13 int eprint(const char *format, ...)
18 nfmt = alloca(strlen(format)+2);
22 return vfprintf(stderr, nfmt, ap);
26 static void usage(const char const *cmd)
28 eprint( "usage: %s [options] [username]\n"
29 " -h - show this help and exit\n"
30 " -o backend-option - token option \"backend:key=val\"\n"
31 " -f auth-file - auth state file to read/write\n"
32 " -a secret | -A file-with-secret | -A -\n"
33 " - 40-character hexadecimal secret\n"
34 " -s token-serial - public I.D. of the token\n"
35 " -n nonce - initial nonce\n"
36 " -l payload - keyring unlock password\n"
37 " -p password - login password"
41 int main(int argc, char *argv[])
48 unsigned char bsecret[20];
49 unsigned char *secret = NULL;
53 char *id = getlogin();
57 while ((c = getopt(argc, argv, "ho:f:a:A:s:n:l:p:")) != -1)
63 if (pcsc_option(optarg)) {
64 eprint("Option \"%s\" bad", optarg);
75 eprint("-a and -A are mutually exclusive");
83 eprint("-A and -a are mutually exclusive");
103 if (optind == (argc - 1)) {
107 if (optind != argc) {
115 if (!strcmp(secfn, "-")) sfp = stdin;
116 else sfp = fopen(secfn, "r");
118 eprint("cannot open \"%s\": %s",
119 secfn, strerror(errno));
122 if (!fgets(secbuf, sizeof(secbuf), sfp)) {
123 eprint("cannot read \"%s\": %s",
124 secfn, strerror(errno));
127 for (p = secbuf + strlen(secbuf) - 1;
128 *p == '\n' || *p == '\r'; p--) *p = '\n';
134 eprint("cannot determine userid");
138 if (strlen(hsecret) != 40) {
140 "secret wrong, must be exactly 40 chars\n");
143 if (strspn(hsecret, "0123456789abcdefABCDEF") != 40) {
145 "secret wrong, must be hexadecimal string\n");
148 for (i = 0; i < 20; i++)
149 sscanf(hsecret + i * 2, "%2hhx", &bsecret[i]);
152 return update_authfile(fn, tokenid, id, password, nonce,
153 secret, sizeof(bsecret),
154 (unsigned char *)payload, strlen(payload));