conf_def.c@ 107935

Last change on this file since 107935 was 105949, checked in by vboxsync, 5 months ago
openssl-3.1.7: Applied and adjusted our OpenSSL changes to 3.1.7. bugref:10757
File size: 28.6 KB

Line
1	/*
2	* Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
3	*
4	* Licensed under the Apache License 2.0 (the "License"). You may not use
5	* this file except in compliance with the License. You can obtain a copy
6	* in the file LICENSE in the source distribution or at
7	* https://www.openssl.org/source/license.html
8	*/
9
10	/* Part of the code in here was originally in conf.c, which is now removed */
11
12	#include <stdio.h>
13	#include <string.h>
14	#include "internal/e_os.h" /* struct stat */
15	#ifdef __TANDEM
16	# include <sys/types.h> /* needed for stat.h */
17	# include <sys/stat.h> /* struct stat */
18	#endif
19	#include "internal/cryptlib.h"
20	#include "internal/o_dir.h"
21	#include <openssl/lhash.h>
22	#include <openssl/conf.h>
23	#include <openssl/conf_api.h>
24	#include "conf_local.h"
25	#include "conf_def.h"
26	#include <openssl/buffer.h>
27	#include <openssl/err.h>
28	#ifndef OPENSSL_NO_POSIX_IO
29	# include <sys/stat.h>
30	# ifdef _WIN32
31	# define stat _stat
32	# endif
33	#endif
34
35	#ifndef S_ISDIR
36	# define S_ISDIR(a) (((a) & S_IFMT) == S_IFDIR)
37	#endif
38
39	/*
40	* The maximum length we can grow a value to after variable expansion. 64k
41	* should be more than enough for all reasonable uses.
42	*/
43	#define MAX_CONF_VALUE_LENGTH 65536
44
45	static int is_keytype(const CONF *conf, char c, unsigned short type);
46	static char eat_ws(CONF conf, char *p);
47	static void trim_ws(CONF conf, char start);
48	static char eat_alpha_numeric(CONF conf, char *p);
49	static void clear_comments(CONF conf, char p);
50	static int str_copy(CONF conf, char section, char *to, char from);
51	static char scan_quote(CONF conf, char *p);
52	static char scan_dquote(CONF conf, char *p);
53	#define scan_esc(conf,p) (((IS_EOF((conf),(p)[1]))?((p)+1):((p)+2)))
54	#ifndef OPENSSL_NO_POSIX_IO
55	static BIO process_include(char include, OPENSSL_DIR_CTX **dirctx,
56	char **dirpath);
57	static BIO get_next_file(const char path, OPENSSL_DIR_CTX **dirctx);
58	#endif
59
60	static CONF def_create(CONF_METHOD meth);
61	static int def_init_default(CONF *conf);
62	#ifndef OPENSSL_NO_DEPRECATED_3_0
63	static int def_init_WIN32(CONF *conf);
64	#endif
65	static int def_destroy(CONF *conf);
66	static int def_destroy_data(CONF *conf);
67	static int def_load(CONF conf, const char name, long *eline);
68	static int def_load_bio(CONF conf, BIO bp, long *eline);
69	static int def_dump(const CONF conf, BIO bp);
70	static int def_is_number(const CONF *conf, char c);
71	static int def_to_int(const CONF *conf, char c);
72
73	static CONF_METHOD default_method = {
74	"OpenSSL default",
75	def_create,
76	def_init_default,
77	def_destroy,
78	def_destroy_data,
79	def_load_bio,
80	def_dump,
81	def_is_number,
82	def_to_int,
83	def_load
84	};
85
