diff options
| author | David Woodhouse <dwmw2@infradead.org> | 2014-12-18 12:25:06 +0000 |
|---|---|---|
| committer | Gert Doering <gert@greenie.muc.de> | 2014-12-27 15:16:48 +0100 |
| commit | a91a06cb291414c9e657377e44f7a57343ae7f5a (patch) | |
| tree | d23cc2ef4e1f978bca88934c16e58a8beec7e5ed /src/openvpn/options.c | |
| parent | 6f1d3cf062d5c33cbad4d521d157d43d53ffc7d1 (diff) | |
| download | openvpn-a91a06cb291414c9e657377e44f7a57343ae7f5a.tar.gz openvpn-a91a06cb291414c9e657377e44f7a57343ae7f5a.tar.xz openvpn-a91a06cb291414c9e657377e44f7a57343ae7f5a.zip | |
Make 'provider' option to --show-pkcs11-ids optional where p11-kit is present
Trac: 490
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Acked-by: Steffan Karger <steffan.karger@fox-it.com>
Message-Id: <1418905506.21260.6.camel@infradead.org>
URL: http://article.gmane.org/gmane.network.openvpn.devel/9355
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Diffstat (limited to 'src/openvpn/options.c')
| -rw-r--r-- | src/openvpn/options.c | 31 |
1 files changed, 29 insertions, 2 deletions
diff --git a/src/openvpn/options.c b/src/openvpn/options.c index 9bcad64..f6e41a9 100644 --- a/src/openvpn/options.c +++ b/src/openvpn/options.c @@ -740,7 +740,11 @@ static const char usage_message[] = #ifdef ENABLE_PKCS11 "\n" "PKCS#11 standalone options:\n" - "--show-pkcs11-ids provider [cert_private] : Show PKCS#11 available ids.\n" +#ifdef DEFAULT_PKCS11_MODULE + "--show-pkcs11-ids [provider] [cert_private] : Show PKCS#11 available ids.\n" +#else + "--show-pkcs11-ids provider [cert_private] : Show PKCS#11 available ids.\n" +#endif " --verb option can be added *BEFORE* this.\n" #endif /* ENABLE_PKCS11 */ "\n" @@ -6930,11 +6934,34 @@ add_option (struct options *options, #endif /* ENABLE_SSL */ #endif /* ENABLE_CRYPTO */ #ifdef ENABLE_PKCS11 - else if (streq (p[0], "show-pkcs11-ids") && p[1]) + else if (streq (p[0], "show-pkcs11-ids")) { char *provider = p[1]; bool cert_private = (p[2] == NULL ? false : ( atoi (p[2]) != 0 )); +#ifdef DEFAULT_PKCS11_MODULE + if (!provider) + provider = DEFAULT_PKCS11_MODULE; + else if (!p[2]) + { + char *endp = NULL; + int i = strtol(provider, &endp, 10); + + if (*endp == 0) + { + /* There was one argument, and it was purely numeric. + Interpret it as the cert_private argument */ + provider = DEFAULT_PKCS11_MODULE; + cert_private = i; + } + } +#else + if (!provider) + { + msg (msglevel, "--show-pkcs11-ids requires a provider parameter"); + goto err; + } +#endif VERIFY_PERMISSION (OPT_P_GENERAL); set_debug_level (options->verbosity, SDL_CONSTRAIN); |