2
0

conf_def.c 24 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904
  1. /*
  2. * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. /* Part of the code in here was originally in conf.c, which is now removed */
  10. #include <stdio.h>
  11. #include <string.h>
  12. #include "internal/cryptlib.h"
  13. #include "internal/o_dir.h"
  14. #include <openssl/lhash.h>
  15. #include <openssl/conf.h>
  16. #include <openssl/conf_api.h>
  17. #include "conf_def.h"
  18. #include <openssl/buffer.h>
  19. #include <openssl/err.h>
  20. #ifndef OPENSSL_NO_POSIX_IO
  21. # include <sys/stat.h>
  22. # ifdef _WIN32
  23. # define stat _stat
  24. # define strcasecmp _stricmp
  25. # endif
  26. #endif
  27. #ifndef S_ISDIR
  28. # define S_ISDIR(a) (((a) & S_IFMT) == S_IFDIR)
  29. #endif
  30. /*
  31. * The maximum length we can grow a value to after variable expansion. 64k
  32. * should be more than enough for all reasonable uses.
  33. */
  34. #define MAX_CONF_VALUE_LENGTH 65536
  35. static int is_keytype(const CONF *conf, char c, unsigned short type);
  36. static char *eat_ws(CONF *conf, char *p);
  37. static void trim_ws(CONF *conf, char *start);
  38. static char *eat_alpha_numeric(CONF *conf, char *p);
  39. static void clear_comments(CONF *conf, char *p);
  40. static int str_copy(CONF *conf, char *section, char **to, char *from);
  41. static char *scan_quote(CONF *conf, char *p);
  42. static char *scan_dquote(CONF *conf, char *p);
  43. #define scan_esc(conf,p) (((IS_EOF((conf),(p)[1]))?((p)+1):((p)+2)))
  44. #ifndef OPENSSL_NO_POSIX_IO
  45. static BIO *process_include(char *include, OPENSSL_DIR_CTX **dirctx,
  46. char **dirpath);
  47. static BIO *get_next_file(const char *path, OPENSSL_DIR_CTX **dirctx);
  48. #endif
  49. static CONF *def_create(CONF_METHOD *meth);
  50. static int def_init_default(CONF *conf);
  51. #if !OPENSSL_API_3
  52. static int def_init_WIN32(CONF *conf);
  53. #endif
  54. static int def_destroy(CONF *conf);
  55. static int def_destroy_data(CONF *conf);
  56. static int def_load(CONF *conf, const char *name, long *eline);
  57. static int def_load_bio(CONF *conf, BIO *bp, long *eline);
  58. static int def_dump(const CONF *conf, BIO *bp);
  59. static int def_is_number(const CONF *conf, char c);
  60. static int def_to_int(const CONF *conf, char c);
  61. static CONF_METHOD default_method = {
  62. "OpenSSL default",
  63. def_create,
  64. def_init_default,
  65. def_destroy,
  66. def_destroy_data,
  67. def_load_bio,
  68. def_dump,
  69. def_is_number,
  70. def_to_int,
  71. def_load
  72. };
  73. CONF_METHOD *NCONF_default(void)
  74. {
  75. return &default_method;
  76. }
  77. #if ! OPENSSL_API_3
  78. static CONF_METHOD WIN32_method = {
  79. "WIN32",
  80. def_create,
  81. def_init_WIN32,
  82. def_destroy,
  83. def_destroy_data,
  84. def_load_bio,
  85. def_dump,
  86. def_is_number,
  87. def_to_int,
  88. def_load
  89. };
  90. CONF_METHOD *NCONF_WIN32(void)
  91. {
  92. return &WIN32_method;
  93. }
  94. #endif
  95. static CONF *def_create(CONF_METHOD *meth)
  96. {
  97. CONF *ret;
  98. ret = OPENSSL_malloc(sizeof(*ret));
  99. if (ret != NULL)
  100. if (meth->init(ret) == 0) {
  101. OPENSSL_free(ret);
  102. ret = NULL;
  103. }
  104. return ret;
  105. }
  106. static int def_init_default(CONF *conf)
  107. {
  108. if (conf == NULL)
  109. return 0;
  110. conf->meth = &default_method;
  111. conf->meth_data = (void *)CONF_type_default;
  112. conf->data = NULL;
  113. return 1;
  114. }
  115. #if ! OPENSSL_API_3
  116. static int def_init_WIN32(CONF *conf)
  117. {
  118. if (conf == NULL)
  119. return 0;
  120. conf->meth = &WIN32_method;
