporting_address ();
}
exit (status);
}
static void
usage (int status)
{
if (status != EXIT_SUCCESS)
fprintf (stderr, "Try `%s --help' for more information.\n", program_name);
else
{
cmdline_parser_print_help ();
emit_bug_reporting_address ();
}
exit (status);
}
void
usage (int status)
{
if (status != EXIT_SUCCESS)
fprintf (stderr, _("Try `%s --help' for more information.\n"),
program_name);
else
{
printf (_("Usage: %s [OPTION]... [USERNAME]...\n"), program_name);
fputs (_("\
Print group memberships for each USERNAME or, if no USERNAME is specified, for\n\
the current process (which may differ if the groups database has changed).\n"),
stdout);
fputs (HELP_OPTION_DESCRIPTION, stdout);
fputs (VERSION_OPTION_DESCRIPTION, stdout);
emit_bug_reporting_address ();
}
exit (status);
}
void
usage (int status)
{
if (status != EXIT_SUCCESS)
fprintf (stderr, _("Try `%s --help' for more information.\n"),
program_name);
else
{
printf (_("\
Usage: %s FILE\n\
or: %s OPTION\n"), program_name, program_name);
fputs (_("Call the unlink function to remove the specified FILE.\n\n"),
stdout);
fputs (HELP_OPTION_DESCRIPTION, stdout);
fputs (VERSION_OPTION_DESCRIPTION, stdout);
emit_bug_reporting_address ();
}
exit (status);
}
void
usage (int status)
{
if (status != EXIT_SUCCESS)
fprintf (stderr, _("Try `%s --help' for more information.\n"),
program_name);
else
{
printf (_("\
Usage: %s [NAME]\n\
or: %s OPTION\n\
Print or set the hostname of the current system.\n\
\n\
"),
program_name, program_name);
fputs (HELP_OPTION_DESCRIPTION, stdout);
fputs (VERSION_OPTION_DESCRIPTION, stdout);
emit_bug_reporting_address ();
}
exit (status);
}
static void
usage (void)
{
char const * const *p;
printf (_("Usage: %s [OPTION]... FILE1 FILE2\n"), program_name);
printf ("%s\n\n",
_("Side-by-side merge of differences between FILE1 and FILE2."));
fputs (_("\
Mandatory arguments to long options are mandatory for short options too.\n\
"), stdout);
for (p = option_help_msgid; *p; p++)
if (**p)
printf (" %s\n", _(*p));
else
putchar ('\n');
printf ("\n%s\n%s\n",
_("If a FILE is '-', read standard input."),
_("Exit status is 0 if inputs are the same, 1 if different, 2 if trouble."));
emit_bug_reporting_address ();
}
int
main (int argc, char *argv[])
{
struct gengetopt_args_info args_info;
int rc;
set_program_name (argv[0]);
if (cmdline_parser (argc, argv, &args_info) != 0)
return EXIT_FAILURE;
rc = pskc_global_init ();
if (rc != PSKC_OK)
error (EXIT_FAILURE, 0, "libpskc initialization failed: %s",
pskc_strerror (rc));
if (args_info.debug_flag)
pskc_global_log (debuglog);
if (args_info.version_given)
version ();
else if (args_info.validate_flag)
validate (&args_info);
else if (args_info.sign_flag)
sign (&args_info);
else if (args_info.verify_flag)
verify (&args_info);
else if (args_info.info_flag)
info (&args_info);
else
{
cmdline_parser_print_help ();
emit_bug_reporting_address ();
}
pskc_global_done ();
return EXIT_SUCCESS;
}
ATTR_NO_RETRUN static void
usage (int status)
{
if (status != EXIT_SUCCESS)
fprintf (stderr, "Try `%s --help' for more information.\n", program_name);
else
{
printf ("\
Usage: %s [OPTION] DEFINITIONS ASSIGNMENTS\n", program_name);
printf ("\
Generates a DER encoding of ASN.1 DEFINITIONS file\n\
and ASSIGNMENTS file with value assignments.\n\
\n");
printf ("\
Mandatory arguments to long options are mandatory for short options too.\n\
-c, --check checks the syntax only\n\
-o, --output=FILE output file\n\
-h, --help display this help and exit\n\
-v, --version output version information and exit\n");
emit_bug_reporting_address ();
}
exit (status);
}
int
main (int argc, char *argv[])
{
struct gengetopt_args_info args_info;
char *secret;
size_t secretlen = 0;
int rc;
size_t window;
uint64_t moving_factor;
unsigned digits;
char otp[10];
time_t now, when, t0, time_step_size;
int totpflags = 0;
set_program_name (argv[0]);
if (cmdline_parser (argc, argv, &args_info) != 0)
return EXIT_FAILURE;
if (args_info.version_given)
{
char *p;
int l = -1;
if (strcmp (oath_check_version (NULL), OATH_VERSION) != 0)
l = asprintf (&p, "OATH Toolkit liboath.so %s oath.h %s",
oath_check_version (NULL), OATH_VERSION);
else if (strcmp (OATH_VERSION, PACKAGE_VERSION) != 0)
l = asprintf (&p, "OATH Toolkit %s",
oath_check_version (NULL), OATH_VERSION);
version_etc (stdout, "oathtool", l == -1 ? "OATH Toolkit" : p,
PACKAGE_VERSION, "Simon Josefsson", (char *) NULL);
if (l != -1)
free (p);
return EXIT_SUCCESS;
}
if (args_info.help_given)
usage (EXIT_SUCCESS);
if (args_info.inputs_num == 0)
{
cmdline_parser_print_help ();
emit_bug_reporting_address ();
return EXIT_SUCCESS;
}
rc = oath_init ();
if (rc != OATH_OK)
error (EXIT_FAILURE, 0, "liboath initialization failed: %s",
oath_strerror (rc));
if (args_info.base32_flag)
{
rc = oath_base32_decode (args_info.inputs[0],
strlen (args_info.inputs[0]),
&secret, &secretlen);
if (rc != OATH_OK)
error (EXIT_FAILURE, 0, "base32 decoding failed: %s",
oath_strerror (rc));
}
else
{
secretlen = 1 + strlen (args_info.inputs[0]) / 2;
secret = malloc (secretlen);
if (!secret)
error (EXIT_FAILURE, errno, "malloc");
rc = oath_hex2bin (args_info.inputs[0], secret, &secretlen);
if (rc != OATH_OK)
error (EXIT_FAILURE, 0, "hex decoding of secret key failed");
}
if (args_info.counter_orig)
moving_factor = args_info.counter_arg;
else
moving_factor = 0;
if (args_info.digits_orig)
digits = args_info.digits_arg;
else
digits = 6;
if (args_info.window_orig)
window = args_info.window_arg;
else
window = 0;
if (digits != 6 && digits != 7 && digits != 8)
error (EXIT_FAILURE, 0, "only digits 6, 7 and 8 are supported");
if (validate_otp_p (args_info.inputs_num) && !args_info.digits_orig)
digits = strlen (args_info.inputs[1]);
else if (validate_otp_p (args_info.inputs_num) && args_info.digits_orig &&
args_info.digits_arg != strlen (args_info.inputs[1]))
error (EXIT_FAILURE, 0,
"given one-time password has bad length %d != %ld",
args_info.digits_arg, strlen (args_info.inputs[1]));
if (args_info.inputs_num > 2)
error (EXIT_FAILURE, 0, "too many parameters");
if (args_info.verbose_flag)
{
char *tmp;
tmp = malloc (2 * secretlen + 1);
if (!tmp)
error (EXIT_FAILURE, errno, "malloc");
oath_bin2hex (secret, secretlen, tmp);
printf ("Hex secret: %s\n", tmp);
free (tmp);
rc = oath_base32_encode (secret, secretlen, &tmp, NULL);
if (rc != OATH_OK)
error (EXIT_FAILURE, 0, "base32 encoding failed: %s",
oath_strerror (rc));
printf ("Base32 secret: %s\n", tmp);
free (tmp);
if (args_info.inputs_num == 2)
printf ("OTP: %s\n", args_info.inputs[1]);
printf ("Digits: %d\n", digits);
printf ("Window size: %ld\n", window);
}
if (args_info.totp_given)
{
now = time (NULL);
when = parse_time (args_info.now_arg, now);
t0 = parse_time (args_info.start_time_arg, now);
time_step_size = parse_duration (args_info.time_step_size_arg);
if (when == BAD_TIME)
error (EXIT_FAILURE, 0, "cannot parse time `%s'", args_info.now_arg);
