endif
certtool-gaa.c: $(srcdir)/certtool.gaa
-$(GAA) $< -o certtool-gaa.c -i certtool-gaa.h
-psk-args.c: $(srcdir)/psk-args.def
+psk-args.c psk-args.h: $(srcdir)/psk-args.def
-autogen $<
-cli-debug-args.c: $(srcdir)/cli-debug-args.def
+cli-debug-args.c cli-debug-args.h: $(srcdir)/cli-debug-args.def
-autogen $<
-cli-args.c: $(srcdir)/cli-args.def
+cli-args.c cli-args.h: $(srcdir)/cli-args.def
-autogen $<
-serv-args.c: $(srcdir)/serv-args.def
+serv-args.c serv-args.h: $(srcdir)/serv-args.def
-autogen $<
-srptool-args.c: $(srcdir)/srptool-args.def
+srptool-args.c srptool-args.h: $(srcdir)/srptool-args.def
-autogen $<
-p11tool-args.c: $(srcdir)/p11tool-args.def
+p11tool-args.c p11tool-args.h: $(srcdir)/p11tool-args.def
-autogen $<
no-misuse-usage;
disable-save;
reorder-args;
-argument;
+no-xlate = opt;
+argument = "[hostname]";
long-opts;
config-header = 'config.h';
export = '#include <gettext.h>';
flag = {
name = list;
value = l;
- arg-type = string;
descrip = "Print a list of the supported algorithms and modes";
doc = "Print a list of the supported algorithms and modes. If a priority string is given then only the enabled ciphersuites are shown.";
};
a server and queries its capabilities. Can be used to check for servers with
special needs or bugs.";
gnu-usage;
+no-xlate = opt;
no-misuse-usage;
disable-save;
reorder-args;
const char *x509_crlfile = NULL;
static int x509ctype;
static int disable_extensions;
+static const char * priorities = NULL;
const char *psk_username = NULL;
gnutls_datum_t psk_key = { NULL, 0 };
{
const char *err;
int ret;
- const char * priorities;
gnutls_session_t session;
-
- if (HAVE_OPT(PRIORITY)) {
- priorities = OPT_ARG(PRIORITY);
- } else {
- priorities = "NORMAL";
- }
+ if (priorities == NULL)
+ priorities = "NORMAL";
+
if (udp)
{
gnutls_init (&session, GNUTLS_CLIENT|GNUTLS_DATAGRAM);
}
#ifdef ENABLE_SESSION_TICKET
- if (disable_extensions == 0 && !ENABLED_OPT(NOTICKET)t)
+ if (disable_extensions == 0 && !HAVE_OPT(NOTICKET)t)
gnutls_session_ticket_enable_client (session);
#endif
gnutls_session_get_id (hd.session, session_id, &session_id_size);
/* print some information */
- print_info (hd.session, hostname, ENABLED_OPT(INSECURE));
+ print_info (hd.session, hostname, HAVE_OPT(INSECURE));
printf ("- Disconnecting\n");
socket_bye (&hd);
if (rest == NULL && argc > 0)
rest = argv[0];
+
+ if (HAVE_OPT(PRIORITY))
+ {
+ priorities = OPT_ARG(PRIORITY);
+ }
+ verbose = HAVE_OPT( VERBOSE);
- verbose = ENABLED_OPT( VERBOSE);
- disable_extensions = ENABLED_OPT( DISABLE_EXTENSIONS);
- print_cert = ENABLED_OPT( PRINT_CERT);
- starttls = ENABLED_OPT(STARTTLS);
- resume = ENABLED_OPT(RESUME);
- rehandshake = ENABLED_OPT(REHANDSHAKE);
- insecure = ENABLED_OPT(INSECURE);
- udp = ENABLED_OPT(UDP);
+ if (HAVE_OPT(LIST))
+ {
+ print_list(priorities, verbose);
+ exit(0);
+ }
+
+ disable_extensions = HAVE_OPT( DISABLE_EXTENSIONS);
+ print_cert = HAVE_OPT( PRINT_CERT);
+ starttls = HAVE_OPT(STARTTLS);
+ resume = HAVE_OPT(RESUME);
