use Crypt::Monkeysphere::MSVA::Client;
+sub usage {
+ my $name = shift;
+
+ printf STDERR ("Usage: %s CONTEXT PEER PKC_TYPE [PEER_TYPE] < PKC_DATA
+ %s CONTEXT PEER PKC_TYPE PEER_TYPE PKC_DATA
+ %s --version
+", $name, $name, $name);
+}
+
my $context = shift;
-my $peer = shift;
-my $pkctype = shift || 'x509der';
+if ((!defined($context)) ||
+ $context eq '--help') {
+ usage($0);
+ exit (defined($context) ? 0 : 1);
+} elsif ($context eq '--version') {
+ my $client = Crypt::Monkeysphere::MSVA::Client->new(
+ socket => $ENV{MONKEYSPHERE_VALIDATION_AGENT_SOCKET},
+ log_level => $ENV{MSVA_LOG_LEVEL},
+ );
+ my ($status,$ret) = $client->agent_info();
+ $client->log('verbose', "status: %s\n", $status);
+ if (defined $ret) {
+ printf("%s", $ret->{server});
+ exit 0;
+ }
+ exit 1;
+}
-# load raw pkc data from stdin
-my $pkcdata = do {
- local $/; # slurp!
- <STDIN>;
-};
+my $peer = shift;
+my $pkctype = shift;
+my $peertype = shift;
+my $pkcdata = shift;
+
+if (!defined $pkcdata) {
+ # load raw pkc data from stdin
+ $pkcdata = do {
+ local $/; # slurp!
+ <STDIN>;
+ };
+}
my $client = Crypt::Monkeysphere::MSVA::Client->new(
socket => $ENV{MONKEYSPHERE_VALIDATION_AGENT_SOCKET},
log_level => $ENV{MSVA_LOG_LEVEL},
);
-my ($status,$ret) = $client->query_agent($context,$peer,$pkctype,$pkcdata);
+my ($status,$ret) = $client->query_agent($context,$peer,$peertype,$pkctype,$pkcdata);
-$client->log('info', "status: %s\n", $status);
+$client->log('verbose', "status: %s\n", $status);
if (defined $ret) {
$client->log('info', "valid: %s\n", $ret->{valid});
- $client->log('fatal', "message: %s\n", $ret->{message});
$client->log('info', "server: %s\n", $ret->{server});
- exit 0
- if ($ret->{valid});
+ printf("%s", $ret->{message});
+ if ($ret->{valid}) {
+ exit 0
+ } else {
+ exit 1;
+ }
+} else {
+ printf("%s", $status);
+ exit 100;
}
-exit 1;
__END__
=head1 SYNOPSIS
-msva-query-agent CONTEXT PEER PKC_TYPE < /path/to/public_key_carrier
+msva-query-agent CONTEXT PEER PKC_TYPE [PEER_TYPE] < /path/to/public_key_carrier
+
+msva-query-agent CONTEXT PEER PKC_TYPE PEER_TYPE PKC_DATA
+
+msva-query-agent --version
=head1 ABSTRACT
to the running Monkeysphere Validation Agent. The return code
indicates the validity (as determined by the agent) of the certificate
for the specified purpose. The agent's return message (if any) is
-emitted on stderr.
+emitted on stdout.
-Three command-line arguments are all required, supplied in order, as
-follows:
+The various arguments are:
=over 4
=item PKC_TYPE
The format of public key carrier data provided on standard input
-(e.g. 'x509der')
+(e.g. 'x509der', 'x509pem', 'opensshpubkey', 'rfc4716', 'openpgp4fpr')
+
+=item PEER_TYPE
+
+The type of peer we are inquiring about (e.g. 'client', 'server',
+'peer'). This argument is optional and defaults will be used (based
+on CONTEXT) if it is not supplied.
+
+=item PKC_DATA
+
+This is the actual public key carrier data itself. If less than five
+arguments are given, then the PKC_DATA is expected on stdin. If five
+arguments are given, the fifth argument is interpreted as the
+PKC_DATA. This is likely only useful for supplying an OpenPGP
+fingerprint with the 'openpgp4fpr' type.
=back