if (t0 == BAD_TIME)
error (EXIT_FAILURE, 0, "cannot parse time `%s'",
args_info.start_time_arg);
if (time_step_size == BAD_TIME)
error (EXIT_FAILURE, 0, "cannot parse time `%s'",
args_info.time_step_size_arg);
if (strcmp (args_info.totp_arg, "sha256") == 0)
totpflags = OATH_TOTP_HMAC_SHA256;
else if (strcmp (args_info.totp_arg, "sha512") == 0)
totpflags = OATH_TOTP_HMAC_SHA512;
if (args_info.verbose_flag)
verbose_totp (t0, time_step_size, when);
}
else
{
if (args_info.verbose_flag)
verbose_hotp (moving_factor);
}
if (generate_otp_p (args_info.inputs_num) && !args_info.totp_given)
{
size_t iter = 0;
do
{
rc = oath_hotp_generate (secret,
secretlen,
moving_factor + iter,
digits,
false, OATH_HOTP_DYNAMIC_TRUNCATION, otp);
if (rc != OATH_OK)
error (EXIT_FAILURE, 0,
"generating one-time password failed (%d)", rc);
printf ("%s\n", otp);
}
while (window - iter++ > 0);
}
else if (generate_otp_p (args_info.inputs_num) && args_info.totp_given)
{
size_t iter = 0;
do
{
rc = oath_totp_generate2 (secret,
secretlen,
when + iter * time_step_size,
time_step_size, t0, digits, totpflags,
otp);
if (rc != OATH_OK)
error (EXIT_FAILURE, 0,
"generating one-time password failed (%d)", rc);
printf ("%s\n", otp);
}
while (window - iter++ > 0);
}
else if (validate_otp_p (args_info.inputs_num) && !args_info.totp_given)
{
rc = oath_hotp_validate (secret,
secretlen,
moving_factor, window, args_info.inputs[1]);
if (rc == OATH_INVALID_OTP)
error (EXIT_OTP_INVALID, 0,
"password \"%s\" not found in range %ld .. %ld",
args_info.inputs[1],
(long) moving_factor, (long) moving_factor + window);
else if (rc < 0)
error (EXIT_FAILURE, 0,
"validating one-time password failed (%d)", rc);
printf ("%d\n", rc);
}
else if (validate_otp_p (args_info.inputs_num) && args_info.totp_given)
{
rc = oath_totp_validate4 (secret,
secretlen,
when,
time_step_size,
t0,
window,
NULL, NULL, totpflags, args_info.inputs[1]);
if (rc == OATH_INVALID_OTP)
error (EXIT_OTP_INVALID, 0,
"password \"%s\" not found in range %ld .. %ld",
args_info.inputs[1],
(long) ((when - t0) / time_step_size - window / 2),
(long) ((when - t0) / time_step_size + window / 2));
else if (rc < 0)
error (EXIT_FAILURE, 0,
"validating one-time password failed (%d)", rc);
printf ("%d\n", rc);
}
free (secret);
oath_done ();
return EXIT_SUCCESS;
}
int
main (int argc, char *argv[])
{
Gsasl *ctx = NULL;
int res;
char *in;
char *connect_hostname = NULL;
char *connect_service = NULL;
#ifdef HAVE_LIBGNUTLS
gnutls_anon_client_credentials anoncred;
gnutls_certificate_credentials x509cred;
#endif
set_program_name (argv[0]);
setlocale (LC_ALL, "");
bindtextdomain (PACKAGE, LOCALEDIR);
textdomain (PACKAGE);
/* This is necessary for modern MinGW compilers that provide working
getaddrinfo function, which results in gnulib not detecting that
it is broken. The proper fix is for gnulib to wrap the
getaddrinfo call and initialize Windows sockets in the
wrapper. */
(void) gl_sockets_startup (SOCKETS_1_1);
if (cmdline_parser (argc, argv, &args_info) != 0)
return EXIT_FAILURE;
if (args_info.version_given)
{
const char *p = PACKAGE_NAME;
if (strcmp (gsasl_check_version (NULL), PACKAGE_VERSION) != 0)
p = PACKAGE_STRING;
version_etc (stdout, "gsasl", p, gsasl_check_version (NULL),
"Simon Josefsson", (char *) NULL);
return EXIT_SUCCESS;
}
if (args_info.help_given)
usage (EXIT_SUCCESS);
if (!(args_info.client_flag || args_info.client_given) &&
!args_info.server_given &&
