commands/list_conns.c \
commands/list_certs.c \
commands/list_pools.c \
- commands/load_conns.c \
- commands/load_creds.c \
- commands/load_pools.c \
+ commands/load_all.c \
+ commands/load_conns.c commands/load_conns.h \
+ commands/load_creds.c commands/load_creds.h \
+ commands/load_pools.c commands/load_pools.h \
commands/log.c \
commands/version.c \
commands/stats.c \
/**
* Maximum number of commands (+1).
*/
-#define MAX_COMMANDS 17
+#define MAX_COMMANDS 18
/**
* Maximum number of options in a command (+3)
--- /dev/null
+/*
+ * Copyright (C) 2014 Martin Willi
+ * Copyright (C) 2014 revosec AG
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#define _GNU_SOURCE
+#include <stdio.h>
+#include <errno.h>
+#include <unistd.h>
+#include <sys/stat.h>
+
+#include "command.h"
+#include "swanctl.h"
+#include "load_creds.h"
+#include "load_pools.h"
+#include "load_conns.h"
+
+static int load_all(vici_conn_t *conn)
+{
+ bool clear = FALSE, noprompt = FALSE;
+ command_format_options_t format = COMMAND_FORMAT_NONE;
+ settings_t *cfg;
+ int ret = 0;
+ char *arg;
+
+ while (TRUE)
+ {
+ switch (command_getopt(&arg))
+ {
+ case 'h':
+ return command_usage(NULL);
+ case 'c':
+ clear = TRUE;
+ continue;
+ case 'n':
+ noprompt = TRUE;
+ continue;
+ case 'P':
+ format |= COMMAND_FORMAT_PRETTY;
+ /* fall through to raw */
+ case 'r':
+ format |= COMMAND_FORMAT_RAW;
+ continue;
+ case EOF:
+ break;
+ default:
+ return command_usage("invalid --load-all option");
+ }
+ break;
+ }
+
+ cfg = settings_create(SWANCTL_CONF);
+ if (!cfg)
+ {
+ fprintf(stderr, "parsing '%s' failed\n", SWANCTL_CONF);
+ return EINVAL;
+ }
+
+ if (ret == 0)
+ {
+ ret = load_creds_cfg(conn, format, cfg, clear, noprompt);
+ }
+ if (ret == 0)
+ {
+ ret = load_pools_cfg(conn, format, cfg);
+ }
+ if (ret == 0)
+ {
+ ret = load_conns_cfg(conn, format, cfg);
+ }
+
+ cfg->destroy(cfg);
+
+ return ret;
+}
+
+/**
+ * Register the command.
+ */
+static void __attribute__ ((constructor))reg()
+{
+ command_register((command_t) {
+ load_all, 'q', "load-all", "load credentials, pools and connections",
+ {"[--raw|--pretty] [--clear] [--noprompt]"},
+ {
+ {"help", 'h', 0, "show usage information"},
+ {"clear", 'c', 0, "clear previously loaded credentials"},
+ {"noprompt", 'n', 0, "do not prompt for passwords"},
+ {"raw", 'r', 0, "dump raw response message"},
+ {"pretty", 'P', 0, "dump raw response message in pretty print"},
+ }
+ });
+}
#include "command.h"
#include "swanctl.h"
+#include "load_conns.h"
/**
* Check if we should handle a key as a list of comma separated values
return ret;
}
-static int load_conns(vici_conn_t *conn)
+/**
+ * See header.
