From: Nikos Mavrogiannopoulos Date: Sat, 21 Jan 2012 14:20:49 +0000 (+0100) Subject: p11tool uses libopts X-Git-Tag: gnutls_3_0_13~239 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=cde338f1a6a2a23fec1553031bf35659f7ccfe4d;p=thirdparty%2Fgnutls.git p11tool uses libopts --- diff --git a/.gitignore b/.gitignore index 2736b243b0..6a979a2f28 100644 --- a/.gitignore +++ b/.gitignore @@ -575,3 +575,7 @@ src/serv-args.c src/serv-args.h src/srptool-args.c src/srptool-args.h +doc/manpages/p11tool.1 +src/p11tool-args.h +src/p11tool-args.c +src/p11tool-args.def diff --git a/configure.ac b/configure.ac index 1917e12d68..65c3ee0560 100644 --- a/configure.ac +++ b/configure.ac @@ -491,6 +491,7 @@ AC_CONFIG_FILES([ src/serv-args.def src/cli-debug-args.def src/srptool-args.def + src/p11tool-args.def src/psk-args.def src/cfg/Makefile src/cfg/platon/Makefile diff --git a/doc/manpages/Makefile.am b/doc/manpages/Makefile.am index 7ec7d0ffc1..3c6ada6206 100644 --- a/doc/manpages/Makefile.am +++ b/doc/manpages/Makefile.am @@ -38,6 +38,9 @@ gnutls-cli-debug.1: ../../src/cli-debug-args.def srptool.1: ../../src/srptool-args.def -autogen -DMAN_SECTION=1 -Tagman-cmd.tpl $< +p11tool.1: ../../src/p11tool-args.def + -autogen -DMAN_SECTION=1 -Tagman-cmd.tpl $< + psktool.1: ../../src/psk-args.def -autogen -DMAN_SECTION=1 -Tagman-cmd.tpl $< diff --git a/doc/manpages/p11tool.1 b/doc/manpages/p11tool.1 deleted file mode 100644 index 798a47b472..0000000000 --- a/doc/manpages/p11tool.1 +++ /dev/null @@ -1,100 +0,0 @@ -.TH p11tool 1 "November 11th 2010" -.SH NAME -p11tool \- Manipulate PKCS #11 tokens. -.SH SYNOPSIS -p11tool [\fIoptions\fR] -.SH DESCRIPTION -Export/import data from PKCS #11 tokens. To use PKCS #11 tokens with -gnutls the configuration file /etc/gnutls/pkcs11.conf has to exist and -contain a number of lines of the form "load=/usr/lib/opensc-pkcs11.so". -.SH OPTIONS -.SS Program control options -.IP "\-d, \-\-debug LEVEL" -Specify the debug level. Default is 1. -.IP "\-h, \-\-help" -Shows this help text - -.SS Generic options -.IP "\-\-login" -Force login to the token for the intended operation. -.IP "\-\-provider MODULE" -In addition to /etc/gnutls/pkcs11.conf, load the specified module. -.IP "\-\-outfile FILE" -Print output to FILE. -.IP "\-\-inder, \-\-inraw" -Input is DER formatted. - -.SS Getting information on available X.509 certificates -.IP "\-\-list\-tokens" -Prints all available tokens. -.IP "\-\-initialize URL" -Initializes (formats) the specified by the URL token. Note that -several tokens do not support this fascility. - -.SS Getting information on available X.509 certificates -.IP "\-\-list\-all\-certs" -Prints all available certificates. -.IP "\-\-list\-certs" -Prints all certificates that have a corresponding private key stored in the token. -.IP "\-\-list\-trusted" -Prints all certificates that have been marked as trusted. - -.SS Getting information on private keys -.IP "\-\-list\-privkeys" -Prints all available private keys. - -.SS Handling generic objects -.IP "\-\-export URL" -Exports the object (e.g. certificate) specified by the URL. -.IP "\-\-delete URL" -Deletes the object specified by the URL. Note that several tokens do not -support deletion. -.IP "\-\-detailed\-url" -When printing URLs print them in a detailed (to the PKCS #11 module used) -form. -.IP "\-\-no\-detailed\-url" -When printing URLs, do not print details on the module used. - -.SS Storing objects -.IP "\-\-write URL" -Flag to set when writing an object. Requires one of \-\-load\-privkey, \-\-load\-pubkey, -\-\-load\-certificate or \-\-secret\-key options. -.IP "\-\-load\-privkey" -Load a private key for the write operations. -.IP "\-\-load\-pubkey" -Load an X.509 subjectPublicKey for the write operation. -.IP "\-\-load\-certificate" -Load an X.509 certificate for the write operation. -.IP "\-\-secret\-key" -Specify a hex encoded secret key for the write operation. -.IP "\-\-trusted" -The object stored will be marked as trusted. -.IP "\-\-label" -The label of the object stored. - -.SS Controlling output -.IP "\-8, \-\-pkcs8" -Use PKCS #8 format for private keys. - -.SH EXAMPLES -To store a private key and certificate, run: - -.RS -.nf -$ p11tool \-\-login \-\-write "pkcs11:XXX" \-\-load\-privkey key.pem \-\-label "MyKey" -$ p11tool \-\-login \-\-write "pkcs11:XXX" \-\-load\-certificate cert.pem \-\-label "MyCert" -.fi -.RE - -To view all objects in a token, use: - -.RS -.nf -$ p11tool \-\-login \-\-list\-all -.fi -.RE - -.SH AUTHOR -.PP -Nikos Mavrogiannopoulos and others; see -/usr/share/doc/gnutls\-bin/AUTHORS for a complete list. diff --git a/src/Makefile.am b/src/Makefile.am index 739869afeb..7586d11472 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -61,7 +61,7 @@ gnutls_serv_SOURCES = \ $(PKCS11_SRCS) gnutls_serv_LDADD = ../lib/libgnutls.la gnutls_serv_LDADD += libcmd-serv.la ../gl/libgnu.la $(LIBOPTS_LDADD) -gnutls_serv_LDADD += $(LTLIBGCRYPT) $(LIBSOCKET) $(GETADDRINFO_LIB) +gnutls_serv_LDADD += $(LIBSOCKET) $(GETADDRINFO_LIB) noinst_LTLIBRARIES += libcmd-serv.la libcmd_serv_la_CFLAGS = libcmd_serv_la_SOURCES = serv-args.def serv-args.c serv-args.h @@ -93,7 +93,7 @@ BENCHMARK_SRCS = benchmark-cipher.c benchmark.c benchmark.h benchmark-tls.c gnutls_cli_SOURCES = cli.c common.h common.c $(PKCS11_SRCS) $(BENCHMARK_SRCS) gnutls_cli_LDADD = ../lib/libgnutls.la gnutls_cli_LDADD += libcmd-cli.la ../gl/libgnu.la $(LIBOPTS_LDADD) -gnutls_cli_LDADD += $(LTLIBGCRYPT) $(LIBSOCKET) $(GETADDRINFO_LIB) $(LIB_CLOCK_GETTIME) +gnutls_cli_LDADD += $(LIBSOCKET) $(GETADDRINFO_LIB) $(LIB_CLOCK_GETTIME) noinst_LTLIBRARIES += libcmd-cli.la libcmd_cli_la_CFLAGS = libcmd_cli_la_SOURCES = cli-args.def cli-args.c cli-args.h @@ -110,7 +110,6 @@ libcmd_cli_debug_la_SOURCES = cli-debug-args.def cli-debug-args.c cli-debug-args certtool_SOURCES = certtool.c dh.c certtool-common.c $(PKCS11_SRCS) certtool_LDADD = ../lib/libgnutls.la certtool_LDADD += libcmd-certtool.la ../gl/libgnu.la -certtool_LDADD += $(LTLIBGCRYPT) if HAVE_LIBCFG certtool_LDADD += -lcfg+ else @@ -134,10 +133,9 @@ libcmd_certtool_la_LIBADD += ../gl/libgnu.la $(INET_PTON_LIB) if ENABLE_PKCS11 p11tool_gaa_CFLAGS = -p11tool_SOURCES = p11tool.gaa p11tool.c pkcs11.c certtool-common.c p11tool.h $(PKCS11_SRCS) -p11tool_LDADD = ../lib/libgnutls.la +p11tool_SOURCES = p11tool-args.def p11tool.c pkcs11.c certtool-common.c p11tool.h $(PKCS11_SRCS) +p11tool_LDADD = ../lib/libgnutls.la $(LIBOPTS_LDADD) p11tool_LDADD += libcmd-p11tool.la ../gl/libgnu.la -p11tool_LDADD += $(LTLIBGCRYPT) if HAVE_LIBCFG p11tool_LDADD += -lcfg+ @@ -147,7 +145,7 @@ endif noinst_LTLIBRARIES += libcmd-p11tool.la libcmd_p11tool_la_CFLAGS = -libcmd_p11tool_la_SOURCES = p11tool-gaa.c p11tool.gaa p11tool-gaa.h \ +libcmd_p11tool_la_SOURCES = p11tool-args.def p11tool-args.c p11tool-args.h \ certtool-cfg.h certtool-cfg.c libcmd_p11tool_la_LIBADD = ../gl/libgnu.la $(LTLIBREADLINE) libcmd_p11tool_la_LIBADD += ../lib/libgnutls.la @@ -175,3 +173,5 @@ serv-args.c: $(srcdir)/serv-args.def -autogen $< srptool-args.c: $(srcdir)/srptool-args.def -autogen $< +p11tool-args.c: $(srcdir)/p11tool-args.def + -autogen $< diff --git a/src/cli-args.def.in b/src/cli-args.def.in index dfdbcdc8a8..d8cd0aca37 100644 --- a/src/cli-args.def.in +++ b/src/cli-args.def.in @@ -18,7 +18,7 @@ export = '#include '; copyright = { date = "2000-2012"; owner = "Free Software Foundation"; - author = "Nikos Mavrogiannopoulos and Simon Josefsson"; + author = "Nikos Mavrogiannopoulos, Simon Josefsson and others; see /usr/share/doc/gnutls-bin/AUTHORS for a complete list."; eaddr = "bug-gnutls@gnu.org"; type = gpl; }; diff --git a/src/cli-debug-args.def.in b/src/cli-debug-args.def.in index 1cae337ba5..745044f202 100644 --- a/src/cli-debug-args.def.in +++ b/src/cli-debug-args.def.in @@ -19,7 +19,7 @@ export = '#include '; copyright = { date = "2000-2012"; owner = "Free Software Foundation"; - author = "Nikos Mavrogiannopoulos and Simon Josefsson"; + author = "Nikos Mavrogiannopoulos, Simon Josefsson and others; see /usr/share/doc/gnutls-bin/AUTHORS for a complete list."; eaddr = "bug-gnutls@gnu.org"; type = gpl; }; diff --git a/src/p11tool-args.def.in b/src/p11tool-args.def.in new file mode 100644 index 0000000000..2bfda10aa7 --- /dev/null +++ b/src/p11tool-args.def.in @@ -0,0 +1,290 @@ +AutoGen Definitions options; +prog-name = p11tool; +prog-title = "GnuTLS PKCS #11 tool"; +prog-desc = "Program to handle PKCS #11 smart cards and security modules.\n"; +detail = "Program that allows handling data from PKCS #11 smart cards +and security modules. + +To use PKCS #11 tokens with gnutls the configuration file +/etc/gnutls/pkcs11.conf has to exist and contain a number of lines of the form 'load=/usr/lib/opensc-pkcs11.so'. +"; + +short-usage = "p11tool [options]\np11tool --help for usage instructions.\n"; +prog-group = "GnuTLS"; +gnu-usage; +no-misuse-usage; +disable-save; +long-opts; +config-header = 'config.h'; +export = '#include '; + +copyright = { + date = "2000-2012"; + owner = "Free Software Foundation"; + author = "Nikos Mavrogiannopoulos, Simon Josefsson and others; see /usr/share/doc/gnutls-bin/AUTHORS for a complete list."; + eaddr = "bug-gnutls@gnu.org"; + type = gpl; +}; +version = "@VERSION@"; + +flag = { + name = debug; + value = d; + arg-type = number; + arg-range = "0 -> 9999"; + descrip = "Enable debugging."; + doc = "Specifies the debug level."; +}; + +flag = { + name = list-tokens; + descrip = "List all available tokens"; + doc = ""; +}; + +flag = { + name = export; + flags-must= url; + descrip = "Export the object specified by the URL"; + doc = ""; +}; + +flag = { + name = url; + arg-type = string; + arg-name = "PKCS #11 URL"; + descrip = "Specify the PKCS #11 URL for the operation"; + doc = ""; +}; + +flag = { + name = list-mechanisms; + flags-must= url; + descrip = "List all available mechanisms in a token"; + doc = ""; +}; + +flag = { + name = list-all; + flags-must= url; + descrip = "List all available objects in a token"; + doc = ""; +}; + +flag = { + name = list-all-certs; + flags-must= url; + descrip = "List all available certificates in a token"; + doc = ""; +}; + +flag = { + name = list-certs; + flags-must= url; + descrip = "List all certificates that are associated with a private key present in the token"; + doc = ""; +}; + +flag = { + name = list-all-privkeys; + flags-must= url; + descrip = "List all available private keys in a token"; + doc = ""; +}; + +flag = { + name = list-all-trusted; + flags-must= url; + descrip = "List all available certificates marked as trusted"; + doc = ""; +}; + +flag = { + name = initialize; + flags-must= url; + descrip = "Initializes a PKCS #11 token"; + doc = ""; +}; + +flag = { + name = write; + flags-must= url; + descrip = "Writes the loaded objects to a PKCS #11 token"; + doc = "It can be used to write private keys, certificates or secret keys to a token."; +}; + +flag = { + name = delete; + flags-must= url; + descrip = "Deletes the objects matching the PKCS #11 URL"; + doc = ""; +}; + +flag = { + name = generate-rsa; + flags-must= url; + descrip = "Generates an RSA private-public key pair on the specified token"; + doc = ""; +}; + +flag = { + name = generate-dsa; + flags-must= url; + descrip = "Generates an RSA private-public key pair on the specified token"; + doc = ""; +}; +flag = { + name = generate-ecc; + flags-must= url; + descrip = "Generates an RSA private-public key pair on the specified token"; + doc = ""; +}; + +flag = { + name = label; + descrip = "Sets a label for the write operation"; + doc = ""; +}; + +flag = { + name = trusted; + disable = "no"; + disabled; + descrip = "Marks the object to be written as trusted"; + doc = ""; +}; + +flag = { + name = private; + disable = "no"; + enabled; + descrip = "Marks the object to be written as private"; + doc = "The written object will require a PIN to be used."; +}; + +flag = { + name = login; + descrip = "Force login to token"; + doc = ""; +}; + +flag = { + name = detailed-url; + descrip = "Print detailed URLs"; + disabled; + enable = "no"; + doc = ""; +}; + +flag = { + name = secret-key; + arg-type = string; + descrip = "Provide a hex encoded secret key"; + doc = ""; +}; + +flag = { + name = load-privkey; + arg-type = file; + file-exists = yes; + descrip = "Private key file to use"; + doc = ""; +}; + +flag = { + name = load-pubkey; + arg-type = file; + file-exists = yes; + descrip = "Public key file to use"; + doc = ""; +}; + +flag = { + name = load-certificate; + arg-type = file; + file-exists = yes; + descrip = "Certificate file to use"; + doc = ""; +}; + +flag = { + name = pkcs8; + value = 8; + descrip = "Use PKCS #8 format for private keys"; + doc = ""; +}; + +flag = { + name = bits; + arg-type = number; + descrip = "Specify the number of bits for key generate"; + doc = ""; +}; + +flag = { + name = sec-param; + arg-type = string; + arg-name = "Security parameter"; + descrip = "Specify the security level [low|legacy|normal|high|ultra]."; + doc = "This is alternative to the bits option."; +}; + + +flag = { + name = inder; + descrip = "Use DER format for input certificates and private keys"; + doc = ""; +}; + +flag = { + name = inraw; + descrip = "Use RAW/DER format for input certificates and private keys"; + doc = ""; +}; + +flag = { + name = provider; + arg-type = file; + file-exists = yes; + descrip = "Specify the PKCS #11 provider library"; + doc = "This will override the default options in /etc/gnutls/pkcs11.conf"; +}; + +flag = { + name = outfile; + arg-type = string; + descrip = "Output file"; + doc = ""; +}; + + +doc-section = { + ds-type = 'SEE ALSO'; + ds-format = 'man'; + ds-text = <<-_EOT_ + certtool (1) +_EOT_; +}; + +doc-section = { + ds-type = 'EXAMPLES'; + ds-format = 'texi'; + ds-text = <<-_EOT_ +To view all tokens in your system use: +@example +$ p11tool --list-tokens +@end example + +To store a private key and a certificate in a token run: +@example +$ p11tool --login --write --url "pkcs11:URL" --load-privkey key.pem --label "Mykey" +$ p11tool --login --write --url "pkcs11:URL" --load-certificate cert.pem --label "MyCert" +@end example + +To view all objects in a token use: +@example +$ p11tool --login --list-all --url "pkcs11:TOKEN-URL" +@end example +_EOT_; +}; + diff --git a/src/p11tool.c b/src/p11tool.c index a478bf3299..265b292ae5 100644 --- a/src/p11tool.c +++ b/src/p11tool.c @@ -46,13 +46,12 @@ #include #include -#include "p11tool-gaa.h" +#include "p11tool-args.h" #include "p11tool.h" #include "certtool-common.h" -static void gaa_parser (int argc, char **argv); +static void cmd_parser (int argc, char **argv); -static gaainfo info; static FILE *outfile; int batch = 0; @@ -67,40 +66,43 @@ int main (int argc, char **argv) { set_program_name (argv[0]); - gaa_parser (argc, argv); + cmd_parser (argc, argv); return 0; } static void -gaa_parser (int argc, char **argv) +cmd_parser (int argc, char **argv) { - int ret; + int ret, debug = 0; common_info_st cinfo; - - if (gaa (argc, argv, &info) != -1) - { - fprintf (stderr, "Try `%s --help' for more information.\n", - program_name); - exit (1); - } + unsigned int action = 1, pkcs11_type = -1, key_type = GNUTLS_PK_UNKNOWN; + const char* url = NULL; + unsigned int detailed_url = 0; + unsigned int login = 0, bits = 0; + const char* label = NULL, *sec_param = NULL; + + optionProcess( &p11toolOptions, argc, argv); + + if (ENABLED_OPT(DEBUG)) + debug = OPT_VALUE_DEBUG; gnutls_global_set_log_function (tls_log_func); - gnutls_global_set_log_level (info.debug); - if (info.debug > 1) - printf ("Setting log level to %d\n", info.debug); + gnutls_global_set_log_level (debug); + if (debug > 1) + printf ("Setting log level to %d\n", debug); if ((ret = gnutls_global_init ()) < 0) error (EXIT_FAILURE, 0, "global_init: %s", gnutls_strerror (ret)); - if (info.pkcs11_provider != NULL) + if (ENABLED_OPT(PROVIDER)) { ret = gnutls_pkcs11_init (GNUTLS_PKCS11_FLAG_MANUAL, NULL); if (ret < 0) fprintf (stderr, "pkcs11_init: %s", gnutls_strerror (ret)); else { - ret = gnutls_pkcs11_add_provider (info.pkcs11_provider, NULL); + ret = gnutls_pkcs11_add_provider (OPT_ARG(PROVIDER), NULL); if (ret < 0) error (EXIT_FAILURE, 0, "pkcs11_add_provider: %s", gnutls_strerror (ret)); @@ -113,56 +115,151 @@ gaa_parser (int argc, char **argv) fprintf (stderr, "pkcs11_init: %s", gnutls_strerror (ret)); } - if (info.outfile) + if (ENABLED_OPT(OUTFILE)) { - outfile = safe_open_rw (info.outfile, 0); + outfile = safe_open_rw (OPT_ARG(OUTFILE), 