!args_info.client_mechanisms_flag && !args_info.server_mechanisms_flag)
{
error (0, 0, _("missing argument"));
usage (EXIT_FAILURE);
}
if ((args_info.x509_cert_file_arg && !args_info.x509_key_file_arg) ||
(!args_info.x509_cert_file_arg && args_info.x509_key_file_arg))
error (EXIT_FAILURE, 0,
_("need both --x509-cert-file and --x509-key-file"));
if (args_info.starttls_flag && args_info.no_starttls_flag)
error (EXIT_FAILURE, 0,
_("cannot use both --starttls and --no-starttls"));
if (args_info.smtp_flag && args_info.imap_flag)
error (EXIT_FAILURE, 0, _("cannot use both --smtp and --imap"));
if (!args_info.connect_given && args_info.inputs_num == 0 &&
!args_info.client_given && !args_info.server_given &&
!args_info.client_mechanisms_flag && !args_info.server_mechanisms_flag)
{
cmdline_parser_print_help ();
emit_bug_reporting_address ();
return EXIT_SUCCESS;
}
if (args_info.connect_given)
{
if (strrchr (args_info.connect_arg, ':'))
{
connect_hostname = xstrdup (args_info.connect_arg);
*strrchr (connect_hostname, ':') = '\0';
connect_service =
xstrdup (strrchr (args_info.connect_arg, ':') + 1);
}
else
{
connect_hostname = xstrdup (args_info.connect_arg);
if (args_info.smtp_flag)
connect_service = xstrdup ("smtp");
else
connect_service = xstrdup ("imap");
}
}
else if (args_info.inputs_num > 0)
{
connect_hostname = args_info.inputs[0];
if (args_info.inputs_num > 1)
connect_service = args_info.inputs[1];
else if (args_info.smtp_flag)
connect_service = xstrdup ("smtp");
else
connect_service = xstrdup ("imap");
}
if (connect_service && !args_info.smtp_flag && !args_info.imap_flag)
{
if (strcmp (connect_service, "25") == 0 ||
strcmp (connect_service, "smtp") == 0)
args_info.smtp_flag = 1;
else
args_info.imap_flag = 1;
}
if (args_info.imap_flag && !args_info.service_given)
args_info.service_arg = xstrdup ("imap");
if (args_info.smtp_flag && !args_info.service_given)
args_info.service_arg = xstrdup ("smtp");
if (args_info.imap_flag || args_info.smtp_flag)
args_info.no_client_first_flag = 1;
if (connect_hostname && !args_info.hostname_arg)
args_info.hostname_arg = xstrdup (connect_hostname);
if (!isatty (STDOUT_FILENO))
setvbuf (stdout, NULL, _IOLBF, BUFSIZ);
res = gsasl_init (&ctx);
if (res != GSASL_OK)
error (EXIT_FAILURE, 0, _("initialization failure: %s"),
gsasl_strerror (res));
gsasl_callback_set (ctx, callback);
if (args_info.client_mechanisms_flag || args_info.server_mechanisms_flag)
{
char *mechs;
if (args_info.client_mechanisms_flag)
res = gsasl_client_mechlist (ctx, &mechs);
else
res = gsasl_server_mechlist (ctx, &mechs);
if (res != GSASL_OK)
error (EXIT_FAILURE, 0, _("error listing mechanisms: %s"),
gsasl_strerror (res));
if (!args_info.quiet_given)
{
if (args_info.client_mechanisms_flag)
fprintf (stderr,
_("This client supports the following mechanisms:\n"));
else
fprintf (stderr,
_("This server supports the following mechanisms:\n"));
}
fprintf (stdout, "%s\n", mechs);
free (mechs);
return EXIT_SUCCESS;
}
if (args_info.connect_given || args_info.inputs_num > 0)
{
struct addrinfo hints;
struct addrinfo *ai0, *ai;
memset (&hints, 0, sizeof (hints));
hints.ai_flags = AI_CANONNAME;
hints.ai_socktype = SOCK_STREAM;
res = getaddrinfo (connect_hostname, connect_service, &hints, &ai0);
if (res != 0)
error (EXIT_FAILURE, 0, "%s: %s", connect_hostname,
gai_strerror (res));
for (ai = ai0; ai; ai = ai->ai_next)
{
fprintf (stderr, "Trying %s...\n", quote (ai->ai_canonname ?
ai->ai_canonname :
connect_hostname));
sockfd = socket (ai->ai_family, ai->ai_socktype, ai->ai_protocol);
if (sockfd < 0)
{
error (0, errno, "socket");
continue;
}
if (connect (sockfd, ai->ai_addr, ai->ai_addrlen) < 0)
{
int save_errno = errno;
close (sockfd);
sockfd = -1;
error (0, save_errno, "connect");
continue;
}
break;
}
if (sockfd < 0)
error (EXIT_FAILURE, errno, "socket");
freeaddrinfo (ai);
}
if (!greeting ())
return 1;
#ifdef HAVE_LIBGNUTLS
if (sockfd && !args_info.no_starttls_flag &&
(args_info.starttls_flag || has_starttls ()))
{
res = gnutls_global_init ();
if (res < 0)
error (EXIT_FAILURE, 0, _("GnuTLS global initialization failed: %s"),
gnutls_strerror (res));
res = gnutls_init (&session, GNUTLS_CLIENT);
if (res < 0)
error (EXIT_FAILURE, 0, _("GnuTLS initialization failed: %s"),
gnutls_strerror (res));
res = gnutls_set_default_priority (session);
if (res < 0)
error (EXIT_FAILURE, 0, _("setting GnuTLS defaults failed: %s"),
gnutls_strerror (res));
res = gnutls_anon_allocate_client_credentials (&anoncred);
if (res < 0)
error (EXIT_FAILURE, 0,
_("allocating anonymous GnuTLS credential: %s"),
gnutls_strerror (res));
res = gnutls_credentials_set (session, GNUTLS_CRD_ANON, anoncred);
if (res < 0)
error (EXIT_FAILURE, 0, _("setting anonymous GnuTLS credential: %s"),
gnutls_strerror (res));
res = gnutls_certificate_allocate_credentials (&x509cred);
if (res < 0)
error (EXIT_FAILURE, 0, _("allocating X.509 GnuTLS credential: %s"),
gnutls_strerror (res));
if (args_info.x509_cert_file_arg && args_info.x509_key_file_arg)
res = gnutls_certificate_set_x509_key_file
(x509cred, args_info.x509_cert_file_arg,
args_info.x509_key_file_arg, GNUTLS_X509_FMT_PEM);
if (res != GNUTLS_E_SUCCESS)
error (EXIT_FAILURE, 0, _("loading X.509 GnuTLS credential: %s"),
gnutls_strerror (res));
if (args_info.x509_ca_file_arg)
{
res = gnutls_certificate_set_x509_trust_file
(x509cred, args_info.x509_ca_file_arg, GNUTLS_X509_FMT_PEM);
if (res < 0)
error (EXIT_FAILURE, 0, _("no X.509 CAs found: %s"),
gnutls_strerror (res));
if (res == 0)
error (EXIT_FAILURE, 0, _("no X.509 CAs found"));
}
res = gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE,
x509cred);
if (res < 0)
error (EXIT_FAILURE, 0, _("setting X.509 GnuTLS credential: %s"),
gnutls_strerror (res));
if (args_info.priority_arg)
{
const char *err_pos;
res = gnutls_priority_set_direct (session, args_info.priority_arg,
&err_pos);
if (res < 0)
error (EXIT_FAILURE, 0,
_("setting GnuTLS cipher priority (%s): %s\n"),
gnutls_strerror (res), err_pos);
}
gnutls_transport_set_ptr (session, (gnutls_transport_ptr)
(unsigned long) sockfd);
if (!starttls ())
return 1;
res = gnutls_handshake (session);
if (res < 0)
error (EXIT_FAILURE, 0, _("GnuTLS handshake failed: %s"),
gnutls_strerror (res));
if (args_info.x509_ca_file_arg)
{
unsigned int status;
res = gnutls_certificate_verify_peers2 (session, &status);
if (res < 0)
error (EXIT_FAILURE, 0, _("verifying peer certificate: %s"),
gnutls_strerror (res));
if (status & GNUTLS_CERT_INVALID)
error (EXIT_FAILURE, 0, _("server certificate is not trusted"));
if (status & GNUTLS_CERT_SIGNER_NOT_FOUND)
