vici: Match identity with wildcards against remote ID in redirect command
[strongswan.git] / src / swanctl / commands / list_authorities.c
1 /*
2 * Copyright (C) 2015 Andreas Steffen
3 * HSR Hochschule fuer Technik Rapperswil
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 */
15
16 #define _GNU_SOURCE
17 #include <stdio.h>
18 #include <errno.h>
19
20 #include "command.h"
21
22 #define LABELED_CRL_URI (1 << 0)
23 #define LABELED_OCSP_URI (1 << 1)
24
25 CALLBACK(authority_kv, int,
26 void *null, vici_res_t *res, char *name, void *value, int len)
27 {
28 chunk_t chunk;
29
30 chunk = chunk_create(value, len);
31 if (chunk_printable(chunk, NULL, ' '))
32 {
33 printf(" %s: %.*s\n", name, len, value);
34 }
35
36 return 0;
37 }
38
39
40 CALLBACK(authority_list, int,
41 int *labeled, vici_res_t *res, char *name, void *value, int len)
42 {
43 chunk_t chunk;
44
45 chunk = chunk_create(value, len);
46 if (chunk_printable(chunk, NULL, ' '))
47 {
48 if (streq(name, "crl_uris"))
49 {
50 printf(" %s %.*s\n",
51 (*labeled & LABELED_CRL_URI) ? " " : "crl_uris: ",
52 len, value);
53 *labeled |= LABELED_CRL_URI;
54 }
55 if (streq(name, "ocsp_uris"))
56 {
57 printf(" %s %.*s\n",
58 (*labeled & LABELED_OCSP_URI) ? " " : "ocsp_uris:",
59 len, value);
60 *labeled %= LABELED_OCSP_URI;
61 }
62 }
63 return 0;
64 }
65
66 CALLBACK(authorities, int,
67 void *null, vici_res_t *res, char *name)
68 {
69 int labeled = 0;
70
71 printf("%s:\n", name);
72
73 return vici_parse_cb(res, NULL, authority_kv, authority_list, &labeled);
74 }
75
76 CALLBACK(list_cb, void,
77 command_format_options_t *format, char *name, vici_res_t *res)
78 {
79 if (*format & COMMAND_FORMAT_RAW)
80 {
81 vici_dump(res, "list-authorities event", *format & COMMAND_FORMAT_PRETTY,
82 stdout);
83 }
84 else
85 {
86 if (vici_parse_cb(res, authorities, NULL, NULL, NULL) != 0)
87 {
88 fprintf(stderr, "parsing authority event failed: %s\n",
89 strerror(errno));
90 }
91 }
92 }
93
94 static int list_authorities(vici_conn_t *conn)
95 {
96 vici_req_t *req;
97 vici_res_t *res;
98 command_format_options_t format = COMMAND_FORMAT_NONE;
99 char *arg, *ca_name = NULL;;
100 int ret = 0;
101
102 while (TRUE)
103 {
104 switch (command_getopt(&arg))
105 {
106 case 'h':
107 return command_usage(NULL);
108 case 'n':
109 ca_name = arg;
110 continue;
111 case 'P':
112 format |= COMMAND_FORMAT_PRETTY;
113 /* fall through to raw */
114 case 'r':
115 format |= COMMAND_FORMAT_RAW;
116 continue;
117 case EOF:
118 break;
119 default:
120 return command_usage("invalid --list-authorities option");
121 }
122 break;
123 }
124 if (vici_register(conn, "list-authority", list_cb, &format) != 0)
125 {
126 ret = errno;
127 fprintf(stderr, "registering for authorities failed: %s\n",
128 strerror(errno));
129 return ret;
130 }
131
132 req = vici_begin("list-authorities");
133 if (ca_name)
134 {
135 vici_add_key_valuef(req, "name", "%s", ca_name);
136 }
137 res = vici_submit(req, conn);
138 if (!res)
139 {
140 ret = errno;
141 fprintf(stderr, "list-authorities request failed: %s\n", strerror(errno));
142 return ret;
143 }
144 if (format & COMMAND_FORMAT_RAW)
145 {
146 vici_dump(res, "list-authorities reply", format & COMMAND_FORMAT_PRETTY,
147 stdout);
148 }
149 vici_free_res(res);
150 return 0;
151 }
152
153 /**
154 * Register the command.
155 */
156 static void __attribute__ ((constructor))reg()
157 {
158 command_register((command_t) {
159 list_authorities, 'B', "list-authorities",
160 "list loaded authority configurations",
161 {"[--raw|--pretty]"},
162 {
163 {"help", 'h', 0, "show usage information"},
164 {"name", 'n', 1, "filter by authority name"},
165 {"raw", 'r', 0, "dump raw response message"},
166 {"pretty", 'P', 0, "dump raw response message in pretty print"},
167 }
168 });
169 }