[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, master, updated. gnutls-3_0_12-17-gd2ae1e9
|
From: |
Nikos Mavrogiannopoulos |
|
Subject: |
[SCM] GNU gnutls branch, master, updated. gnutls-3_0_12-17-gd2ae1e9 |
|
Date: |
Sat, 21 Jan 2012 00:56:32 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=d2ae1e99a616b60453044055d0bb68bc0a2d2a49
The branch, master has been updated
via d2ae1e99a616b60453044055d0bb68bc0a2d2a49 (commit)
via 206be50979eeb8a3e3bcfd1ce3d82b6291e90df0 (commit)
via d00e8e431d59556d46c43acb2d43957d67033b4a (commit)
from 114bde1caead7642a7a9ff8b59dfd3ef4fe668eb (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit d2ae1e99a616b60453044055d0bb68bc0a2d2a49
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Sat Jan 21 02:00:42 2012 +0100
updates.
commit 206be50979eeb8a3e3bcfd1ce3d82b6291e90df0
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Sat Jan 21 02:00:39 2012 +0100
gnutls-serv uses libopts.
commit d00e8e431d59556d46c43acb2d43957d67033b4a
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Sat Jan 21 01:21:40 2012 +0100
sign fixes.
-----------------------------------------------------------------------
Summary of changes:
.gitignore | 1 +
configure.ac | 1 +
doc/examples/ex-ocsp-client.c | 4 +-
doc/examples/ex-ocsp-verify.c | 4 +-
doc/manpages/Makefile.am | 3 +
doc/manpages/gnutls-cli-debug.1 | 4 +-
doc/manpages/gnutls-serv.1 | 304 ++++++++-----
doc/manpages/psktool.1 | 14 +-
doc/manpages/srptool.1 | 4 +-
lib/x509/ocsp.c | 20 +-
lib/x509/ocsp_output.c | 8 +-
src/Makefile.am | 8 +-
src/cli-args.c | 6 +-
src/cli-args.h | 6 +-
src/ocsptool.c | 22 +-
src/{cli-args.c => serv-args.c} | 766 ++++++++++++++++-------------
src/{cli-args.def.in => serv-args.def.in} | 156 +++---
src/{cli-args.h => serv-args.h} | 194 ++++----
src/serv.c | 179 ++++---
src/srptool-args.c | 6 +-
src/srptool-args.h | 6 +-
21 files changed, 964 insertions(+), 752 deletions(-)
copy src/{cli-args.c => serv-args.c} (65%)
copy src/{cli-args.def.in => serv-args.def.in} (62%)
copy src/{cli-args.h => serv-args.h} (52%)
diff --git a/.gitignore b/.gitignore
index 5850f88..a80e064 100644
--- a/.gitignore
+++ b/.gitignore
@@ -564,3 +564,4 @@ doc/examples/ex-client-x509
doc/examples/ex-serv-x509
tests/slow/cipher-test
libopts/libopts.la
+src/serv-args.def
diff --git a/configure.ac b/configure.ac
index 8fb9d2b..c0a4a0f 100644
--- a/configure.ac
+++ b/configure.ac
@@ -488,6 +488,7 @@ AC_CONFIG_FILES([
po/Makefile.in
src/Makefile
src/cli-args.def
+ src/serv-args.def
src/cli-debug-args.def
src/srptool-args.def
src/psk-args.def
diff --git a/doc/examples/ex-ocsp-client.c b/doc/examples/ex-ocsp-client.c
index 79088de..6d8f080 100644
--- a/doc/examples/ex-ocsp-client.c
+++ b/doc/examples/ex-ocsp-client.c
@@ -40,7 +40,7 @@ main (int argc, char *argv[])
if (rc < 0)
goto done;
- certdata.data = read_binary_file (argv[1], &s);
+ certdata.data = (void*)read_binary_file (argv[1], &s);
if (certdata.data == NULL)
{
printf ("cannot read certificate\n");
@@ -113,7 +113,7 @@ main (int argc, char *argv[])
if (rc < 0)
goto done;
- issuerdata.data = read_binary_file (argv[2], &s);
+ issuerdata.data = (void*)read_binary_file (argv[2], &s);
if (issuerdata.data == NULL)
{
printf ("cannot read issuer\n");
diff --git a/doc/examples/ex-ocsp-verify.c b/doc/examples/ex-ocsp-verify.c
index 37a2122..b023ac3 100644
--- a/doc/examples/ex-ocsp-verify.c
+++ b/doc/examples/ex-ocsp-verify.c
@@ -41,7 +41,7 @@ main (int argc, char *argv[])
if (rc < 0)
goto done;
- tmp.data = read_binary_file (argv[1], &s);
+ tmp.data = (void*)read_binary_file (argv[1], &s);
if (tmp.data == NULL)
{
printf ("cannot read OCSP response\n");
@@ -74,7 +74,7 @@ main (int argc, char *argv[])
if (rc < 0)
goto done;
- tmp.data = read_binary_file (argv[2], &s);
+ tmp.data = (void*)read_binary_file (argv[2], &s);
if (tmp.data == NULL)
{
printf ("cannot read OCSP response\n");
diff --git a/doc/manpages/Makefile.am b/doc/manpages/Makefile.am
index 338fcda..7ec7d0f 100644
--- a/doc/manpages/Makefile.am
+++ b/doc/manpages/Makefile.am
@@ -29,6 +29,9 @@ endif
gnutls-cli.1: ../../src/cli-args.def
-autogen -DMAN_SECTION=1 -Tagman-cmd.tpl $<
+gnutls-serv.1: ../../src/serv-args.def
+ -autogen -DMAN_SECTION=1 -Tagman-cmd.tpl $<
+
gnutls-cli-debug.1: ../../src/cli-debug-args.def
-autogen -DMAN_SECTION=1 -Tagman-cmd.tpl $<
diff --git a/doc/manpages/gnutls-cli-debug.1 b/doc/manpages/gnutls-cli-debug.1
index 51370f6..95ab9f3 100644
--- a/doc/manpages/gnutls-cli-debug.1
+++ b/doc/manpages/gnutls-cli-debug.1
@@ -1,8 +1,8 @@
-.TH gnutls-cli-debug 1 "19 Jan 2012" "3.0.11" "User Commands"
+.TH gnutls-cli-debug 1 "21 Jan 2012" "3.0.12" "User Commands"
.\"
.\" DO NOT EDIT THIS FILE (cli-debug-args.man)
.\"
-.\" It has been AutoGen-ed January 19, 2012 at 09:40:47 PM by AutoGen 5.12
+.\" It has been AutoGen-ed January 21, 2012 at 02:00:25 AM by AutoGen 5.12
.\" From the definitions ../../src/cli-debug-args.def
.\" and the template file agman-cmd.tpl
.\"
diff --git a/doc/manpages/gnutls-serv.1 b/doc/manpages/gnutls-serv.1
index 407475d..fda8e23 100644
--- a/doc/manpages/gnutls-serv.1
+++ b/doc/manpages/gnutls-serv.1
@@ -1,119 +1,201 @@
-.TH gnutls\-serv 1 "December 1st 2003"
+.TH gnutls-serv 1 "21 Jan 2012" "3.0.12" "User Commands"
+.\"
+.\" DO NOT EDIT THIS FILE (serv-args.man)
+.\"
+.\" It has been AutoGen-ed January 21, 2012 at 01:58:11 AM by AutoGen 5.12
+.\" From the definitions ../../src/serv-args.def
+.\" and the template file agman-cmd.tpl
+.\"
.SH NAME
-gnutls\-serv \- GnuTLS test server
+gnutls-serv \- GnuTLS server
.SH SYNOPSIS
-gnutls\-serv [\fIoptions\fR]
-.SH DESCRIPTION
-Simple server program that listens to incoming TLS connections.
-.SH OPTIONS
-.SS Program control options
-.IP "\-d, \-\-debug LEVEL"
-Specify the debug level. Default is 1.
-.IP "\-h, \-\-help"
-prints this help
-.IP "\-l, \-\-list"
-Print a list of the supported algorithms and modes.
-.IP "\-q, \-\-quiet"
+.B gnutls-serv
+.\" Mixture of short (flag) options and long options
+.RB [ \-\fIflag\fP " [\fIvalue\fP]]... [" \-\-\fIopt\-name\fP " [[=|
]\fIvalue\fP]]..."
+.PP
+Operands and options may be intermixed. They will be reordered.
+.SH "DESCRIPTION"
+Server program that listens to incoming TLS connections.
+.SH "OPTIONS"
+.TP
+.BR \-d " \fInumber\fP, " \-\-debug "=" \fInumber\fP
+Enable debugging.
+This option takes an integer number as its argument.
+The value of \fInumber\fP is constrained to being:
+.in +4
+.nf
+.na
+in the range 0 through 9999
+.fi
+.in -4
+.sp
+.TP
+.BR \-\-noticket
+Don't accept session tickets.
+.sp
+.TP
+.BR \-g ", " -\-generate
+Generate Diffie-Hellman and RSA-export parameters.
+.sp
+.TP
+.BR \-q ", " -\-quiet
Suppress some messages.
-.IP "\-v, \-\-version"
-prints the program's version number
-
-.SS Server options
-.IP "\-p, \-\-port \fIinteger\fR"
-The port to listen on.
-.IP "\-\-nodb"
-Does not use the resume database.
-.IP "\-\-http"
-Act as an HTTP Server.
-.IP "\-\-echo"
-Act as an Echo Server.
-
-.SS TLS/SSL control options
-.IP "\-\-priority \fIPRIORITY STRING\fR"
-TLS algorithms and protocols to enable.
-You can use predefined sets of ciphersuites such as:
-.IP
-.B "PERFORMANCE"
-all the "secure" ciphersuites are enabled, limited to 128 bit
-ciphers and sorted by terms of speed performance.
-.IP
-.B "NORMAL"
-option enables all "secure" ciphersuites. The 256-bit ciphers
-are included as a fallback only. The ciphers are sorted by security
-margin.
-.IP
-.B "SECURE128"
-flag enables all "secure" ciphersuites with ciphers up to
-128 bits, sorted by security margin.
-.IP
-.B "SECURE256"
-flag enables all "secure" ciphersuites including the 256 bit
-ciphers, sorted by security margin.
-.IP
-.B "EXPORT"
-all the ciphersuites are enabled, including the
-low-security 40 bit ciphers.
-.IP
-.B "NONE"
-nothing is enabled. This disables even protocols and
-compression methods.
-.IP
-.IP
-Check the GnuTLS manual on section "Priority strings" for
-more information on allowed keywords.
-.IP
-.B Examples:
-.IP
-"NORMAL"
-.IP
-"NONE:+VERS-TLS-ALL:+MAC-ALL:+RSA:+AES-128-CBC:+SIGN-ALL:+COMP-NULL"
-.IP
-"NORMAL:-ARCFOUR-128" means normal ciphers except for ARCFOUR-128.
-.IP
-"SECURE:-VERS-SSL3.0:+COMP-DEFLATE" means that only secure ciphers are
-enabled, SSL3.0 is disabled, and libz compression enabled.
-.IP
- "NONE:+VERS-TLS-ALL:+AES-128-CBC:+RSA:+SHA1:+COMP-NULL:+SIGN-RSA-SHA1"
-.IP
-"NORMAL:%COMPAT" is the most compatible mode
-
-.IP "\-g, \-\-generate"
-Generate Diffie-Hellman Parameters.
-.IP "\-\-kx \fIkx1 kx2...\fR"
-Key exchange methods to enable (use \fBgnutls\-cli \-\-list\fR to show
-the supported key exchange methods).
-.IP "\-p, \-\-port \fIinteger\fR"
-The port to connect to.
-
-.SS Certificate options
-.IP "\-\-pgpcertfile \fIFILE\fR"
-PGP Public Key (certificate) file to use.
-.IP "\-\-pgpkeyfile \fIFILE\fR"
+.sp
+.TP
+.BR \-\-nodb
+Do not use a resumption database.
+.sp
+.TP
+.BR \-\-http
+Act as an HTTP server.
+.sp
+.TP
+.BR \-\-echo
+Act as an Echo server.
+.sp
+.TP
+.BR \-u ", " -\-udp
+Use DTLS (datagram TLS) over UDP.
+.sp
+.TP
+.BR \-\-mtu "=\fInumber\fP"
+Set MTU for datagram TLS.
+This option takes an integer number as its argument.
+The value of \fInumber\fP is constrained to being:
+.in +4
+.nf
+.na
+in the range 0 through 17000
+.fi
+.in -4
+.sp
+.TP
+.BR \-a ", " -\-disable\-client\-cert
+Do not request a client certificate.
+.sp
+.TP
+.BR \-r ", " -\-require\-client\-cert
+Require a client certificate.
+.sp
+.TP
+.BR \-\-x509fmtder
+Use DER format for certificates to read from.
+.sp
+.TP
+.BR \-\-priority "=\fIstring\fP"
+Priorities string.
+.sp
+TLS algorithms and protocols to enable. You can
+use predefined sets of ciphersuites such as PERFORMANCE,
+NORMAL, SECURE128, SECURE256.
+Check the GnuTLS manual on section ``Priority strings'' for more
+information on allowed keywords
+.TP
+.BR \-\-dhparams "=\fIfile\fP"
+DH params file to use.
+.sp
+.TP
+.BR \-\-x509cafile "=\fIfile\fP"
+Certificate file or PKCS #11 URL to use.
+.sp
+.TP
+.BR \-\-x509crlfile "=\fIfile\fP"
+CRL file to use.
+.sp
+.TP
+.BR \-\-pgpkeyfile "=\fIfile\fP"
PGP Key file to use.
-.IP "\-\-pgpkeyring \fIFILE\fR"
+.sp
+.TP
+.BR \-\-pgpkeyring "=\fIfile\fP"
PGP Key ring file to use.
-.IP "\-\-pgptrustdb \fIFILE\fR"
-PGP trustdb file to use.
-.IP "\-\-srppasswd \fIFILE\fR"
+.sp
+.TP
+.BR \-\-pgpcertfile "=\fIfile\fP"
+PGP Public Key (certificate) file to use.
+.sp
+.TP
+.BR \-\-x509keyfile "=\fIfile\fP"
+X.509 key file or PKCS #11 URL to use.
+.sp
+.TP
+.BR \-\-x509certfile "=\fIfile\fP"
+X.509 Certificate file or PKCS #11 URL to use.
+.sp
+.TP
+.BR \-\-x509dsakeyfile "=\fIfile\fP"
+Alternative X.509 key file or PKCS #11 URL to use.
+.sp
+.TP
+.BR \-\-x509dsacertfile "=\fIfile\fP"
+Alternative X.509 Certificate file or PKCS #11 URL to use.
+.sp
+.TP
+.BR \-\-x509ecckeyfile "=\fIfile\fP"
+Alternative X.509 key file or PKCS #11 URL to use.
+.sp
+.TP
+.BR \-\-x509ecccertfile "=\fIfile\fP"
+Alternative X.509 Certificate file or PKCS #11 URL to use.
+.sp
+.TP
+.BR \-\-pgpsubkey "=\fIstring\fP"
+PGP subkey to use (hex or auto).
+.sp
+.TP
+.BR \-\-srppasswd "=\fIfile\fP"
SRP password file to use.
-.IP "\-\-srppasswdconf \fIFILE\fR"
+.sp
+.TP
+.BR \-\-srppasswdconf "=\fIfile\fP"
SRP password configuration file to use.
-.IP "\-\-x509cafile \fIFILE\fR"
-Certificate file to use.
-.IP "\-\-x509certfile \fIFILE\fR"
-X.509 Certificate file to use.
-.IP "\-\-x509fmtder"
-Use DER format for certificates
-.IP "\-\-x509keyfile \fIFILE\fR"
-X.509 key file to use.
-
+.sp
+.TP
+.BR \-\-pskpasswd "=\fIfile\fP"
+PSK password file to use.
+.sp
+.TP
+.BR \-\-pskhint "=\fIstring\fP"
+PSK identity hint to use.
+.sp
+.TP
+.BR \-p " \fInumber\fP, " \-\-port "=" \fInumber\fP
+The port to connect to.
+This option takes an integer number as its argument.
+.sp
+.TP
+.BR \-l " \fIstring\fP, " \-\-list "=" \fIstring\fP
+Print a list of the supported algorithms and modes.
+.sp
+Print a list of the supported algorithms and modes. If a priority string is
given then only the enabled ciphersuites are shown.
+.TP
+.BR \-? , " \-\-help"
+Display usage information and exit.
+.TP
+.BR \-! , " \-\-more-help"
+Pass the extended usage information through a pager.
+.TP
+.BR \-v " [{\fIv|c|n\fP}]," " \-\-version" "[=\fI{v|c|n}\fP]"
+Output version of program and exit. The default mode is `v', a simple
+version. The `c' mode will print copyright information and `n' will
+print the full copyright notice.
+.SH "EXIT STATUS"
+One of the following exit values will be returned:
+.TP
+.BR 0
+Successful program execution.
+.TP
+.BR 1
+The operation failed or the command syntax was not valid.
.SH "SEE ALSO"
-.BR gnutls\-cli (1),
-.BR gnutls\-cli\-debug (1)
-.SH AUTHOR
-.PP
-Nikos Mavrogiannopoulos <address@hidden> and others; see
-/usr/share/doc/gnutls\-bin/AUTHORS for a complete list.
-.PP
-This manual page was written by Ivo Timmermans <address@hidden>, for
-the Debian GNU/Linux system (but may be used by others).
+gnutls-cli-debug(1), gnutls-cli(1)
+.SH "AUTHORS"
+Nikos Mavrogiannopoulos and Simon Josefsson
+.SH "COPYRIGHT"
+Copyright (C) 2000-2012 Free Software Foundation all rights reserved.
+This program is released under the terms of the GNU General Public License,
version 3 or later.
+.SH "BUGS"
+Please send bug reports to: address@hidden
+.SH "NOTES"
+This manual page was \fIAutoGen\fP-erated from the \fBgnutls-serv\fP
+option definitions.
diff --git a/doc/manpages/psktool.1 b/doc/manpages/psktool.1
index 77b0667..e976db6 100644
--- a/doc/manpages/psktool.1
+++ b/doc/manpages/psktool.1
@@ -1,8 +1,8 @@
-.TH psktool 1 "19 Jan 2012" "3.0.11" "User Commands"
+.TH psktool 1 "21 Jan 2012" "3.0.12" "User Commands"
.\"
.\" DO NOT EDIT THIS FILE (psk-args.man)
.\"
-.\" It has been AutoGen-ed January 19, 2012 at 09:42:11 PM by AutoGen 5.12
+.\" It has been AutoGen-ed January 21, 2012 at 02:00:25 AM by AutoGen 5.12
.\" From the definitions ../../src/psk-args.def
.\" and the template file agman-cmd.tpl
.\"
@@ -32,8 +32,16 @@ in the range 0 through 9999
.sp
Specifies the debug level.
.TP
-.BR \-s ", " -\-keysize
+.BR \-s " \fInumber\fP, " \-\-keysize "=" \fInumber\fP
specify the key size in bytes.
+This option takes an integer number as its argument.
+The value of \fInumber\fP is constrained to being:
+.in +4
+.nf
+.na
+in the range 0 through 512
+.fi
+.in -4
.sp
.TP
.BR \-u " \fIstring\fP, " \-\-username "=" \fIstring\fP
diff --git a/doc/manpages/srptool.1 b/doc/manpages/srptool.1
index ea0b1f2..12f2154 100644
--- a/doc/manpages/srptool.1
+++ b/doc/manpages/srptool.1
@@ -1,8 +1,8 @@
-.TH srptool 1 "19 Jan 2012" "3.0.11" "User Commands"
+.TH srptool 1 "21 Jan 2012" "3.0.12" "User Commands"
.\"
.\" DO NOT EDIT THIS FILE (srptool-args.man)
.\"
-.\" It has been AutoGen-ed January 19, 2012 at 09:41:17 PM by AutoGen 5.12
+.\" It has been AutoGen-ed January 21, 2012 at 02:00:25 AM by AutoGen 5.12
.\" From the definitions ../../src/srptool-args.def
.\" and the template file agman-cmd.tpl
.\"
diff --git a/lib/x509/ocsp.c b/lib/x509/ocsp.c
index ae23168..732a99e 100644
--- a/lib/x509/ocsp.c
+++ b/lib/x509/ocsp.c
@@ -410,7 +410,7 @@ gnutls_ocsp_resp_export (gnutls_ocsp_resp_t resp,
gnutls_datum_t * data)
int
gnutls_ocsp_req_get_version (gnutls_ocsp_req_t req)
{
- opaque version[8];
+ uint8_t version[8];
int len, ret;
if (req == NULL)
@@ -491,7 +491,7 @@ gnutls_ocsp_req_get_cert_id (gnutls_ocsp_req_t req,
return ret;
}
- ret = _gnutls_x509_oid2digest_algorithm (sa.data);
+ ret = _gnutls_x509_oid2digest_algorithm ((char*)sa.data);
_gnutls_free_datum (&sa);
if (ret < 0)
{
@@ -688,8 +688,8 @@ gnutls_ocsp_req_add_cert (gnutls_ocsp_req_t req,
{
int ret;
gnutls_datum_t sn, tmp, inh, ikh;
- char inh_buf[MAX_HASH_SIZE];
- char ikh_buf[MAX_HASH_SIZE];
+ uint8_t inh_buf[MAX_HASH_SIZE];
+ uint8_t ikh_buf[MAX_HASH_SIZE];
size_t inhlen = MAX_HASH_SIZE;
size_t ikhlen = MAX_HASH_SIZE;
@@ -1013,7 +1013,7 @@ int
gnutls_ocsp_req_randomize_nonce (gnutls_ocsp_req_t req)
{
int ret;
- char rndbuf[23];
+ uint8_t rndbuf[23];
gnutls_datum_t nonce = { rndbuf, sizeof (rndbuf) };
if (req == NULL)
@@ -1052,7 +1052,7 @@ gnutls_ocsp_req_randomize_nonce (gnutls_ocsp_req_t req)
int
gnutls_ocsp_resp_get_status (gnutls_ocsp_resp_t resp)
{
- opaque str[1];
+ uint8_t str[1];
int len, ret;
if (resp == NULL)
@@ -1156,7 +1156,7 @@ gnutls_ocsp_resp_get_response (gnutls_ocsp_resp_t resp,
int
gnutls_ocsp_resp_get_version (gnutls_ocsp_resp_t resp)
{
- opaque version[8];
+ uint8_t version[8];
int len, ret;
if (resp == NULL)
@@ -1225,7 +1225,7 @@ gnutls_ocsp_resp_get_responder (gnutls_ocsp_resp_t resp,
ret = _gnutls_x509_parse_dn
(resp->basicresp, "tbsResponseData.responderID.byName",
- dn->data, &l);
+ (char*)dn->data, &l);
if (ret != GNUTLS_E_SUCCESS)
{
gnutls_assert ();
@@ -1353,7 +1353,7 @@ gnutls_ocsp_resp_get_single (gnutls_ocsp_resp_t resp,
return ret;
}
- ret = _gnutls_x509_oid2digest_algorithm (sa.data);
+ ret = _gnutls_x509_oid2digest_algorithm ((char*)sa.data);
_gnutls_free_datum (&sa);
if (ret < 0)
{
@@ -1682,7 +1682,7 @@ gnutls_ocsp_resp_get_signature_algorithm
(gnutls_ocsp_resp_t resp)
return ret;
}
- ret = _gnutls_x509_oid2sign_algorithm (sa.data);
+ ret = _gnutls_x509_oid2sign_algorithm ((char*)sa.data);
_gnutls_free_datum (&sa);
diff --git a/lib/x509/ocsp_output.c b/lib/x509/ocsp_output.c
index 719ce89..e1bdf82 100644
--- a/lib/x509/ocsp_output.c
+++ b/lib/x509/ocsp_output.c
@@ -137,11 +137,11 @@ print_req (gnutls_buffer_st * str, gnutls_ocsp_req_t req)
critical ? "critical" : "not critical");
addf (str, _("\t\t\tASCII: "));
- _gnutls_buffer_asciiprint (str, data.data, data.size);
+ _gnutls_buffer_asciiprint (str, (char*)data.data, data.size);
addf (str, "\n");
addf (str, _("\t\t\tHexdump: "));
- _gnutls_buffer_hexprint (str, data.data, data.size);
+ _gnutls_buffer_hexprint (str, (char*)data.data, data.size);
adds (str, "\n");
}
@@ -484,11 +484,11 @@ print_resp (gnutls_buffer_st * str, gnutls_ocsp_resp_t
resp)
critical ? "critical" : "not critical");
addf (str, _("\t\t\tASCII: "));
- _gnutls_buffer_asciiprint (str, data.data, data.size);
+ _gnutls_buffer_asciiprint (str, (char*)data.data, data.size);
addf (str, "\n");
addf (str, _("\t\t\tHexdump: "));
- _gnutls_buffer_hexprint (str, data.data, data.size);
+ _gnutls_buffer_hexprint (str, (char*)data.data, data.size);
adds (str, "\n");
}
diff --git a/src/Makefile.am b/src/Makefile.am
index 7b8109e..739869a 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -60,11 +60,11 @@ gnutls_serv_SOURCES = \
certtool-common.h \
$(PKCS11_SRCS)
gnutls_serv_LDADD = ../lib/libgnutls.la
-gnutls_serv_LDADD += libcmd-serv.la ../gl/libgnu.la
+gnutls_serv_LDADD += libcmd-serv.la ../gl/libgnu.la $(LIBOPTS_LDADD)
gnutls_serv_LDADD += $(LTLIBGCRYPT) $(LIBSOCKET) $(GETADDRINFO_LIB)
noinst_LTLIBRARIES += libcmd-serv.la
libcmd_serv_la_CFLAGS =
-libcmd_serv_la_SOURCES = serv.gaa serv-gaa.h serv-gaa.c
+libcmd_serv_la_SOURCES = serv-args.def serv-args.c serv-args.h
if ENABLE_SRP
srptool_SOURCES = srptool.c
@@ -171,7 +171,7 @@ cli-debug-args.c: $(srcdir)/cli-debug-args.def
-autogen $<
cli-args.c: $(srcdir)/cli-args.def
-autogen $<
+serv-args.c: $(srcdir)/serv-args.def
+ -autogen $<
srptool-args.c: $(srcdir)/srptool-args.def
-autogen $<
-serv-gaa.c: $(srcdir)/serv.gaa
- -$(GAA) $< -o serv-gaa.c -i serv-gaa.h
diff --git a/src/cli-args.c b/src/cli-args.c
index 441771d..3f8c39f 100644
--- a/src/cli-args.c
+++ b/src/cli-args.c
@@ -2,7 +2,7 @@
*
* DO NOT EDIT THIS FILE (cli-args.c)
*
- * It has been AutoGen-ed January 19, 2012 at 09:42:06 PM by AutoGen 5.12
+ * It has been AutoGen-ed January 21, 2012 at 01:58:52 AM by AutoGen 5.12
* From the definitions cli-args.def
* and the template file options
*
@@ -55,7 +55,7 @@ extern FILE * option_usage_fp;
/* TRANSLATORS: choose the translation for option names wisely because you
cannot ever change your mind. */
static char const zCopyright[278] =
-"gnutls-cli 3.0.11\n\
+"gnutls-cli 3.0.12\n\
Copyright (C) 2000-2012 Free Software Foundation, all rights reserved.\n\
This is free software. It is licensed for use, modification and\n\
redistribution under the terms of the\n\
@@ -877,7 +877,7 @@ static tOptDesc optDesc[OPTION_CT] = {
*/
static char const zPROGNAME[11] = "GNUTLS_CLI";
static char const zUsageTitle[100] =
-"gnutls-cli - GnuTLS client - Ver. 3.0.11\n\
+"gnutls-cli - GnuTLS client - Ver. 3.0.12\n\
USAGE: %s [ -<flag> [<val>] | --<name>[{=| }<val>] ]... \n";
#define zRcName NULL
#define apzHomeList NULL
diff --git a/src/cli-args.h b/src/cli-args.h
index 72e1538..c05ff9b 100644
--- a/src/cli-args.h
+++ b/src/cli-args.h
@@ -2,7 +2,7 @@
*
* DO NOT EDIT THIS FILE (cli-args.h)
*
- * It has been AutoGen-ed January 19, 2012 at 09:42:05 PM by AutoGen 5.12
+ * It has been AutoGen-ed January 21, 2012 at 01:58:52 AM by AutoGen 5.12
* From the definitions cli-args.def
* and the template file options
*
@@ -105,8 +105,8 @@ typedef enum {
} teOptIndex;
#define OPTION_CT 36
-#define GNUTLS_CLI_VERSION "3.0.11"
-#define GNUTLS_CLI_FULL_VERSION "gnutls-cli 3.0.11"
+#define GNUTLS_CLI_VERSION "3.0.12"
+#define GNUTLS_CLI_FULL_VERSION "gnutls-cli 3.0.12"
/*
* Interface defines for all options. Replace "n" with the UPPER_CASED
diff --git a/src/ocsptool.c b/src/ocsptool.c
index dde1028..bd35a10 100644
--- a/src/ocsptool.c
+++ b/src/ocsptool.c
@@ -62,9 +62,9 @@ request_info (void)
error (EXIT_FAILURE, 0, "ocsp_req_init: %s", gnutls_strerror (ret));
if (info.req)
- dat.data = read_binary_file (info.req, &size);
+ dat.data = (void*)read_binary_file (info.req, &size);
else
- dat.data = fread_file (infile, &size);
+ dat.data = (void*)fread_file (infile, &size);
if (dat.data == NULL)
error (EXIT_FAILURE, errno, "reading request");
dat.size = size;
@@ -97,9 +97,9 @@ response_info (void)
error (EXIT_FAILURE, 0, "ocsp_resp_init: %s", gnutls_strerror (ret));
if (info.resp)
- dat.data = read_binary_file (info.resp, &size);
+ dat.data = (void*)read_binary_file (info.resp, &size);
else
- dat.data = fread_file (infile, &size);
+ dat.data = (void*)fread_file (infile, &size);
if (dat.data == NULL)
error (EXIT_FAILURE, errno, "reading response");
dat.size = size;
@@ -134,7 +134,7 @@ load_issuer (void)
if (ret < 0)
error (EXIT_FAILURE, 0, "crt_init: %s", gnutls_strerror (ret));
- dat.data = read_binary_file (info.issuer, &size);
+ dat.data = (void*)read_binary_file (info.issuer, &size);
dat.size = size;
if (!dat.data)
@@ -164,7 +164,7 @@ load_cert (void)
if (ret < 0)
error (EXIT_FAILURE, 0, "crt_init: %s", gnutls_strerror (ret));
- dat.data = read_binary_file (info.cert, &size);
+ dat.data = (void*)read_binary_file (info.cert, &size);
dat.size = size;
if (!dat.data)
@@ -204,7 +204,7 @@ generate_request (void)
if (!info.nononce)
{
- char noncebuf[23];
+ unsigned char noncebuf[23];
gnutls_datum_t nonce = { noncebuf, sizeof (noncebuf) };
ret = gnutls_rnd (GNUTLS_RND_RANDOM, nonce.data, nonce.size);
@@ -319,9 +319,9 @@ verify_response (void)
error (EXIT_FAILURE, 0, "ocsp_resp_init: %s", gnutls_strerror (ret));
if (info.resp)
- dat.data = read_binary_file (info.resp, &size);
+ dat.data = (void*)read_binary_file (info.resp, &size);
else
- dat.data = fread_file (infile, &size);
+ dat.data = (void*)fread_file (infile, &size);
if (dat.data == NULL)
error (EXIT_FAILURE, errno, "reading response");
dat.size = size;
@@ -335,7 +335,7 @@ verify_response (void)
error (EXIT_FAILURE, 0, "cannot mix --load-trust and --load-signer");
else if (info.signer == NULL)
{
- dat.data = read_binary_file (info.trust, &size);
+ dat.data = (void*)read_binary_file (info.trust, &size);
if (dat.data == NULL)
error (EXIT_FAILURE, errno, "reading --load-trust: %s", info.trust);
dat.size = size;
@@ -388,7 +388,7 @@ verify_response (void)
if (ret < 0)
error (EXIT_FAILURE, 0, "crt_init: %s", gnutls_strerror (ret));
- dat.data = read_binary_file (info.signer, &size);
+ dat.data = (void*)read_binary_file (info.signer, &size);
if (dat.data == NULL)
error (EXIT_FAILURE, errno, "reading --load-signer: %s", info.signer);
dat.size = size;
diff --git a/src/cli-args.c b/src/serv-args.c
similarity index 65%
copy from src/cli-args.c
copy to src/serv-args.c
index 441771d..45b7e19 100644
--- a/src/cli-args.c
+++ b/src/serv-args.c
@@ -1,16 +1,16 @@
/* -*- buffer-read-only: t -*- vi: set ro:
*
- * DO NOT EDIT THIS FILE (cli-args.c)
+ * DO NOT EDIT THIS FILE (serv-args.c)
*
- * It has been AutoGen-ed January 19, 2012 at 09:42:06 PM by AutoGen 5.12
- * From the definitions cli-args.def
+ * It has been AutoGen-ed January 21, 2012 at 01:58:47 AM by AutoGen 5.12
+ * From the definitions serv-args.def
* and the template file options
*
* Generated from AutoOpts 35:0:10 templates.
