conf_def.c 27 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996
  1. /*
  2. * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. /* Part of the code in here was originally in conf.c, which is now removed */
  10. #include <stdio.h>
  11. #include <string.h>
  12. #include "internal/e_os.h" /* struct stat */
  13. #ifdef __TANDEM
  14. # include <sys/types.h> /* needed for stat.h */
  15. # include <sys/stat.h> /* struct stat */
  16. #endif
  17. #include "internal/cryptlib.h"
  18. #include "internal/o_dir.h"
  19. #include <openssl/lhash.h>
  20. #include <openssl/conf.h>
  21. #include <openssl/conf_api.h>
  22. #include "conf_local.h"
  23. #include "conf_def.h"
  24. #include <openssl/buffer.h>
  25. #include <openssl/err.h>
  26. #ifndef OPENSSL_NO_POSIX_IO
  27. # include <sys/stat.h>
  28. # ifdef _WIN32
  29. # define stat _stat
  30. # endif
  31. #endif
  32. #ifndef S_ISDIR
  33. # define S_ISDIR(a) (((a) & S_IFMT) == S_IFDIR)
  34. #endif
  35. /*
  36. * The maximum length we can grow a value to after variable expansion. 64k
  37. * should be more than enough for all reasonable uses.
  38. */
  39. #define MAX_CONF_VALUE_LENGTH 65536
  40. static int is_keytype(const CONF *conf, char c, unsigned short type);
  41. static char *eat_ws(CONF *conf, char *p);
  42. static void trim_ws(CONF *conf, char *start);
  43. static char *eat_alpha_numeric(CONF *conf, char *p);
  44. static void clear_comments(CONF *conf, char *p);
  45. static int str_copy(CONF *conf, char *section, char **to, char *from);
  46. static char *scan_quote(CONF *conf, char *p);
  47. static char *scan_dquote(CONF *conf, char *p);
  48. #define scan_esc(conf,p) (((IS_EOF((conf),(p)[1]))?((p)+1):((p)+2)))
  49. #ifndef OPENSSL_NO_POSIX_IO
  50. static BIO *process_include(char *include, OPENSSL_DIR_CTX **dirctx,
  51. char **dirpath);
  52. static BIO *get_next_file(const char *path, OPENSSL_DIR_CTX **dirctx);
  53. #endif
  54. static CONF *def_create(CONF_METHOD *meth);
  55. static int def_init_default(CONF *conf);
  56. #ifndef OPENSSL_NO_DEPRECATED_3_0
  57. static int def_init_WIN32(CONF *conf);
  58. #endif
  59. static int def_destroy(CONF *conf);
  60. static int def_destroy_data(CONF *conf);
  61. static int def_load(CONF *conf, const char *name, long *eline);
  62. static int def_load_bio(CONF *conf, BIO *bp, long *eline);
  63. static int def_dump(const CONF *conf, BIO *bp);
  64. static int def_is_number(const CONF *conf, char c);
  65. static int def_to_int(const CONF *conf, char c);
  66. static CONF_METHOD default_method = {
  67. "OpenSSL default",
  68. def_create,
  69. def_init_default,
  70. def_destroy,
  71. def_destroy_data,
  72. def_load_bio,
  73. def_dump,
  74. def_is_number,
  75. def_to_int,
  76. def_load
  77. };
  78. CONF_METHOD *NCONF_default(void)
  79. {
  80. return &default_method;
  81. }
  82. #ifndef OPENSSL_NO_DEPRECATED_3_0
  83. static CONF_METHOD WIN32_method = {
  84. "WIN32",
  85. def_create,
  86. def_init_WIN32,
  87. def_destroy,
  88. def_destroy_data,
  89. def_load_bio,
  90. def_dump,
  91. def_is_number,
  92. def_to_int,
  93. def_load
  94. };
  95. CONF_METHOD *NCONF_WIN32(void)
  96. {
  97. return &WIN32_method;
  98. }
  99. #endif
  100. static CONF *def_create(CONF_METHOD *meth)
  101. {
  102. CONF *ret;
  103. ret = OPENSSL_malloc(sizeof(*ret));
  104. if (ret != NULL)
