Isode - Docs

examples
 /*  Copyright (c) 2014, Isode Limited, London, England.
  *  All rights reserved.
  *                                                                       
  *  Acquisition and use of this software and related materials for any      
  *  purpose requires a written licence agreement from Isode Limited,
  *  or a written licence from an organisation licenced by Isode Limited
  *  to grant such a licence.
  *
  */
 
 /* 
  *
  * 15.0a0-0
  * Simple example program for submitting a message via a message store.
  * The security environment is set up so that messages are signed.
  */
 
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
 
 #include <x400_msapi.h>
 #include <seclabel_api.h> /* For security labels */
 #include <errno.h>
 
 #include "example.h"
 
 static char *optstr = "u37m:d:p:w:M:D:P:W:r:o:O:r:g:G:c:l:R:y:C:iaqsAve:x:b:f:S:Y:Z4U:L:";
 
 /* These are the data items used to construct the message for submission */
 static char *default_recip = "/CN=lppt1/OU=lppt/O=attlee/PRMD=TestPRMD/ADMD=TestADMD/C=GB/";
 char *recip;
 static char *content_id = "030924.140212";
 static const char text[] = "First line\r\nSecond line\r\n";
 static char *binary_data;
 
 const char* xml_filename = "seclabel.xml";
 
 static int setup_msg_sec_env = 0;
 
 int num_unsigned_rcvd;
 int num_unverified_rcvd;
 int num_verified_rcvd;
 
 /* local functions */
 
 static void usage(void) ;
 static int send_msg(
     int contype, 
     char *orn, 
     char *def_dn, 
     char *pa, 
     char *password);
 
 static int submit_msg(
     char *orn, 
     struct X400msSession *sp    /* session object */
 );
 
 static int get_msg(
     struct X400msSession *sp
 );
 
 static int setup_default_new_sec_env(
     struct X400msSession *sp, 
     char *identity_filename,
     char *pw
 );
 
 static int setup_default_old_sec_env(
     struct X400msSession *sp, 
     char *id,
     char *dn,
     char *pw
 );
 
 static int setup_msg_new_sec_env(
     struct X400msMessage *mp,   /* message object */
     char *identity_filename,
     char *pw
 );
 
 static int add_x411_label(
     struct X400msMessage *mp,   /* message object */
     const char* xml_filename
 );
 
 static int add_4066_label(
     struct X400msMessage *mp,   /* message object */
     const char* xml_filename
 );
 
 static int setup_msg_old_sec_env(
     struct X400msMessage *mp,   /* message object */
     char *id, 
     char *dn, 
     char *pw
 );
 
 static int report_moac_info(
     struct X400msMessage *mp 
 );
 
 static void show_4406_certificate (struct X400msMessage *mp);
 static void show_certificate (struct X400msMessage *mp);
 static int report_4406_info(
     struct X400msMessage *mp 
 );
 
 static void print_sec_label(
     char slab_buffer[],
     unsigned int length
 );
 
 /* start here */
 int main (
     int         argc,
     char      **argv
 ) 
 {
     char        pa[BUFSIZ];
     char        orn[BUFSIZ];
     char        *def_oraddr;
     char        *def_dn;
     char        *def_pa;
     int         contype;
     int         status;
     char        password[BUFSIZ];
 
     if (get_args(argc, argv, optstr)) {
         usage();
         exit(-1);
     }
 
     printf("Connection type (0 = P7, 1 = P3 submit only, 2 = P3 both directions) [%d]: ", x400_contype);
     contype = ic_fgetc(x400_contype, stdin); 
     if (contype != 10)
         ic_fgetc(x400_contype, stdin);
 
     if ( contype < '0' || '2' < contype )
       contype = x400_contype;
     else 
         contype -= '0';
 
     if (contype == 0) {
         def_oraddr = x400_ms_user_addr;
         def_dn = x400_ms_user_dn;
         def_pa = x400_ms_presentation_address;
     } else {
         def_oraddr = x400_mta_user_addr;
         def_dn = x400_mta_user_dn;
         def_pa = x400_mta_presentation_address;
     }
 
     printf("Your ORAddress [%s] > ", def_oraddr);
     ic_fgets (orn, sizeof orn, stdin);
 
     if ( orn[strlen(orn)-1] == '\n' )
         orn[strlen(orn)-1] = '\0';
         
     if (orn[0] == '\0') 
         strcpy(orn, def_oraddr);
 
     /* Prompt for password; note: reflected. */
     printf ("Password [%s]: ", 
             contype == 0 ? x400_p7_password : x400_p3_password);
     if ( ic_fgets (password, sizeof password, stdin) == NULL )
         exit (1);
 
     if (password[strlen(password)-1] == '\n' )
         password[strlen(password)-1] = '\0';
     if (password[0] == '\0') 
         strcpy(password, contype == 0 ? x400_p7_password : x400_p3_password);
 
     /* Presentation Address */
     printf("Presentation Address [%s] > ", def_pa);
     ic_fgets (pa, sizeof pa, stdin);
 
     if ( pa[strlen(pa)-1] == '\n' )
         pa[strlen(pa)-1] = '\0';
 
     if (pa[0] == '\0') 
         strcpy(pa, def_pa);
 
     printf("sending message using session 1\n");
     if ((status = send_msg(contype, orn, def_dn, pa, password)) 
             != X400_E_NOERROR ) {
         fprintf (stderr, "Error in sending message\n");
         exit (status);
     }
     printf("sending message using session 2\n");
     if ((status = send_msg(contype, orn, def_dn, pa, password)) 
             != X400_E_NOERROR ) {
         fprintf (stderr, "Error sending message\n");
         exit (status);
     }
     return (status);
 }
 
 static int send_msg(
     int contype, 
     char *orn, 
     char *def_dn, 
     char *pa, 
     char *password
 )
 {
     struct X400msSession *sp;   /* session object */
 
     int         status;
 
 
     /* we've got what we need - now open an API session */
     status = X400msOpen (contype, orn, def_dn, password, pa, NULL, &sp);
     if ( status != X400_E_NOERROR ) {
         fprintf (stderr, "Error in Open: %s\n", X400msError (status));
         fprintf (stderr, "%s %s %s\n", orn, def_dn, pa);
         return (status);
     }
 
     /* setup logging */
     X400msSetStrDefault(sp, X400_S_LOG_CONFIGURATION_FILE, "x400api.xml", 0);
 
