c65df279 |
1 | /* -*-c-*- |
2 | * |
3 | * $Id$ |
4 | * |
5 | * Generate and validate cryptographic cookies |
6 | * |
7 | * (c) 1999 Mark Wooding |
8 | */ |
9 | |
45c0fd36 |
10 | /*----- Licensing notice --------------------------------------------------* |
c65df279 |
11 | * |
12 | * This file is part of Catacomb. |
13 | * |
14 | * Catacomb is free software; you can redistribute it and/or modify |
15 | * it under the terms of the GNU General Public License as published by |
16 | * the Free Software Foundation; either version 2 of the License, or |
17 | * (at your option) any later version. |
45c0fd36 |
18 | * |
c65df279 |
19 | * Catacomb is distributed in the hope that it will be useful, |
20 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
21 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
22 | * GNU General Public License for more details. |
45c0fd36 |
23 | * |
c65df279 |
24 | * You should have received a copy of the GNU General Public License |
25 | * along with Catacomb; if not, write to the Free Software Foundation, |
26 | * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
27 | */ |
28 | |
29 | /*----- Header files ------------------------------------------------------*/ |
30 | |
31 | #include "config.h" |
32 | |
33 | #include <errno.h> |
34 | #include <stdio.h> |
35 | #include <stdlib.h> |
36 | #include <string.h> |
37 | #include <time.h> |
38 | |
39 | #include <mLib/base64.h> |
40 | #include <mLib/bits.h> |
41 | #include <mLib/dstr.h> |
42 | #include <mLib/mdwopt.h> |
43 | #include <mLib/quis.h> |
44 | #include <mLib/report.h> |
45 | #include <mLib/sub.h> |
46 | |
47 | #include "cc.h" |
48 | #include "key.h" |
49 | #include "gmac.h" |
50 | #include "getdate.h" |
51 | |
52 | /*----- Handy global state ------------------------------------------------*/ |
53 | |
54 | static const char *keyfile = "keyring"; |
55 | |
56 | /*----- Cookie format -----------------------------------------------------*/ |
57 | |
58 | /* --- Cookie header structure (unpacked) --- */ |
59 | |
60 | typedef struct cookie { |
61 | uint32 k; |
62 | time_t exp; |
63 | } cookie; |
64 | |
65 | /* --- Size of a cookie header (packed) --- */ |
66 | |
67 | #define COOKIE_SZ (4 + 8) |
68 | |
69 | /* --- @COOKIE_PACK@ --- * |
70 | * |
71 | * Arguments: @p@ = pointer to destination buffer |
72 | * @c@ = pointer to source cookie header block |
73 | * |
74 | * Use: Packs a cookie header into an octet buffer in a machine- |
75 | * independent way. |
76 | */ |
77 | |
78 | #define COOKIE_PACK(p, c) do { \ |
79 | octet *_p = (octet *)(p); \ |
80 | const cookie *_c = (c); \ |
81 | STORE32(_p + 0, _c->k); \ |
82 | STORE32(_p + 4, ((_c->exp & ~MASK32) >> 16) >> 16); \ |
83 | STORE32(_p + 8, _c->exp); \ |
84 | } while (0) |
85 | |
86 | /* --- @COOKIE_UNPACK@ --- * |
87 | * |
88 | * Arguments: @c@ = pointer to destination cookie header |
89 | * @p@ = pointer to source buffer |
90 | * |
91 | * Use: Unpacks a cookie header from an octet buffer into a |
92 | * machine-specific but comprehensible structure. |
93 | */ |
94 | |
95 | #define COOKIE_UNPACK(c, p) do { \ |
96 | cookie *_c = (c); \ |
97 | const octet *_p = (const octet *)(p); \ |
98 | _c->k = LOAD32(_p + 0); \ |
99 | _c->exp = ((time_t)(((LOAD32(_p + 4) << 16) << 16) & ~MASK32) | \ |