error (EXIT_FAILURE, 0,
_("server certificate hasn't got a known issuer"));
if (status & GNUTLS_CERT_REVOKED)
error (EXIT_FAILURE, 0, _("server certificate has been revoked"));
if (status != 0)
error (EXIT_FAILURE, 0,
_("could not verify server certificate (rc=%d)"), status);
}
#if HAVE_GNUTLS_SESSION_CHANNEL_BINDING
if (!args_info.no_cb_flag)
{
gnutls_datum cb;
res = gnutls_session_channel_binding (session,
GNUTLS_CB_TLS_UNIQUE, &cb);
if (res != GNUTLS_E_SUCCESS)
error (EXIT_FAILURE, 0, _("getting channel binding failed: %s"),
gnutls_strerror (res));
res = gsasl_base64_to ((char *) cb.data, cb.size,
&b64cbtlsunique, NULL);
if (res != GSASL_OK)
error (EXIT_FAILURE, 0, "%s", gsasl_strerror (res));
}
#endif
using_tls = true;
}
#endif
if (args_info.client_flag || args_info.client_given
|| args_info.server_given)
{
char *out;
char *b64output;
size_t output_len;
size_t b64output_len;
const char *mech;
Gsasl_session *xctx = NULL;
if (!select_mechanism (&in))
return 1;
mech = gsasl_client_suggest_mechanism (ctx, in);
if (mech == NULL)
{
fprintf (stderr, _("Cannot find mechanism...\n"));
return 0;
}
if (args_info.mechanism_arg)
mech = args_info.mechanism_arg;
if (!authenticate (mech))
return 1;
/* Authenticate using mechanism */
if (args_info.server_flag)
res = gsasl_server_start (ctx, mech, &xctx);
else
res = gsasl_client_start (ctx, mech, &xctx);
if (res != GSASL_OK)
error (EXIT_FAILURE, 0, _("mechanism unavailable: %s"),
gsasl_strerror (res));
in = NULL;
out = NULL;
if (!args_info.server_flag && args_info.no_client_first_flag)
{
res = GSASL_NEEDS_MORE;
goto no_client_first;
}
do
{
int res2;
res = gsasl_step64 (xctx, in, &out);
if (res != GSASL_NEEDS_MORE && res != GSASL_OK)
break;
if (!step_send (out))
return 1;
no_client_first:
if (!args_info.quiet_given &&
!args_info.imap_flag && !args_info.smtp_flag)
{
if (args_info.server_flag)
fprintf (stderr, _("Enter base64 authentication data "
"from client (press RET if none):\n"));
else
fprintf (stderr, _("Enter base64 authentication data "
"from server (press RET if none):\n"));
}
/* Return 1 on token, 2 on protocol success, 3 on protocol fail, 0 on
errors. */
res2 = step_recv (&in);
if (!res2)
return 1;
if (res2 == 3)
error (EXIT_FAILURE, 0, _("server error"));
if (res2 == 2)
break;
}
while (args_info.imap_flag || args_info.smtp_flag
|| res == GSASL_NEEDS_MORE);
if (res != GSASL_OK)
error (EXIT_FAILURE, 0, _("mechanism error: %s"),
gsasl_strerror (res));
if (!args_info.quiet_given)
{
if (args_info.server_flag)
fprintf (stderr, _("Server authentication "
"finished (client trusted)...\n"));
else
fprintf (stderr, _("Client authentication "
"finished (server trusted)...\n"));
fflush (stderr);
}
/* Transfer application payload */
if (args_info.application_data_flag)
{
struct pollfd pfd[2];
char *sockbuf = NULL;
/* we read chunks of 1000 bytes at a time */
size_t sockpos = 0, sockalloc = 0, sockalloc1 = 1000;
/* Setup pollfd structs... */
pfd[0].fd = STDIN_FILENO;
pfd[0].events = POLLIN;
if (sockfd)
{
pfd[1].fd = sockfd;
pfd[1].events = POLLIN;
}
if (!args_info.quiet_given)
{
fprintf (stderr,
_("Enter application data (EOF to finish):\n"));