0); if (outfile == NULL) - error (EXIT_FAILURE, errno, "%s", info.outfile); + error (EXIT_FAILURE, errno, "%s", OPT_ARG(OUTFILE)); } else outfile = stdout; memset (&cinfo, 0, sizeof (cinfo)); - cinfo.secret_key = info.secret_key; - cinfo.privkey = info.privkey; - cinfo.pkcs8 = info.pkcs8; - cinfo.incert_format = info.incert_format; - cinfo.cert = info.cert; + + if (ENABLED_OPT(SECRET_KEY)) + cinfo.secret_key = OPT_ARG(SECRET_KEY); + + if (ENABLED_OPT(LOAD_PRIVKEY)) + cinfo.privkey = OPT_ARG(LOAD_PRIVKEY); + + if (ENABLED_OPT(PKCS8)) + cinfo.pkcs8 = 1; + + if (ENABLED_OPT(INDER) || ENABLED_OPT(INRAW)) + cinfo.incert_format = GNUTLS_X509_FMT_DER; + + if (ENABLED_OPT(LOAD_CERTIFICATE)) + cinfo.cert = OPT_ARG(LOAD_CERTIFICATE); + + if (ENABLED_OPT(LOAD_PUBKEY)) + cinfo.pubkey = OPT_ARG(LOAD_PUBKEY); + + if (ENABLED_OPT(LIST_TOKENS)) + action = ACTION_PKCS11_TOKENS; + else if (ENABLED_OPT(LIST_MECHANISMS)) + action = ACTION_PKCS11_MECHANISMS; + else if (ENABLED_OPT(LIST_ALL)) + { + pkcs11_type = PKCS11_TYPE_ALL; + action = ACTION_PKCS11_LIST; + } + else if (ENABLED_OPT(LIST_ALL_CERTS)) + { + pkcs11_type = PKCS11_TYPE_CRT_ALL; + action = ACTION_PKCS11_LIST; + } + else if (ENABLED_OPT(LIST_CERTS)) + { + pkcs11_type = PKCS11_TYPE_PK; + action = ACTION_PKCS11_LIST; + } + else if (ENABLED_OPT(LIST_ALL_PRIVKEYS)) + { + pkcs11_type = PKCS11_TYPE_PRIVKEY; + action = ACTION_PKCS11_LIST; + } + else if (ENABLED_OPT(LIST_ALL_TRUSTED)) + { + pkcs11_type = PKCS11_TYPE_TRUSTED; + action = ACTION_PKCS11_LIST; + } + else if (ENABLED_OPT(EXPORT)) + { + action = ACTION_PKCS11_EXPORT_URL; + } + else if (ENABLED_OPT(WRITE)) + action = ACTION_PKCS11_WRITE_URL; + else if (ENABLED_OPT(INITIALIZE)) + action = ACTION_PKCS11_TOKEN_INIT; + else if (ENABLED_OPT(DELETE)) + action = ACTION_PKCS11_DELETE_URL; + else if (ENABLED_OPT(GENERATE_ECC)) + { + key_type = GNUTLS_PK_EC; + action = ACTION_PKCS11_GENERATE; + } + else if (ENABLED_OPT(GENERATE_RSA)) + { + key_type = GNUTLS_PK_RSA; + action = ACTION_PKCS11_GENERATE; + } + else if (ENABLED_OPT(GENERATE_DSA)) + { + key_type = GNUTLS_PK_DSA; + action = ACTION_PKCS11_GENERATE; + } + else + { + USAGE(1); + } + + if (ENABLED_OPT(DETAILED_URL)) + detailed_url = 1; + + if (ENABLED_OPT(LOGIN)) + login = 1; + + if (ENABLED_OPT(URL)) + { + url = OPT_ARG(URL); + } + + if (ENABLED_OPT(LABEL)) + { + label = OPT_ARG(LABEL); + } + + if (ENABLED_OPT(BITS)) + { + bits = OPT_VALUE_BITS; + } + + if (ENABLED_OPT(SEC_PARAM)) + { + sec_param = OPT_ARG(SEC_PARAM); + } - switch (info.action) + switch (action) { case ACTION_PKCS11_LIST: - pkcs11_list (outfile, info.pkcs11_url, info.pkcs11_type, - info.pkcs11_login, info.pkcs11_detailed_url, &cinfo); + pkcs11_list (outfile, url, pkcs11_type, + login, detailed_url, &cinfo); break; case ACTION_PKCS11_TOKENS: - pkcs11_token_list (outfile, info.pkcs11_detailed_url, &cinfo); + pkcs11_token_list (outfile, detailed_url, &cinfo); break; case ACTION_PKCS11_MECHANISMS: - pkcs11_mechanism_list (outfile, info.pkcs11_url, info.pkcs11_login, + pkcs11_mechanism_list (outfile, url, login, &cinfo); break; case ACTION_PKCS11_EXPORT_URL: - pkcs11_export (outfile, info.pkcs11_url, info.pkcs11_login, &cinfo); + pkcs11_export (outfile, url, login, &cinfo); break; case ACTION_PKCS11_WRITE_URL: - pkcs11_write (outfile, info.pkcs11_url, info.pkcs11_label, - info.pkcs11_trusted, info.pkcs11_private, info.pkcs11_login, &cinfo); + pkcs11_write (outfile, url, label, + ENABLED_OPT(TRUSTED), ENABLED_OPT(PRIVATE), login, &cinfo); break; case ACTION_PKCS11_TOKEN_INIT: - pkcs11_init (outfile, info.pkcs11_url, info.pkcs11_label, &cinfo); + pkcs11_init (outfile, url, label, &cinfo); break; case ACTION_PKCS11_DELETE_URL: - pkcs11_delete (outfile, info.pkcs11_url, 0, info.pkcs11_login, &cinfo); + pkcs11_delete (outfile, url, 0, login, &cinfo); break; case ACTION_PKCS11_GENERATE: - pkcs11_generate (outfile, info.pkcs11_url, info.key_type, get_bits(info.key_type, info.bits, info.sec_param), - info.pkcs11_label, info.pkcs11_private, info.pkcs11_detailed_url, info.pkcs11_login, + pkcs11_generate (outfile, url, key_type, get_bits(key_type, bits, sec_param), + label, ENABLED_OPT(PRIVATE), detailed_url, login, &cinfo); break; - default: - gaa_help (); - exit (0); } fclose (outfile); diff --git a/src/psk-args.def.in b/src/psk-args.def.in index 01130e8443..a3921d2b6e 100644 --- a/src/psk-args.def.in +++ b/src/psk-args.def.in @@ -8,9 +8,7 @@ short-usage = "psktool [options]\npsktool --help for usage instructions.\n"; prog-group = "GnuTLS"; gnu-usage; no-misuse-usage; -reorder-args; disable-save; -argument; long-opts; config-header = 'config.h'; export = '#include '; @@ -18,7 +16,7 @@ export = '#include '; copyright = { date = "2000-2012"; owner = "Free Software Foundation"; - author = "Nikos Mavrogiannopoulos and Simon Josefsson"; + author = "Nikos Mavrogiannopoulos, Simon Josefsson and others; see /usr/share/doc/gnutls-bin/AUTHORS for a complete list."; eaddr = "bug-gnutls@gnu.org"; type = gpl; }; diff --git a/src/serv-args.def.in b/src/serv-args.def.in index 4b4dee2f12..711614f9c3 100644 --- a/src/serv-args.def.in +++ b/src/serv-args.def.in @@ -15,7 +15,7 @@ export = '#include '; copyright = { date = "2000-2012"; owner = "Free Software Foundation"; - author = "Nikos Mavrogiannopoulos and Simon Josefsson"; + author = "Nikos Mavrogiannopoulos, Simon Josefsson and others; see /usr/share/doc/gnutls-bin/AUTHORS for a complete list."; eaddr = "bug-gnutls@gnu.org"; type = gpl; }; diff --git a/src/srptool-args.def.in b/src/srptool-args.def.in index 0fb80afdcf..f355e373cd 100644 --- a/src/srptool-args.def.in +++ b/src/srptool-args.def.in @@ -14,9 +14,7 @@ short-usage = "srptool [options]\nsrptool --help for usage instructions.\n"; prog-group = "GnuTLS"; gnu-usage; no-misuse-usage; -reorder-args; disable-save; -argument; long-opts; config-header = 'config.h'; export = '#include '; @@ -24,7 +22,7 @@ export = '#include '; copyright = { date = "2000-2012"; owner = "Free Software Foundation"; - author = "Nikos Mavrogiannopoulos and Simon Josefsson"; + author = "Nikos Mavrogiannopoulos, Simon Josefsson and others; see /usr/share/doc/gnutls-bin/AUTHORS for a complete list."; eaddr = "bug-gnutls@gnu.org"; type = gpl; }; @@ -114,7 +112,7 @@ This command will create @file{/etc/tpasswd} and will add user 'test' (you will also be prompted for a password). Verifiers are stored by default in the way libsrp expects. @example -srptool --passwd /etc/tpasswd --passwd-conf /etc/tpasswd.conf -u test +$ srptool --passwd /etc/tpasswd --passwd-conf /etc/tpasswd.conf -u test @end example