100 | (time_t)LOAD32(_p + 8)); \ |
101 | } while (0) |
102 | |
103 | /*----- Useful shared functions -------------------------------------------*/ |
104 | |
105 | /* --- @doopen@ --- * |
106 | * |
107 | * Arguments: @key_file *f@ = pointer to key file block |
108 | * @unsigned how@ = method to open file with |
109 | * |
110 | * Returns: --- |
111 | * |
112 | * Use: Opens a key file and handles errors by panicking |
113 | * appropriately. |
114 | */ |
115 | |
116 | static void doopen(key_file *f, unsigned how) |
117 | { |
118 | if (key_open(f, keyfile, how, key_moan, 0)) { |
119 | die(EXIT_FAILURE, "couldn't open file `%s': %s", |
120 | keyfile, strerror(errno)); |
121 | } |
122 | } |
123 | |
124 | /* --- @doclose@ --- * |
125 | * |
126 | * Arguments: @key_file *f@ = pointer to key file block |
127 | * |
128 | * Returns: --- |
129 | * |
130 | * Use: Closes a key file and handles errors by panicking |
131 | * appropriately. |
132 | */ |
133 | |
134 | static void doclose(key_file *f) |
135 | { |
136 | switch (key_close(f)) { |
137 | case KWRITE_FAIL: |
138 | die(EXIT_FAILURE, "couldn't write file `%s': %s", |
139 | keyfile, strerror(errno)); |
140 | case KWRITE_BROKEN: |
141 | die(EXIT_FAILURE, "keyring file `%s' broken: %s (repair manually)", |
142 | keyfile, strerror(errno)); |
143 | } |
144 | } |
145 | |
146 | /* --- @getmac@ --- * |
147 | * |
148 | * Arguments: @key *k@ = key to use |
149 | * @const char *app@ = application name |
150 | * |
151 | * Returns: The MAC to use. |
152 | * |
153 | * Use: Finds the right MAC for the given key. |
154 | */ |
155 | |
156 | static gmac *getmac(key *k, const char *app) |
157 | { |
158 | dstr t = DSTR_INIT; |
159 | dstr d = DSTR_INIT; |
160 | char *p = 0; |
161 | const char *q; |
162 | size_t n; |
163 | key_bin kb; |
164 | key_packdef kp; |
165 | const gcmac *cm; |
166 | int e; |
167 | gmac *m; |
168 | |
169 | /* --- Set up --- */ |
170 | |
171 | key_fulltag(k, &t); |
172 | |
173 | /* --- Pick out the right MAC --- */ |
174 | |
175 | n = strlen(app); |
176 | if ((q = key_getattr(0, k, "mac")) != 0) { |
177 | dstr_puts(&d, q); |
178 | p = d.buf; |
179 | } else if (strncmp(k->type, app, n) == 0 && k->type[n] == '-') { |
180 | dstr_puts(&d, k->type); |
181 | p = d.buf + n + 1; |
182 | } else |
183 | die(EXIT_FAILURE, "no MAC algorithm for key `%s'", t.buf); |
184 | if ((cm = gmac_byname(p)) == 0) { |
185 | die(EXIT_FAILURE, "MAC algorithm `%s' not found in key `%s'", |
186 | p, t.buf); |
187 | } |
188 | |
189 | /* --- Unlock the key --- */ |
190 | |
ef13e9a4 |
191 | kp.e = KENC_BINARY; |
c65df279 |
192 | kp.p = &kb; |
ef13e9a4 |
193 | if ((e = key_unpack(&kp, k->k, &t)) != 0) { |
c65df279 |
194 | die(EXIT_FAILURE, "error unpacking key `%s': %s", |
195 | t.buf, key_strerror(e)); |
196 | } |
197 | |
198 | /* --- Make the MAC object --- */ |
199 | |
200 | if (keysz(kb.sz, cm->keysz) != kb.sz) |
201 | die(EXIT_FAILURE, "key %s has bad length (%lu) for MAC %s", |
202 | t.buf, (unsigned long)kb.sz, cm->name); |
203 | m = cm->key(kb.k, kb.sz); |
204 | key_unpackdone(&kp); |
205 | return (m); |
206 | } |
207 | |
208 | /*----- Command implementation --------------------------------------------*/ |
209 | |
210 | /* --- @cmd_gen@ --- */ |
211 | |
212 | static int cmd_gen(int argc, char *argv[]) |