86	CONF_METHOD *NCONF_default(void)
87	{
88	return &default_method;
89	}
90
91	#ifndef OPENSSL_NO_DEPRECATED_3_0
92	static CONF_METHOD WIN32_method = {
93	"WIN32",
94	def_create,
95	def_init_WIN32,
96	def_destroy,
97	def_destroy_data,
98	def_load_bio,
99	def_dump,
100	def_is_number,
101	def_to_int,
102	def_load
103	};
104
105	CONF_METHOD *NCONF_WIN32(void)
106	{
107	return &WIN32_method;
108	}
109	#endif
110
111	static CONF def_create(CONF_METHOD meth)
112	{
113	CONF *ret;
114
115	ret = OPENSSL_malloc(sizeof(*ret));
116	if (ret != NULL)
117	if (meth->init(ret) == 0) {
118	OPENSSL_free(ret);
119	ret = NULL;
120	}
121	return ret;
122	}
123
124	static int def_init_default(CONF *conf)
125	{
126	if (conf == NULL)
127	return 0;
128
129	memset(conf, 0, sizeof(*conf));
130	conf->meth = &default_method;
131	conf->meth_data = (void *)CONF_type_default;
132
133	return 1;
134	}
135
136	#ifndef OPENSSL_NO_DEPRECATED_3_0
137	static int def_init_WIN32(CONF *conf)
138	{
139	if (conf == NULL)
140	return 0;
141
142	memset(conf, 0, sizeof(*conf));
143	conf->meth = &WIN32_method;
144	conf->meth_data = (void *)CONF_type_win32;
145
146	return 1;
147	}
148	#endif
149
150	static int def_destroy(CONF *conf)
151	{
152	if (def_destroy_data(conf)) {
153	OPENSSL_free(conf);
154	return 1;
155	}
156	return 0;
157	}
158
159	static int def_destroy_data(CONF *conf)
160	{
161	if (conf == NULL)
162	return 0;
163	_CONF_free_data(conf);
164	return 1;
165	}
166
167	static int def_load(CONF conf, const char name, long *line)
168	{
169	int ret;
170	BIO *in = NULL;
171
172	#ifdef OPENSSL_SYS_VMS
173	in = BIO_new_file(name, "r");
174	#else
175	in = BIO_new_file(name, "rb");
176	#endif
177	if (in == NULL) {
178	if (ERR_GET_REASON(ERR_peek_last_error()) == BIO_R_NO_SUCH_FILE)
179	ERR_raise(ERR_LIB_CONF, CONF_R_NO_SUCH_FILE);
180	else
181	ERR_raise(ERR_LIB_CONF, ERR_R_SYS_LIB);
182	return 0;
183	}
184
185	ret = def_load_bio(conf, in, line);
186	BIO_free(in);
187
188	return ret;
189	}
190
191
192	/* Parse a boolean value and fill in flag. Return 0 on error. /
193	static int parsebool(const char pval, int flag)
194	{
195	if (OPENSSL_strcasecmp(pval, "on") == 0
196	\|\| OPENSSL_strcasecmp(pval, "true") == 0) {
197	*flag = 1;
198	} else if (OPENSSL_strcasecmp(pval, "off") == 0
199	\|\| OPENSSL_strcasecmp(pval, "false") == 0) {
200	*flag = 0;
201	} else {
202	ERR_raise(ERR_LIB_CONF, CONF_R_INVALID_PRAGMA);
203	return 0;
204	}
205	return 1;
206	}
207
208	static int def_load_bio(CONF conf, BIO in, long *line)
209	{
210	/* The macro BUFSIZE conflicts with a system macro in VxWorks */
211	#define CONFBUFSIZE 512
212	int bufnum = 0, i, ii;
213	BUF_MEM *buff = NULL;
214	char s, p, *end;
215	int again;
216	int first_call = 1;
217	long eline = 0;
218	char btmp[DECIMAL_SIZE(eline) + 1];
219	CONF_VALUE v = NULL, tv;
220	CONF_VALUE *sv = NULL;
221	char section = NULL, buf;
222	char start, psection, *pname;
223	void h = (void )(conf->data);
224	STACK_OF(BIO) *biosk = NULL;