*
* AutoOpts is a copyrighted work. This source file is not encumbered
* by AutoOpts licensing, but is provided under the licensing terms chosen
- * by the gnutls-cli author or copyright holder. AutoOpts is
+ * by the gnutls-serv author or copyright holder. AutoOpts is
* licensed under the terms of the LGPL. The redistributable library
* (``libopts'') is licensed under the terms of either the LGPL or, at the
* users discretion, the BSD license. See the AutoOpts and/or libopts sources
@@ -24,12 +24,12 @@
* GNU General Public License, version 3 or later
* <http://gnu.org/licenses/gpl.html>
*
-PFX>gnutls-cli is free software: you can redistribute it and/or modify it
+PFX>gnutls-serv is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
- * gnutls-cli is distributed in the hope that it will be useful, but
+ * gnutls-serv is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
* See the GNU General Public License for more details.
@@ -45,7 +45,7 @@ PFX>gnutls-cli is free software: you can redistribute it
and/or modify it
#include <stdlib.h>
#include <errno.h>
#define OPTION_CODE_COMPILE 1
-#include "cli-args.h"
+#include "serv-args.h"
#ifdef __cplusplus
extern "C" {
@@ -54,19 +54,19 @@ extern FILE * option_usage_fp;
/* TRANSLATORS: choose the translation for option names wisely because you
cannot ever change your mind. */
-static char const zCopyright[278] =
-"gnutls-cli 3.0.11\n\
+static char const zCopyright[279] =
+"gnutls-serv 3.0.12\n\
Copyright (C) 2000-2012 Free Software Foundation, all rights reserved.\n\
This is free software. It is licensed for use, modification and\n\
redistribution under the terms of the\n\
GNU General Public License, version 3 or later\n\
<http://gnu.org/licenses/gpl.html>\n";
-static char const zLicenseDescrip[609] =
-"gnutls-cli is free software: you can redistribute it and/or modify it\n\
+static char const zLicenseDescrip[611] =
+"gnutls-serv is free software: you can redistribute it and/or modify it\n\
under the terms of the GNU General Public License as published by the\n\
Free Software Foundation, either version 3 of the License, or (at your\n\
option) any later version.\n\n\
-gnutls-cli is distributed in the hope that it will be useful, but WITHOUT\n\
+gnutls-serv is distributed in the hope that it will be useful, but WITHOUT\n\
ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or\n\
FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License\n\
for more details.\n\n\
@@ -90,24 +90,6 @@ static char const zDebug_Name[] = "debug";
| OPTST_SET_ARGTYPE(OPARG_TYPE_NUMERIC))
/*
- * Resume option description:
- */
-static char const zResumeText[] =
- "Connect, establish a session. Connect again and resume this session";
-static char const zResume_NAME[] = "RESUME";
-static char const zResume_Name[] = "resume";
-#define RESUME_FLAGS (OPTST_DISABLED)
-
-/*
- * Rehandshake option description:
- */
-static char const zRehandshakeText[] =
- "Connect, establish a session and rehandshake immediately";
-static char const zRehandshake_NAME[] = "REHANDSHAKE";
-static char const zRehandshake_Name[] = "rehandshake";
-#define REHANDSHAKE_FLAGS (OPTST_DISABLED)
-
-/*
* Noticket option description:
*/
static char const zNoticketText[] =
@@ -117,13 +99,49 @@ static char const zNoticket_Name[] = "noticket";
#define NOTICKET_FLAGS (OPTST_DISABLED)
/*
- * Starttls option description:
+ * Generate option description:
+ */
+static char const zGenerateText[] =
+ "Generate Diffie-Hellman and RSA-export parameters";
+static char const zGenerate_NAME[] = "GENERATE";
+static char const zGenerate_Name[] = "generate";
+#define GENERATE_FLAGS (OPTST_DISABLED)
+
+/*
+ * Quiet option description:
+ */
+static char const zQuietText[] =
+ "Suppress some messages";
+static char const zQuiet_NAME[] = "QUIET";
+static char const zQuiet_Name[] = "quiet";
+#define QUIET_FLAGS (OPTST_DISABLED)
+
+/*
+ * Nodb option description:
+ */
+static char const zNodbText[] =
+ "Do not use a resumption database";
+static char const zNodb_NAME[] = "NODB";
+static char const zNodb_Name[] = "nodb";
+#define NODB_FLAGS (OPTST_DISABLED)
+
+/*
+ * Http option description:
+ */
+static char const zHttpText[] =
+ "Act as an HTTP server";
+static char const zHttp_NAME[] = "HTTP";
+static char const zHttp_Name[] = "http";
+#define HTTP_FLAGS (OPTST_DISABLED)
+
+/*
+ * Echo option description:
*/
-static char const zStarttlsText[] =
- "Connect, establish a plain session and start TLS when EOF or a
SIGALRM is received";
-static char const zStarttls_NAME[] = "STARTTLS";
-static char const zStarttls_Name[] = "starttls";
-#define STARTTLS_FLAGS (OPTST_DISABLED)
+static char const zEchoText[] =
+ "Act as an Echo server";
+static char const zEcho_NAME[] = "ECHO";
+static char const zEcho_Name[] = "echo";
+#define ECHO_FLAGS (OPTST_DISABLED)
/*
* Udp option description:
@@ -145,13 +163,22 @@ static char const zMtu_Name[] = "mtu";
| OPTST_SET_ARGTYPE(OPARG_TYPE_NUMERIC))
/*
- * Crlf option description:
+ * Disable_Client_Cert option description:
*/
-static char const zCrlfText[] =
- "Send CR LF instead of LF";
-static char const zCrlf_NAME[] = "CRLF";
-static char const zCrlf_Name[] = "crlf";
-#define CRLF_FLAGS (OPTST_DISABLED)
+static char const zDisable_Client_CertText[] =
+ "Do not request a client certificate";
+static char const zDisable_Client_Cert_NAME[] = "DISABLE_CLIENT_CERT";
+static char const zDisable_Client_Cert_Name[]= "disable-client-cert";
+#define DISABLE_CLIENT_CERT_FLAGS (OPTST_DISABLED)
+
+/*
+ * Require_Client_Cert option description:
+ */
+static char const zRequire_Client_CertText[] =
+ "Require a client certificate";
+static char const zRequire_Client_Cert_NAME[] = "REQUIRE_CLIENT_CERT";
+static char const zRequire_Client_Cert_Name[]= "require-client-cert";
+#define REQUIRE_CLIENT_CERT_FLAGS (OPTST_DISABLED)
/*
* X509fmtder option description:
@@ -163,52 +190,6 @@ static char const zX509fmtder_Name[] =
"x509fmtder";
#define X509FMTDER_FLAGS (OPTST_DISABLED)
/*
- * Fingerprint option description:
- */
-static char const zFingerprintText[] =
- "Send the openpgp fingerprint, instead of the key";
-static char const zFingerprint_NAME[] = "FINGERPRINT";
-static char const zFingerprint_Name[] = "fingerprint";
-#define FINGERPRINT_FLAGS (OPTST_DISABLED)
-
-/*
- * Disable_Extensions option description:
- */
-static char const zDisable_ExtensionsText[] =
- "Disable all the TLS extensions";
-static char const zDisable_Extensions_NAME[] = "DISABLE_EXTENSIONS";
-static char const zDisable_Extensions_Name[] = "disable-extensions";
-#define DISABLE_EXTENSIONS_FLAGS (OPTST_DISABLED)
-
-/*
- * Print_Cert option description:
- */
-static char const zPrint_CertText[] =
- "Print peer's certificate in PEM format";
-static char const zPrint_Cert_NAME[] = "PRINT_CERT";
-static char const zPrint_Cert_Name[] = "print-cert";
-#define PRINT_CERT_FLAGS (OPTST_DISABLED)
-
-/*
- * Recordsize option description:
- */
-static char const zRecordsizeText[] =
- "The maximum record size to advertize";
-static char const zRecordsize_NAME[] = "RECORDSIZE";
-static char const zRecordsize_Name[] = "recordsize";
-#define RECORDSIZE_FLAGS (OPTST_DISABLED \
- | OPTST_SET_ARGTYPE(OPARG_TYPE_NUMERIC))
-
-/*
- * Verbose option description:
- */
-static char const zVerboseText[] =
- "More verbose output";
-static char const zVerbose_NAME[] = "VERBOSE";
-static char const zVerbose_Name[] = "verbose";
-#define VERBOSE_FLAGS (OPTST_DISABLED)
-
-/*
* Priority option description:
*/
static char const zPriorityText[] =
@@ -219,6 +200,16 @@ static char const zPriority_Name[] = "priority";
| OPTST_SET_ARGTYPE(OPARG_TYPE_STRING))
/*
+ * Dhparams option description:
+ */
+static char const zDhparamsText[] =
+ "DH params file to use";
+static char const zDhparams_NAME[] = "DHPARAMS";
+static char const zDhparams_Name[] = "dhparams";
+#define DHPARAMS_FLAGS (OPTST_DISABLED \
+ | OPTST_SET_ARGTYPE(OPARG_TYPE_FILE))
+
+/*
* X509cafile option description:
*/
static char const zX509cafileText[] =
@@ -289,6 +280,46 @@ static char const zX509certfile_Name[] =
"x509certfile";
| OPTST_SET_ARGTYPE(OPARG_TYPE_FILE))
/*
+ * X509dsakeyfile option description:
+ */
+static char const zX509dsakeyfileText[] =
+ "Alternative X.509 key file or PKCS #11 URL to use";
+static char const zX509dsakeyfile_NAME[] = "X509DSAKEYFILE";
+static char const zX509dsakeyfile_Name[] = "x509dsakeyfile";
+#define X509DSAKEYFILE_FLAGS (OPTST_DISABLED \
+ | OPTST_SET_ARGTYPE(OPARG_TYPE_FILE))
+
+/*
+ * X509dsacertfile option description:
+ */
+static char const zX509dsacertfileText[] =
+ "Alternative X.509 Certificate file or PKCS #11 URL to use";
+static char const zX509dsacertfile_NAME[] = "X509DSACERTFILE";
+static char const zX509dsacertfile_Name[] = "x509dsacertfile";
+#define X509DSACERTFILE_FLAGS (OPTST_DISABLED \
+ | OPTST_SET_ARGTYPE(OPARG_TYPE_FILE))
+
+/*
+ * X509ecckeyfile option description:
+ */
+static char const zX509ecckeyfileText[] =
+ "Alternative X.509 key file or PKCS #11 URL to use";
+static char const zX509ecckeyfile_NAME[] = "X509ECCKEYFILE";
+static char const zX509ecckeyfile_Name[] = "x509ecckeyfile";
+#define X509ECCKEYFILE_FLAGS (OPTST_DISABLED \
+ | OPTST_SET_ARGTYPE(OPARG_TYPE_FILE))
+
+/*
+ * X509ecccertfile option description:
+ */
+static char const zX509ecccertfileText[] =
+ "Alternative X.509 Certificate file or PKCS #11 URL to use";
+static char const zX509ecccertfile_NAME[] = "X509ECCCERTFILE";
+static char const zX509ecccertfile_Name[] = "x509ecccertfile";
+#define X509ECCCERTFILE_FLAGS (OPTST_DISABLED \
+ | OPTST_SET_ARGTYPE(OPARG_TYPE_FILE))
+
+/*
* Pgpsubkey option description:
*/
static char const zPgpsubkeyText[] =
@@ -299,43 +330,43 @@ static char const zPgpsubkey_Name[] =
"pgpsubkey";
| OPTST_SET_ARGTYPE(OPARG_TYPE_STRING))
/*
- * Srpusername option description:
- */
-static char const zSrpusernameText[] =
- "SRP username to use";
-static char const zSrpusername_NAME[] = "SRPUSERNAME";
-static char const zSrpusername_Name[] = "srpusername";
-#define SRPUSERNAME_FLAGS (OPTST_DISABLED \
- | OPTST_SET_ARGTYPE(OPARG_TYPE_STRING))
-
-/*
* Srppasswd option description:
*/
static char const zSrppasswdText[] =
- "SRP password to use";
+ "SRP password file to use";
static char const zSrppasswd_NAME[] = "SRPPASSWD";
static char const zSrppasswd_Name[] = "srppasswd";
#define SRPPASSWD_FLAGS (OPTST_DISABLED \
- | OPTST_SET_ARGTYPE(OPARG_TYPE_STRING))
+ | OPTST_SET_ARGTYPE(OPARG_TYPE_FILE))
/*
- * Pskusername option description:
+ * Srppasswdconf option description:
*/
-static char const zPskusernameText[] =
- "PSK username to use";
-static char const zPskusername_NAME[] = "PSKUSERNAME";
-static char const zPskusername_Name[] = "pskusername";
-#define PSKUSERNAME_FLAGS (OPTST_DISABLED \
- | OPTST_SET_ARGTYPE(OPARG_TYPE_STRING))
+static char const zSrppasswdconfText[] =
+ "SRP password configuration file to use";
+static char const zSrppasswdconf_NAME[] = "SRPPASSWDCONF";
+static char const zSrppasswdconf_Name[] = "srppasswdconf";
+#define SRPPASSWDCONF_FLAGS (OPTST_DISABLED \
+ | OPTST_SET_ARGTYPE(OPARG_TYPE_FILE))
+
+/*
+ * Pskpasswd option description:
+ */
+static char const zPskpasswdText[] =
+ "PSK password file to use";
+static char const zPskpasswd_NAME[] = "PSKPASSWD";
+static char const zPskpasswd_Name[] = "pskpasswd";
+#define PSKPASSWD_FLAGS (OPTST_DISABLED \
+ | OPTST_SET_ARGTYPE(OPARG_TYPE_FILE))
/*
- * Pskkey option description:
+ * Pskhint option description:
*/
-static char const zPskkeyText[] =
- "PSK key (in hex) to use";
-static char const zPskkey_NAME[] = "PSKKEY";
-static char const zPskkey_Name[] = "pskkey";
-#define PSKKEY_FLAGS (OPTST_DISABLED \
+static char const zPskhintText[] =
+ "PSK identity hint to use";
