From b68aedefd3a1dbdfef2dd643c8069a24fd935025 Mon Sep 17 00:00:00 2001 From: Nalin Dahyabhai Date: Apr 14 2015 17:02:55 +0000 Subject: Learn to pass submission params to Dogtag Add a -o flag, similar to the -O flag which allows passing arbitrary parameters to Dogtag's profileProcess endpoint, to allow passing arbitrary parameters to Dogtag's profileSubmit endpoint. --- diff --git a/src/certmonger-dogtag-submit.8.in b/src/certmonger-dogtag-submit.8.in index daa64f9..c20d350 100644 --- a/src/certmonger-dogtag-submit.8.in +++ b/src/certmonger-dogtag-submit.8.in @@ -19,6 +19,7 @@ dogtag-submit -E EE-URL -A AGENT-URL [-T profile] [-O param=value] [-N | -R] +[-o option=value] [-v] [csrfile] @@ -108,6 +109,10 @@ Negates the effect of the \fB-N\fR flag. Instead of attempting to obtain a new certificate, query the server for a list of the enabled enrollment profiles. .TP +\fB-o\fR param=value +When initially submitting a request to the CA, add the specified parameter and +value along with any request parameters which would otherwise be sent. +.TP \fB-v\fR Increases the logging level. Use twice for more logging. This option is mainly useful for troubleshooting. diff --git a/src/dogtag.c b/src/dogtag.c index 6c8d9e6..94835a9 100644 --- a/src/dogtag.c +++ b/src/dogtag.c @@ -80,6 +80,7 @@ help(const char *cmd) "\t[-O param=value]\n" "\t[-N | -R]\n" "\t[-V dogtag_version]\n" + "\t[-o param=value]\n" "\t[-t]\n" "\t[-v]\n" "\t[csrfile]\n", @@ -146,8 +147,8 @@ main(int argc, char **argv) struct { char *name; char *value; - } *aoptions = NULL; - size_t num_aoptions = 0, j; + } *aoptions = NULL, *soptions = NULL; + size_t num_aoptions = 0, num_soptions = 0, j; char *savedstate = NULL; char *p, *q, *params = NULL, *params2 = NULL; const char *lasturl = NULL, *lastparams = NULL; @@ -196,7 +197,7 @@ main(int argc, char **argv) savedstate = getenv(CM_SUBMIT_COOKIE_ENV); - while ((c = getopt(argc, argv, "E:A:d:n:i:C:c:k:p:P:s:D:S:T:O:vV:NRt")) != -1) { + while ((c = getopt(argc, argv, "E:A:d:n:i:C:c:k:p:P:s:D:S:T:O:o:vV:NRt")) != -1) { switch (c) { case 'E': eeurl = optarg; @@ -260,6 +261,28 @@ main(int argc, char **argv) p[i] = '\0'; aoptions[num_aoptions - 1].value = p + i + 1; break; + case 'o': + if (strchr(optarg, '=') == NULL) { + printf(_("Submit params (-o) must be in the form of param=value.\n")); + help(argv[0]); + return CM_SUBMIT_STATUS_UNCONFIGURED; + } + soptions = realloc(soptions, + ++num_soptions * sizeof(*soptions)); + if (soptions == NULL) { + printf(_("Out of memory.\n")); + return CM_SUBMIT_STATUS_UNCONFIGURED; + } + p = strdup(optarg); + if (p == NULL) { + printf(_("Out of memory.\n")); + return CM_SUBMIT_STATUS_UNCONFIGURED; + } + i = strcspn(p, "="); + soptions[num_soptions - 1].name = p; + p[i] = '\0'; + soptions[num_soptions - 1].value = p + i + 1; + break; case 't': op = op_profiles; break; @@ -500,6 +523,14 @@ main(int argc, char **argv) template, csr); } + /* Add parameters specified on command line */ + for (j = 0; j < num_soptions; j++) { + p = cm_submit_u_url_encode(soptions[j].name); + q = cm_submit_u_url_encode(soptions[j].value); + params = talloc_asprintf(ctx, + "%s&%s=%s", + params, p, q); + } use_agent_approval = FALSE; break; case op_check: