search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fix dangling/unused bindings in `(gnutls)'.
[gnutls.git] / src / certtool-cfg.c
blobbdb61b9a83247ea953bf7fed9429410675321e5b
1 /*
2 * Copyright (C) 2004, 2005, 2006, 2007 Free Software Foundation
3 *
4 * This file is part of GNUTLS.
5 *
6 * GNUTLS is free software: you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation, either version 3 of the License, or
9 * (at your option) any later version.
10 *
11 * GNUTLS is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with this program. If not, see <http://www.gnu.org/licenses/>.
18 */
19
20 #include <config.h>
21
22 #include <stdio.h>
23 #include <stdlib.h>
24 #include <certtool-cfg.h>
25 #include <cfg+.h>
26 #include <gnutls/x509.h>
27 #include <string.h>
28 #include <limits.h>
29 #include <inttypes.h>
30 #include <time.h>
31
32 /* Gnulib portability files. */
33 #include <getpass.h>
34 #include "readline.h"
35
36 extern int batch;
37
38 typedef struct _cfg_ctx
39 {
40 char *organization;
41 char *unit;
42 char *locality;
43 char *state;
44 char *cn;
45 char *uid;
46 char *challenge_password;
47 char *pkcs9_email;
48 char *country;
49 char *dns_name;
50 char *ip_addr;
51 char *email;
52 char **dn_oid;
53 char *crl_dist_points;
54 char *password;
55 char *pkcs12_key_name;
56 int serial;
57 int expiration_days;
58 int ca;
59 int path_len;
60 int tls_www_client;
61 int tls_www_server;
62 int signing_key;
63 int encryption_key;
64 int cert_sign_key;
65 int crl_sign_key;
66 int code_sign_key;
67 int ocsp_sign_key;
68 int time_stamping_key;
69 int crl_next_update;
70 char *proxy_policy_language;
71 } cfg_ctx;
72
73 cfg_ctx cfg;
74
75 void
76 cfg_init (void)
77 {
78 memset (&cfg, 0, sizeof (cfg));
79 cfg.path_len = -1;
80 cfg.serial = -1;
81 }
82
83 int
84 template_parse (const char *template)
85 {
86 /* libcfg+ parsing context */
87 CFG_CONTEXT con;
88
89 /* Parsing return code */
90 register int ret;
91
92 /* Option variables */
93
94 /* Option set */
95 struct cfg_option options[] = {
96 {NULL, '\0', "organization", CFG_STR, (void *) &cfg.organization,
97 0},
98 {NULL, '\0', "unit", CFG_STR, (void *) &cfg.unit, 0},
99 {NULL, '\0', "locality", CFG_STR, (void *) &cfg.locality, 0},
100 {NULL, '\0', "state", CFG_STR, (void *) &cfg.state, 0},
101 {NULL, '\0', "cn", CFG_STR, (void *) &cfg.cn, 0},
102 {NULL, '\0', "uid", CFG_STR, (void *) &cfg.uid, 0},
103 {NULL, '\0', "challenge_password", CFG_STR,
104 (void *) &cfg.challenge_password, 0},
105 {NULL, '\0', "password", CFG_STR, (void *) &cfg.password, 0},
106 {NULL, '\0', "pkcs9_email", CFG_STR, (void *) &cfg.pkcs9_email, 0},
107 {NULL, '\0', "country", CFG_STR, (void *) &cfg.country, 0},
108 {NULL, '\0', "dns_name", CFG_STR, (void *) &cfg.dns_name, 0},
109 {NULL, '\0', "ip_address", CFG_STR, (void *) &cfg.ip_addr, 0},
110 {NULL, '\0', "email", CFG_STR, (void *) &cfg.email, 0},
111
112 {NULL, '\0', "dn_oid", CFG_STR + CFG_MULTI_SEPARATED,