+static char const zPskhint_NAME[] = "PSKHINT";
+static char const zPskhint_Name[] = "pskhint";
+#define PSKHINT_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_STRING))
/*
@@ -346,43 +377,7 @@ static char const zPortText[] =
static char const zPort_NAME[] = "PORT";
static char const zPort_Name[] = "port";
#define PORT_FLAGS (OPTST_DISABLED \
- | OPTST_SET_ARGTYPE(OPARG_TYPE_STRING))
-
-/*
- * Insecure option description:
- */
-static char const zInsecureText[] =
- "Don't abort program if server certificate can't be validated";
-static char const zInsecure_NAME[] = "INSECURE";
-static char const zInsecure_Name[] = "insecure";
-#define INSECURE_FLAGS (OPTST_DISABLED)
-
-/*
- * Benchmark_Ciphers option description:
- */
-static char const zBenchmark_CiphersText[] =
- "Benchmark individual ciphers";
-static char const zBenchmark_Ciphers_NAME[] = "BENCHMARK_CIPHERS";
-static char const zBenchmark_Ciphers_Name[] = "benchmark-ciphers";
-#define BENCHMARK_CIPHERS_FLAGS (OPTST_DISABLED)
-
-/*
- * Benchmark_Soft_Ciphers option description:
- */
-static char const zBenchmark_Soft_CiphersText[] =
- "Benchmark individual software ciphers (no hw acceleration)";
-static char const zBenchmark_Soft_Ciphers_NAME[] = "BENCHMARK_SOFT_CIPHERS";
-static char const zBenchmark_Soft_Ciphers_Name[]= "benchmark-soft-ciphers";
-#define BENCHMARK_SOFT_CIPHERS_FLAGS (OPTST_DISABLED)
-
-/*
- * Benchmark_Tls option description:
- */
-static char const zBenchmark_TlsText[] =
- "Benchmark ciphers and key exchange methods in TLS";
-static char const zBenchmark_Tls_NAME[] = "BENCHMARK_TLS";
-static char const zBenchmark_Tls_Name[] = "benchmark-tls";
-#define BENCHMARK_TLS_FLAGS (OPTST_DISABLED)
+ | OPTST_SET_ARGTYPE(OPARG_TYPE_NUMERIC))
/*
* List option description:
@@ -426,14 +421,16 @@ extern tOptProc
optionStackArg, optionTimeDate, optionTimeVal,
optionUnstackArg, optionVersionStderr;
static tOptProc
- doOptDebug, doOptMtu, doOptPgpcertfile,
- doOptPgpkeyfile, doOptPgpkeyring, doOptRecordsize,
- doOptX509cafile, doOptX509certfile, doOptX509crlfile,
- doOptX509keyfile, doUsageOpt;
+ doOptDebug, doOptDhparams, doOptMtu,
+ doOptPgpcertfile, doOptPgpkeyfile, doOptPgpkeyring,
+ doOptPskpasswd, doOptSrppasswd, doOptSrppasswdconf,
+ doOptX509cafile, doOptX509certfile, doOptX509crlfile,
+ doOptX509dsacertfile, doOptX509dsakeyfile, doOptX509ecccertfile,
+ doOptX509ecckeyfile, doOptX509keyfile, doUsageOpt;
/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
*
- * Define the Gnutls_Cli Option Descriptions.
+ * Define the Gnutls_Serv Option Descriptions.
*/
static tOptDesc optDesc[OPTION_CT] = {
{ /* entry idx, value */ 0, VALUE_OPT_DEBUG,
@@ -448,176 +445,164 @@ static tOptDesc optDesc[OPTION_CT] = {
/* desc, NAME, name */ zDebugText, zDebug_NAME, zDebug_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 1, VALUE_OPT_RESUME,
- /* equiv idx, value */ 1, VALUE_OPT_RESUME,
+ { /* entry idx, value */ 1, VALUE_OPT_NOTICKET,
+ /* equiv idx, value */ 1, VALUE_OPT_NOTICKET,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
- /* opt state flags */ RESUME_FLAGS, 0,
+ /* opt state flags */ NOTICKET_FLAGS, 0,
/* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ zResumeText, zResume_NAME, zResume_Name,
+ /* desc, NAME, name */ zNoticketText, zNoticket_NAME, zNoticket_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 2, VALUE_OPT_REHANDSHAKE,
- /* equiv idx, value */ 2, VALUE_OPT_REHANDSHAKE,
+ { /* entry idx, value */ 2, VALUE_OPT_GENERATE,
+ /* equiv idx, value */ 2, VALUE_OPT_GENERATE,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
- /* opt state flags */ REHANDSHAKE_FLAGS, 0,
+ /* opt state flags */ GENERATE_FLAGS, 0,
/* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ zRehandshakeText, zRehandshake_NAME,
zRehandshake_Name,
+ /* desc, NAME, name */ zGenerateText, zGenerate_NAME, zGenerate_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 3, VALUE_OPT_NOTICKET,
- /* equiv idx, value */ 3, VALUE_OPT_NOTICKET,
+ { /* entry idx, value */ 3, VALUE_OPT_QUIET,
+ /* equiv idx, value */ 3, VALUE_OPT_QUIET,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
- /* opt state flags */ NOTICKET_FLAGS, 0,
+ /* opt state flags */ QUIET_FLAGS, 0,
/* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ zNoticketText, zNoticket_NAME, zNoticket_Name,
+ /* desc, NAME, name */ zQuietText, zQuiet_NAME, zQuiet_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 4, VALUE_OPT_STARTTLS,
- /* equiv idx, value */ 4, VALUE_OPT_STARTTLS,
+ { /* entry idx, value */ 4, VALUE_OPT_NODB,
+ /* equiv idx, value */ 4, VALUE_OPT_NODB,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
- /* opt state flags */ STARTTLS_FLAGS, 0,
+ /* opt state flags */ NODB_FLAGS, 0,
/* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ zStarttlsText, zStarttls_NAME, zStarttls_Name,
+ /* desc, NAME, name */ zNodbText, zNodb_NAME, zNodb_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 5, VALUE_OPT_UDP,
- /* equiv idx, value */ 5, VALUE_OPT_UDP,
+ { /* entry idx, value */ 5, VALUE_OPT_HTTP,
+ /* equiv idx, value */ 5, VALUE_OPT_HTTP,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
- /* opt state flags */ UDP_FLAGS, 0,
+ /* opt state flags */ HTTP_FLAGS, 0,
/* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ zUdpText, zUdp_NAME, zUdp_Name,
+ /* desc, NAME, name */ zHttpText, zHttp_NAME, zHttp_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 6, VALUE_OPT_MTU,
- /* equiv idx, value */ 6, VALUE_OPT_MTU,
+ { /* entry idx, value */ 6, VALUE_OPT_ECHO,
+ /* equiv idx, value */ 6, VALUE_OPT_ECHO,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
- /* opt state flags */ MTU_FLAGS, 0,
+ /* opt state flags */ ECHO_FLAGS, 0,
/* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
- /* option proc */ doOptMtu,
- /* desc, NAME, name */ zMtuText, zMtu_NAME, zMtu_Name,
+ /* option proc */ NULL,
+ /* desc, NAME, name */ zEchoText, zEcho_NAME, zEcho_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 7, VALUE_OPT_CRLF,
- /* equiv idx, value */ 7, VALUE_OPT_CRLF,
+ { /* entry idx, value */ 7, VALUE_OPT_UDP,
+ /* equiv idx, value */ 7, VALUE_OPT_UDP,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
- /* opt state flags */ CRLF_FLAGS, 0,
+ /* opt state flags */ UDP_FLAGS, 0,
/* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ zCrlfText, zCrlf_NAME, zCrlf_Name,
+ /* desc, NAME, name */ zUdpText, zUdp_NAME, zUdp_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 8, VALUE_OPT_X509FMTDER,
- /* equiv idx, value */ 8, VALUE_OPT_X509FMTDER,
+ { /* entry idx, value */ 8, VALUE_OPT_MTU,
+ /* equiv idx, value */ 8, VALUE_OPT_MTU,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
- /* opt state flags */ X509FMTDER_FLAGS, 0,
+ /* opt state flags */ MTU_FLAGS, 0,
/* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
- /* option proc */ NULL,
- /* desc, NAME, name */ zX509fmtderText, zX509fmtder_NAME,
zX509fmtder_Name,
+ /* option proc */ doOptMtu,
+ /* desc, NAME, name */ zMtuText, zMtu_NAME, zMtu_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 9, VALUE_OPT_FINGERPRINT,
- /* equiv idx, value */ 9, VALUE_OPT_FINGERPRINT,
+ { /* entry idx, value */ 9, VALUE_OPT_DISABLE_CLIENT_CERT,
+ /* equiv idx, value */ 9, VALUE_OPT_DISABLE_CLIENT_CERT,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
- /* opt state flags */ FINGERPRINT_FLAGS, 0,
+ /* opt state flags */ DISABLE_CLIENT_CERT_FLAGS, 0,
/* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ zFingerprintText, zFingerprint_NAME,
zFingerprint_Name,
+ /* desc, NAME, name */ zDisable_Client_CertText,
zDisable_Client_Cert_NAME, zDisable_Client_Cert_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 10, VALUE_OPT_DISABLE_EXTENSIONS,
- /* equiv idx, value */ 10, VALUE_OPT_DISABLE_EXTENSIONS,
+ { /* entry idx, value */ 10, VALUE_OPT_REQUIRE_CLIENT_CERT,
+ /* equiv idx, value */ 10, VALUE_OPT_REQUIRE_CLIENT_CERT,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
- /* opt state flags */ DISABLE_EXTENSIONS_FLAGS, 0,
+ /* opt state flags */ REQUIRE_CLIENT_CERT_FLAGS, 0,
/* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ zDisable_ExtensionsText, zDisable_Extensions_NAME,
zDisable_Extensions_Name,
+ /* desc, NAME, name */ zRequire_Client_CertText,
zRequire_Client_Cert_NAME, zRequire_Client_Cert_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 11, VALUE_OPT_PRINT_CERT,
- /* equiv idx, value */ 11, VALUE_OPT_PRINT_CERT,
+ { /* entry idx, value */ 11, VALUE_OPT_X509FMTDER,
+ /* equiv idx, value */ 11, VALUE_OPT_X509FMTDER,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
- /* opt state flags */ PRINT_CERT_FLAGS, 0,
+ /* opt state flags */ X509FMTDER_FLAGS, 0,
/* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ zPrint_CertText, zPrint_Cert_NAME,
zPrint_Cert_Name,
+ /* desc, NAME, name */ zX509fmtderText, zX509fmtder_NAME,
zX509fmtder_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 12, VALUE_OPT_RECORDSIZE,
- /* equiv idx, value */ 12, VALUE_OPT_RECORDSIZE,
+ { /* entry idx, value */ 12, VALUE_OPT_PRIORITY,
+ /* equiv idx, value */ 12, VALUE_OPT_PRIORITY,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
- /* opt state flags */ RECORDSIZE_FLAGS, 0,
- /* last opt argumnt */ { NULL },
- /* arg list/cookie */ NULL,
- /* must/cannot opts */ NULL, NULL,
- /* option proc */ doOptRecordsize,
- /* desc, NAME, name */ zRecordsizeText, zRecordsize_NAME,
zRecordsize_Name,
- /* disablement strs */ NULL, NULL },
-
- { /* entry idx, value */ 13, VALUE_OPT_VERBOSE,
- /* equiv idx, value */ 13, VALUE_OPT_VERBOSE,
- /* equivalenced to */ NO_EQUIVALENT,
- /* min, max, act ct */ 0, NOLIMIT, 0,
- /* opt state flags */ VERBOSE_FLAGS, 0,
+ /* opt state flags */ PRIORITY_FLAGS, 0,
/* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ zVerboseText, zVerbose_NAME, zVerbose_Name,
+ /* desc, NAME, name */ zPriorityText, zPriority_NAME, zPriority_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 14, VALUE_OPT_PRIORITY,
- /* equiv idx, value */ 14, VALUE_OPT_PRIORITY,
+ { /* entry idx, value */ 13, VALUE_OPT_DHPARAMS,
+ /* equiv idx, value */ 13, VALUE_OPT_DHPARAMS,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
- /* opt state flags */ PRIORITY_FLAGS, 0,
+ /* opt state flags */ DHPARAMS_FLAGS, 0,
/* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
- /* option proc */ NULL,
- /* desc, NAME, name */ zPriorityText, zPriority_NAME, zPriority_Name,
+ /* option proc */ doOptDhparams,
+ /* desc, NAME, name */ zDhparamsText, zDhparams_NAME, zDhparams_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 15, VALUE_OPT_X509CAFILE,
- /* equiv idx, value */ 15, VALUE_OPT_X509CAFILE,
+ { /* entry idx, value */ 14, VALUE_OPT_X509CAFILE,
+ /* equiv idx, value */ 14, VALUE_OPT_X509CAFILE,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ X509CAFILE_FLAGS, 0,
@@ -628,8 +613,8 @@ static tOptDesc optDesc[OPTION_CT] = {
/* desc, NAME, name */ zX509cafileText, zX509cafile_NAME,
zX509cafile_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 16, VALUE_OPT_X509CRLFILE,
- /* equiv idx, value */ 16, VALUE_OPT_X509CRLFILE,
+ { /* entry idx, value */ 15, VALUE_OPT_X509CRLFILE,
+ /* equiv idx, value */ 15, VALUE_OPT_X509CRLFILE,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ X509CRLFILE_FLAGS, 0,
@@ -640,8 +625,8 @@ static tOptDesc optDesc[OPTION_CT] = {
/* desc, NAME, name */ zX509crlfileText, zX509crlfile_NAME,
zX509crlfile_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 17, VALUE_OPT_PGPKEYFILE,
- /* equiv idx, value */ 17, VALUE_OPT_PGPKEYFILE,
+ { /* entry idx, value */ 16, VALUE_OPT_PGPKEYFILE,
+ /* equiv idx, value */ 16, VALUE_OPT_PGPKEYFILE,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ PGPKEYFILE_FLAGS, 0,
@@ -652,8 +637,8 @@ static tOptDesc optDesc[OPTION_CT] = {
/* desc, NAME, name */ zPgpkeyfileText, zPgpkeyfile_NAME,
zPgpkeyfile_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 18, VALUE_OPT_PGPKEYRING,
- /* equiv idx, value */ 18, VALUE_OPT_PGPKEYRING,
+ { /* entry idx, value */ 17, VALUE_OPT_PGPKEYRING,
+ /* equiv idx, value */ 17, VALUE_OPT_PGPKEYRING,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ PGPKEYRING_FLAGS, 0,
@@ -664,8 +649,8 @@ static tOptDesc optDesc[OPTION_CT] = {
/* desc, NAME, name */ zPgpkeyringText, zPgpkeyring_NAME,
zPgpkeyring_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 19, VALUE_OPT_PGPCERTFILE,
- /* equiv idx, value */ 19, VALUE_OPT_PGPCERTFILE,
+ { /* entry idx, value */ 18, VALUE_OPT_PGPCERTFILE,
+ /* equiv idx, value */ 18, VALUE_OPT_PGPCERTFILE,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ PGPCERTFILE_FLAGS, 0,
@@ -676,8 +661,8 @@ static tOptDesc optDesc[OPTION_CT] = {
/* desc, NAME, name */ zPgpcertfileText, zPgpcertfile_NAME,
zPgpcertfile_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 20, VALUE_OPT_X509KEYFILE,
- /* equiv idx, value */ 20, VALUE_OPT_X509KEYFILE,
+ { /* entry idx, value */ 19, VALUE_OPT_X509KEYFILE,
+ /* equiv idx, value */ 19, VALUE_OPT_X509KEYFILE,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ X509KEYFILE_FLAGS, 0,
@@ -688,8 +673,8 @@ static tOptDesc optDesc[OPTION_CT] = {
/* desc, NAME, name */ zX509keyfileText, zX509keyfile_NAME,
zX509keyfile_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 21, VALUE_OPT_X509CERTFILE,
- /* equiv idx, value */ 21, VALUE_OPT_X509CERTFILE,
+ { /* entry idx, value */ 20, VALUE_OPT_X509CERTFILE,
+ /* equiv idx, value */ 20, VALUE_OPT_X509CERTFILE,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ X509CERTFILE_FLAGS, 0,
@@ -700,128 +685,128 @@ static tOptDesc optDesc[OPTION_CT] = {
/* desc, NAME, name */ zX509certfileText, zX509certfile_NAME,
zX509certfile_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 22, VALUE_OPT_PGPSUBKEY,
- /* equiv idx, value */ 22, VALUE_OPT_PGPSUBKEY,
+ { /* entry idx, value */ 21, VALUE_OPT_X509DSAKEYFILE,
+ /* equiv idx, value */ 21, VALUE_OPT_X509DSAKEYFILE,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
- /* opt state flags */ PGPSUBKEY_FLAGS, 0,
+ /* opt state flags */ X509DSAKEYFILE_FLAGS, 0,
/* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
- /* option proc */ NULL,
- /* desc, NAME, name */ zPgpsubkeyText, zPgpsubkey_NAME, zPgpsubkey_Name,
+ /* option proc */ doOptX509dsakeyfile,
+ /* desc, NAME, name */ zX509dsakeyfileText, zX509dsakeyfile_NAME,
zX509dsakeyfile_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 23, VALUE_OPT_SRPUSERNAME,
- /* equiv idx, value */ 23, VALUE_OPT_SRPUSERNAME,
+ { /* entry idx, value */ 22, VALUE_OPT_X509DSACERTFILE,
+ /* equiv idx, value */ 22, VALUE_OPT_X509DSACERTFILE,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
- /* opt state flags */ SRPUSERNAME_FLAGS, 0,
+ /* opt state flags */ X509DSACERTFILE_FLAGS, 0,
/* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
- /* option proc */ NULL,
- /* desc, NAME, name */ zSrpusernameText, zSrpusername_NAME,
zSrpusername_Name,
+ /* option proc */ doOptX509dsacertfile,
+ /* desc, NAME, name */ zX509dsacertfileText, zX509dsacertfile_NAME,
zX509dsacertfile_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 24, VALUE_OPT_SRPPASSWD,
- /* equiv idx, value */ 24, VALUE_OPT_SRPPASSWD,
+ { /* entry idx, value */ 23, VALUE_OPT_X509ECCKEYFILE,
+ /* equiv idx, value */ 23, VALUE_OPT_X509ECCKEYFILE,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
- /* opt state flags */ SRPPASSWD_FLAGS, 0,
+ /* opt state flags */ X509ECCKEYFILE_FLAGS, 0,
/* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
- /* option proc */ NULL,
- /* desc, NAME, name */ zSrppasswdText, zSrppasswd_NAME, zSrppasswd_Name,
+ /* option proc */ doOptX509ecckeyfile,
+ /* desc, NAME, name */ zX509ecckeyfileText, zX509ecckeyfile_NAME,
zX509ecckeyfile_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 25, VALUE_OPT_PSKUSERNAME,
- /* equiv idx, value */ 25, VALUE_OPT_PSKUSERNAME,
+ { /* entry idx, value */ 24, VALUE_OPT_X509ECCCERTFILE,
+ /* equiv idx, value */ 24, VALUE_OPT_X509ECCCERTFILE,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
- /* opt state flags */ PSKUSERNAME_FLAGS, 0,
+ /* opt state flags */ X509ECCCERTFILE_FLAGS, 0,
/* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
- /* option proc */ NULL,
- /* desc, NAME, name */ zPskusernameText, zPskusername_NAME,
zPskusername_Name,
+ /* option proc */ doOptX509ecccertfile,
+ /* desc, NAME, name */ zX509ecccertfileText, zX509ecccertfile_NAME,
zX509ecccertfile_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 26, VALUE_OPT_PSKKEY,
- /* equiv idx, value */ 26, VALUE_OPT_PSKKEY,
+ { /* entry idx, value */ 25, VALUE_OPT_PGPSUBKEY,
+ /* equiv idx, value */ 25, VALUE_OPT_PGPSUBKEY,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
- /* opt state flags */ PSKKEY_FLAGS, 0,
+ /* opt state flags */ PGPSUBKEY_FLAGS, 0,
/* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ zPskkeyText, zPskkey_NAME, zPskkey_Name,
+ /* desc, NAME, name */ zPgpsubkeyText, zPgpsubkey_NAME, zPgpsubkey_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 27, VALUE_OPT_PORT,
- /* equiv idx, value */ 27, VALUE_OPT_PORT,
+ { /* entry idx, value */ 26, VALUE_OPT_SRPPASSWD,
+ /* equiv idx, value */ 26, VALUE_OPT_SRPPASSWD,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
- /* opt state flags */ PORT_FLAGS, 0,
+ /* opt state flags */ SRPPASSWD_FLAGS, 0,
/* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
- /* option proc */ NULL,
- /* desc, NAME, name */ zPortText, zPort_NAME, zPort_Name,
+ /* option proc */ doOptSrppasswd,
+ /* desc, NAME, name */ zSrppasswdText, zSrppasswd_NAME, zSrppasswd_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 28, VALUE_OPT_INSECURE,
- /* equiv idx, value */ 28, VALUE_OPT_INSECURE,
+ { /* entry idx, value */ 27, VALUE_OPT_SRPPASSWDCONF,
+ /* equiv idx, value */ 27, VALUE_OPT_SRPPASSWDCONF,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
- /* opt state flags */ INSECURE_FLAGS, 0,
+ /* opt state flags */ SRPPASSWDCONF_FLAGS, 0,
/* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
- /* option proc */ NULL,
- /* desc, NAME, name */ zInsecureText, zInsecure_NAME, zInsecure_Name,
+ /* option proc */ doOptSrppasswdconf,
+ /* desc, NAME, name */ zSrppasswdconfText, zSrppasswdconf_NAME,
zSrppasswdconf_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 29, VALUE_OPT_BENCHMARK_CIPHERS,
- /* equiv idx, value */ 29, VALUE_OPT_BENCHMARK_CIPHERS,
+ { /* entry idx, value */ 28, VALUE_OPT_PSKPASSWD,
+ /* equiv idx, value */ 28, VALUE_OPT_PSKPASSWD,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
- /* opt state flags */ BENCHMARK_CIPHERS_FLAGS, 0,
+ /* opt state flags */ PSKPASSWD_FLAGS, 0,
/* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
- /* option proc */ NULL,
- /* desc, NAME, name */ zBenchmark_CiphersText, zBenchmark_Ciphers_NAME,
zBenchmark_Ciphers_Name,
+ /* option proc */ doOptPskpasswd,
+ /* desc, NAME, name */ zPskpasswdText, zPskpasswd_NAME, zPskpasswd_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 30, VALUE_OPT_BENCHMARK_SOFT_CIPHERS,
- /* equiv idx, value */ 30, VALUE_OPT_BENCHMARK_SOFT_CIPHERS,
+ { /* entry idx, value */ 29, VALUE_OPT_PSKHINT,
+ /* equiv idx, value */ 29, VALUE_OPT_PSKHINT,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
- /* opt state flags */ BENCHMARK_SOFT_CIPHERS_FLAGS, 0,
+ /* opt state flags */ PSKHINT_FLAGS, 0,
/* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ zBenchmark_Soft_CiphersText,
zBenchmark_Soft_Ciphers_NAME, zBenchmark_Soft_Ciphers_Name,
+ /* desc, NAME, name */ zPskhintText, zPskhint_NAME, zPskhint_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 31, VALUE_OPT_BENCHMARK_TLS,
- /* equiv idx, value */ 31, VALUE_OPT_BENCHMARK_TLS,
+ { /* entry idx, value */ 30, VALUE_OPT_PORT,
+ /* equiv idx, value */ 30, VALUE_OPT_PORT,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
- /* opt state flags */ BENCHMARK_TLS_FLAGS, 0,
+ /* opt state flags */ PORT_FLAGS, 0,
/* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
- /* option proc */ NULL,
- /* desc, NAME, name */ zBenchmark_TlsText, zBenchmark_Tls_NAME,
zBenchmark_Tls_Name,
+ /* option proc */ optionNumericVal,
+ /* desc, NAME, name */ zPortText, zPort_NAME, zPort_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 32, VALUE_OPT_LIST,
- /* equiv idx, value */ 32, VALUE_OPT_LIST,
+ { /* entry idx, value */ 31, VALUE_OPT_LIST,
+ /* equiv idx, value */ 31, VALUE_OPT_LIST,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ LIST_FLAGS, 0,
@@ -873,22 +858,20 @@ static tOptDesc optDesc[OPTION_CT] = {
/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
*
- * Define the Gnutls_Cli Option Environment
+ * Define the Gnutls_Serv Option Environment
*/
-static char const zPROGNAME[11] = "GNUTLS_CLI";
-static char const zUsageTitle[100] =
-"gnutls-cli - GnuTLS client - Ver. 3.0.11\n\
+static char const zPROGNAME[12] = "GNUTLS_SERV";
+static char const zUsageTitle[101] =
+"gnutls-serv - GnuTLS server - Ver. 3.0.12\n\
USAGE: %s [ -<flag> [<val>] | --<name>[{=| }<val>] ]... \n";
#define zRcName NULL
#define apzHomeList NULL
static char const zBugsAddr[19] = "address@hidden";
#define zExplain NULL
-static char const zDetail[195] = "\n\
-Simple client program to set up a TLS connection to some other computer.\n\
-It sets up a TLS connection and forwards data from the standard input\n\
-to the secured socket and vice versa.\n";
-static char const zFullVersion[] = GNUTLS_CLI_FULL_VERSION;
+static char const zDetail[65] = "\n\
+Server program that listens to incoming TLS connections.\n";
+static char const zFullVersion[] = GNUTLS_SERV_FULL_VERSION;
/* extracted from optcode.tlib near line 515 */
#if defined(ENABLE_NLS)
@@ -900,19 +883,19 @@ static char const zFullVersion[] =
GNUTLS_CLI_FULL_VERSION;
#endif /* ENABLE_NLS */
-#define gnutls_cli_full_usage NULL
-static char const gnutls_cli_short_usage[] =
- "Usage: gnutls-cli [options] hostname\n\
-gnutls-cli --help for usage instructions.\n";
+#define gnutls_serv_full_usage NULL
+static char const gnutls_serv_short_usage[] =
+ "Usage: gnutls-serv [options]\n\
+gnutls-serv --help for usage instructions.\n";
#ifndef PKGDATADIR
# define PKGDATADIR ""
#endif
#ifndef WITH_PACKAGER
-# define gnutls_cli_packager_info NULL
+# define gnutls_serv_packager_info NULL
#else
-static char const gnutls_cli_packager_info[] =
+static char const gnutls_serv_packager_info[] =
"Packaged by " WITH_PACKAGER
# ifdef WITH_PACKAGER_VERSION
@@ -920,12 +903,12 @@ static char const gnutls_cli_packager_info[] =
# endif
# ifdef WITH_PACKAGER_BUG_REPORTS
- "\nReport gnutls_cli bugs to " WITH_PACKAGER_BUG_REPORTS
+ "\nReport gnutls_serv bugs to " WITH_PACKAGER_BUG_REPORTS
# endif
"\n";
#endif
-tOptions gnutls_cliOptions = {
+tOptions gnutls_servOptions = {
OPTIONS_STRUCT_VERSION,
0, NULL, /* original argc + argv */
( OPTPROC_BASE
@@ -954,10 +937,10 @@ tOptions gnutls_cliOptions = {
NO_EQUIVALENT, /* '-#' option index */
NO_EQUIVALENT /* index of default opt */
},
- 36 /* full option count */, 33 /* user option count */,
- gnutls_cli_full_usage, gnutls_cli_short_usage,
+ 35 /* full option count */, 32 /* user option count */,
+ gnutls_serv_full_usage, gnutls_serv_short_usage,
NULL, NULL,
- PKGDATADIR, gnutls_cli_packager_info
+ PKGDATADIR, gnutls_serv_packager_info
};
/*
@@ -967,7 +950,7 @@ static void
doUsageOpt(tOptions * pOptions, tOptDesc * pOptDesc)
{
(void)pOptions;
- USAGE(GNUTLS_CLI_EXIT_SUCCESS);
+ USAGE(GNUTLS_SERV_EXIT_SUCCESS);
}
/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
@@ -1038,35 +1021,20 @@ emit_ranges:
/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
*
- * For the recordsize option.