+ rehandshake = HAVE_OPT(REHANDSHAKE);
+ insecure = HAVE_OPT(INSECURE);
+ udp = HAVE_OPT(UDP);
mtu = OPT_VALUE_MTU;
if (HAVE_OPT(PORT))
}
record_max_size = OPT_VALUE_RECORDSIZE;
- fingerprint = ENABLED_OPT(FINGERPRINT);
+ fingerprint = HAVE_OPT(FINGERPRINT);
- if (ENABLED_OPT(X509FMTDER))
+ if (HAVE_OPT(X509FMTDER))
x509ctype = GNUTLS_X509_FMT_DER;
else
x509ctype = GNUTLS_X509_FMT_PEM;
if (HAVE_OPT(PGPKEYRING))
pgp_keyring = OPT_ARG(PGPKEYRING);
- crlf = ENABLED_OPT(CRLF);
+ crlf = HAVE_OPT(CRLF);
- if (rest == NULL)
- hostname = "localhost";
- else
+ if (rest != NULL)
hostname = rest;
+
+ if (hostname == NULL)
+ {
+ fprintf(stderr, "No hostname specified\n");
+ exit(1);
+ }
}
void cli_version (void);
if (ret == 0)
{
/* print some information */
- print_info (socket->session, socket->hostname, ENABLED_OPT(INSECURE));
+ print_info (socket->session, socket->hostname, HAVE_OPT(INSECURE));
socket->secure = 1;
short-usage = "p11tool [options]\np11tool --help for usage instructions.\n";
prog-group = "GnuTLS";
gnu-usage;
+no-xlate = opt;
no-misuse-usage;
disable-save;
long-opts;
flag = {
name = login;
descrip = "Force login to token";
+ disabled;
+ disable = "no";
doc = "";
};
optionProcess( &p11toolOptions, argc, argv);
- if (ENABLED_OPT(DEBUG))
+ if (HAVE_OPT(DEBUG))
debug = OPT_VALUE_DEBUG;
gnutls_global_set_log_function (tls_log_func);
if ((ret = gnutls_global_init ()) < 0)
error (EXIT_FAILURE, 0, "global_init: %s", gnutls_strerror (ret));
- if (ENABLED_OPT(PROVIDER))
+ if (HAVE_OPT(PROVIDER))
{
ret = gnutls_pkcs11_init (GNUTLS_PKCS11_FLAG_MANUAL, NULL);
if (ret < 0)
fprintf (stderr, "pkcs11_init: %s", gnutls_strerror (ret));
}
- if (ENABLED_OPT(OUTFILE))
+ if (HAVE_OPT(OUTFILE))
{
outfile = safe_open_rw (OPT_ARG(OUTFILE), 0);
if (outfile == NULL)
memset (&cinfo, 0, sizeof (cinfo));
- if (ENABLED_OPT(SECRET_KEY))
+ if (HAVE_OPT(SECRET_KEY))
cinfo.secret_key = OPT_ARG(SECRET_KEY);
- if (ENABLED_OPT(LOAD_PRIVKEY))
+ if (HAVE_OPT(LOAD_PRIVKEY))
cinfo.privkey = OPT_ARG(LOAD_PRIVKEY);
- if (ENABLED_OPT(PKCS8))
+ if (HAVE_OPT(PKCS8))
cinfo.pkcs8 = 1;
- if (ENABLED_OPT(INDER) || ENABLED_OPT(INRAW))
+ if (HAVE_OPT(INDER) || HAVE_OPT(INRAW))
cinfo.incert_format = GNUTLS_X509_FMT_DER;
- if (ENABLED_OPT(LOAD_CERTIFICATE))
+ if (HAVE_OPT(LOAD_CERTIFICATE))
cinfo.cert = OPT_ARG(LOAD_CERTIFICATE);
- if (ENABLED_OPT(LOAD_PUBKEY))
+ if (HAVE_OPT(LOAD_PUBKEY))
cinfo.pubkey = OPT_ARG(LOAD_PUBKEY);
- if (ENABLED_OPT(LIST_TOKENS))
+ if (HAVE_OPT(LIST_TOKENS))
action = ACTION_PKCS11_TOKENS;
- else if (ENABLED_OPT(LIST_MECHANISMS))
+ else if (HAVE_OPT(LIST_MECHANISMS))
action = ACTION_PKCS11_MECHANISMS;
- else if (ENABLED_OPT(LIST_ALL))
+ else if (HAVE_OPT(LIST_ALL))
{
pkcs11_type = PKCS11_TYPE_ALL;
action = ACTION_PKCS11_LIST;
}
- else if (ENABLED_OPT(LIST_ALL_CERTS))
+ else if (HAVE_OPT(LIST_ALL_CERTS))
{
pkcs11_type = PKCS11_TYPE_CRT_ALL;
action = ACTION_PKCS11_LIST;
}
- else if (ENABLED_OPT(LIST_CERTS))
+ else if (HAVE_OPT(LIST_CERTS))
{
pkcs11_type = PKCS11_TYPE_PK;