225	#ifndef OPENSSL_NO_POSIX_IO
226	char *dirpath = NULL;
227	OPENSSL_DIR_CTX *dirctx = NULL;
228	#endif
229	#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
230	int numincludes = 0;
231	#endif
232
233	if ((buff = BUF_MEM_new()) == NULL) {
234	ERR_raise(ERR_LIB_CONF, ERR_R_BUF_LIB);
235	goto err;
236	}
237
238	section = OPENSSL_strdup("default");
239	if (section == NULL) {
240	ERR_raise(ERR_LIB_CONF, ERR_R_MALLOC_FAILURE);
241	goto err;
242	}
243
244	if (_CONF_new_data(conf) == 0) {
245	ERR_raise(ERR_LIB_CONF, ERR_R_MALLOC_FAILURE);
246	goto err;
247	}
248
249	sv = _CONF_new_section(conf, section);
250	if (sv == NULL) {
251	ERR_raise(ERR_LIB_CONF, CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
252	goto err;
253	}
254
255	bufnum = 0;
256	again = 0;
257	for (;;) {
258	if (!BUF_MEM_grow(buff, bufnum + CONFBUFSIZE)) {
259	ERR_raise(ERR_LIB_CONF, ERR_R_BUF_LIB);
260	goto err;
261	}
262	p = &(buff->data[bufnum]);
263	*p = '\0';
264	read_retry:
265	if (in != NULL && BIO_gets(in, p, CONFBUFSIZE - 1) < 0)
266	goto err;
267	p[CONFBUFSIZE - 1] = '\0';
268	ii = i = strlen(p);
269	if (first_call) {
270	/* Other BOMs imply unsupported multibyte encoding,
271	* so don't strip them and let the error raise */
272	const unsigned char utf8_bom[3] = {0xEF, 0xBB, 0xBF};
273
274	if (i >= 3 && memcmp(p, utf8_bom, 3) == 0) {
275	memmove(p, p + 3, i - 3);
276	p[i - 3] = 0;
277	i -= 3;
278	ii -= 3;
279	}
280	first_call = 0;
281	}
282	if (i == 0 && !again) {
283	/* the currently processed BIO is NULL or at EOF */
284	BIO *parent;
285
286	#ifndef OPENSSL_NO_POSIX_IO
287	/* continue processing with the next file from directory */
288	if (dirctx != NULL) {
289	BIO *next;
290
291	if ((next = get_next_file(dirpath, &dirctx)) != NULL) {
292	BIO_vfree(in);
293	in = next;
294	goto read_retry;
295	} else {
296	OPENSSL_free(dirpath);
297	dirpath = NULL;
298	}
299	}
300	#endif
301	/* no more files in directory, continue with processing parent */
302	if ((parent = sk_BIO_pop(biosk)) == NULL) {
303	/* everything processed get out of the loop */
304	break;
305	} else {
306	BIO_vfree(in);
307	in = parent;
308	goto read_retry;
309	}
310	}
311	again = 0;
312	while (i > 0) {
313	if ((p[i - 1] != '\r') && (p[i - 1] != '\n'))
314	break;
315	else
316	i--;
317	}
318	/*
319	* we removed some trailing stuff so there is a new line on the end.
320	*/
321	if (ii && i == ii)
322	again = 1; /* long line */
323	else {
324	p[i] = '\0';
325	eline++; /* another input line */
326	}
327
328	/* we now have a line with trailing \r\n removed */
329
330	/* i is the number of bytes */
331	bufnum += i;
332
333	v = NULL;
334	/* check for line continuation */
335	if (bufnum >= 1) {
336	/*
337	* If we have bytes and the last char '\\' and second last char
338	* is not '\\'
339	*/
340	p = &(buff->data[bufnum - 1]);
341	if (IS_ESC(conf, p[0]) && ((bufnum <= 1) \|\| !IS_ESC(conf, p[-1]))) {
342	bufnum--;
343	again = 1;
344	}
345	}
346	if (again)
347	continue;
348	bufnum = 0;
349	buf = buff->data;