+ * For the dhparams option.
*/
static void
-doOptRecordsize(tOptions* pOptions, tOptDesc* pOptDesc)
+doOptDhparams(tOptions* pOptions, tOptDesc* pOptDesc)
{
- static const struct {long const rmin, rmax;} rng[1] = {
- { 0, 4096 } };
- int ix;
-
- if (pOptions <= OPTPROC_EMIT_LIMIT)
- goto emit_ranges;
- optionNumericVal(pOptions, pOptDesc);
-
- for (ix = 0; ix < 1; ix++) {
- if (pOptDesc->optArg.argInt < rng[ix].rmin)
- continue; /* ranges need not be ordered. */
- if (pOptDesc->optArg.argInt == rng[ix].rmin)
- return;
- if (rng[ix].rmax == LONG_MIN)
- continue;
- if (pOptDesc->optArg.argInt <= rng[ix].rmax)
- return;
- }
-
- option_usage_fp = stderr;
-
-emit_ranges:
+ static teOptFileType const type =
+ FTYPE_MODE_MAY_EXIST + FTYPE_MODE_NO_OPEN;
+ static tuFileMode mode;
+#ifndef O_CLOEXEC
+# define O_CLOEXEC 0
+#endif
+ mode.file_flags = O_CLOEXEC;
- optionShowRange(pOptions, pOptDesc, (void *)rng, 1);
+ optionFileCheck(pOptions, pOptDesc, type, mode);
}
/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
@@ -1194,6 +1162,132 @@ doOptX509certfile(tOptions* pOptions, tOptDesc*
pOptDesc)
optionFileCheck(pOptions, pOptDesc, type, mode);
}
+
+/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
+ *
+ * For the x509dsakeyfile option.
+ */
+static void
+doOptX509dsakeyfile(tOptions* pOptions, tOptDesc* pOptDesc)
+{
+ static teOptFileType const type =
+ FTYPE_MODE_MAY_EXIST + FTYPE_MODE_NO_OPEN;
+ static tuFileMode mode;
+#ifndef O_CLOEXEC
+# define O_CLOEXEC 0
+#endif
+ mode.file_flags = O_CLOEXEC;
+
+ optionFileCheck(pOptions, pOptDesc, type, mode);
+}
+
+/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
+ *
+ * For the x509dsacertfile option.
+ */
+static void
+doOptX509dsacertfile(tOptions* pOptions, tOptDesc* pOptDesc)
+{
+ static teOptFileType const type =
+ FTYPE_MODE_MAY_EXIST + FTYPE_MODE_NO_OPEN;
+ static tuFileMode mode;
+#ifndef O_CLOEXEC
+# define O_CLOEXEC 0
+#endif
+ mode.file_flags = O_CLOEXEC;
+
+ optionFileCheck(pOptions, pOptDesc, type, mode);
+}
+
+/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
+ *
+ * For the x509ecckeyfile option.
+ */
+static void
+doOptX509ecckeyfile(tOptions* pOptions, tOptDesc* pOptDesc)
+{
+ static teOptFileType const type =
+ FTYPE_MODE_MAY_EXIST + FTYPE_MODE_NO_OPEN;
+ static tuFileMode mode;
+#ifndef O_CLOEXEC
+# define O_CLOEXEC 0
+#endif
+ mode.file_flags = O_CLOEXEC;
+
+ optionFileCheck(pOptions, pOptDesc, type, mode);
+}
+
+/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
+ *
+ * For the x509ecccertfile option.
+ */
+static void
+doOptX509ecccertfile(tOptions* pOptions, tOptDesc* pOptDesc)
+{
+ static teOptFileType const type =
+ FTYPE_MODE_MAY_EXIST + FTYPE_MODE_NO_OPEN;
+ static tuFileMode mode;
+#ifndef O_CLOEXEC
+# define O_CLOEXEC 0
+#endif
+ mode.file_flags = O_CLOEXEC;
+
+ optionFileCheck(pOptions, pOptDesc, type, mode);
+}
+
+/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
+ *
+ * For the srppasswd option.
+ */
+static void
+doOptSrppasswd(tOptions* pOptions, tOptDesc* pOptDesc)
+{
+ static teOptFileType const type =
+ FTYPE_MODE_MAY_EXIST + FTYPE_MODE_NO_OPEN;
+ static tuFileMode mode;
+#ifndef O_CLOEXEC
+# define O_CLOEXEC 0
+#endif
+ mode.file_flags = O_CLOEXEC;
+
+ optionFileCheck(pOptions, pOptDesc, type, mode);
+}
+
+/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
+ *
+ * For the srppasswdconf option.
+ */
+static void
+doOptSrppasswdconf(tOptions* pOptions, tOptDesc* pOptDesc)
+{
+ static teOptFileType const type =
+ FTYPE_MODE_MAY_EXIST + FTYPE_MODE_NO_OPEN;
+ static tuFileMode mode;
+#ifndef O_CLOEXEC
+# define O_CLOEXEC 0
+#endif
+ mode.file_flags = O_CLOEXEC;
+
+ optionFileCheck(pOptions, pOptDesc, type, mode);
+}
+
+/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
+ *
+ * For the pskpasswd option.
+ */
+static void
+doOptPskpasswd(tOptions* pOptions, tOptDesc* pOptDesc)
+{
+ static teOptFileType const type =
+ FTYPE_MODE_MAY_EXIST + FTYPE_MODE_NO_OPEN;
+ static tuFileMode mode;
+#ifndef O_CLOEXEC
+# define O_CLOEXEC 0
+#endif
+ mode.file_flags = O_CLOEXEC;
+
+ optionFileCheck(pOptions, pOptDesc, type, mode);
+}
/* extracted from optcode.tlib near line 666 */
#if ENABLE_NLS
@@ -1218,7 +1312,7 @@ AO_gettext(char const* pz)
pzRes = strdup(pzRes);
if (pzRes == NULL) {
fputs(_("No memory for duping translated strings\n"), stderr);
- exit(GNUTLS_CLI_EXIT_FAILURE);
+ exit(GNUTLS_SERV_EXIT_FAILURE);
}
return pzRes;
}
@@ -1232,7 +1326,7 @@ static void coerce_it(void** s) { *s = AO_gettext(*s);
static void
translate_option_strings(void)
{
- tOptions * const pOpt = &gnutls_cliOptions;
+ tOptions * const pOpt = &gnutls_servOptions;
/*
* Guard against re-translation. It won't work. The strings will have
@@ -1276,7 +1370,7 @@ translate_option_strings(void)
coerce_it((void*)&(pOD->pz_DisablePfx));
}
/* prevent re-translation */
- gnutls_cliOptions.fOptSet |= OPTPROC_NXLAT_OPT_CFG | OPTPROC_NXLAT_OPT;
+ gnutls_servOptions.fOptSet |= OPTPROC_NXLAT_OPT_CFG |
OPTPROC_NXLAT_OPT;
}
}
@@ -1285,4 +1379,4 @@ translate_option_strings(void)
#ifdef __cplusplus
}
#endif
-/* cli-args.c ends here */
+/* serv-args.c ends here */
diff --git a/src/cli-args.def.in b/src/serv-args.def.in
similarity index 62%
copy from src/cli-args.def.in
copy to src/serv-args.def.in
index ed50025..00da5d9 100644
--- a/src/cli-args.def.in
+++ b/src/serv-args.def.in
@@ -1,11 +1,10 @@
AutoGen Definitions options;
-prog-name = gnutls-cli;
-prog-title = "GnuTLS client";
-prog-desc = "Simple client program to set up a TLS connection.";
-short-usage = "Usage: gnutls-cli [options] hostname\ngnutls-cli --help for
usage instructions.\n";
+prog-name = gnutls-serv;
+prog-title = "GnuTLS server";
+prog-desc = "Simple server program to act as an HTTPS or TLS echo
service.";
+short-usage = "Usage: gnutls-serv [options]\ngnutls-serv --help for usage
instructions.\n";
prog-group = "GnuTLS";
-detail = "Simple client program to set up a TLS connection to some
other computer.
-It sets up a TLS connection and forwards data from the standard input to the
secured socket and vice versa.";
+detail = "Server program that listens to incoming TLS connections.";
gnu-usage;
no-misuse-usage;
disable-save;
@@ -34,91 +33,75 @@ flag = {
};
flag = {
- name = resume;
- value = r;
- descrip = "Connect, establish a session. Connect again and resume this
session";
- doc = "";
-};
-
-flag = {
- name = rehandshake;
- value = e;
- descrip = "Connect, establish a session and rehandshake immediately";
- doc = "";
-};
-
-flag = {
name = noticket;
descrip = "Don't accept session tickets";
doc = "";
};
flag = {
- name = starttls;
- value = s;
- descrip = "Connect, establish a plain session and start TLS when EOF or
a SIGALRM is received";
+ name = generate;
+ value = g;
+ descrip = "Generate Diffie-Hellman and RSA-export parameters";
doc = "";
};
flag = {
- name = udp;
- value = u;
- descrip = "Use DTLS (datagram TLS) over UDP";
+ name = quiet;
+ value = q;
+ descrip = "Suppress some messages";
doc = "";
};
flag = {
- name = mtu;
- arg-type = number;
- arg-range = "0->17000";
- descrip = "Set MTU for datagram TLS";
+ name = nodb;
+ descrip = "Do not use a resumption database";
doc = "";
};
flag = {
- name = crlf;
- descrip = "Send CR LF instead of LF";
+ name = http;
+ descrip = "Act as an HTTP server";
doc = "";
};
flag = {
- name = x509fmtder;
- descrip = "Use DER format for certificates to read from";
+ name = echo;
+ descrip = "Act as an Echo server";
doc = "";
};
flag = {
- name = fingerprint;
- value = f;
- descrip = "Send the openpgp fingerprint, instead of the key";
+ name = udp;
+ value = u;
+ descrip = "Use DTLS (datagram TLS) over UDP";
doc = "";
};
flag = {
- name = disable-extensions;
- descrip = "Disable all the TLS extensions";
+ name = mtu;
+ arg-type = number;
+ arg-range = "0->17000";
+ descrip = "Set MTU for datagram TLS";
doc = "";
};
flag = {
- name = print-cert;
- descrip = "Print peer's certificate in PEM format";
+ name = disable-client-cert;
+ value = a;
+ descrip = "Do not request a client certificate";
doc = "";
};
flag = {
- name = recordsize;
- arg-type = number;
- arg-range = "0->4096";
- descrip = "The maximum record size to advertize";
+ name = require-client-cert;
+ value = r;
+ descrip = "Require a client certificate";
doc = "";
};
flag = {
- name = verbose;
- value = V;
- max = NOLIMIT;
- descrip = "More verbose output";
+ name = x509fmtder;
+ descrip = "Use DER format for certificates to read from";
doc = "";
};
@@ -135,6 +118,14 @@ information on allowed keywords";
};
flag = {
+ name = dhparams;
+ arg-type = file;
+ file-exists;
+ descrip = "DH params file to use";
+ doc = "";
+};
+
+flag = {
name = x509cafile;
arg-type = file;
file-exists;
@@ -191,69 +182,80 @@ flag = {
};
flag = {
- name = pgpsubkey;
- arg-type = string;
- descrip = "PGP subkey to use (hex or auto)";
+ name = x509dsakeyfile;
+ arg-type = file;
+ file-exists;
+ descrip = "Alternative X.509 key file or PKCS #11 URL to use";
doc = "";
};
flag = {
- name = srpusername;
- arg-type = string;
- descrip = "SRP username to use";
+ name = x509dsacertfile;
+ arg-type = file;
+ file-exists;
+ descrip = "Alternative X.509 Certificate file or PKCS #11 URL to use";
doc = "";
};
flag = {
- name = srppasswd;
- arg-type = string;
- descrip = "SRP password to use";
+ name = x509ecckeyfile;
+ arg-type = file;
+ file-exists;
+ descrip = "Alternative X.509 key file or PKCS #11 URL to use";
doc = "";
};
flag = {
- name = pskusername;
- arg-type = string;
- descrip = "PSK username to use";
+ name = x509ecccertfile;
+ arg-type = file;
+ file-exists;
+ descrip = "Alternative X.509 Certificate file or PKCS #11 URL to use";
doc = "";
};
flag = {
- name = pskkey;
+ name = pgpsubkey;
arg-type = string;
- descrip = "PSK key (in hex) to use";
+ descrip = "PGP subkey to use (hex or auto)";
doc = "";
};
flag = {
- name = port;
- value = p;
- arg-type = string;
- descrip = "The port to connect to";
+ name = srppasswd;
+ arg-type = file;
+ file-exists;
+ descrip = "SRP password file to use";
doc = "";
};
flag = {
- name = insecure;
- descrip = "Don't abort program if server certificate can't be validated";
+ name = srppasswdconf;
+ arg-type = file;
+ file-exists;
+ descrip = "SRP password configuration file to use";
doc = "";
};
flag = {
- name = benchmark-ciphers;
- descrip = "Benchmark individual ciphers";
+ name = pskpasswd;
+ arg-type = file;
+ file-exists;
+ descrip = "PSK password file to use";
doc = "";
};
flag = {
- name = benchmark-soft-ciphers;
- descrip = "Benchmark individual software ciphers (no hw acceleration)";
+ name = pskhint;
+ arg-type = string;
+ descrip = "PSK identity hint to use";
doc = "";
};
flag = {
- name = benchmark-tls;
- descrip = "Benchmark ciphers and key exchange methods in TLS";
+ name = port;
+ value = p;
+ arg-type = number;
+ descrip = "The port to connect to";
doc = "";
};
@@ -265,12 +267,10 @@ flag = {
doc = "Print a list of the supported algorithms and modes. If a
priority string is given then only the enabled ciphersuites are shown.";
};
-
-
doc-section = {
ds-type = 'SEE ALSO'; // or anything else
ds-format = 'man'; // or texi or mdoc format
ds-text = <<-_EOText_
-gnutls-cli-debug(1), gnutls-serv(1)
+gnutls-cli-debug(1), gnutls-cli(1)
_EOText_;
};
diff --git a/src/cli-args.h b/src/serv-args.h
similarity index 52%
copy from src/cli-args.h
copy to src/serv-args.h
index 72e1538..b663e6b 100644
--- a/src/cli-args.h
+++ b/src/serv-args.h
@@ -1,16 +1,16 @@
/* -*- buffer-read-only: t -*- vi: set ro:
*
- * DO NOT EDIT THIS FILE (cli-args.h)
+ * DO NOT EDIT THIS FILE (serv-args.h)
*
- * It has been AutoGen-ed January 19, 2012 at 09:42:05 PM by AutoGen 5.12
- * From the definitions cli-args.def
+ * It has been AutoGen-ed January 21, 2012 at 01:58:47 AM by AutoGen 5.12
+ * From the definitions serv-args.def
* and the template file options
*
* Generated from AutoOpts 35:0:10 templates.