action = ACTION_PKCS11_LIST;
}
- else if (ENABLED_OPT(LIST_ALL_PRIVKEYS))
+ else if (HAVE_OPT(LIST_ALL_PRIVKEYS))
{
pkcs11_type = PKCS11_TYPE_PRIVKEY;
action = ACTION_PKCS11_LIST;
}
- else if (ENABLED_OPT(LIST_ALL_TRUSTED))
+ else if (HAVE_OPT(LIST_ALL_TRUSTED))
{
pkcs11_type = PKCS11_TYPE_TRUSTED;
action = ACTION_PKCS11_LIST;
}
- else if (ENABLED_OPT(EXPORT))
+ else if (HAVE_OPT(EXPORT))
{
action = ACTION_PKCS11_EXPORT_URL;
}
- else if (ENABLED_OPT(WRITE))
+ else if (HAVE_OPT(WRITE))
action = ACTION_PKCS11_WRITE_URL;
- else if (ENABLED_OPT(INITIALIZE))
+ else if (HAVE_OPT(INITIALIZE))
action = ACTION_PKCS11_TOKEN_INIT;
- else if (ENABLED_OPT(DELETE))
+ else if (HAVE_OPT(DELETE))
action = ACTION_PKCS11_DELETE_URL;
- else if (ENABLED_OPT(GENERATE_ECC))
+ else if (HAVE_OPT(GENERATE_ECC))
{
key_type = GNUTLS_PK_EC;
action = ACTION_PKCS11_GENERATE;
}
- else if (ENABLED_OPT(GENERATE_RSA))
+ else if (HAVE_OPT(GENERATE_RSA))
{
key_type = GNUTLS_PK_RSA;
action = ACTION_PKCS11_GENERATE;
}
- else if (ENABLED_OPT(GENERATE_DSA))
+ else if (HAVE_OPT(GENERATE_DSA))
{
key_type = GNUTLS_PK_DSA;
action = ACTION_PKCS11_GENERATE;
if (ENABLED_OPT(LOGIN))
login = 1;
- if (ENABLED_OPT(URL))
+ if (HAVE_OPT(URL))
{
url = OPT_ARG(URL);
}
- if (ENABLED_OPT(LABEL))
+ if (HAVE_OPT(LABEL))
{
label = OPT_ARG(LABEL);
}
- if (ENABLED_OPT(BITS))
+ if (HAVE_OPT(BITS))
{
bits = OPT_VALUE_BITS;
}
- if (ENABLED_OPT(SEC_PARAM))
+ if (HAVE_OPT(SEC_PARAM))
{
sec_param = OPT_ARG(SEC_PARAM);
}
short-usage = "psktool [options]\npsktool --help for usage instructions.\n";
prog-group = "GnuTLS";
gnu-usage;
+no-xlate = opt;
no-misuse-usage;
disable-save;
long-opts;
prog-group = "GnuTLS";
detail = "Server program that listens to incoming TLS connections.";
gnu-usage;
+no-xlate = opt;
no-misuse-usage;
disable-save;
long-opts;
flag = {
name = list;
value = l;
- arg-type = string;
descrip = "Print a list of the supported algorithms and modes";
doc = "Print a list of the supported algorithms and modes. If a priority string is given then only the enabled ciphersuites are shown.";
};
const char *x509_cafile = NULL;
const char *dh_params_file = NULL;
const char *x509_crlfile = NULL;
+const char * priorities = NULL;
gnutls_datum_t session_ticket_key;
static void tcp_server(const char* name, int port);
{
gnutls_session_t session;
const char *err;
- const char * priorities;
- if (HAVE_OPT(PRIORITY)) {
- priorities = OPT_ARG(PRIORITY);
- } else {
+ if (priorities == NULL)
priorities = "NORMAL";
- }
if (dtls)
gnutls_init (&session, GNUTLS_SERVER|GNUTLS_DATAGRAM);
if (nodb == 0)
wrap_db_init ();
- if (ENABLED_OPT(UDP))
+ if (HAVE_OPT(UDP))
strcpy(name, "UDP ");
else name[0] = 0;
}
}
- if (ENABLED_OPT(PGPCERTFILE))
+ if (HAVE_OPT(PGPCERTFILE))
{
- if (ENABLED_OPT(PGPSUBKEY))
+ if (HAVE_OPT(PGPSUBKEY))
ret = gnutls_certificate_set_openpgp_key_file2
(cert_cred, pgp_certfile, pgp_keyfile, OPT_ARG(PGPSUBKEY),
GNUTLS_OPENPGP_FMT_BASE64);
GERR (ret);
}
- if (ENABLED_OPT(PSKHINT))
+ if (HAVE_OPT(PSKHINT))
{