113 (void *) &cfg.dn_oid, 0},
114
115 {NULL, '\0', "crl_dist_points", CFG_STR,
116 (void *) &cfg.crl_dist_points, 0},
117 {NULL, '\0', "pkcs12_key_name", CFG_STR,
118 (void *) &cfg.pkcs12_key_name, 0},
119
120 {NULL, '\0', "serial", CFG_INT, (void *) &cfg.serial, 0},
121 {NULL, '\0', "expiration_days", CFG_INT,
122 (void *) &cfg.expiration_days, 0},
123
124 {NULL, '\0', "crl_next_update", CFG_INT,
125 (void *) &cfg.crl_next_update, 0},
126
127 {NULL, '\0', "ca", CFG_BOOL, (void *) &cfg.ca, 0},
128 {NULL, '\0', "path_len", CFG_INT, (void *) &cfg.path_len, 0},
129 {NULL, '\0', "tls_www_client", CFG_BOOL,
130 (void *) &cfg.tls_www_client, 0},
131 {NULL, '\0', "tls_www_server", CFG_BOOL,
132 (void *) &cfg.tls_www_server, 0},
133 {NULL, '\0', "signing_key", CFG_BOOL, (void *) &cfg.signing_key,
134 0},
135 {NULL, '\0', "encryption_key", CFG_BOOL,
136 (void *) &cfg.encryption_key, 0},
137 {NULL, '\0', "cert_signing_key", CFG_BOOL,
138 (void *) &cfg.cert_sign_key, 0},
139 {NULL, '\0', "crl_signing_key", CFG_BOOL,
140 (void *) &cfg.crl_sign_key, 0},
141 {NULL, '\0', "code_signing_key", CFG_BOOL,
142 (void *) &cfg.code_sign_key, 0},
143 {NULL, '\0', "ocsp_signing_key", CFG_BOOL,
144 (void *) &cfg.ocsp_sign_key, 0},
145 {NULL, '\0', "time_stamping_key", CFG_BOOL,
146 (void *) &cfg.time_stamping_key, 0},
147 {NULL, '\0', "proxy_policy_language", CFG_STR,
148 (void *) &cfg.proxy_policy_language, 0},
149 CFG_END_OF_LIST
150 };
151
152 /* Creating context */
153 con = cfg_get_context (options);
154 if (con == NULL)
155 {
156 puts ("Not enough memory");
157 exit (1);
158 }
159
160 cfg_set_cfgfile_context (con, 0, -1, (char *) template);
161
162 /* Parsing command line */
163 ret = cfg_parse (con);
164
165 if (ret != CFG_OK)
166 {
167 printf ("error parsing command line: %s: ", template);
168 cfg_fprint_error (con, stdout);
169 putchar ('\n');
170 exit (ret < 0 ? -ret : ret);
171 }
172
173 return 0;
174 }
175
176 void
177 read_crt_set (gnutls_x509_crt_t crt, const char *input_str, const char *oid)
178 {
179 char input[128];
180 int ret;
181
182 fputs (input_str, stderr);
183 fgets (input, sizeof (input), stdin);
184
185 if (strlen (input) == 1) /* only newline */
186 return;
187
188 ret =
189 gnutls_x509_crt_set_dn_by_oid (crt, oid, 0, input, strlen (input) - 1);
190 if (ret < 0)
191 {
192 fprintf (stderr, "set_dn: %s\n", gnutls_strerror (ret));
193 exit (1);
194 }
195 }
196
197 void
198 read_crq_set (gnutls_x509_crq_t crq, const char *input_str, const char *oid)
199 {
200 char input[128];
201 int ret;
202
203 fputs (input_str, stderr);
204 fgets (input, sizeof (input), stdin);
205
206 if (strlen (input) == 1) /* only newline */
207 return;
208
209 ret =
210 gnutls_x509_crq_set_dn_by_oid (crq, oid, 0, input, strlen (input) - 1);
211 if (ret < 0)
212 {
213 fprintf (stderr, "set_dn: %s\n", gnutls_strerror (ret));
214 exit (1);
215 }
216 }
217
218 /* The input_str should contain %d or %u to print the default.
