/*
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
- * Licensed under the OpenSSL license (the "License"). You may not use
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
# endif
#endif
+#ifndef S_ISDIR
+# define S_ISDIR(a) (((a) & S_IFMT) == S_IFDIR)
+#endif
+
/*
* The maximum length we can grow a value to after variable expansion. 64k
* should be more than enough for all reasonable uses.
*/
#define MAX_CONF_VALUE_LENGTH 65536
+static int is_keytype(const CONF *conf, char c, unsigned short type);
static char *eat_ws(CONF *conf, char *p);
static void trim_ws(CONF *conf, char *start);
static char *eat_alpha_numeric(CONF *conf, char *p);
static CONF *def_create(CONF_METHOD *meth);
static int def_init_default(CONF *conf);
+#ifndef OPENSSL_NO_DEPRECATED_3_0
static int def_init_WIN32(CONF *conf);
+#endif
static int def_destroy(CONF *conf);
static int def_destroy_data(CONF *conf);
static int def_load(CONF *conf, const char *name, long *eline);
def_load
};
+CONF_METHOD *NCONF_default(void)
+{
+ return &default_method;
+}
+
+#ifndef OPENSSL_NO_DEPRECATED_3_0
static CONF_METHOD WIN32_method = {
"WIN32",
def_create,
def_load
};
-CONF_METHOD *NCONF_default()
-{
- return &default_method;
-}
-
-CONF_METHOD *NCONF_WIN32()
+CONF_METHOD *NCONF_WIN32(void)
{
return &WIN32_method;
}
+#endif
static CONF *def_create(CONF_METHOD *meth)
{
return 1;
}
+#ifndef OPENSSL_NO_DEPRECATED_3_0
static int def_init_WIN32(CONF *conf)
{
if (conf == NULL)
return 1;
}
+#endif
static int def_destroy(CONF *conf)
{
psection = section;
}
p = eat_ws(conf, end);
- if (strncmp(pname, ".include", 8) == 0 && p != pname + 8) {
+ if (strncmp(pname, ".include", 8) == 0
+ && (p != pname + 8 || *p == '=')) {
char *include = NULL;
BIO *next;
+ const char *include_dir = ossl_safe_getenv("OPENSSL_CONF_INCLUDE");
+ char *include_path = NULL;
+ if (*p == '=') {
+ p++;
+ p = eat_ws(conf, p);
+ }
trim_ws(conf, p);
if (!str_copy(conf, psection, &include, p))
goto err;
+
+ if (include_dir != NULL) {
+ size_t newlen = strlen(include_dir) + strlen(include) + 2;
+
+ include_path = OPENSSL_malloc(newlen);
+ OPENSSL_strlcpy(include_path, include_dir, newlen);
+ OPENSSL_strlcat(include_path, "/", newlen);
+ OPENSSL_strlcat(include_path, include, newlen);
+ } else {
+ include_path = include;
+ }
+
/* get the BIO of the included file */
#ifndef OPENSSL_NO_POSIX_IO
- next = process_include(include, &dirctx, &dirpath);
- if (include != dirpath) {
+ next = process_include(include_path, &dirctx, &dirpath);
+ if (include_path != dirpath) {
/* dirpath will contain include in case of a directory */
OPENSSL_free(include);
+ if (include_path != include)
+ OPENSSL_free(include_path);
}
#else
- next = BIO_new_file(include, "r");
+ next = BIO_new_file(include_path, "r");
OPENSSL_free(include);
+ if (include_path != include)
+ OPENSSL_free(include_path);
#endif
+
if (next != NULL) {
/* push the currently processing BIO onto stack */
if (biosk == NULL) {
}
BUF_MEM_free(buff);
OPENSSL_free(section);
- sk_BIO_pop_free(biosk, BIO_vfree);
+ /*
+ * No need to pop, since we only get here if the stack is empty.
+ * If this causes a BIO leak, THE ISSUE IS SOMEWHERE ELSE!
+ */
+ sk_BIO_free(biosk);
return 1;
err:
BUF_MEM_free(buff);
OPENSSL_free(section);
- sk_BIO_pop_free(biosk, BIO_vfree);
+ /*
+ * Since |in| is the first element of the stack and should NOT be freed
+ * here, we cannot use sk_BIO_pop_free(). Instead, we pop and free one
+ * BIO at a time, making sure that the last one popped isn't.
+ */
+ while (sk_BIO_num(biosk) > 0) {
+ BIO *popped = sk_BIO_pop(biosk);
+ BIO_vfree(in);
+ in = popped;
+ }
+ sk_BIO_free(biosk);
#ifndef OPENSSL_NO_POSIX_IO
OPENSSL_free(dirpath);
if (dirctx != NULL)
static BIO *process_include(char *include, OPENSSL_DIR_CTX **dirctx,
char **dirpath)
{
- struct stat st = { 0 };
+ struct stat st;
BIO *next;
if (stat(include, &st) < 0) {
- SYSerr(SYS_F_STAT, errno);
- ERR_add_error_data(1, include);
+ ERR_raise_data(ERR_LIB_SYS, errno,
+ "calling stat(%s)",
+ include);
/* missing include file is not fatal error */
return NULL;
}
- if ((st.st_mode & S_IFDIR) == S_IFDIR) {
+ if (S_ISDIR(st.st_mode)) {
if (*dirctx != NULL) {
CONFerr(CONF_F_PROCESS_INCLUDE,
CONF_R_RECURSIVE_DIRECTORY_INCLUDE);
}
#endif
+static int is_keytype(const CONF *conf, char c, unsigned short type)
+{
+ const unsigned short * keytypes = (const unsigned short *) conf->meth_data;
+ unsigned char key = (unsigned char)c;
+
+#ifdef CHARSET_EBCDIC
+# if CHAR_BIT > 8
+ if (key > 255) {
+ /* key is out of range for os_toascii table */
+ return 0;
+ }
+# endif
+ /* convert key from ebcdic to ascii */
+ key = os_toascii[key];
+#endif
+
+ if (key > 127) {
+ /* key is not a seven bit ascii character */
+ return 0;
+ }
+
+ return (keytypes[key] & type) ? 1 : 0;
+}
+
static char *eat_ws(CONF *conf, char *p)
{
while (IS_WS(conf, *p) && (!IS_EOF(conf, *p)))
projects / openssl.git / blobdiff