[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, master, updated. gnutls_3_1_2-9-g5dca97a
|
From: |
Nikos Mavrogiannopoulos |
|
Subject: |
[SCM] GNU gnutls branch, master, updated. gnutls_3_1_2-9-g5dca97a |
|
Date: |
Fri, 28 Sep 2012 15:50:43 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=5dca97ab4787f50a76d23e2e4c639b71e52dbb8d
The branch, master has been updated
via 5dca97ab4787f50a76d23e2e4c639b71e52dbb8d (commit)
via 3a29420d008648e5f8e4e90708e4acd96ffb02b6 (commit)
via e5823f75e6942a1dc41442e9524419db9ad80c05 (commit)
via 80e3fa56f4f99008b523491f4d758de7a68ff777 (commit)
via 62626bc19ec159eaccacc0fafc74cfa97b1e4352 (commit)
via 125b183b660232bd5f02b3c5f722fcb4777c2905 (commit)
via 2aa8f9022ad370439fb3d3f391f12897bddf50af (commit)
via 3b5c5b7911680ae30562334edd15c4fe8e6ef836 (commit)
from d7453faa7d8a88a8a3e0af268373071d8219a800 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 5dca97ab4787f50a76d23e2e4c639b71e52dbb8d
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Fri Sep 28 17:50:28 2012 +0200
documented updates
commit 3a29420d008648e5f8e4e90708e4acd96ffb02b6
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Fri Sep 28 14:26:05 2012 +0200
updated OCSP status request.
commit e5823f75e6942a1dc41442e9524419db9ad80c05
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Fri Sep 28 14:07:46 2012 +0200
Session ID is correctly read.
commit 80e3fa56f4f99008b523491f4d758de7a68ff777
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Fri Sep 28 13:14:31 2012 +0200
Corrected signed-to-unsigned comparisons
commit 62626bc19ec159eaccacc0fafc74cfa97b1e4352
Author: Simon Josefsson <address@hidden>
Date: Tue Apr 17 14:31:09 2012 +0200
Implement status_request OCSP extension.
commit 125b183b660232bd5f02b3c5f722fcb4777c2905
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Thu Sep 27 17:40:40 2012 +0200
Added Olga and Ilya to authors.
commit 2aa8f9022ad370439fb3d3f391f12897bddf50af
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Thu Sep 27 17:16:44 2012 +0200
more files to ignore
commit 3b5c5b7911680ae30562334edd15c4fe8e6ef836
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Wed Sep 26 23:28:36 2012 +0200
updated heartbeat text
-----------------------------------------------------------------------
Summary of changes:
.gitignore | 1 +
AUTHORS | 52 +-
NEWS | 12 +
doc/Makefile.am | 25 +-
doc/cha-bib.texi | 6 +
doc/cha-intro-tls.texi | 15 +-
doc/latex/gnutls.bib | 9 +
doc/manpages/Makefile.am | 12 +-
lib/debug.c | 3 +
lib/ext/Makefile.am | 4 +-
lib/ext/max_record.c | 2 +-
lib/ext/status_request.c | 605 +++++++++++++++++
lib/ext/{ecc.h => status_request.h} | 16 +-
lib/gnutls_buffers.c | 6 +-
lib/gnutls_extensions.c | 6 +-
lib/gnutls_handshake.c | 77 ++-
lib/gnutls_int.h | 5 +-
lib/includes/gnutls/gnutls.h.in | 21 +
lib/libgnutls.map | 4 +
lib/nettle/wmnaf.c | 2 +-
src/cli-args.c | 1213 ++++++++++++++++-------------------
src/cli-args.def | 6 +
src/cli-args.h | 145 +++--
src/cli.c | 12 +
src/serv-args.c | 1036 ++++++++++++++----------------
src/serv-args.def | 8 +
src/serv-args.h | 101 ++--
src/serv.c | 23 +-
28 files changed, 1967 insertions(+), 1460 deletions(-)
create mode 100644 lib/ext/status_request.c
copy lib/ext/{ecc.h => status_request.h} (69%)
diff --git a/.gitignore b/.gitignore
index 5b291d7..e74a620 100644
--- a/.gitignore
+++ b/.gitignore
@@ -110,6 +110,7 @@ doc/gnutls.vrs
doc/gnutls.xml
doc/ia-api.texi
doc/latex/cha-upgrade.tex
+doc/latex/cha-tokens.tex
doc/latex/enums
doc/latex/gnutls-enums.tex
doc/latex/gnutls.lof
diff --git a/AUTHORS b/AUTHORS
index fa706cd..65ad8f4 100644
--- a/AUTHORS
+++ b/AUTHORS
@@ -5,78 +5,84 @@ See the end for copying conditions.
The copyright holder for GnuTLS is Free Software Foundation, Inc., 51
Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-Simon Josefsson <simon [at] josefsson.org>
+Simon Josefsson *simon [at] josefsson.org*
Current maintainer; draft TLS 1.2 support.
-Nikos Mavrogiannopoulos <nmav [at] gnutls.org>
+Nikos Mavrogiannopoulos *nmav [at] gnutls.org*
Original author and maintainer of GnuTLS.
-Fabio Fiorina <Fabio.Fiorina [at] alcatel.it>
+Fabio Fiorina *Fabio.Fiorina [at] alcatel.it*
ASN.1 structures parser library (libtasn1).
-Timo Schulz <twoaday [at] freakmail.de>
+Timo Schulz *twoaday [at] freakmail.de*
OpenPGP support (OpenCDK library).
-Andrew McDonald <andrew [at] mcdonald.org.uk>
+Andrew McDonald *andrew [at] mcdonald.org.uk*
OpenSSL compatible interface.
-Ludovic Courtes <ludo [at] gnu.org>
+Ludovic Courtes *ludo [at] gnu.org*
Guile bindings, OpenPGP bug fixes.
-Mario Lenz <m [at] riolenz.de>
+Mario Lenz *m [at] riolenz.de*
Fixes to OpenCDK.
-Howard Chu <hyc [at] symas.com>
+Howard Chu *hyc [at] symas.com*
APIs to extract X.500 DN's from Certificates.
-Ivo Timmermans <ivo [at] o2w.nl>
+Ivo Timmermans *ivo [at] o2w.nl*
Man pages, OpenCDK, fixes.
-Stefan Walter <stef [at] memberwebs.com>
+Stefan Walter *stef [at] memberwebs.com*
PKCS8 fix, PKCS #11 backend move to p11-kit.
-Yoshisato YANAGISAWA <yanagisawa [at] csg.is.titech.ac.jp>
+Yoshisato YANAGISAWA *yanagisawa [at] csg.is.titech.ac.jp*
Camellia support.
-Emile Van Bergen <emile [at] e-advies.nl>
+Emile Van Bergen *emile [at] e-advies.nl*
TLS/IA fixes.
-Joe Orton <jorton [at] redhat.com>
+Joe Orton *jorton [at] redhat.com*
Certificate name import/export, build fixes, test vectors.
-Daniel Kahn Gillmor <dkg-debian.org [at] fifthhorseman.net>
+Daniel Kahn Gillmor *dkg-debian.org [at] fifthhorseman.net*
OpenPGP discussion and improvements.
-David MarÃn Carreño <davefx [at] gmail.com>
+David MarÃn Carreño *davefx [at] gmail.com*
Added gnutls_x509_crq_get_key_id.
-Daiki Ueno <ueno [at] unixuser.org>
+Daiki Ueno *ueno [at] unixuser.org*
Added TLS Session Ticket (RFC 5077) support,
finished client-side TLS 1.2 support.
-Brad Hards <bradh [at] frogmouth.net>
+Brad Hards *bradh [at] frogmouth.net*
Add X.509 Issuer Alternative Name functions.
-Boyan Kasarov <bkasarov [at] gmail.com>
+Boyan Kasarov *bkasarov [at] gmail.com*
C++ fixes.
-Steve Dispensa <dispensa [at] phonefactor.com>
+Steve Dispensa *dispensa [at] phonefactor.com*
Initial TLS safe renegotiation patch.
-Jonathan Bastien-Filiatrault <joe [at] x2a.org>
+Jonathan Bastien-Filiatrault *joe [at] x2a.org*
Fix TLS-version checks.
Redesign and implementation of the buffering layer.
Initial DTLS implementation.
-Ruslan Ijbulatov (LRN) <lrn1986 [at] gmail.com>
+Ruslan Ijbulatov (LRN) *lrn1986 [at] gmail.com*
Win32 patches.
-Andy Polyakov <appro [at] openssl.org>
+Andy Polyakov *appro [at] openssl.org*
AES-NI and Padlock assembler code (at lib/accelerated/intel/asm/)
-David Woodhouse <dwmw2 [at] infradead.org>
+David Woodhouse *dwmw2 [at] infradead.org*
DTLS 0.9 implementation.
+Olga Smolenchuk *olyasib12 [at] gmail.com*
+DTLS/TLS heartbeat implementation.
+
+Ilya Tumaykin *itumaykin [at] gmail.com*
+Elliptic curve support improvements (wmNAF implementation and others).
+
----------------------------------------------------------------------
Copying and distribution of this file, with or without modification,
are permitted in any medium without royalty provided the copyright
diff --git a/NEWS b/NEWS
index 167e996..0a38c03 100644
--- a/NEWS
+++ b/NEWS
@@ -2,6 +2,18 @@ GnuTLS NEWS -- History of user-visible changes.
-*- outline -*-
Copyright (C) 2000-2012 Free Software Foundation, Inc.
See the end for copying conditions.
+* Version 3.1.3 (unreleased)
+
+** libgnutls: Added support for the OCSP Certificate Status
+extension.
+
+** API and ABI modifications:
+gnutls_status_request_ocsp_client: Added
+gnutls_status_request_get_ocsp: Added
+gnutls_status_request_ocsp_server: Added
+gnutls_status_request_ocsp_server_file: Added
+
+
* Version 3.1.2 (released 2012-09-26)
** libgnutls: Fixed bug in gnutls_x509_trust_list_add_system_trust()
diff --git a/doc/Makefile.am b/doc/Makefile.am
index 549e680..b375353 100644
--- a/doc/Makefile.am
+++ b/doc/Makefile.am
@@ -496,6 +496,7 @@ ENUMS += enums/gnutls_sec_param_t
ENUMS += enums/gnutls_server_name_type_t
ENUMS += enums/gnutls_sign_algorithm_t
ENUMS += enums/gnutls_supplemental_data_format_type_t
+ENUMS += enums/gnutls_tpmkey_fmt_t
ENUMS += enums/gnutls_x509_crt_fmt_t
ENUMS += enums/gnutls_x509_subject_alt_name_t
@@ -1078,14 +1079,6 @@ FUNCS += functions/gnutls_pk_algorithm_get_name
FUNCS += functions/gnutls_pk_algorithm_get_name.short
FUNCS += functions/gnutls_pk_bits_to_sec_param
FUNCS += functions/gnutls_pk_bits_to_sec_param.short
-FUNCS += functions/gnutls_pk_get_id
-FUNCS += functions/gnutls_pk_get_id.short
-FUNCS += functions/gnutls_pk_get_name
-FUNCS += functions/gnutls_pk_get_name.short
-FUNCS += functions/gnutls_pk_list
-FUNCS += functions/gnutls_pk_list.short
-FUNCS += functions/gnutls_pk_to_sign
-FUNCS += functions/gnutls_pk_to_sign.short
FUNCS += functions/gnutls_pkcs11_add_provider
FUNCS += functions/gnutls_pkcs11_add_provider.short
FUNCS += functions/gnutls_pkcs11_copy_secret_key
@@ -1232,6 +1225,14 @@ FUNCS += functions/gnutls_pkcs7_set_crt
FUNCS += functions/gnutls_pkcs7_set_crt.short
FUNCS += functions/gnutls_pkcs7_set_crt_raw
FUNCS += functions/gnutls_pkcs7_set_crt_raw.short
+FUNCS += functions/gnutls_pk_get_id
+FUNCS += functions/gnutls_pk_get_id.short
+FUNCS += functions/gnutls_pk_get_name
+FUNCS += functions/gnutls_pk_get_name.short
+FUNCS += functions/gnutls_pk_list
+FUNCS += functions/gnutls_pk_list.short
+FUNCS += functions/gnutls_pk_to_sign
+FUNCS += functions/gnutls_pk_to_sign.short
FUNCS += functions/gnutls_prf
FUNCS += functions/gnutls_prf.short
FUNCS += functions/gnutls_prf_raw
@@ -1534,6 +1535,10 @@ FUNCS +=
functions/gnutls_srp_set_server_credentials_function
FUNCS += functions/gnutls_srp_set_server_credentials_function.short
FUNCS += functions/gnutls_srp_verifier
FUNCS += functions/gnutls_srp_verifier.short
+FUNCS += functions/gnutls_status_request_ocsp_client
+FUNCS += functions/gnutls_status_request_ocsp_client.short
+FUNCS += functions/gnutls_status_request_ocsp_server
+FUNCS += functions/gnutls_status_request_ocsp_server.short
FUNCS += functions/gnutls_store_commitment
FUNCS += functions/gnutls_store_commitment.short
FUNCS += functions/gnutls_store_pubkey
@@ -1910,10 +1915,10 @@ FUNCS += functions/gnutls_x509_crt_set_pubkey
FUNCS += functions/gnutls_x509_crt_set_pubkey.short
FUNCS += functions/gnutls_x509_crt_set_serial
FUNCS += functions/gnutls_x509_crt_set_serial.short
-FUNCS += functions/gnutls_x509_crt_set_subject_alt_name
-FUNCS += functions/gnutls_x509_crt_set_subject_alt_name.short
FUNCS += functions/gnutls_x509_crt_set_subject_alternative_name
FUNCS += functions/gnutls_x509_crt_set_subject_alternative_name.short
+FUNCS += functions/gnutls_x509_crt_set_subject_alt_name
+FUNCS += functions/gnutls_x509_crt_set_subject_alt_name.short
FUNCS += functions/gnutls_x509_crt_set_subject_key_id
FUNCS += functions/gnutls_x509_crt_set_subject_key_id.short
FUNCS += functions/gnutls_x509_crt_set_version
diff --git a/doc/cha-bib.texi b/doc/cha-bib.texi
index 7f975e5..7da4b45 100644
--- a/doc/cha-bib.texi
+++ b/doc/cha-bib.texi
@@ -102,6 +102,12 @@ Thompson, "Internet X.509 Public Key Infrastructure (PKI)
Proxy
Certificate Profile", June 2004, available from
@url{http://www.ietf.org/rfc/rfc3820}.
address@hidden @anchor{RFC6520}[RFC6520]
+R. Seggelmann, M. Tuexen, and M. Williams, "Transport Layer Security (TLS) and
+Datagram Transport Layer Security (DTLS) Heartbeat Extension", February 2012,
available from
address@hidden://www.ietf.org/rfc/rfc6520}.
+
+
@item @anchor{RFC5746}[RFC5746]
E. Rescorla, M. Ray, S. Dispensa, and N. Oskov, "Transport Layer
Security (TLS) Renegotiation Indication Extension", February 2010,
diff --git a/doc/cha-intro-tls.texi b/doc/cha-intro-tls.texi
index 33f6b16..ee58f0c 100644
--- a/doc/cha-intro-tls.texi
+++ b/doc/cha-intro-tls.texi
@@ -450,14 +450,13 @@ idea, which is implemented in GnuTLS.
@cindex TLS extensions
@cindex heartbeat
-The TLS extension which allows to request response from the peer in a
-way similar to ping command described in @xcite{RFC6520}. This
-extension is disabled by default - user have to call
address@hidden to enable it. Note: this will set
-local policy affecting HeartBeat messages coming from the peer - the policy
-could be checked via @funcref{gnutls_heartbeat_allowed}.
-The requests coming from peer are answered automatically (if policy permits)
-inside @funcref{gnutls_record_recv}, requests to peer could be send via
+The TLS extension which allows to ping and receive replies from the peer,
+described in @xcite{RFC6520}. This extension is disabled by default and
address@hidden can be used to enable it. A policy
+may be negotiated to only allow sending heartbeat messages or sending and
receiving.
+The session policy can be checked with @funcref{gnutls_heartbeat_allowed}.
+The requests coming from the peer result to
@address@hidden@address@hidden@-RECEIVED}
+being returned from the receive function. Ping requests to peer can be send via
@funcref{gnutls_heartbeat_ping}.
Policy-related functions:
diff --git a/doc/latex/gnutls.bib b/doc/latex/gnutls.bib
index 685075e..74a4915 100644
--- a/doc/latex/gnutls.bib
+++ b/doc/latex/gnutls.bib
@@ -16,6 +16,15 @@
url = "http://www.ietf.org/rfc/rfc2246";
}
address@hidden RFC6520,
+ author = "R. Seggelmann, M. Tuexen and M. Williams",
+ title = "{Transport Layer Security (TLS) and Datagram Transport Layer
Security (DTLS) Heartbeat Extension}",
+ month = "February",
+ year = "2012",
+ note = "Available from \url{http://www.ietf.org/rfc/rfc6520}";,
+ url = "http://www.ietf.org/rfc/rfc6520";
+}
+
@Misc{ RFC4680,
author = "S. Santesson",
title = "{TLS Handshake Message for Supplemental Data}",
diff --git a/doc/manpages/Makefile.am b/doc/manpages/Makefile.am
index ff952ef..7a9979d 100644
--- a/doc/manpages/Makefile.am
+++ b/doc/manpages/Makefile.am
@@ -367,10 +367,6 @@ APIMANS += gnutls_pem_base64_encode_alloc.3
APIMANS += gnutls_perror.3
APIMANS += gnutls_pk_algorithm_get_name.3
APIMANS += gnutls_pk_bits_to_sec_param.3
-APIMANS += gnutls_pk_get_id.3
-APIMANS += gnutls_pk_get_name.3
-APIMANS += gnutls_pk_list.3
-APIMANS += gnutls_pk_to_sign.3
APIMANS += gnutls_pkcs11_add_provider.3
APIMANS += gnutls_pkcs11_copy_secret_key.3
APIMANS += gnutls_pkcs11_copy_x509_crt.3
@@ -444,6 +440,10 @@ APIMANS += gnutls_pkcs7_set_crl.3
APIMANS += gnutls_pkcs7_set_crl_raw.3
APIMANS += gnutls_pkcs7_set_crt.3
APIMANS += gnutls_pkcs7_set_crt_raw.3
+APIMANS += gnutls_pk_get_id.3
+APIMANS += gnutls_pk_get_name.3
+APIMANS += gnutls_pk_list.3
+APIMANS += gnutls_pk_to_sign.3
APIMANS += gnutls_prf.3
APIMANS += gnutls_prf_raw.3
APIMANS += gnutls_priority_certificate_type_list.3
@@ -595,6 +595,8 @@ APIMANS += gnutls_srp_set_prime_bits.3
APIMANS += gnutls_srp_set_server_credentials_file.3
APIMANS += gnutls_srp_set_server_credentials_function.3
APIMANS += gnutls_srp_verifier.3
+APIMANS += gnutls_status_request_ocsp_client.3
+APIMANS += gnutls_status_request_ocsp_server.3
APIMANS += gnutls_store_commitment.3
APIMANS += gnutls_store_pubkey.3
APIMANS += gnutls_strerror.3
@@ -783,8 +785,8 @@ APIMANS += gnutls_x509_crt_set_proxy.3
APIMANS += gnutls_x509_crt_set_proxy_dn.3
APIMANS += gnutls_x509_crt_set_pubkey.3
APIMANS += gnutls_x509_crt_set_serial.3
-APIMANS += gnutls_x509_crt_set_subject_alt_name.3
APIMANS += gnutls_x509_crt_set_subject_alternative_name.3
+APIMANS += gnutls_x509_crt_set_subject_alt_name.3
APIMANS += gnutls_x509_crt_set_subject_key_id.3
APIMANS += gnutls_x509_crt_set_version.3
APIMANS += gnutls_x509_crt_sign.3
diff --git a/lib/debug.c b/lib/debug.c
index 4a8a13d..86807c4 100644
--- a/lib/debug.c
+++ b/lib/debug.c
@@ -108,6 +108,9 @@ _gnutls_handshake2str (gnutls_handshake_description_t
handshake)
case GNUTLS_HANDSHAKE_SUPPLEMENTAL:
return "SUPPLEMENTAL";
break;
+ case GNUTLS_HANDSHAKE_CERTIFICATE_STATUS:
+ return "CERTIFICATE STATUS";
+ break;
case GNUTLS_HANDSHAKE_NEW_SESSION_TICKET:
return "NEW SESSION TICKET";
break;
diff --git a/lib/ext/Makefile.am b/lib/ext/Makefile.am
index 48a635e..ca6628e 100644
--- a/lib/ext/Makefile.am
+++ b/lib/ext/Makefile.am
@@ -38,4 +38,6 @@ libgnutls_ext_la_SOURCES = max_record.c cert_type.c \
server_name.c signature.c safe_renegotiation.c \
max_record.h cert_type.h server_name.h srp.h \
session_ticket.h signature.h safe_renegotiation.h \
- session_ticket.c srp.c ecc.c ecc.h heartbeat.c heartbeat.h
+ session_ticket.c srp.c ecc.c ecc.h heartbeat.c heartbeat.h \
+ status_request.h status_request.c
+
diff --git a/lib/ext/max_record.c b/lib/ext/max_record.c
index 002c306..9e2c423 100644
--- a/lib/ext/max_record.c
+++ b/lib/ext/max_record.c
@@ -118,7 +118,7 @@ _gnutls_max_record_recv_params (gnutls_session_t session,
new_size = _gnutls_mre_num2record (data[0]);
- if (new_size < 0 || new_size != epriv.num)
+ if (new_size < 0 || new_size != (ssize_t)epriv.num)
{
gnutls_assert ();
return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER;
diff --git a/lib/ext/status_request.c b/lib/ext/status_request.c
new file mode 100644
index 0000000..489d949
--- /dev/null
+++ b/lib/ext/status_request.c
@@ -0,0 +1,605 @@
+/*
+ * Copyright (C) 2012 Free Software Foundation, Inc.
+ *
+ * Author: Simon Josefsson, Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 3 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+/*
+ Status Request (OCSP) TLS extension. See RFC 6066 section 8:
+ https://tools.ietf.org/html/rfc6066#section-8
+*/
+
+#include "gnutls_int.h"
+#include "gnutls_errors.h"
+#include <gnutls_extensions.h>
+#include <ext/status_request.h>
+#include <gnutls_mbuffers.h>
+#include <gnutls_handshake.h>
+
+typedef struct
+{
+ gnutls_datum_t *responder_id;
+ size_t responder_id_size;
+ gnutls_datum_t request_extensions;
+ gnutls_datum_t response;
+
+ gnutls_status_request_ocsp_func ocsp_func;
+ void *ocsp_func_ptr;
+ char *response_file;
+ unsigned int expect_cstatus;
+} status_request_ext_st;
+
+/*
+ From RFC 6066. Client sends:
+
+ struct {
+ CertificateStatusType status_type;
+ select (status_type) {
+ case ocsp: OCSPStatusRequest;
+ } request;
+ } CertificateStatusRequest;
+
+ enum { ocsp(1), (255) } CertificateStatusType;
+
+ struct {
+ ResponderID responder_id_list<0..2^16-1>;
+ Extensions request_extensions;
+ } OCSPStatusRequest;
+
+ opaque ResponderID<1..2^16-1>;
+ opaque Extensions<0..2^16-1>;
+*/
+
+static int
+client_send (gnutls_session_t session,
+ gnutls_buffer_st* extdata,
+ status_request_ext_st *priv)
+{
+ int ret_len = 1 + 2;
+ int ret;
+ size_t i;
+
+ ret = _gnutls_buffer_append_prefix (extdata, 8, 1);
+ if (ret < 0)
+ return gnutls_assert_val (ret);
+
+ ret = _gnutls_buffer_append_prefix (extdata, 16, priv->responder_id_size);
+ if (ret < 0)
+ return gnutls_assert_val (ret);
+
+ for (i = 0; i < priv->responder_id_size; i++)
+ {
+ if (priv->responder_id[i].size <= 0)
+ return gnutls_assert_val (GNUTLS_E_INVALID_REQUEST);
+
+ ret = _gnutls_buffer_append_data_prefix (extdata, 16,
+ priv->responder_id[i].data,
+ priv->responder_id[i].size);
+ if (ret < 0)
+ return gnutls_assert_val (ret);
+
+ ret_len += 2 + priv->responder_id[i].size;
+ }
+
+ ret = _gnutls_buffer_append_data_prefix (extdata, 16,
+ priv->request_extensions.data,
+ priv->request_extensions.size);
+ if (ret < 0)
+ return gnutls_assert_val (ret);
+
+ ret_len += 2 + priv->request_extensions.size;
+
+ return ret_len;
+}
+
+static int
+server_recv (gnutls_session_t session,
+ status_request_ext_st *priv,
+ const uint8_t * data,
+ size_t size)
+{
+ size_t i;
+ ssize_t data_size = size;
+
+ /* minimum message is type (1) + responder_id_list (2) +
+ request_extension (2) = 5 */
+ if (data_size < 5)
+ return gnutls_assert_val (GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+
+ /* We ignore non-ocsp CertificateStatusType. The spec is unclear
+ what should be done. */
+ if (data[0] != 0x01)
+ {
+ gnutls_assert ();
+ _gnutls_handshake_log ("EXT[%p]: unknown status_type %d\n",
+ session, data[0]);
+ return 0;
+ }
+ DECR_LEN(data_size, 1);
+ data++;
+
+ priv->responder_id_size = _gnutls_read_uint16 (data);
+
+ _gnutls_debug_log("Status Request: Responder ID size: %u\n",
priv->responder_id_size);
+
+ DECR_LEN(data_size, 2);
+ data += 2;
+
+ if (data_size <= (ssize_t)(priv->responder_id_size * 2))
+ return gnutls_assert_val (GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+
+ priv->responder_id = gnutls_malloc (priv->responder_id_size
+ * sizeof (*priv->responder_id));
+ if (priv->responder_id == NULL)
+ return gnutls_assert_val (GNUTLS_E_MEMORY_ERROR);
+
+ for (i = 0; i < priv->responder_id_size; i++)
+ {
+ size_t l;
+
+ DECR_LEN(data_size, 2);
+
+ l = _gnutls_read_uint16 (data);
+ data += 2;
+
+ DECR_LEN(data_size, l);
+
+ priv->responder_id[i].data = gnutls_malloc (l);
+ if (priv->responder_id[i].data == NULL)
+ return gnutls_assert_val (GNUTLS_E_MEMORY_ERROR);
+
+ memcpy (priv->responder_id[i].data, data, l);
+ priv->responder_id[i].size = l;
+
+ data += l;
+ }
+
+ return 0;
+}
+
+/*
+ Servers return a certificate response along with their certificate
+ by sending a "CertificateStatus" message immediately after the
+ "Certificate" message (and before any "ServerKeyExchange" or
+ "CertificateRequest" messages). If a server returns a
+ "CertificateStatus" message, then the server MUST have included an
+ extension of type "status_request" with empty "extension_data" in
+ the extended server hello.
+*/
+
+static int
+server_send (gnutls_session_t session,
+ gnutls_buffer_st* extdata,
+ status_request_ext_st *priv)
+{
+ int ret;
+
+ if (priv->ocsp_func == NULL)
+ return gnutls_assert_val (GNUTLS_E_SUCCESS);
+
+ ret = priv->ocsp_func (session, priv->ocsp_func_ptr, &priv->response);
+ if (ret == GNUTLS_E_NO_CERTIFICATE_STATUS)
+ return 0;
+ else if (ret < 0)
+ return gnutls_assert_val (ret);
+
+ return GNUTLS_E_INT_RET_0;
+}
+
+static int
+client_recv (gnutls_session_t session,
+ status_request_ext_st *priv,
+ const uint8_t * data,
+ size_t size)
+{
+ if (size != 0)
+ return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+ else
+ {
+ priv->expect_cstatus = 1;
+ return 0;
+ }
+}
+
+static int
+_gnutls_status_request_send_params (gnutls_session_t session,
+ gnutls_buffer_st* extdata)
+{
+ extension_priv_data_t epriv;
+ status_request_ext_st *priv;
+ int ret;
+
+ ret = _gnutls_ext_get_session_data (session,
+ GNUTLS_EXTENSION_STATUS_REQUEST,
+ &epriv);
+
+ if (ret < 0 || epriv.ptr == NULL) /* it is ok not to have it */
+ return 0;
+
+ priv = epriv.ptr;
+
+ if (session->security_parameters.entity == GNUTLS_CLIENT)
+ return client_send (session, extdata, priv);
+ return server_send (session, extdata, priv);
+}
+
+static int
+_gnutls_status_request_recv_params (gnutls_session_t session,
+ const uint8_t * data,
+ size_t size)
+{
+ extension_priv_data_t epriv;
+ status_request_ext_st *priv;
+ int ret;
+
+ ret = _gnutls_ext_get_session_data (session,
+ GNUTLS_EXTENSION_STATUS_REQUEST,
+ &epriv);
+ if (ret < 0 || epriv.ptr == NULL) /* it is ok not to have it */
+ return 0;
+
+ priv = epriv.ptr;
+
+ if (session->security_parameters.entity == GNUTLS_CLIENT)
+ return client_recv (session, priv, data, size);
+ return server_recv (session, priv, data, size);
+}
+
+/**
+ * gnutls_status_request_ocsp_client:
+ * @session: is a #gnutls_session_t structure.
+ * @responder_id: array with #gnutls_datum_t with DER data of responder id
+ * @responder_id_size: number of members in @responder_id array
+ * @extensions: a #gnutls_datum_t with DER encoded OCSP extensions
+ *
+ * This function is to be used by clients to request OCSP response
+ * from the server, using the "status_request" TLS extension. Only
+ * OCSP status type is supported. Typically @responder_id and @extensions
+ * should be null.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
+ * otherwise a negative error code is returned.
+ **/
+int
+gnutls_status_request_ocsp_client (gnutls_session_t session,
+ gnutls_datum_t *responder_id,
+ size_t responder_id_size,
+ gnutls_datum_t *extensions)
+{
+ status_request_ext_st *priv;
+ extension_priv_data_t epriv;
+
+ if (session->security_parameters.entity == GNUTLS_SERVER)
+ return gnutls_assert_val (GNUTLS_E_INVALID_REQUEST);
+
+ epriv.ptr = priv = gnutls_calloc (1, sizeof (*priv));
+ if (priv == NULL)
+ return gnutls_assert_val (GNUTLS_E_MEMORY_ERROR);
+
+ priv->responder_id = responder_id;
+ priv->responder_id_size = responder_id_size;
+ if (extensions)
+ {
+ priv->request_extensions.data = extensions->data;
+ priv->request_extensions.size = extensions->size;
+ }
+
+ _gnutls_ext_set_session_data (session,
+ GNUTLS_EXTENSION_STATUS_REQUEST,
+ epriv);
+
+ return 0;
+}
+
+/**
+ * gnutls_status_request_get_ocsp:
+ * @session: is a #gnutls_session_t structure.
+ * @response: a #gnutls_datum_t with DER encoded OCSP response
+ *
+ * This function returns the OCSP status response received
+ * from the TLS server. The @response should be treated as
+ * constant. If no OCSP response is available then
+ * %GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE is returned.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
+ * otherwise a negative error code is returned.
+ **/
+int
+gnutls_status_request_get_ocsp (gnutls_session_t session,
+ gnutls_datum_t *response)
+{
+ status_request_ext_st *priv;
+ extension_priv_data_t epriv;
+ int ret;
+
+ if (session->security_parameters.entity == GNUTLS_SERVER)
+ return gnutls_assert_val (GNUTLS_E_INVALID_REQUEST);
+
+ ret = _gnutls_ext_get_session_data (session,
+ GNUTLS_EXTENSION_STATUS_REQUEST,
+ &epriv);
+ if (ret < 0)
+ return gnutls_assert_val(ret);
+
+ priv = epriv.ptr;
+
+ if (priv == NULL || priv->response.data == NULL)
+ return gnutls_assert_val(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
+
+ response->data = priv->response.data;
+ response->size = priv->response.size;
+
+ return 0;
+}
+
+/**
+ * gnutls_status_request_ocsp_server:
+ * @session: is a #gnutls_session_t structure.
+ * @ocsp_func: function pointer to OCSP status request callback.
+ * @ptr: opaque pointer passed to callback function
+ *
+ * This function is to be used by server to register a callback to
+ * handle OCSP status requests from the client. The callback will be
+ * invoked if the client supplied a status-request OCSP extension.
+ * The callback function prototype is:
+ *
+ * typedef int (*gnutls_status_request_ocsp_func)
+ * (gnutls_session_t session, void *ptr, gnutls_datum_t *ocsp_response);
+ *
+ * The callback will be invoked if the client requests an OCSP certificate
+ * status. The callback may return %GNUTLS_E_NO_CERTIFICATE_STATUS, if
+ * there is no recent OCSP response. If the callback returns %GNUTLS_E_SUCCESS,
+ * the server will provide the client with the ocsp_response.
+ *
+ * The response must be a value allocated using gnutls_malloc(), and will be
+ * deinitialized when needed.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
+ * otherwise a negative error code is returned.
+ **/
+int
+gnutls_status_request_ocsp_server (gnutls_session_t session,
+ gnutls_status_request_ocsp_func ocsp_func,
+ void *ptr)
+{
+ extension_priv_data_t epriv;
+ status_request_ext_st* priv;
+
+ if (session->security_parameters.entity == GNUTLS_CLIENT)
+ return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+ priv = gnutls_calloc(1, sizeof(*priv));
+ if (priv == NULL)
+ return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+ priv->ocsp_func = ocsp_func;
+ priv->ocsp_func_ptr = ptr;
+
+ epriv.ptr = priv;
+
+ _gnutls_ext_set_session_data (session,
+ GNUTLS_EXTENSION_STATUS_REQUEST,
+ epriv);
+
+ return 0;
+}
+
+static int file_ocsp_func(gnutls_session_t session, void *ptr, gnutls_datum_t
*ocsp_response)
+{
+int ret;
+status_request_ext_st* priv = ptr;
+
+ ret = gnutls_load_file(priv->response_file, ocsp_response);
+ if (ret < 0)
+ return gnutls_assert_val(GNUTLS_E_NO_CERTIFICATE_STATUS);
+
+ return 0;
+}
+
+/**
+ * gnutls_status_request_ocsp_server_file:
+ * @session: is a #gnutls_session_t structure.
+ * @response_file: a filename of the OCSP response
+ * @flags: should be zero
+ *
+ * This function sets the filename of an OCSP response, that will be
+ * sent to the client if requests an OCSP certificate status.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
+ * otherwise a negative error code is returned.
+ **/
+int
+gnutls_status_request_ocsp_server_file (gnutls_session_t session,
+ const char* response_file,
+ unsigned int flags)
+{
+ extension_priv_data_t epriv;
+ status_request_ext_st* priv;
+
+ if (session->security_parameters.entity == GNUTLS_CLIENT)
+ return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+ priv = gnutls_calloc(1, sizeof(*priv));
+ if (priv == NULL)
+ return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+ priv->response_file = gnutls_strdup(response_file);
+ if (priv->response_file == NULL)
+ return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+ priv->ocsp_func = file_ocsp_func;
+ priv->ocsp_func_ptr = priv;
+
+ epriv.ptr = priv;
+
+ _gnutls_ext_set_session_data (session,
+ GNUTLS_EXTENSION_STATUS_REQUEST,
+ epriv);
+ return 0;
+}
+
+static void
+_gnutls_status_request_deinit_data (extension_priv_data_t epriv)
+{
+ status_request_ext_st *priv = epriv.ptr;
+ size_t i;
+
+ if (priv == NULL)
+ return;
+
+ for (i = 0; i < priv->responder_id_size; i++)
+ gnutls_free (priv->responder_id[i].data);
+
+ gnutls_free (priv->responder_id);
+ gnutls_free (priv->request_extensions.data);
+ gnutls_free (priv->response.data);
+ gnutls_free (priv->response_file);
+ gnutls_free (priv);
+}
+
+static int
+_gnutls_status_request_pack (extension_priv_data_t epriv,
+ gnutls_buffer_st * ps)
+{
+ return -1;
+}
+
+static int
+_gnutls_status_request_unpack (gnutls_buffer_st * ps,
+ extension_priv_data_t * _priv)
+{
+ return -1;
+}
+
+extension_entry_st ext_mod_status_request = {
+ .name = "STATUS REQUEST",
+ .type = GNUTLS_EXTENSION_STATUS_REQUEST,
+ .parse_type = GNUTLS_EXT_TLS,
+ .recv_func = _gnutls_status_request_recv_params,
+ .send_func = _gnutls_status_request_send_params,
+ .pack_func = _gnutls_status_request_pack,
+ .unpack_func = _gnutls_status_request_unpack,
+ .deinit_func = _gnutls_status_request_deinit_data
+};
+
+/* Functions to be called from handshake */
+
+int
+_gnutls_send_server_certificate_status (gnutls_session_t session, int again)
+{
+ mbuffer_st *bufel = NULL;
+ uint8_t * data;
+ int data_size = 0;
+ int ret;
+ status_request_ext_st *priv = NULL;
+ extension_priv_data_t epriv;
+ if (again == 0)
+ {
+ ret =
+ _gnutls_ext_get_session_data (session,
+ GNUTLS_EXTENSION_STATUS_REQUEST,
+ &epriv);
+ if (ret < 0)
+ return 0;
+ priv = epriv.ptr;
+
+ if (!priv->response.size)
+ return 0;
+
+ data_size = priv->response.size + 4;
+ bufel = _gnutls_handshake_alloc (session, data_size, data_size);
+ if (!bufel)
+ return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+
+ data = _mbuffer_get_udata_ptr (bufel);
+
+ data[0] = 0x01;
+ _gnutls_write_uint24(priv->response.size, &data[1]);
+ memcpy(&data[4], priv->response.data, priv->response.size);
+ }
+ return _gnutls_send_handshake (session, data_size ? bufel : NULL,
+ GNUTLS_HANDSHAKE_CERTIFICATE_STATUS);
+}
+
+int
+_gnutls_recv_server_certificate_status (gnutls_session_t session)
+{
+ uint8_t *data;
+ int data_size;
+ size_t r_size;
+ gnutls_buffer_st buf;
+ int ret;
+ status_request_ext_st *priv = NULL;
+ extension_priv_data_t epriv;
+
+ ret =
+ _gnutls_ext_get_session_data (session, GNUTLS_EXTENSION_STATUS_REQUEST,
+ &epriv);
+ if (ret < 0)
+ {
+ gnutls_assert ();
+ return 0;
+ }
+ priv = epriv.ptr;
+
+ if (!priv->expect_cstatus)
+ return 0;
+
+ ret = _gnutls_recv_handshake (session,
+ GNUTLS_HANDSHAKE_CERTIFICATE_STATUS,
+ 0, &buf);
+ if (ret < 0)
+ return gnutls_assert_val_fatal(ret);
+
+ data = buf.data;
+ data_size = buf.length;
+
+ /* minimum message is type (1) + response (3) + data */
+ if (data_size == 0)
+ return 0;
+ else if (data_size < 4)
+ return gnutls_assert_val (GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+
+ if (data[0] != 0x01)
+ {
+ gnutls_assert ();
+ _gnutls_handshake_log ("EXT[%p]: unknown status_type %d\n",
+ session, data[0]);
+ return 0;
+ }
+ DECR_LENGTH_COM (data_size, 1, ret = GNUTLS_E_UNEXPECTED_PACKET_LENGTH; goto
error);
+ data++;
+
+ DECR_LENGTH_COM (data_size, 3, ret = GNUTLS_E_UNEXPECTED_PACKET_LENGTH; goto
error);
+ r_size = _gnutls_read_uint24(data);
+ data += 3;
+
+ DECR_LENGTH_COM (data_size, r_size, ret = GNUTLS_E_UNEXPECTED_PACKET_LENGTH;
goto error);
+
+ ret = _gnutls_set_datum(&priv->response, data, r_size);
+ if (ret < 0)
+ goto error;
+
+ ret = 0;
+
+error:
+ _gnutls_buffer_clear (&buf);
+
+ return ret;
+}
diff --git a/lib/ext/ecc.h b/lib/ext/status_request.h
similarity index 69%
copy from lib/ext/ecc.h
copy to lib/ext/status_request.h
index 4307490..311fac0 100644
--- a/lib/ext/ecc.h
+++ b/lib/ext/status_request.h
@@ -1,7 +1,7 @@
/*
- * Copyright (C) 2011-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2012 Free Software Foundation, Inc.
*
- * Author: Nikos Mavrogiannopoulos
+ * Author: Simon Josefsson
*
* This file is part of GnuTLS.
*
@@ -19,15 +19,17 @@
* along with this program. If not, see <http://www.gnu.org/licenses/>
*
*/
-#ifndef EXT_ECC_H
-#define EXT_ECC_H
+
+#ifndef EXT_STATUS_REQUEST_H
+#define EXT_STATUS_REQUEST_H
#include <gnutls_extensions.h>
-extern extension_entry_st ext_mod_supported_ecc;
-extern extension_entry_st ext_mod_supported_ecc_pf;
+extern extension_entry_st ext_mod_status_request;
int
-_gnutls_session_supports_ecc_curve (gnutls_session_t session, unsigned int
ecc_type);
+_gnutls_send_server_certificate_status (gnutls_session_t session, int again);
+int
+_gnutls_recv_server_certificate_status (gnutls_session_t session);
#endif
diff --git a/lib/gnutls_buffers.c b/lib/gnutls_buffers.c
index 30db033..f73682c 100644
--- a/lib/gnutls_buffers.c
+++ b/lib/gnutls_buffers.c
@@ -851,8 +851,8 @@ parse_handshake_header (gnutls_session_t session,
mbuffer_st* bufel,
/* make the length offset */
if (hsk->end_offset > 0) hsk->end_offset--;
- _gnutls_handshake_log ("HSK[%p]: %s was received. Length %d[%d], frag offset
%d, frag length: %d, sequence: %d\n",
- session, _gnutls_handshake2str (hsk->htype),
+ _gnutls_handshake_log ("HSK[%p]: %s (%u) was received. Length %d[%d], frag
offset %d, frag length: %d, sequence: %d\n",
+ session, _gnutls_handshake2str (hsk->htype),
(unsigned)hsk->htype,
(int) hsk->length, (int)data_size, hsk->start_offset,
hsk->end_offset-hsk->start_offset+1, (int)hsk->sequence);
hsk->header_size = handshake_header_size;
@@ -1057,7 +1057,7 @@ _gnutls_parse_record_buffered_msgs (gnutls_session_t
session)
/* this is the rest of a previous message */
if (session->internals.handshake_recv_buffer_size > 0 &&
recv_buf[0].length > 0 && remain > 0)
{
- if (msg.size <= remain)
+ if ((ssize_t)msg.size <= remain)
append = msg.size;
else
append = remain;
diff --git a/lib/gnutls_extensions.c b/lib/gnutls_extensions.c
index eb07d28..54797b5 100644
--- a/lib/gnutls_extensions.c
+++ b/lib/gnutls_extensions.c
@@ -38,6 +38,7 @@
#include <ext/signature.h>
#include <ext/safe_renegotiation.h>
#include <ext/ecc.h>
+#include <ext/status_request.h>
#include <gnutls_num.h>
@@ -311,10 +312,13 @@ _gnutls_ext_init (void)
if (ret != GNUTLS_E_SUCCESS)
return ret;
- ret = _gnutls_ext_register (&ext_mod_cert_type);
+ ret = _gnutls_ext_register (&ext_mod_status_request);
if (ret != GNUTLS_E_SUCCESS)
return ret;
+ ret = _gnutls_ext_register (&ext_mod_cert_type);
+ if (ret != GNUTLS_E_SUCCESS)
+ return ret;
ret = _gnutls_ext_register (&ext_mod_server_name);
if (ret != GNUTLS_E_SUCCESS)
diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c
index 10c6ecb..b6a5e62 100644
--- a/lib/gnutls_handshake.c
+++ b/lib/gnutls_handshake.c
@@ -47,6 +47,7 @@
#include <gnutls_state.h>
#include <ext/srp.h>
#include <ext/session_ticket.h>
+#include <ext/status_request.h>
#include <ext/safe_renegotiation.h>
#include <gnutls_rsa_export.h> /* for gnutls_get_rsa_params() */
#include <auth/anon.h> /* for gnutls_anon_server_credentials_t */
@@ -1153,8 +1154,9 @@ _gnutls_send_handshake (gnutls_session_t session,
mbuffer_st * bufel,
switch (type)
{
case GNUTLS_HANDSHAKE_CERTIFICATE_PKT: /* this one is followed by
ServerHelloDone
- * or ClientKeyExchange always.
- */
+ * or ClientKeyExchange always.
+ */
+ case GNUTLS_HANDSHAKE_CERTIFICATE_STATUS:
case GNUTLS_HANDSHAKE_SERVER_KEY_EXCHANGE: /* as above */
case GNUTLS_HANDSHAKE_SERVER_HELLO: /* as above */
case GNUTLS_HANDSHAKE_CERTIFICATE_REQUEST: /* as above */
@@ -1341,6 +1343,7 @@ _gnutls_recv_handshake (gnutls_session_t session,
}
break;
case GNUTLS_HANDSHAKE_CERTIFICATE_PKT:
+ case GNUTLS_HANDSHAKE_CERTIFICATE_STATUS:
case GNUTLS_HANDSHAKE_FINISHED:
case GNUTLS_HANDSHAKE_SERVER_KEY_EXCHANGE:
case GNUTLS_HANDSHAKE_CLIENT_KEY_EXCHANGE:
@@ -2541,30 +2544,38 @@ _gnutls_handshake_client (gnutls_session_t session)
IMED_RET ("recv server certificate", ret, 1);
case STATE4:
+ /* RECV CERTIFICATE STATUS */
+ if (session->internals.resumed == RESUME_FALSE) /* if we are not
resuming */
+ ret = _gnutls_recv_server_certificate_status (session);
+ STATE = STATE4;
+ IMED_RET ("recv server certificate", ret, 1);
+
+ case STATE5:
/* receive the server key exchange */
if (session->internals.resumed == RESUME_FALSE) /* if we are not
resuming */
ret = _gnutls_recv_server_kx_message (session);
- STATE = STATE4;
+ STATE = STATE5;
IMED_RET ("recv server kx message", ret, 1);
- case STATE5:
+ case STATE6:
/* receive the server certificate request - if any
*/
if (session->internals.resumed == RESUME_FALSE) /* if we are not
resuming */
ret = _gnutls_recv_server_crt_request (session);
- STATE = STATE5;
+ STATE = STATE6;
IMED_RET ("recv server certificate request message", ret, 1);
- case STATE6:
+ case STATE7:
/* receive the server hello done */
if (session->internals.resumed == RESUME_FALSE) /* if we are not
resuming */
ret =
_gnutls_recv_handshake (session,
GNUTLS_HANDSHAKE_SERVER_HELLO_DONE,
0, NULL);
- STATE = STATE6;
+ STATE = STATE7;
IMED_RET ("recv server hello done", ret, 1);
+
case STATE71:
if (session->security_parameters.do_send_supplemental)
{
@@ -2573,26 +2584,26 @@ _gnutls_handshake_client (gnutls_session_t session)
IMED_RET ("send supplemental", ret, 0);
}
- case STATE7:
+ case STATE8:
/* send our certificate - if any and if requested
*/
if (session->internals.resumed == RESUME_FALSE) /* if we are not
resuming */
- ret = _gnutls_send_client_certificate (session, AGAIN (STATE7));
- STATE = STATE7;
+ ret = _gnutls_send_client_certificate (session, AGAIN (STATE8));
+ STATE = STATE8;
IMED_RET ("send client certificate", ret, 0);
- case STATE8:
+ case STATE9:
if (session->internals.resumed == RESUME_FALSE) /* if we are not
resuming */
- ret = _gnutls_send_client_kx_message (session, AGAIN (STATE8));
- STATE = STATE8;
+ ret = _gnutls_send_client_kx_message (session, AGAIN (STATE9));
+ STATE = STATE9;
IMED_RET ("send client kx", ret, 0);
- case STATE9:
+ case STATE10:
/* send client certificate verify */
if (session->internals.resumed == RESUME_FALSE) /* if we are not
resuming */
ret =
- _gnutls_send_client_certificate_verify (session, AGAIN (STATE9));
- STATE = STATE9;
+ _gnutls_send_client_certificate_verify (session, AGAIN (STATE10));
+ STATE = STATE10;
IMED_RET ("send client certificate verify", ret, 1);
STATE = STATE0;
@@ -2849,28 +2860,34 @@ _gnutls_handshake_server (gnutls_session_t session)
IMED_RET ("send server certificate", ret, 0);
case STATE4:
- /* send server key exchange (A) */
if (session->internals.resumed == RESUME_FALSE)
- ret = _gnutls_send_server_kx_message (session, AGAIN (STATE4));
+ ret = _gnutls_send_server_certificate_status (session, AGAIN (STATE4));
STATE = STATE4;
- IMED_RET ("send server kx", ret, 0);
+ IMED_RET ("send server certificate status", ret, 0);
case STATE5:
+ /* send server key exchange (A) */
+ if (session->internals.resumed == RESUME_FALSE)
+ ret = _gnutls_send_server_kx_message (session, AGAIN (STATE5));
+ STATE = STATE5;
+ IMED_RET ("send server kx", ret, 0);
+
+ case STATE6:
/* Send certificate request - if requested to */
if (session->internals.resumed == RESUME_FALSE)
ret =
- _gnutls_send_server_crt_request (session, AGAIN (STATE5));
- STATE = STATE5;
+ _gnutls_send_server_crt_request (session, AGAIN (STATE6));
+ STATE = STATE6;
IMED_RET ("send server cert request", ret, 0);
- case STATE6:
+ case STATE7:
/* send the server hello done */
if (session->internals.resumed == RESUME_FALSE) /* if we are not
resuming */
ret =
_gnutls_send_empty_handshake (session,
GNUTLS_HANDSHAKE_SERVER_HELLO_DONE,
- AGAIN (STATE6));
- STATE = STATE6;
+ AGAIN (STATE7));
+ STATE = STATE7;
IMED_RET ("send server hello done", ret, 1);
case STATE71:
@@ -2882,25 +2899,25 @@ _gnutls_handshake_server (gnutls_session_t session)
}
/* RECV CERTIFICATE + KEYEXCHANGE + CERTIFICATE_VERIFY */
- case STATE7:
+ case STATE8:
/* receive the client certificate message */
if (session->internals.resumed == RESUME_FALSE) /* if we are not
resuming */
ret = _gnutls_recv_client_certificate (session);
- STATE = STATE7;
+ STATE = STATE8;
IMED_RET ("recv client certificate", ret, 1);
- case STATE8:
+ case STATE9:
/* receive the client key exchange message */
if (session->internals.resumed == RESUME_FALSE) /* if we are not
resuming */
ret = _gnutls_recv_client_kx_message (session);
- STATE = STATE8;
+ STATE = STATE9;
IMED_RET ("recv client kx", ret, 1);
- case STATE9:
+ case STATE10:
/* receive the client certificate verify message */
if (session->internals.resumed == RESUME_FALSE) /* if we are not
resuming */
ret = _gnutls_recv_client_certificate_verify_message (session);
- STATE = STATE9;
+ STATE = STATE10;
IMED_RET ("recv client certificate verify", ret, 1);
STATE = STATE0; /* finished thus clear session */
diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h
index 1949402..fed0eef 100644
--- a/lib/gnutls_int.h
+++ b/lib/gnutls_int.h
@@ -224,7 +224,7 @@ typedef struct
typedef enum handshake_state_t
{ STATE0 = 0, STATE1, STATE2,
STATE3, STATE4, STATE5,
- STATE6, STATE7, STATE8, STATE9, STATE11 = 11,
+ STATE6, STATE7, STATE8, STATE9, STATE10, STATE11,
STATE20 = 20, STATE21, STATE22,
STATE30 = 30, STATE31, STATE40 = 40, STATE41, STATE50 = 50,
STATE60 = 60, STATE61, STATE62, STATE70, STATE71
@@ -254,6 +254,7 @@ typedef enum extensions_t
{
GNUTLS_EXTENSION_SERVER_NAME = 0,
GNUTLS_EXTENSION_MAX_RECORD_SIZE = 1,
+ GNUTLS_EXTENSION_STATUS_REQUEST = 5,
GNUTLS_EXTENSION_CERT_TYPE = 9,
GNUTLS_EXTENSION_SUPPORTED_ECC = 10,
GNUTLS_EXTENSION_SUPPORTED_ECC_PF = 11,
@@ -904,7 +905,7 @@ typedef struct
unsigned int cb_tls_unique_len;
unsigned char cb_tls_unique[MAX_VERIFY_DATA_SIZE];
- unsigned int handshake_endtime; /* end time in seconds */
+ time_t handshake_endtime; /* end time in seconds */
unsigned int handshake_timeout_ms; /* timeout in milliseconds */
gnutls_buffer_st hb_local_data;
diff --git a/lib/includes/gnutls/gnutls.h.in b/lib/includes/gnutls/gnutls.h.in
index ef4f126..7b1fae6 100644
--- a/lib/includes/gnutls/gnutls.h.in
+++ b/lib/includes/gnutls/gnutls.h.in
@@ -418,6 +418,7 @@ extern "C"
GNUTLS_HANDSHAKE_CERTIFICATE_VERIFY = 15,
GNUTLS_HANDSHAKE_CLIENT_KEY_EXCHANGE = 16,
GNUTLS_HANDSHAKE_FINISHED = 20,
+ GNUTLS_HANDSHAKE_CERTIFICATE_STATUS = 22,
GNUTLS_HANDSHAKE_SUPPLEMENTAL = 23,
GNUTLS_HANDSHAKE_CHANGE_CIPHER_SPEC = 254,
GNUTLS_HANDSHAKE_CLIENT_HELLO_V2 = 1024,
@@ -954,6 +955,24 @@ gnutls_ecc_curve_t gnutls_ecc_curve_get(gnutls_session_t
session);
int gnutls_key_generate (gnutls_datum_t * key, unsigned int key_size);
+ /* OCSP status request extension, RFC 6066 */
+ typedef int (*gnutls_status_request_ocsp_func)
+ (gnutls_session_t session, void *ptr, gnutls_datum_t *ocsp_response);
+ int gnutls_status_request_ocsp_server (gnutls_session_t session,
+ gnutls_status_request_ocsp_func ocsp_func,
+ void *ptr);
+
+ int gnutls_status_request_ocsp_server_file (gnutls_session_t session,
+ const char* response_file,
+ unsigned int flags);
+
+ int gnutls_status_request_ocsp_client (gnutls_session_t session,
+ gnutls_datum_t *responder_id,
+ size_t responder_id_size,
+ gnutls_datum_t *request_extensions);
+
+ int gnutls_status_request_get_ocsp (gnutls_session_t session, gnutls_datum_t
*response);
+
/* if you just want some defaults, use the following.
*/
int gnutls_priority_init (gnutls_priority_t * priority_cache,
@@ -2030,6 +2049,8 @@ typedef int (*gnutls_pin_callback_t) (void *userdata, int
attempt,
#define GNUTLS_E_TPM_KEY_NOT_FOUND -333
#define GNUTLS_E_TPM_UNINITIALIZED -334
+#define GNUTLS_E_NO_CERTIFICATE_STATUS -329
+
#define GNUTLS_E_UNIMPLEMENTED_FEATURE -1250
diff --git a/lib/libgnutls.map b/lib/libgnutls.map
index 8df7823..ffcb597 100644
--- a/lib/libgnutls.map
+++ b/lib/libgnutls.map
@@ -836,6 +836,10 @@ GNUTLS_3_1_0 {
gnutls_heartbeat_allowed;
gnutls_heartbeat_get_timeout;
gnutls_heartbeat_set_timeouts;
+ gnutls_status_request_ocsp_client;
+ gnutls_status_request_get_ocsp;
+ gnutls_status_request_ocsp_server;
+ gnutls_status_request_ocsp_server_file;
} GNUTLS_3_0_0;
GNUTLS_PRIVATE {
diff --git a/lib/nettle/wmnaf.c b/lib/nettle/wmnaf.c
index b7eb092..f6b03b6 100644
--- a/lib/nettle/wmnaf.c
+++ b/lib/nettle/wmnaf.c
@@ -50,7 +50,7 @@ mpz_unitstbit (mpz_t u, mp_bitcnt_t bit_index)
{
mp_srcptr u_ptr = u->_mp_d;
mp_size_t size = u->_mp_size;
- unsigned abs_size = ABS (size);
+ mp_size_t abs_size = ABS (size);
mp_size_t limb_index = bit_index / GMP_NUMB_BITS;
mp_srcptr p = u_ptr + limb_index;
mp_limb_t limb;
diff --git a/src/cli-args.c b/src/cli-args.c
index b4f0501..703b13c 100644
--- a/src/cli-args.c
+++ b/src/cli-args.c
@@ -2,11 +2,11 @@
*
* DO NOT EDIT THIS FILE (cli-args.c)
*
- * It has been AutoGen-ed August 30, 2012 at 09:58:04 PM by AutoGen 5.16
+ * It has been AutoGen-ed September 28, 2012 at 01:15:40 PM by AutoGen 5.12
* From the definitions cli-args.def
* and the template file options
*
- * Generated from AutoOpts 36:4:11 templates.
+ * Generated from AutoOpts 35:0:10 templates.
*
* AutoOpts is a copyrighted work. This source file is not encumbered
* by AutoOpts licensing, but is provided under the licensing terms chosen
@@ -16,16 +16,15 @@
* users discretion, the BSD license. See the AutoOpts and/or libopts sources
* for details.
*
- * The gnutls-cli program is copyrighted and licensed
- * under the following terms:
+ * This source file is copyrighted and licensed under the following terms:
*
* Copyright (C) 2000-2012 Free Software Foundation, all rights reserved.
* This is free software. It is licensed for use, modification and
* redistribution under the terms of the
* GNU General Public License, version 3 or later
* <http://gnu.org/licenses/gpl.html>
- *
- * gnutls-cli is free software: you can redistribute it and/or modify it
+ *
+PFX>gnutls-cli is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
@@ -39,15 +38,14 @@
* with this program. If not, see <http://www.gnu.org/licenses/>.
*/
-#ifndef __doxygen__
-#define OPTION_CODE_COMPILE 1
-#include "cli-args.h"
#include <sys/types.h>
#include <limits.h>
#include <stdio.h>
#include <stdlib.h>
#include <errno.h>
+#define OPTION_CODE_COMPILE 1
+#include "cli-args.h"
#ifdef __cplusplus
extern "C" {
@@ -56,534 +54,442 @@ extern FILE * option_usage_fp;
/* TRANSLATORS: choose the translation for option names wisely because you
cannot ever change your mind. */
-#define zCopyright (gnutls_cli_opt_strs+0)
-#define zLicenseDescrip (gnutls_cli_opt_strs+281)
-
+static char const zCopyright[281] =
+"gnutls-cli @address@hidden
+Copyright (C) 2000-2012 Free Software Foundation, all rights reserved.\n\
+This is free software. It is licensed for use, modification and\n\
+redistribution under the terms of the\n\
+GNU General Public License, version 3 or later\n\
+ <http://gnu.org/licenses/gpl.html>\n";
+static char const zLicenseDescrip[609] =
+"gnutls-cli is free software: you can redistribute it and/or modify it\n\
+under the terms of the GNU General Public License as published by the\n\
+Free Software Foundation, either version 3 of the License, or (at your\n\
+option) any later version.\n\n\
+gnutls-cli is distributed in the hope that it will be useful, but WITHOUT\n\
+ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or\n\
+FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License\n\
+for more details.\n\n\
+You should have received a copy of the GNU General Public License along\n\
+with this program. If not, see <http://www.gnu.org/licenses/>.\n";
+
+extern tUsageProc optionUsage;
#ifndef NULL
# define NULL 0
#endif
/*
- * gnutls-cli option static const strings
+ * Debug option description:
*/
-static char const gnutls_cli_opt_strs[3538] =
-/* 0 */ "gnutls-cli @address@hidden"
- "Copyright (C) 2000-2012 Free Software Foundation, all rights
reserved.\n"
- "This is free software. It is licensed for use, modification and\n"
- "redistribution under the terms of the\n"
- "GNU General Public License, version 3 or later\n"
- " <http://gnu.org/licenses/gpl.html>\n\0"
-/* 281 */ "gnutls-cli is free software: you can redistribute it and/or
modify it under\n"
- "the terms of the GNU General Public License as published by the
Free\n"
- "Software Foundation, either version 3 of the License, or (at your
option)\n"
- "any later version.\n\n"
- "gnutls-cli is distributed in the hope that it will be useful, but
WITHOUT\n"
- "ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or\n"
- "FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public
License for\n"
- "more details.\n\n"
- "You should have received a copy of the GNU General Public License
along\n"
- "with this program. If not, see
<http://www.gnu.org/licenses/>.\n\0"
-/* 890 */ "Enable debugging.\0"
-/* 908 */ "DEBUG\0"
-/* 914 */ "debug\0"
-/* 920 */ "More verbose output\0"
-/* 940 */ "VERBOSE\0"
-/* 948 */ "verbose\0"
-/* 956 */ "Enable trust on first use authentication\0"
-/* 997 */ "TOFU\0"
-/* 1002 */ "no-tofu\0"
-/* 1010 */ "no\0"
-/* 1013 */ "Enable OCSP certificate verification\0"
-/* 1050 */ "OCSP\0"
-/* 1055 */ "no-ocsp\0"
-/* 1063 */ "Establish a session and resume\0"
-/* 1094 */ "RESUME\0"
-/* 1101 */ "resume\0"
-/* 1108 */ "Activate heartbeat support\0"
-/* 1135 */ "HEARTBEAT\0"
-/* 1145 */ "heartbeat\0"
-/* 1155 */ "Establish a session and rehandshake\0"
-/* 1191 */ "REHANDSHAKE\0"
-/* 1203 */ "rehandshake\0"
-/* 1215 */ "Don't accept session tickets\0"
-/* 1244 */ "NOTICKET\0"
-/* 1253 */ "noticket\0"
-/* 1262 */ "Connect, establish a plain session and start TLS.\0"
-/* 1312 */ "STARTTLS\0"
-/* 1321 */ "starttls\0"
-/* 1330 */ "Use DTLS (datagram TLS) over UDP\0"
-/* 1363 */ "UDP\0"
-/* 1367 */ "udp\0"
-/* 1371 */ "Set MTU for datagram TLS\0"
-/* 1396 */ "MTU\0"
-/* 1400 */ "mtu\0"
-/* 1404 */ "Send CR LF instead of LF\0"
-/* 1429 */ "CRLF\0"
-/* 1434 */ "crlf\0"
-/* 1439 */ "Use DER format for certificates to read from\0"
-/* 1484 */ "X509FMTDER\0"
-/* 1495 */ "x509fmtder\0"
-/* 1506 */ "Send the openpgp fingerprint, instead of the key\0"
-/* 1555 */ "FINGERPRINT\0"
-/* 1567 */ "fingerprint\0"
-/* 1579 */ "Disable all the TLS extensions\0"
-/* 1610 */ "DISABLE_EXTENSIONS\0"
-/* 1629 */ "disable-extensions\0"
-/* 1648 */ "Print peer's certificate in PEM format\0"
-/* 1687 */ "PRINT_CERT\0"
-/* 1698 */ "print-cert\0"
-/* 1709 */ "The maximum record size to advertize\0"
-/* 1746 */ "RECORDSIZE\0"
-/* 1757 */ "recordsize\0"
-/* 1768 */ "The minimum number of bits allowed for DH\0"
-/* 1810 */ "DH_BITS\0"
-/* 1818 */ "dh-bits\0"
-/* 1826 */ "Priorities string\0"
-/* 1844 */ "PRIORITY\0"
-/* 1853 */ "priority\0"
-/* 1862 */ "Certificate file or PKCS #11 URL to use\0"
-/* 1902 */ "X509CAFILE\0"
-/* 1913 */ "x509cafile\0"
-/* 1924 */ "CRL file to use\0"
-/* 1940 */ "X509CRLFILE\0"
-/* 1952 */ "x509crlfile\0"
-/* 1964 */ "PGP Key file to use\0"
-/* 1984 */ "PGPKEYFILE\0"
-/* 1995 */ "pgpkeyfile\0"
-/* 2006 */ "PGP Key ring file to use\0"
-/* 2031 */ "PGPKEYRING\0"
-/* 2042 */ "pgpkeyring\0"
-/* 2053 */ "PGP Public Key (certificate) file to use\0"
-/* 2094 */ "PGPCERTFILE\0"
-/* 2106 */ "pgpcertfile\0"
-/* 2118 */ "X.509 key file or PKCS #11 URL to use\0"
-/* 2156 */ "X509KEYFILE\0"
-/* 2168 */ "x509keyfile\0"
-/* 2180 */ "X.509 Certificate file or PKCS #11 URL to use\0"
-/* 2226 */ "X509CERTFILE\0"
-/* 2239 */ "x509certfile\0"
-/* 2252 */ "PGP subkey to use (hex or auto)\0"
-/* 2284 */ "PGPSUBKEY\0"
-/* 2294 */ "pgpsubkey\0"
-/* 2304 */ "SRP username to use\0"
-/* 2324 */ "SRPUSERNAME\0"
-/* 2336 */ "srpusername\0"
-/* 2348 */ "SRP password to use\0"
-/* 2368 */ "SRPPASSWD\0"
-/* 2378 */ "srppasswd\0"
-/* 2388 */ "PSK username to use\0"
-/* 2408 */ "PSKUSERNAME\0"
-/* 2420 */ "pskusername\0"
-/* 2432 */ "PSK key (in hex) to use\0"
-/* 2456 */ "PSKKEY\0"
-/* 2463 */ "pskkey\0"
-/* 2470 */ "The port or service to connect to\0"
-/* 2504 */ "PORT\0"
-/* 2509 */ "port\0"
-/* 2514 */ "Don't abort program if server certificate can't be validated\0"
-/* 2575 */ "INSECURE\0"
-/* 2584 */ "insecure\0"
-/* 2593 */ "Benchmark individual ciphers\0"
-/* 2622 */ "BENCHMARK_CIPHERS\0"
-/* 2640 */ "benchmark-ciphers\0"
-/* 2658 */ "Benchmark individual software ciphers (no hw acceleration)\0"
-/* 2717 */ "BENCHMARK_SOFT_CIPHERS\0"
-/* 2740 */ "benchmark-soft-ciphers\0"
-/* 2763 */ "Benchmark TLS key exchange methods\0"
-/* 2798 */ "BENCHMARK_TLS_KX\0"
-/* 2815 */ "benchmark-tls-kx\0"
-/* 2832 */ "Benchmark TLS ciphers\0"
-/* 2854 */ "BENCHMARK_TLS_CIPHERS\0"
-/* 2876 */ "benchmark-tls-ciphers\0"
-/* 2898 */ "Print a list of the supported algorithms and modes\0"
-/* 2949 */ "LIST\0"
-/* 2954 */ "list\0"
-/* 2959 */ "Display extended usage information and exit\0"
-/* 3003 */ "help\0"
-/* 3008 */ "Extended usage information passed thru pager\0"
-/* 3053 */ "more-help\0"
-/* 3063 */ "Output version information and exit\0"
-/* 3099 */ "version\0"
-/* 3107 */ "GNUTLS_CLI\0"
-/* 3118 */ "gnutls-cli - GnuTLS client - Ver. @address@hidden"
- "USAGE: %s [ -<flag> [<val>] | --<name>[{=| }<val>] ]...
[hostname]\n\0"
-/* 3231 */ "address@hidden"
-/* 3250 */ "\n\n\0"
-/* 3253 */ "\n"
- "Simple client program to set up a TLS connection to some other
computer. It\n"
- "sets up a TLS connection and forwards data from the standard
input to the\n"
- "secured socket and vice versa.\n\0"
-/* 3437 */ "gnutls-cli @address@hidden"
-/* 3458 */ "Usage: gnutls-cli [options] hostname\n"
- "gnutls-cli --help for usage instructions.\n";
+static char const zDebugText[] =
+ "Enable debugging.";
+static char const zDebug_NAME[] = "DEBUG";
+static char const zDebug_Name[] = "debug";
+#define DEBUG_FLAGS (OPTST_DISABLED \
+ | OPTST_SET_ARGTYPE(OPARG_TYPE_NUMERIC))
/*
- * debug option description:
+ * Verbose option description:
*/
-#define DEBUG_DESC (gnutls_cli_opt_strs+890)
-#define DEBUG_NAME (gnutls_cli_opt_strs+908)
-#define DEBUG_name (gnutls_cli_opt_strs+914)
-#define DEBUG_FLAGS (OPTST_DISABLED \
- | OPTST_SET_ARGTYPE(OPARG_TYPE_NUMERIC))
+static char const zVerboseText[] =
+ "More verbose output";
+static char const zVerbose_NAME[] = "VERBOSE";
+static char const zVerbose_Name[] = "verbose";
+#define VERBOSE_FLAGS (OPTST_DISABLED)
/*
- * verbose option description:
+ * Tofu option description:
*/
-#define VERBOSE_DESC (gnutls_cli_opt_strs+920)
-#define VERBOSE_NAME (gnutls_cli_opt_strs+940)
-#define VERBOSE_name (gnutls_cli_opt_strs+948)
-#define VERBOSE_FLAGS (OPTST_DISABLED)
+static char const zTofuText[] =
+ "Enable trust on first use authentication";
+static char const zTofu_NAME[] = "TOFU";
+static char const zNotTofu_Name[] = "no-tofu";
+static char const zNotTofu_Pfx[] = "no";
+#define zTofu_Name (zNotTofu_Name + 3)
+#define TOFU_FLAGS (OPTST_DISABLED)
/*
- * tofu option description:
+ * Ocsp option description:
*/
-#define TOFU_DESC (gnutls_cli_opt_strs+956)
-#define TOFU_NAME (gnutls_cli_opt_strs+997)
-#define NOT_TOFU_name (gnutls_cli_opt_strs+1002)
-#define NOT_TOFU_PFX (gnutls_cli_opt_strs+1010)
-#define TOFU_name (NOT_TOFU_name + 3)
-#define TOFU_FLAGS (OPTST_DISABLED)
+static char const zOcspText[] =
+ "Enable OCSP certificate verification";
+static char const zOcsp_NAME[] = "OCSP";
+static char const zNotOcsp_Name[] = "no-ocsp";
+static char const zNotOcsp_Pfx[] = "no";
+#define zOcsp_Name (zNotOcsp_Name + 3)
+#define OCSP_FLAGS (OPTST_DISABLED)
/*
- * ocsp option description:
+ * Resume option description:
*/
-#define OCSP_DESC (gnutls_cli_opt_strs+1013)
-#define OCSP_NAME (gnutls_cli_opt_strs+1050)
-#define NOT_OCSP_name (gnutls_cli_opt_strs+1055)
-#define NOT_OCSP_PFX (gnutls_cli_opt_strs+1010)
-#define OCSP_name (NOT_OCSP_name + 3)
-#define OCSP_FLAGS (OPTST_DISABLED)
+static char const zResumeText[] =
+ "Establish a session and resume";
+static char const zResume_NAME[] = "RESUME";
+static char const zResume_Name[] = "resume";
+#define RESUME_FLAGS (OPTST_DISABLED)
/*
- * resume option description:
+ * Heartbeat option description:
*/
-#define RESUME_DESC (gnutls_cli_opt_strs+1063)
-#define RESUME_NAME (gnutls_cli_opt_strs+1094)
-#define RESUME_name (gnutls_cli_opt_strs+1101)
-#define RESUME_FLAGS (OPTST_DISABLED)
+static char const zHeartbeatText[] =
+ "Activate heartbeat support";
+static char const zHeartbeat_NAME[] = "HEARTBEAT";
+static char const zHeartbeat_Name[] = "heartbeat";
+#define HEARTBEAT_FLAGS (OPTST_DISABLED)
/*
- * heartbeat option description:
+ * Rehandshake option description:
*/
-#define HEARTBEAT_DESC (gnutls_cli_opt_strs+1108)
-#define HEARTBEAT_NAME (gnutls_cli_opt_strs+1135)
-#define HEARTBEAT_name (gnutls_cli_opt_strs+1145)
-#define HEARTBEAT_FLAGS (OPTST_DISABLED)
+static char const zRehandshakeText[] =
+ "Establish a session and rehandshake";
+static char const zRehandshake_NAME[] = "REHANDSHAKE";
+static char const zRehandshake_Name[] = "rehandshake";
+#define REHANDSHAKE_FLAGS (OPTST_DISABLED)
/*
- * rehandshake option description:
+ * Noticket option description:
*/
-#define REHANDSHAKE_DESC (gnutls_cli_opt_strs+1155)
-#define REHANDSHAKE_NAME (gnutls_cli_opt_strs+1191)
-#define REHANDSHAKE_name (gnutls_cli_opt_strs+1203)
-#define REHANDSHAKE_FLAGS (OPTST_DISABLED)
+static char const zNoticketText[] =
+ "Don't accept session tickets";
+static char const zNoticket_NAME[] = "NOTICKET";
+static char const zNoticket_Name[] = "noticket";
+#define NOTICKET_FLAGS (OPTST_DISABLED)
/*
- * noticket option description:
+ * Status_Request_Ocsp option description:
*/
-#define NOTICKET_DESC (gnutls_cli_opt_strs+1215)
-#define NOTICKET_NAME (gnutls_cli_opt_strs+1244)
-#define NOTICKET_name (gnutls_cli_opt_strs+1253)
-#define NOTICKET_FLAGS (OPTST_DISABLED)
+static char const zStatus_Request_OcspText[] =
+ "Request OCSP status request";
+static char const zStatus_Request_Ocsp_NAME[] = "STATUS_REQUEST_OCSP";
+static char const zStatus_Request_Ocsp_Name[]= "status-request-ocsp";
+#define STATUS_REQUEST_OCSP_FLAGS (OPTST_DISABLED)
/*
- * starttls option description:
+ * Starttls option description:
*/
-#define STARTTLS_DESC (gnutls_cli_opt_strs+1262)
-#define STARTTLS_NAME (gnutls_cli_opt_strs+1312)
-#define STARTTLS_name (gnutls_cli_opt_strs+1321)
-#define STARTTLS_FLAGS (OPTST_DISABLED)
+static char const zStarttlsText[] =
+ "Connect, establish a plain session and start TLS.";
+static char const zStarttls_NAME[] = "STARTTLS";
+static char const zStarttls_Name[] = "starttls";
+#define STARTTLS_FLAGS (OPTST_DISABLED)
/*
- * udp option description:
+ * Udp option description:
*/
-#define UDP_DESC (gnutls_cli_opt_strs+1330)
-#define UDP_NAME (gnutls_cli_opt_strs+1363)
-#define UDP_name (gnutls_cli_opt_strs+1367)
-#define UDP_FLAGS (OPTST_DISABLED)
+static char const zUdpText[] =
+ "Use DTLS (datagram TLS) over UDP";
+static char const zUdp_NAME[] = "UDP";
+static char const zUdp_Name[] = "udp";
+#define UDP_FLAGS (OPTST_DISABLED)
/*
- * mtu option description:
+ * Mtu option description:
*/
-#define MTU_DESC (gnutls_cli_opt_strs+1371)
-#define MTU_NAME (gnutls_cli_opt_strs+1396)
-#define MTU_name (gnutls_cli_opt_strs+1400)
-#define MTU_FLAGS (OPTST_DISABLED \
+static char const zMtuText[] =
+ "Set MTU for datagram TLS";
+static char const zMtu_NAME[] = "MTU";
+static char const zMtu_Name[] = "mtu";
+#define MTU_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_NUMERIC))
/*
- * crlf option description:
+ * Crlf option description:
*/
-#define CRLF_DESC (gnutls_cli_opt_strs+1404)
-#define CRLF_NAME (gnutls_cli_opt_strs+1429)
-#define CRLF_name (gnutls_cli_opt_strs+1434)
-#define CRLF_FLAGS (OPTST_DISABLED)
+static char const zCrlfText[] =
+ "Send CR LF instead of LF";
+static char const zCrlf_NAME[] = "CRLF";
+static char const zCrlf_Name[] = "crlf";
+#define CRLF_FLAGS (OPTST_DISABLED)
/*
- * x509fmtder option description:
+ * X509fmtder option description:
*/
-#define X509FMTDER_DESC (gnutls_cli_opt_strs+1439)
-#define X509FMTDER_NAME (gnutls_cli_opt_strs+1484)
-#define X509FMTDER_name (gnutls_cli_opt_strs+1495)
-#define X509FMTDER_FLAGS (OPTST_DISABLED)
+static char const zX509fmtderText[] =
+ "Use DER format for certificates to read from";
+static char const zX509fmtder_NAME[] = "X509FMTDER";
+static char const zX509fmtder_Name[] = "x509fmtder";
+#define X509FMTDER_FLAGS (OPTST_DISABLED)
/*
- * fingerprint option description:
+ * Fingerprint option description:
*/
-#define FINGERPRINT_DESC (gnutls_cli_opt_strs+1506)
-#define FINGERPRINT_NAME (gnutls_cli_opt_strs+1555)
-#define FINGERPRINT_name (gnutls_cli_opt_strs+1567)
-#define FINGERPRINT_FLAGS (OPTST_DISABLED)
+static char const zFingerprintText[] =
+ "Send the openpgp fingerprint, instead of the key";
+static char const zFingerprint_NAME[] = "FINGERPRINT";
+static char const zFingerprint_Name[] = "fingerprint";
+#define FINGERPRINT_FLAGS (OPTST_DISABLED)
/*
- * disable-extensions option description:
+ * Disable_Extensions option description:
*/
-#define DISABLE_EXTENSIONS_DESC (gnutls_cli_opt_strs+1579)
-#define DISABLE_EXTENSIONS_NAME (gnutls_cli_opt_strs+1610)
-#define DISABLE_EXTENSIONS_name (gnutls_cli_opt_strs+1629)
-#define DISABLE_EXTENSIONS_FLAGS (OPTST_DISABLED)
+static char const zDisable_ExtensionsText[] =
+ "Disable all the TLS extensions";
+static char const zDisable_Extensions_NAME[] = "DISABLE_EXTENSIONS";
+static char const zDisable_Extensions_Name[] = "disable-extensions";
+#define DISABLE_EXTENSIONS_FLAGS (OPTST_DISABLED)
/*
- * print-cert option description:
+ * Print_Cert option description:
*/
-#define PRINT_CERT_DESC (gnutls_cli_opt_strs+1648)
-#define PRINT_CERT_NAME (gnutls_cli_opt_strs+1687)
-#define PRINT_CERT_name (gnutls_cli_opt_strs+1698)
-#define PRINT_CERT_FLAGS (OPTST_DISABLED)
+static char const zPrint_CertText[] =
+ "Print peer's certificate in PEM format";
+static char const zPrint_Cert_NAME[] = "PRINT_CERT";
+static char const zPrint_Cert_Name[] = "print-cert";
+#define PRINT_CERT_FLAGS (OPTST_DISABLED)
/*
- * recordsize option description:
+ * Recordsize option description:
*/
-#define RECORDSIZE_DESC (gnutls_cli_opt_strs+1709)
-#define RECORDSIZE_NAME (gnutls_cli_opt_strs+1746)
-#define RECORDSIZE_name (gnutls_cli_opt_strs+1757)
-#define RECORDSIZE_FLAGS (OPTST_DISABLED \
+static char const zRecordsizeText[] =
+ "The maximum record size to advertize";
+static char const zRecordsize_NAME[] = "RECORDSIZE";
+static char const zRecordsize_Name[] = "recordsize";
+#define RECORDSIZE_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_NUMERIC))
/*
- * dh-bits option description:
+ * Dh_Bits option description:
*/
-#define DH_BITS_DESC (gnutls_cli_opt_strs+1768)
-#define DH_BITS_NAME (gnutls_cli_opt_strs+1810)
-#define DH_BITS_name (gnutls_cli_opt_strs+1818)
-#define DH_BITS_FLAGS (OPTST_DISABLED \
+static char const zDh_BitsText[] =
+ "The minimum number of bits allowed for DH";
+static char const zDh_Bits_NAME[] = "DH_BITS";
+static char const zDh_Bits_Name[] = "dh-bits";
+#define DH_BITS_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_NUMERIC))
/*
- * priority option description:
+ * Priority option description:
*/
-#define PRIORITY_DESC (gnutls_cli_opt_strs+1826)
-#define PRIORITY_NAME (gnutls_cli_opt_strs+1844)
-#define PRIORITY_name (gnutls_cli_opt_strs+1853)
-#define PRIORITY_FLAGS (OPTST_DISABLED \
+static char const zPriorityText[] =
+ "Priorities string";
+static char const zPriority_NAME[] = "PRIORITY";
+static char const zPriority_Name[] = "priority";
+#define PRIORITY_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_STRING))
/*
- * x509cafile option description:
+ * X509cafile option description:
*/
-#define X509CAFILE_DESC (gnutls_cli_opt_strs+1862)
-#define X509CAFILE_NAME (gnutls_cli_opt_strs+1902)
-#define X509CAFILE_name (gnutls_cli_opt_strs+1913)
-#define X509CAFILE_FLAGS (OPTST_DISABLED \
+static char const zX509cafileText[] =
+ "Certificate file or PKCS #11 URL to use";
+static char const zX509cafile_NAME[] = "X509CAFILE";
+static char const zX509cafile_Name[] = "x509cafile";
+#define X509CAFILE_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_STRING))
/*
- * x509crlfile option description:
+ * X509crlfile option description:
*/
-#define X509CRLFILE_DESC (gnutls_cli_opt_strs+1924)
-#define X509CRLFILE_NAME (gnutls_cli_opt_strs+1940)
-#define X509CRLFILE_name (gnutls_cli_opt_strs+1952)
-#define X509CRLFILE_FLAGS (OPTST_DISABLED \
+static char const zX509crlfileText[] =
+ "CRL file to use";
+static char const zX509crlfile_NAME[] = "X509CRLFILE";
+static char const zX509crlfile_Name[] = "x509crlfile";
+#define X509CRLFILE_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_FILE))
/*
- * pgpkeyfile option description:
+ * Pgpkeyfile option description:
*/
-#define PGPKEYFILE_DESC (gnutls_cli_opt_strs+1964)
-#define PGPKEYFILE_NAME (gnutls_cli_opt_strs+1984)
-#define PGPKEYFILE_name (gnutls_cli_opt_strs+1995)
-#define PGPKEYFILE_FLAGS (OPTST_DISABLED \
+static char const zPgpkeyfileText[] =
+ "PGP Key file to use";
+static char const zPgpkeyfile_NAME[] = "PGPKEYFILE";
+static char const zPgpkeyfile_Name[] = "pgpkeyfile";
+#define PGPKEYFILE_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_FILE))
/*
- * pgpkeyring option description:
+ * Pgpkeyring option description:
*/
-#define PGPKEYRING_DESC (gnutls_cli_opt_strs+2006)
-#define PGPKEYRING_NAME (gnutls_cli_opt_strs+2031)
-#define PGPKEYRING_name (gnutls_cli_opt_strs+2042)
-#define PGPKEYRING_FLAGS (OPTST_DISABLED \
+static char const zPgpkeyringText[] =
+ "PGP Key ring file to use";
+static char const zPgpkeyring_NAME[] = "PGPKEYRING";
+static char const zPgpkeyring_Name[] = "pgpkeyring";
+#define PGPKEYRING_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_FILE))
/*
- * pgpcertfile option description:
+ * Pgpcertfile option description:
*/
-#define PGPCERTFILE_DESC (gnutls_cli_opt_strs+2053)
-#define PGPCERTFILE_NAME (gnutls_cli_opt_strs+2094)
-#define PGPCERTFILE_name (gnutls_cli_opt_strs+2106)
-#define PGPCERTFILE_FLAGS (OPTST_DISABLED \
+static char const zPgpcertfileText[] =
+ "PGP Public Key (certificate) file to use";
+static char const zPgpcertfile_NAME[] = "PGPCERTFILE";
+static char const zPgpcertfile_Name[] = "pgpcertfile";
+#define PGPCERTFILE_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_FILE))
/*
- * x509keyfile option description:
+ * X509keyfile option description:
*/
-#define X509KEYFILE_DESC (gnutls_cli_opt_strs+2118)
-#define X509KEYFILE_NAME (gnutls_cli_opt_strs+2156)
-#define X509KEYFILE_name (gnutls_cli_opt_strs+2168)
-#define X509KEYFILE_FLAGS (OPTST_DISABLED \
+static char const zX509keyfileText[] =
+ "X.509 key file or PKCS #11 URL to use";
+static char const zX509keyfile_NAME[] = "X509KEYFILE";
+static char const zX509keyfile_Name[] = "x509keyfile";
+#define X509KEYFILE_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_STRING))
/*
- * x509certfile option description:
+ * X509certfile option description:
*/
-#define X509CERTFILE_DESC (gnutls_cli_opt_strs+2180)
-#define X509CERTFILE_NAME (gnutls_cli_opt_strs+2226)
-#define X509CERTFILE_name (gnutls_cli_opt_strs+2239)
-#define X509CERTFILE_FLAGS (OPTST_DISABLED \
+static char const zX509certfileText[] =
+ "X.509 Certificate file or PKCS #11 URL to use";
+static char const zX509certfile_NAME[] = "X509CERTFILE";
+static char const zX509certfile_Name[] = "x509certfile";
+#define X509CERTFILE_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_STRING))
/*
- * pgpsubkey option description:
+ * Pgpsubkey option description:
*/
-#define PGPSUBKEY_DESC (gnutls_cli_opt_strs+2252)
-#define PGPSUBKEY_NAME (gnutls_cli_opt_strs+2284)
-#define PGPSUBKEY_name (gnutls_cli_opt_strs+2294)
-#define PGPSUBKEY_FLAGS (OPTST_DISABLED \
+static char const zPgpsubkeyText[] =
+ "PGP subkey to use (hex or auto)";
+static char const zPgpsubkey_NAME[] = "PGPSUBKEY";
+static char const zPgpsubkey_Name[] = "pgpsubkey";
+#define PGPSUBKEY_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_STRING))
/*
- * srpusername option description:
+ * Srpusername option description:
*/
-#define SRPUSERNAME_DESC (gnutls_cli_opt_strs+2304)
-#define SRPUSERNAME_NAME (gnutls_cli_opt_strs+2324)
-#define SRPUSERNAME_name (gnutls_cli_opt_strs+2336)
-#define SRPUSERNAME_FLAGS (OPTST_DISABLED \
+static char const zSrpusernameText[] =
+ "SRP username to use";
+static char const zSrpusername_NAME[] = "SRPUSERNAME";
+static char const zSrpusername_Name[] = "srpusername";
+#define SRPUSERNAME_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_STRING))
/*
- * srppasswd option description:
+ * Srppasswd option description:
*/
-#define SRPPASSWD_DESC (gnutls_cli_opt_strs+2348)
-#define SRPPASSWD_NAME (gnutls_cli_opt_strs+2368)
-#define SRPPASSWD_name (gnutls_cli_opt_strs+2378)
-#define SRPPASSWD_FLAGS (OPTST_DISABLED \
+static char const zSrppasswdText[] =