  121. conf->meth_data = (void *)CONF_type_win32;
  122. conf->data = NULL;
  123. return 1;
  124. }
  125. #endif
  126. static int def_destroy(CONF *conf)
  127. {
  128. if (def_destroy_data(conf)) {
  129. OPENSSL_free(conf);
  130. return 1;
  131. }
  132. return 0;
  133. }
  134. static int def_destroy_data(CONF *conf)
  135. {
  136. if (conf == NULL)
  137. return 0;
  138. _CONF_free_data(conf);
  139. return 1;
  140. }
  141. static int def_load(CONF *conf, const char *name, long *line)
  142. {
  143. int ret;
  144. BIO *in = NULL;
  145. #ifdef OPENSSL_SYS_VMS
  146. in = BIO_new_file(name, "r");
  147. #else
  148. in = BIO_new_file(name, "rb");
  149. #endif
  150. if (in == NULL) {
  151. if (ERR_GET_REASON(ERR_peek_last_error()) == BIO_R_NO_SUCH_FILE)
  152. CONFerr(CONF_F_DEF_LOAD, CONF_R_NO_SUCH_FILE);
  153. else
  154. CONFerr(CONF_F_DEF_LOAD, ERR_R_SYS_LIB);
  155. return 0;
  156. }
  157. ret = def_load_bio(conf, in, line);
  158. BIO_free(in);
  159. return ret;
  160. }
  161. static int def_load_bio(CONF *conf, BIO *in, long *line)
  162. {
  163. /* The macro BUFSIZE conflicts with a system macro in VxWorks */
  164. #define CONFBUFSIZE 512
  165. int bufnum = 0, i, ii;
  166. BUF_MEM *buff = NULL;
  167. char *s, *p, *end;
  168. int again;
  169. long eline = 0;
  170. char btmp[DECIMAL_SIZE(eline) + 1];
  171. CONF_VALUE *v = NULL, *tv;
  172. CONF_VALUE *sv = NULL;
  173. char *section = NULL, *buf;
  174. char *start, *psection, *pname;
  175. void *h = (void *)(conf->data);
  176. STACK_OF(BIO) *biosk = NULL;
  177. #ifndef OPENSSL_NO_POSIX_IO
  178. char *dirpath = NULL;
  179. OPENSSL_DIR_CTX *dirctx = NULL;
  180. #endif
  181. if ((buff = BUF_MEM_new()) == NULL) {
  182. CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_BUF_LIB);
  183. goto err;
  184. }
  185. section = OPENSSL_strdup("default");
  186. if (section == NULL) {
  187. CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE);
  188. goto err;
  189. }
  190. if (_CONF_new_data(conf) == 0) {
  191. CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE);
  192. goto err;
  193. }
  194. sv = _CONF_new_section(conf, section);
  195. if (sv == NULL) {
  196. CONFerr(CONF_F_DEF_LOAD_BIO, CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
  197. goto err;
  198. }
  199. bufnum = 0;
  200. again = 0;
  201. for (;;) {
  202. if (!BUF_MEM_grow(buff, bufnum + CONFBUFSIZE)) {
  203. CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_BUF_LIB);
  204. goto err;
  205. }
  206. p = &(buff->data[bufnum]);
  207. *p = '\0';
  208. read_retry:
  209. BIO_gets(in, p, CONFBUFSIZE - 1);
  210. p[CONFBUFSIZE - 1] = '\0';
  211. ii = i = strlen(p);
  212. if (i == 0 && !again) {
  213. /* the currently processed BIO is at EOF */
  214. BIO *parent;
  215. #ifndef OPENSSL_NO_POSIX_IO
  216. /* continue processing with the next file from directory */
  217. if (dirctx != NULL) {
  218. BIO *next;
  219. if ((next = get_next_file(dirpath, &dirctx)) != NULL) {
  220. BIO_vfree(in);
  221. in = next;
  222. goto read_retry;
  223. } else {
  224. OPENSSL_free(dirpath);
  225. dirpath = NULL;
  226. }
  227. }
  228. #endif
  229. /* no more files in directory, continue with processing parent */
  230. if ((parent = sk_BIO_pop(biosk)) == NULL) {
  231. /* everything processed get out of the loop */
  232. break;
  233. } else {
  234. BIO_vfree(in);
  235. in = parent;
  236. goto read_retry;
  237. }
  238. }
  239. again = 0;
  240. while (i > 0) {
  241. if ((p[i - 1] != '\r') && (p[i - 1] != '\n'))
  242. break;
  243. else
  244. i--;
  245. }
  246. /*
  247. * we removed some trailing stuff so there is a new line on the end.
  248. */
  249. if (ii && i == ii)
  250. again = 1; /* long line */
  251. else {
  252. p[i] = '\0';
  253. eline++; /* another input line */
  254. }
  255. /* we now have a line with trailing \r\n removed */
  256. /* i is the number of bytes */
  257. bufnum += i;
  258. v = NULL;
  259. /* check for line continuation */
  260. if (bufnum >= 1) {
  261. /*
  262. * If we have bytes and the last char '\\' and second last char
  263. * is not '\\'
  264. */
  265. p = &(buff->data[bufnum - 1]);
  266. if (IS_ESC(conf, p[0]) && ((bufnum <= 1) || !IS_ESC(conf, p[-1]))) {
  267. bufnum--;
  268. again = 1;
  269. }
  270. }
  271. if (again)
  272. continue;
  273. bufnum = 0;
  274. buf = buff->data;
  275. clear_comments(conf, buf);
  276. s = eat_ws(conf, buf);
  277. if (IS_EOF(conf, *s))
  278. continue; /* blank line */
  279. if (*s == '[') {
  280. char *ss;
  281. s++;
  282. start = eat_ws(conf, s);
  283. ss = start;
  284. again:
  285. end = eat_alpha_numeric(conf, ss);
  286. p = eat_ws(conf, end);
  287. if (*p != ']') {
  288. if (*p != '\0' && ss != p) {
  289. ss = p;
  290. goto again;
  291. }
  292. CONFerr(CONF_F_DEF_LOAD_BIO,
  293. CONF_R_MISSING_CLOSE_SQUARE_BRACKET);
  294. goto err;
  295. }
  296. *end = '\0';
  297. if (!str_copy(conf, NULL, &section, start))
  298. goto err;
  299. if ((sv = _CONF_get_section(conf, section)) == NULL)
  300. sv = _CONF_new_section(conf, section);
  301. if (sv == NULL) {
  302. CONFerr(CONF_F_DEF_LOAD_BIO,
  303. CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
  304. goto err;
  305. }
  306. continue;
  307. } else {
  308. pname = s;
  309. end = eat_alpha_numeric(conf, s);
  310. if ((end[0] == ':') && (end[1] == ':')) {
  311. *end = '\0';
  312. end += 2;
  313. psection = pname;
  314. pname = end;
  315. end = eat_alpha_numeric(conf, end);
  316. } else {
  317. psection = section;
  318. }
  319. p = eat_ws(conf, end);
  320. if (strncmp(pname, ".include", 8) == 0
  321. && (p != pname + 8 || *p == '=')) {
  322. char *include = NULL;
  323. BIO *next;
  324. const char *include_dir = ossl_safe_getenv("OPENSSL_CONF_INCLUDE");
  325. char *include_path = NULL;
  326. if (*p == '=') {
  327. p++;
  328. p = eat_ws(conf, p);
  329. }
  330. trim_ws(conf, p);
  331. if (!str_copy(conf, psection, &include, p))
  332. goto err;
  333. if (include_dir != NULL) {
  334. size_t newlen = strlen(include_dir) + strlen(include) + 2;
  335. include_path = OPENSSL_malloc(newlen);
  336. OPENSSL_strlcpy(include_path, include_dir, newlen);
  337. OPENSSL_strlcat(include_path, "/", newlen);
  338. OPENSSL_strlcat(include_path, include, newlen);
  339. } else {
  340. include_path = include;
  341. }
  342. /* get the BIO of the included file */
  343. #ifndef OPENSSL_NO_POSIX_IO
  344. next = process_include(include_path, &dirctx, &dirpath);
  345. if (include_path != dirpath) {
  346. /* dirpath will contain include in case of a directory */
  347. OPENSSL_free(include);
  348. if (include_path != include)
  349. OPENSSL_free(include_path);
  350. }
  351. #else
  352. next = BIO_new_file(include_path, "r");
  353. OPENSSL_free(include);
  354. if (include_path != include)
  355. OPENSSL_free(include_path);
  356. #endif
  357. if (next != NULL) {
  358. /* push the currently processing BIO onto stack */
  359. if (biosk == NULL) {
  360. if ((biosk = sk_BIO_new_null()) == NULL) {
  361. CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE);
  362. goto err;
  363. }
  364. }
  365. if (!sk_BIO_push(biosk, in)) {
  366. CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE);
  367. goto err;
  368. }
  369. /* continue with reading from the included BIO */
  370. in = next;
  371. }
  372. continue;
  373. } else if (*p != '=') {
  374. CONFerr(CONF_F_DEF_LOAD_BIO, CONF_R_MISSING_EQUAL_SIGN);
  375. goto err;
  376. }
  377. *end = '\0';
  378. p++;
  379. start = eat_ws(conf, p);
  380. trim_ws(conf, start);
  381. if ((v = OPENSSL_malloc(sizeof(*v))) == NULL) {
  382. CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE);
  383. goto err;
  384. }
  385. v->name = OPENSSL_strdup(pname);
  386. v->value = NULL;
  387. if (v->name == NULL) {
  388. CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE);
  389. goto err;
  390. }
  391. if (!str_copy(conf, psection, &(v->value), start))
  392. goto err;
  393. if (strcmp(psection, section) != 0) {
  394. if ((tv = _CONF_get_section(conf, psection))
  395. == NULL)
  396. tv = _CONF_new_section(conf, psection);
  397. if (tv == NULL) {
  398. CONFerr(CONF_F_DEF_LOAD_BIO,
  399. CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
  400. goto err;
  401. }
  402. } else
  403. tv = sv;
  404. if (_CONF_add_string(conf, tv, v) == 0) {
  405. CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE);
  406. goto err;
  407. }
  408. v = NULL;
  409. }
  410. }
  411. BUF_MEM_free(buff);
  412. OPENSSL_free(section);
  413. /*
  414. * No need to pop, since we only get here if the stack is empty.
  415. * If this causes a BIO leak, THE ISSUE IS SOMEWHERE ELSE!
  416. */
  417. sk_BIO_free(biosk);
  418. return 1;
  419. err:
  420. BUF_MEM_free(buff);
  421. OPENSSL_free(section);
  422. /*
  423. * Since |in| is the first element of the stack and should NOT be freed
  424. * here, we cannot use sk_BIO_pop_free(). Instead, we pop and free one
  425. * BIO at a time, making sure that the last one popped isn't.
  426. */
  427. while (sk_BIO_num(biosk) > 0) {
  428. BIO *popped = sk_BIO_pop(biosk);
  429. BIO_vfree(in);
  430. in = popped;
  431. }
  432. sk_BIO_free(biosk);
  433. #ifndef OPENSSL_NO_POSIX_IO
  434. OPENSSL_free(dirpath);
  435. if (dirctx != NULL)
  436. OPENSSL_DIR_end(&dirctx);
  437. #endif
  438. if (line != NULL)
  439. *line = eline;
  440. BIO_snprintf(btmp, sizeof(btmp), "%ld", eline);
  441. ERR_add_error_data(2, "line ", btmp);
  442. if (h != conf->data) {
  443. CONF_free(conf->data);
  444. conf->data = NULL;
  445. }
  446. if (v != NULL) {
  447. OPENSSL_free(v->name);
  448. OPENSSL_free(v->value);
  449. OPENSSL_free(v);
  450. }
  451. return 0;
  452. }
  453. static void clear_comments(CONF *conf, char *p)
  454. {
  455. for (;;) {
  456. if (IS_FCOMMENT(conf, *p)) {
  457. *p = '\0';
  458. return;
  459. }
  460. if (!IS_WS(conf, *p)) {
  461. break;
  462. }
  463. p++;
  464. }
  465. for (;;) {
  466. if (IS_COMMENT(conf, *p)) {
  467. *p = '\0';
  468. return;
  469. }
  470. if (IS_DQUOTE(conf, *p)) {
  471. p = scan_dquote(conf, p);
  472. continue;
  473. }
  474. if (IS_QUOTE(conf, *p)) {
  475. p = scan_quote(conf, p);
  476. continue;
  477. }
  478. if (IS_ESC(conf, *p)) {
  479. p = scan_esc(conf, p);
  480. continue;
  481. }
  482. if (IS_EOF(conf, *p))
  483. return;
  484. else
  485. p++;
  486. }
  487. }
  488. static int str_copy(CONF *conf, char *section, char **pto, char *from)
  489. {
  490. int q, r, rr = 0, to = 0, len = 0;
  491. char *s, *e, *rp, *p, *rrp, *np, *cp, v;
  492. BUF_MEM *buf;
  493. if ((buf = BUF_MEM_new()) == NULL)
  494. return 0;
  495. len = strlen(from) + 1;
  496. if (!BUF_MEM_grow(buf, len))
  497. goto err;
  498. for (;;) {
  499. if (IS_QUOTE(conf, *from)) {
  500. q = *from;
  501. from++;
  502. while (!IS_EOF(conf, *from) && (*from != q)) {
  503. if (IS_ESC(conf, *from)) {
  504. from++;
  505. if (IS_EOF(conf, *from))
  506. break;
  507. }
  508. buf->data[to++] = *(from++);
  509. }
  510. if (*from == q)
  511. from++;
  512. } else if (IS_DQUOTE(conf, *from)) {
  513. q = *from;
  514. from++;
  515. while (!IS_EOF(conf, *from)) {
  516. if (*from == q) {
  517. if (*(from + 1) == q) {
  518. from++;
  519. } else {
  520. break;
  521. }
  522. }
  523. buf->data[to++] = *(from++);
  524. }
  525. if (*from == q)
  526. from++;
  527. } else if (IS_ESC(conf, *from)) {
  528. from++;
  529. v = *(from++);
  530. if (IS_EOF(conf, v))
  531. break;
  532. else if (v == 'r')
  533. v = '\r';
  534. else if (v == 'n')
  535. v = '\n';
  536. else if (v == 'b')
  537. v = '\b';
  538. else if (v == 't')
  539. v = '\t';
  540. buf->data[to++] = v;
  541. } else if (IS_EOF(conf, *from))
  542. break;
  543. else if (*from == '$') {
  544. size_t newsize;
  545. /* try to expand it */
  546. rrp = NULL;
  547. s = &(from[1]);
  548. if (*s == '{')
  549. q = '}';
  550. else if (*s == '(')
  551. q = ')';
  552. else
  553. q = 0;
  554. if (q)
  555. s++;
  556. cp = section;
  557. e = np = s;
  558. while (IS_ALNUM(conf, *e))
  559. e++;
  560. if ((e[0] == ':') && (e[1] == ':')) {
  561. cp = np;
  562. rrp = e;
  563. rr = *e;
  564. *rrp = '\0';
  565. e += 2;
  566. np = e;
  567. while (IS_ALNUM(conf, *e))
  568. e++;
  569. }
  570. r = *e;
  571. *e = '\0';
  572. rp = e;
  573. if (q) {
  574. if (r != q) {
  575. CONFerr(CONF_F_STR_COPY, CONF_R_NO_CLOSE_BRACE);
  576. goto err;
  577. }
  578. e++;
  579. }
  580. /*-
  581. * So at this point we have
  582. * np which is the start of the name string which is
  583. * '\0' terminated.
  584. * cp which is the start of the section string which is
  585. * '\0' terminated.
  586. * e is the 'next point after'.
  587. * r and rr are the chars replaced by the '\0'
  588. * rp and rrp is where 'r' and 'rr' came from.
  589. */
  590. p = _CONF_get_string(conf, cp, np);
  591. if (rrp != NULL)
  592. *rrp = rr;
  593. *rp = r;
  594. if (p == NULL) {
  595. CONFerr(CONF_F_STR_COPY, CONF_R_VARIABLE_HAS_NO_VALUE);
  596. goto err;
  597. }
  598. newsize = strlen(p) + buf->length - (e - from);
  599. if (newsize > MAX_CONF_VALUE_LENGTH) {
  600. CONFerr(CONF_F_STR_COPY, CONF_R_VARIABLE_EXPANSION_TOO_LONG);
  601. goto err;
  602. }
  603. if (!BUF_MEM_grow_clean(buf, newsize)) {
  604. CONFerr(CONF_F_STR_COPY, ERR_R_MALLOC_FAILURE);
  605. goto err;
  606. }
  607. while (*p)
  608. buf->data[to++] = *(p++);
  609. /*
  610. * Since we change the pointer 'from', we also have to change the
  611. * perceived length of the string it points at. /RL
  612. */
  613. len -= e - from;
  614. from = e;
  615. /*
  616. * In case there were no braces or parenthesis around the
  617. * variable reference, we have to put back the character that was
  618. * replaced with a '\0'. /RL
  619. */
  620. *rp = r;
  621. } else
  622. buf->data[to++] = *(from++);
  623. }
  624. buf->data[to] = '\0';
  625. OPENSSL_free(*pto);
  626. *pto = buf->data;
  627. OPENSSL_free(buf);
  628. return 1;
  629. err:
  630. BUF_MEM_free(buf);
  631. return 0;
  632. }
  633. #ifndef OPENSSL_NO_POSIX_IO
  634. /*
  635. * Check whether included path is a directory.
  636. * Returns next BIO to process and in case of a directory
  637. * also an opened directory context and the include path.
  638. */
  639. static BIO *process_include(char *include, OPENSSL_DIR_CTX **dirctx,
  640. char **dirpath)
  641. {
  642. struct stat st;
  643. BIO *next;
  644. if (stat(include, &st) < 0) {
  645. ERR_raise_data(ERR_LIB_SYS, errno,
  646. "calling stat(%s)",
  647. include);
  648. /* missing include file is not fatal error */
  649. return NULL;
  650. }
  651. if (S_ISDIR(st.st_mode)) {
  652. if (*dirctx != NULL) {
  653. CONFerr(CONF_F_PROCESS_INCLUDE,
  654. CONF_R_RECURSIVE_DIRECTORY_INCLUDE);
  655. ERR_add_error_data(1, include);
  656. return NULL;
  657. }
  658. /* a directory, load its contents */
  659. if ((next = get_next_file(include, dirctx)) != NULL)
  660. *dirpath = include;
  661. return next;
  662. }
  663. next = BIO_new_file(include, "r");
  664. return next;
  665. }
  666. /*
  667. * Get next file from the directory path.
  668. * Returns BIO of the next file to read and updates dirctx.
  669. */
  670. static BIO *get_next_file(const char *path, OPENSSL_DIR_CTX **dirctx)
  671. {
  672. const char *filename;
  673. while ((filename = OPENSSL_DIR_read(dirctx, path)) != NULL) {
  674. size_t namelen;
  675. namelen = strlen(filename);
  676. if ((namelen > 5 && strcasecmp(filename + namelen - 5, ".conf") == 0)
  677. || (namelen > 4 && strcasecmp(filename + namelen - 4, ".cnf") == 0)) {
  678. size_t newlen;
  679. char *newpath;
  680. BIO *bio;
  681. newlen = strlen(path) + namelen + 2;
  682. newpath = OPENSSL_zalloc(newlen);
  683. if (newpath == NULL) {
  684. CONFerr(CONF_F_GET_NEXT_FILE, ERR_R_MALLOC_FAILURE);
  685. break;
  686. }
  687. #ifdef OPENSSL_SYS_VMS
  688. /*
  689. * If the given path isn't clear VMS syntax,
  690. * we treat it as on Unix.