+ */
+int load_conns_cfg(vici_conn_t *conn, command_format_options_t format,
+ settings_t *cfg)
{
u_int found = 0, loaded = 0, unloaded = 0;
- command_format_options_t format = COMMAND_FORMAT_NONE;
- char *arg, *section;
+ char *section;
enumerator_t *enumerator;
linked_list_t *conns;
- settings_t *cfg;
-
- while (TRUE)
- {
- switch (command_getopt(&arg))
- {
- case 'h':
- return command_usage(NULL);
- case 'P':
- format |= COMMAND_FORMAT_PRETTY;
- /* fall through to raw */
- case 'r':
- format |= COMMAND_FORMAT_RAW;
- continue;
- case EOF:
- break;
- default:
- return command_usage("invalid --load-conns option");
- }
- break;
- }
-
- cfg = settings_create(SWANCTL_CONF);
- if (!cfg)
- {
- fprintf(stderr, "parsing '%s' failed\n", SWANCTL_CONF);
- return EINVAL;
- }
conns = list_conns(conn, format);
}
enumerator->destroy(enumerator);
- cfg->destroy(cfg);
-
/* unload all connection in daemon, but not in file */
while (conns->remove_first(conns, (void**)§ion) == SUCCESS)
{
return EINVAL;
}
+static int load_conns(vici_conn_t *conn)
+{
+ command_format_options_t format = COMMAND_FORMAT_NONE;
+ settings_t *cfg;
+ char *arg;
+ int ret;
+
+ while (TRUE)
+ {
+ switch (command_getopt(&arg))
+ {
+ case 'h':
+ return command_usage(NULL);
+ case 'P':
+ format |= COMMAND_FORMAT_PRETTY;
+ /* fall through to raw */
+ case 'r':
+ format |= COMMAND_FORMAT_RAW;
+ continue;
+ case EOF:
+ break;
+ default:
+ return command_usage("invalid --load-conns option");
+ }
+ break;
+ }
+
+ cfg = settings_create(SWANCTL_CONF);
+ if (!cfg)
+ {
+ fprintf(stderr, "parsing '%s' failed\n", SWANCTL_CONF);
+ return EINVAL;
+ }
+
+ ret = load_conns_cfg(conn, format, cfg);
+
+ cfg->destroy(cfg);
+
+ return ret;
+}
+
/**
* Register the command.
*/
--- /dev/null
+/*
+ * Copyright (C) 2014 Martin Willi
+ * Copyright (C) 2014 revosec AG
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "command.h"
+
+/**
+ * Load all connections from configuration file
+ *
+ * @param conn vici connection to load to
+ * @param format output format
+ * @param cfg configuration to load from
+ */
+int load_conns_cfg(vici_conn_t *conn, command_format_options_t format,
+ settings_t *cfg);
#include "command.h"
#include "swanctl.h"
+#include "load_creds.h"
#include <credentials/sets/mem_cred.h>
#include <credentials/sets/callback_cred.h>
return TRUE;
}
+/**
+ * See header.
+ */
+int load_creds_cfg(vici_conn_t *conn, command_format_options_t format,
+ settings_t *cfg, bool clear, bool noprompt)
+{
+ enumerator_t *enumerator;
+ char *section;
+
+ if (clear)
+ {
+ if (!clear_creds(conn, format))
+ {
+ return ECONNREFUSED;
+ }
+ }
+
+ load_certs(conn, format, "x509", SWANCTL_X509DIR);
+ load_certs(conn, format, "x509ca", SWANCTL_X509CADIR);
+ load_certs(conn, format, "x509aa", SWANCTL_X509AADIR);
+ load_certs(conn, format, "x509crl", SWANCTL_X509CRLDIR);
+ load_certs(conn, format, "x509ac", SWANCTL_X509ACDIR);
+
+ load_keys(conn, format, noprompt, cfg, "rsa", SWANCTL_RSADIR);
+ load_keys(conn, format, noprompt, cfg, "ecdsa", SWANCTL_ECDSADIR);
+ load_keys(conn, format, noprompt, cfg, "any", SWANCTL_PKCS8DIR);
+
+ enumerator = cfg->create_section_enumerator(cfg, "secrets");
+ while (enumerator->enumerate(enumerator, §ion))
+ {
+ load_secret(conn, cfg, section, format);
+ }
+ enumerator->destroy(enumerator);
+
+ return 0;
+}
+
static int load_creds(vici_conn_t *conn)
{
bool clear = FALSE, noprompt = FALSE;
command_format_options_t format = COMMAND_FORMAT_NONE;
- enumerator_t *enumerator;
settings_t *cfg;
- char *arg, *section;
+ char *arg;
+ int ret;
while (TRUE)
{
break;
}
- if (clear)
- {
- if (!clear_creds(conn, format))
- {
- return ECONNREFUSED;
- }
- }
-
cfg = settings_create(SWANCTL_CONF);
if (!cfg)
{
return EINVAL;
}
- load_certs(conn, format, "x509", SWANCTL_X509DIR);
- load_certs(conn, format, "x509ca", SWANCTL_X509CADIR);
- load_certs(conn, format, "x509aa", SWANCTL_X509AADIR);
- load_certs(conn, format, "x509crl", SWANCTL_X509CRLDIR);
- load_certs(conn, format, "x509ac", SWANCTL_X509ACDIR);
-
- load_keys(conn, format, noprompt, cfg, "rsa", SWANCTL_RSADIR);
- load_keys(conn, format, noprompt, cfg, "ecdsa", SWANCTL_ECDSADIR);
- load_keys(conn, format, noprompt, cfg, "any", SWANCTL_PKCS8DIR);
-
- enumerator = cfg->create_section_enumerator(cfg, "secrets");
- while (enumerator->enumerate(enumerator, §ion))
- {
- load_secret(conn, cfg, section, format);
- }
- enumerator->destroy(enumerator);
+ ret = load_creds_cfg(conn, format, cfg, clear, noprompt);
cfg->destroy(cfg);
- return 0;
+ return ret;
}
/**
--- /dev/null
+/*
+ * Copyright (C) 2014 Martin Willi
+ * Copyright (C) 2014 revosec AG
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "command.h"
+
+/**
+ * Load all credentials from configuration file
+ *
+ * @param conn vici connection to load to
+ * @param format output format
+ * @param cfg configuration to load from
+ * @param clear TRUE to clear existing credentials
+ * @param noprompt TRUE to skip any password prompt
+ */
+int load_creds_cfg(vici_conn_t *conn, command_format_options_t format,
+ settings_t *cfg, bool clear, bool noprompt);
#include "command.h"
#include "swanctl.h"
+#include "load_pools.h"
/**
* Add a vici list from a comma separated string value
return ret;
}
-static int load_pools(vici_conn_t *conn)
+/**
+ * See header.
+ */
+int load_pools_cfg(vici_conn_t *conn, command_format_options_t format,
+ settings_t *cfg)
{
- command_format_options_t format = COMMAND_FORMAT_NONE;
u_int found = 0, loaded = 0, unloaded = 0;
- char *arg, *section;
+ char *section;
enumerator_t *enumerator;
linked_list_t *pools;
- settings_t *cfg;
-
- while (TRUE)
- {
- switch (command_getopt(&arg))
- {
- case 'h':
- return command_usage(NULL);
- case 'P':
- format |= COMMAND_FORMAT_PRETTY;
- /* fall through to raw */
- case 'r':
- format |= COMMAND_FORMAT_RAW;
- continue;
- case EOF:
- break;
- default:
- return command_usage("invalid --load-pools option");
- }
- break;
- }
-
- cfg = settings_create(SWANCTL_CONF);
- if (!cfg)
- {
- fprintf(stderr, "parsing '%s' failed\n", SWANCTL_CONF);
- return EINVAL;
- }
pools = list_pools(conn, format);
}
enumerator->destroy(enumerator);
- cfg->destroy(cfg);
-
/* unload all pools in daemon, but not in file */
while (pools->remove_first(pools, (void**)§ion) == SUCCESS)
{
return EINVAL;
}
+static int load_pools(vici_conn_t *conn)
+{
+ command_format_options_t format = COMMAND_FORMAT_NONE;
+ settings_t *cfg;
+ char *arg;
+ int ret;
+
+ while (TRUE)
+ {
+ switch (command_getopt(&arg))
+ {
+ case 'h':
+ return command_usage(NULL);
+ case 'P':
+ format |= COMMAND_FORMAT_PRETTY;
+ /* fall through to raw */
+ case 'r':
+ format |= COMMAND_FORMAT_RAW;
+ continue;
+ case EOF:
+ break;
+ default:
+ return command_usage("invalid --load-pools option");
+ }
+ break;
+ }
+
+ cfg = settings_create(SWANCTL_CONF);
+ if (!cfg)
+ {
+ fprintf(stderr, "parsing '%s' failed\n", SWANCTL_CONF);
+ return EINVAL;
+ }
+
+ ret = load_pools_cfg(conn, format, cfg);
+
+ cfg->destroy(cfg);
+
+ return ret;
+}
+
/**
* Register the command.
*/
--- /dev/null
+/*
+ * Copyright (C) 2014 Martin Willi
+ * Copyright (C) 2014 revosec AG
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "command.h"
+
+/**
+ * Load all pool definitions from configuration file
+ *
+ * @param conn vici connection to load to
+ * @param format output format
+ * @param cfg configuration to load from
+ */
+int load_pools_cfg(vici_conn_t *conn, command_format_options_t format,
+ settings_t *cfg);
.B "\-A, \-\-list\-pools"
list loaded pool configurations
.TP
+.B "\-q, \-\-load\-all"
+(re\-)load credentials, pools and connections
+.TP
.B "\-c, \-\-load\-conns"
(re\-)load connection configuration
.TP