*
* AutoOpts is a copyrighted work. This header file is not encumbered
* by AutoOpts licensing, but is provided under the licensing terms chosen
- * by the gnutls-cli author or copyright holder. AutoOpts is
+ * by the gnutls-serv author or copyright holder. AutoOpts is
* licensed under the terms of the LGPL. The redistributable library
* (``libopts'') is licensed under the terms of either the LGPL or, at the
* users discretion, the BSD license. See the AutoOpts and/or libopts sources
@@ -24,12 +24,12 @@
* GNU General Public License, version 3 or later
* <http://gnu.org/licenses/gpl.html>
*
-PFX>gnutls-cli is free software: you can redistribute it and/or modify it
+PFX>gnutls-serv is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
- * gnutls-cli is distributed in the hope that it will be useful, but
+ * gnutls-serv is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
* See the GNU General Public License for more details.
@@ -39,12 +39,12 @@ PFX>gnutls-cli is free software: you can redistribute it
and/or modify it
*/
/*
* This file contains the programmatic interface to the Automated
- * Options generated for the gnutls-cli program.
+ * Options generated for the gnutls-serv program.
* These macros are documented in the AutoGen info file in the
* "AutoOpts" chapter. Please refer to that doc for usage help.
*/
-#ifndef AUTOOPTS_CLI_ARGS_H_GUARD
-#define AUTOOPTS_CLI_ARGS_H_GUARD 1
+#ifndef AUTOOPTS_SERV_ARGS_H_GUARD
+#define AUTOOPTS_SERV_ARGS_H_GUARD 1
#include "config.h"
#include <autoopts/options.h>
@@ -66,54 +66,53 @@ PFX>gnutls-cli is free software: you can redistribute it
and/or modify it
* Enumeration of each option:
*/
typedef enum {
- INDEX_OPT_DEBUG = 0,
- INDEX_OPT_RESUME = 1,
- INDEX_OPT_REHANDSHAKE = 2,
- INDEX_OPT_NOTICKET = 3,
- INDEX_OPT_STARTTLS = 4,
- INDEX_OPT_UDP = 5,
- INDEX_OPT_MTU = 6,
- INDEX_OPT_CRLF = 7,
- INDEX_OPT_X509FMTDER = 8,
- INDEX_OPT_FINGERPRINT = 9,
- INDEX_OPT_DISABLE_EXTENSIONS = 10,
- INDEX_OPT_PRINT_CERT = 11,
- INDEX_OPT_RECORDSIZE = 12,
- INDEX_OPT_VERBOSE = 13,
- INDEX_OPT_PRIORITY = 14,
- INDEX_OPT_X509CAFILE = 15,
- INDEX_OPT_X509CRLFILE = 16,
- INDEX_OPT_PGPKEYFILE = 17,
- INDEX_OPT_PGPKEYRING = 18,
- INDEX_OPT_PGPCERTFILE = 19,
- INDEX_OPT_X509KEYFILE = 20,
- INDEX_OPT_X509CERTFILE = 21,
- INDEX_OPT_PGPSUBKEY = 22,
- INDEX_OPT_SRPUSERNAME = 23,
- INDEX_OPT_SRPPASSWD = 24,
- INDEX_OPT_PSKUSERNAME = 25,
- INDEX_OPT_PSKKEY = 26,
- INDEX_OPT_PORT = 27,
- INDEX_OPT_INSECURE = 28,
- INDEX_OPT_BENCHMARK_CIPHERS = 29,
- INDEX_OPT_BENCHMARK_SOFT_CIPHERS = 30,
- INDEX_OPT_BENCHMARK_TLS = 31,
- INDEX_OPT_LIST = 32,
- INDEX_OPT_VERSION = 33,
- INDEX_OPT_HELP = 34,
- INDEX_OPT_MORE_HELP = 35
+ INDEX_OPT_DEBUG = 0,
+ INDEX_OPT_NOTICKET = 1,
+ INDEX_OPT_GENERATE = 2,
+ INDEX_OPT_QUIET = 3,
+ INDEX_OPT_NODB = 4,
+ INDEX_OPT_HTTP = 5,
+ INDEX_OPT_ECHO = 6,
+ INDEX_OPT_UDP = 7,
+ INDEX_OPT_MTU = 8,
+ INDEX_OPT_DISABLE_CLIENT_CERT = 9,
+ INDEX_OPT_REQUIRE_CLIENT_CERT = 10,
+ INDEX_OPT_X509FMTDER = 11,
+ INDEX_OPT_PRIORITY = 12,
+ INDEX_OPT_DHPARAMS = 13,
+ INDEX_OPT_X509CAFILE = 14,
+ INDEX_OPT_X509CRLFILE = 15,
+ INDEX_OPT_PGPKEYFILE = 16,
+ INDEX_OPT_PGPKEYRING = 17,
+ INDEX_OPT_PGPCERTFILE = 18,
+ INDEX_OPT_X509KEYFILE = 19,
+ INDEX_OPT_X509CERTFILE = 20,
+ INDEX_OPT_X509DSAKEYFILE = 21,
+ INDEX_OPT_X509DSACERTFILE = 22,
+ INDEX_OPT_X509ECCKEYFILE = 23,
+ INDEX_OPT_X509ECCCERTFILE = 24,
+ INDEX_OPT_PGPSUBKEY = 25,
+ INDEX_OPT_SRPPASSWD = 26,
+ INDEX_OPT_SRPPASSWDCONF = 27,
+ INDEX_OPT_PSKPASSWD = 28,
+ INDEX_OPT_PSKHINT = 29,
+ INDEX_OPT_PORT = 30,
+ INDEX_OPT_LIST = 31,
+ INDEX_OPT_VERSION = 32,
+ INDEX_OPT_HELP = 33,
+ INDEX_OPT_MORE_HELP = 34
} teOptIndex;
-#define OPTION_CT 36
-#define GNUTLS_CLI_VERSION "3.0.11"
-#define GNUTLS_CLI_FULL_VERSION "gnutls-cli 3.0.11"
+#define OPTION_CT 35
+#define GNUTLS_SERV_VERSION "3.0.12"
+#define GNUTLS_SERV_FULL_VERSION "gnutls-serv 3.0.12"
/*
* Interface defines for all options. Replace "n" with the UPPER_CASED
* option name (as in the teOptIndex enumeration above).
* e.g. HAVE_OPT(DEBUG)
*/
-#define DESC(n) (gnutls_cliOptions.pOptDesc[INDEX_OPT_## n])
+#define DESC(n) (gnutls_servOptions.pOptDesc[INDEX_OPT_## n])
#define HAVE_OPT(n) (! UNUSED_OPT(& DESC(n)))
#define OPT_ARG(n) (DESC(n).optArg.argString)
#define STATE_OPT(n) (DESC(n).fOptState & OPTST_SET_MASK)
@@ -131,12 +130,12 @@ typedef enum {
/* * * * * *
*
- * Enumeration of gnutls-cli exit codes
+ * Enumeration of gnutls-serv exit codes
*/
typedef enum {
- GNUTLS_CLI_EXIT_SUCCESS = 0,
- GNUTLS_CLI_EXIT_FAILURE = 1
-} gnutls_cli_exit_code_t;
+ GNUTLS_SERV_EXIT_SUCCESS = 0,
+ GNUTLS_SERV_EXIT_FAILURE = 1
+} gnutls_serv_exit_code_t;
/* * * * * *
*
* Interface defines for specific options.
@@ -144,41 +143,40 @@ typedef enum {
#define VALUE_OPT_DEBUG 'd'
#define OPT_VALUE_DEBUG (DESC(DEBUG).optArg.argInt)
-#define VALUE_OPT_RESUME 'r'
-#define VALUE_OPT_REHANDSHAKE 'e'
-#define VALUE_OPT_NOTICKET 3
-#define VALUE_OPT_STARTTLS 's'
+#define VALUE_OPT_NOTICKET 1
+#define VALUE_OPT_GENERATE 'g'
+#define VALUE_OPT_QUIET 'q'
+#define VALUE_OPT_NODB 4
+#define VALUE_OPT_HTTP 5
+#define VALUE_OPT_ECHO 6
#define VALUE_OPT_UDP 'u'
-#define VALUE_OPT_MTU 6
+#define VALUE_OPT_MTU 8
#define OPT_VALUE_MTU (DESC(MTU).optArg.argInt)
-#define VALUE_OPT_CRLF 7
-#define VALUE_OPT_X509FMTDER 8
-#define VALUE_OPT_FINGERPRINT 'f'
-#define VALUE_OPT_DISABLE_EXTENSIONS 10
-#define VALUE_OPT_PRINT_CERT 11
-#define VALUE_OPT_RECORDSIZE 12
-
-#define OPT_VALUE_RECORDSIZE (DESC(RECORDSIZE).optArg.argInt)
-#define VALUE_OPT_VERBOSE 'V'
-#define VALUE_OPT_PRIORITY 14
-#define VALUE_OPT_X509CAFILE 15
-#define VALUE_OPT_X509CRLFILE 16
-#define VALUE_OPT_PGPKEYFILE 17
-#define VALUE_OPT_PGPKEYRING 18
-#define VALUE_OPT_PGPCERTFILE 19
-#define VALUE_OPT_X509KEYFILE 20
-#define VALUE_OPT_X509CERTFILE 21
-#define VALUE_OPT_PGPSUBKEY 22
-#define VALUE_OPT_SRPUSERNAME 23
-#define VALUE_OPT_SRPPASSWD 24
-#define VALUE_OPT_PSKUSERNAME 25
-#define VALUE_OPT_PSKKEY 26
+#define VALUE_OPT_DISABLE_CLIENT_CERT 'a'
+#define VALUE_OPT_REQUIRE_CLIENT_CERT 'r'
+#define VALUE_OPT_X509FMTDER 11
+#define VALUE_OPT_PRIORITY 12
+#define VALUE_OPT_DHPARAMS 13
+#define VALUE_OPT_X509CAFILE 14
+#define VALUE_OPT_X509CRLFILE 15
+#define VALUE_OPT_PGPKEYFILE 16
+#define VALUE_OPT_PGPKEYRING 17
+#define VALUE_OPT_PGPCERTFILE 18
+#define VALUE_OPT_X509KEYFILE 19
+#define VALUE_OPT_X509CERTFILE 20
+#define VALUE_OPT_X509DSAKEYFILE 21
+#define VALUE_OPT_X509DSACERTFILE 22
+#define VALUE_OPT_X509ECCKEYFILE 23
+#define VALUE_OPT_X509ECCCERTFILE 24
+#define VALUE_OPT_PGPSUBKEY 25
+#define VALUE_OPT_SRPPASSWD 26
+#define VALUE_OPT_SRPPASSWDCONF 27
+#define VALUE_OPT_PSKPASSWD 28
+#define VALUE_OPT_PSKHINT 29
#define VALUE_OPT_PORT 'p'
-#define VALUE_OPT_INSECURE 28
-#define VALUE_OPT_BENCHMARK_CIPHERS 29
-#define VALUE_OPT_BENCHMARK_SOFT_CIPHERS 30
-#define VALUE_OPT_BENCHMARK_TLS 31
+
+#define OPT_VALUE_PORT (DESC(PORT).optArg.argInt)
#define VALUE_OPT_LIST 'l'
#define VALUE_OPT_HELP '?'
#define VALUE_OPT_MORE_HELP '!'
@@ -186,13 +184,13 @@ typedef enum {
/*
* Interface defines not associated with particular options
*/
-#define ERRSKIP_OPTERR STMTS(gnutls_cliOptions.fOptSet &= ~OPTPROC_ERRSTOP)
-#define ERRSTOP_OPTERR STMTS(gnutls_cliOptions.fOptSet |= OPTPROC_ERRSTOP)
+#define ERRSKIP_OPTERR STMTS(gnutls_servOptions.fOptSet &= ~OPTPROC_ERRSTOP)
+#define ERRSTOP_OPTERR STMTS(gnutls_servOptions.fOptSet |= OPTPROC_ERRSTOP)
#define RESTART_OPT(n) STMTS( \
- gnutls_cliOptions.curOptIdx = (n); \
- gnutls_cliOptions.pzCurOpt = NULL)
+ gnutls_servOptions.curOptIdx = (n); \
+ gnutls_servOptions.pzCurOpt = NULL)
#define START_OPT RESTART_OPT(1)
-#define USAGE(c) (*gnutls_cliOptions.pUsageProc)(&gnutls_cliOptions, c)
+#define USAGE(c) (*gnutls_servOptions.pUsageProc)(&gnutls_servOptions,
c)
/* extracted from opthead.tlib near line 451 */
#ifdef __cplusplus
@@ -201,15 +199,15 @@ extern "C" {
/* * * * * *
*
- * Globals exported from the GnuTLS client option definitions
+ * Globals exported from the GnuTLS server option definitions
*/
#include <gettext.h>
/* * * * * *
*
- * Declare the gnutls-cli option descriptor.
+ * Declare the gnutls-serv option descriptor.