213 | { |
214 | key_file f; |
215 | key *k; |
216 | gmac *m; |
217 | ghash *h; |
218 | const char *tag = "cookie"; |
219 | int err; |
220 | cookie c = { 0, KEXP_EXPIRE }; |
221 | unsigned fl = 0; |
222 | int bits = 32; |
223 | const octet *t; |
224 | dstr d = DSTR_INIT; |
225 | octet buf[COOKIE_SZ]; |
226 | base64_ctx b; |
45c0fd36 |
227 | |
c65df279 |
228 | /* --- Various useful flag bits --- */ |
229 | |
230 | #define f_bogus 1u |
231 | |
232 | /* --- Parse options for the subcommand --- */ |
233 | |
234 | for (;;) { |
235 | static struct option opt[] = { |
236 | { "bits", OPTF_ARGREQ, 0, 'b' }, |
237 | { "expire", OPTF_ARGREQ, 0, 'e' }, |
238 | { "key", OPTF_ARGREQ, 0, 'k' }, |
239 | { 0, 0, 0, 0 } |
240 | }; |
241 | int i = mdwopt(argc, argv, "+b:e:i:t:", opt, 0, 0, 0); |
242 | if (i < 0) |
243 | break; |
244 | |
245 | /* --- Handle the various options --- */ |
246 | |
247 | switch (i) { |
248 | |
249 | /* --- Fetch a size in bits --- */ |
250 | |
251 | case 'b': |
252 | if (!(bits = atoi(optarg)) || bits % 8) |
253 | die(EXIT_FAILURE, "bad number of bits: `%s'", optarg); |
254 | break; |
255 | |
256 | /* --- Fetch an expiry time --- */ |
257 | |
258 | case 'e': |
259 | if (strcmp(optarg, "forever") == 0) |
260 | c.exp = KEXP_FOREVER; |
261 | else if ((c.exp = get_date(optarg, 0)) == -1) |
262 | die(EXIT_FAILURE, "bad expiry date: `%s'", optarg); |
263 | break; |
264 | |
265 | /* --- Fetch a key type --- */ |
266 | |
267 | case 'k': |
268 | tag = optarg; |
269 | break; |
270 | |
271 | /* --- Other things are bogus --- */ |
272 | |
273 | default: |
274 | fl |= f_bogus; |
275 | break; |
276 | } |
277 | } |
278 | |
279 | /* --- Various sorts of bogosity --- */ |
280 | |
281 | if (fl & f_bogus || optind + 1 < argc) |
282 | die(EXIT_FAILURE, |
283 | "Usage: generate [-b BITS] [-e TIME] [-k TAG] [DATA]"); |
284 | |
285 | /* --- Choose a default expiry time --- */ |
286 | |
287 | if (c.exp == KEXP_EXPIRE) |
288 | c.exp = time(0) + 7 * 24 * 60 * 60; |
289 | |
290 | /* --- Open the key file and get the key --- */ |
291 | |
292 | doopen(&f, KOPEN_WRITE); |
293 | if ((k = key_bytag(&f, tag)) == 0) { |
294 | die(EXIT_FAILURE, "no key with tag `%s' in keyring `%s'", |
295 | tag, keyfile); |
296 | } |
297 | |
298 | c.k = k->id; |
299 | if ((err = key_used(&f, k, c.exp)) != 0) |
300 | die(EXIT_FAILURE, "can't generate cookie: %s", key_strerror(err)); |
301 | m = getmac(k, "cookie"); |
302 | if (bits/8 > GM_CLASS(m)->hashsz) { |
303 | die(EXIT_FAILURE, "inapproriate bit length for `%s' MACs", |
304 | GM_CLASS(m)->name); |
305 | } |
306 | |
307 | /* --- Store and MAC the cookie --- */ |
308 | |
309 | COOKIE_PACK(buf, &c); |
310 | |
311 | h = GM_INIT(m); |
312 | GH_HASH(h, buf, sizeof(buf)); |
313 | if (argv[optind]) |
314 | GH_HASH(h, argv[optind], strlen(argv[optind])); |
315 | t = GH_DONE(h, 0); |
316 | |
317 | /* --- Encode and emit the finished cookie --- */ |
318 | |
319 | base64_init(&b); |
320 | b.indent = ""; |
321 | base64_encode(&b, buf, sizeof(buf), &d); |
322 | base64_encode(&b, t, bits/8, &d); |
323 | base64_encode(&b, 0, 0, &d); |
324 | DWRITE(&d, stdout); |
325 | fputc('\n', stdout); |
326 | DDESTROY(&d); |
327 | GH_DESTROY(h); |
328 | GM_DESTROY(m); |
329 | |
330 | doclose(&f); |
331 | return (0); |
332 | |
333 | #undef f_bogus |
334 | } |
335 | |
336 | /* --- @cmd_verify@ --- */ |
337 | |
338 | static int cmd_verify(int argc, char *argv[]) |
339 | { |
340 | key_file f; |
341 | dstr d = DSTR_INIT; |
342 | unsigned fl = 0; |
343 | int bits = -1, minbits = 32; |
344 | int v = 1; |
345 | base64_ctx b; |
346 | gmac *m; |
347 | ghash *h; |
348 | cookie c; |
349 | key *k; |
350 | int cbits; |
351 | const octet *t; |
352 | time_t now = time(0); |
353 | |
354 | /* --- Various useful flag bits --- */ |
355 | |
356 | #define f_bogus 1u |
357 | #define f_forever 2u |
358 | #define f_utc 4u |
359 | |
360 | /* --- Parse options for the subcommand --- */ |
361 | |
362 | for (;;) { |
363 | static struct option opt[] = { |
364 | { "bits", OPTF_ARGREQ, 0, 'b' }, |
365 | { "min-bits", OPTF_ARGREQ, 0, 'm' }, |
366 | { "forever", 0, 0, 'f' }, |
367 | { "quiet", 0, 0, 'q' }, |
368 | { "verbose", 0, 0, 'v' }, |
369 | { "utc", 0, 0, 'u' }, |
370 | { 0, 0, 0, 0 } |
371 | }; |
372 | int i = mdwopt(argc, argv, "+b:m:fqvu", opt, 0, 0, 0); |
373 | if (i < 0) |
374 | break; |
375 | |
376 | /* --- Handle the various options --- */ |
377 | |
378 | switch (i) { |
379 | |
380 | /* --- Fetch a size in bits --- */ |
381 | |
382 | case 'b': |
383 | if (!(bits = atoi(optarg)) || bits % 8) |
384 | die(EXIT_FAILURE, "bad number of bits: `%s'", optarg); |
385 | break; |
386 | case 'm': |
387 | if (!(minbits = atoi(optarg)) || minbits % 8) |
388 | die(EXIT_FAILURE, "bad number of bits: `%s'", optarg); |
45c0fd36 |
389 | break; |
c65df279 |
390 | |
391 | /* --- Miscellaneous flags --- */ |
392 | |
393 | case 'f': |
394 | fl |= f_forever; |
395 | break; |
396 | case 'u': |
397 | fl |= f_utc; |
398 | break; |
399 | case 'q': |
400 | if (v > 0) v--; |
401 | break; |
402 | case 'v': |
403 | v++; |
404 | break; |
45c0fd36 |
405 | |
c65df279 |
406 | /* --- Other things are bogus --- */ |
407 | |
408 | default: |
409 | fl |= f_bogus; |
410 | break; |
411 | } |
412 | } |
413 | |
414 | /* --- Various sorts of bogosity --- */ |
415 | |
416 | if (fl & f_bogus || optind == argc || optind + 2 < argc) { |
417 | die(EXIT_FAILURE, |
418 | "Usage: verify [-fuqv] [-b BITS] [-m BITS] COOKIE [DATA]"); |
419 | } |
420 | doopen(&f, KOPEN_READ); |
421 | |
422 | /* --- Decode the base64 wrapping --- */ |
423 | |
424 | base64_init(&b); |
425 | base64_decode(&b, argv[optind], strlen(argv[optind]), &d); |
426 | base64_decode(&b, 0, 0, &d); |
427 | |
428 | if (d.len < COOKIE_SZ + 1) { |
429 | if (v) printf("FAIL cookie too small\n"); |
430 | goto fail; |
431 | } |
432 | |
433 | /* --- Extract the relevant details --- */ |
434 | |
435 | COOKIE_UNPACK(&c, d.buf); |
436 | |
437 | if (v > 1) { |
438 | char buf[64]; |
439 | if (c.exp == KEXP_FOREVER) |
440 | strcpy(buf, "forever"); |
441 | else { |
442 | struct tm *tm; |
443 | const char *fmt; |
444 | |
445 | if (fl & f_utc) { |
446 | tm = gmtime(&c.exp); |
447 | fmt = "%Y-%m-%d %H:%M:%S UTC"; |
448 | } else { |
449 | tm = localtime(&c.exp); |
450 | fmt = "%Y-%m-%d %H:%M:%S %Z"; |
451 | } |
452 | strftime(buf, sizeof(buf), fmt, tm); |
453 | } |
454 | printf("INFO keyid = %08lx; expiry = %s\n", (unsigned long)c.k, buf); |
455 | } |
456 | |
457 | /* --- Check the authentication token width --- */ |
458 | |
459 | cbits = (d.len - COOKIE_SZ) * 8; |
460 | if (v > 2) printf("INFO authentication token width = %i bits\n", cbits); |
461 | if (bits == -1) { |
462 | if (cbits < minbits) { |
463 | if (v) printf("FAIL authentication token too narrow\n"); |
464 | goto fail; |
465 | } |
466 | } else { |
467 | if (cbits != bits) { |
468 | if (v) printf("FAIL authentication token width doesn't match\n"); |
469 | goto fail; |
470 | } |
471 | } |
472 | /* --- Get the key --- */ |
473 | |
474 | if ((k = key_byid(&f, c.k)) == 0) { |
475 | if (v) printf("FAIL keyid %08lx unavailable\n", (unsigned long)c.k); |
476 | goto fail; |
477 | } |
478 | |
479 | /* --- Check that the cookie authenticates OK --- */ |
480 | |
481 | m = getmac(k, "cookie"); |
482 | h = GM_INIT(m); |
483 | GH_HASH(h, d.buf, COOKIE_SZ); |
484 | if (argv[optind + 1]) |
485 | GH_HASH(h, argv[optind + 1], strlen(argv[optind + 1])); |
486 | t = GH_DONE(h, 0); |
487 | |
488 | if (memcmp(t, d.buf + COOKIE_SZ, cbits / 8) != 0) { |
489 | if (v) printf("FAIL bad authentication token\n"); |
490 | goto fail; |
491 | } |
492 | |
493 | /* --- See whether the cookie has expired --- */ |
494 | |
495 | if (c.exp == KEXP_FOREVER) { |
496 | if (!(fl & f_forever)) { |
497 | if (v) printf("FAIL forever cookies not allowed\n"); |
498 | goto fail; |
499 | } |
500 | if (k->exp != KEXP_FOREVER) { |
501 | if (v) printf("FAIL cookie lasts forever but key will expire\n"); |
502 | goto fail; |
503 | } |
504 | } else if (c.exp < now) { |
505 | if (v) printf("FAIL cookie has expired\n"); |
506 | goto fail; |
507 | } |
508 | |
509 | if (v) printf("OK\n"); |
510 | key_close(&f); |
511 | GM_DESTROY(m); |
512 | GH_DESTROY(h); |
513 | dstr_destroy(&d); |
514 | return (0); |
515 | |
516 | fail: |
517 | key_close(&f); |
518 | dstr_destroy(&d); |
519 | return (1); |
520 | |
521 | #undef f_bogus |
522 | #undef f_forever |
523 | #undef f_utc |
524 | } |
525 | |
526 | /*----- Main command table ------------------------------------------------*/ |
527 | |
528 | static int cmd_help(int, char **); |
529 | |
530 | #define LISTS(LI) \ |
531 | LI("Lists", list, \ |
532 | listtab[i].name, listtab[i].name) \ |
533 | LI("Message authentication algorithms", mac, \ |
534 | gmactab[i], gmactab[i]->name) |
535 | |
536 | MAKELISTTAB(listtab, LISTS) |
537 | |
538 | static int cmd_show(int argc, char *argv[]) |
539 | { |
540 | return (displaylists(listtab, argv + 1)); |
541 | } |
542 | |
543 | static cmd cmds[] = { |
544 | { "help", cmd_help, "help [COMMAND...]" }, |
545 | { "show", cmd_show, "show [ITEM...]" }, |
546 | { "generate", cmd_gen, |
547 | "generate [-b BITS] [-e TIME] [-k TAG] [DATA]", "\ |
548 | Options:\n\ |
549 | \n\ |
550 | -b, --bits=N Use an N-bit token in the cookie.\n\ |
551 | -e, --expire=TIME Make the cookie expire after TIME.\n\ |
552 | -k, --key=TAG Use key TAG to create the token.\n\ |
553 | " }, |
554 | { "verify", cmd_verify, |
555 | "verify [-fuqv] [-b BITS] [-m BITS] COOKIE [DATA]", "\ |
556 | Options:\n\ |
557 | \n\ |
558 | -b, --bits=N Accept tokens exactly N bits long only.\n\ |
559 | -m, --min-bits=N Accept tokens N bits long or more.\n\ |
560 | -f, --forever Accept cookies which never expire.\n\ |
561 | -u, --utc Output cookie expiry dates in UTC.\n\ |
562 | -q, --quiet Produce less output while checking cookies.\n\ |
563 | -v, --verbose Produce more output while checking cookies.\n\ |
564 | " }, |
565 | { 0, 0, 0 } |
566 | }; |
567 | |
568 | static int cmd_help(int argc, char *argv[]) |
569 | { |
570 | sc_help(cmds, stdout, argv + 1); |
571 | return (0); |
572 | } |
573 | |
574 | /*----- Main code ---------------------------------------------------------*/ |
575 | |
576 | /* --- Helpful GNUy functions --- */ |
577 | |
578 | static void usage(FILE *fp) |
579 | { |
580 | fprintf(fp, "Usage: %s [-k KEYRING] COMMAND [ARGS]\n", QUIS); |
581 | } |
582 | |
583 | void version(FILE *fp) |
584 | { |
585 | fprintf(fp, "%s, Catacomb version " VERSION "\n", QUIS); |
586 | } |
587 | |
588 | void help_global(FILE *fp) |
589 | { |
590 | usage(fp); |
591 | fputs("\n\ |
592 | Generates and validates cryptographic cookies. Command line options\n\ |
593 | recognized are:\n\ |
594 | \n\ |
595 | -h, --help [COMMAND] Display this help text (or help for COMMAND).\n\ |
596 | -v, --version Display version number.\n\ |
597 | -u, --usage Display short usage summary.\n\ |
598 | \n\ |
599 | -k, --key-file=FILE Read and write keys in FILE.\n", |
600 | fp); |
601 | } |
602 | |
603 | /* --- @main@ --- * |
604 | * |
605 | * Arguments: @int argc@ = number of command line arguments |
606 | * @char *argv[]@ = array of arguments |
607 | * |
608 | * Returns: Zero if OK, nonzero if not. |
609 | * |
610 | * Use: Generates and validates cryptographic cookies. |
611 | */ |
612 | |
613 | int main(int argc, char *argv[]) |
614 | { |
615 | unsigned f = 0; |
616 | |
617 | #define f_bogus 1u |
618 | #define f_forever 2u |
619 | |
620 | /* --- Initialize the library --- */ |
621 | |
622 | ego(argv[0]); |
623 | sub_init(); |
624 | |
625 | /* --- Options parsing --- */ |
626 | |
627 | for (;;) { |
628 | static struct option opt[] = { |
629 | |
630 | /* --- Standard GNUy help options --- */ |
631 | |
632 | { "help", 0, 0, 'h' }, |
633 | { "version", 0, 0, 'v' }, |
634 | { "usage", 0, 0, 'u' }, |
635 | |
636 | /* --- Actual relevant options --- */ |
637 | |
638 | { "keyring", OPTF_ARGREQ, 0, 'k' }, |
639 | |
640 | /* --- Magic terminator --- */ |
641 | |
642 | { 0, 0, 0, 0 } |
643 | }; |
644 | int i = mdwopt(argc, argv, "+hvu k:", opt, 0, 0, 0); |
645 | |
646 | if (i < 0) |
647 | break; |
648 | switch (i) { |
649 | |
650 | /* --- Helpful GNUs --- */ |
651 | |
652 | case 'u': |
653 | usage(stdout); |
654 | exit(0); |
655 | case 'v': |
656 | version(stdout); |
657 | exit(0); |
658 | case 'h': |
659 | sc_help(cmds, stdout, argv + optind); |
660 | exit(0); |
661 | |
662 | /* --- Real genuine useful options --- */ |
663 | |
664 | case 'k': |
665 | keyfile = optarg; |
666 | break; |
667 | |
668 | /* --- Bogus things --- */ |
669 | |
670 | default: |
671 | f |= f_bogus; |
672 | break; |
673 | } |
674 | } |
675 | |
676 | if ((f & f_bogus) || optind == argc) { |
677 | usage(stderr); |
678 | exit(EXIT_FAILURE); |
679 | } |
680 | |
681 | /* --- Dispatch to appropriate command handler --- */ |
682 | |
683 | argc -= optind; |
684 | argv += optind; |
685 | optind = 0; |
686 | return (findcmd(cmds, argv[0])->cmd(argc, argv)); |
687 | |
688 | #undef f_bogus |
689 | #undef f_forever |
45c0fd36 |
690 | } |
c65df279 |
691 | |
692 | /*----- That's all, folks -------------------------------------------------*/ |