350
351	clear_comments(conf, buf);
352	s = eat_ws(conf, buf);
353	if (IS_EOF(conf, *s))
354	continue; /* blank line */
355	if (*s == '[') {
356	char *ss;
357
358	s++;
359	start = eat_ws(conf, s);
360	ss = start;
361	again:
362	end = eat_alpha_numeric(conf, ss);
363	p = eat_ws(conf, end);
364	if (*p != ']') {
365	if (*p != '\0' && ss != p) {
366	ss = p;
367	goto again;
368	}
369	ERR_raise(ERR_LIB_CONF, CONF_R_MISSING_CLOSE_SQUARE_BRACKET);
370	goto err;
371	}
372	*end = '\0';
373	if (!str_copy(conf, NULL, &section, start))
374	goto err;
375	if ((sv = _CONF_get_section(conf, section)) == NULL)
376	sv = _CONF_new_section(conf, section);
377	if (sv == NULL) {
378	ERR_raise(ERR_LIB_CONF, CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
379	goto err;
380	}
381	continue;
382	} else {
383	pname = s;
384	end = eat_alpha_numeric(conf, s);
385	if ((end[0] == ':') && (end[1] == ':')) {
386	*end = '\0';
387	end += 2;
388	psection = pname;
389	pname = end;
390	end = eat_alpha_numeric(conf, end);
391	} else {
392	psection = section;
393	}
394	p = eat_ws(conf, end);
395	if (strncmp(pname, ".pragma", 7) == 0
396	&& (p != pname + 7 \|\| *p == '=')) {
397	char *pval;
398
399	if (*p == '=') {
400	p++;
401	p = eat_ws(conf, p);
402	}
403	trim_ws(conf, p);
404
405	/* Pragma values take the form keyword:value */
406	pval = strchr(p, ':');
407	if (pval == NULL \|\| pval == p \|\| pval[1] == '\0') {
408	ERR_raise(ERR_LIB_CONF, CONF_R_INVALID_PRAGMA);
409	goto err;
410	}
411
412	*pval++ = '\0';
413	trim_ws(conf, p);
414	pval = eat_ws(conf, pval);
415
416	/*
417	* Known pragmas:
418	*
419	* dollarid takes "on", "true or "off", "false"
420	* abspath takes "on", "true or "off", "false"
421	* includedir directory prefix
422	*/
423	if (strcmp(p, "dollarid") == 0) {
424	if (!parsebool(pval, &conf->flag_dollarid))
425	goto err;
426	} else if (strcmp(p, "abspath") == 0) {
427	if (!parsebool(pval, &conf->flag_abspath))
428	goto err;
429	} else if (strcmp(p, "includedir") == 0) {
430	OPENSSL_free(conf->includedir);
431	if ((conf->includedir = OPENSSL_strdup(pval)) == NULL) {
432	ERR_raise(ERR_LIB_CONF, ERR_R_MALLOC_FAILURE);
433	goto err;
434	}
435	}
436
437	/*
438	* We ignore any unknown pragma.
439	*/
440	continue;
441	} else if (strncmp(pname, ".include", 8) == 0
442	&& (p != pname + 8 \|\| *p == '=')) {
443	char *include = NULL;
444	BIO *next;
445	const char *include_dir = ossl_safe_getenv("OPENSSL_CONF_INCLUDE");
446	char *include_path = NULL;
447
448	#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
449	/*
450	* The include processing below can cause the "conf" fuzzer to
451	* timeout due to the fuzzer inserting large and complicated
452	* includes - with a large amount of time spent in
453	* OPENSSL_strlcat/OPENSSL_strcpy. This is not a security
454	* concern because config files should never come from untrusted
455	* sources. We just set an arbitrary limit on the allowed
456	* number of includes when fuzzing to prevent this timeout.
457	*/
458	if (numincludes++ > 10)
459	goto err;
460	#endif
461
462	if (include_dir == NULL)
463	include_dir = conf->includedir;
464
465	if (*p == '=') {
466	p++;
467	p = eat_ws(conf, p);
468	}
469	trim_ws(conf, p);
470	if (!str_copy(conf, psection, &include, p))
471	goto err;
472
473	if (include_dir != NULL && !ossl_is_absolute_path(include)) {
474	size_t newlen = strlen(include_dir) + strlen(include) + 2;
475
476	include_path = OPENSSL_malloc(newlen);
477	if (include_path == NULL) {
478	ERR_raise(ERR_LIB_CONF, ERR_R_MALLOC_FAILURE);
479	OPENSSL_free(include);
480	goto err;
481	}
482
483	OPENSSL_strlcpy(include_path, include_dir, newlen);
484	if (!ossl_ends_with_dirsep(include_path))
485	OPENSSL_strlcat(include_path, "/", newlen);
486	OPENSSL_strlcat(include_path, include, newlen);
487	OPENSSL_free(include);
488	} else {
489	include_path = include;
490	}
491
492	if (conf->flag_abspath
493	&& !ossl_is_absolute_path(include_path)) {
494	ERR_raise(ERR_LIB_CONF, CONF_R_RELATIVE_PATH);
495	OPENSSL_free(include_path);
496	goto err;
497	}
498
499	/* get the BIO of the included file */
500	#ifndef OPENSSL_NO_POSIX_IO
501	next = process_include(include_path, &dirctx, &dirpath);
502	if (include_path != dirpath) {
503	/* dirpath will contain include in case of a directory */
504	OPENSSL_free(include_path);
505	}
506	#else
507	next = BIO_new_file(include_path, "r");
508	OPENSSL_free(include_path);
509	#endif
510
511	if (next != NULL) {
512	/* push the currently processing BIO onto stack */
513	if (biosk == NULL) {
514	if ((biosk = sk_BIO_new_null()) == NULL) {
515	ERR_raise(ERR_LIB_CONF, ERR_R_MALLOC_FAILURE);
516	BIO_free(next);
517	goto err;
518	}
519	}
520	if (!sk_BIO_push(biosk, in)) {
521	ERR_raise(ERR_LIB_CONF, ERR_R_MALLOC_FAILURE);
522	BIO_free(next);
523	goto err;
524	}
525	/* continue with reading from the included BIO */
526	in = next;
527	}
528	continue;
529	} else if (*p != '=') {
530	ERR_raise_data(ERR_LIB_CONF, CONF_R_MISSING_EQUAL_SIGN,
531	"HERE-->%s", p);
532	goto err;
533	}
534	*end = '\0';
535	p++;
536	start = eat_ws(conf, p);
537	trim_ws(conf, start);
538
539	if ((v = OPENSSL_malloc(sizeof(*v))) == NULL) {
540	ERR_raise(ERR_LIB_CONF, ERR_R_MALLOC_FAILURE);
541	goto err;
542	}
543	v->name = OPENSSL_strdup(pname);
544	v->value = NULL;
545	if (v->name == NULL) {
546	ERR_raise(ERR_LIB_CONF, ERR_R_MALLOC_FAILURE);
547	goto err;
548	}
549	if (!str_copy(conf, psection, &(v->value), start))
550	goto err;
551
552	if (strcmp(psection, section) != 0) {
553	if ((tv = _CONF_get_section(conf, psection))
554	== NULL)
555	tv = _CONF_new_section(conf, psection);
556	if (tv == NULL) {
557	ERR_raise(ERR_LIB_CONF,
558	CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
559	goto err;
560	}
561	} else
562	tv = sv;
563	if (_CONF_add_string(conf, tv, v) == 0) {
564	ERR_raise(ERR_LIB_CONF, ERR_R_MALLOC_FAILURE);
565	goto err;
566	}
567	v = NULL;
568	}
569	}
570	BUF_MEM_free(buff);
571	OPENSSL_free(section);
572	/*
573	* No need to pop, since we only get here if the stack is empty.
574	* If this causes a BIO leak, THE ISSUE IS SOMEWHERE ELSE!
575	*/
576	sk_BIO_free(biosk);
577	return 1;
578
579	err:
580	BUF_MEM_free(buff);
581	OPENSSL_free(section);
582	/*
583	* Since \|in\| is the first element of the stack and should NOT be freed
584	* here, we cannot use sk_BIO_pop_free(). Instead, we pop and free one
585	* BIO at a time, making sure that the last one popped isn't.
