From a016bc6822ca80c062b9e46ebe35190596500983 Mon Sep 17 00:00:00 2001 From: Karen Arutyunov Date: Mon, 26 Jun 2023 21:54:18 +0300 Subject: Make changes required for CI --- openssl/agent/pkcs11/options.cxx | 635 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 635 insertions(+) create mode 100644 openssl/agent/pkcs11/options.cxx (limited to 'openssl/agent/pkcs11/options.cxx') diff --git a/openssl/agent/pkcs11/options.cxx b/openssl/agent/pkcs11/options.cxx new file mode 100644 index 0000000..592ca79 --- /dev/null +++ b/openssl/agent/pkcs11/options.cxx @@ -0,0 +1,635 @@ +// -*- C++ -*- +// +// This file was generated by CLI, a command line interface +// compiler for C++. +// + +// Begin prologue. +// +#include +// +// End prologue. + +#include + +#include +#include +#include +#include +#include +#include +#include +#include + +namespace openssl +{ + namespace cli + { + template + struct parser + { + static void + parse (X& x, bool& xs, scanner& s) + { + using namespace std; + + const char* o (s.next ()); + if (s.more ()) + { + string v (s.next ()); + istringstream is (v); + if (!(is >> x && is.peek () == istringstream::traits_type::eof ())) + throw invalid_value (o, v); + } + else + throw missing_value (o); + + xs = true; + } + }; + + template <> + struct parser + { + static void + parse (bool& x, bool& xs, scanner& s) + { + const char* o (s.next ()); + + if (s.more ()) + { + const char* v (s.next ()); + + if (std::strcmp (v, "1") == 0 || + std::strcmp (v, "true") == 0 || + std::strcmp (v, "TRUE") == 0 || + std::strcmp (v, "True") == 0) + x = true; + else if (std::strcmp (v, "0") == 0 || + std::strcmp (v, "false") == 0 || + std::strcmp (v, "FALSE") == 0 || + std::strcmp (v, "False") == 0) + x = false; + else + throw invalid_value (o, v); + } + else + throw missing_value (o); + + xs = true; + } + }; + + template <> + struct parser + { + static void + parse (std::string& x, bool& xs, scanner& s) + { + const char* o (s.next ()); + + if (s.more ()) + x = s.next (); + else + throw missing_value (o); + + xs = true; + } + }; + + template + struct parser > + { + static void + parse (std::pair& x, bool& xs, scanner& s) + { + x.second = s.position (); + parser::parse (x.first, xs, s); + } + }; + + template + struct parser > + { + static void + parse (std::vector& c, bool& xs, scanner& s) + { + X x; + bool dummy; + parser::parse (x, dummy, s); + c.push_back (x); + xs = true; + } + }; + + template + struct parser > + { + static void + parse (std::set& c, bool& xs, scanner& s) + { + X x; + bool dummy; + parser::parse (x, dummy, s); + c.insert (x); + xs = true; + } + }; + + template + struct parser > + { + static void + parse (std::map& m, bool& xs, scanner& s) + { + const char* o (s.next ()); + + if (s.more ()) + { + std::size_t pos (s.position ()); + std::string ov (s.next ()); + std::string::size_type p = ov.find ('='); + + K k = K (); + V v = V (); + std::string kstr (ov, 0, p); + std::string vstr (ov, (p != std::string::npos ? p + 1 : ov.size ())); + + int ac (2); + char* av[] = + { + const_cast (o), + 0 + }; + + bool dummy; + if (!kstr.empty ()) + { + av[1] = const_cast (kstr.c_str ()); + argv_scanner s (0, ac, av, false, pos); + parser::parse (k, dummy, s); + } + + if (!vstr.empty ()) + { + av[1] = const_cast (vstr.c_str ()); + argv_scanner s (0, ac, av, false, pos); + parser::parse (v, dummy, s); + } + + m[k] = v; + } + else + throw missing_value (o); + + xs = true; + } + }; + + template + struct parser > + { + static void + parse (std::multimap& m, bool& xs, scanner& s) + { + const char* o (s.next ()); + + if (s.more ()) + { + std::size_t pos (s.position ()); + std::string ov (s.next ()); + std::string::size_type p = ov.find ('='); + + K k = K (); + V v = V (); + std::string kstr (ov, 0, p); + std::string vstr (ov, (p != std::string::npos ? p + 1 : ov.size ())); + + int ac (2); + char* av[] = + { + const_cast (o), + 0 + }; + + bool dummy; + if (!kstr.empty ()) + { + av[1] = const_cast (kstr.c_str ()); + argv_scanner s (0, ac, av, false, pos); + parser::parse (k, dummy, s); + } + + if (!vstr.empty ()) + { + av[1] = const_cast (vstr.c_str ()); + argv_scanner s (0, ac, av, false, pos); + parser::parse (v, dummy, s); + } + + m.insert (typename std::multimap::value_type (k, v)); + } + else + throw missing_value (o); + + xs = true; + } + }; + + template + void + thunk (X& x, scanner& s) + { + parser::parse (x.*M, s); + } + + template + void + thunk (X& x, scanner& s) + { + s.next (); + x.*M = true; + } + + template + void + thunk (X& x, scanner& s) + { + parser::parse (x.*M, x.*S, s); + } + } +} + +#include + +namespace openssl +{ + namespace agent + { + namespace pkcs11 + { + // options + // + + options:: + options () + : help_ (), + version_ (), + simulate_ (), + simulate_specified_ (false) + { + } + + bool options:: + parse (int& argc, + char** argv, + bool erase, + ::openssl::cli::unknown_mode opt, + ::openssl::cli::unknown_mode arg) + { + ::openssl::cli::argv_scanner s (argc, argv, erase); + bool r = _parse (s, opt, arg); + return r; + } + + bool options:: + parse (int start, + int& argc, + char** argv, + bool erase, + ::openssl::cli::unknown_mode opt, + ::openssl::cli::unknown_mode arg) + { + ::openssl::cli::argv_scanner s (start, argc, argv, erase); + bool r = _parse (s, opt, arg); + return r; + } + + bool options:: + parse (int& argc, + char** argv, + int& end, + bool erase, + ::openssl::cli::unknown_mode opt, + ::openssl::cli::unknown_mode arg) + { + ::openssl::cli::argv_scanner s (argc, argv, erase); + bool r = _parse (s, opt, arg); + end = s.end (); + return r; + } + + bool options:: + parse (int start, + int& argc, + char** argv, + int& end, + bool erase, + ::openssl::cli::unknown_mode opt, + ::openssl::cli::unknown_mode arg) + { + ::openssl::cli::argv_scanner s (start, argc, argv, erase); + bool r = _parse (s, opt, arg); + end = s.end (); + return r; + } + + bool options:: + parse (::openssl::cli::scanner& s, + ::openssl::cli::unknown_mode opt, + ::openssl::cli::unknown_mode arg) + { + bool r = _parse (s, opt, arg); + return r; + } + + ::openssl::cli::usage_para options:: + print_usage (::std::ostream& os, ::openssl::cli::usage_para p) + { + CLI_POTENTIALLY_UNUSED (os); + + if (p != ::openssl::cli::usage_para::none) + os << ::std::endl; + + os << "\033[1mOPTIONS\033[0m" << ::std::endl; + + os << std::endl + << "\033[1m--help\033[0m Print usage information and exit." << ::std::endl; + + os << std::endl + << "\033[1m--version\033[0m Print version and exit." << ::std::endl; + + os << std::endl + << "\033[1m--simulate\033[0m \033[4moutcome\033[0m Run the daemon in the simulation mode." << ::std::endl; + + p = ::openssl::cli::usage_para::option; + + return p; + } + + typedef + std::map + _cli_options_map; + + static _cli_options_map _cli_options_map_; + + struct _cli_options_map_init + { + _cli_options_map_init () + { + _cli_options_map_["--help"] = + &::openssl::cli::thunk< options, &options::help_ >; + _cli_options_map_["--version"] = + &::openssl::cli::thunk< options, &options::version_ >; + _cli_options_map_["--simulate"] = + &::openssl::cli::thunk< options, simulate_outcome, &options::simulate_, + &options::simulate_specified_ >; + } + }; + + static _cli_options_map_init _cli_options_map_init_; + + bool options:: + _parse (const char* o, ::openssl::cli::scanner& s) + { + _cli_options_map::const_iterator i (_cli_options_map_.find (o)); + + if (i != _cli_options_map_.end ()) + { + (*(i->second)) (*this, s); + return true; + } + + return false; + } + + bool options:: + _parse (::openssl::cli::scanner& s, + ::openssl::cli::unknown_mode opt_mode, + ::openssl::cli::unknown_mode arg_mode) + { + // Can't skip combined flags (--no-combined-flags). + // + assert (opt_mode != ::openssl::cli::unknown_mode::skip); + + bool r = false; + bool opt = true; + + while (s.more ()) + { + const char* o = s.peek (); + + if (std::strcmp (o, "--") == 0) + { + opt = false; + s.skip (); + r = true; + continue; + } + + if (opt) + { + if (_parse (o, s)) + { + r = true; + continue; + } + + if (std::strncmp (o, "-", 1) == 0 && o[1] != '\0') + { + // Handle combined option values. + // + std::string co; + if (const char* v = std::strchr (o, '=')) + { + co.assign (o, 0, v - o); + ++v; + + int ac (2); + char* av[] = + { + const_cast (co.c_str ()), + const_cast (v) + }; + + ::openssl::cli::argv_scanner ns (0, ac, av); + + if (_parse (co.c_str (), ns)) + { + // Parsed the option but not its value? + // + if (ns.end () != 2) + throw ::openssl::cli::invalid_value (co, v); + + s.next (); + r = true; + continue; + } + else + { + // Set the unknown option and fall through. + // + o = co.c_str (); + } + } + + // Handle combined flags. + // + char cf[3]; + { + const char* p = o + 1; + for (; *p != '\0'; ++p) + { + if (!((*p >= 'a' && *p <= 'z') || + (*p >= 'A' && *p <= 'Z') || + (*p >= '0' && *p <= '9'))) + break; + } + + if (*p == '\0') + { + for (p = o + 1; *p != '\0'; ++p) + { + std::strcpy (cf, "-"); + cf[1] = *p; + cf[2] = '\0'; + + int ac (1); + char* av[] = + { + cf + }; + + ::openssl::cli::argv_scanner ns (0, ac, av); + + if (!_parse (cf, ns)) + break; + } + + if (*p == '\0') + { + // All handled. + // + s.next (); + r = true; + continue; + } + else + { + // Set the unknown option and fall through. + // + o = cf; + } + } + } + + switch (opt_mode) + { + case ::openssl::cli::unknown_mode::skip: + { + s.skip (); + r = true; + continue; + } + case ::openssl::cli::unknown_mode::stop: + { + break; + } + case ::openssl::cli::unknown_mode::fail: + { + throw ::openssl::cli::unknown_option (o); + } + } + + break; + } + } + + switch (arg_mode) + { + case ::openssl::cli::unknown_mode::skip: + { + s.skip (); + r = true; + continue; + } + case ::openssl::cli::unknown_mode::stop: + { + break; + } + case ::openssl::cli::unknown_mode::fail: + { + throw ::openssl::cli::unknown_argument (o); + } + } + + break; + } + + return r; + } + } + } +} + +namespace openssl +{ + ::openssl::cli::usage_para + print_openssl_agent_pkcs11_usage (::std::ostream& os, ::openssl::cli::usage_para p) + { + CLI_POTENTIALLY_UNUSED (os); + + if (p != ::openssl::cli::usage_para::none) + os << ::std::endl; + + os << "\033[1mSYNOPSIS\033[0m" << ::std::endl + << ::std::endl + << "\033[1mopenssl-agent-pkcs11 --help\033[0m" << ::std::endl + << "\033[1mopenssl-agent-pkcs11 --version\033[0m" << ::std::endl + << "\033[1mopenssl-agent-pkcs11\033[0m [\033[4moptions\033[0m] \033[4murl\033[0m\033[0m" << ::std::endl + << ::std::endl + << "\033[1mDESCRIPTION\033[0m" << ::std::endl + << ::std::endl + << "The \033[1mPKCS#11\033[0m key agent prompts for a PIN for the specified token and forks off" << ::std::endl + << "the daemon, which unlocks the key, opens a UNIX domain socket, and waits for" << ::std::endl + << "cryptographic operation requests from the OpenSSL client \033[1mopenssl-client(1)\033[0m. The" << ::std::endl + << "agent also prints to \033[1mstdout\033[0m a shell script fragment that sets the environment" << ::std::endl + << "variables necessary for locating the agent. See the ENVIRONMENT section for" << ::std::endl + << "details." << ::std::endl + << ::std::endl + << "The daemon can be run in the simulation mode without actually logging into the" << ::std::endl + << "\033[1mPKCS#11\033[0m token. If the \033[1m--simulate\033[0m option is specified with the \033[1msuccess\033[0m outcome," << ::std::endl + << "the daemon pretends to unlock the requested key and responds with a dummy" << ::std::endl + << "signature to the subsequent data signing requests. The \033[1mfailure\033[0m outcome causes" << ::std::endl + << "the daemon to exit with non-zero status, as if it failed to find the key. This" << ::std::endl + << "mode is mostly useful for testing." << ::std::endl; + + p = ::openssl::agent::pkcs11::options::print_usage (os, ::openssl::cli::usage_para::text); + + if (p != ::openssl::cli::usage_para::none) + os << ::std::endl; + + os << "\033[1mENVIRONMENT\033[0m" << ::std::endl + << ::std::endl + << "The printed shell script fragment sets the \033[1mOPENSSL_AGENT_PKCS11_SOCK\033[0m and" << ::std::endl + << "\033[1mOPENSSL_AGENT_PKCS11_PID\033[0m environment variables. The former refers to the" << ::std::endl + << "Unix-domain socket that should be used by \033[1mopenssl-client(1)\033[0m for communicating" << ::std::endl + << "with the daemon. The latter contains the daemon process id that can be used to" << ::std::endl + << "terminate the daemon by sending it the \033[1mSIGTERM\033[0m signal." << ::std::endl; + + os << std::endl + << "\033[1mEXIT STATUS\033[0m" << ::std::endl + << ::std::endl + << "Non-zero exit status is returned in case of an error." << ::std::endl; + + p = ::openssl::cli::usage_para::text; + + return p; + } +} + +// Begin epilogue. +// +// +// End epilogue. + -- cgit v1.1