ipsec_optionsfrom(3)

1IPSEC_OPTIONSFROM(3)       Library Functions Manual       IPSEC_OPTIONSFROM(3)
2
3
4

NAME

6       ipsec optionsfrom - read additional ``command-line'' options from file
7

SYNOPSIS

9       #include <freeswan.h>
10
11       const char *optionsfrom(char *filename, int *argcp,
12           char ***argvp, int optind, FILE *errsto);
13

DESCRIPTION

15       Optionsfrom  is called from within a getopt_long(3) scan, as the result
16       of the appearance of an option  (preferably  --optionsfrom)  to  insert
17       additional  ``command-line''  arguments into the scan immediately after
18       the option.  Typically this would be done to pick up options which  are
19       security-sensitive  and should not be visible to ps(1) and similar com‐
20       mands, and hence cannot be supplied as part of the actual command  line
21       or the environment.
22
23       Optionsfrom reads the additional arguments from the specified filename,
24       allocates a new argument vector to hold pointers to the existing  argu‐
25       ments  plus  the  new  ones, and amends argc and argv (via the pointers
26       argcp and argvp, which must point to the argc and argv  being  supplied
27       to getopt_long(3)) accordingly.  Optind must be the index, in the orig‐
28       inal argument vector, of the next argument.
29
30       If errsto is NULL, optionsfrom returns NULL for success and  a  pointer
31       to  a  string-literal  error  message for failure; see DIAGNOSTICS.  If
32       errsto is non-NULL and an error occurs, optionsfrom prints  a  suitable
33       complaint onto the errsto descriptor and invokes exit with an exit sta‐
34       tus of 2; this is a convenience  for  cases  where  more  sophisticated
35       responses are not required.
36
37       The  text  of  existing  arguments  is not disturbed by optionsfrom, so
38       pointers to them and into them remain valid.
39
40       The file of additional arguments is an ASCII text file.  Lines consist‐
41       ing solely of white space, and lines beginning with #, are comments and
42       are ignored.  Otherwise, a line which does not begin with - is taken to
43       be a single argument; if it both begins and ends with double-quote ("),
44       those quotes are stripped off (note, no other processing is done within
45       the  line!).  A line beginning with - is considered to contain multiple
46       arguments separated by white space.
47
48       Because optionsfrom reads its entire  file  before  the  getopt_long(3)
49       scan  is resumed, an optionsfrom file can contain another --optionsfrom
50       option.  Obviously, infinite loops are possible  here.   If  errsto  is
51       non-NULL,  optionsfrom considers it an error to be called more than 100
52       times.  If errsto is NULL, loop detection is up to the caller (and  the
53       internal loop counter is zeroed out).
54

EXAMPLE

56       A reasonable way to invoke optionsfrom would be like so:
57
58       #include <getopt.h>
59
60       struct option opts[] = {
61            /* ... */
62            "optionsfrom", 1,   NULL,     '+',
63            /* ... */
64       };
65
66       int
67       main(argc, argv)
68       int argc;
69       char *argv[];
70       {
71            int opt;
72            extern char *optarg;
73            extern int optind;
74
75            while ((opt = getopt_long(argc, argv, "", opts, NULL)) != EOF)
76                 switch (opt) {
77                 /* ... */
78                 case '+': /* optionsfrom */
79                      optionsfrom(optarg, &argc, &argv, optind, stderr);
80                      /* does not return on error */
81                      break;
82                 /* ... */
83                 }
84            /* ... */
85

DIAGNOSTICS

90       Errors  in  optionsfrom  are:  unable to open file; attempt to allocate
91       temporary storage for argument or argument vector failed; read error in
92       file; line too long.
93

HISTORY

95       Written for the FreeS/WAN project by Henry Spencer.
96

BUGS

98       The double-quote convention is rather simplistic.
99
100       Line length is currently limited to 1023 bytes, and there is no contin‐
101       uation convention.
102
103       The restriction of error reports to literal strings  (so  that  callers
104       don't  need to worry about freeing them or copying them) does limit the
105       precision of error reporting.
106
107       The error-reporting convention lends itself to slightly  obscure  code,
108       because many readers will not think of NULL as signifying success.
109
110       There  is  a certain element of unwarranted chumminess with the insides
111       of getopt_long(3) here.  No non-public interfaces  are  actually  used,
112       but  optionsfrom does rely on getopt_long(3) being well-behaved in cer‐
113       tain ways that are not actually promised by the specs.
114
115
116
117                                  16 Oct 1998             IPSEC_OPTIONSFROM(3)