586	*/
587	while (sk_BIO_num(biosk) > 0) {
588	BIO *popped = sk_BIO_pop(biosk);
589	BIO_vfree(in);
590	in = popped;
591	}
592	sk_BIO_free(biosk);
593	#ifndef OPENSSL_NO_POSIX_IO
594	OPENSSL_free(dirpath);
595	if (dirctx != NULL)
596	OPENSSL_DIR_end(&dirctx);
597	#endif
598	if (line != NULL)
599	*line = eline;
600	BIO_snprintf(btmp, sizeof(btmp), "%ld", eline);
601	ERR_add_error_data(2, "line ", btmp);
602	if (h != conf->data) {
603	CONF_free(conf->data);
604	conf->data = NULL;
605	}
606	if (v != NULL) {
607	OPENSSL_free(v->name);
608	OPENSSL_free(v->value);
609	OPENSSL_free(v);
610	}
611	return 0;
612	}
613
614	static void clear_comments(CONF conf, char p)
615	{
616	for (;;) {
617	if (IS_FCOMMENT(conf, *p)) {
618	*p = '\0';
619	return;
620	}
621	if (!IS_WS(conf, *p)) {
622	break;
623	}
624	p++;
625	}
626
627	for (;;) {
628	if (IS_COMMENT(conf, *p)) {
629	*p = '\0';
630	return;
631	}
632	if (IS_DQUOTE(conf, *p)) {
633	p = scan_dquote(conf, p);
634	continue;
635	}
636	if (IS_QUOTE(conf, *p)) {
637	p = scan_quote(conf, p);
638	continue;
639	}
640	if (IS_ESC(conf, *p)) {
641	p = scan_esc(conf, p);
642	continue;
643	}
644	if (IS_EOF(conf, *p))
645	return;
646	else
647	p++;
648	}
649	}
650
651	static int str_copy(CONF conf, char section, char *pto, char from)
652	{
653	int q, r, rr = 0, to = 0, len = 0;
654	char s, e, rp, p, rrp, np, *cp, v;
655	BUF_MEM *buf;
656
657	if ((buf = BUF_MEM_new()) == NULL)
658	return 0;
659
660	len = strlen(from) + 1;
661	if (!BUF_MEM_grow(buf, len))
662	goto err;
663
664	for (;;) {
665	if (IS_QUOTE(conf, *from)) {
666	q = *from;
667	from++;
668	while (!IS_EOF(conf, from) && (from != q)) {
669	if (IS_ESC(conf, *from)) {
670	from++;
671	if (IS_EOF(conf, *from))
672	break;
673	}
674	buf->data[to++] = *(from++);
675	}
676	if (*from == q)
677	from++;
678	} else if (IS_DQUOTE(conf, *from)) {
679	q = *from;
680	from++;
681	while (!IS_EOF(conf, *from)) {
682	if (*from == q) {
683	if (*(from + 1) == q) {
684	from++;
685	} else {
686	break;
687	}
688	}
689	buf->data[to++] = *(from++);
690	}
691	if (*from == q)
692	from++;
693	} else if (IS_ESC(conf, *from)) {
694	from++;
695	v = *(from++);
696	if (IS_EOF(conf, v))
697	break;
698	else if (v == 'r')
699	v = '\r';
700	else if (v == 'n')
701	v = '\n';
702	else if (v == 'b')
703	v = '\b';
704	else if (v == 't')
705	v = '\t';
706	buf->data[to++] = v;
707	} else if (IS_EOF(conf, *from))
708	break;
709	else if (*from == '$'
710	&& (!conf->flag_dollarid
711	\|\| from[1] == '{'
712	\|\| from[1] == '(')) {
713	size_t newsize;
714
715	/* try to expand it */
716	rrp = NULL;
717	s = &(from[1]);
718	if (*s == '{')
719	q = '}';
720	else if (*s == '(')
721	q = ')';
722	else
723	q = 0;
724
725	if (q)
726	s++;
727	cp = section;
728	e = np = s;
729	while (IS_ALNUM(conf, *e)
730	\|\| (conf->flag_dollarid && IS_DOLLAR(conf, *e)))
731	e++;
732	if ((e[0] == ':') && (e[1] == ':')) {
733	cp = np;
734	rrp = e;
735	rr = *e;
736	*rrp = '\0';
737	e += 2;
738	np = e;
739	while (IS_ALNUM(conf, *e)
740	\|\| (conf->flag_dollarid && IS_DOLLAR(conf, *e)))
741	e++;
742	}
743	r = *e;
744	*e = '\0';
745	rp = e;
746	if (q) {
747	if (r != q) {
748	ERR_raise(ERR_LIB_CONF, CONF_R_NO_CLOSE_BRACE);
749	goto err;
750	}
751	e++;
752	}
753	/*-
754	* So at this point we have
755	* np which is the start of the name string which is
756	* '\0' terminated.
757	* cp which is the start of the section string which is
758	* '\0' terminated.
759	* e is the 'next point after'.
760	* r and rr are the chars replaced by the '\0'
761	* rp and rrp is where 'r' and 'rr' came from.
762	*/
763	p = _CONF_get_string(conf, cp, np);
764	if (rrp != NULL)
765	*rrp = rr;
766	*rp = r;
767	if (p == NULL) {
768	ERR_raise(ERR_LIB_CONF, CONF_R_VARIABLE_HAS_NO_VALUE);
769	goto err;
770	}
771	newsize = strlen(p) + buf->length - (e - from);
772	if (newsize > MAX_CONF_VALUE_LENGTH) {
773	ERR_raise(ERR_LIB_CONF, CONF_R_VARIABLE_EXPANSION_TOO_LONG);
774	goto err;
775	}
776	if (!BUF_MEM_grow_clean(buf, newsize)) {
777	ERR_raise(ERR_LIB_CONF, ERR_R_MALLOC_FAILURE);
778	goto err;
779	}
780	while (*p)
781	buf->data[to++] = *(p++);
782
783	/*
784	* Since we change the pointer 'from', we also have to change the
785	* perceived length of the string it points at. /RL
786	*/
787	len -= e - from;
788	from = e;
789
790	/*
791	* In case there were no braces or parenthesis around the
792	* variable reference, we have to put back the character that was
793	* replaced with a '\0'. /RL
794	*/
795	*rp = r;
796	} else
797	buf->data[to++] = *(from++);
798	}
799	buf->data[to] = '\0';
800	OPENSSL_free(*pto);
801	*pto = buf->data;
802	OPENSSL_free(buf);
803	return 1;
804	err:
805	BUF_MEM_free(buf);
806	return 0;
807	}
808
809	#ifndef OPENSSL_NO_POSIX_IO
810	/*
811	* Check whether included path is a directory.
812	* Returns next BIO to process and in case of a directory
813	* also an opened directory context and the include path.
814	*/
815	static BIO process_include(char include, OPENSSL_DIR_CTX **dirctx,
816	char **dirpath)
817	{
818	struct stat st;
819	BIO *next;
820
821	if (stat(include, &st) < 0) {
822	ERR_raise_data(ERR_LIB_SYS, errno, "calling stat(%s)", include);
823	/* missing include file is not fatal error */
824	return NULL;
825	}
826
827	if (S_ISDIR(st.st_mode)) {
828	if (*dirctx != NULL) {
829	ERR_raise_data(ERR_LIB_CONF, CONF_R_RECURSIVE_DIRECTORY_INCLUDE,
830	"%s", include);
831	return NULL;
832	}
833	/* a directory, load its contents */
834	if ((next = get_next_file(include, dirctx)) != NULL)
835	*dirpath = include;
836	return next;
837	}
838
839	next = BIO_new_file(include, "r");
840	return next;
841	}
842
843	/*
844	* Get next file from the directory path.
845	* Returns BIO of the next file to read and updates dirctx.
846	*/
847	static BIO get_next_file(const char path, OPENSSL_DIR_CTX **dirctx)
848	{
849	const char *filename;
850	size_t pathlen;
851
852	pathlen = strlen(path);
853	while ((filename = OPENSSL_DIR_read(dirctx, path)) != NULL) {
854	size_t namelen;
855
856	namelen = strlen(filename);
857
858
859	if ((namelen > 5
860	&& OPENSSL_strcasecmp(filename + namelen - 5, ".conf") == 0)
861	\|\| (namelen > 4
862	&& OPENSSL_strcasecmp(filename + namelen - 4, ".cnf") == 0)) {
863	size_t newlen;
864	char *newpath;
865	BIO *bio;
866
867	newlen = pathlen + namelen + 2;
868	newpath = OPENSSL_zalloc(newlen);
869	if (newpath == NULL) {
870	ERR_raise(ERR_LIB_CONF, ERR_R_MALLOC_FAILURE);
871	break;
872	}
873	#ifdef OPENSSL_SYS_VMS
874	/*
875	* If the given path isn't clear VMS syntax,
876	* we treat it as on Unix.