     /* Set up the security environment.
      *
      * The security env can be specified the new way (recommended) using 
      * a PKCS12 filename and passphrase, or as a directory (deprecated and
      * obsolete).
      *
      * If the ID is specified as a directory, in which the subdirectory
      * "x509" is expected to contain one or more PKCS12 files.
      * The appropriate Digital Identity is determined from the
      * DN of the subject, and the passphrase is used to decrypt
      * the private key. 
      */
     if (use_new_sec_env) {
         status = setup_default_new_sec_env(sp, identity_filename, passphrase);
     } else {
         status = setup_default_old_sec_env(sp, security_id, identity_dn, 
             passphrase);
     }
 
     if ( status != X400_E_NOERROR ) {
         fprintf (stderr, "Can't setup security environment\n");
         return (status);
     }
 
     printf("sending message 1\n");
     status = submit_msg(orn, sp);
     if ( status != X400_E_NOERROR ) {
         fprintf (stderr, "Can't submit\n");
         return (status);
     }
 
     printf("sending message 2\n");
     status = submit_msg(orn, sp);
     if ( status != X400_E_NOERROR ) {
         fprintf (stderr, "Can't submit\n");
         return (status);
     }
 
     printf("sending message 3\n");
     status = submit_msg(orn, sp);
     if ( status != X400_E_NOERROR ) {
         fprintf (stderr, "Can't submit\n");
         return (status);
     }
 
     /* now get a message */
     status = get_msg(sp);
     if (status != X400_E_NOERROR) {
         fprintf(stderr, "Error in getting msg: %s\n",
                 X400msError(status));
         exit(status);
     }
 
     status = X400msClose (sp);
     if ( status != X400_E_NOERROR ) {
         fprintf (stderr, "X400msClose returned error: %s\n", X400msError (status));
         return (status);
     }
     return status;
 }
 
 static int submit_msg(
     char *orn, 
     struct X400msSession *sp    /* session object */
 )
 {
     struct X400msMessage *mp;   /* message object */
     struct X400Recipient *rp;   /* recipient object */
     char        tmp[BUFSIZ];
     FILE        *fp = NULL;
     int         fs=0;
     int         status;
 
     if (x400_default_recipient != NULL) 
         recip = x400_default_recipient;
     else 
         recip = default_recip;
 
     printf("Message recipient [%s]: ", recip);
     ic_fgets (tmp, sizeof tmp, stdin);
 
     if ( tmp[strlen(tmp)-1] == '\n' )
         tmp[strlen(tmp)-1] = '\0';
     if (strlen(tmp) != 0)
         recip = strdup(tmp);
 
     printf("Subject [%s]: ", subject);
     ic_fgets (tmp, sizeof tmp, stdin);
 
     if ( tmp[strlen(tmp)-1] == '\n' )
         tmp[strlen(tmp)-1] = '\0';
     if (strlen(tmp) != 0)
         subject = strdup(tmp);
 
     status = X400msMsgNew (sp, X400_MSG_MESSAGE, &mp);
     if ( status != X400_E_NOERROR ) {
         fprintf (stderr, "x400msMsgNew returned error: %s\n", X400msError (status));
         return (status);
     }
 
     /* Set up the security environment for this message overriding the
      * default security env.
      *
      * The security env can be specified the new way (recommended) using 
      * a PKCS12 filename and passphrase, or as a directory (deprecated and
      * obsolete).
      *
      * If the ID is specified as a pathname, in which the subdirectory
      * "x509" is expected to contain one or more PKCS12 files.
      * The appropriate Digital Identity is determined from the
      * DN of the subject, and the passphrase is used to decrypt
      * the private key. 
      */
     if (setup_msg_sec_env) {
         if (use_new_sec_env) {
             status = setup_msg_new_sec_env(mp, identity_filename, passphrase);
             if ( status != X400_E_NOERROR ) {
                 fprintf (stderr, "Can't setup new security environment\n");
                 return (status);
             }
         } else {
             status = setup_msg_old_sec_env(mp, security_id, identity_dn2, 
                 passphrase);
             if ( status != X400_E_NOERROR ) {
                 fprintf (stderr, "Can't setup old security environment\n");
                 return (status);
             }
         }
     }
 
     /* Instruct the X400msMsgSend() function to generate a MOAC (signature) for
      * the message.
      *
      * The default attributes will be used unless the attributes are
      * also included in the message eg by calling setup_msg_sec_env() above 
      */
     if (gen_moac) {
         status = X400msMsgAddIntParam (mp, X400_B_SEC_GEN_MOAC, 1);
         if ( status != X400_E_NOERROR ) {
             fprintf (stderr, "x400msMsgAddStrParam returned error: %s\n", 
                 X400msError (status));
             return (status);
         }
     }
 
     /* Instruct the X400msMsgSend() function to generate a STANAG 4406 
      * signature for the message 
      *
      * The default attributes will be used unless the attributes are 
      * also included in the message eg by calling setup_msg_sec_env() above 
      */
     if (gen_4406_sig) {
         printf("\nRequesting 4406 signature\n");
         status = X400msMsgAddIntParam (mp, X400_N_S4406, 1);
         if ( status != X400_E_NOERROR ) {
             fprintf (stderr, "x400msMsgAddStrParam returned error: %s\n", X400msError (status));
             return (status);
         }
 
         /* add a security label */
         printf("\nAdding 4406 label\n");
         status = add_4066_label (mp, xml_filename);
         if ( status != X400_E_NOERROR ) {
             fprintf (stderr, "add_4406_label returned error: %s\n", 
                 X400msError (status));
             return (status);
         }
 
     } else {
         printf("\nNot requesting 4406 signature\n");
     }
 
     if (need_x411_label) {
         status = add_x411_label (mp, xml_filename);
         if ( status != X400_E_NOERROR ) {
             fprintf (stderr, "add_x411_label returned error: %s\n", 
                 X400msError (status));
             return (status);
         }
     } else {
         printf("\nNot requesting X.411 Label\n");
     }
 
     status = X400msRecipNew (mp, X400_RECIP_STANDARD, &rp);
     if ( status != X400_E_NOERROR ) {
         fprintf (stderr, "x400msRecipNew returned error: %s\n", X400msError (status));
         return (status);
     }
 
     status = X400msRecipAddStrParam (rp, X400_S_OR_ADDRESS, recip, -1);
     if ( status != X400_E_NOERROR ) {
         fprintf (stderr, "x400msRecipAddStrParam returned error: %s\n", X400msError (status));
         return (status);
     }
 
     status = X400msRecipAddStrParam (rp, X400_S_DIRECTORY_NAME, "CN=recipient;c=gb", -1);
     if ( status != X400_E_NOERROR ) {
         fprintf (stderr, "x400msRecipAddStrParam returned error: %s\n", X400msError (status));
         return (status);
     }
 
     status = X400msMsgAddStrParam (mp, X400_S_OR_ADDRESS, orn, -1);
     if ( status != X400_E_NOERROR ) {
         fprintf (stderr, "x400msMsgAddStrParam returned error: %s\n", X400msError (status));
         return (status);
     }
  
     status = X400msMsgAddStrParam (mp, X400_S_DIRECTORY_NAME, "CN=originator;c=gb", -1);
     if ( status != X400_E_NOERROR ) {
         fprintf (stderr, "x400msMsgAddStrParam returned error: %s\n", X400msError (status));
         return (status);
     }
 