  105. if (meth->init(ret) == 0) {
  106. OPENSSL_free(ret);
  107. ret = NULL;
  108. }
  109. return ret;
  110. }
  111. static int def_init_default(CONF *conf)
  112. {
  113. if (conf == NULL)
  114. return 0;
  115. memset(conf, 0, sizeof(*conf));
  116. conf->meth = &default_method;
  117. conf->meth_data = (void *)CONF_type_default;
  118. return 1;
  119. }
  120. #ifndef OPENSSL_NO_DEPRECATED_3_0
  121. static int def_init_WIN32(CONF *conf)
  122. {
  123. if (conf == NULL)
  124. return 0;
  125. memset(conf, 0, sizeof(*conf));
  126. conf->meth = &WIN32_method;
  127. conf->meth_data = (void *)CONF_type_win32;
  128. return 1;
  129. }
  130. #endif
  131. static int def_destroy(CONF *conf)
  132. {
  133. if (def_destroy_data(conf)) {
  134. OPENSSL_free(conf);
  135. return 1;
  136. }
  137. return 0;
  138. }
  139. static int def_destroy_data(CONF *conf)
  140. {
  141. if (conf == NULL)
  142. return 0;
  143. _CONF_free_data(conf);
  144. return 1;
  145. }
  146. static int def_load(CONF *conf, const char *name, long *line)
  147. {
  148. int ret;
  149. BIO *in = NULL;
  150. #ifdef OPENSSL_SYS_VMS
  151. in = BIO_new_file(name, "r");
  152. #else
  153. in = BIO_new_file(name, "rb");
  154. #endif
  155. if (in == NULL) {
  156. if (ERR_GET_REASON(ERR_peek_last_error()) == BIO_R_NO_SUCH_FILE)
  157. ERR_raise(ERR_LIB_CONF, CONF_R_NO_SUCH_FILE);
  158. else
  159. ERR_raise(ERR_LIB_CONF, ERR_R_SYS_LIB);
  160. return 0;
  161. }
  162. ret = def_load_bio(conf, in, line);
  163. BIO_free(in);
  164. return ret;
  165. }
  166. /* Parse a boolean value and fill in *flag. Return 0 on error. */
  167. static int parsebool(const char *pval, int *flag)
  168. {
  169. if (OPENSSL_strcasecmp(pval, "on") == 0
  170. || OPENSSL_strcasecmp(pval, "true") == 0) {
  171. *flag = 1;
  172. } else if (OPENSSL_strcasecmp(pval, "off") == 0
  173. || OPENSSL_strcasecmp(pval, "false") == 0) {
  174. *flag = 0;
  175. } else {
  176. ERR_raise(ERR_LIB_CONF, CONF_R_INVALID_PRAGMA);
  177. return 0;
  178. }
  179. return 1;
  180. }
  181. static int def_load_bio(CONF *conf, BIO *in, long *line)
  182. {
  183. /* The macro BUFSIZE conflicts with a system macro in VxWorks */
  184. #define CONFBUFSIZE 512
  185. int bufnum = 0, i, ii;
  186. BUF_MEM *buff = NULL;
  187. char *s, *p, *end;
  188. int again;
  189. int first_call = 1;
  190. long eline = 0;
  191. char btmp[DECIMAL_SIZE(eline) + 1];
  192. CONF_VALUE *v = NULL, *tv;
  193. CONF_VALUE *sv = NULL;
  194. char *section = NULL, *buf;
  195. char *start, *psection, *pname;
  196. void *h = (void *)(conf->data);
  197. STACK_OF(BIO) *biosk = NULL;
  198. #ifndef OPENSSL_NO_POSIX_IO
  199. char *dirpath = NULL;
  200. OPENSSL_DIR_CTX *dirctx = NULL;
  201. #endif
  202. if ((buff = BUF_MEM_new()) == NULL) {
  203. ERR_raise(ERR_LIB_CONF, ERR_R_BUF_LIB);
  204. goto err;
  205. }
  206. section = OPENSSL_strdup("default");
  207. if (section == NULL)
  208. goto err;
  209. if (_CONF_new_data(conf) == 0) {
  210. ERR_raise(ERR_LIB_CONF, ERR_R_CONF_LIB);
  211. goto err;
  212. }
  213. sv = _CONF_new_section(conf, section);
  214. if (sv == NULL) {
  215. ERR_raise(ERR_LIB_CONF, CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
  216. goto err;
  217. }
  218. bufnum = 0;
  219. again = 0;
  220. for (;;) {
  221. if (!BUF_MEM_grow(buff, bufnum + CONFBUFSIZE)) {
  222. ERR_raise(ERR_LIB_CONF, ERR_R_BUF_LIB);
  223. goto err;
  224. }
  225. p = &(buff->data[bufnum]);
  226. *p = '\0';
  227. read_retry:
  228. if (in != NULL && BIO_gets(in, p, CONFBUFSIZE - 1) < 0)
  229. goto err;
  230. p[CONFBUFSIZE - 1] = '\0';
  231. ii = i = strlen(p);
  232. if (first_call) {
  233. /* Other BOMs imply unsupported multibyte encoding,
  234. * so don't strip them and let the error raise */
  235. const unsigned char utf8_bom[3] = {0xEF, 0xBB, 0xBF};
  236. if (i >= 3 && memcmp(p, utf8_bom, 3) == 0) {
  237. memmove(p, p + 3, i - 3);
  238. p[i - 3] = 0;
  239. i -= 3;
  240. ii -= 3;
  241. }
  242. first_call = 0;
  243. }
  244. if (i == 0 && !again) {
  245. /* the currently processed BIO is NULL or at EOF */
  246. BIO *parent;
  247. #ifndef OPENSSL_NO_POSIX_IO
  248. /* continue processing with the next file from directory */
  249. if (dirctx != NULL) {
  250. BIO *next;
  251. if ((next = get_next_file(dirpath, &dirctx)) != NULL) {
  252. BIO_vfree(in);
  253. in = next;
  254. goto read_retry;
  255. } else {
  256. OPENSSL_free(dirpath);
  257. dirpath = NULL;
  258. }
  259. }
  260. #endif
  261. /* no more files in directory, continue with processing parent */
  262. if ((parent = sk_BIO_pop(biosk)) == NULL) {
  263. /* everything processed get out of the loop */
  264. break;
  265. } else {
  266. BIO_vfree(in);
  267. in = parent;
  268. goto read_retry;
  269. }
  270. }
  271. again = 0;
  272. while (i > 0) {
  273. if ((p[i - 1] != '\r') && (p[i - 1] != '\n'))
  274. break;
  275. else
  276. i--;
  277. }
  278. /*
  279. * we removed some trailing stuff so there is a new line on the end.
  280. */
  281. if (ii && i == ii)
  282. again = 1; /* long line */
  283. else {
  284. p[i] = '\0';
  285. eline++; /* another input line */
  286. }
  287. /* we now have a line with trailing \r\n removed */
  288. /* i is the number of bytes */
  289. bufnum += i;
  290. v = NULL;
  291. /* check for line continuation */
  292. if (bufnum >= 1) {
  293. /*
  294. * If we have bytes and the last char '\\' and second last char
  295. * is not '\\'
  296. */
  297. p = &(buff->data[bufnum - 1]);
  298. if (IS_ESC(conf, p[0]) && ((bufnum <= 1) || !IS_ESC(conf, p[-1]))) {
  299. bufnum--;
  300. again = 1;
  301. }
  302. }
  303. if (again)
  304. continue;
  305. bufnum = 0;
  306. buf = buff->data;
  307. clear_comments(conf, buf);
  308. s = eat_ws(conf, buf);
  309. if (IS_EOF(conf, *s))
  310. continue; /* blank line */
  311. if (*s == '[') {
  312. char *ss;
  313. s++;
  314. start = eat_ws(conf, s);
  315. ss = start;
  316. again:
  317. end = eat_alpha_numeric(conf, ss);
  318. p = eat_ws(conf, end);
  319. if (*p != ']') {
  320. if (*p != '\0' && ss != p) {
  321. ss = p;
  322. goto again;
  323. }
  324. ERR_raise(ERR_LIB_CONF, CONF_R_MISSING_CLOSE_SQUARE_BRACKET);
  325. goto err;
  326. }
  327. *end = '\0';
  328. if (!str_copy(conf, NULL, &section, start))
  329. goto err;
  330. if ((sv = _CONF_get_section(conf, section)) == NULL)
  331. sv = _CONF_new_section(conf, section);
  332. if (sv == NULL) {
  333. ERR_raise(ERR_LIB_CONF, CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
  334. goto err;
  335. }
  336. continue;
  337. } else {
  338. pname = s;
  339. end = eat_alpha_numeric(conf, s);
  340. if ((end[0] == ':') && (end[1] == ':')) {