219 */
220 int
221 read_int_with_default (const char *input_str, int def)
222 {
223 char *in;
224 char *endptr;
225 long l;
226
227 printf(input_str, def);
228 in = readline ("");
229
230 l = strtol (in, &endptr, 0);
231
232 if (*endptr != '\0')
233 {
234 fprintf (stderr, "Trailing garbage ignored: `%s'\n", endptr);
235 free (in);
236 return 0;
237 }
238
239 if (l <= INT_MIN || l >= INT_MAX)
240 {
241 fprintf (stderr, "Integer out of range: `%s'\n", in);
242 free (in);
243 return 0;
244 }
245
246 if (in == endptr)
247 l = def;
248
249 free (in);
250
251 return (int) l;
252 }
253
254 int
255 read_int (const char *input_str)
256 {
257 return read_int_with_default (input_str, 0);
258 }
259
260 const char *
261 read_str (const char *input_str)
262 {
263 static char input[128];
264 int len;
265
266 fputs (input_str, stderr);
267 if (fgets (input, sizeof (input), stdin) == NULL)
268 return NULL;
269
270 len = strlen (input);
271 if ((len > 0) && (input[len - 1] == '\n'))
272 input[len - 1] = 0;
273 if (input[0] == 0)
274 return NULL;
275
276 return input;
277 }
278
279 /* Default is no
280 */
281 int
282 read_yesno (const char *input_str)
283 {
284 char input[128];
285
286 fputs (input_str, stderr);
287 fgets (input, sizeof (input), stdin);
288
289 if (strlen (input) == 1) /* only newline */
290 return 0;
291
292 if (input[0] == 'y' || input[0] == 'Y')
293 return 1;
294
295 return 0;
296 }
297
298
299 /* Wrapper functions for non-interactive mode.
300 */
301 const char *
302 get_pass (void)
303 {
304 if (batch)
305 return cfg.password;
306 else
307 return getpass ("Enter password: ");
308 }
309
310 const char *
311 get_challenge_pass (void)
312 {
313 if (batch)
314 return cfg.challenge_password;
315 else
316 return getpass ("Enter a challenge password: ");
317 }
318
319 const char *
320 get_crl_dist_point_url (void)
321 {
322 if (batch)
323 return cfg.crl_dist_points;
324 else
325 return read_str ("Enter the URI of the CRL distribution point: ");
326 }
327
328 void
329 get_country_crt_set (gnutls_x509_crt_t crt)
330 {
331 int ret;
332
333 if (batch)
334 {
335 if (!cfg.country)
336 return;
337 ret =
338 gnutls_x509_crt_set_dn_by_oid (crt,
339 GNUTLS_OID_X520_COUNTRY_NAME, 0,
340 cfg.country, strlen (cfg.country));
341 if (ret < 0)
342 {
343 fprintf (stderr, "set_dn: %s\n", gnutls_strerror (ret));
344 exit (1);
345 }
346 }
347 else
348 {
349 read_crt_set (crt, "Country name (2 chars): ",
350 GNUTLS_OID_X520_COUNTRY_NAME);
351 }
352
353 }
354
355 void
356 get_organization_crt_set (gnutls_x509_crt_t crt)
357 {
358 int ret;
359
360 if (batch)
361 {
362 if (!cfg.organization)
363 return;
364
365 ret =
366 gnutls_x509_crt_set_dn_by_oid (crt,
367 GNUTLS_OID_X520_ORGANIZATION_NAME,
368 0, cfg.organization,
369 strlen (cfg.organization));
370 if (ret < 0)
371 {
372 fprintf (stderr, "set_dn: %s\n", gnutls_strerror (ret));
373 exit (1);
374 }
375 }
376 else
377 {
378 read_crt_set (crt, "Organization name: ",
379 GNUTLS_OID_X520_ORGANIZATION_NAME);
380 }
381
382 }
383
384 void
385 get_unit_crt_set (gnutls_x509_crt_t crt)
386 {
387 int ret;
388
389 if (batch)
390 {
391 if (!cfg.unit)
392 return;
393
394 ret =
395 gnutls_x509_crt_set_dn_by_oid (crt,
396 GNUTLS_OID_X520_ORGANIZATIONAL_UNIT_NAME,
397 0, cfg.unit, strlen (cfg.unit));
398 if (ret < 0)
399 {
400 fprintf (stderr, "set_dn: %s\n", gnutls_strerror (ret));
401 exit (1);
402 }
403 }
404 else
405 {
406 read_crt_set (crt, "Organizational unit name: ",
407 GNUTLS_OID_X520_ORGANIZATIONAL_UNIT_NAME);
408 }
409
410 }
411
412 void
413 get_state_crt_set (gnutls_x509_crt_t crt)
414 {
415 int ret;
416
417 if (batch)
418 {
419 if (!cfg.state)
420 return;
421 ret =
422 gnutls_x509_crt_set_dn_by_oid (crt,
423 GNUTLS_OID_X520_STATE_OR_PROVINCE_NAME,
424 0, cfg.state, strlen (cfg.state));
425 if (ret < 0)
426 {
427 fprintf (stderr, "set_dn: %s\n", gnutls_strerror (ret));
428 exit (1);
429 }
430 }
431 else
432 {
433 read_crt_set (crt, "State or province name: ",
434 GNUTLS_OID_X520_STATE_OR_PROVINCE_NAME);
435 }
436
437 }
438
439 void
440 get_locality_crt_set (gnutls_x509_crt_t crt)
441 {
442 int ret;
443
444 if (batch)
445 {
446 if (!cfg.locality)
447 return;
448 ret =
449 gnutls_x509_crt_set_dn_by_oid (crt,
450 GNUTLS_OID_X520_LOCALITY_NAME, 0,
451 cfg.locality, strlen (cfg.locality));
452 if (ret < 0)
453 {
454 fprintf (stderr, "set_dn: %s\n", gnutls_strerror (ret));
455 exit (1);
456 }
457 }
458 else
459 {
460 read_crt_set (crt, "Locality name: ", GNUTLS_OID_X520_LOCALITY_NAME);
461 }
462
463 }
464
465 void
466 get_cn_crt_set (gnutls_x509_crt_t crt)
467 {
468 int ret;
469
470 if (batch)
471 {
472 if (!cfg.cn)
473 return;
474 ret =
475 gnutls_x509_crt_set_dn_by_oid (crt, GNUTLS_OID_X520_COMMON_NAME,
476 0, cfg.cn, strlen (cfg.cn));
477 if (ret < 0)
478 {
479 fprintf (stderr, "set_dn: %s\n", gnutls_strerror (ret));
480 exit (1);
481 }
482 }
483 else
484 {
485 read_crt_set (crt, "Common name: ", GNUTLS_OID_X520_COMMON_NAME);
486 }
487
488 }
489
490 void
491 get_uid_crt_set (gnutls_x509_crt_t crt)
492 {
493 int ret;
494
495 if (batch)
496 {
497 if (!cfg.uid)
498 return;
499 ret = gnutls_x509_crt_set_dn_by_oid (crt, GNUTLS_OID_LDAP_UID, 0,
500 cfg.uid, strlen (cfg.uid));
501 if (ret < 0)
502 {
503 fprintf (stderr, "set_dn: %s\n", gnutls_strerror (ret));
504 exit (1);
505 }
506 }
507 else
508 {
509 read_crt_set (crt, "UID: ", GNUTLS_OID_LDAP_UID);
510 }
511
512 }
513
514 void
515 get_oid_crt_set (gnutls_x509_crt_t crt)
516 {
517 int ret, i;
518
519 if (batch)
520 {
521 if (!cfg.dn_oid)
522 return;
523 for (i = 0; cfg.dn_oid[i] != NULL; i += 2)
524 {
525 if (cfg.dn_oid[i + 1] == NULL)
526 {
527 fprintf (stderr, "dn_oid: %s does not have an argument.\n",
528 cfg.dn_oid[i]);
529 exit (1);
530 }
531 ret = gnutls_x509_crt_set_dn_by_oid (crt, cfg.dn_oid[i], 0,
532 cfg.dn_oid[i + 1],
533 strlen (cfg.dn_oid[i + 1]));
534
535 if (ret < 0)
536 {
537 fprintf (stderr, "set_dn_oid: %s\n", gnutls_strerror (ret));
538 exit (1);
539 }
540 }
541 }
542
543 }
544
545
546 void
547 get_pkcs9_email_crt_set (gnutls_x509_crt_t crt)
548 {
549 int ret;
550
551 if (batch)
552 {
553 if (!cfg.pkcs9_email)
554 return;
555 ret = gnutls_x509_crt_set_dn_by_oid (crt, GNUTLS_OID_PKCS9_EMAIL, 0,
556 cfg.pkcs9_email,
557 strlen (cfg.pkcs9_email));
558 if (ret < 0)
559 {
560 fprintf (stderr, "set_dn: %s\n", gnutls_strerror (ret));
561 exit (1);
562 }
563 }
564 else
565 {
566 read_crt_set (crt, "E-mail: ", GNUTLS_OID_PKCS9_EMAIL);
567 }
568
569 }
570
571 int
572 get_serial (void)
573 {
574 int default_serial = time (NULL);
575
576 if (batch)
577 {
578 if (cfg.serial < 0)
579 return default_serial;
580 return cfg.serial;
581 }
582 else
583 {
584 return read_int_with_default
585 ("Enter the certificate's serial number in decimal (default: %u): ", default_serial);
586 }
587 }
588
589 int
590 get_days (void)
591 {
592 int days;
593
594 if (batch)
595 {
596 if (cfg.expiration_days <= 0)
597 return 365;
598 else
599 return cfg.expiration_days;
600 }
601 else
602 {
603 do
604 {
605 days = read_int ("The certificate will expire in (days): ");
606 }
607 while (days == 0);
608 return days;
609 }
610 }
611
612 int
613 get_ca_status (void)
614 {
615 if (batch)
616 {
617 return cfg.ca;
618 }
619 else
620 {
621 return
622 read_yesno ("Does the certificate belong to an authority? (y/N): ");
623 }
624 }
625
626 int
627 get_path_len (void)
628 {
629 if (batch)
630 {
631 return cfg.path_len;
632 }
633 else
634 {
635 return read_int_with_default
636 ("Path length constraint (decimal, %d for no constraint): ", -1);
637 }
638 }
639
640 const char *
641 get_pkcs12_key_name (void)
642 {
643 const char *name;
644
645 if (batch)
646 {
647 if (!cfg.pkcs12_key_name)
648 return "Anonymous";
649 return cfg.pkcs12_key_name;
650 }
651 else
652 {
653 do
654 {
655 name = read_str ("Enter a name for the key: ");
656 }
657 while (name == NULL);
658 }
659 return name;
660 }
661
662 int
663 get_tls_client_status (void)
664 {
665 if (batch)
666 {
667 return cfg.tls_www_client;
668 }
669 else
670 {
671 return read_yesno ("Is this a TLS web client certificate? (y/N): ");
672 }
673 }
674
675 int
676 get_tls_server_status (void)
677 {
678 if (batch)
679 {
680 return cfg.tls_www_server;
681 }
682 else
683 {
684 return
685 read_yesno ("Is this also a TLS web server certificate? (y/N): ");
686 }
687 }
688
689 const char *
690 get_dns_name (void)
691 {
692 if (batch)
693 {
694 return cfg.dns_name;
695 }
696 else
697 {
698 return
699 read_str ("Enter the dnsName of the subject of the certificate: ");
700 }
701 }
702
703 const char *
704 get_ip_addr (void)
705 {
706 if (batch)
707 {
708 return cfg.ip_addr;
709 }
710 else
711 {
712 return
713 read_str ("Enter the IP address of the subject of the certificate: ");
714 }
715 }
716
717 const char *
718 get_email (void)
719 {
720 if (batch)
721 {
722 return cfg.email;
723 }
724 else
725 {
726 return
727 read_str ("Enter the e-mail of the subject of the certificate: ");
728 }
729 }
730
731 int
732 get_sign_status (int server)
733 {
734 const char *msg;
735
736 if (batch)
737 {
738 return cfg.signing_key;
739 }
740 else
741 {
742 if (server)
743 msg =
744 "Will the certificate be used for signing (DHE and RSA-EXPORT ciphersuites)? (y/N): ";
745 else
746 msg =
747 "Will the certificate be used for signing (required for TLS)? (y/N): ";
748 return read_yesno (msg);
749 }
750 }
751
752 int
753 get_encrypt_status (int server)
754 {
755 const char *msg;
756
757 if (batch)
758 {
759 return cfg.encryption_key;
760 }
761 else
762 {
763 if (server)
764 msg =
765 "Will the certificate be used for encryption (RSA ciphersuites)? (y/N): ";
766 else
767 msg =
768 "Will the certificate be used for encryption (not required for TLS)? (y/N): ";
769 return read_yesno (msg);
770 }
771 }
772
773 int
774 get_cert_sign_status (void)
775 {
776 if (batch)
777 {
778 return cfg.cert_sign_key;
779 }
780 else
781 {
782 return
783 read_yesno
784 ("Will the certificate be used to sign other certificates? (y/N): ");
785 }
786 }
787
788 int
789 get_crl_sign_status (void)
790 {
791 if (batch)
792 {
793 return cfg.crl_sign_key;
794 }
795 else
796 {
797 return
798 read_yesno ("Will the certificate be used to sign CRLs? (y/N): ");
799 }
800 }
801
802 int
803 get_code_sign_status (void)
804 {
805 if (batch)
806 {
807 return cfg.code_sign_key;
808 }
809 else
810 {
811 return
812 read_yesno ("Will the certificate be used to sign code? (y/N): ");
813 }
814 }
815
816 int
817 get_ocsp_sign_status (void)
818 {
819 if (batch)
820 {
821 return cfg.ocsp_sign_key;
822 }
823 else
824 {
825 return
826 read_yesno
827 ("Will the certificate be used to sign OCSP requests? (y/N): ");
828 }
829 }
830
831 int
832 get_time_stamp_status (void)
833 {
834 if (batch)
835 {
836 return cfg.time_stamping_key;
837 }
838 else
839 {
840 return
841 read_yesno
842 ("Will the certificate be used for time stamping? (y/N): ");
843 }
844 }
845
846 int
847 get_crl_next_update (void)
848 {
849 int days;
850
851 if (batch)
852 {
853 if (cfg.crl_next_update <= 0)
854 return 365;
855 else
856 return cfg.crl_next_update;
857 }
858 else
859 {
860 do
861 {
862 days = read_int ("The next CRL will be issued in (days): ");
863 }
864 while (days == 0);
865 return days;
866 }
867 }
868
869 const char *
870 get_proxy_policy (char **policy, size_t *policylen)
871 {
872 const char *ret;
873
874 if (batch)
875 {
876 ret = cfg.proxy_policy_language;
877 if (!ret)
878 ret = "1.3.6.1.5.5.7.21.1";
879 }
880 else
881 {
882 do
883 {
884 ret = read_str ("Enter the OID of the proxy policy language: ");
885 }
886 while (ret == NULL);
887 }
888
889 *policy = NULL;
890 *policylen = 0;
891
892 if (strcmp (ret, "1.3.6.1.5.5.7.21.1") != 0 &&
893 strcmp (ret, "1.3.6.1.5.5.7.21.2") != 0)
894 {
895 fprintf (stderr, "Reading non-standard proxy policy not supported.\n");
896 }
897
898 return ret;
899 }
900
901 /* CRQ stuff.
902 */
903 void
904 get_country_crq_set (gnutls_x509_crq_t crq)
905 {
906 int ret;
907
908 if (batch)
909 {
910 if (!cfg.country)
911 return;
912 ret =
913 gnutls_x509_crq_set_dn_by_oid (crq,
914 GNUTLS_OID_X520_COUNTRY_NAME, 0,
915 cfg.country, strlen (cfg.country));
916 if (ret < 0)
917 {
918 fprintf (stderr, "set_dn: %s\n", gnutls_strerror (ret));
919 exit (1);
920 }
921 }
922 else
923 {
924 read_crq_set (crq, "Country name (2 chars): ",
925 GNUTLS_OID_X520_COUNTRY_NAME);
926 }
927
928 }
929
930 void
931 get_organization_crq_set (gnutls_x509_crq_t crq)
932 {
933 int ret;
934
935 if (batch)
936 {
937 if (!cfg.organization)
938 return;
939
940 ret =
941 gnutls_x509_crq_set_dn_by_oid (crq,
942 GNUTLS_OID_X520_ORGANIZATION_NAME,
943 0, cfg.organization,
944 strlen (cfg.organization));
945 if (ret < 0)
946 {
947 fprintf (stderr, "set_dn: %s\n", gnutls_strerror (ret));
948 exit (1);
949 }
950 }
951 else
952 {
953 read_crq_set (crq, "Organization name: ",
954 GNUTLS_OID_X520_ORGANIZATION_NAME);
955 }
956
957 }
958
959 void
960 get_unit_crq_set (gnutls_x509_crq_t crq)
961 {
962 int ret;
963
964 if (batch)
965 {
966 if (!cfg.unit)
967 return;
968
969 ret =
970 gnutls_x509_crq_set_dn_by_oid (crq,
971 GNUTLS_OID_X520_ORGANIZATIONAL_UNIT_NAME,
972 0, cfg.unit, strlen (cfg.unit));
973 if (ret < 0)
974 {
975 fprintf (stderr, "set_dn: %s\n", gnutls_strerror (ret));
976 exit (1);
977 }
978 }
979 else
980 {
981 read_crq_set (crq, "Organizational unit name: ",
982 GNUTLS_OID_X520_ORGANIZATIONAL_UNIT_NAME);
983 }
984
985 }
986
987 void
988 get_state_crq_set (gnutls_x509_crq_t crq)
989 {
990 int ret;
991
992 if (batch)
993 {
994 if (!cfg.state)
995 return;
996 ret =
997 gnutls_x509_crq_set_dn_by_oid (crq,
998 GNUTLS_OID_X520_STATE_OR_PROVINCE_NAME,
999 0, cfg.state, strlen (cfg.state));
1000 if (ret < 0)
1001 {
1002 fprintf (stderr, "set_dn: %s\n", gnutls_strerror (ret));
1003 exit (1);
1004 }
1005 }
1006 else
1007 {
1008 read_crq_set (crq, "State or province name: ",
1009 GNUTLS_OID_X520_STATE_OR_PROVINCE_NAME);
1010 }
1011
1012 }
1013
1014 void
1015 get_locality_crq_set (gnutls_x509_crq_t crq)
1016 {
1017 int ret;
1018
1019 if (batch)
1020 {
1021 if (!cfg.locality)
1022 return;
1023 ret =
1024 gnutls_x509_crq_set_dn_by_oid (crq,
1025 GNUTLS_OID_X520_LOCALITY_NAME, 0,
1026 cfg.locality, strlen (cfg.locality));
1027 if (ret < 0)
1028 {
1029 fprintf (stderr, "set_dn: %s\n", gnutls_strerror (ret));
1030 exit (1);
1031 }
1032 }
1033 else
1034 {
1035 read_crq_set (crq, "Locality name: ", GNUTLS_OID_X520_LOCALITY_NAME);
1036 }
1037
1038 }
1039
1040 void
1041 get_cn_crq_set (gnutls_x509_crq_t crq)
1042 {
1043 int ret;
1044
1045 if (batch)
1046 {
1047 if (!cfg.cn)
1048 return;
1049 ret =
1050 gnutls_x509_crq_set_dn_by_oid (crq, GNUTLS_OID_X520_COMMON_NAME,
1051 0, cfg.cn, strlen (cfg.cn));
1052 if (ret < 0)
1053 {
1054 fprintf (stderr, "set_dn: %s\n", gnutls_strerror (ret));
1055 exit (1);
1056 }
1057 }
1058 else
1059 {
1060 read_crq_set (crq, "Common name: ", GNUTLS_OID_X520_COMMON_NAME);
1061 }
1062
1063 }
1064
1065 void
1066 get_uid_crq_set (gnutls_x509_crq_t crq)
1067 {
1068 int ret;
1069
1070 if (batch)
1071 {
1072 if (!cfg.uid)
1073 return;
1074 ret = gnutls_x509_crq_set_dn_by_oid (crq, GNUTLS_OID_LDAP_UID, 0,
1075 cfg.uid, strlen (cfg.uid));
1076 if (ret < 0)
1077 {
1078 fprintf (stderr, "set_dn: %s\n", gnutls_strerror (ret));
1079 exit (1);
1080 }
1081 }
1082 else
1083 {
1084 read_crq_set (crq, "UID: ", GNUTLS_OID_LDAP_UID);
1085 }
1086
1087 }
1088
1089 void
1090 get_oid_crq_set (gnutls_x509_crq_t crq)
1091 {
1092 int ret, i;
1093
1094 if (batch)
1095 {
1096 if (!cfg.dn_oid)
1097 return;
1098 for (i = 0; cfg.dn_oid[i] != NULL; i += 2)
1099 {
1100 if (cfg.dn_oid[i + 1] == NULL)
1101 {
1102 fprintf (stderr, "dn_oid: %s does not have an argument.\n",
1103 cfg.dn_oid[i]);
1104 exit (1);
1105 }
1106 ret = gnutls_x509_crq_set_dn_by_oid (crq, cfg.dn_oid[i], 0,
1107 cfg.dn_oid[i + 1],
1108 strlen (cfg.dn_oid[i + 1]));
1109
1110 if (ret < 0)
1111 {
1112 fprintf (stderr, "set_dn_oid: %s\n", gnutls_strerror (ret));
1113 exit (1);
1114 }
1115 }
1116 }
1117
1118 }
Implementation of the SSL/TLS protocol