1 | |
---|
2 | /* display.c */ |
---|
3 | |
---|
4 | #include <time.h> |
---|
5 | #include <string.h> |
---|
6 | #include <err.h> |
---|
7 | |
---|
8 | #include <abac.h> |
---|
9 | #include "creddy_common.h" |
---|
10 | |
---|
11 | extern char *abac_attribute_role_string(abac_attribute_t *attr); |
---|
12 | extern abac_chunk_t abac_attribute_cert(abac_attribute_t *ptr); |
---|
13 | |
---|
14 | // helper |
---|
15 | void _print_validity(struct tm not_before, struct tm not_after); |
---|
16 | void _print_info(abac_attribute_t *attr, int show_issuer, int show_subject, int show_validity, int show_roles, char*); |
---|
17 | |
---|
18 | void display_main(options_t *opts) { |
---|
19 | if (opts->cert == NULL) |
---|
20 | usage(opts); |
---|
21 | |
---|
22 | char *show = opts->show; |
---|
23 | if (show == NULL) |
---|
24 | usage(opts); |
---|
25 | |
---|
26 | int show_issuer = 0; |
---|
27 | int show_subject = 0; |
---|
28 | int show_validity = 0; |
---|
29 | int show_roles = 0; |
---|
30 | char *opt; |
---|
31 | |
---|
32 | while ((opt = strsep(&show, ",")) != NULL) { |
---|
33 | if (strcmp(opt, "issuer") == 0) |
---|
34 | show_issuer = 1; |
---|
35 | else if (strcmp(opt, "subject") == 0) |
---|
36 | show_subject = 1; |
---|
37 | else if (strcmp(opt, "validity") == 0) |
---|
38 | show_validity = 1; |
---|
39 | else if (strcmp(opt, "roles") == 0) |
---|
40 | show_roles = 1; |
---|
41 | else if (strcmp(opt, "all") == 0) { |
---|
42 | show_issuer = 1; |
---|
43 | show_subject = 1; |
---|
44 | show_validity = 1; |
---|
45 | show_roles = 1; |
---|
46 | } |
---|
47 | else { |
---|
48 | printf("Error: Unknown option to --show: %s\n", opt); |
---|
49 | usage(opts); |
---|
50 | } |
---|
51 | } |
---|
52 | |
---|
53 | // first try ID cert |
---|
54 | abac_id_t *id = abac_id_from_file(opts->cert); |
---|
55 | if (id != NULL) { |
---|
56 | if (show_issuer) { |
---|
57 | char *issuer = abac_id_issuer(id); |
---|
58 | printf("Issuer: %s\n", issuer); |
---|
59 | free(issuer); |
---|
60 | } |
---|
61 | |
---|
62 | if (show_subject) { |
---|
63 | char *subject = abac_id_subject(id); |
---|
64 | printf("Subject: %s\n", subject); |
---|
65 | free(subject); |
---|
66 | } |
---|
67 | |
---|
68 | if (show_validity) { |
---|
69 | struct tm not_before, not_after; |
---|
70 | abac_id_validity(id, ¬_before, ¬_after); |
---|
71 | _print_validity(not_before, not_after); |
---|
72 | } |
---|
73 | |
---|
74 | abac_id_free(id); |
---|
75 | return; |
---|
76 | } |
---|
77 | |
---|
78 | // then try attribute cert |
---|
79 | abac_attribute_t *attr; |
---|
80 | abac_list_t *attr_list = abac_attribute_certs_from_file(opts->cert); |
---|
81 | int sz=abac_list_size(attr_list); |
---|
82 | abac_list_foreach(attr_list, attr, |
---|
83 | _print_info(attr,show_issuer,show_subject,show_validity,show_roles, opts->cert); |
---|
84 | abac_attribute_free(attr); |
---|
85 | ); |
---|
86 | abac_list_free(attr_list); |
---|
87 | |
---|
88 | // give up if neither works |
---|
89 | if(sz==0) |
---|
90 | errx(1, "Couldn't load %s as an ID or attribute, ", opts->cert); |
---|
91 | } |
---|
92 | |
---|
93 | void _print_info(abac_attribute_t *attr, int show_issuer, int show_subject, int show_validity, int show_roles, char *fname) |
---|
94 | { |
---|
95 | if (attr != NULL) { |
---|
96 | abac_id_t *issuer_id=abac_attribute_issuer_id(attr); |
---|
97 | if (show_issuer && issuer_id) { |
---|
98 | char *issuer = abac_id_issuer(issuer_id); |
---|
99 | printf("Issuer: %s\n", issuer); |
---|
100 | free(issuer); |
---|
101 | } |
---|
102 | if (show_subject && issuer_id) { |
---|
103 | char *subject = abac_id_subject(issuer_id); |
---|
104 | printf("Subject: %s\n", subject); |
---|
105 | free(subject); |
---|
106 | } |
---|
107 | if (show_validity) { |
---|
108 | struct tm not_before, not_after; |
---|
109 | abac_attribute_validity(attr, ¬_before, ¬_after); |
---|
110 | _print_validity(not_before, not_after); |
---|
111 | } |
---|
112 | if (show_roles) { |
---|
113 | char *role_string = abac_attribute_role_string(attr); |
---|
114 | if (role_string == NULL) errx(1, "Couldn't get attributes from %s", fname ); |
---|
115 | printf("Roles: %s\n", role_string); |
---|
116 | free(role_string); |
---|
117 | } |
---|
118 | } |
---|
119 | } |
---|
120 | |
---|
121 | // display the validity period of a cert |
---|
122 | void _print_validity(struct tm not_before, struct tm not_after) { |
---|
123 | char buf[256]; |
---|
124 | printf("Validity:\n"); |
---|
125 | |
---|
126 | strftime(buf, sizeof(buf), "%F %T %Z", ¬_before); |
---|
127 | printf(" Not before: %s [%lld]\n", buf, (long long) mktime(¬_before)); |
---|
128 | |
---|
129 | strftime(buf, sizeof(buf), "%F %T %Z", ¬_after); |
---|
130 | printf(" Not after: %s [%lld]\n", buf, (long long) mktime(¬_after)); |
---|
131 | } |
---|