  691. */
  692. {
  693. size_t pathlen = strlen(path);
  694. if (path[pathlen - 1] == ']' || path[pathlen - 1] == '>'
  695. || path[pathlen - 1] == ':') {
  696. /* Clear VMS directory syntax, just copy as is */
  697. OPENSSL_strlcpy(newpath, path, newlen);
  698. }
  699. }
  700. #endif
  701. if (newpath[0] == '\0') {
  702. OPENSSL_strlcpy(newpath, path, newlen);
  703. OPENSSL_strlcat(newpath, "/", newlen);
  704. }
  705. OPENSSL_strlcat(newpath, filename, newlen);
  706. bio = BIO_new_file(newpath, "r");
  707. OPENSSL_free(newpath);
  708. /* Errors when opening files are non-fatal. */
  709. if (bio != NULL)
  710. return bio;
  711. }
  712. }
  713. OPENSSL_DIR_end(dirctx);
  714. *dirctx = NULL;
  715. return NULL;
  716. }
  717. #endif
  718. static int is_keytype(const CONF *conf, char c, unsigned short type)
  719. {
  720. const unsigned short * keytypes = (const unsigned short *) conf->meth_data;
  721. unsigned char key = (unsigned char)c;
  722. #ifdef CHARSET_EBCDIC
  723. # if CHAR_BIT > 8
  724. if (key > 255) {
  725. /* key is out of range for os_toascii table */
  726. return 0;
  727. }
  728. # endif
  729. /* convert key from ebcdic to ascii */
  730. key = os_toascii[key];
  731. #endif
  732. if (key > 127) {
  733. /* key is not a seven bit ascii character */
  734. return 0;
  735. }
  736. return (keytypes[key] & type) ? 1 : 0;
  737. }
  738. static char *eat_ws(CONF *conf, char *p)
  739. {
  740. while (IS_WS(conf, *p) && (!IS_EOF(conf, *p)))
  741. p++;
  742. return p;
  743. }
  744. static void trim_ws(CONF *conf, char *start)
  745. {
  746. char *p = start;
  747. while (!IS_EOF(conf, *p))
  748. p++;
  749. p--;
  750. while ((p >= start) && IS_WS(conf, *p))
  751. p--;
  752. p++;
  753. *p = '\0';
  754. }
  755. static char *eat_alpha_numeric(CONF *conf, char *p)
  756. {
  757. for (;;) {
  758. if (IS_ESC(conf, *p)) {
  759. p = scan_esc(conf, p);
  760. continue;
  761. }
  762. if (!IS_ALNUM_PUNCT(conf, *p))
  763. return p;
  764. p++;
  765. }
  766. }
  767. static char *scan_quote(CONF *conf, char *p)
  768. {
  769. int q = *p;
  770. p++;
  771. while (!(IS_EOF(conf, *p)) && (*p != q)) {
  772. if (IS_ESC(conf, *p)) {
  773. p++;
  774. if (IS_EOF(conf, *p))
  775. return p;
  776. }
  777. p++;
  778. }
  779. if (*p == q)
  780. p++;
  781. return p;
  782. }
  783. static char *scan_dquote(CONF *conf, char *p)
  784. {
  785. int q = *p;
  786. p++;
  787. while (!(IS_EOF(conf, *p))) {
  788. if (*p == q) {
  789. if (*(p + 1) == q) {
  790. p++;
  791. } else {
  792. break;
  793. }
  794. }
  795. p++;
  796. }
  797. if (*p == q)
  798. p++;
  799. return p;
  800. }
  801. static void dump_value_doall_arg(const CONF_VALUE *a, BIO *out)
  802. {
  803. if (a->name)
  804. BIO_printf(out, "[%s] %s=%s\n", a->section, a->name, a->value);
  805. else
  806. BIO_printf(out, "[[%s]]\n", a->section);
  807. }
  808. IMPLEMENT_LHASH_DOALL_ARG_CONST(CONF_VALUE, BIO);
  809. static int def_dump(const CONF *conf, BIO *out)
  810. {
  811. lh_CONF_VALUE_doall_BIO(conf->data, dump_value_doall_arg, out);
  812. return 1;
  813. }
  814. static int def_is_number(const CONF *conf, char c)
  815. {
  816. return IS_NUMBER(conf, c);
  817. }
  818. static int def_to_int(const CONF *conf, char c)
  819. {
  820. return c - '0';
  821. }