877	*/
878	if (path[pathlen - 1] == ']'
879	\|\| path[pathlen - 1] == '>'
880	\|\| path[pathlen - 1] == ':') {
881	/* Clear VMS directory syntax, just copy as is */
882	OPENSSL_strlcpy(newpath, path, newlen);
883	}
884	#endif
885	if (newpath[0] == '\0') {
886	OPENSSL_strlcpy(newpath, path, newlen);
887	OPENSSL_strlcat(newpath, "/", newlen);
888	}
889	OPENSSL_strlcat(newpath, filename, newlen);
890
891	bio = BIO_new_file(newpath, "r");
892	OPENSSL_free(newpath);
893	/* Errors when opening files are non-fatal. */
894	if (bio != NULL)
895	return bio;
896	}
897	}
898	OPENSSL_DIR_end(dirctx);
899	*dirctx = NULL;
900	return NULL;
901	}
902	#endif
903
904	static int is_keytype(const CONF *conf, char c, unsigned short type)
905	{
906	const unsigned short * keytypes = (const unsigned short *) conf->meth_data;
907	unsigned char key = (unsigned char)c;
908
909	#ifdef CHARSET_EBCDIC
910	# if CHAR_BIT > 8
911	if (key > 255) {
912	/* key is out of range for os_toascii table */
913	return 0;
914	}
915	# endif
916	/* convert key from ebcdic to ascii */
917	key = os_toascii[key];
918	#endif
919
920	if (key > 127) {
921	/* key is not a seven bit ascii character */
922	return 0;
923	}
924
925	return (keytypes[key] & type) ? 1 : 0;
926	}
927
928	static char eat_ws(CONF conf, char *p)
929	{
930	while (IS_WS(conf, p) && (!IS_EOF(conf, p)))
931	p++;
932	return p;
933	}
934
935	static void trim_ws(CONF conf, char start)
936	{
937	char *p = start;
938
939	while (!IS_EOF(conf, *p))
940	p++;
941	p--;
942	while ((p >= start) && IS_WS(conf, *p))
943	p--;
944	p++;
945	*p = '\0';
946	}
947
948	static char eat_alpha_numeric(CONF conf, char *p)
949	{
950	for (;;) {
951	if (IS_ESC(conf, *p)) {
952	p = scan_esc(conf, p);
953	continue;
954	}
955	if (!(IS_ALNUM_PUNCT(conf, *p)
956	\|\| (conf->flag_dollarid && IS_DOLLAR(conf, *p))))
957	return p;
958	p++;
959	}
960	}
961
962	static char scan_quote(CONF conf, char *p)
963	{
964	int q = *p;
965
966	p++;
967	while (!(IS_EOF(conf, p)) && (p != q)) {
968	if (IS_ESC(conf, *p)) {
969	p++;
970	if (IS_EOF(conf, *p))
971	return p;
972	}
973	p++;
974	}
975	if (*p == q)
976	p++;
977	return p;
978	}
979
980	static char scan_dquote(CONF conf, char *p)
981	{
982	int q = *p;
983
984	p++;
985	while (!(IS_EOF(conf, *p))) {
986	if (*p == q) {
987	if (*(p + 1) == q) {
988	p++;
989	} else {
990	break;
991	}
992	}
993	p++;
994	}
995	if (*p == q)
996	p++;
997	return p;
998	}
999
1000	static void dump_value_doall_arg(const CONF_VALUE a, BIO out)
1001	{
1002	if (a->name)
1003	BIO_printf(out, "[%s] %s=%s\n", a->section, a->name, a->value);
1004	else
1005	BIO_printf(out, "[[%s]]\n", a->section);
1006	}
1007
1008	IMPLEMENT_LHASH_DOALL_ARG_CONST(CONF_VALUE, BIO);
1009
1010	static int def_dump(const CONF conf, BIO out)
1011	{
1012	lh_CONF_VALUE_doall_BIO(conf->data, dump_value_doall_arg, out);
1013	return 1;
1014	}
1015
1016	static int def_is_number(const CONF *conf, char c)
1017	{
1018	return IS_NUMBER(conf, c);
1019	}
1020
1021	static int def_to_int(const CONF *conf, char c)
1022	{
1023	return c - '0';
1024	}

Note: See TracBrowser for help on using the repository browser.

source: vbox/trunk/src/libs/openssl-3.1.7/crypto/conf/conf_def.c@ 107935

Download in other formats: