NAME
ipsec_optionsfrom - read additional ‘‘command-line’’ options from file
SYNOPSIS
#include <freeswan.h>
const char *optionsfrom(char * filename, int * argcp, char *** argvp,
int optind, FILE * errsto);
DESCRIPTION
Optionsfrom is called from within a getopt_long(3) scan, as the result
of the appearance of an option (preferably --optionsfrom) to insert
additional “command-line” arguments into the scan immediately after the
option. Typically this would be done to pick up options which are
security-sensitive and should not be visible to ps(1) and similar
commands, and hence cannot be supplied as part of the actual command
line or the environment.
Optionsfrom reads the additional arguments from the specified filename,
allocates a new argument vector to hold pointers to the existing
arguments plus the new ones, and amends argc and argv (via the pointers
argcp and argvp, which must point to the argc and argv being supplied
to getopt_long(3)) accordingly. Optind must be the index, in the
original argument vector, of the next argument.
If errsto is NULL, optionsfrom returns NULL for success and a pointer
to a string-literal error message for failure; see DIAGNOSTICS. If
errsto is non-NULL and an error occurs, optionsfrom prints a suitable
complaint onto the errsto descriptor and invokes exit with an exit
status of 2; this is a convenience for cases where more sophisticated
responses are not required.
The text of existing arguments is not disturbed by optionsfrom, so
pointers to them and into them remain valid.
The file of additional arguments is an ASCII text file. Lines
consisting solely of white space, and lines beginning with #, are
comments and are ignored. Otherwise, a line which does not begin with -
is taken to be a single argument; if it both begins and ends with
double-quote ("), those quotes are stripped off (note, no other
processing is done within the line!). A line beginning with - is
considered to contain multiple arguments separated by white space.
Because optionsfrom reads its entire file before the getopt_long(3)
scan is resumed, an optionsfrom file can contain another --optionsfrom
option. Obviously, infinite loops are possible here. If errsto is
non-NULL, optionsfrom considers it an error to be called more than 100
times. If errsto is NULL, loop detection is up to the caller (and the
internal loop counter is zeroed out).
EXAMPLE
A reasonable way to invoke optionsfrom would be like so:
#include <getopt.h>
struct option opts[] = {
/* ... */
"optionsfrom", 1, NULL, ´+´,
/* ... */
};
int
main(argc, argv)
int argc;
char *argv[];
{
int opt;
extern char *optarg;
extern int optind;
while ((opt = getopt_long(argc, argv, "", opts, NULL)) != EOF)
switch (opt) {
/* ... */
case ´+´: /* optionsfrom */
optionsfrom(optarg, &argc, &argv, optind, stderr);
/* does not return on error */
break;
/* ... */
}
/* ... */
SEE ALSO
getopt_long(3)
DIAGNOSTICS
Errors in optionsfrom are: unable to open file; attempt to allocate
temporary storage for argument or argument vector failed; read error in
file; line too long.
HISTORY
Written for the FreeS/WAN project by Henry Spencer.
BUGS
The double-quote convention is rather simplistic.
Line length is currently limited to 1023 bytes, and there is no
continuation convention.
The restriction of error reports to literal strings (so that callers
don´t need to worry about freeing them or copying them) does limit the
precision of error reporting.
The error-reporting convention lends itself to slightly obscure code,
because many readers will not think of NULL as signifying success.
There is a certain element of unwarranted chumminess with the insides
of getopt_long(3) here. No non-public interfaces are actually used, but
optionsfrom does rely on getopt_long(3) being well-behaved in certain
ways that are not actually promised by the specs.