+ "SRP password to use";
+static char const zSrppasswd_NAME[] = "SRPPASSWD";
+static char const zSrppasswd_Name[] = "srppasswd";
+#define SRPPASSWD_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_STRING))
/*
- * pskusername option description:
+ * Pskusername option description:
*/
-#define PSKUSERNAME_DESC (gnutls_cli_opt_strs+2388)
-#define PSKUSERNAME_NAME (gnutls_cli_opt_strs+2408)
-#define PSKUSERNAME_name (gnutls_cli_opt_strs+2420)
-#define PSKUSERNAME_FLAGS (OPTST_DISABLED \
+static char const zPskusernameText[] =
+ "PSK username to use";
+static char const zPskusername_NAME[] = "PSKUSERNAME";
+static char const zPskusername_Name[] = "pskusername";
+#define PSKUSERNAME_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_STRING))
/*
- * pskkey option description:
+ * Pskkey option description:
*/
-#define PSKKEY_DESC (gnutls_cli_opt_strs+2432)
-#define PSKKEY_NAME (gnutls_cli_opt_strs+2456)
-#define PSKKEY_name (gnutls_cli_opt_strs+2463)
-#define PSKKEY_FLAGS (OPTST_DISABLED \
+static char const zPskkeyText[] =
+ "PSK key (in hex) to use";
+static char const zPskkey_NAME[] = "PSKKEY";
+static char const zPskkey_Name[] = "pskkey";
+#define PSKKEY_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_STRING))
/*
- * port option description:
+ * Port option description:
*/
-#define PORT_DESC (gnutls_cli_opt_strs+2470)
-#define PORT_NAME (gnutls_cli_opt_strs+2504)
-#define PORT_name (gnutls_cli_opt_strs+2509)
-#define PORT_FLAGS (OPTST_DISABLED \
+static char const zPortText[] =
+ "The port or service to connect to";
+static char const zPort_NAME[] = "PORT";
+static char const zPort_Name[] = "port";
+#define PORT_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_STRING))
/*
- * insecure option description:
+ * Insecure option description:
*/
-#define INSECURE_DESC (gnutls_cli_opt_strs+2514)
-#define INSECURE_NAME (gnutls_cli_opt_strs+2575)
-#define INSECURE_name (gnutls_cli_opt_strs+2584)
-#define INSECURE_FLAGS (OPTST_DISABLED)
+static char const zInsecureText[] =
+ "Don't abort program if server certificate can't be validated";
+static char const zInsecure_NAME[] = "INSECURE";
+static char const zInsecure_Name[] = "insecure";
+#define INSECURE_FLAGS (OPTST_DISABLED)
/*
- * benchmark-ciphers option description:
+ * Benchmark_Ciphers option description:
*/
-#define BENCHMARK_CIPHERS_DESC (gnutls_cli_opt_strs+2593)
-#define BENCHMARK_CIPHERS_NAME (gnutls_cli_opt_strs+2622)
-#define BENCHMARK_CIPHERS_name (gnutls_cli_opt_strs+2640)
-#define BENCHMARK_CIPHERS_FLAGS (OPTST_DISABLED)
+static char const zBenchmark_CiphersText[] =
+ "Benchmark individual ciphers";
+static char const zBenchmark_Ciphers_NAME[] = "BENCHMARK_CIPHERS";
+static char const zBenchmark_Ciphers_Name[] = "benchmark-ciphers";
+#define BENCHMARK_CIPHERS_FLAGS (OPTST_DISABLED)
/*
- * benchmark-soft-ciphers option description:
+ * Benchmark_Soft_Ciphers option description:
*/
-#define BENCHMARK_SOFT_CIPHERS_DESC (gnutls_cli_opt_strs+2658)
-#define BENCHMARK_SOFT_CIPHERS_NAME (gnutls_cli_opt_strs+2717)
-#define BENCHMARK_SOFT_CIPHERS_name (gnutls_cli_opt_strs+2740)
-#define BENCHMARK_SOFT_CIPHERS_FLAGS (OPTST_DISABLED)
+static char const zBenchmark_Soft_CiphersText[] =
+ "Benchmark individual software ciphers (no hw acceleration)";
+static char const zBenchmark_Soft_Ciphers_NAME[] = "BENCHMARK_SOFT_CIPHERS";
+static char const zBenchmark_Soft_Ciphers_Name[]= "benchmark-soft-ciphers";
+#define BENCHMARK_SOFT_CIPHERS_FLAGS (OPTST_DISABLED)
/*
- * benchmark-tls-kx option description:
+ * Benchmark_Tls_Kx option description:
*/
-#define BENCHMARK_TLS_KX_DESC (gnutls_cli_opt_strs+2763)
-#define BENCHMARK_TLS_KX_NAME (gnutls_cli_opt_strs+2798)
-#define BENCHMARK_TLS_KX_name (gnutls_cli_opt_strs+2815)
-#define BENCHMARK_TLS_KX_FLAGS (OPTST_DISABLED)
+static char const zBenchmark_Tls_KxText[] =
+ "Benchmark TLS key exchange methods";
+static char const zBenchmark_Tls_Kx_NAME[] = "BENCHMARK_TLS_KX";
+static char const zBenchmark_Tls_Kx_Name[] = "benchmark-tls-kx";
+#define BENCHMARK_TLS_KX_FLAGS (OPTST_DISABLED)
/*
- * benchmark-tls-ciphers option description:
+ * Benchmark_Tls_Ciphers option description:
*/
-#define BENCHMARK_TLS_CIPHERS_DESC (gnutls_cli_opt_strs+2832)
-#define BENCHMARK_TLS_CIPHERS_NAME (gnutls_cli_opt_strs+2854)
-#define BENCHMARK_TLS_CIPHERS_name (gnutls_cli_opt_strs+2876)
-#define BENCHMARK_TLS_CIPHERS_FLAGS (OPTST_DISABLED)
+static char const zBenchmark_Tls_CiphersText[] =
+ "Benchmark TLS ciphers";
+static char const zBenchmark_Tls_Ciphers_NAME[] = "BENCHMARK_TLS_CIPHERS";
+static char const zBenchmark_Tls_Ciphers_Name[]= "benchmark-tls-ciphers";
+#define BENCHMARK_TLS_CIPHERS_FLAGS (OPTST_DISABLED)
/*
- * list option description:
+ * List option description:
*/
-#define LIST_DESC (gnutls_cli_opt_strs+2898)
-#define LIST_NAME (gnutls_cli_opt_strs+2949)
-#define LIST_name (gnutls_cli_opt_strs+2954)
-#define LIST_FLAGS (OPTST_DISABLED)
+static char const zListText[] =
+ "Print a list of the supported algorithms and modes";
+static char const zList_NAME[] = "LIST";
+static char const zList_Name[] = "list";
+#define LIST_FLAGS (OPTST_DISABLED)
/*
* Help/More_Help/Version option descriptions:
*/
-#define HELP_DESC (gnutls_cli_opt_strs+2959)
-#define HELP_name (gnutls_cli_opt_strs+3003)
+static char const zHelpText[] = "Display extended usage information
and exit";
+static char const zHelp_Name[] = "help";
#ifdef HAVE_WORKING_FORK
-#define MORE_HELP_DESC (gnutls_cli_opt_strs+3008)
-#define MORE_HELP_name (gnutls_cli_opt_strs+3053)
-#define MORE_HELP_FLAGS (OPTST_IMM | OPTST_NO_INIT)
+#define OPTST_MORE_HELP_FLAGS (OPTST_IMM | OPTST_NO_INIT)
+static char const zMore_Help_Name[] = "more-help";
+static char const zMore_HelpText[] = "Extended usage information passed
thru pager";
#else
-#define MORE_HELP_DESC NULL
-#define MORE_HELP_name NULL
-#define MORE_HELP_FLAGS (OPTST_OMITTED | OPTST_NO_INIT)
+#define OPTST_MORE_HELP_FLAGS (OPTST_OMITTED | OPTST_NO_INIT)
+#define zMore_Help_Name NULL
+#define zMore_HelpText NULL
#endif
#ifdef NO_OPTIONAL_OPT_ARGS
-# define VER_FLAGS (OPTST_IMM | OPTST_NO_INIT)
+# define OPTST_VERSION_FLAGS OPTST_IMM | OPTST_NO_INIT
#else
-# define VER_FLAGS (OPTST_SET_ARGTYPE(OPARG_TYPE_STRING) | \
- OPTST_ARG_OPTIONAL | OPTST_IMM | OPTST_NO_INIT)
+# define OPTST_VERSION_FLAGS OPTST_SET_ARGTYPE(OPARG_TYPE_STRING) | \
+ OPTST_ARG_OPTIONAL | OPTST_IMM | OPTST_NO_INIT
#endif
-#define VER_DESC (gnutls_cli_opt_strs+3063)
-#define VER_name (gnutls_cli_opt_strs+3099)
+
+static char const zVersionText[] = "Output version information and exit";
+static char const zVersion_Name[] = "version";
/*
* Declare option callback procedures
*/
extern tOptProc
- optionBooleanVal, optionNestedVal, optionNumericVal,
- optionPagedUsage, optionPrintVersion, optionResetOpt,
- optionStackArg, optionTimeDate, optionTimeVal,
- optionUnstackArg, optionVendorOption;
+ optionBooleanVal, optionNestedVal, optionNumericVal,
+ optionPagedUsage, optionPrintVersion, optionResetOpt,
+ optionStackArg, optionTimeDate, optionTimeVal,
+ optionUnstackArg, optionVersionStderr;
static tOptProc
doOptDebug, doOptMtu, doOptPgpcertfile, doOptPgpkeyfile,
doOptPgpkeyring, doOptRecordsize, doOptX509crlfile, doUsageOpt;
-#define VER_PROC optionPrintVersion
-/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
-/**
- * Define the gnutls-cli Option Descriptions.
- * This is an array of OPTION_CT entries, one for each
- * option that the gnutls-cli program responds to.
+/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
+ *
+ * Define the Gnutls_Cli Option Descriptions.
*/
static tOptDesc optDesc[OPTION_CT] = {
{ /* entry idx, value */ 0, VALUE_OPT_DEBUG,
@@ -591,11 +497,11 @@ static tOptDesc optDesc[OPTION_CT] = {
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ DEBUG_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --debug */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ doOptDebug,
- /* desc, NAME, name */ DEBUG_DESC, DEBUG_NAME, DEBUG_name,
+ /* desc, NAME, name */ zDebugText, zDebug_NAME, zDebug_Name,
/* disablement strs */ NULL, NULL },
{ /* entry idx, value */ 1, VALUE_OPT_VERBOSE,
@@ -603,11 +509,11 @@ static tOptDesc optDesc[OPTION_CT] = {
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, NOLIMIT, 0,
/* opt state flags */ VERBOSE_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --verbose */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ VERBOSE_DESC, VERBOSE_NAME, VERBOSE_name,
+ /* desc, NAME, name */ zVerboseText, zVerbose_NAME, zVerbose_Name,
/* disablement strs */ NULL, NULL },
{ /* entry idx, value */ 2, VALUE_OPT_TOFU,
@@ -615,35 +521,35 @@ static tOptDesc optDesc[OPTION_CT] = {
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ TOFU_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --tofu */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ TOFU_DESC, TOFU_NAME, TOFU_name,
- /* disablement strs */ NOT_TOFU_name, NOT_TOFU_PFX },
+ /* desc, NAME, name */ zTofuText, zTofu_NAME, zTofu_Name,
+ /* disablement strs */ zNotTofu_Name, zNotTofu_Pfx },
{ /* entry idx, value */ 3, VALUE_OPT_OCSP,
/* equiv idx, value */ 3, VALUE_OPT_OCSP,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ OCSP_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --ocsp */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ OCSP_DESC, OCSP_NAME, OCSP_name,
- /* disablement strs */ NOT_OCSP_name, NOT_OCSP_PFX },
+ /* desc, NAME, name */ zOcspText, zOcsp_NAME, zOcsp_Name,
+ /* disablement strs */ zNotOcsp_Name, zNotOcsp_Pfx },
{ /* entry idx, value */ 4, VALUE_OPT_RESUME,
/* equiv idx, value */ 4, VALUE_OPT_RESUME,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ RESUME_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --resume */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ RESUME_DESC, RESUME_NAME, RESUME_name,
+ /* desc, NAME, name */ zResumeText, zResume_NAME, zResume_Name,
/* disablement strs */ NULL, NULL },
{ /* entry idx, value */ 5, VALUE_OPT_HEARTBEAT,
@@ -651,11 +557,11 @@ static tOptDesc optDesc[OPTION_CT] = {
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ HEARTBEAT_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --heartbeat */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ HEARTBEAT_DESC, HEARTBEAT_NAME, HEARTBEAT_name,
+ /* desc, NAME, name */ zHeartbeatText, zHeartbeat_NAME, zHeartbeat_Name,
/* disablement strs */ NULL, NULL },
{ /* entry idx, value */ 6, VALUE_OPT_REHANDSHAKE,
@@ -663,11 +569,11 @@ static tOptDesc optDesc[OPTION_CT] = {
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ REHANDSHAKE_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --rehandshake */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ REHANDSHAKE_DESC, REHANDSHAKE_NAME,
REHANDSHAKE_name,
+ /* desc, NAME, name */ zRehandshakeText, zRehandshake_NAME,
zRehandshake_Name,
/* disablement strs */ NULL, NULL },
{ /* entry idx, value */ 7, VALUE_OPT_NOTICKET,
@@ -675,389 +581,401 @@ static tOptDesc optDesc[OPTION_CT] = {
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ NOTICKET_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --noticket */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ NOTICKET_DESC, NOTICKET_NAME, NOTICKET_name,
+ /* desc, NAME, name */ zNoticketText, zNoticket_NAME, zNoticket_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 8, VALUE_OPT_STARTTLS,
- /* equiv idx, value */ 8, VALUE_OPT_STARTTLS,
+ { /* entry idx, value */ 8, VALUE_OPT_STATUS_REQUEST_OCSP,
+ /* equiv idx, value */ 8, VALUE_OPT_STATUS_REQUEST_OCSP,
+ /* equivalenced to */ NO_EQUIVALENT,
+ /* min, max, act ct */ 0, 1, 0,
+ /* opt state flags */ STATUS_REQUEST_OCSP_FLAGS, 0,
+ /* last opt argumnt */ { NULL },
+ /* arg list/cookie */ NULL,
+ /* must/cannot opts */ NULL, NULL,
+ /* option proc */ NULL,
+ /* desc, NAME, name */ zStatus_Request_OcspText,
zStatus_Request_Ocsp_NAME, zStatus_Request_Ocsp_Name,
+ /* disablement strs */ NULL, NULL },
+
+ { /* entry idx, value */ 9, VALUE_OPT_STARTTLS,
+ /* equiv idx, value */ 9, VALUE_OPT_STARTTLS,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ STARTTLS_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --starttls */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ STARTTLS_DESC, STARTTLS_NAME, STARTTLS_name,
+ /* desc, NAME, name */ zStarttlsText, zStarttls_NAME, zStarttls_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 9, VALUE_OPT_UDP,
- /* equiv idx, value */ 9, VALUE_OPT_UDP,
+ { /* entry idx, value */ 10, VALUE_OPT_UDP,
+ /* equiv idx, value */ 10, VALUE_OPT_UDP,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ UDP_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --udp */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ UDP_DESC, UDP_NAME, UDP_name,
+ /* desc, NAME, name */ zUdpText, zUdp_NAME, zUdp_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 10, VALUE_OPT_MTU,
- /* equiv idx, value */ 10, VALUE_OPT_MTU,
+ { /* entry idx, value */ 11, VALUE_OPT_MTU,
+ /* equiv idx, value */ 11, VALUE_OPT_MTU,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ MTU_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --mtu */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ doOptMtu,
- /* desc, NAME, name */ MTU_DESC, MTU_NAME, MTU_name,
+ /* desc, NAME, name */ zMtuText, zMtu_NAME, zMtu_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 11, VALUE_OPT_CRLF,
- /* equiv idx, value */ 11, VALUE_OPT_CRLF,
+ { /* entry idx, value */ 12, VALUE_OPT_CRLF,
+ /* equiv idx, value */ 12, VALUE_OPT_CRLF,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ CRLF_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --crlf */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ CRLF_DESC, CRLF_NAME, CRLF_name,
+ /* desc, NAME, name */ zCrlfText, zCrlf_NAME, zCrlf_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 12, VALUE_OPT_X509FMTDER,
- /* equiv idx, value */ 12, VALUE_OPT_X509FMTDER,
+ { /* entry idx, value */ 13, VALUE_OPT_X509FMTDER,
+ /* equiv idx, value */ 13, VALUE_OPT_X509FMTDER,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ X509FMTDER_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --x509fmtder */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ X509FMTDER_DESC, X509FMTDER_NAME, X509FMTDER_name,
+ /* desc, NAME, name */ zX509fmtderText, zX509fmtder_NAME,
zX509fmtder_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 13, VALUE_OPT_FINGERPRINT,
- /* equiv idx, value */ 13, VALUE_OPT_FINGERPRINT,
+ { /* entry idx, value */ 14, VALUE_OPT_FINGERPRINT,
+ /* equiv idx, value */ 14, VALUE_OPT_FINGERPRINT,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ FINGERPRINT_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --fingerprint */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ FINGERPRINT_DESC, FINGERPRINT_NAME,
FINGERPRINT_name,
+ /* desc, NAME, name */ zFingerprintText, zFingerprint_NAME,
zFingerprint_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 14, VALUE_OPT_DISABLE_EXTENSIONS,
- /* equiv idx, value */ 14, VALUE_OPT_DISABLE_EXTENSIONS,
+ { /* entry idx, value */ 15, VALUE_OPT_DISABLE_EXTENSIONS,
+ /* equiv idx, value */ 15, VALUE_OPT_DISABLE_EXTENSIONS,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ DISABLE_EXTENSIONS_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --disable-extensions */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ DISABLE_EXTENSIONS_DESC, DISABLE_EXTENSIONS_NAME,
DISABLE_EXTENSIONS_name,
+ /* desc, NAME, name */ zDisable_ExtensionsText, zDisable_Extensions_NAME,
zDisable_Extensions_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 15, VALUE_OPT_PRINT_CERT,
- /* equiv idx, value */ 15, VALUE_OPT_PRINT_CERT,
+ { /* entry idx, value */ 16, VALUE_OPT_PRINT_CERT,
+ /* equiv idx, value */ 16, VALUE_OPT_PRINT_CERT,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ PRINT_CERT_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --print-cert */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ PRINT_CERT_DESC, PRINT_CERT_NAME, PRINT_CERT_name,
+ /* desc, NAME, name */ zPrint_CertText, zPrint_Cert_NAME,
zPrint_Cert_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 16, VALUE_OPT_RECORDSIZE,
- /* equiv idx, value */ 16, VALUE_OPT_RECORDSIZE,
+ { /* entry idx, value */ 17, VALUE_OPT_RECORDSIZE,
+ /* equiv idx, value */ 17, VALUE_OPT_RECORDSIZE,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ RECORDSIZE_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --recordsize */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ doOptRecordsize,
- /* desc, NAME, name */ RECORDSIZE_DESC, RECORDSIZE_NAME, RECORDSIZE_name,
+ /* desc, NAME, name */ zRecordsizeText, zRecordsize_NAME,
zRecordsize_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 17, VALUE_OPT_DH_BITS,
- /* equiv idx, value */ 17, VALUE_OPT_DH_BITS,
+ { /* entry idx, value */ 18, VALUE_OPT_DH_BITS,
+ /* equiv idx, value */ 18, VALUE_OPT_DH_BITS,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ DH_BITS_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --dh-bits */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ optionNumericVal,
- /* desc, NAME, name */ DH_BITS_DESC, DH_BITS_NAME, DH_BITS_name,
+ /* desc, NAME, name */ zDh_BitsText, zDh_Bits_NAME, zDh_Bits_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 18, VALUE_OPT_PRIORITY,
- /* equiv idx, value */ 18, VALUE_OPT_PRIORITY,
+ { /* entry idx, value */ 19, VALUE_OPT_PRIORITY,
+ /* equiv idx, value */ 19, VALUE_OPT_PRIORITY,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ PRIORITY_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --priority */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ PRIORITY_DESC, PRIORITY_NAME, PRIORITY_name,
+ /* desc, NAME, name */ zPriorityText, zPriority_NAME, zPriority_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 19, VALUE_OPT_X509CAFILE,
- /* equiv idx, value */ 19, VALUE_OPT_X509CAFILE,
+ { /* entry idx, value */ 20, VALUE_OPT_X509CAFILE,
+ /* equiv idx, value */ 20, VALUE_OPT_X509CAFILE,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ X509CAFILE_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --x509cafile */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ X509CAFILE_DESC, X509CAFILE_NAME, X509CAFILE_name,
+ /* desc, NAME, name */ zX509cafileText, zX509cafile_NAME,
zX509cafile_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 20, VALUE_OPT_X509CRLFILE,
- /* equiv idx, value */ 20, VALUE_OPT_X509CRLFILE,
+ { /* entry idx, value */ 21, VALUE_OPT_X509CRLFILE,
+ /* equiv idx, value */ 21, VALUE_OPT_X509CRLFILE,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ X509CRLFILE_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --x509crlfile */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ doOptX509crlfile,
- /* desc, NAME, name */ X509CRLFILE_DESC, X509CRLFILE_NAME,
X509CRLFILE_name,
+ /* desc, NAME, name */ zX509crlfileText, zX509crlfile_NAME,
zX509crlfile_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 21, VALUE_OPT_PGPKEYFILE,
- /* equiv idx, value */ 21, VALUE_OPT_PGPKEYFILE,
+ { /* entry idx, value */ 22, VALUE_OPT_PGPKEYFILE,
+ /* equiv idx, value */ 22, VALUE_OPT_PGPKEYFILE,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ PGPKEYFILE_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --pgpkeyfile */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ doOptPgpkeyfile,
- /* desc, NAME, name */ PGPKEYFILE_DESC, PGPKEYFILE_NAME, PGPKEYFILE_name,
+ /* desc, NAME, name */ zPgpkeyfileText, zPgpkeyfile_NAME,
zPgpkeyfile_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 22, VALUE_OPT_PGPKEYRING,
- /* equiv idx, value */ 22, VALUE_OPT_PGPKEYRING,
+ { /* entry idx, value */ 23, VALUE_OPT_PGPKEYRING,
+ /* equiv idx, value */ 23, VALUE_OPT_PGPKEYRING,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ PGPKEYRING_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --pgpkeyring */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ doOptPgpkeyring,
- /* desc, NAME, name */ PGPKEYRING_DESC, PGPKEYRING_NAME, PGPKEYRING_name,
+ /* desc, NAME, name */ zPgpkeyringText, zPgpkeyring_NAME,
zPgpkeyring_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 23, VALUE_OPT_PGPCERTFILE,
- /* equiv idx, value */ 23, VALUE_OPT_PGPCERTFILE,
+ { /* entry idx, value */ 24, VALUE_OPT_PGPCERTFILE,
+ /* equiv idx, value */ 24, VALUE_OPT_PGPCERTFILE,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ PGPCERTFILE_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --pgpcertfile */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ doOptPgpcertfile,
- /* desc, NAME, name */ PGPCERTFILE_DESC, PGPCERTFILE_NAME,
PGPCERTFILE_name,
+ /* desc, NAME, name */ zPgpcertfileText, zPgpcertfile_NAME,
zPgpcertfile_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 24, VALUE_OPT_X509KEYFILE,
- /* equiv idx, value */ 24, VALUE_OPT_X509KEYFILE,
+ { /* entry idx, value */ 25, VALUE_OPT_X509KEYFILE,
+ /* equiv idx, value */ 25, VALUE_OPT_X509KEYFILE,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ X509KEYFILE_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --x509keyfile */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ X509KEYFILE_DESC, X509KEYFILE_NAME,
X509KEYFILE_name,
+ /* desc, NAME, name */ zX509keyfileText, zX509keyfile_NAME,
zX509keyfile_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 25, VALUE_OPT_X509CERTFILE,
- /* equiv idx, value */ 25, VALUE_OPT_X509CERTFILE,
+ { /* entry idx, value */ 26, VALUE_OPT_X509CERTFILE,
+ /* equiv idx, value */ 26, VALUE_OPT_X509CERTFILE,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ X509CERTFILE_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --x509certfile */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ X509CERTFILE_DESC, X509CERTFILE_NAME,
X509CERTFILE_name,
+ /* desc, NAME, name */ zX509certfileText, zX509certfile_NAME,
zX509certfile_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 26, VALUE_OPT_PGPSUBKEY,
- /* equiv idx, value */ 26, VALUE_OPT_PGPSUBKEY,
+ { /* entry idx, value */ 27, VALUE_OPT_PGPSUBKEY,
+ /* equiv idx, value */ 27, VALUE_OPT_PGPSUBKEY,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ PGPSUBKEY_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --pgpsubkey */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ PGPSUBKEY_DESC, PGPSUBKEY_NAME, PGPSUBKEY_name,
+ /* desc, NAME, name */ zPgpsubkeyText, zPgpsubkey_NAME, zPgpsubkey_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 27, VALUE_OPT_SRPUSERNAME,
- /* equiv idx, value */ 27, VALUE_OPT_SRPUSERNAME,
+ { /* entry idx, value */ 28, VALUE_OPT_SRPUSERNAME,
+ /* equiv idx, value */ 28, VALUE_OPT_SRPUSERNAME,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ SRPUSERNAME_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --srpusername */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ SRPUSERNAME_DESC, SRPUSERNAME_NAME,
SRPUSERNAME_name,
+ /* desc, NAME, name */ zSrpusernameText, zSrpusername_NAME,
zSrpusername_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 28, VALUE_OPT_SRPPASSWD,
- /* equiv idx, value */ 28, VALUE_OPT_SRPPASSWD,
+ { /* entry idx, value */ 29, VALUE_OPT_SRPPASSWD,
+ /* equiv idx, value */ 29, VALUE_OPT_SRPPASSWD,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ SRPPASSWD_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --srppasswd */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ SRPPASSWD_DESC, SRPPASSWD_NAME, SRPPASSWD_name,
+ /* desc, NAME, name */ zSrppasswdText, zSrppasswd_NAME, zSrppasswd_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 29, VALUE_OPT_PSKUSERNAME,
- /* equiv idx, value */ 29, VALUE_OPT_PSKUSERNAME,
+ { /* entry idx, value */ 30, VALUE_OPT_PSKUSERNAME,