*/
-extern tOptions gnutls_cliOptions;
+extern tOptions gnutls_servOptions;
#if defined(ENABLE_NLS)
# ifndef _
@@ -221,14 +219,14 @@ static inline char* aoGetsText(char const* pz) {
# define _(s) aoGetsText(s)
# endif /* _() */
-# define OPT_NO_XLAT_CFG_NAMES STMTS(gnutls_cliOptions.fOptSet |= \
+# define OPT_NO_XLAT_CFG_NAMES STMTS(gnutls_servOptions.fOptSet |= \
OPTPROC_NXLAT_OPT_CFG;)
-# define OPT_NO_XLAT_OPT_NAMES STMTS(gnutls_cliOptions.fOptSet |= \
+# define OPT_NO_XLAT_OPT_NAMES STMTS(gnutls_servOptions.fOptSet |= \
OPTPROC_NXLAT_OPT|OPTPROC_NXLAT_OPT_CFG;)
-# define OPT_XLAT_CFG_NAMES STMTS(gnutls_cliOptions.fOptSet &= \
+# define OPT_XLAT_CFG_NAMES STMTS(gnutls_servOptions.fOptSet &= \
~(OPTPROC_NXLAT_OPT|OPTPROC_NXLAT_OPT_CFG);)
-# define OPT_XLAT_OPT_NAMES STMTS(gnutls_cliOptions.fOptSet &= \
+# define OPT_XLAT_OPT_NAMES STMTS(gnutls_servOptions.fOptSet &= \
~OPTPROC_NXLAT_OPT;)
#else /* ENABLE_NLS */
@@ -246,5 +244,5 @@ static inline char* aoGetsText(char const* pz) {
#ifdef __cplusplus
}
#endif
-#endif /* AUTOOPTS_CLI_ARGS_H_GUARD */
-/* cli-args.h ends here */
+#endif /* AUTOOPTS_SERV_ARGS_H_GUARD */
+/* serv-args.h ends here */
diff --git a/src/serv.c b/src/serv.c
index ee4e953..e0ed4a4 100644
--- a/src/serv.c
+++ b/src/serv.c
@@ -26,7 +26,7 @@
#include <config.h>
#include "common.h"
-#include "serv-gaa.h"
+#include "serv-args.h"
#include <stdio.h>
#include <stdlib.h>
#include <errno.h>
@@ -56,7 +56,7 @@
static int generate = 0;
static int http = 0;
static int x509ctype;
-static int debug;
+static int debug = 0;
int verbose;
static int nodb;
@@ -64,21 +64,21 @@ static int noticket;
int require_cert;
int disable_client_cert;
-char *psk_passwd;
-char *srp_passwd;
-char *srp_passwd_conf;
-char *pgp_keyring;
-char *pgp_keyfile;
-char *pgp_certfile;
-char *x509_keyfile;
-char *x509_certfile;
-char *x509_dsakeyfile;
-char *x509_dsacertfile;
-char *x509_ecckeyfile;
-char *x509_ecccertfile;
-char *x509_cafile;
-char *dh_params_file;
-char *x509_crlfile = NULL;
+const char *psk_passwd = NULL;
+const char *srp_passwd = NULL;
+const char *srp_passwd_conf = NULL;
+const char *pgp_keyring = NULL;
+const char *pgp_keyfile = NULL;
+const char *pgp_certfile = NULL;
+const char *x509_keyfile = NULL;
+const char *x509_certfile = NULL;
+const char *x509_dsakeyfile = NULL;
+const char *x509_dsacertfile = NULL;
+const char *x509_ecckeyfile = NULL;
+const char *x509_ecccertfile = NULL;
+const char *x509_cafile = NULL;
+const char *dh_params_file = NULL;
+const char *x509_crlfile = NULL;
gnutls_datum_t session_ticket_key;
static void tcp_server(const char* name, int port);
@@ -111,8 +111,6 @@ gnutls_psk_server_credentials_t psk_cred = NULL;
gnutls_anon_server_credentials_t dh_cred = NULL;
gnutls_certificate_credentials_t cert_cred = NULL;
-static gaainfo info;
-
const int ssl_session_cache = 128;
static void wrap_db_init (void);
@@ -121,6 +119,8 @@ static int wrap_db_store (void *dbf, gnutls_datum_t key,
gnutls_datum_t data);
static gnutls_datum_t wrap_db_fetch (void *dbf, gnutls_datum_t key);
static int wrap_db_delete (void *dbf, gnutls_datum_t key);
+static void cmd_parser (int argc, char **argv);
+
#define HTTP_STATE_REQUEST 1
#define HTTP_STATE_RESPONSE 2
@@ -331,6 +331,13 @@ gnutls_session_t initialize_session (int dtls)
{
gnutls_session_t session;
const char *err;
+ const char * priorities;
+
+ if (HAVE_OPT(PRIORITY)) {
+ priorities = OPT_ARG(PRIORITY);
+ } else {
+ priorities = "NORMAL";
+ }
if (dtls)
gnutls_init (&session, GNUTLS_SERVER|GNUTLS_DATAGRAM);
@@ -353,7 +360,7 @@ gnutls_session_t initialize_session (int dtls)
gnutls_session_ticket_enable_server (session, &session_ticket_key);
#endif
- if (gnutls_priority_set_direct (session, info.priorities, &err) < 0)
+ if (gnutls_priority_set_direct (session, priorities, &err) < 0)
{
fprintf (stderr, "Syntax error at: %s\n", err);
exit (1);
@@ -898,15 +905,14 @@ tls_audit_log_func (gnutls_session_t session, const char
*str)
fprintf (stderr, "|<%p>| %s", session, str);
}
-static void gaa_parser (int argc, char **argv);
-
int
main (int argc, char **argv)
{
- int ret;
+ int ret, mtu, port;
char name[256];
set_program_name (argv[0]);
+ cmd_parser(argc, argv);
#ifndef _WIN32
signal (SIGPIPE, SIG_IGN);
@@ -918,12 +924,12 @@ main (int argc, char **argv)
sockets_init ();
- gaa_parser (argc, argv);
+ optionProcess( &gnutls_servOptions, argc, argv);
if (nodb == 0)
wrap_db_init ();
- if (info.udp != 0)
+ if (ENABLED_OPT(UDP))
strcpy(name, "UDP ");
else name[0] = 0;
@@ -1018,11 +1024,11 @@ main (int argc, char **argv)
}
}
- if (pgp_certfile != NULL)
+ if (ENABLED_OPT(PGPCERTFILE))
{
- if (info.pgp_subkey != NULL)
+ if (ENABLED_OPT(PGPSUBKEY))
ret = gnutls_certificate_set_openpgp_key_file2
- (cert_cred, pgp_certfile, pgp_keyfile, info.pgp_subkey,
+ (cert_cred, pgp_certfile, pgp_keyfile, OPT_ARG(PGPSUBKEY),
GNUTLS_OPENPGP_FMT_BASE64);
else
ret = gnutls_certificate_set_openpgp_key_file
@@ -1109,10 +1115,10 @@ main (int argc, char **argv)
GERR (ret);
}
- if (info.psk_hint)
+ if (ENABLED_OPT(PSKHINT))
{
ret = gnutls_psk_set_server_credentials_hint (psk_cred,
- info.psk_hint);
+ OPT_ARG(PSKHINT));
if (ret)
{
fprintf (stderr, "Error setting PSK identity hint.\n");
@@ -1136,10 +1142,19 @@ main (int argc, char **argv)
gnutls_session_ticket_key_generate (&session_ticket_key);
#endif
- if (info.udp)
- udp_server(name, info.port, info.mtu);
+ if (ENABLED_OPT(MTU))
+ mtu = OPT_VALUE_MTU;
+ else mtu = 1300;
+
+ if (ENABLED_OPT(PORT))
+ port = OPT_VALUE_PORT;
else
- tcp_server(name, info.port);
+ port = 5556;
+
+ if (ENABLED_OPT(UDP))
+ udp_server(name, port, mtu);
+ else
+ tcp_server(name, port);
}
static void tcp_server(const char* name, int port)
@@ -1530,56 +1545,66 @@ static void tcp_server(const char* name, int port)
}
-void
-gaa_parser (int argc, char **argv)
+static void cmd_parser (int argc, char **argv)
{
- if (gaa (argc, argv, &info) != -1)
- {
- fprintf (stderr,
- "Error in the arguments. Use the --help or -h parameters to get
more information.\n");
- exit (1);
- }
+ disable_client_cert = ENABLED_OPT(DISABLE_CLIENT_CERT);
+ require_cert = ENABLED_OPT(REQUIRE_CLIENT_CERT);
+ if (ENABLED_OPT(DEBUG))
+ debug = OPT_VALUE_DEBUG;
- disable_client_cert = info.disable_client_cert;
- require_cert = info.require_cert;
- debug = info.debug;
- verbose = info.quiet;
- nodb = info.nodb;
- noticket = info.noticket;
+ verbose = !ENABLED_OPT(QUIET);
+ nodb = ENABLED_OPT(NODB);
+ noticket = ENABLED_OPT(NOTICKET);
- if (info.http == 0)
- http = 0;
- else
- http = 1;
+ http = ENABLED_OPT(HTTP);
- if (info.fmtder == 0)
- x509ctype = GNUTLS_X509_FMT_PEM;
- else
+ if (ENABLED_OPT(X509FMTDER))
x509ctype = GNUTLS_X509_FMT_DER;
-
- if (info.generate == 0)
- generate = 0;
else
- generate = 1;
-
- dh_params_file = info.dh_params_file;
-
- x509_certfile = info.x509_certfile;
- x509_keyfile = info.x509_keyfile;
- x509_dsacertfile = info.x509_dsacertfile;
- x509_dsakeyfile = info.x509_dsakeyfile;
- x509_ecccertfile = info.x509_ecccertfile;
- x509_ecckeyfile = info.x509_ecckeyfile;
- x509_cafile = info.x509_cafile;
- x509_crlfile = info.x509_crlfile;
- pgp_certfile = info.pgp_certfile;
- pgp_keyfile = info.pgp_keyfile;
- srp_passwd = info.srp_passwd;
- srp_passwd_conf = info.srp_passwd_conf;
-
- psk_passwd = info.psk_passwd;
-
- pgp_keyring = info.pgp_keyring;
+ x509ctype = GNUTLS_X509_FMT_PEM;
+
+ generate = ENABLED_OPT(GENERATE);
+
+ if (ENABLED_OPT(DHPARAMS))
+ dh_params_file = OPT_ARG(DHPARAMS);
+
+ if (HAVE_OPT(X509KEYFILE))
+ x509_keyfile = OPT_ARG(X509KEYFILE);
+ if (HAVE_OPT(X509CERTFILE))
+ x509_certfile = OPT_ARG(X509CERTFILE);
+
+ if (HAVE_OPT(X509DSAKEYFILE))
+ x509_dsakeyfile = OPT_ARG(X509DSAKEYFILE);
+ if (HAVE_OPT(X509DSACERTFILE))
+ x509_dsacertfile = OPT_ARG(X509DSACERTFILE);
+
+
+ if (HAVE_OPT(X509ECCKEYFILE))
+ x509_ecckeyfile = OPT_ARG(X509ECCKEYFILE);
+ if (HAVE_OPT(X509CERTFILE))
+ x509_ecccertfile = OPT_ARG(X509ECCCERTFILE);
+
+ if (HAVE_OPT(X509CAFILE))
+ x509_cafile = OPT_ARG(X509CAFILE);
+ if (HAVE_OPT(X509CRLFILE))
+ x509_crlfile = OPT_ARG(X509CRLFILE);
+
+ if (HAVE_OPT(PGPKEYFILE))
+ pgp_keyfile = OPT_ARG(PGPKEYFILE);
+ if (HAVE_OPT(PGPCERTFILE))
+ pgp_certfile = OPT_ARG(PGPCERTFILE);
+
+ if (HAVE_OPT(PGPKEYRING))
+ pgp_keyring = OPT_ARG(PGPKEYRING);
+
+ if (HAVE_OPT(SRPPASSWD))
+ srp_passwd = OPT_ARG(SRPPASSWD);
+ if (HAVE_OPT(SRPPASSWDCONF))
+ srp_passwd_conf = OPT_ARG(SRPPASSWDCONF);
+
+ if (HAVE_OPT(PSKPASSWD))
+ psk_passwd = OPT_ARG(PSKPASSWD);
+
}
extern void serv_version (void);
diff --git a/src/srptool-args.c b/src/srptool-args.c
index c2b831f..38b0b82 100644
--- a/src/srptool-args.c
+++ b/src/srptool-args.c
@@ -2,7 +2,7 @@
*
* DO NOT EDIT THIS FILE (srptool-args.c)
*
- * It has been AutoGen-ed January 19, 2012 at 09:42:05 PM by AutoGen 5.12
+ * It has been AutoGen-ed January 21, 2012 at 01:58:49 AM by AutoGen 5.12
* From the definitions srptool-args.def
* and the template file options
*
@@ -55,7 +55,7 @@ extern FILE * option_usage_fp;
/* TRANSLATORS: choose the translation for option names wisely because you
cannot ever change your mind. */
static char const zCopyright[275] =
-"srptool 3.0.11\n\
+"srptool 3.0.12\n\
Copyright (C) 2000-2012 Free Software Foundation, all rights reserved.\n\
This is free software. It is licensed for use, modification and\n\
redistribution under the terms of the\n\
@@ -337,7 +337,7 @@ static tOptDesc optDesc[OPTION_CT] = {
*/
static char const zPROGNAME[8] = "SRPTOOL";
static char const zUsageTitle[99] =
-"srptool - GnuTLS SRP tool - Ver. 3.0.11\n\
+"srptool - GnuTLS SRP tool - Ver. 3.0.12\n\
USAGE: %s [ -<flag> [<val>] | --<name>[{=| }<val>] ]... \n";
#define zRcName NULL
#define apzHomeList NULL
diff --git a/src/srptool-args.h b/src/srptool-args.h
index 20db86d..1b38ac5 100644
--- a/src/srptool-args.h
+++ b/src/srptool-args.h
@@ -2,7 +2,7 @@
*
* DO NOT EDIT THIS FILE (srptool-args.h)
*
- * It has been AutoGen-ed January 19, 2012 at 09:42:05 PM by AutoGen 5.12
+ * It has been AutoGen-ed January 21, 2012 at 01:58:49 AM by AutoGen 5.12
* From the definitions srptool-args.def
* and the template file options
*
@@ -80,8 +80,8 @@ typedef enum {
} teOptIndex;
#define OPTION_CT 11
-#define SRPTOOL_VERSION "3.0.11"
-#define SRPTOOL_FULL_VERSION "srptool 3.0.11"
+#define SRPTOOL_VERSION "3.0.12"
+#define SRPTOOL_FULL_VERSION "srptool 3.0.12"
/*
* Interface defines for all options. Replace "n" with the UPPER_CASED
hooks/post-receive
--
GNU gnutls
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, master, updated. gnutls-3_0_12-17-gd2ae1e9,
Nikos Mavrogiannopoulos <=