ret = gnutls_psk_set_server_credentials_hint (psk_cred,
OPT_ARG(PSKHINT));
gnutls_session_ticket_key_generate (&session_ticket_key);
#endif
- if (ENABLED_OPT(MTU))
+ if (HAVE_OPT(MTU))
mtu = OPT_VALUE_MTU;
else mtu = 1300;
- if (ENABLED_OPT(PORT))
+ if (HAVE_OPT(PORT))
port = OPT_VALUE_PORT;
else
port = 5556;
- if (ENABLED_OPT(UDP))
+ if (HAVE_OPT(UDP))
udp_server(name, port, mtu);
else
tcp_server(name, port);
{
optionProcess( &gnutls_servOptions, argc, argv);
- disable_client_cert = ENABLED_OPT(DISABLE_CLIENT_CERT);
- require_cert = ENABLED_OPT(REQUIRE_CLIENT_CERT);
- if (ENABLED_OPT(DEBUG))
+ disable_client_cert = HAVE_OPT(DISABLE_CLIENT_CERT);
+ require_cert = HAVE_OPT(REQUIRE_CLIENT_CERT);
+ if (HAVE_OPT(DEBUG))
debug = OPT_VALUE_DEBUG;
- if (ENABLED_OPT(QUIET))
+ if (HAVE_OPT(QUIET))
verbose = 0;
- nodb = ENABLED_OPT(NODB);
- noticket = ENABLED_OPT(NOTICKET);
+ if (HAVE_OPT(PRIORITY))
+ priorities = OPT_ARG(PRIORITY);
+
+ if (HAVE_OPT(LIST))
+ {
+ print_list(priorities, verbose);
+ exit(0);
+ }
+
+ nodb = HAVE_OPT(NODB);
+ noticket = HAVE_OPT(NOTICKET);
- if (ENABLED_OPT(ECHO))
+ if (HAVE_OPT(ECHO))
http = 0;
else http = 1;
- if (ENABLED_OPT(X509FMTDER))
+ if (HAVE_OPT(X509FMTDER))
x509ctype = GNUTLS_X509_FMT_DER;
else
x509ctype = GNUTLS_X509_FMT_PEM;
- generate = ENABLED_OPT(GENERATE);
+ generate = HAVE_OPT(GENERATE);
- if (ENABLED_OPT(DHPARAMS))
+ if (HAVE_OPT(DHPARAMS))
dh_params_file = OPT_ARG(DHPARAMS);
- if (ENABLED_OPT(X509KEYFILE))
+ if (HAVE_OPT(X509KEYFILE))
x509_keyfile = OPT_ARG(X509KEYFILE);
- if (ENABLED_OPT(X509CERTFILE))
+ if (HAVE_OPT(X509CERTFILE))
x509_certfile = OPT_ARG(X509CERTFILE);
- if (ENABLED_OPT(X509DSAKEYFILE))
+ if (HAVE_OPT(X509DSAKEYFILE))
x509_dsakeyfile = OPT_ARG(X509DSAKEYFILE);
- if (ENABLED_OPT(X509DSACERTFILE))
+ if (HAVE_OPT(X509DSACERTFILE))
x509_dsacertfile = OPT_ARG(X509DSACERTFILE);
- if (ENABLED_OPT(X509ECCKEYFILE))
+ if (HAVE_OPT(X509ECCKEYFILE))
x509_ecckeyfile = OPT_ARG(X509ECCKEYFILE);
- if (ENABLED_OPT(X509CERTFILE))
+ if (HAVE_OPT(X509CERTFILE))
x509_ecccertfile = OPT_ARG(X509ECCCERTFILE);
- if (ENABLED_OPT(X509CAFILE))
+ if (HAVE_OPT(X509CAFILE))
x509_cafile = OPT_ARG(X509CAFILE);
- if (ENABLED_OPT(X509CRLFILE))
+ if (HAVE_OPT(X509CRLFILE))
x509_crlfile = OPT_ARG(X509CRLFILE);
- if (ENABLED_OPT(PGPKEYFILE))
+ if (HAVE_OPT(PGPKEYFILE))
pgp_keyfile = OPT_ARG(PGPKEYFILE);
- if (ENABLED_OPT(PGPCERTFILE))
+ if (HAVE_OPT(PGPCERTFILE))
pgp_certfile = OPT_ARG(PGPCERTFILE);
- if (ENABLED_OPT(PGPKEYRING))
+ if (HAVE_OPT(PGPKEYRING))
pgp_keyring = OPT_ARG(PGPKEYRING);
- if (ENABLED_OPT(SRPPASSWD))
+ if (HAVE_OPT(SRPPASSWD))
srp_passwd = OPT_ARG(SRPPASSWD);
- if (ENABLED_OPT(SRPPASSWDCONF))
+ if (HAVE_OPT(SRPPASSWDCONF))
srp_passwd_conf = OPT_ARG(SRPPASSWDCONF);
- if (ENABLED_OPT(PSKPASSWD))
+ if (HAVE_OPT(PSKPASSWD))
psk_passwd = OPT_ARG(PSKPASSWD);
}
short-usage = "srptool [options]\nsrptool --help for usage instructions.\n";
prog-group = "GnuTLS";
+no-xlate = opt;
gnu-usage;
no-misuse-usage;
disable-save;