diff options
| author | Tobias Heider <tobhe@cvs.openbsd.org> | 2021-11-21 22:44:09 +0000 |
|---|---|---|
| committer | Tobias Heider <tobhe@cvs.openbsd.org> | 2021-11-21 22:44:09 +0000 |
| commit | 26021626be9b16b9c843214f9a83343276f24216 (patch) | |
| tree | 031523991acc4f6b5d14e5564551bf97e3dd18d0 /usr.sbin/ikectl | |
| parent | d409305d0caaffe079b49d8339bfddcf0721f9c9 (diff) | |
Add 'ikectl show certinfo' to show trusted CAs and certificates.
This helps debug authentication issues with x509 certificates.
ok markus@
Diffstat (limited to 'usr.sbin/ikectl')
| -rw-r--r-- | usr.sbin/ikectl/ikectl.c | 16 | ||||
| -rw-r--r-- | usr.sbin/ikectl/parser.c | 3 | ||||
| -rw-r--r-- | usr.sbin/ikectl/parser.h | 5 |
3 files changed, 18 insertions, 6 deletions
diff --git a/usr.sbin/ikectl/ikectl.c b/usr.sbin/ikectl/ikectl.c index 0a81a79ebfa..6ba3b25ebe3 100644 --- a/usr.sbin/ikectl/ikectl.c +++ b/usr.sbin/ikectl/ikectl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ikectl.c,v 1.26 2020/06/10 17:44:44 kn Exp $ */ +/* $OpenBSD: ikectl.c,v 1.27 2021/11/21 22:44:08 tobhe Exp $ */ /* * Copyright (c) 2007-2013 Reyk Floeter <reyk@openbsd.org> @@ -59,6 +59,7 @@ struct imsgname imsgs[] = { { IMSG_CTL_RELOAD, "reload", NULL }, { IMSG_CTL_RESET, "reset", NULL }, { IMSG_CTL_SHOW_SA, "show sa", NULL }, + { IMSG_CTL_SHOW_CERTSTORE, "show certstore", NULL }, { 0, NULL, NULL } }; @@ -302,6 +303,10 @@ main(int argc, char *argv[]) imsg_compose(ibuf, IMSG_CTL_SHOW_SA, 0, 0, -1, NULL, 0); done = 0; break; + case SHOW_CERTSTORE: + imsg_compose(ibuf, IMSG_CTL_SHOW_CERTSTORE, 0, 0, -1, NULL, 0); + done = 0; + break; case RELOAD: imsg_compose(ibuf, IMSG_CTL_RELOAD, 0, 0, -1, NULL, 0); break; @@ -350,6 +355,7 @@ main(int argc, char *argv[]) done = monitor(&imsg); break; case SHOW_SA: + case SHOW_CERTSTORE: done = show_string(&imsg); break; default: @@ -401,9 +407,13 @@ show_string(struct imsg *imsg) { int done = 0; - if (imsg->hdr.type != IMSG_CTL_SHOW_SA) + switch (imsg->hdr.type) { + case IMSG_CTL_SHOW_SA: + case IMSG_CTL_SHOW_CERTSTORE: + break; + default: return (done); - + } if (IMSG_DATA_SIZE(imsg) > 0) printf("%s", (char *)imsg->data); else diff --git a/usr.sbin/ikectl/parser.c b/usr.sbin/ikectl/parser.c index fceb60d3d58..008f986ba6f 100644 --- a/usr.sbin/ikectl/parser.c +++ b/usr.sbin/ikectl/parser.c @@ -1,4 +1,4 @@ -/* $OpenBSD: parser.c,v 1.19 2020/03/22 15:59:05 tobhe Exp $ */ +/* $OpenBSD: parser.c,v 1.20 2021/11/21 22:44:08 tobhe Exp $ */ /* * Copyright (c) 2010-2013 Reyk Floeter <reyk@openbsd.org> @@ -214,6 +214,7 @@ static const struct token t_ca_key_path[] = { static const struct token t_show[] = { { KEYWORD, "ca", SHOW_CA, t_show_ca }, { KEYWORD, "sa", SHOW_SA, NULL }, + { KEYWORD, "certstore", SHOW_CERTSTORE,NULL }, { ENDTOKEN, "", NONE, NULL } }; diff --git a/usr.sbin/ikectl/parser.h b/usr.sbin/ikectl/parser.h index e69096ab2cd..cd20e793fef 100644 --- a/usr.sbin/ikectl/parser.h +++ b/usr.sbin/ikectl/parser.h @@ -1,4 +1,4 @@ -/* $OpenBSD: parser.h,v 1.16 2020/03/22 15:59:05 tobhe Exp $ */ +/* $OpenBSD: parser.h,v 1.17 2021/11/21 22:44:08 tobhe Exp $ */ /* * Copyright (c) 2007-2013 Reyk Floeter <reyk@openbsd.org> @@ -56,7 +56,8 @@ enum actions { SHOW_CA, SHOW_CA_CERTIFICATES, SHOW_SA, - RESET_ID + RESET_ID, + SHOW_CERTSTORE }; struct parse_result { |