eng_cnf.c 5.5 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185
  1. /*
  2. * Copyright 2002-2020 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. /* We need to use some engine deprecated APIs */
  10. #define OPENSSL_SUPPRESS_DEPRECATED
  11. #include "eng_local.h"
  12. #include <openssl/conf.h>
  13. #include <openssl/trace.h>
  14. /* ENGINE config module */
  15. static const char *skip_dot(const char *name)
  16. {
  17. const char *p = strchr(name, '.');
  18. if (p != NULL)
  19. return p + 1;
  20. return name;
  21. }
  22. static STACK_OF(ENGINE) *initialized_engines = NULL;
  23. static int int_engine_init(ENGINE *e)
  24. {
  25. if (!ENGINE_init(e))
  26. return 0;
  27. if (!initialized_engines)
  28. initialized_engines = sk_ENGINE_new_null();
  29. if (!initialized_engines || !sk_ENGINE_push(initialized_engines, e)) {
  30. ENGINE_finish(e);
  31. return 0;
  32. }
  33. return 1;
  34. }
  35. static int int_engine_configure(const char *name, const char *value, const CONF *cnf)
  36. {
  37. int i;
  38. int ret = 0;
  39. long do_init = -1;
  40. STACK_OF(CONF_VALUE) *ecmds;
  41. CONF_VALUE *ecmd = NULL;
  42. const char *ctrlname, *ctrlvalue;
  43. ENGINE *e = NULL;
  44. int soft = 0;
  45. name = skip_dot(name);
  46. OSSL_TRACE1(CONF, "Configuring engine %s\n", name);
  47. /* Value is a section containing ENGINE commands */
  48. ecmds = NCONF_get_section(cnf, value);
  49. if (!ecmds) {
  50. ERR_raise(ERR_LIB_ENGINE, ENGINE_R_ENGINE_SECTION_ERROR);
  51. return 0;
  52. }
  53. for (i = 0; i < sk_CONF_VALUE_num(ecmds); i++) {
  54. ecmd = sk_CONF_VALUE_value(ecmds, i);
  55. ctrlname = skip_dot(ecmd->name);
  56. ctrlvalue = ecmd->value;
  57. OSSL_TRACE2(CONF, "ENGINE: doing ctrl(%s,%s)\n",
  58. ctrlname, ctrlvalue);
  59. /* First handle some special pseudo ctrls */
  60. /* Override engine name to use */
  61. if (strcmp(ctrlname, "engine_id") == 0)
  62. name = ctrlvalue;
  63. else if (strcmp(ctrlname, "soft_load") == 0)
  64. soft = 1;
  65. /* Load a dynamic ENGINE */
  66. else if (strcmp(ctrlname, "dynamic_path") == 0) {
  67. e = ENGINE_by_id("dynamic");
  68. if (!e)
  69. goto err;
  70. if (!ENGINE_ctrl_cmd_string(e, "SO_PATH", ctrlvalue, 0))
  71. goto err;
  72. if (!ENGINE_ctrl_cmd_string(e, "LIST_ADD", "2", 0))
  73. goto err;
  74. if (!ENGINE_ctrl_cmd_string(e, "LOAD", NULL, 0))
  75. goto err;
  76. }
  77. /* ... add other pseudos here ... */
  78. else {
  79. /*
  80. * At this point we need an ENGINE structural reference if we
  81. * don't already have one.
  82. */
  83. if (!e) {
  84. e = ENGINE_by_id(name);
  85. if (!e && soft) {
  86. ERR_clear_error();
  87. return 1;
  88. }
  89. if (!e)
  90. goto err;
  91. }
  92. /*
  93. * Allow "EMPTY" to mean no value: this allows a valid "value" to
  94. * be passed to ctrls of type NO_INPUT
  95. */
  96. if (strcmp(ctrlvalue, "EMPTY") == 0)
  97. ctrlvalue = NULL;
  98. if (strcmp(ctrlname, "init") == 0) {
  99. if (!NCONF_get_number_e(cnf, value, "init", &do_init))
  100. goto err;
  101. if (do_init == 1) {
  102. if (!int_engine_init(e))
  103. goto err;
  104. } else if (do_init != 0) {
  105. ERR_raise(ERR_LIB_ENGINE, ENGINE_R_INVALID_INIT_VALUE);
  106. goto err;
  107. }
  108. } else if (strcmp(ctrlname, "default_algorithms") == 0) {
  109. if (!ENGINE_set_default_string(e, ctrlvalue))
  110. goto err;
  111. } else if (!ENGINE_ctrl_cmd_string(e, ctrlname, ctrlvalue, 0))
  112. goto err;
  113. }
  114. }
  115. if (e && (do_init == -1) && !int_engine_init(e)) {
  116. ecmd = NULL;
  117. goto err;
  118. }
  119. ret = 1;
  120. err:
  121. if (ret != 1) {
  122. if (ecmd == NULL)
  123. ERR_raise(ERR_LIB_ENGINE, ENGINE_R_ENGINE_CONFIGURATION_ERROR);
  124. else
  125. ERR_raise_data(ERR_LIB_ENGINE, ENGINE_R_ENGINE_CONFIGURATION_ERROR,
  126. "section=%s, name=%s, value=%s",
  127. ecmd->section, ecmd->name, ecmd->value);
  128. }
  129. ENGINE_free(e);
  130. return ret;
  131. }
  132. static int int_engine_module_init(CONF_IMODULE *md, const CONF *cnf)
  133. {
  134. STACK_OF(CONF_VALUE) *elist;
  135. CONF_VALUE *cval;
  136. int i;
  137. OSSL_TRACE2(CONF, "Called engine module: name %s, value %s\n",
  138. CONF_imodule_get_name(md), CONF_imodule_get_value(md));
  139. /* Value is a section containing ENGINEs to configure */
  140. elist = NCONF_get_section(cnf, CONF_imodule_get_value(md));
  141. if (!elist) {
  142. ERR_raise(ERR_LIB_ENGINE, ENGINE_R_ENGINES_SECTION_ERROR);
  143. return 0;
  144. }
  145. for (i = 0; i < sk_CONF_VALUE_num(elist); i++) {
  146. cval = sk_CONF_VALUE_value(elist, i);
  147. if (!int_engine_configure(cval->name, cval->value, cnf))
  148. return 0;
  149. }
  150. return 1;
  151. }
  152. static void int_engine_module_finish(CONF_IMODULE *md)
  153. {
  154. ENGINE *e;
  155. while ((e = sk_ENGINE_pop(initialized_engines)))
  156. ENGINE_finish(e);
  157. sk_ENGINE_free(initialized_engines);
  158. initialized_engines = NULL;
  159. }
  160. void ENGINE_add_conf_module(void)
  161. {
  162. CONF_module_add("engines",
  163. int_engine_module_init, int_engine_module_finish);
  164. }