     /* Ask for +ve and -ve delivery reports */
     status = X400msRecipAddIntParam (rp, X400_N_REPORT_REQUEST, 2);
     if ( status != X400_E_NOERROR ) {
         fprintf (stderr, "x400msRecipAddStrParam returned error: %s\n", X400msError (status));
         return (status);
     }
 
     /* Ask for +ve and -ve read receipts */
     status = X400msRecipAddIntParam (rp, X400_N_NOTIFICATION_REQUEST, 7);
     if ( status != X400_E_NOERROR ) {
         fprintf (stderr, "x400msRecipAddStrParam returned error: %s\n", X400msError (status));
         return (status);
     }
 
     status = X400msMsgAddStrParam (mp, X400_S_CONTENT_IDENTIFIER, 
             content_id, -1);
     if ( status != X400_E_NOERROR ) {
         fprintf (stderr, "x400msMsgAddStrParam returned error: %s\n", X400msError (status));
         return (status);
     }
 
     status = X400msMsgAddStrParam (mp, X400_S_SUBJECT, subject, -1);
     if ( status != X400_E_NOERROR ) {
         fprintf (stderr, "x400msMsgAddStrParam returned error: %s\n", X400msError (status));
         return (status);
     }
 
     status = X400msMsgAddStrParam (mp, X400_T_ISO8859_1, text, -1);
     if ( status != X400_E_NOERROR ) {
         fprintf (stderr, "x400ms returned error: %s\n", X400msError (status));
         return (status);
     }
 
     /* now an IA5 body part using the bodypart func  */
     status = X400msMsgAddAttachment (mp, X400_T_IA5TEXT, text, strlen(text));
     if ( status != X400_E_NOERROR ) {
         printf("failed to add X400_T_IA5TEXT BP\n");
         return (status);
     }
 
     /*  or a Binary body part using the bodypart func */
     if (filename_to_send != NULL) {
         binary_data = (char *) malloc(100000);
         if ( binary_data == NULL )
             return X400_E_NOMEMORY;
         fp = fopen(filename_to_send, "r");
         if (fp == (FILE *)NULL) {
             printf("Cannot open binary file\n");
             return (X400_E_SYSERROR);
         }
         if ((fs = fread (binary_data, sizeof(char), 100000/sizeof(char), fp) ) == -1) {
             printf("Cannot read from binary file\n");
             return (X400_E_SYSERROR);
         }
         fclose(fp);
 
         status = X400msMsgAddAttachment (mp, X400_T_BINARY, binary_data, fs);
         if ( status != X400_E_NOERROR ) {
             printf("failed to add X400_T_BINARY BP\n");
             return (status);
         }
     } else {
         printf("no binary file set - not sending X400_T_BINARY\n");
     }
 
     status = X400msMsgSend (mp);
     if ( status != X400_E_NOERROR ) {
         fprintf (stderr, "x400msMsgSend returned error: %s\n", X400msError (status));
         return (status);
     } else {
         printf("Message submitted successfully\n");
     }
 
     status = X400msMsgDelete (mp, 0);
     if ( status != X400_E_NOERROR ) {
         fprintf (stderr, "x400msMsgDelete returned error: %s\n", X400msError (status));
         return (status);
     }
 
     mp = NULL;
     rp = NULL;
 
     return (status);
 }
 
 
 static int setup_default_new_sec_env(
     struct X400msSession *sp, 
     char *identity,
     char *pw
 )
 {
     int status;
 
     /* Filename of the Digital Identity (PKCS12 file) */
     status = X400msSetStrDefault (sp, X400_S_SEC_IDENTITY_FILE, 
             identity, -1);
     if ( status != X400_E_NOERROR ) {
         fprintf (stderr, "X400msSetStrDefault returned error: %s\n", 
             X400msError (status));
         return (status);
     }
 
     /* passphrase used to open the Identity */
     status = X400msSetStrDefault (sp, X400_S_SEC_IDENTITY_PASSPHRASE, pw, -1);
     if ( status != X400_E_NOERROR ) {
         fprintf (stderr, "X400msSetStrDefault returned error: %s\n", 
             X400msError (status));
         return (status);
     }
 
     /* test the sec env */
     status = X400msTestSecurityEnv (sp);
     if ( status != X400_E_NOERROR ) {
         fprintf (stderr, "X400msTestSecurityEnv returned error: %s\n",
             X400msError (status));
         return (status);
     }
 
     return status;
 }
 
 static int setup_default_old_sec_env(
     struct X400msSession *sp, 
     char *id,
     char *dn,
     char *pw
 )
 {
     int status;
 
     /* first set a default security identity. This passes in the name of a
      * directory, which contains an x509 subdirectory in which all Identities
      * are held */
     X400msSetStrDefault(sp, X400_S_SEC_IDENTITY, id, -1); 
 
     /* select by DN which Identity is to be used (if there are several) 
      * Currently these must be PKCS12 files */
     status = X400msSetStrDefault (sp, X400_S_SEC_IDENTITY_DN, dn, -1);
     if ( status != X400_E_NOERROR ) {
         fprintf (stderr, "X400msSetStrDefault returned error: %s\n", 
             X400msError (status));
         return (status);
     }
 
     /* passphrase used to open the Identity */
     status = X400msSetStrDefault (sp, X400_S_SEC_IDENTITY_PASSPHRASE, pw, -1);
     if ( status != X400_E_NOERROR ) {
         fprintf (stderr, "X400msSetStrDefault returned error: %s\n", 
             X400msError (status));
         return (status);
     }
 
     return status;
 }
 
 static int setup_msg_new_sec_env(
     struct X400msMessage *mp,   /* message object */
     char *identity,
     char *pw
 )
 {
     int status;
 
     /* Filename of the Digital Identity (PKCS12 file) */
     status = X400msMsgAddStrParam (mp, X400_S_SEC_IDENTITY_FILE, 
             identity, -1);
     if ( status != X400_E_NOERROR ) {
         fprintf (stderr, "X400msMsgAddStrParam returned error: %s\n", 
             X400msError (status));
         return (status);
     }
 