+ /* equiv idx, value */ 30, VALUE_OPT_PSKUSERNAME,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ PSKUSERNAME_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --pskusername */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ PSKUSERNAME_DESC, PSKUSERNAME_NAME,
PSKUSERNAME_name,
+ /* desc, NAME, name */ zPskusernameText, zPskusername_NAME,
zPskusername_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 30, VALUE_OPT_PSKKEY,
- /* equiv idx, value */ 30, VALUE_OPT_PSKKEY,
+ { /* entry idx, value */ 31, VALUE_OPT_PSKKEY,
+ /* equiv idx, value */ 31, VALUE_OPT_PSKKEY,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ PSKKEY_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --pskkey */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ PSKKEY_DESC, PSKKEY_NAME, PSKKEY_name,
+ /* desc, NAME, name */ zPskkeyText, zPskkey_NAME, zPskkey_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 31, VALUE_OPT_PORT,
- /* equiv idx, value */ 31, VALUE_OPT_PORT,
+ { /* entry idx, value */ 32, VALUE_OPT_PORT,
+ /* equiv idx, value */ 32, VALUE_OPT_PORT,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ PORT_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --port */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ PORT_DESC, PORT_NAME, PORT_name,
+ /* desc, NAME, name */ zPortText, zPort_NAME, zPort_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 32, VALUE_OPT_INSECURE,
- /* equiv idx, value */ 32, VALUE_OPT_INSECURE,
+ { /* entry idx, value */ 33, VALUE_OPT_INSECURE,
+ /* equiv idx, value */ 33, VALUE_OPT_INSECURE,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ INSECURE_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --insecure */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ INSECURE_DESC, INSECURE_NAME, INSECURE_name,
+ /* desc, NAME, name */ zInsecureText, zInsecure_NAME, zInsecure_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 33, VALUE_OPT_BENCHMARK_CIPHERS,
- /* equiv idx, value */ 33, VALUE_OPT_BENCHMARK_CIPHERS,
+ { /* entry idx, value */ 34, VALUE_OPT_BENCHMARK_CIPHERS,
+ /* equiv idx, value */ 34, VALUE_OPT_BENCHMARK_CIPHERS,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ BENCHMARK_CIPHERS_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --benchmark-ciphers */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ BENCHMARK_CIPHERS_DESC, BENCHMARK_CIPHERS_NAME,
BENCHMARK_CIPHERS_name,
+ /* desc, NAME, name */ zBenchmark_CiphersText, zBenchmark_Ciphers_NAME,
zBenchmark_Ciphers_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 34, VALUE_OPT_BENCHMARK_SOFT_CIPHERS,
- /* equiv idx, value */ 34, VALUE_OPT_BENCHMARK_SOFT_CIPHERS,
+ { /* entry idx, value */ 35, VALUE_OPT_BENCHMARK_SOFT_CIPHERS,
+ /* equiv idx, value */ 35, VALUE_OPT_BENCHMARK_SOFT_CIPHERS,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ BENCHMARK_SOFT_CIPHERS_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --benchmark-soft-ciphers */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ BENCHMARK_SOFT_CIPHERS_DESC,
BENCHMARK_SOFT_CIPHERS_NAME, BENCHMARK_SOFT_CIPHERS_name,
+ /* desc, NAME, name */ zBenchmark_Soft_CiphersText,
zBenchmark_Soft_Ciphers_NAME, zBenchmark_Soft_Ciphers_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 35, VALUE_OPT_BENCHMARK_TLS_KX,
- /* equiv idx, value */ 35, VALUE_OPT_BENCHMARK_TLS_KX,
+ { /* entry idx, value */ 36, VALUE_OPT_BENCHMARK_TLS_KX,
+ /* equiv idx, value */ 36, VALUE_OPT_BENCHMARK_TLS_KX,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ BENCHMARK_TLS_KX_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --benchmark-tls-kx */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ BENCHMARK_TLS_KX_DESC, BENCHMARK_TLS_KX_NAME,
BENCHMARK_TLS_KX_name,
+ /* desc, NAME, name */ zBenchmark_Tls_KxText, zBenchmark_Tls_Kx_NAME,
zBenchmark_Tls_Kx_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 36, VALUE_OPT_BENCHMARK_TLS_CIPHERS,
- /* equiv idx, value */ 36, VALUE_OPT_BENCHMARK_TLS_CIPHERS,
+ { /* entry idx, value */ 37, VALUE_OPT_BENCHMARK_TLS_CIPHERS,
+ /* equiv idx, value */ 37, VALUE_OPT_BENCHMARK_TLS_CIPHERS,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ BENCHMARK_TLS_CIPHERS_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --benchmark-tls-ciphers */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ BENCHMARK_TLS_CIPHERS_DESC,
BENCHMARK_TLS_CIPHERS_NAME, BENCHMARK_TLS_CIPHERS_name,
+ /* desc, NAME, name */ zBenchmark_Tls_CiphersText,
zBenchmark_Tls_Ciphers_NAME, zBenchmark_Tls_Ciphers_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 37, VALUE_OPT_LIST,
- /* equiv idx, value */ 37, VALUE_OPT_LIST,
+ { /* entry idx, value */ 38, VALUE_OPT_LIST,
+ /* equiv idx, value */ 38, VALUE_OPT_LIST,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ LIST_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --list */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ LIST_DESC, LIST_NAME, LIST_name,
+ /* desc, NAME, name */ zListText, zList_NAME, zList_Name,
/* disablement strs */ NULL, NULL },
{ /* entry idx, value */ INDEX_OPT_VERSION, VALUE_OPT_VERSION,
- /* equiv idx value */ NO_EQUIVALENT, VALUE_OPT_VERSION,
+ /* equiv idx value */ NO_EQUIVALENT, 0,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
- /* opt state flags */ VER_FLAGS, 0,
+ /* opt state flags */ OPTST_VERSION_FLAGS, 0,
/* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
- /* option proc */ VER_PROC,
- /* desc, NAME, name */ VER_DESC, NULL, VER_name,
+ /* option proc */ optionPrintVersion,
+ /* desc, NAME, name */ zVersionText, NULL, zVersion_Name,
/* disablement strs */ NULL, NULL },
{ /* entry idx, value */ INDEX_OPT_HELP, VALUE_OPT_HELP,
- /* equiv idx value */ NO_EQUIVALENT, VALUE_OPT_HELP,
+ /* equiv idx value */ NO_EQUIVALENT, 0,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ OPTST_IMM | OPTST_NO_INIT, 0,
@@ -1065,36 +983,41 @@ static tOptDesc optDesc[OPTION_CT] = {
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ doUsageOpt,
- /* desc, NAME, name */ HELP_DESC, NULL, HELP_name,
+ /* desc, NAME, name */ zHelpText, NULL, zHelp_Name,
/* disablement strs */ NULL, NULL },
{ /* entry idx, value */ INDEX_OPT_MORE_HELP, VALUE_OPT_MORE_HELP,
- /* equiv idx value */ NO_EQUIVALENT, VALUE_OPT_MORE_HELP,
+ /* equiv idx value */ NO_EQUIVALENT, 0,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
- /* opt state flags */ MORE_HELP_FLAGS, 0,
+ /* opt state flags */ OPTST_MORE_HELP_FLAGS, 0,
/* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ optionPagedUsage,
- /* desc, NAME, name */ MORE_HELP_DESC, NULL, MORE_HELP_name,
+ /* desc, NAME, name */ zMore_HelpText, NULL, zMore_Help_Name,
/* disablement strs */ NULL, NULL }
};
-
/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
*
- * Define the gnutls-cli Option Environment
+ * Define the Gnutls_Cli Option Environment
*/
-#define zPROGNAME (gnutls_cli_opt_strs+3107)
-#define zUsageTitle (gnutls_cli_opt_strs+3118)
-#define zRcName NULL
-#define apzHomeList NULL
-#define zBugsAddr (gnutls_cli_opt_strs+3231)
-#define zExplain (gnutls_cli_opt_strs+3250)
-#define zDetail (gnutls_cli_opt_strs+3253)
-#define zFullVersion (gnutls_cli_opt_strs+3437)
-/* extracted from optcode.tlib near line 350 */
+static char const zPROGNAME[11] = "GNUTLS_CLI";
+static char const zUsageTitle[113] =
+"gnutls-cli - GnuTLS client - Ver. @address@hidden
+USAGE: %s [ -<flag> [<val>] | --<name>[{=| }<val>] ]... [hostname]\n";
+#define zRcName NULL
+#define apzHomeList NULL
+
+static char const zBugsAddr[19] = "address@hidden";
+static char const zExplain[] = "\n\n";
+static char const zDetail[195] = "\n\
+Simple client program to set up a TLS connection to some other computer.\n\
+It sets up a TLS connection and forwards data from the standard input\n\
+to the secured socket and vice versa.\n";
+static char const zFullVersion[] = GNUTLS_CLI_FULL_VERSION;
+/* extracted from optcode.tlib near line 515 */
#if defined(ENABLE_NLS)
# define OPTPROC_BASE OPTPROC_TRANSLATE | OPTPROC_NXLAT_OPT
@@ -1105,42 +1028,84 @@ static tOptDesc optDesc[OPTION_CT] = {
#endif /* ENABLE_NLS */
-#define gnutls_cli_full_usage (NULL)
+#define gnutls_cli_full_usage NULL
+static char const gnutls_cli_short_usage[] =
+ "Usage: gnutls-cli [options] hostname\n\
+gnutls-cli --help for usage instructions.\n";
+
+#ifndef PKGDATADIR
+# define PKGDATADIR ""
+#endif
-#define gnutls_cli_short_usage (gnutls_cli_opt_strs+3458)
+#ifndef WITH_PACKAGER
+# define gnutls_cli_packager_info NULL
+#else
+static char const gnutls_cli_packager_info[] =
+ "Packaged by " WITH_PACKAGER
-#endif /* not defined __doxygen__ */
+# ifdef WITH_PACKAGER_VERSION
+ " ("WITH_PACKAGER_VERSION")"
+# endif
+
+# ifdef WITH_PACKAGER_BUG_REPORTS
+ "\nReport gnutls_cli bugs to " WITH_PACKAGER_BUG_REPORTS
+# endif
+ "\n";
+#endif
+
+tOptions gnutls_cliOptions = {
+ OPTIONS_STRUCT_VERSION,
+ 0, NULL, /* original argc + argv */
+ ( OPTPROC_BASE
+ + OPTPROC_ERRSTOP
+ + OPTPROC_SHORTOPT
+ + OPTPROC_LONGOPT
+ + OPTPROC_NO_REQ_OPT
+ + OPTPROC_NEGATIONS
+ + OPTPROC_REORDER
+ + OPTPROC_GNUUSAGE
+ + OPTPROC_MISUSE ),
+ 0, NULL, /* current option index, current option */
+ NULL, NULL, zPROGNAME,
+ zRcName, zCopyright, zLicenseDescrip,
+ zFullVersion, apzHomeList, zUsageTitle,
+ zExplain, zDetail, optDesc,
+ zBugsAddr, /* address to send bugs to */
+ NULL, NULL, /* extensions/saved state */
+ optionUsage, /* usage procedure */
+ translate_option_strings, /* translation procedure */
+ /*
+ * Indexes to special options
+ */
+ { INDEX_OPT_MORE_HELP, /* more-help option index */
+ NO_EQUIVALENT, /* save option index */
+ NO_EQUIVALENT, /* '-#' option index */
+ NO_EQUIVALENT /* index of default opt */
+ },
+ 42 /* full option count */, 39 /* user option count */,
+ gnutls_cli_full_usage, gnutls_cli_short_usage,
+ NULL, NULL,
+ PKGDATADIR, gnutls_cli_packager_info
+};
/*
* Create the static procedure(s) declared above.
*/
-/**
- * The callout function that invokes the optionUsage function.
- *
- * @param pOptions the AutoOpts option description structure
- * @param pOptDesc the descriptor for the "help" (usage) option.
- * @noreturn
- */
static void
doUsageOpt(tOptions * pOptions, tOptDesc * pOptDesc)
{
- optionUsage(&gnutls_cliOptions, GNUTLS_CLI_EXIT_SUCCESS);
- /* NOTREACHED */
- (void)pOptDesc;
(void)pOptions;
+ USAGE(GNUTLS_CLI_EXIT_SUCCESS);
}
-/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
-/**
- * Code to handle the debug option.
+/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
*
- * @param pOptions the gnutls-cli options data structure
- * @param pOptDesc the option descriptor for this option.
+ * For the debug option.
*/
static void
doOptDebug(tOptions* pOptions, tOptDesc* pOptDesc)
{
- static struct {long rmin, rmax;} const rng[1] = {
+ static const struct {long const rmin, rmax;} rng[1] = {
{ 0 , 9999 } };
int ix;
@@ -1166,17 +1131,14 @@ emit_ranges:
optionShowRange(pOptions, pOptDesc, (void *)rng, 1);
}
-/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
-/**
- * Code to handle the mtu option.
+/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
*
- * @param pOptions the gnutls-cli options data structure
- * @param pOptDesc the option descriptor for this option.
+ * For the mtu option.
*/
static void
doOptMtu(tOptions* pOptions, tOptDesc* pOptDesc)
{
- static struct {long rmin, rmax;} const rng[1] = {
+ static const struct {long const rmin, rmax;} rng[1] = {
{ 0, 17000 } };
int ix;
@@ -1202,17 +1164,14 @@ emit_ranges:
optionShowRange(pOptions, pOptDesc, (void *)rng, 1);
}
-/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
-/**
- * Code to handle the recordsize option.
+/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
*
- * @param pOptions the gnutls-cli options data structure
- * @param pOptDesc the option descriptor for this option.
+ * For the recordsize option.
*/
static void
doOptRecordsize(tOptions* pOptions, tOptDesc* pOptDesc)
{
- static struct {long rmin, rmax;} const rng[1] = {
+ static const struct {long const rmin, rmax;} rng[1] = {
{ 0, 4096 } };
int ix;
@@ -1238,12 +1197,9 @@ emit_ranges:
optionShowRange(pOptions, pOptDesc, (void *)rng, 1);
}
-/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
-/**
- * Code to handle the x509crlfile option.
+/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
*
- * @param pOptions the gnutls-cli options data structure
- * @param pOptDesc the option descriptor for this option.
+ * For the x509crlfile option.
*/
static void
doOptX509crlfile(tOptions* pOptions, tOptDesc* pOptDesc)
@@ -1259,12 +1215,9 @@ doOptX509crlfile(tOptions* pOptions, tOptDesc* pOptDesc)
optionFileCheck(pOptions, pOptDesc, type, mode);
}
-/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
-/**
- * Code to handle the pgpkeyfile option.
+/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
*
- * @param pOptions the gnutls-cli options data structure
- * @param pOptDesc the option descriptor for this option.
+ * For the pgpkeyfile option.
*/
static void
doOptPgpkeyfile(tOptions* pOptions, tOptDesc* pOptDesc)
@@ -1280,12 +1233,9 @@ doOptPgpkeyfile(tOptions* pOptions, tOptDesc* pOptDesc)
optionFileCheck(pOptions, pOptDesc, type, mode);
}
-/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
-/**
- * Code to handle the pgpkeyring option.
+/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
*
- * @param pOptions the gnutls-cli options data structure
- * @param pOptDesc the option descriptor for this option.
+ * For the pgpkeyring option.
*/
static void
doOptPgpkeyring(tOptions* pOptions, tOptDesc* pOptDesc)
@@ -1301,12 +1251,9 @@ doOptPgpkeyring(tOptions* pOptions, tOptDesc* pOptDesc)
optionFileCheck(pOptions, pOptDesc, type, mode);
}
-/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
-/**
- * Code to handle the pgpcertfile option.
+/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
*
- * @param pOptions the gnutls-cli options data structure
- * @param pOptDesc the option descriptor for this option.
+ * For the pgpcertfile option.
*/
static void
doOptPgpcertfile(tOptions* pOptions, tOptDesc* pOptDesc)
@@ -1321,75 +1268,7 @@ doOptPgpcertfile(tOptions* pOptions, tOptDesc* pOptDesc)
optionFileCheck(pOptions, pOptDesc, type, mode);
}
-/* extracted from optmain.tlib near line 1113 */
-
-/**
- * The directory containing the data associated with gnutls-cli.
- */
-#ifndef PKGDATADIR
-# define PKGDATADIR ""
-#endif
-
-/**
- * Information about the person or institution that packaged gnutls-cli
- * for the current distribution.
- */
-#ifndef WITH_PACKAGER
-# define gnutls_cli_packager_info NULL
-#else
-static char const gnutls_cli_packager_info[] =
- "Packaged by " WITH_PACKAGER
-
-# ifdef WITH_PACKAGER_VERSION
- " ("WITH_PACKAGER_VERSION")"
-# endif
-
-# ifdef WITH_PACKAGER_BUG_REPORTS
- "\nReport gnutls_cli bugs to " WITH_PACKAGER_BUG_REPORTS
-# endif
- "\n";
-#endif
-#ifndef __doxygen__
-
-#endif /* __doxygen__ */
-/**
- * The option definitions for gnutls-cli. The one structure that
- * binds them all.
- */
-tOptions gnutls_cliOptions = {
- OPTIONS_STRUCT_VERSION,
- 0, NULL, /* original argc + argv */
- ( OPTPROC_BASE
- + OPTPROC_ERRSTOP
- + OPTPROC_SHORTOPT
- + OPTPROC_LONGOPT
- + OPTPROC_NO_REQ_OPT
- + OPTPROC_NEGATIONS
- + OPTPROC_REORDER
- + OPTPROC_GNUUSAGE
- + OPTPROC_MISUSE ),
- 0, NULL, /* current option index, current option */
- NULL, NULL, zPROGNAME,
- zRcName, zCopyright, zLicenseDescrip,
- zFullVersion, apzHomeList, zUsageTitle,
- zExplain, zDetail, optDesc,
- zBugsAddr, /* address to send bugs to */
- NULL, NULL, /* extensions/saved state */
- optionUsage, /* usage procedure */
- translate_option_strings, /* translation procedure */
- /*
- * Indexes to special options
- */
- { INDEX_OPT_MORE_HELP, /* more-help option index */
- NO_EQUIVALENT, /* save option index */
- NO_EQUIVALENT, /* '-#' option index */
- NO_EQUIVALENT /* index of default opt */
- },
- 41 /* full option count */, 38 /* user option count */,
- gnutls_cli_full_usage, gnutls_cli_short_usage,
- NULL, NULL,
- PKGDATADIR, gnutls_cli_packager_info
-};
+/* extracted from optcode.tlib near line 666 */
#if ENABLE_NLS
#include <stdio.h>
@@ -1401,16 +1280,7 @@ tOptions gnutls_cliOptions = {
static char* AO_gettext(char const* pz);
static void coerce_it(void** s);
-/**
- * AutoGen specific wrapper function for gettext.
- * It relies on the macro _() to convert from English to the target
- * language, then strdup-duplicates the result string.
- *
- * @param[in] pz the input text used as a lookup key.
- * @returns the translated text (if there is one),
- * or the original text (if not).
- */
-static char *
+static char*
AO_gettext(char const* pz)
{
char* pzRes;
@@ -1430,9 +1300,8 @@ AO_gettext(char const* pz)
static void coerce_it(void** s) { *s = AO_gettext(*s);
}
-/**
- * Translate all the translatable strings in the gnutls_cliOptions
- * structure defined above. This is done only once.
+/*
+ * This invokes the translation code (e.g. gettext(3)).
*/
static void
translate_option_strings(void)
diff --git a/src/cli-args.def b/src/cli-args.def
index 1d9bc78..17cf85f 100644
--- a/src/cli-args.def
+++ b/src/cli-args.def
@@ -56,6 +56,12 @@ flag = {
};
flag = {
+ name = status-request-ocsp;
+ descrip = "Request OCSP status request";
+ doc = "The client will indicate to the server in a TLS extension
that it wants a OCSP status request.";
+};
+
+flag = {
name = starttls;
value = s;
descrip = "Connect, establish a plain session and start TLS.";
diff --git a/src/cli-args.h b/src/cli-args.h
index b738248..c31879a 100644
--- a/src/cli-args.h
+++ b/src/cli-args.h
@@ -2,11 +2,11 @@
*
* DO NOT EDIT THIS FILE (cli-args.h)
*
- * It has been AutoGen-ed August 30, 2012 at 09:58:04 PM by AutoGen 5.16
+ * It has been AutoGen-ed September 28, 2012 at 01:15:40 PM by AutoGen 5.12
* From the definitions cli-args.def
* and the template file options
*
- * Generated from AutoOpts 36:4:11 templates.
+ * Generated from AutoOpts 35:0:10 templates.
*
* AutoOpts is a copyrighted work. This header file is not encumbered
* by AutoOpts licensing, but is provided under the licensing terms chosen
@@ -16,16 +16,15 @@
* users discretion, the BSD license. See the AutoOpts and/or libopts sources
* for details.
*
- * The gnutls-cli program is copyrighted and licensed
- * under the following terms:
+ * This source file is copyrighted and licensed under the following terms:
*
* Copyright (C) 2000-2012 Free Software Foundation, all rights reserved.
* This is free software. It is licensed for use, modification and
* redistribution under the terms of the
* GNU General Public License, version 3 or later
* <http://gnu.org/licenses/gpl.html>
- *
- * gnutls-cli is free software: you can redistribute it and/or modify it
+ *
+PFX>gnutls-cli is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
@@ -56,7 +55,7 @@
* tolerable version is at least as old as what was current when the header
* template was released.
*/
-#define AO_TEMPLATE_VERSION 147460
+#define AO_TEMPLATE_VERSION 143360
#if (AO_TEMPLATE_VERSION < OPTIONS_MINIMUM_VERSION) \
|| (AO_TEMPLATE_VERSION > OPTIONS_STRUCT_VERSION)
# error option template version mismatches autoopts/options.h header
@@ -75,42 +74,43 @@ typedef enum {
INDEX_OPT_HEARTBEAT = 5,
INDEX_OPT_REHANDSHAKE = 6,
INDEX_OPT_NOTICKET = 7,
- INDEX_OPT_STARTTLS = 8,
- INDEX_OPT_UDP = 9,
- INDEX_OPT_MTU = 10,
- INDEX_OPT_CRLF = 11,
- INDEX_OPT_X509FMTDER = 12,
- INDEX_OPT_FINGERPRINT = 13,
- INDEX_OPT_DISABLE_EXTENSIONS = 14,
- INDEX_OPT_PRINT_CERT = 15,
- INDEX_OPT_RECORDSIZE = 16,
- INDEX_OPT_DH_BITS = 17,
- INDEX_OPT_PRIORITY = 18,
- INDEX_OPT_X509CAFILE = 19,
- INDEX_OPT_X509CRLFILE = 20,
- INDEX_OPT_PGPKEYFILE = 21,
- INDEX_OPT_PGPKEYRING = 22,
- INDEX_OPT_PGPCERTFILE = 23,
- INDEX_OPT_X509KEYFILE = 24,
- INDEX_OPT_X509CERTFILE = 25,
- INDEX_OPT_PGPSUBKEY = 26,
- INDEX_OPT_SRPUSERNAME = 27,
- INDEX_OPT_SRPPASSWD = 28,
- INDEX_OPT_PSKUSERNAME = 29,
- INDEX_OPT_PSKKEY = 30,
- INDEX_OPT_PORT = 31,
- INDEX_OPT_INSECURE = 32,
- INDEX_OPT_BENCHMARK_CIPHERS = 33,
- INDEX_OPT_BENCHMARK_SOFT_CIPHERS = 34,
- INDEX_OPT_BENCHMARK_TLS_KX = 35,
- INDEX_OPT_BENCHMARK_TLS_CIPHERS = 36,
- INDEX_OPT_LIST = 37,
- INDEX_OPT_VERSION = 38,
- INDEX_OPT_HELP = 39,
- INDEX_OPT_MORE_HELP = 40
+ INDEX_OPT_STATUS_REQUEST_OCSP = 8,
+ INDEX_OPT_STARTTLS = 9,
+ INDEX_OPT_UDP = 10,
+ INDEX_OPT_MTU = 11,
+ INDEX_OPT_CRLF = 12,
+ INDEX_OPT_X509FMTDER = 13,
+ INDEX_OPT_FINGERPRINT = 14,
+ INDEX_OPT_DISABLE_EXTENSIONS = 15,
+ INDEX_OPT_PRINT_CERT = 16,
+ INDEX_OPT_RECORDSIZE = 17,
+ INDEX_OPT_DH_BITS = 18,
+ INDEX_OPT_PRIORITY = 19,
+ INDEX_OPT_X509CAFILE = 20,
+ INDEX_OPT_X509CRLFILE = 21,
+ INDEX_OPT_PGPKEYFILE = 22,
+ INDEX_OPT_PGPKEYRING = 23,
+ INDEX_OPT_PGPCERTFILE = 24,
+ INDEX_OPT_X509KEYFILE = 25,
+ INDEX_OPT_X509CERTFILE = 26,
+ INDEX_OPT_PGPSUBKEY = 27,
+ INDEX_OPT_SRPUSERNAME = 28,
+ INDEX_OPT_SRPPASSWD = 29,
+ INDEX_OPT_PSKUSERNAME = 30,
+ INDEX_OPT_PSKKEY = 31,
+ INDEX_OPT_PORT = 32,
+ INDEX_OPT_INSECURE = 33,
+ INDEX_OPT_BENCHMARK_CIPHERS = 34,
+ INDEX_OPT_BENCHMARK_SOFT_CIPHERS = 35,
+ INDEX_OPT_BENCHMARK_TLS_KX = 36,
+ INDEX_OPT_BENCHMARK_TLS_CIPHERS = 37,
+ INDEX_OPT_LIST = 38,
+ INDEX_OPT_VERSION = 39,
+ INDEX_OPT_HELP = 40,
+ INDEX_OPT_MORE_HELP = 41
} teOptIndex;
-#define OPTION_CT 41
+#define OPTION_CT 42
#define GNUTLS_CLI_VERSION "@VERSION@"
#define GNUTLS_CLI_FULL_VERSION "gnutls-cli @VERSION@"
@@ -141,8 +141,7 @@ typedef enum {
*/
typedef enum {
GNUTLS_CLI_EXIT_SUCCESS = 0,
- GNUTLS_CLI_EXIT_FAILURE = 1,
- GNUTLS_CLI_EXIT_LIBOPTS_FAILURE = 70
+ GNUTLS_CLI_EXIT_FAILURE = 1
} gnutls_cli_exit_code_t;
/* * * * * *
*
@@ -158,41 +157,42 @@ typedef enum {
#define VALUE_OPT_HEARTBEAT 'b'
#define VALUE_OPT_REHANDSHAKE 'e'
#define VALUE_OPT_NOTICKET 7
+#define VALUE_OPT_STATUS_REQUEST_OCSP 8
#define VALUE_OPT_STARTTLS 's'
#define VALUE_OPT_UDP 'u'
-#define VALUE_OPT_MTU 10
+#define VALUE_OPT_MTU 11
#define OPT_VALUE_MTU (DESC(MTU).optArg.argInt)
-#define VALUE_OPT_CRLF 11
-#define VALUE_OPT_X509FMTDER 12
+#define VALUE_OPT_CRLF 12
+#define VALUE_OPT_X509FMTDER 13
#define VALUE_OPT_FINGERPRINT 'f'
-#define VALUE_OPT_DISABLE_EXTENSIONS 14
-#define VALUE_OPT_PRINT_CERT 15
-#define VALUE_OPT_RECORDSIZE 16
+#define VALUE_OPT_DISABLE_EXTENSIONS 15
+#define VALUE_OPT_PRINT_CERT 16
+#define VALUE_OPT_RECORDSIZE 17
#define OPT_VALUE_RECORDSIZE (DESC(RECORDSIZE).optArg.argInt)
-#define VALUE_OPT_DH_BITS 17
+#define VALUE_OPT_DH_BITS 18
#define OPT_VALUE_DH_BITS (DESC(DH_BITS).optArg.argInt)
-#define VALUE_OPT_PRIORITY 18
-#define VALUE_OPT_X509CAFILE 19
-#define VALUE_OPT_X509CRLFILE 20
-#define VALUE_OPT_PGPKEYFILE 21
-#define VALUE_OPT_PGPKEYRING 22
-#define VALUE_OPT_PGPCERTFILE 23
-#define VALUE_OPT_X509KEYFILE 24
-#define VALUE_OPT_X509CERTFILE 25
-#define VALUE_OPT_PGPSUBKEY 26
-#define VALUE_OPT_SRPUSERNAME 27
-#define VALUE_OPT_SRPPASSWD 28
-#define VALUE_OPT_PSKUSERNAME 29
-#define VALUE_OPT_PSKKEY 30
+#define VALUE_OPT_PRIORITY 19
+#define VALUE_OPT_X509CAFILE 20
+#define VALUE_OPT_X509CRLFILE 21
+#define VALUE_OPT_PGPKEYFILE 22
+#define VALUE_OPT_PGPKEYRING 23
+#define VALUE_OPT_PGPCERTFILE 24
+#define VALUE_OPT_X509KEYFILE 25
+#define VALUE_OPT_X509CERTFILE 26
+#define VALUE_OPT_PGPSUBKEY 27
+#define VALUE_OPT_SRPUSERNAME 28
+#define VALUE_OPT_SRPPASSWD 29
+#define VALUE_OPT_PSKUSERNAME 30
+#define VALUE_OPT_PSKKEY 31
#define VALUE_OPT_PORT 'p'
-#define VALUE_OPT_INSECURE 32
-#define VALUE_OPT_BENCHMARK_CIPHERS 129
-#define VALUE_OPT_BENCHMARK_SOFT_CIPHERS 130
-#define VALUE_OPT_BENCHMARK_TLS_KX 131
-#define VALUE_OPT_BENCHMARK_TLS_CIPHERS 132
+#define VALUE_OPT_INSECURE 129
+#define VALUE_OPT_BENCHMARK_CIPHERS 130
+#define VALUE_OPT_BENCHMARK_SOFT_CIPHERS 131
+#define VALUE_OPT_BENCHMARK_TLS_KX 132
+#define VALUE_OPT_BENCHMARK_TLS_CIPHERS 133
#define VALUE_OPT_LIST 'l'
#define VALUE_OPT_HELP 'h'
#define VALUE_OPT_MORE_HELP '!'