fflush (stderr);
}
while (1)
{
int rc;
pfd[0].revents = 0;
pfd[1].revents = 0;
rc = poll (pfd, sockfd ? 2 : 1, -1);
if (rc < 0 && errno == EINTR)
continue;
/* Always check for errors */
if (rc < 0)
error (EXIT_FAILURE, errno, "poll");
/* We got data to read from stdin.. */
if ((pfd[0].revents & (POLLIN | POLLERR)) == POLLIN)
{
char *line = NULL;
size_t n;
ssize_t len;
len = getline (&line, &n, stdin);
if (len <= 0)
break;
if (args_info.imap_flag || args_info.smtp_flag)
{
if (len < 2 || strcmp (&line[len - 2], "\r\n") != 0)
{
line = xrealloc (line, len + 2);
line[len - 1] = '\r';
line[len] = '\n';
line[len + 1] = '\0';
len++;
}
}
else
{
len--;
line[len] = '\0';
}
res = gsasl_encode (xctx, line, len, &out, &output_len);
if (res != GSASL_OK)
break;
if (sockfd)
{
#ifdef HAVE_LIBGNUTLS
if (using_tls)
len = gnutls_record_send (session, out, output_len);
else
#endif
len = write (sockfd, out, output_len);
if (len != output_len)
error (EXIT_FAILURE, errno, "write");
}
else if (!(strlen (line) == output_len &&
memcmp (line, out, output_len) == 0))
{
res = gsasl_base64_to (out, output_len,
&b64output, &b64output_len);
if (res != GSASL_OK)
break;
if (!args_info.quiet_given)
fprintf (stderr, _("Base64 encoded application "
"data to send:\n"));
fprintf (stdout, "%s\n", b64output);
free (b64output);
}
free (line);
free (out);
}
/* If there was an error, quit. */
else if (pfd[0].revents & (POLLERR | POLLHUP))
{
error (0, 0, "poll stdin");
break;
}
/* We got data to read from the socket.. */
if (sockfd && (pfd[1].revents & (POLLIN | POLLERR)) == POLLIN)
{
ssize_t len;
if (sockalloc == sockpos)
sockbuf = x2realloc (sockbuf, &sockalloc1);
sockalloc = sockalloc1;
#ifdef HAVE_LIBGNUTLS
if (using_tls)
len = gnutls_record_recv (session, &sockbuf[sockpos],
sockalloc - sockpos);
else
#endif
len = recv (sockfd, &sockbuf[sockpos],
sockalloc - sockpos, 0);
if (len <= 0)
break;
sockpos += len;
res = gsasl_decode (xctx, sockbuf, sockpos,
&out, &output_len);
if (res == GSASL_NEEDS_MORE)
{
#define MAX_INPUT_SIZE 0x100000
if (sockpos > MAX_INPUT_SIZE)
error (EXIT_FAILURE, 0,
_("SASL record too large: %zu\n"), sockpos);
continue;
}
if (res != GSASL_OK)
break;
free (sockbuf);
sockbuf = NULL;
sockpos = 0;
sockalloc = 0;
sockalloc1 = 1000;
printf ("%.*s", (int) output_len, out);
free (out);
}
/* If there was an error, quit. */
else if (pfd[1].revents & (POLLERR | POLLHUP))
{
error (0, 0, "poll socket");
break;
}
}
if (res != GSASL_OK)
error (EXIT_FAILURE, 0, _("encoding error: %s"),
gsasl_strerror (res));
}
if (!args_info.quiet_given)
fprintf (stderr, _("Session finished...\n"));
if (!logout ())
return 1;
gsasl_finish (xctx);
}
if (sockfd)
{
#ifdef HAVE_LIBGNUTLS
if (using_tls)
{
res = gnutls_bye (session, GNUTLS_SHUT_RDWR);
if (res < 0)
error (EXIT_FAILURE, 0,
_("terminating GnuTLS session failed: %s"),
gnutls_strerror (res));
}
#endif
shutdown (sockfd, SHUT_RDWR);
close (sockfd);
}
gsasl_done (ctx);
#ifdef HAVE_LIBGNUTLS
if (using_tls)
{
gnutls_deinit (session);
gnutls_anon_free_client_credentials (anoncred);
gnutls_certificate_free_credentials (x509cred);
gnutls_global_deinit ();
}
#endif
return 0;
}