     /* security additions */
     status = X400msMsgAddStrParam (mp, X400_S_SEC_IDENTITY_PASSPHRASE, pw, -1);
     if ( status != X400_E_NOERROR ) {
         fprintf (stderr, "x400msMsgAddStrParam returned error: %s\n", 
             X400msError (status));
         return (status);
     }
     return (status);
 }
 
 static int setup_msg_old_sec_env(
     struct X400msMessage *mp,   /* message object */
     char *id,
     char *dn,
     char *pw
 )
 {
     int status;
 
     /* overide the default security environment by specifying a new set of
      * attibutes, and put them into the message */
     /* security additions */
     status = X400msMsgAddStrParam (mp, X400_S_SEC_IDENTITY, id, -1); 
     /* status = X400msMsgAddStrParam (mp, X400_S_SEC_IDENTITY, "/var/isode/dsa-db", -1); */
     if ( status != X400_E_NOERROR ) {
         fprintf (stderr, "x400msMsgAddStrParam returned error: %s\n", 
             X400msError (status));
         return (status);
     }
 
     /* security additions */
     status = X400msMsgAddStrParam (mp, X400_S_SEC_IDENTITY_DN, dn, -1);
     if ( status != X400_E_NOERROR ) {
         fprintf (stderr, "x400msMsgAddStrParam returned error: %s\n", 
             X400msError (status));
         return (status);
     }
 
     /* security additions */
     status = X400msMsgAddStrParam (mp, X400_S_SEC_IDENTITY_PASSPHRASE, pw, -1);
     if ( status != X400_E_NOERROR ) {
         fprintf (stderr, "x400msMsgAddStrParam returned error: %s\n", 
             X400msError (status));
         return (status);
     }
     return (status);
 }
 
 
 static int add_4066_label(
     struct X400msMessage *mp,   /* message object */
     const char* filename
 )
 {
 
 #define XML_BUFSIZE 1024
 #define STRING_BUFSIZE 1024
 
     int status;
     char xml_content[XML_BUFSIZE];
     char str_content[STRING_BUFSIZE];
     int str_len = STRING_BUFSIZE;
     FILE *fd = NULL;
    
     printf("Adding 4406 Security Label, using file %s\n", filename);
     /* Read in the security label XML file */
     fd = fopen(filename,"r");
     if(fd == NULL) {
         fprintf(stderr,"Failed to open %s : %s\n",
                 filename,strerror(errno));
     }
     
     fread(&xml_content,XML_BUFSIZE,1,fd);
 
     fclose(fd);
 
     status = SecLabelInit("Example program 2");
     if (status != SECLABEL_E_NOERROR) {
         fprintf(stderr, "SecLabelInit returned error %d\n", status);
         return X400_E_INVALID_ATTR;
     }
     
     /* Use SecLabelParse to turn the XML into an octet string */
     status = SecLabelParse(xml_content,
                            str_content,
                            STRING_BUFSIZE,
                            &str_len);
     
     if (status != SECLABEL_E_NOERROR) {
         fprintf(stderr, "SecLabelParse returned error %d\n", status);
         return X400_E_INVALID_ATTR;
     }
         
     /* Add the octet string to the message pointer */
     status = X400msMsgAddStrParam (mp, X400_S_S4406_SECURITY_LABEL,
                                    str_content,str_len);
     if ( status != X400_E_NOERROR ) {
         fprintf (stderr, "x400msMsgAddStrParam returned error: %s\n", 
             X400msError (status));
         return (status);
     }
     return X400_E_NOERROR;
     
 }
 
 
 static int add_x411_label(
     struct X400msMessage *mp,   /* message object */
     const char* filename
 )
 {
 
 #define XML_BUFSIZE 1024
 #define STRING_BUFSIZE 1024
 
     int status;
     char xml_content[XML_BUFSIZE];
     char str_content[STRING_BUFSIZE];
     int str_len = STRING_BUFSIZE;
     FILE *fd = NULL;
    
     printf("Adding X.411 Security Label, using file %s\n", filename);
     /* Read in the security label XML file */
     fd = fopen(filename,"r");
     if(fd == NULL) {
         fprintf(stderr,"Failed to open %s : %s\n",
                 filename,strerror(errno));
     }
     
     fread(&xml_content,XML_BUFSIZE,1,fd);
 
     fclose(fd);
 
     status = SecLabelInit("Example program");
     if (status != SECLABEL_E_NOERROR) {
         fprintf(stderr, "SecLabelInit returned error %d\n", status);
         return X400_E_INVALID_ATTR;
     }
     
     /* Use SecLabelParse to turn the XML into an octet string */
     status = SecLabelParse(xml_content,
                            str_content,
                            STRING_BUFSIZE,
                            &str_len);
     
     if (status != SECLABEL_E_NOERROR) {
         fprintf(stderr, "SecLabelParse returned error %d\n", status);
         return X400_E_INVALID_ATTR;
     }
         
     /* Add the octet string to the message pointer */
     status = X400msMsgAddStrParam (mp, X400_S_SECURITY_LABEL,
                                    str_content,str_len);
     if ( status != X400_E_NOERROR ) {
         fprintf (stderr, "x400msMsgAddStrParam returned error: %s\n", 
             X400msError (status));
         return (status);
     }
     return X400_E_NOERROR;
     
 }
 
 
 static int get_msg(
     struct X400msSession *sp
 )
 {
     char buffer[BUFSIZ];
     int status;
     int nummsg;
     int type;
     int seqn;
     struct X400msMessage *mp;
     struct X400Recipient *rp;
     int n;
     size_t length;
     int intparam;
     char recipient_str[BUFSIZ];
 
     printf("Waiting for new messages for 10 seconds\n");
     status = X400msWait(sp, 10, &nummsg);
     if (status != X400_E_NOERROR) {
         fprintf(stderr, "Error from Wait: %s\n", X400msError(status));
         /* tidily close the session */
         status = X400msClose(sp);
         exit(status);
     }
 
     /* Set up the security environment.
      *
      * In R15.0 this need only be the name of a trusted certificate directory.
      *
      * Prior to R15.0, the ID is specified as a pathname, in which the 
      * subdirectory "x509" is expected to contain one or more PKCS12
      * files. The appropriate Digital Identity is determined from the 
      * DN of the subject, and the passphrase is used to decrypt the
      * private key. NB even though we're not going to use our cert,
      * (as we're going to use the cert in the message to check the MOAC
      * we need to do this due to a limitation in the underlying X.509
      * layer. 
      */
     /*
     if (use_new_sec_env) {
         setup_default_new_sec_env(sp, trusted_ca_certs_dir);
     } else {
         setup_default_old_sec_env(sp, security_id, identity_dn, passphrase);
     }
     */
 
