1 .TH IPSEC_OPTIONSFROM 3 "16 Oct 1998"
2 .\" RCSID $Id: optionsfrom.3,v 1.7 1999/04/05 21:30:34 henry Exp $
4 ipsec optionsfrom \- read additional ``command-line'' options from file
6 .B "#include <freeswan.h>
8 .B "const char *optionsfrom(char *filename, int *argcp,"
10 .B "char ***argvp, int optind, FILE *errsto);"
13 is called from within a
16 as the result of the appearance of an option (preferably
18 to insert additional ``command-line'' arguments
19 into the scan immediately after
21 Typically this would be done to pick up options which are
22 security-sensitive and should not be visible to
25 and hence cannot be supplied as part
26 of the actual command line or the environment.
29 reads the additional arguments from the specified
31 allocates a new argument vector to hold pointers to the existing
32 arguments plus the new ones,
41 which must point to the
49 must be the index, in the original argument vector,
56 returns NULL for success and
57 a pointer to a string-literal error message for failure;
61 is non-NULL and an error occurs,
63 prints a suitable complaint onto the
65 descriptor and invokes
67 with an exit status of 2;
68 this is a convenience for cases where more sophisticated
69 responses are not required.
71 The text of existing arguments is not disturbed by
73 so pointers to them and into them remain valid.
75 The file of additional arguments is an ASCII text file.
76 Lines consisting solely of white space,
77 and lines beginning with
79 are comments and are ignored.
80 Otherwise, a line which does not begin with
82 is taken to be a single argument;
83 if it both begins and ends with double-quote ("),
84 those quotes are stripped off (note, no other processing is done within
88 is considered to contain multiple arguments separated by white space.
92 reads its entire file before the
96 file can contain another
99 Obviously, infinite loops are possible here.
104 considers it an error to be called more than 100 times.
108 loop detection is up to the caller
109 (and the internal loop counter is zeroed out).
111 A reasonable way to invoke
119 struct option opts[] = {
121 "optionsfrom", 1, NULL, '+',
134 while ((opt = getopt_long(argc, argv, "", opts, NULL)) != EOF)
137 case '+': /* optionsfrom */
138 optionsfrom(optarg, &argc, &argv, optind, stderr);
139 /* does not return on error */
153 attempt to allocate temporary storage for argument or
154 argument vector failed;
158 Written for the FreeS/WAN project by Henry Spencer.
160 The double-quote convention is rather simplistic.
162 Line length is currently limited to 1023 bytes,
163 and there is no continuation convention.
165 The restriction of error reports to literal strings
166 (so that callers don't need to worry about freeing them or copying them)
167 does limit the precision of error reporting.
169 The error-reporting convention lends itself
170 to slightly obscure code,
171 because many readers will not think of NULL as signifying success.
173 There is a certain element of unwarranted chumminess with
177 No non-public interfaces are actually used, but
181 being well-behaved in certain ways that are not actually
182 promised by the specs.