@@ -207,17 +207,18 @@ typedef enum {
gnutls_cliOptions.pzCurOpt = NULL)
#define START_OPT RESTART_OPT(1)
#define USAGE(c) (*gnutls_cliOptions.pUsageProc)(&gnutls_cliOptions, c)
-/* extracted from opthead.tlib near line 484 */
+/* extracted from opthead.tlib near line 451 */
#ifdef __cplusplus
extern "C" {
#endif
-/*
- * global exported definitions
+
+/* * * * * *
+ *
+ * Globals exported from the GnuTLS client option definitions
*/
#include <gettext.h>
-
/* * * * * *
*
* Declare the gnutls-cli option descriptor.
diff --git a/src/cli.c b/src/cli.c
index 95180b7..aaf66c1 100644
--- a/src/cli.c
+++ b/src/cli.c
@@ -68,6 +68,7 @@ int resume, starttls, insecure, rehandshake, udp, mtu;
const char *hostname = NULL;
const char *service = NULL;
int record_max_size;
+int status_request_ocsp;
int fingerprint;
int crlf;
unsigned int verbose = 0;
@@ -628,6 +629,16 @@ init_tls_session (const char *hostname)
if (HAVE_OPT(HEARTBEAT))
gnutls_heartbeat_enable (session, GNUTLS_HB_PEER_ALLOWED_TO_SEND);
+ /* OCSP status-request TLS extension */
+ if (status_request_ocsp > 0 && disable_extensions == 0)
+ {
+ if (gnutls_status_request_ocsp_client (session, NULL, 0, NULL) < 0)
+ {
+ fprintf (stderr, "Cannot set OCSP status request information.\n");
+ exit (1);
+ }
+ }
+
#ifdef ENABLE_SESSION_TICKET
if (disable_extensions == 0 && !HAVE_OPT(NOTICKET)t)
gnutls_session_ticket_enable_client (session);
@@ -1092,6 +1103,7 @@ const char* rest = NULL;
}
record_max_size = OPT_VALUE_RECORDSIZE;
+ status_request_ocsp = HAVE_OPT(STATUS_REQUEST_OCSP);
fingerprint = HAVE_OPT(FINGERPRINT);
if (HAVE_OPT(X509FMTDER))
diff --git a/src/serv-args.c b/src/serv-args.c
index f27ed08..1231aaa 100644
--- a/src/serv-args.c
+++ b/src/serv-args.c
@@ -2,11 +2,11 @@
*
* DO NOT EDIT THIS FILE (serv-args.c)
*
- * It has been AutoGen-ed August 30, 2012 at 09:58:05 PM by AutoGen 5.16
+ * It has been AutoGen-ed September 28, 2012 at 01:15:45 PM by AutoGen 5.12
* From the definitions serv-args.def
* and the template file options
*
- * Generated from AutoOpts 36:4:11 templates.
+ * Generated from AutoOpts 35:0:10 templates.
*
* AutoOpts is a copyrighted work. This source file is not encumbered
* by AutoOpts licensing, but is provided under the licensing terms chosen
@@ -16,16 +16,15 @@
* users discretion, the BSD license. See the AutoOpts and/or libopts sources
* for details.
*
- * The gnutls-serv program is copyrighted and licensed
- * under the following terms:
+ * This source file is copyrighted and licensed under the following terms:
*
* Copyright (C) 2000-2012 Free Software Foundation, all rights reserved.
* This is free software. It is licensed for use, modification and
* redistribution under the terms of the
* GNU General Public License, version 3 or later
* <http://gnu.org/licenses/gpl.html>
- *
- * gnutls-serv is free software: you can redistribute it and/or modify it
+ *
+PFX>gnutls-serv is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
@@ -39,15 +38,14 @@
* with this program. If not, see <http://www.gnu.org/licenses/>.
*/
-#ifndef __doxygen__
-#define OPTION_CODE_COMPILE 1
-#include "serv-args.h"
#include <sys/types.h>
#include <limits.h>
#include <stdio.h>
#include <stdlib.h>
#include <errno.h>
+#define OPTION_CODE_COMPILE 1
+#include "serv-args.h"
#ifdef __cplusplus
extern "C" {
@@ -56,475 +54,401 @@ extern FILE * option_usage_fp;
/* TRANSLATORS: choose the translation for option names wisely because you
cannot ever change your mind. */
-#define zCopyright (gnutls_serv_opt_strs+0)
-#define zLicenseDescrip (gnutls_serv_opt_strs+282)
-
+static char const zCopyright[282] =
+"gnutls-serv @address@hidden
+Copyright (C) 2000-2012 Free Software Foundation, all rights reserved.\n\
+This is free software. It is licensed for use, modification and\n\
+redistribution under the terms of the\n\
+GNU General Public License, version 3 or later\n\
+ <http://gnu.org/licenses/gpl.html>\n";
+static char const zLicenseDescrip[611] =
+"gnutls-serv is free software: you can redistribute it and/or modify it\n\
+under the terms of the GNU General Public License as published by the\n\
+Free Software Foundation, either version 3 of the License, or (at your\n\
+option) any later version.\n\n\
+gnutls-serv is distributed in the hope that it will be useful, but WITHOUT\n\
+ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or\n\
+FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License\n\
+for more details.\n\n\
+You should have received a copy of the GNU General Public License along\n\
+with this program. If not, see <http://www.gnu.org/licenses/>.\n";
+
+extern tUsageProc optionUsage;
#ifndef NULL
# define NULL 0
#endif
/*
- * gnutls-serv option static const strings
- */
-static char const gnutls_serv_opt_strs[2994] =
-/* 0 */ "gnutls-serv @address@hidden"
- "Copyright (C) 2000-2012 Free Software Foundation, all rights
reserved.\n"
- "This is free software. It is licensed for use, modification and\n"
- "redistribution under the terms of the\n"
- "GNU General Public License, version 3 or later\n"
- " <http://gnu.org/licenses/gpl.html>\n\0"
-/* 282 */ "gnutls-serv is free software: you can redistribute it and/or
modify it\n"
- "under the terms of the GNU General Public License as published by
the Free\n"
- "Software Foundation, either version 3 of the License, or (at your
option)\n"
- "any later version.\n\n"
- "gnutls-serv is distributed in the hope that it will be useful,
but WITHOUT\n"
- "ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or\n"
- "FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public
License for\n"
- "more details.\n\n"
- "You should have received a copy of the GNU General Public License
along\n"
- "with this program. If not, see
<http://www.gnu.org/licenses/>.\n\0"
-/* 893 */ "Enable debugging.\0"
-/* 911 */ "DEBUG\0"
-/* 917 */ "debug\0"
-/* 923 */ "Don't accept session tickets\0"
-/* 952 */ "NOTICKET\0"
-/* 961 */ "noticket\0"
-/* 970 */ "Generate Diffie-Hellman and RSA-export parameters\0"
-/* 1020 */ "GENERATE\0"
-/* 1029 */ "generate\0"
-/* 1038 */ "Suppress some messages\0"
-/* 1061 */ "QUIET\0"
-/* 1067 */ "quiet\0"
-/* 1073 */ "Do not use a resumption database\0"
-/* 1106 */ "NODB\0"
-/* 1111 */ "nodb\0"
-/* 1116 */ "Act as an HTTP server\0"
-/* 1138 */ "HTTP\0"
-/* 1143 */ "http\0"
-/* 1148 */ "Act as an Echo server\0"
-/* 1170 */ "ECHO\0"
-/* 1175 */ "echo\0"
-/* 1180 */ "Use DTLS (datagram TLS) over UDP\0"
-/* 1213 */ "UDP\0"
-/* 1217 */ "udp\0"
-/* 1221 */ "Set MTU for datagram TLS\0"
-/* 1246 */ "MTU\0"
-/* 1250 */ "mtu\0"
-/* 1254 */ "Do not request a client certificate\0"
-/* 1290 */ "DISABLE_CLIENT_CERT\0"
-/* 1310 */ "disable-client-cert\0"
-/* 1330 */ "Require a client certificate\0"
-/* 1359 */ "REQUIRE_CLIENT_CERT\0"
-/* 1379 */ "require-client-cert\0"
-/* 1399 */ "Activate heartbeat support\0"
-/* 1426 */ "HEARTBEAT\0"
-/* 1436 */ "heartbeat\0"
-/* 1446 */ "Use DER format for certificates to read from\0"
-/* 1491 */ "X509FMTDER\0"
-/* 1502 */ "x509fmtder\0"
-/* 1513 */ "Priorities string\0"
-/* 1531 */ "PRIORITY\0"
-/* 1540 */ "priority\0"
-/* 1549 */ "DH params file to use\0"
-/* 1571 */ "DHPARAMS\0"
-/* 1580 */ "dhparams\0"
-/* 1589 */ "Certificate file or PKCS #11 URL to use\0"
-/* 1629 */ "X509CAFILE\0"
-/* 1640 */ "x509cafile\0"
-/* 1651 */ "CRL file to use\0"
-/* 1667 */ "X509CRLFILE\0"
-/* 1679 */ "x509crlfile\0"
-/* 1691 */ "PGP Key file to use\0"
-/* 1711 */ "PGPKEYFILE\0"
-/* 1722 */ "pgpkeyfile\0"
-/* 1733 */ "PGP Key ring file to use\0"
-/* 1758 */ "PGPKEYRING\0"
-/* 1769 */ "pgpkeyring\0"
-/* 1780 */ "PGP Public Key (certificate) file to use\0"
-/* 1821 */ "PGPCERTFILE\0"
-/* 1833 */ "pgpcertfile\0"
-/* 1845 */ "X.509 key file or PKCS #11 URL to use\0"
-/* 1883 */ "X509KEYFILE\0"
-/* 1895 */ "x509keyfile\0"
-/* 1907 */ "X.509 Certificate file or PKCS #11 URL to use\0"
-/* 1953 */ "X509CERTFILE\0"
-/* 1966 */ "x509certfile\0"
-/* 1979 */ "Alternative X.509 key file or PKCS #11 URL to use\0"
-/* 2029 */ "X509DSAKEYFILE\0"
-/* 2044 */ "x509dsakeyfile\0"
-/* 2059 */ "Alternative X.509 Certificate file or PKCS #11 URL to use\0"
-/* 2117 */ "X509DSACERTFILE\0"
-/* 2133 */ "x509dsacertfile\0"
-/* 2149 */ "X509ECCKEYFILE\0"
-/* 2164 */ "x509ecckeyfile\0"
-/* 2179 */ "X509ECCCERTFILE\0"
-/* 2195 */ "x509ecccertfile\0"
-/* 2211 */ "PGP subkey to use (hex or auto)\0"
-/* 2243 */ "PGPSUBKEY\0"
-/* 2253 */ "pgpsubkey\0"
-/* 2263 */ "SRP password file to use\0"
-/* 2288 */ "SRPPASSWD\0"
-/* 2298 */ "srppasswd\0"
-/* 2308 */ "SRP password configuration file to use\0"
-/* 2347 */ "SRPPASSWDCONF\0"
-/* 2361 */ "srppasswdconf\0"
-/* 2375 */ "PSK password file to use\0"
-/* 2400 */ "PSKPASSWD\0"
-/* 2410 */ "pskpasswd\0"
-/* 2420 */ "PSK identity hint to use\0"
-/* 2445 */ "PSKHINT\0"
-/* 2453 */ "pskhint\0"
-/* 2461 */ "The port to connect to\0"
-/* 2484 */ "PORT\0"
-/* 2489 */ "port\0"
-/* 2494 */ "Print a list of the supported algorithms and modes\0"
-/* 2545 */ "LIST\0"
-/* 2550 */ "list\0"
-/* 2555 */ "Display extended usage information and exit\0"
-/* 2599 */ "help\0"
-/* 2604 */ "Extended usage information passed thru pager\0"
-/* 2649 */ "more-help\0"
-/* 2659 */ "Output version information and exit\0"
-/* 2695 */ "version\0"
-/* 2703 */ "GNUTLS_SERV\0"
-/* 2715 */ "gnutls-serv - GnuTLS server - Ver. @address@hidden"
- "USAGE: %s [ -<flag> [<val>] | --<name>[{=| }<val>] ]...\n\0"
-/* 2818 */ "address@hidden"
-/* 2837 */ "\n\n\0"
-/* 2840 */ "\n"
- "Server program that listens to incoming TLS connections.\n\0"
-/* 2899 */ "gnutls-serv @address@hidden"
-/* 2921 */ "Usage: gnutls-serv [options]\n"
- "gnutls-serv --help for usage instructions.\n";
-
-/*
- * debug option description:
+ * Debug option description:
*/
-#define DEBUG_DESC (gnutls_serv_opt_strs+893)
-#define DEBUG_NAME (gnutls_serv_opt_strs+911)
-#define DEBUG_name (gnutls_serv_opt_strs+917)
-#define DEBUG_FLAGS (OPTST_DISABLED \
+static char const zDebugText[] =
+ "Enable debugging.";
+static char const zDebug_NAME[] = "DEBUG";
+static char const zDebug_Name[] = "debug";
+#define DEBUG_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_NUMERIC))
/*
- * noticket option description:
+ * Noticket option description:
*/
-#define NOTICKET_DESC (gnutls_serv_opt_strs+923)
-#define NOTICKET_NAME (gnutls_serv_opt_strs+952)
-#define NOTICKET_name (gnutls_serv_opt_strs+961)
-#define NOTICKET_FLAGS (OPTST_DISABLED)
+static char const zNoticketText[] =
+ "Don't accept session tickets";
+static char const zNoticket_NAME[] = "NOTICKET";
+static char const zNoticket_Name[] = "noticket";
+#define NOTICKET_FLAGS (OPTST_DISABLED)
/*
- * generate option description:
+ * Generate option description:
*/
-#define GENERATE_DESC (gnutls_serv_opt_strs+970)
-#define GENERATE_NAME (gnutls_serv_opt_strs+1020)
-#define GENERATE_name (gnutls_serv_opt_strs+1029)
-#define GENERATE_FLAGS (OPTST_DISABLED)
+static char const zGenerateText[] =
+ "Generate Diffie-Hellman and RSA-export parameters";
+static char const zGenerate_NAME[] = "GENERATE";
+static char const zGenerate_Name[] = "generate";
+#define GENERATE_FLAGS (OPTST_DISABLED)
/*
- * quiet option description:
+ * Quiet option description:
*/
-#define QUIET_DESC (gnutls_serv_opt_strs+1038)
-#define QUIET_NAME (gnutls_serv_opt_strs+1061)
-#define QUIET_name (gnutls_serv_opt_strs+1067)
-#define QUIET_FLAGS (OPTST_DISABLED)
+static char const zQuietText[] =
+ "Suppress some messages";
+static char const zQuiet_NAME[] = "QUIET";
+static char const zQuiet_Name[] = "quiet";
+#define QUIET_FLAGS (OPTST_DISABLED)
/*
- * nodb option description:
+ * Nodb option description:
*/
-#define NODB_DESC (gnutls_serv_opt_strs+1073)
-#define NODB_NAME (gnutls_serv_opt_strs+1106)
-#define NODB_name (gnutls_serv_opt_strs+1111)
-#define NODB_FLAGS (OPTST_DISABLED)
+static char const zNodbText[] =
+ "Do not use a resumption database";
+static char const zNodb_NAME[] = "NODB";
+static char const zNodb_Name[] = "nodb";
+#define NODB_FLAGS (OPTST_DISABLED)
/*
- * http option description:
+ * Http option description:
*/
-#define HTTP_DESC (gnutls_serv_opt_strs+1116)
-#define HTTP_NAME (gnutls_serv_opt_strs+1138)
-#define HTTP_name (gnutls_serv_opt_strs+1143)
-#define HTTP_FLAGS (OPTST_DISABLED)
+static char const zHttpText[] =
+ "Act as an HTTP server";
+static char const zHttp_NAME[] = "HTTP";
+static char const zHttp_Name[] = "http";
+#define HTTP_FLAGS (OPTST_DISABLED)
/*
- * echo option description:
+ * Echo option description:
*/
-#define ECHO_DESC (gnutls_serv_opt_strs+1148)
-#define ECHO_NAME (gnutls_serv_opt_strs+1170)
-#define ECHO_name (gnutls_serv_opt_strs+1175)
-#define ECHO_FLAGS (OPTST_DISABLED)
+static char const zEchoText[] =
+ "Act as an Echo server";
+static char const zEcho_NAME[] = "ECHO";
+static char const zEcho_Name[] = "echo";
+#define ECHO_FLAGS (OPTST_DISABLED)
/*
- * udp option description:
+ * Udp option description:
*/
-#define UDP_DESC (gnutls_serv_opt_strs+1180)
-#define UDP_NAME (gnutls_serv_opt_strs+1213)
-#define UDP_name (gnutls_serv_opt_strs+1217)
-#define UDP_FLAGS (OPTST_DISABLED)
+static char const zUdpText[] =
+ "Use DTLS (datagram TLS) over UDP";
+static char const zUdp_NAME[] = "UDP";
+static char const zUdp_Name[] = "udp";
+#define UDP_FLAGS (OPTST_DISABLED)
/*
- * mtu option description:
+ * Mtu option description:
*/
-#define MTU_DESC (gnutls_serv_opt_strs+1221)
-#define MTU_NAME (gnutls_serv_opt_strs+1246)
-#define MTU_name (gnutls_serv_opt_strs+1250)
-#define MTU_FLAGS (OPTST_DISABLED \
+static char const zMtuText[] =
+ "Set MTU for datagram TLS";
+static char const zMtu_NAME[] = "MTU";
+static char const zMtu_Name[] = "mtu";
+#define MTU_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_NUMERIC))
/*
- * disable-client-cert option description:
+ * Disable_Client_Cert option description:
*/
-#define DISABLE_CLIENT_CERT_DESC (gnutls_serv_opt_strs+1254)
-#define DISABLE_CLIENT_CERT_NAME (gnutls_serv_opt_strs+1290)
-#define DISABLE_CLIENT_CERT_name (gnutls_serv_opt_strs+1310)
-#define DISABLE_CLIENT_CERT_FLAGS (OPTST_DISABLED)
+static char const zDisable_Client_CertText[] =
+ "Do not request a client certificate";
+static char const zDisable_Client_Cert_NAME[] = "DISABLE_CLIENT_CERT";
+static char const zDisable_Client_Cert_Name[]= "disable-client-cert";
+#define DISABLE_CLIENT_CERT_FLAGS (OPTST_DISABLED)
/*
- * require-client-cert option description:
+ * Require_Client_Cert option description:
*/
-#define REQUIRE_CLIENT_CERT_DESC (gnutls_serv_opt_strs+1330)
-#define REQUIRE_CLIENT_CERT_NAME (gnutls_serv_opt_strs+1359)
-#define REQUIRE_CLIENT_CERT_name (gnutls_serv_opt_strs+1379)
-#define REQUIRE_CLIENT_CERT_FLAGS (OPTST_DISABLED)
+static char const zRequire_Client_CertText[] =
+ "Require a client certificate";
+static char const zRequire_Client_Cert_NAME[] = "REQUIRE_CLIENT_CERT";
+static char const zRequire_Client_Cert_Name[]= "require-client-cert";
+#define REQUIRE_CLIENT_CERT_FLAGS (OPTST_DISABLED)
/*
- * heartbeat option description:
+ * Heartbeat option description:
*/
-#define HEARTBEAT_DESC (gnutls_serv_opt_strs+1399)
-#define HEARTBEAT_NAME (gnutls_serv_opt_strs+1426)
-#define HEARTBEAT_name (gnutls_serv_opt_strs+1436)
-#define HEARTBEAT_FLAGS (OPTST_DISABLED)
+static char const zHeartbeatText[] =
+ "Activate heartbeat support";
+static char const zHeartbeat_NAME[] = "HEARTBEAT";
+static char const zHeartbeat_Name[] = "heartbeat";
+#define HEARTBEAT_FLAGS (OPTST_DISABLED)
/*
- * x509fmtder option description:
+ * X509fmtder option description:
*/
-#define X509FMTDER_DESC (gnutls_serv_opt_strs+1446)
-#define X509FMTDER_NAME (gnutls_serv_opt_strs+1491)
-#define X509FMTDER_name (gnutls_serv_opt_strs+1502)
-#define X509FMTDER_FLAGS (OPTST_DISABLED)
+static char const zX509fmtderText[] =
+ "Use DER format for certificates to read from";
+static char const zX509fmtder_NAME[] = "X509FMTDER";
+static char const zX509fmtder_Name[] = "x509fmtder";
+#define X509FMTDER_FLAGS (OPTST_DISABLED)
/*
- * priority option description:
+ * Priority option description:
*/
-#define PRIORITY_DESC (gnutls_serv_opt_strs+1513)
-#define PRIORITY_NAME (gnutls_serv_opt_strs+1531)
-#define PRIORITY_name (gnutls_serv_opt_strs+1540)
-#define PRIORITY_FLAGS (OPTST_DISABLED \
+static char const zPriorityText[] =
+ "Priorities string";
+static char const zPriority_NAME[] = "PRIORITY";
+static char const zPriority_Name[] = "priority";
+#define PRIORITY_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_STRING))
/*
- * dhparams option description:
+ * Dhparams option description:
*/
-#define DHPARAMS_DESC (gnutls_serv_opt_strs+1549)
-#define DHPARAMS_NAME (gnutls_serv_opt_strs+1571)
-#define DHPARAMS_name (gnutls_serv_opt_strs+1580)
-#define DHPARAMS_FLAGS (OPTST_DISABLED \
+static char const zDhparamsText[] =
+ "DH params file to use";
+static char const zDhparams_NAME[] = "DHPARAMS";
+static char const zDhparams_Name[] = "dhparams";
+#define DHPARAMS_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_FILE))
/*
- * x509cafile option description:
+ * X509cafile option description:
*/
-#define X509CAFILE_DESC (gnutls_serv_opt_strs+1589)
-#define X509CAFILE_NAME (gnutls_serv_opt_strs+1629)
-#define X509CAFILE_name (gnutls_serv_opt_strs+1640)
-#define X509CAFILE_FLAGS (OPTST_DISABLED \
+static char const zX509cafileText[] =
+ "Certificate file or PKCS #11 URL to use";
+static char const zX509cafile_NAME[] = "X509CAFILE";
+static char const zX509cafile_Name[] = "x509cafile";
+#define X509CAFILE_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_STRING))
/*
- * x509crlfile option description:
+ * X509crlfile option description:
*/
-#define X509CRLFILE_DESC (gnutls_serv_opt_strs+1651)
-#define X509CRLFILE_NAME (gnutls_serv_opt_strs+1667)
-#define X509CRLFILE_name (gnutls_serv_opt_strs+1679)
-#define X509CRLFILE_FLAGS (OPTST_DISABLED \
+static char const zX509crlfileText[] =
+ "CRL file to use";
+static char const zX509crlfile_NAME[] = "X509CRLFILE";
+static char const zX509crlfile_Name[] = "x509crlfile";
+#define X509CRLFILE_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_FILE))
/*
- * pgpkeyfile option description:
+ * Pgpkeyfile option description:
*/
-#define PGPKEYFILE_DESC (gnutls_serv_opt_strs+1691)
-#define PGPKEYFILE_NAME (gnutls_serv_opt_strs+1711)
-#define PGPKEYFILE_name (gnutls_serv_opt_strs+1722)
-#define PGPKEYFILE_FLAGS (OPTST_DISABLED \
+static char const zPgpkeyfileText[] =
+ "PGP Key file to use";
+static char const zPgpkeyfile_NAME[] = "PGPKEYFILE";
+static char const zPgpkeyfile_Name[] = "pgpkeyfile";
+#define PGPKEYFILE_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_FILE))
/*
- * pgpkeyring option description:
+ * Pgpkeyring option description:
*/
-#define PGPKEYRING_DESC (gnutls_serv_opt_strs+1733)
-#define PGPKEYRING_NAME (gnutls_serv_opt_strs+1758)
-#define PGPKEYRING_name (gnutls_serv_opt_strs+1769)
-#define PGPKEYRING_FLAGS (OPTST_DISABLED \
+static char const zPgpkeyringText[] =
+ "PGP Key ring file to use";
+static char const zPgpkeyring_NAME[] = "PGPKEYRING";
+static char const zPgpkeyring_Name[] = "pgpkeyring";
+#define PGPKEYRING_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_FILE))
/*
- * pgpcertfile option description:
+ * Pgpcertfile option description:
*/
-#define PGPCERTFILE_DESC (gnutls_serv_opt_strs+1780)
-#define PGPCERTFILE_NAME (gnutls_serv_opt_strs+1821)
-#define PGPCERTFILE_name (gnutls_serv_opt_strs+1833)
-#define PGPCERTFILE_FLAGS (OPTST_DISABLED \
+static char const zPgpcertfileText[] =
+ "PGP Public Key (certificate) file to use";
+static char const zPgpcertfile_NAME[] = "PGPCERTFILE";
+static char const zPgpcertfile_Name[] = "pgpcertfile";
+#define PGPCERTFILE_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_FILE))
/*
- * x509keyfile option description:
+ * X509keyfile option description:
*/
-#define X509KEYFILE_DESC (gnutls_serv_opt_strs+1845)
-#define X509KEYFILE_NAME (gnutls_serv_opt_strs+1883)
-#define X509KEYFILE_name (gnutls_serv_opt_strs+1895)
-#define X509KEYFILE_FLAGS (OPTST_DISABLED \
+static char const zX509keyfileText[] =
+ "X.509 key file or PKCS #11 URL to use";
+static char const zX509keyfile_NAME[] = "X509KEYFILE";
+static char const zX509keyfile_Name[] = "x509keyfile";
+#define X509KEYFILE_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_STRING))
/*
- * x509certfile option description:
+ * X509certfile option description:
*/
-#define X509CERTFILE_DESC (gnutls_serv_opt_strs+1907)
-#define X509CERTFILE_NAME (gnutls_serv_opt_strs+1953)
-#define X509CERTFILE_name (gnutls_serv_opt_strs+1966)
-#define X509CERTFILE_FLAGS (OPTST_DISABLED \
+static char const zX509certfileText[] =
+ "X.509 Certificate file or PKCS #11 URL to use";
+static char const zX509certfile_NAME[] = "X509CERTFILE";
+static char const zX509certfile_Name[] = "x509certfile";
+#define X509CERTFILE_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_STRING))
/*
- * x509dsakeyfile option description:
+ * X509dsakeyfile option description:
*/
-#define X509DSAKEYFILE_DESC (gnutls_serv_opt_strs+1979)
-#define X509DSAKEYFILE_NAME (gnutls_serv_opt_strs+2029)
-#define X509DSAKEYFILE_name (gnutls_serv_opt_strs+2044)
-#define X509DSAKEYFILE_FLAGS (OPTST_DISABLED \
+static char const zX509dsakeyfileText[] =
+ "Alternative X.509 key file or PKCS #11 URL to use";
+static char const zX509dsakeyfile_NAME[] = "X509DSAKEYFILE";
+static char const zX509dsakeyfile_Name[] = "x509dsakeyfile";
+#define X509DSAKEYFILE_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_STRING))
/*
- * x509dsacertfile option description:
+ * X509dsacertfile option description:
*/
-#define X509DSACERTFILE_DESC (gnutls_serv_opt_strs+2059)
-#define X509DSACERTFILE_NAME (gnutls_serv_opt_strs+2117)
-#define X509DSACERTFILE_name (gnutls_serv_opt_strs+2133)
-#define X509DSACERTFILE_FLAGS (OPTST_DISABLED \
+static char const zX509dsacertfileText[] =
+ "Alternative X.509 Certificate file or PKCS #11 URL to use";
+static char const zX509dsacertfile_NAME[] = "X509DSACERTFILE";
+static char const zX509dsacertfile_Name[] = "x509dsacertfile";
+#define X509DSACERTFILE_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_STRING))
/*
- * x509ecckeyfile option description:
+ * X509ecckeyfile option description:
*/
-#define X509ECCKEYFILE_DESC (gnutls_serv_opt_strs+1979)
-#define X509ECCKEYFILE_NAME (gnutls_serv_opt_strs+2149)
-#define X509ECCKEYFILE_name (gnutls_serv_opt_strs+2164)
-#define X509ECCKEYFILE_FLAGS (OPTST_DISABLED \
+static char const zX509ecckeyfileText[] =
+ "Alternative X.509 key file or PKCS #11 URL to use";
+static char const zX509ecckeyfile_NAME[] = "X509ECCKEYFILE";
+static char const zX509ecckeyfile_Name[] = "x509ecckeyfile";
+#define X509ECCKEYFILE_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_STRING))
/*
- * x509ecccertfile option description:
+ * X509ecccertfile option description:
*/
-#define X509ECCCERTFILE_DESC (gnutls_serv_opt_strs+2059)
-#define X509ECCCERTFILE_NAME (gnutls_serv_opt_strs+2179)
-#define X509ECCCERTFILE_name (gnutls_serv_opt_strs+2195)
-#define X509ECCCERTFILE_FLAGS (OPTST_DISABLED \
+static char const zX509ecccertfileText[] =
+ "Alternative X.509 Certificate file or PKCS #11 URL to use";
+static char const zX509ecccertfile_NAME[] = "X509ECCCERTFILE";
+static char const zX509ecccertfile_Name[] = "x509ecccertfile";
+#define X509ECCCERTFILE_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_STRING))
/*
- * pgpsubkey option description:
+ * Pgpsubkey option description:
*/
-#define PGPSUBKEY_DESC (gnutls_serv_opt_strs+2211)
-#define PGPSUBKEY_NAME (gnutls_serv_opt_strs+2243)
-#define PGPSUBKEY_name (gnutls_serv_opt_strs+2253)
-#define PGPSUBKEY_FLAGS (OPTST_DISABLED \
+static char const zPgpsubkeyText[] =
+ "PGP subkey to use (hex or auto)";
+static char const zPgpsubkey_NAME[] = "PGPSUBKEY";
+static char const zPgpsubkey_Name[] = "pgpsubkey";
+#define PGPSUBKEY_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_STRING))
/*
- * srppasswd option description:
+ * Srppasswd option description:
*/
-#define SRPPASSWD_DESC (gnutls_serv_opt_strs+2263)
-#define SRPPASSWD_NAME (gnutls_serv_opt_strs+2288)
-#define SRPPASSWD_name (gnutls_serv_opt_strs+2298)
-#define SRPPASSWD_FLAGS (OPTST_DISABLED \
+static char const zSrppasswdText[] =
+ "SRP password file to use";
+static char const zSrppasswd_NAME[] = "SRPPASSWD";
+static char const zSrppasswd_Name[] = "srppasswd";
+#define SRPPASSWD_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_FILE))
/*
- * srppasswdconf option description:
+ * Srppasswdconf option description:
*/
-#define SRPPASSWDCONF_DESC (gnutls_serv_opt_strs+2308)
-#define SRPPASSWDCONF_NAME (gnutls_serv_opt_strs+2347)
-#define SRPPASSWDCONF_name (gnutls_serv_opt_strs+2361)
-#define SRPPASSWDCONF_FLAGS (OPTST_DISABLED \
+static char const zSrppasswdconfText[] =
+ "SRP password configuration file to use";
+static char const zSrppasswdconf_NAME[] = "SRPPASSWDCONF";
+static char const zSrppasswdconf_Name[] = "srppasswdconf";
+#define SRPPASSWDCONF_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_FILE))
/*
- * pskpasswd option description:
+ * Pskpasswd option description:
*/
-#define PSKPASSWD_DESC (gnutls_serv_opt_strs+2375)
-#define PSKPASSWD_NAME (gnutls_serv_opt_strs+2400)
-#define PSKPASSWD_name (gnutls_serv_opt_strs+2410)
-#define PSKPASSWD_FLAGS (OPTST_DISABLED \
+static char const zPskpasswdText[] =
+ "PSK password file to use";
+static char const zPskpasswd_NAME[] = "PSKPASSWD";
+static char const zPskpasswd_Name[] = "pskpasswd";
+#define PSKPASSWD_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_FILE))
/*
- * pskhint option description:
+ * Pskhint option description:
*/
-#define PSKHINT_DESC (gnutls_serv_opt_strs+2420)
-#define PSKHINT_NAME (gnutls_serv_opt_strs+2445)
-#define PSKHINT_name (gnutls_serv_opt_strs+2453)
-#define PSKHINT_FLAGS (OPTST_DISABLED \
+static char const zPskhintText[] =
+ "PSK identity hint to use";
+static char const zPskhint_NAME[] = "PSKHINT";
+static char const zPskhint_Name[] = "pskhint";
+#define PSKHINT_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_STRING))
/*
- * port option description:
+ * Status_Response_Ocsp option description:
+ */
+static char const zStatus_Response_OcspText[] =
+ "OCSP response to send to client";
+static char const zStatus_Response_Ocsp_NAME[] = "STATUS_RESPONSE_OCSP";
+static char const zStatus_Response_Ocsp_Name[]= "status-response-ocsp";
+#define STATUS_RESPONSE_OCSP_FLAGS (OPTST_DISABLED \
+ | OPTST_SET_ARGTYPE(OPARG_TYPE_FILE))
+
+/*
+ * Port option description:
*/
-#define PORT_DESC (gnutls_serv_opt_strs+2461)
-#define PORT_NAME (gnutls_serv_opt_strs+2484)
-#define PORT_name (gnutls_serv_opt_strs+2489)
-#define PORT_FLAGS (OPTST_DISABLED \
+static char const zPortText[] =
+ "The port to connect to";
+static char const zPort_NAME[] = "PORT";
+static char const zPort_Name[] = "port";
+#define PORT_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_NUMERIC))
/*
- * list option description:
+ * List option description:
*/
-#define LIST_DESC (gnutls_serv_opt_strs+2494)
-#define LIST_NAME (gnutls_serv_opt_strs+2545)
-#define LIST_name (gnutls_serv_opt_strs+2550)
-#define LIST_FLAGS (OPTST_DISABLED)
+static char const zListText[] =
+ "Print a list of the supported algorithms and modes";
+static char const zList_NAME[] = "LIST";
+static char const zList_Name[] = "list";
+#define LIST_FLAGS (OPTST_DISABLED)
/*
* Help/More_Help/Version option descriptions:
*/
-#define HELP_DESC (gnutls_serv_opt_strs+2555)
-#define HELP_name (gnutls_serv_opt_strs+2599)
+static char const zHelpText[] = "Display extended usage information
and exit";
+static char const zHelp_Name[] = "help";
#ifdef HAVE_WORKING_FORK
-#define MORE_HELP_DESC (gnutls_serv_opt_strs+2604)
-#define MORE_HELP_name (gnutls_serv_opt_strs+2649)
-#define MORE_HELP_FLAGS (OPTST_IMM | OPTST_NO_INIT)
+#define OPTST_MORE_HELP_FLAGS (OPTST_IMM | OPTST_NO_INIT)
+static char const zMore_Help_Name[] = "more-help";
+static char const zMore_HelpText[] = "Extended usage information passed
thru pager";
#else
-#define MORE_HELP_DESC NULL
-#define MORE_HELP_name NULL
-#define MORE_HELP_FLAGS (OPTST_OMITTED | OPTST_NO_INIT)
+#define OPTST_MORE_HELP_FLAGS (OPTST_OMITTED | OPTST_NO_INIT)
+#define zMore_Help_Name NULL
+#define zMore_HelpText NULL
#endif
#ifdef NO_OPTIONAL_OPT_ARGS
-# define VER_FLAGS (OPTST_IMM | OPTST_NO_INIT)
+# define OPTST_VERSION_FLAGS OPTST_IMM | OPTST_NO_INIT
#else
-# define VER_FLAGS (OPTST_SET_ARGTYPE(OPARG_TYPE_STRING) | \
- OPTST_ARG_OPTIONAL | OPTST_IMM | OPTST_NO_INIT)
+# define OPTST_VERSION_FLAGS OPTST_SET_ARGTYPE(OPARG_TYPE_STRING) | \
+ OPTST_ARG_OPTIONAL | OPTST_IMM | OPTST_NO_INIT
#endif
-#define VER_DESC (gnutls_serv_opt_strs+2659)
-#define VER_name (gnutls_serv_opt_strs+2695)
+
+static char const zVersionText[] = "Output version information and exit";
+static char const zVersion_Name[] = "version";
/*
* Declare option callback procedures
*/
extern tOptProc
- optionBooleanVal, optionNestedVal, optionNumericVal,
- optionPagedUsage, optionPrintVersion, optionResetOpt,
- optionStackArg, optionTimeDate, optionTimeVal,
- optionUnstackArg, optionVendorOption;
+ optionBooleanVal, optionNestedVal, optionNumericVal,
+ optionPagedUsage, optionPrintVersion, optionResetOpt,
+ optionStackArg, optionTimeDate, optionTimeVal,
+ optionUnstackArg, optionVersionStderr;
static tOptProc
- doOptDebug, doOptDhparams, doOptMtu,
- doOptPgpcertfile, doOptPgpkeyfile, doOptPgpkeyring,
- doOptPskpasswd, doOptSrppasswd, doOptSrppasswdconf,
- doOptX509crlfile, doUsageOpt;
-#define VER_PROC optionPrintVersion
-
-/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
-/**
- * Define the gnutls-serv Option Descriptions.
- * This is an array of OPTION_CT entries, one for each
- * option that the gnutls-serv program responds to.
+ doOptDebug, doOptDhparams,
+ doOptMtu, doOptPgpcertfile,
+ doOptPgpkeyfile, doOptPgpkeyring,
+ doOptPskpasswd, doOptSrppasswd,
+ doOptSrppasswdconf, doOptStatus_Response_Ocsp,
+ doOptX509crlfile, doUsageOpt;
+
+/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
+ *
+ * Define the Gnutls_Serv Option Descriptions.
*/
static tOptDesc optDesc[OPTION_CT] = {
{ /* entry idx, value */ 0, VALUE_OPT_DEBUG,
@@ -532,11 +456,11 @@ static tOptDesc optDesc[OPTION_CT] = {
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ DEBUG_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --debug */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ doOptDebug,
- /* desc, NAME, name */ DEBUG_DESC, DEBUG_NAME, DEBUG_name,
+ /* desc, NAME, name */ zDebugText, zDebug_NAME, zDebug_Name,
/* disablement strs */ NULL, NULL },
{ /* entry idx, value */ 1, VALUE_OPT_NOTICKET,
@@ -544,11 +468,11 @@ static tOptDesc optDesc[OPTION_CT] = {
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ NOTICKET_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --noticket */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ NOTICKET_DESC, NOTICKET_NAME, NOTICKET_name,
+ /* desc, NAME, name */ zNoticketText, zNoticket_NAME, zNoticket_Name,
/* disablement strs */ NULL, NULL },
{ /* entry idx, value */ 2, VALUE_OPT_GENERATE,
@@ -556,11 +480,11 @@ static tOptDesc optDesc[OPTION_CT] = {
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ GENERATE_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --generate */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ GENERATE_DESC, GENERATE_NAME, GENERATE_name,
+ /* desc, NAME, name */ zGenerateText, zGenerate_NAME, zGenerate_Name,
/* disablement strs */ NULL, NULL },
{ /* entry idx, value */ 3, VALUE_OPT_QUIET,
@@ -568,11 +492,11 @@ static tOptDesc optDesc[OPTION_CT] = {
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ QUIET_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --quiet */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ QUIET_DESC, QUIET_NAME, QUIET_name,
+ /* desc, NAME, name */ zQuietText, zQuiet_NAME, zQuiet_Name,
/* disablement strs */ NULL, NULL },
{ /* entry idx, value */ 4, VALUE_OPT_NODB,
@@ -580,11 +504,11 @@ static tOptDesc optDesc[OPTION_CT] = {
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ NODB_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --nodb */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ NODB_DESC, NODB_NAME, NODB_name,
+ /* desc, NAME, name */ zNodbText, zNodb_NAME, zNodb_Name,
/* disablement strs */ NULL, NULL },
{ /* entry idx, value */ 5, VALUE_OPT_HTTP,
@@ -592,11 +516,11 @@ static tOptDesc optDesc[OPTION_CT] = {
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ HTTP_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --http */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ HTTP_DESC, HTTP_NAME, HTTP_name,
+ /* desc, NAME, name */ zHttpText, zHttp_NAME, zHttp_Name,
/* disablement strs */ NULL, NULL },
{ /* entry idx, value */ 6, VALUE_OPT_ECHO,
@@ -604,11 +528,11 @@ static tOptDesc optDesc[OPTION_CT] = {
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ ECHO_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --echo */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ ECHO_DESC, ECHO_NAME, ECHO_name,
+ /* desc, NAME, name */ zEchoText, zEcho_NAME, zEcho_Name,
/* disablement strs */ NULL, NULL },
{ /* entry idx, value */ 7, VALUE_OPT_UDP,
@@ -616,11 +540,11 @@ static tOptDesc optDesc[OPTION_CT] = {
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ UDP_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --udp */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ UDP_DESC, UDP_NAME, UDP_name,
+ /* desc, NAME, name */ zUdpText, zUdp_NAME, zUdp_Name,
/* disablement strs */ NULL, NULL },
{ /* entry idx, value */ 8, VALUE_OPT_MTU,
@@ -628,11 +552,11 @@ static tOptDesc optDesc[OPTION_CT] = {
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ MTU_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --mtu */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ doOptMtu,
- /* desc, NAME, name */ MTU_DESC, MTU_NAME, MTU_name,
+ /* desc, NAME, name */ zMtuText, zMtu_NAME, zMtu_Name,
/* disablement strs */ NULL, NULL },
{ /* entry idx, value */ 9, VALUE_OPT_DISABLE_CLIENT_CERT,
@@ -640,11 +564,11 @@ static tOptDesc optDesc[OPTION_CT] = {
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ DISABLE_CLIENT_CERT_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --disable-client-cert */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ DISABLE_CLIENT_CERT_DESC,
DISABLE_CLIENT_CERT_NAME, DISABLE_CLIENT_CERT_name,
+ /* desc, NAME, name */ zDisable_Client_CertText,
zDisable_Client_Cert_NAME, zDisable_Client_Cert_Name,
/* disablement strs */ NULL, NULL },
{ /* entry idx, value */ 10, VALUE_OPT_REQUIRE_CLIENT_CERT,
@@ -652,11 +576,11 @@ static tOptDesc optDesc[OPTION_CT] = {
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ REQUIRE_CLIENT_CERT_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --require-client-cert */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ REQUIRE_CLIENT_CERT_DESC,
REQUIRE_CLIENT_CERT_NAME, REQUIRE_CLIENT_CERT_name,
+ /* desc, NAME, name */ zRequire_Client_CertText,
zRequire_Client_Cert_NAME, zRequire_Client_Cert_Name,
/* disablement strs */ NULL, NULL },
{ /* entry idx, value */ 11, VALUE_OPT_HEARTBEAT,
@@ -664,11 +588,11 @@ static tOptDesc optDesc[OPTION_CT] = {
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ HEARTBEAT_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --heartbeat */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ HEARTBEAT_DESC, HEARTBEAT_NAME, HEARTBEAT_name,
+ /* desc, NAME, name */ zHeartbeatText, zHeartbeat_NAME, zHeartbeat_Name,
/* disablement strs */ NULL, NULL },
{ /* entry idx, value */ 12, VALUE_OPT_X509FMTDER,
@@ -676,11 +600,11 @@ static tOptDesc optDesc[OPTION_CT] = {
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ X509FMTDER_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --x509fmtder */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ X509FMTDER_DESC, X509FMTDER_NAME, X509FMTDER_name,
+ /* desc, NAME, name */ zX509fmtderText, zX509fmtder_NAME,
zX509fmtder_Name,
/* disablement strs */ NULL, NULL },
{ /* entry idx, value */ 13, VALUE_OPT_PRIORITY,
@@ -688,11 +612,11 @@ static tOptDesc optDesc[OPTION_CT] = {
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ PRIORITY_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --priority */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ PRIORITY_DESC, PRIORITY_NAME, PRIORITY_name,
+ /* desc, NAME, name */ zPriorityText, zPriority_NAME, zPriority_Name,
/* disablement strs */ NULL, NULL },
{ /* entry idx, value */ 14, VALUE_OPT_DHPARAMS,
@@ -700,11 +624,11 @@ static tOptDesc optDesc[OPTION_CT] = {
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ DHPARAMS_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --dhparams */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ doOptDhparams,
- /* desc, NAME, name */ DHPARAMS_DESC, DHPARAMS_NAME, DHPARAMS_name,
+ /* desc, NAME, name */ zDhparamsText, zDhparams_NAME, zDhparams_Name,
/* disablement strs */ NULL, NULL },
{ /* entry idx, value */ 15, VALUE_OPT_X509CAFILE,
@@ -712,11 +636,11 @@ static tOptDesc optDesc[OPTION_CT] = {
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ X509CAFILE_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --x509cafile */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ X509CAFILE_DESC, X509CAFILE_NAME, X509CAFILE_name,
+ /* desc, NAME, name */ zX509cafileText, zX509cafile_NAME,
zX509cafile_Name,
/* disablement strs */ NULL, NULL },
{ /* entry idx, value */ 16, VALUE_OPT_X509CRLFILE,
@@ -724,11 +648,11 @@ static tOptDesc optDesc[OPTION_CT] = {
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ X509CRLFILE_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --x509crlfile */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ doOptX509crlfile,
- /* desc, NAME, name */ X509CRLFILE_DESC, X509CRLFILE_NAME,
X509CRLFILE_name,
+ /* desc, NAME, name */ zX509crlfileText, zX509crlfile_NAME,
zX509crlfile_Name,
/* disablement strs */ NULL, NULL },
{ /* entry idx, value */ 17, VALUE_OPT_PGPKEYFILE,
@@ -736,11 +660,11 @@ static tOptDesc optDesc[OPTION_CT] = {
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ PGPKEYFILE_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --pgpkeyfile */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ doOptPgpkeyfile,
- /* desc, NAME, name */ PGPKEYFILE_DESC, PGPKEYFILE_NAME, PGPKEYFILE_name,
+ /* desc, NAME, name */ zPgpkeyfileText, zPgpkeyfile_NAME,
zPgpkeyfile_Name,
/* disablement strs */ NULL, NULL },
{ /* entry idx, value */ 18, VALUE_OPT_PGPKEYRING,
@@ -748,11 +672,11 @@ static tOptDesc optDesc[OPTION_CT] = {
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ PGPKEYRING_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --pgpkeyring */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ doOptPgpkeyring,
- /* desc, NAME, name */ PGPKEYRING_DESC, PGPKEYRING_NAME, PGPKEYRING_name,
+ /* desc, NAME, name */ zPgpkeyringText, zPgpkeyring_NAME,
zPgpkeyring_Name,
/* disablement strs */ NULL, NULL },
{ /* entry idx, value */ 19, VALUE_OPT_PGPCERTFILE,
@@ -760,11 +684,11 @@ static tOptDesc optDesc[OPTION_CT] = {
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ PGPCERTFILE_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --pgpcertfile */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ doOptPgpcertfile,
- /* desc, NAME, name */ PGPCERTFILE_DESC, PGPCERTFILE_NAME,
PGPCERTFILE_name,
+ /* desc, NAME, name */ zPgpcertfileText, zPgpcertfile_NAME,
zPgpcertfile_Name,
/* disablement strs */ NULL, NULL },
{ /* entry idx, value */ 20, VALUE_OPT_X509KEYFILE,
@@ -772,11 +696,11 @@ static tOptDesc optDesc[OPTION_CT] = {
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ X509KEYFILE_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --x509keyfile */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ X509KEYFILE_DESC, X509KEYFILE_NAME,
X509KEYFILE_name,
+ /* desc, NAME, name */ zX509keyfileText, zX509keyfile_NAME,
zX509keyfile_Name,
/* disablement strs */ NULL, NULL },
{ /* entry idx, value */ 21, VALUE_OPT_X509CERTFILE,
@@ -784,11 +708,11 @@ static tOptDesc optDesc[OPTION_CT] = {
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ X509CERTFILE_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --x509certfile */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ X509CERTFILE_DESC, X509CERTFILE_NAME,
X509CERTFILE_name,
+ /* desc, NAME, name */ zX509certfileText, zX509certfile_NAME,
zX509certfile_Name,
/* disablement strs */ NULL, NULL },
{ /* entry idx, value */ 22, VALUE_OPT_X509DSAKEYFILE,
@@ -796,11 +720,11 @@ static tOptDesc optDesc[OPTION_CT] = {
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ X509DSAKEYFILE_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --x509dsakeyfile */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ X509DSAKEYFILE_DESC, X509DSAKEYFILE_NAME,
X509DSAKEYFILE_name,
+ /* desc, NAME, name */ zX509dsakeyfileText, zX509dsakeyfile_NAME,
zX509dsakeyfile_Name,
/* disablement strs */ NULL, NULL },
{ /* entry idx, value */ 23, VALUE_OPT_X509DSACERTFILE,
@@ -808,11 +732,11 @@ static tOptDesc optDesc[OPTION_CT] = {
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ X509DSACERTFILE_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --x509dsacertfile */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ X509DSACERTFILE_DESC, X509DSACERTFILE_NAME,
X509DSACERTFILE_name,
+ /* desc, NAME, name */ zX509dsacertfileText, zX509dsacertfile_NAME,
zX509dsacertfile_Name,
/* disablement strs */ NULL, NULL },
{ /* entry idx, value */ 24, VALUE_OPT_X509ECCKEYFILE,
@@ -820,11 +744,11 @@ static tOptDesc optDesc[OPTION_CT] = {
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ X509ECCKEYFILE_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --x509ecckeyfile */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ X509ECCKEYFILE_DESC, X509ECCKEYFILE_NAME,
X509ECCKEYFILE_name,
+ /* desc, NAME, name */ zX509ecckeyfileText, zX509ecckeyfile_NAME,
zX509ecckeyfile_Name,
/* disablement strs */ NULL, NULL },
{ /* entry idx, value */ 25, VALUE_OPT_X509ECCCERTFILE,
@@ -832,11 +756,11 @@ static tOptDesc optDesc[OPTION_CT] = {
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ X509ECCCERTFILE_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --x509ecccertfile */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ X509ECCCERTFILE_DESC, X509ECCCERTFILE_NAME,
X509ECCCERTFILE_name,
+ /* desc, NAME, name */ zX509ecccertfileText, zX509ecccertfile_NAME,
zX509ecccertfile_Name,
/* disablement strs */ NULL, NULL },
{ /* entry idx, value */ 26, VALUE_OPT_PGPSUBKEY,
@@ -844,11 +768,11 @@ static tOptDesc optDesc[OPTION_CT] = {
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ PGPSUBKEY_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --pgpsubkey */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ PGPSUBKEY_DESC, PGPSUBKEY_NAME, PGPSUBKEY_name,
+ /* desc, NAME, name */ zPgpsubkeyText, zPgpsubkey_NAME, zPgpsubkey_Name,
/* disablement strs */ NULL, NULL },
{ /* entry idx, value */ 27, VALUE_OPT_SRPPASSWD,
@@ -856,11 +780,11 @@ static tOptDesc optDesc[OPTION_CT] = {
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ SRPPASSWD_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --srppasswd */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ doOptSrppasswd,
- /* desc, NAME, name */ SRPPASSWD_DESC, SRPPASSWD_NAME, SRPPASSWD_name,
+ /* desc, NAME, name */ zSrppasswdText, zSrppasswd_NAME, zSrppasswd_Name,
/* disablement strs */ NULL, NULL },
{ /* entry idx, value */ 28, VALUE_OPT_SRPPASSWDCONF,
@@ -868,11 +792,11 @@ static tOptDesc optDesc[OPTION_CT] = {
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ SRPPASSWDCONF_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --srppasswdconf */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ doOptSrppasswdconf,
- /* desc, NAME, name */ SRPPASSWDCONF_DESC, SRPPASSWDCONF_NAME,
SRPPASSWDCONF_name,
+ /* desc, NAME, name */ zSrppasswdconfText, zSrppasswdconf_NAME,
zSrppasswdconf_Name,
/* disablement strs */ NULL, NULL },
{ /* entry idx, value */ 29, VALUE_OPT_PSKPASSWD,
@@ -880,11 +804,11 @@ static tOptDesc optDesc[OPTION_CT] = {
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ PSKPASSWD_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --pskpasswd */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ doOptPskpasswd,
- /* desc, NAME, name */ PSKPASSWD_DESC, PSKPASSWD_NAME, PSKPASSWD_name,
+ /* desc, NAME, name */ zPskpasswdText, zPskpasswd_NAME, zPskpasswd_Name,
/* disablement strs */ NULL, NULL },
{ /* entry idx, value */ 30, VALUE_OPT_PSKHINT,
@@ -892,53 +816,65 @@ static tOptDesc optDesc[OPTION_CT] = {
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ PSKHINT_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --pskhint */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ PSKHINT_DESC, PSKHINT_NAME, PSKHINT_name,
+ /* desc, NAME, name */ zPskhintText, zPskhint_NAME, zPskhint_Name,
+ /* disablement strs */ NULL, NULL },
+
+ { /* entry idx, value */ 31, VALUE_OPT_STATUS_RESPONSE_OCSP,
+ /* equiv idx, value */ 31, VALUE_OPT_STATUS_RESPONSE_OCSP,
+ /* equivalenced to */ NO_EQUIVALENT,
+ /* min, max, act ct */ 0, 1, 0,
+ /* opt state flags */ STATUS_RESPONSE_OCSP_FLAGS, 0,
+ /* last opt argumnt */ { NULL },
+ /* arg list/cookie */ NULL,
+ /* must/cannot opts */ NULL, NULL,
+ /* option proc */ doOptStatus_Response_Ocsp,
+ /* desc, NAME, name */ zStatus_Response_OcspText,
zStatus_Response_Ocsp_NAME, zStatus_Response_Ocsp_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 31, VALUE_OPT_PORT,
- /* equiv idx, value */ 31, VALUE_OPT_PORT,
+ { /* entry idx, value */ 32, VALUE_OPT_PORT,
+ /* equiv idx, value */ 32, VALUE_OPT_PORT,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ PORT_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --port */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ optionNumericVal,
- /* desc, NAME, name */ PORT_DESC, PORT_NAME, PORT_name,
+ /* desc, NAME, name */ zPortText, zPort_NAME, zPort_Name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 32, VALUE_OPT_LIST,
- /* equiv idx, value */ 32, VALUE_OPT_LIST,
+ { /* entry idx, value */ 33, VALUE_OPT_LIST,
+ /* equiv idx, value */ 33, VALUE_OPT_LIST,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ LIST_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --list */
+ /* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ LIST_DESC, LIST_NAME, LIST_name,
+ /* desc, NAME, name */ zListText, zList_NAME, zList_Name,
/* disablement strs */ NULL, NULL },
{ /* entry idx, value */ INDEX_OPT_VERSION, VALUE_OPT_VERSION,
- /* equiv idx value */ NO_EQUIVALENT, VALUE_OPT_VERSION,
+ /* equiv idx value */ NO_EQUIVALENT, 0,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
- /* opt state flags */ VER_FLAGS, 0,
+ /* opt state flags */ OPTST_VERSION_FLAGS, 0,
/* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
- /* option proc */ VER_PROC,
- /* desc, NAME, name */ VER_DESC, NULL, VER_name,
+ /* option proc */ optionPrintVersion,
+ /* desc, NAME, name */ zVersionText, NULL, zVersion_Name,
/* disablement strs */ NULL, NULL },
{ /* entry idx, value */ INDEX_OPT_HELP, VALUE_OPT_HELP,
- /* equiv idx value */ NO_EQUIVALENT, VALUE_OPT_HELP,
+ /* equiv idx value */ NO_EQUIVALENT, 0,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ OPTST_IMM | OPTST_NO_INIT, 0,
@@ -946,36 +882,39 @@ static tOptDesc optDesc[OPTION_CT] = {
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ doUsageOpt,
- /* desc, NAME, name */ HELP_DESC, NULL, HELP_name,
+ /* desc, NAME, name */ zHelpText, NULL, zHelp_Name,
/* disablement strs */ NULL, NULL },
{ /* entry idx, value */ INDEX_OPT_MORE_HELP, VALUE_OPT_MORE_HELP,
- /* equiv idx value */ NO_EQUIVALENT, VALUE_OPT_MORE_HELP,
+ /* equiv idx value */ NO_EQUIVALENT, 0,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
- /* opt state flags */ MORE_HELP_FLAGS, 0,
+ /* opt state flags */ OPTST_MORE_HELP_FLAGS, 0,
/* last opt argumnt */ { NULL },
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ optionPagedUsage,
- /* desc, NAME, name */ MORE_HELP_DESC, NULL, MORE_HELP_name,
+ /* desc, NAME, name */ zMore_HelpText, NULL, zMore_Help_Name,
/* disablement strs */ NULL, NULL }
};
-
/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
*
- * Define the gnutls-serv Option Environment
+ * Define the Gnutls_Serv Option Environment
*/
-#define zPROGNAME (gnutls_serv_opt_strs+2703)
-#define zUsageTitle (gnutls_serv_opt_strs+2715)
-#define zRcName NULL
-#define apzHomeList NULL
-#define zBugsAddr (gnutls_serv_opt_strs+2818)
-#define zExplain (gnutls_serv_opt_strs+2837)
-#define zDetail (gnutls_serv_opt_strs+2840)
-#define zFullVersion (gnutls_serv_opt_strs+2899)
-/* extracted from optcode.tlib near line 350 */
+static char const zPROGNAME[12] = "GNUTLS_SERV";
+static char const zUsageTitle[103] =
+"gnutls-serv - GnuTLS server - Ver. @address@hidden
+USAGE: %s [ -<flag> [<val>] | --<name>[{=| }<val>] ]...\n";
+#define zRcName NULL
+#define apzHomeList NULL
+
+static char const zBugsAddr[19] = "address@hidden";
+static char const zExplain[] = "\n\n";
+static char const zDetail[65] = "\n\
+Server program that listens to incoming TLS connections.\n";
+static char const zFullVersion[] = GNUTLS_SERV_FULL_VERSION;
+/* extracted from optcode.tlib near line 515 */
#if defined(ENABLE_NLS)
# define OPTPROC_BASE OPTPROC_TRANSLATE | OPTPROC_NXLAT_OPT
@@ -986,42 +925,83 @@ static tOptDesc optDesc[OPTION_CT] = {
#endif /* ENABLE_NLS */
-#define gnutls_serv_full_usage (NULL)
+#define gnutls_serv_full_usage NULL
+static char const gnutls_serv_short_usage[] =
+ "Usage: gnutls-serv [options]\n\
+gnutls-serv --help for usage instructions.\n";
+
+#ifndef PKGDATADIR
+# define PKGDATADIR ""
+#endif
-#define gnutls_serv_short_usage (gnutls_serv_opt_strs+2921)
+#ifndef WITH_PACKAGER
+# define gnutls_serv_packager_info NULL
+#else
+static char const gnutls_serv_packager_info[] =
+ "Packaged by " WITH_PACKAGER
-#endif /* not defined __doxygen__ */
+# ifdef WITH_PACKAGER_VERSION
+ " ("WITH_PACKAGER_VERSION")"
+# endif
+
+# ifdef WITH_PACKAGER_BUG_REPORTS
+ "\nReport gnutls_serv bugs to " WITH_PACKAGER_BUG_REPORTS
+# endif
+ "\n";
+#endif
+
+tOptions gnutls_servOptions = {
+ OPTIONS_STRUCT_VERSION,
+ 0, NULL, /* original argc + argv */
+ ( OPTPROC_BASE
+ + OPTPROC_ERRSTOP
+ + OPTPROC_SHORTOPT
+ + OPTPROC_LONGOPT
+ + OPTPROC_NO_REQ_OPT
+ + OPTPROC_NO_ARGS
+ + OPTPROC_GNUUSAGE
+ + OPTPROC_MISUSE ),
+ 0, NULL, /* current option index, current option */
+ NULL, NULL, zPROGNAME,
+ zRcName, zCopyright, zLicenseDescrip,
+ zFullVersion, apzHomeList, zUsageTitle,
+ zExplain, zDetail, optDesc,
+ zBugsAddr, /* address to send bugs to */
+ NULL, NULL, /* extensions/saved state */
+ optionUsage, /* usage procedure */
+ translate_option_strings, /* translation procedure */
+ /*
+ * Indexes to special options
+ */
+ { INDEX_OPT_MORE_HELP, /* more-help option index */
+ NO_EQUIVALENT, /* save option index */
+ NO_EQUIVALENT, /* '-#' option index */
+ NO_EQUIVALENT /* index of default opt */
+ },
+ 37 /* full option count */, 34 /* user option count */,
+ gnutls_serv_full_usage, gnutls_serv_short_usage,
+ NULL, NULL,
+ PKGDATADIR, gnutls_serv_packager_info
+};
/*
* Create the static procedure(s) declared above.
*/
-/**
- * The callout function that invokes the optionUsage function.
- *
- * @param pOptions the AutoOpts option description structure
- * @param pOptDesc the descriptor for the "help" (usage) option.
- * @noreturn
- */
static void
doUsageOpt(tOptions * pOptions, tOptDesc * pOptDesc)
{
- optionUsage(&gnutls_servOptions, GNUTLS_SERV_EXIT_SUCCESS);
- /* NOTREACHED */
- (void)pOptDesc;
(void)pOptions;
+ USAGE(GNUTLS_SERV_EXIT_SUCCESS);
}
-/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
-/**
- * Code to handle the debug option.
+/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
*
- * @param pOptions the gnutls-serv options data structure
- * @param pOptDesc the option descriptor for this option.
+ * For the debug option.
*/
static void
doOptDebug(tOptions* pOptions, tOptDesc* pOptDesc)
{
- static struct {long rmin, rmax;} const rng[1] = {
+ static const struct {long const rmin, rmax;} rng[1] = {
{ 0 , 9999 } };
int ix;
@@ -1047,17 +1027,14 @@ emit_ranges:
optionShowRange(pOptions, pOptDesc, (void *)rng, 1);
}
-/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
-/**
- * Code to handle the mtu option.
+/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
*
- * @param pOptions the gnutls-serv options data structure
- * @param pOptDesc the option descriptor for this option.
+ * For the mtu option.
*/
static void
doOptMtu(tOptions* pOptions, tOptDesc* pOptDesc)
{
- static struct {long rmin, rmax;} const rng[1] = {
+ static const struct {long const rmin, rmax;} rng[1] = {
{ 0, 17000 } };
int ix;
@@ -1083,12 +1060,9 @@ emit_ranges:
optionShowRange(pOptions, pOptDesc, (void *)rng, 1);
}
-/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
-/**
- * Code to handle the dhparams option.
+/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
*
- * @param pOptions the gnutls-serv options data structure
- * @param pOptDesc the option descriptor for this option.
+ * For the dhparams option.
*/
static void
doOptDhparams(tOptions* pOptions, tOptDesc* pOptDesc)
@@ -1104,12 +1078,9 @@ doOptDhparams(tOptions* pOptions, tOptDesc* pOptDesc)
optionFileCheck(pOptions, pOptDesc, type, mode);
}
-/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
-/**
- * Code to handle the x509crlfile option.
+/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
*
- * @param pOptions the gnutls-serv options data structure
- * @param pOptDesc the option descriptor for this option.
+ * For the x509crlfile option.
*/
static void
doOptX509crlfile(tOptions* pOptions, tOptDesc* pOptDesc)
@@ -1125,12 +1096,9 @@ doOptX509crlfile(tOptions* pOptions, tOptDesc* pOptDesc)
optionFileCheck(pOptions, pOptDesc, type, mode);
}
-/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
-/**
- * Code to handle the pgpkeyfile option.
+/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
*
- * @param pOptions the gnutls-serv options data structure
- * @param pOptDesc the option descriptor for this option.
+ * For the pgpkeyfile option.
*/
static void
doOptPgpkeyfile(tOptions* pOptions, tOptDesc* pOptDesc)
@@ -1146,12 +1114,9 @@ doOptPgpkeyfile(tOptions* pOptions, tOptDesc* pOptDesc)
optionFileCheck(pOptions, pOptDesc, type, mode);
}
-/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
-/**
- * Code to handle the pgpkeyring option.
+/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
*
- * @param pOptions the gnutls-serv options data structure
- * @param pOptDesc the option descriptor for this option.
+ * For the pgpkeyring option.
*/
static void
doOptPgpkeyring(tOptions* pOptions, tOptDesc* pOptDesc)
@@ -1167,12 +1132,9 @@ doOptPgpkeyring(tOptions* pOptions, tOptDesc* pOptDesc)
optionFileCheck(pOptions, pOptDesc, type, mode);
}
-/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
-/**
- * Code to handle the pgpcertfile option.
+/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
*
- * @param pOptions the gnutls-serv options data structure
- * @param pOptDesc the option descriptor for this option.
+ * For the pgpcertfile option.
*/
static void
doOptPgpcertfile(tOptions* pOptions, tOptDesc* pOptDesc)
@@ -1188,12 +1150,9 @@ doOptPgpcertfile(tOptions* pOptions, tOptDesc* pOptDesc)
optionFileCheck(pOptions, pOptDesc, type, mode);
}
-/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
-/**
- * Code to handle the srppasswd option.
+/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
*
- * @param pOptions the gnutls-serv options data structure
- * @param pOptDesc the option descriptor for this option.
+ * For the srppasswd option.
*/
static void
doOptSrppasswd(tOptions* pOptions, tOptDesc* pOptDesc)
@@ -1209,12 +1168,9 @@ doOptSrppasswd(tOptions* pOptions, tOptDesc* pOptDesc)
optionFileCheck(pOptions, pOptDesc, type, mode);
}
-/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
-/**
- * Code to handle the srppasswdconf option.
+/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
*
- * @param pOptions the gnutls-serv options data structure
- * @param pOptDesc the option descriptor for this option.
+ * For the srppasswdconf option.
*/
static void
doOptSrppasswdconf(tOptions* pOptions, tOptDesc* pOptDesc)
@@ -1230,12 +1186,9 @@ doOptSrppasswdconf(tOptions* pOptions, tOptDesc*
pOptDesc)
optionFileCheck(pOptions, pOptDesc, type, mode);
}
-/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
-/**
- * Code to handle the pskpasswd option.
+/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
*
- * @param pOptions the gnutls-serv options data structure
- * @param pOptDesc the option descriptor for this option.
+ * For the pskpasswd option.
*/
static void
doOptPskpasswd(tOptions* pOptions, tOptDesc* pOptDesc)
@@ -1250,74 +1203,25 @@ doOptPskpasswd(tOptions* pOptions, tOptDesc* pOptDesc)
optionFileCheck(pOptions, pOptDesc, type, mode);
}
-/* extracted from optmain.tlib near line 1113 */
-
-/**
- * The directory containing the data associated with gnutls-serv.
- */
-#ifndef PKGDATADIR
-# define PKGDATADIR ""
-#endif
-/**
- * Information about the person or institution that packaged gnutls-serv
- * for the current distribution.
+/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
+ *
+ * For the status-response-ocsp option.
*/
-#ifndef WITH_PACKAGER
-# define gnutls_serv_packager_info NULL
-#else
-static char const gnutls_serv_packager_info[] =
- "Packaged by " WITH_PACKAGER
-
-# ifdef WITH_PACKAGER_VERSION
- " ("WITH_PACKAGER_VERSION")"
-# endif
-
-# ifdef WITH_PACKAGER_BUG_REPORTS
- "\nReport gnutls_serv bugs to " WITH_PACKAGER_BUG_REPORTS
-# endif
- "\n";
+static void
+doOptStatus_Response_Ocsp(tOptions* pOptions, tOptDesc* pOptDesc)
+{
+ static teOptFileType const type =
+ FTYPE_MODE_MUST_EXIST + FTYPE_MODE_NO_OPEN;
+ static tuFileMode mode;
+#ifndef O_CLOEXEC
+# define O_CLOEXEC 0
#endif
-#ifndef __doxygen__
+ mode.file_flags = O_CLOEXEC;
-#endif /* __doxygen__ */
-/**
- * The option definitions for gnutls-serv. The one structure that
- * binds them all.
- */
-tOptions gnutls_servOptions = {
- OPTIONS_STRUCT_VERSION,
- 0, NULL, /* original argc + argv */
- ( OPTPROC_BASE
- + OPTPROC_ERRSTOP
- + OPTPROC_SHORTOPT
- + OPTPROC_LONGOPT
- + OPTPROC_NO_REQ_OPT
- + OPTPROC_NO_ARGS
- + OPTPROC_GNUUSAGE
- + OPTPROC_MISUSE ),
- 0, NULL, /* current option index, current option */
- NULL, NULL, zPROGNAME,
- zRcName, zCopyright, zLicenseDescrip,
- zFullVersion, apzHomeList, zUsageTitle,
- zExplain, zDetail, optDesc,
- zBugsAddr, /* address to send bugs to */
- NULL, NULL, /* extensions/saved state */
- optionUsage, /* usage procedure */
- translate_option_strings, /* translation procedure */
- /*
- * Indexes to special options
- */
- { INDEX_OPT_MORE_HELP, /* more-help option index */
- NO_EQUIVALENT, /* save option index */
- NO_EQUIVALENT, /* '-#' option index */
- NO_EQUIVALENT /* index of default opt */
- },
- 36 /* full option count */, 33 /* user option count */,
- gnutls_serv_full_usage, gnutls_serv_short_usage,
- NULL, NULL,
- PKGDATADIR, gnutls_serv_packager_info
-};
+ optionFileCheck(pOptions, pOptDesc, type, mode);
+}
+/* extracted from optcode.tlib near line 666 */
#if ENABLE_NLS
#include <stdio.h>
@@ -1329,16 +1233,7 @@ tOptions gnutls_servOptions = {
static char* AO_gettext(char const* pz);
static void coerce_it(void** s);
-/**
- * AutoGen specific wrapper function for gettext.
- * It relies on the macro _() to convert from English to the target
- * language, then strdup-duplicates the result string.
- *
- * @param[in] pz the input text used as a lookup key.
- * @returns the translated text (if there is one),
- * or the original text (if not).
- */
-static char *
+static char*
AO_gettext(char const* pz)
{
char* pzRes;
@@ -1358,9 +1253,8 @@ AO_gettext(char const* pz)
static void coerce_it(void** s) { *s = AO_gettext(*s);
}
-/**
- * Translate all the translatable strings in the gnutls_servOptions
- * structure defined above. This is done only once.
+/*
+ * This invokes the translation code (e.g. gettext(3)).
*/
static void
translate_option_strings(void)
diff --git a/src/serv-args.def b/src/serv-args.def
index e61034e..c24e7eb 100644
--- a/src/serv-args.def
+++ b/src/serv-args.def
@@ -228,6 +228,14 @@ flag = {
};
flag = {
+ name = status-response-ocsp;
+ arg-type = file;
+ file-exists = yes;
+ descrip = "OCSP response to send to client";
+ doc = "If the client requested an OCSP response, return data from
this file to the client.";
+};
+
+flag = {
name = port;
value = p;
arg-type = number;
diff --git a/src/serv-args.h b/src/serv-args.h
index 9c4c86e..0e825a6 100644
--- a/src/serv-args.h
+++ b/src/serv-args.h
@@ -2,11 +2,11 @@
*
* DO NOT EDIT THIS FILE (serv-args.h)
*
- * It has been AutoGen-ed August 30, 2012 at 09:58:05 PM by AutoGen 5.16
+ * It has been AutoGen-ed September 28, 2012 at 01:15:45 PM by AutoGen 5.12
* From the definitions serv-args.def
* and the template file options
*
- * Generated from AutoOpts 36:4:11 templates.
+ * Generated from AutoOpts 35:0:10 templates.
*
* AutoOpts is a copyrighted work. This header file is not encumbered
* by AutoOpts licensing, but is provided under the licensing terms chosen
@@ -16,16 +16,15 @@
* users discretion, the BSD license. See the AutoOpts and/or libopts sources
* for details.
*
- * The gnutls-serv program is copyrighted and licensed
- * under the following terms:
+ * This source file is copyrighted and licensed under the following terms:
*
* Copyright (C) 2000-2012 Free Software Foundation, all rights reserved.
* This is free software. It is licensed for use, modification and
* redistribution under the terms of the
* GNU General Public License, version 3 or later
* <http://gnu.org/licenses/gpl.html>
- *
- * gnutls-serv is free software: you can redistribute it and/or modify it
+ *
+PFX>gnutls-serv is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
@@ -56,7 +55,7 @@
* tolerable version is at least as old as what was current when the header
* template was released.
*/
-#define AO_TEMPLATE_VERSION 147460
+#define AO_TEMPLATE_VERSION 143360
#if (AO_TEMPLATE_VERSION < OPTIONS_MINIMUM_VERSION) \
|| (AO_TEMPLATE_VERSION > OPTIONS_STRUCT_VERSION)
# error option template version mismatches autoopts/options.h header
@@ -67,45 +66,46 @@
* Enumeration of each option:
*/
typedef enum {
- INDEX_OPT_DEBUG = 0,
- INDEX_OPT_NOTICKET = 1,
- INDEX_OPT_GENERATE = 2,
- INDEX_OPT_QUIET = 3,
- INDEX_OPT_NODB = 4,
- INDEX_OPT_HTTP = 5,
- INDEX_OPT_ECHO = 6,
- INDEX_OPT_UDP = 7,
- INDEX_OPT_MTU = 8,
- INDEX_OPT_DISABLE_CLIENT_CERT = 9,
- INDEX_OPT_REQUIRE_CLIENT_CERT = 10,
- INDEX_OPT_HEARTBEAT = 11,
- INDEX_OPT_X509FMTDER = 12,
- INDEX_OPT_PRIORITY = 13,
- INDEX_OPT_DHPARAMS = 14,
- INDEX_OPT_X509CAFILE = 15,
- INDEX_OPT_X509CRLFILE = 16,
- INDEX_OPT_PGPKEYFILE = 17,
- INDEX_OPT_PGPKEYRING = 18,
- INDEX_OPT_PGPCERTFILE = 19,
- INDEX_OPT_X509KEYFILE = 20,
- INDEX_OPT_X509CERTFILE = 21,
- INDEX_OPT_X509DSAKEYFILE = 22,
- INDEX_OPT_X509DSACERTFILE = 23,
- INDEX_OPT_X509ECCKEYFILE = 24,
- INDEX_OPT_X509ECCCERTFILE = 25,
- INDEX_OPT_PGPSUBKEY = 26,
- INDEX_OPT_SRPPASSWD = 27,
- INDEX_OPT_SRPPASSWDCONF = 28,
- INDEX_OPT_PSKPASSWD = 29,
- INDEX_OPT_PSKHINT = 30,
- INDEX_OPT_PORT = 31,
- INDEX_OPT_LIST = 32,
- INDEX_OPT_VERSION = 33,
- INDEX_OPT_HELP = 34,
- INDEX_OPT_MORE_HELP = 35
+ INDEX_OPT_DEBUG = 0,
+ INDEX_OPT_NOTICKET = 1,
+ INDEX_OPT_GENERATE = 2,
+ INDEX_OPT_QUIET = 3,
+ INDEX_OPT_NODB = 4,
+ INDEX_OPT_HTTP = 5,
+ INDEX_OPT_ECHO = 6,
+ INDEX_OPT_UDP = 7,
+ INDEX_OPT_MTU = 8,
+ INDEX_OPT_DISABLE_CLIENT_CERT = 9,
+ INDEX_OPT_REQUIRE_CLIENT_CERT = 10,
+ INDEX_OPT_HEARTBEAT = 11,
+ INDEX_OPT_X509FMTDER = 12,
+ INDEX_OPT_PRIORITY = 13,
+ INDEX_OPT_DHPARAMS = 14,
+ INDEX_OPT_X509CAFILE = 15,
+ INDEX_OPT_X509CRLFILE = 16,
+ INDEX_OPT_PGPKEYFILE = 17,
+ INDEX_OPT_PGPKEYRING = 18,
+ INDEX_OPT_PGPCERTFILE = 19,
+ INDEX_OPT_X509KEYFILE = 20,
+ INDEX_OPT_X509CERTFILE = 21,
+ INDEX_OPT_X509DSAKEYFILE = 22,
+ INDEX_OPT_X509DSACERTFILE = 23,
+ INDEX_OPT_X509ECCKEYFILE = 24,
+ INDEX_OPT_X509ECCCERTFILE = 25,
+ INDEX_OPT_PGPSUBKEY = 26,
+ INDEX_OPT_SRPPASSWD = 27,
+ INDEX_OPT_SRPPASSWDCONF = 28,
+ INDEX_OPT_PSKPASSWD = 29,
+ INDEX_OPT_PSKHINT = 30,
+ INDEX_OPT_STATUS_RESPONSE_OCSP = 31,
+ INDEX_OPT_PORT = 32,
+ INDEX_OPT_LIST = 33,
+ INDEX_OPT_VERSION = 34,
+ INDEX_OPT_HELP = 35,
+ INDEX_OPT_MORE_HELP = 36
} teOptIndex;
-#define OPTION_CT 36
+#define OPTION_CT 37
#define GNUTLS_SERV_VERSION "@VERSION@"
#define GNUTLS_SERV_FULL_VERSION "gnutls-serv @VERSION@"
@@ -136,8 +136,7 @@ typedef enum {
*/
typedef enum {
GNUTLS_SERV_EXIT_SUCCESS = 0,
- GNUTLS_SERV_EXIT_FAILURE = 1,
- GNUTLS_SERV_EXIT_LIBOPTS_FAILURE = 70
+ GNUTLS_SERV_EXIT_FAILURE = 1
} gnutls_serv_exit_code_t;
/* * * * * *
*
@@ -178,6 +177,7 @@ typedef enum {
#define VALUE_OPT_SRPPASSWDCONF 28
#define VALUE_OPT_PSKPASSWD 29
#define VALUE_OPT_PSKHINT 30
+#define VALUE_OPT_STATUS_RESPONSE_OCSP 31
#define VALUE_OPT_PORT 'p'
#define OPT_VALUE_PORT (DESC(PORT).optArg.argInt)
@@ -195,17 +195,18 @@ typedef enum {
gnutls_servOptions.pzCurOpt = NULL)
#define START_OPT RESTART_OPT(1)
#define USAGE(c) (*gnutls_servOptions.pUsageProc)(&gnutls_servOptions,
c)
-/* extracted from opthead.tlib near line 484 */
+/* extracted from opthead.tlib near line 451 */
#ifdef __cplusplus
extern "C" {
#endif
-/*
- * global exported definitions
+
+/* * * * * *
+ *
+ * Globals exported from the GnuTLS server option definitions
*/
#include <gettext.h>
-
/* * * * * *
*
* Declare the gnutls-serv option descriptor.
diff --git a/src/serv.c b/src/serv.c
index d3dc350..26b6699 100644
--- a/src/serv.c
+++ b/src/serv.c
@@ -81,7 +81,8 @@ const char *x509_ecccertfile = NULL;
const char *x509_cafile = NULL;
const char *dh_params_file = NULL;
const char *x509_crlfile = NULL;
-const char *priorities = NULL;
+const char * priorities = NULL;
+const char * status_response_ocsp = NULL;
gnutls_datum_t session_ticket_key;
static void tcp_server (const char *name, int port);
@@ -329,8 +330,7 @@ generate_rsa_params (void)
LIST_DECLARE_INIT (listener_list, listener_item, listener_free);
-gnutls_session_t
-initialize_session (int dtls)
+gnutls_session_t initialize_session (int dtls)
{
gnutls_session_t session;
const char *err;
@@ -359,6 +359,19 @@ initialize_session (int dtls)
gnutls_session_ticket_enable_server (session, &session_ticket_key);
#endif
+ /* OCSP status-request TLS extension */
+ if (status_response_ocsp)
+ {
+ if (gnutls_status_request_ocsp_server_file (session,
status_response_ocsp, 0) < 0)
+ {
+ fprintf (stderr, "Cannot set OCSP status request callback.\n");
+ exit (1);
+ }
+ }
+
+ if (noticket == 0)
+ gnutls_session_ticket_enable_server (session, &session_ticket_key);
+
if (gnutls_priority_set_direct (session, priorities, &err) < 0)
{
fprintf (stderr, "Syntax error at: %s\n", err);
@@ -474,6 +487,7 @@ peer_print_info (gnutls_session_t session, int *ret_length,
strcpy (http_buffer, HTTP_BEGIN);
/* print session_id */
+ sesid_size = sizeof(sesid);
gnutls_session_get_id (session, sesid, &sesid_size);
snprintf (tmp_buffer, tmp_buffer_size, "\n<p>Session ID: <i>");
for (i = 0; i < sesid_size; i++)
@@ -1650,6 +1664,9 @@ cmd_parser (int argc, char **argv)
if (HAVE_OPT (PSKPASSWD))
psk_passwd = OPT_ARG (PSKPASSWD);
+ if (HAVE_OPT(STATUS_RESPONSE_OCSP))
+ status_response_ocsp = OPT_ARG(STATUS_RESPONSE_OCSP);
+
}
/* session resuming support */
hooks/post-receive
--
GNU gnutls
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, master, updated. gnutls_3_1_2-9-g5dca97a,
Nikos Mavrogiannopoulos <=