 
     /* Turn off legacy bahaviour in which  MOAC verification failure 
      * returns X400_E_NOERROR.
      * We will now get X400_E_X509_VERIFY_FAILURE from MsgGet
      * if/when the verification fails 
      */
     X400msSetIntDefault(sp, X400_B_RETURN_VERIFICATION_ERRORS, 1); 
 
     if (x400_default_recipient != NULL) 
     printf("Getting message\n");
     status = X400msMsgGet(sp, 0, &mp, &type, &seqn);
     switch (status) {
     case X400_E_NOERROR:
         fprintf(stderr, "MsgGet successfully got message\n");
         break;
     default :
         fprintf(stderr, "Error from MsgGet: %s\n", X400msError(status));
         /* tidily close the session */
         status = X400msClose(sp);
         exit(status);
         break;
     }
 
     if (type != X400_MSG_MESSAGE) {
         fprintf(stderr, "Got a report (printing only some attributes)\n");
 
         /* The ORADDRESS in the message is the (envelope) originator */
         status = X400msMsgGetStrParam(mp, X400_S_SUBJECT_IDENTIFIER,
                                       buffer, sizeof buffer, &length);
         if (status != X400_E_NOERROR) {
             fprintf(stderr, "Error from MsgGetStrParam: %s\n",
                     X400msError(status));
             /* tidily close the session */
             status = X400msClose(sp);
             exit(status);
         }
         printf("Subject Identifier: %.*s\n", (int)length, buffer);
 
         /* Get the primary recipients */
         for (n = 1;; n++) {
             status = X400msRecipGet(mp, X400_RECIP_REPORT, n, &rp);
             if (status == X400_E_NO_RECIP)
                 break;
             if (status != X400_E_NOERROR) {
                 fprintf(stderr, "Error from RecipGet: %s\n",
                         X400msError(status));
                 /* tidily close the session */
                 status = X400msClose(sp);
                 exit(status);
             }
 
             /* Note: recipient may not actually have an O/R address */
             status = X400msRecipGetStrParam(rp, X400_S_OR_ADDRESS,
                                             recipient_str,
                                             sizeof recipient_str, &length);
             if (status != X400_E_NOERROR) {
                 fprintf(stderr, "Error from RecipGetStrParam: %s\n",
                         X400msError(status));
                 /* tidily close the session */
                 status = X400msClose(sp);
                 exit(status);
             }
             /* print out the O/R Address of the report */
             printf("Positive Delivery Report for recipient %d: %.*s\n", n,
                    (int)length, recipient_str);
 
             /* The original message delivery time, if this attribute exists, 
              * then the report is a positive Delivery Report */
             status = X400msRecipGetStrParam(rp, X400_S_MESSAGE_DELIVERY_TIME,
                                             buffer, sizeof buffer, &length);
             if (status == X400_E_NOERROR) {
                 /* Positive Delivery Report */
                 printf("Delivery Time: %.*s\n", (int)length, buffer);
             }
             else {
                 /* Negative Delivery Report */
                 printf("Negative Delivery Report for recipient %d: %s\n", n,
                        recipient_str);
 
                 /* Supplementary Info to the report */
                 status = X400msRecipGetStrParam(rp, X400_S_SUPPLEMENTARY_INFO,
                                                 buffer, sizeof buffer,
                                                 &length);
                 if (status != X400_E_NOERROR) {
                     fprintf(stderr, "Error from RecipGetStrParam: %s\n",
                             X400msError(status));
                     buffer[0] = '\0';
                 }
                 printf("Supplementary Info: %.*s\n", (int)length, buffer);
 
                 /* The reason why the message was not delivered */
                 status =
                     X400msRecipGetIntParam(rp, X400_N_NON_DELIVERY_REASON,
                                            &intparam);
                 if (status != X400_E_NOERROR) {
                     fprintf(stderr, "Error from MsgGetIntParam: %s\n",
                             X400msError(status));
                 }
                 printf("Non-Delivery Reason: %d\n", intparam);
 
                 /* The diagnostics of the report for this recipient */
                 status =
                     X400msRecipGetIntParam(rp, X400_N_NON_DELIVERY_DIAGNOSTIC,
                                            &intparam);
                 if (status != X400_E_NOERROR) {
                     fprintf(stderr, "Error from MsgGetIntParam: %s\n",
                             X400msError(status));
                 }
                 printf("Non-Delivery Diagnostic: %d\n", intparam);
             }
         }
 
         num_unsigned_rcvd++ ;
         status = X400msMsgDelete(mp, 0);
         if (status != X400_E_NOERROR) {
             fprintf(stderr, "Error from X400msMsgDelete: %s\n",
                     X400msError(status));
         }
         return (status);
     }
 
 
     /* x411 security label */
     status = X400msMsgGetStrParam(mp, X400_S_SECURITY_LABEL,
                                   buffer, sizeof buffer, &length);
     if (status == X400_E_NO_VALUE) {
         printf("No X.411 security label\n");
     } else if (status !=  X400_E_NOERROR) {
         fprintf(stderr,"Failed to fetch X.411 security label: %d (%s)",
             status, X400msError(status));
         return (status);
     } else {
         fprintf(stderr, "X.411 Security Label returned OK (%d chars)\n", 
                 (int)length);
         print_sec_label(buffer, length);
     }
 
     /* report information about the MOAC in the message */
     report_moac_info(mp);
 
     /* report information about the 4406 in the message */
     report_4406_info(mp);
 
     /* The message identifier */
     status = X400msMsgGetStrParam(mp, X400_S_MESSAGE_IDENTIFIER,
                                   buffer, sizeof buffer, &length);
     if (status != X400_E_NOERROR) {
         fprintf(stderr, "Error from MsgGetStrParam: %s\n",
                 X400msError(status));
         /* tidily close the session */
         status = X400msClose(sp);
         exit(status);
     }
     printf("Message Identifier: %.*s\n", (int)length, buffer);
 
     /* The ORADDRESS in the message is the (envelope) originator */
     status = X400msMsgGetStrParam(mp, X400_S_OR_ADDRESS,
                                   buffer, sizeof buffer, &length);
     if (status != X400_E_NOERROR) {
         fprintf(stderr, "Error from MsgGetStrParam: %s\n",
                 X400msError(status));
         /* tidily close the session */
         status = X400msClose(sp);
         exit(status);
     }
     printf("Originator: %.*s\n", (int)length, buffer);
 
     /* Get the primary recipients */
     for (n = 1;; n++) {
         status = X400msRecipGet(mp, X400_RECIP_PRIMARY, n, &rp);
         if (status == X400_E_NO_RECIP)
             break;
         if (status != X400_E_NOERROR) {
             fprintf(stderr, "Error from RecipGet: %s\n", X400msError(status));
             /* tidily close the session */
             status = X400msClose(sp);
             exit(status);
         }
 
         /* Note: recipient may not actually have an O/R address */
         status = X400msRecipGetStrParam(rp, X400_S_OR_ADDRESS,
                                         buffer, sizeof buffer, &length);
         if (status == X400_E_NOERROR) {
             printf("Recipient %d: %.*s\n", n, (int)length, buffer);
         }
     }
 
     /* Subject is optional */
     status = X400msMsgGetStrParam(mp, X400_S_SUBJECT,
                                   buffer, sizeof buffer, &length);
     if (status == X400_E_NOERROR)
         printf("Subject: %.*s\n", (int)length, buffer);
 
     /* And message text (or it could be another type) */
     status = X400msMsgGetStrParam(mp, X400_T_IA5TEXT,
                                   buffer, sizeof buffer, &length);
     if (status == X400_E_NOERROR)
         printf("Text:\n%.*s\n", (int)length, buffer);
 
     /* Deletes message in message store as well as internal copy */
     status = X400msMsgDelete(mp, 0);
 
     return status;
 }
 
 #ifdef notdef
 /*
  * Recommended function to setup security env for verification.
  * No digitial ID required - just a directory which contains 
  * trust anchors which are read as DER file (certificate.crt).
  *
  * The certificate (containing public key) is obtained from the message
  * which is referenced in the message.
  */
 
 static void setup_default_new_sec_env(
     struct X400msSession *sp, 
     char *trusted_ca_certs_dir
 )
 {
     int status;
 
     /* Directory containing trusted CA Certificates */
     printf(" Adding %s as trusted CA cert dir\n", trusted_ca_certs_dir);
     status = X400msSetStrDefault (sp, X400_S_SEC_TRUSTED_CERTS_DIR, 
             trusted_ca_certs_dir, -1);
     if ( status != X400_E_NOERROR ) {
         fprintf (stderr, "X400msSetStrDefault returned error: %s\n", 
             X400msError (status));
         exit (status);
     }
 
     return;
 }
 
 /*
  * Obsolete function to use to set up the security environment. This provides a
  * directory in which PKCS12 files are checked to find one whose subject DN
  * matches that of this client.
  *
  * Any self signed certificates found in the directory are treated as 
  * trusted.
  */
 
 static void setup_default_old_sec_env(
     struct X400msSession *sp, 
     char *id, 
     char *dn, 
     char *pw    /* passphrase for private key in pkcs12 file */
 )
 {
     int status;
 
     /* first set a default security identity. This passes in the name of a
      * directory, which contains an x509 subdirectory in which all Identities
      * are held */
     /* X400msSetStrDefault(sp, X400_S_SEC_IDENTITY, "/var/isode/dsa-db/", -1);
      * */
     X400msSetStrDefault(sp, X400_S_SEC_IDENTITY, id, -1); 
 
     /* select by DN which Identity is to be used (if there are several) 
      * Currently these must be PKCS12 files */
     status = X400msSetStrDefault (sp, X400_S_SEC_IDENTITY_DN, dn, -1);
     if ( status != X400_E_NOERROR ) {
         fprintf (stderr, "X400msSetStrDefault returned error: %s\n", 
             X400msError (status));
         exit (status);
     }
 
     /* passphrase used to open the Identity */
     status = X400msSetStrDefault (sp, X400_S_SEC_IDENTITY_PASSPHRASE, pw, -1);
     if ( status != X400_E_NOERROR ) {
         fprintf (stderr, "X400msSetStrDefault returned error: %s\n", 
             X400msError (status));
         exit (status);
     }
     return;
 }
 #endif
 
 
 static int report_moac_info(
     struct X400msMessage *mp 
 )
 {
     int status;
     int intparam;
 
     /* Check the MOAC */
     status = X400msMsgGetIntParam(mp, X400_N_MOAC_STATUS, &intparam);
     switch ( status ) {
     case X400_E_NO_VALUE:
         num_unverified_rcvd++ ;
         fprintf (stderr, "No MOAC in message\n");
         break;
 
     default:
         num_unverified_rcvd++ ;
         fprintf (stderr, "Unexpected error getting MOAC status: %s\n",
                  X400msError (status));
         break;
 
     case X400_E_NOERROR:
         fprintf (stderr, "Have MOAC in message (%d)\n", intparam);
         switch (intparam) {
         case X400_E_NOERROR:
             fprintf(stderr, 
                     "MsgGet successfully verified signature in message\n");
             show_certificate (mp);
             fprintf(stderr, "continuing ...\n");
             num_verified_rcvd++ ;
             break;
         case X400_E_SIGN_NO_IDENTITY:
             fprintf(stderr, 
                 "MOAC validation cannot take place because the security environment is invalid (%d):\n", 
                 intparam);
             /* other values will not be available */
             break;
         case X400_E_X509_INIT:
         case X400_E_X509_ENV:
             fprintf(stderr, 
                 "MOAC validation cannot take place because the security environment is invalid (%d):\n", 
                 intparam);
             /* other values will not be available */
             break;
         case X400_E_X509_VERIFY_FAIL:
             fprintf(stderr, "Verification Error from MsgGet: %s\n", 
                 X400msError(intparam));
             show_certificate (mp);
             fprintf(stderr, "continuing ...\n");
             num_unverified_rcvd++ ;
             break;
         case X400_E_X509_VERIFY_FAIL_NO_CERT:
             fprintf(stderr, "Verification Error from MsgGet: %s\n", 
                 X400msError(intparam));
             fprintf(stderr, "continuing ...\n");
             num_unverified_rcvd++ ;
             break;
         case X400_E_X509_VERIFY_FAIL_NO_PUBKEY:
             fprintf(stderr, "Verification Error from MsgGet: %s\n", 
                 X400msError(intparam));
             show_certificate (mp);
             fprintf(stderr, "continuing ...\n");
             num_unverified_rcvd++ ;
             break;
         case X400_E_X509_VERIFY_FAIL_INCOMPAT_ALG:
             fprintf(stderr, "Verification Error from MsgGet: %s\n", 
                 X400msError(intparam));
             show_certificate (mp);
             fprintf(stderr, "continuing ...\n");
             num_unverified_rcvd++ ;
             break;
         case X400_E_X509_VERIFY_FAIL_UNSUPPORTED_ALG:
             fprintf(stderr, "Verification Error from MsgGet: %s\n", 
                 X400msError(intparam));
             show_certificate (mp);
             fprintf(stderr, "continuing ...\n");
             num_unverified_rcvd++ ;
             break;
         case X400_E_X509_CERT_INVALID:
             fprintf(stderr, "Verification Error from MsgGet: %s\n", 
                 X400msError(intparam));
             show_certificate (mp);
             fprintf(stderr, "continuing ...\n");
             num_unverified_rcvd++ ;
             break;
         case X400_E_X509_ITEM_INVALID:
             fprintf(stderr, "Verification Error from MsgGet: %s\n", 
                 X400msError(intparam));
             show_certificate (mp);
             fprintf(stderr, "continuing ...\n");
             num_unverified_rcvd++ ;
             break;
         default :
             fprintf(stderr, "Unexpected verification error from MsgGet: %s\n", 
                 X400msError(intparam));
             show_certificate (mp);
             fprintf(stderr, "continuing ...\n");
             num_unverified_rcvd++ ;
             break;
         }
     }
     return X400_E_NOERROR;
 }
 
 
 static int report_4406_info(
     struct X400msMessage *mp 
 )
 {
     int         status;
     int         intparam;
     size_t      length;
     char        buffer[BUFSIZ];
 
     /* Check the 4406 signatures */
     status = X400msMsgGetIntParam(mp, X400_N_S4406_STATUS, &intparam);
     switch ( status ) {
     case X400_E_NO_VALUE:
         num_unverified_rcvd++ ;
         fprintf (stderr, "No 4406 signature in message\n");
         return X400_E_NOERROR;
 
     default:
         num_unverified_rcvd++ ;
         fprintf (stderr, "Unexpected error getting 4406 signature status: %s\n",
                  X400msError (status));
         break;
 
     case X400_E_NOERROR:
         fprintf (stderr, "Have 4406 signature in message (%d)\n", intparam);
         switch (intparam) {
         case X400_E_NOERROR:
             fprintf(stderr, 
                     "MsgGet successfully verified signature in message\n");
             show_4406_certificate (mp);
             fprintf(stderr, "continuing ...\n");
             num_verified_rcvd++ ;
             break;
         case X400_E_SIGN_NO_IDENTITY:
             fprintf(stderr, 
                 "4406 signature validation cannot take place because the security environment is invalid (%d):\n", 
                 intparam);
             /* other values will not be available */
             break;
         case X400_E_X509_INIT:
         case X400_E_X509_ENV:
             fprintf(stderr, 
                 "4406 signature validation cannot take place because the security environment is invalid (%d):\n", 
                 intparam);
             /* other values will not be available */
             break;
         case X400_E_X509_VERIFY_FAIL:
             fprintf(stderr, "Verification Error from MsgGet: %s\n", 
                 X400msError(intparam));
             show_4406_certificate (mp);
             fprintf(stderr, "continuing ...\n");
             num_unverified_rcvd++ ;
             break;
         case X400_E_X509_VERIFY_FAIL_NO_CERT:
             fprintf(stderr, "Verification Error from MsgGet: %s\n", 
                 X400msError(intparam));
             fprintf(stderr, "continuing ...\n");
             num_unverified_rcvd++ ;
             break;
         case X400_E_X509_VERIFY_FAIL_NO_PUBKEY:
             fprintf(stderr, "Verification Error from MsgGet: %s\n", 
                 X400msError(intparam));
             show_4406_certificate (mp);
             fprintf(stderr, "continuing ...\n");
             num_unverified_rcvd++ ;
             break;
         case X400_E_X509_VERIFY_FAIL_INCOMPAT_ALG:
             fprintf(stderr, "Verification Error from MsgGet: %s\n", 
                 X400msError(intparam));
             show_4406_certificate (mp);
             fprintf(stderr, "continuing ...\n");
             num_unverified_rcvd++ ;
             break;
         case X400_E_X509_VERIFY_FAIL_UNSUPPORTED_ALG:
             fprintf(stderr, "Verification Error from MsgGet: %s\n", 
                 X400msError(intparam));
             show_4406_certificate (mp);
             fprintf(stderr, "continuing ...\n");
             num_unverified_rcvd++ ;
             break;
         case X400_E_X509_CERT_INVALID:
             fprintf(stderr, "Verification Error from MsgGet: %s\n", 
                 X400msError(intparam));
             show_4406_certificate (mp);
             fprintf(stderr, "continuing ...\n");
             num_unverified_rcvd++ ;
             break;
         case X400_E_X509_ITEM_INVALID:
             fprintf(stderr, "Verification Error from MsgGet: %s\n", 
                 X400msError(intparam));
             show_4406_certificate (mp);
             fprintf(stderr, "continuing ...\n");
             num_unverified_rcvd++ ;
             break;
         default :
             fprintf(stderr, "Unexpected verification error from MsgGet: %s\n", 
                 X400msError(intparam));
             show_4406_certificate (mp);
             fprintf(stderr, "continuing ...\n");
             num_unverified_rcvd++ ;
             break;
         }
     }
 
     /* 4406 security label */
     status = X400msMsgGetStrParam(mp, X400_S_S4406_SECURITY_LABEL,
                                   buffer, sizeof buffer, &length);
     if (status == X400_E_NO_VALUE) {
         printf("No 4406 security label\n");
     } else if (status !=  X400_E_NOERROR) {
         fprintf(stderr,"Failed to fetch 4406 security label: %d (%s)",
             status, X400msError(status));
         return (status);
     } else {
         fprintf(stderr, "4406 Security Label returned OK (%d chars)\n", 
                 (int)length);
         print_sec_label(buffer, length);
     }
 
     /* 4406 signing time */
     status = X400msMsgGetStrParam(mp, X400_S_S4406_SIGNING_TIME,
                                   buffer, sizeof buffer, &length);
     if (status == X400_E_NOERROR)
         printf("4406 signing time returned OK\n%.*s\n", (int)length, buffer);
     else 
         printf("4406 signing time not returned (%d) (%s)\n", status,
             X400msError(status));
 
     return X400_E_NOERROR;
 }
 
 static void print_sec_label(
     char slab_buffer[],
     unsigned int length
 )
 {
 
     char  xml_buffer[XML_BUFSIZE];
     int status;
     
     status = SecLabelInit("Example program");
     if (status != SECLABEL_E_NOERROR) {
         fprintf(stderr, "SecLabelInit returned error %d\n", status);
         return ;
     }
 
     status =  SecLabelPrint((const unsigned char *) slab_buffer,
                             length,
                             xml_buffer,
                             XML_BUFSIZE);
     
     if (status != SECLABEL_E_NOERROR) {
         fprintf(stderr, "SecLabelParse returned error %d\n", status);
         return ;
     }
     
     /* You could now write out the XML file, or parse it in memory..*/
     printf("Got security label:%s\n", xml_buffer);
     return;
 }
 
 static void show_certificate (struct X400msMessage *mp)
 {
     int status;
     struct X400Certificate *cert;
     char buffer[BUFSIZ];
     size_t length;
     int paramval;
 
     status = X400msMsgGetCert (mp, X400_N_CERT_MOAC, &cert);
     if ( status != X400_E_NOERROR ) {
         fprintf (stderr, "Error getting MOAC certificate: %s\n",
                  X400msError (status));
         return;
     }
 
     status = X400CertGetStrParam(cert, X400_S_CERT_SUBJECT_DN,
                                  buffer, sizeof buffer, &length);
     if (status != X400_E_NOERROR) {
         fprintf(stderr, "Error from CertGetStrParam: %s\n",
                 X400msError(status));
         return;
     }
     fprintf(stderr, 
             "subject DN of originator certificate '%.*s'\n", (int)length, buffer);
     status = X400CertGetStrParam(cert, X400_S_CERT_ISSUER_DN,
                                  buffer, sizeof buffer, &length);
     if (status != X400_E_NOERROR) {
         fprintf(stderr, "Error from CertGetStrParam: %s\n",
                 X400msError(status));
         return;
     }
     fprintf(stderr, 
             "issuer DN of originator certificate '%.*s'\n", (int)length, buffer);
 
     status = X400CertGetStrParam(cert, X400_S_OR_ADDRESS,
                                  buffer, sizeof buffer, &length);
     if (status != X400_E_NOERROR) {
         if ( status == X400_E_NO_VALUE ) {
             fprintf(stderr, "No ORaddress subject alt. name\n");
         } else {
             fprintf(stderr, "Error from CertGetStrParam: %s\n",
                     X400msError(status));
             return;
         }
     } else {
         fprintf(stderr, "ORaddress subject alt name: '%.*s'\n", (int)length, buffer);
     }
 
     status = X400CertGetIntParam(cert, X400_N_CERT_ORADDRESS_STATUS, &paramval);
     
     if (status != X400_E_NOERROR) {
         fprintf(stderr, "Error from CertGetStrParam: %s\n",
                     X400msError(status));
         return;
     }
 
     fprintf(stderr, "ORaddress subject alt name status: %s\n",
             X400msError (paramval));
 }
 
 
 static void show_4406_certificate (struct X400msMessage *mp)
 {
     int status;
     struct X400Certificate *cert;
     char buffer[BUFSIZ];
     size_t length;
     int paramval;
 
     status = X400msMsgGetCert (mp, X400_N_S4406_CERTIFICATE, &cert);
     if ( status != X400_E_NOERROR ) {
         fprintf (stderr, "Error getting 4406 certificate: %s\n",
                  X400msError (status));
         return;
     }
 
     status = X400CertGetStrParam(cert, X400_S_CERT_SUBJECT_DN,
                                  buffer, sizeof buffer, &length);
     if (status != X400_E_NOERROR) {
         fprintf(stderr, "Error from CertGetStrParam: %s\n",
                 X400msError(status));
         return;
     }
     fprintf(stderr, "subject DN of originator certificate '%.*s'\n", 
         (int)length, buffer);
     status = X400CertGetStrParam(cert, X400_S_CERT_ISSUER_DN,
                                  buffer, sizeof buffer, &length);
     if (status != X400_E_NOERROR) {
         fprintf(stderr, "Error from CertGetStrParam: %s\n",
                 X400msError(status));
         return;
     }
     fprintf(stderr, "issuer DN of originator certificate '%.*s'\n", 
         (int)length, buffer);
 
     status = X400CertGetStrParam(cert, X400_S_OR_ADDRESS,
                                  buffer, sizeof buffer, &length);
     if (status != X400_E_NOERROR) {
         if ( status == X400_E_NO_VALUE ) {
             fprintf(stderr, "No ORaddress subject alt. name\n");
         } else {
             fprintf(stderr, "Error from CertGetStrParam: %s\n",
                     X400msError(status));
             return;
         }
     } else {
         fprintf(stderr, "ORaddress subject alt name: '%.*s'\n", 
             (int)length, buffer);
     }
 
     status = X400CertGetIntParam(cert, X400_N_CERT_ORADDRESS_STATUS, &paramval);
     
     if (status != X400_E_NOERROR) {
         fprintf(stderr, "Error from CertGetStrParam: %s\n",
                     X400msError(status));
         return;
     }
 
     fprintf(stderr, "ORaddress subject alt name status: %s\n",
             X400msError (paramval));
     return;
 }
 
 static void usage(void) {
     printf("usage: %s\n", optstr);
     printf("\t where:\n");
     printf("\t -u : Don't prompt to override defaults \n");
     printf("\t -3 : Use P3 connection \n");
     printf("\t -7 : Use P7 connection \n");
     printf("\t -m : OR Address in P7 bind arg \n");
     printf("\t -d : DN in P7 bind arg \n");
     printf("\t -p : Presentation Address of P7 Store \n");
     printf("\t -w : P7 password of P7 user \n");
     printf("\t -M : OR Address in P3 bind arg \n");
     printf("\t -D : DN in P3 bind arg \n");
     printf("\t -P : Presentation Address of P3 server\n");
     printf("\t -W : P3 password of P3 user \n");
     printf("\t -o : Originator \n");
     printf("\t -O : Originator Return Address \n");
     printf("\t -r : Recipient\n");
     printf("\t -l : Logline\n");
     printf("\t -y : Priority (0 - normal, 1 - non-urgent, 2 - urgent \n");
     printf("\t -C : Content Type (2/22/772/OID) \n");
     printf("\t -i : Implicit conversion prohibited = TRUE \n");
     printf("\t -a : Alternate Recipient Prohibited = TRUE \n");
     printf("\t -q : Content Return Request = TRUE \n");
     printf("\t -s : Disclosure of Recipient = FALSE \n");
     printf("\t -A : Recipient Reassignment Prohibited = FALSE \n");
     printf("\t -v : Conversion with Loss Prohibited = FALSE \n");
     printf("\t -e : Security Environment (dir with x509 subdir): obsolete, use -Y <p12file>\n");
     printf("\t -x : DN of X.509 Digital Identity\n");
     printf("\t -b : Passphrase for private key in PKCS12 file\n");
     printf("\t -f : Filename to transfer as binary bp\n");
     printf("\t -Y : Filename of PKCS12 file containing Digital Identity\n");
     printf("\t -4 : Generate STANAG 4406 PCT Signatures\n");
     return;
 }
 
 
MS X.400 API