  341. *end = '\0';
  342. end += 2;
  343. psection = pname;
  344. pname = end;
  345. end = eat_alpha_numeric(conf, end);
  346. } else {
  347. psection = section;
  348. }
  349. p = eat_ws(conf, end);
  350. if (CHECK_AND_SKIP_PREFIX(pname, ".pragma")
  351. && (p != pname || *p == '=')) {
  352. char *pval;
  353. if (*p == '=') {
  354. p++;
  355. p = eat_ws(conf, p);
  356. }
  357. trim_ws(conf, p);
  358. /* Pragma values take the form keyword:value */
  359. pval = strchr(p, ':');
  360. if (pval == NULL || pval == p || pval[1] == '\0') {
  361. ERR_raise(ERR_LIB_CONF, CONF_R_INVALID_PRAGMA);
  362. goto err;
  363. }
  364. *pval++ = '\0';
  365. trim_ws(conf, p);
  366. pval = eat_ws(conf, pval);
  367. /*
  368. * Known pragmas:
  369. *
  370. * dollarid takes "on", "true or "off", "false"
  371. * abspath takes "on", "true or "off", "false"
  372. * includedir directory prefix
  373. */
  374. if (strcmp(p, "dollarid") == 0) {
  375. if (!parsebool(pval, &conf->flag_dollarid))
  376. goto err;
  377. } else if (strcmp(p, "abspath") == 0) {
  378. if (!parsebool(pval, &conf->flag_abspath))
  379. goto err;
  380. } else if (strcmp(p, "includedir") == 0) {
  381. OPENSSL_free(conf->includedir);
  382. if ((conf->includedir = OPENSSL_strdup(pval)) == NULL)
  383. goto err;
  384. }
  385. /*
  386. * We *ignore* any unknown pragma.
  387. */
  388. continue;
  389. } else if (CHECK_AND_SKIP_PREFIX(pname, ".include")
  390. && (p != pname || *p == '=')) {
  391. char *include = NULL;
  392. BIO *next;
  393. const char *include_dir = ossl_safe_getenv("OPENSSL_CONF_INCLUDE");
  394. char *include_path = NULL;
  395. if (include_dir == NULL)
  396. include_dir = conf->includedir;
  397. if (*p == '=') {
  398. p++;
  399. p = eat_ws(conf, p);
  400. }
  401. trim_ws(conf, p);
  402. if (!str_copy(conf, psection, &include, p))
  403. goto err;
  404. if (include_dir != NULL && !ossl_is_absolute_path(include)) {
  405. size_t newlen = strlen(include_dir) + strlen(include) + 2;
  406. include_path = OPENSSL_malloc(newlen);
  407. if (include_path == NULL) {
  408. OPENSSL_free(include);
  409. goto err;
  410. }
  411. OPENSSL_strlcpy(include_path, include_dir, newlen);
  412. if (!ossl_ends_with_dirsep(include_path))
  413. OPENSSL_strlcat(include_path, "/", newlen);
  414. OPENSSL_strlcat(include_path, include, newlen);
  415. OPENSSL_free(include);
  416. } else {
  417. include_path = include;
  418. }
  419. if (conf->flag_abspath
  420. && !ossl_is_absolute_path(include_path)) {
  421. ERR_raise(ERR_LIB_CONF, CONF_R_RELATIVE_PATH);
  422. OPENSSL_free(include_path);
  423. goto err;
  424. }
  425. /* get the BIO of the included file */
  426. #ifndef OPENSSL_NO_POSIX_IO
  427. next = process_include(include_path, &dirctx, &dirpath);
  428. if (include_path != dirpath) {
  429. /* dirpath will contain include in case of a directory */
  430. OPENSSL_free(include_path);
  431. }
  432. #else
  433. next = BIO_new_file(include_path, "r");
  434. OPENSSL_free(include_path);
  435. #endif
  436. if (next != NULL) {
  437. /* push the currently processing BIO onto stack */
  438. if (biosk == NULL) {
  439. if ((biosk = sk_BIO_new_null()) == NULL) {
  440. ERR_raise(ERR_LIB_CONF, ERR_R_CRYPTO_LIB);
  441. BIO_free(next);
  442. goto err;
  443. }
  444. }
  445. if (!sk_BIO_push(biosk, in)) {
  446. ERR_raise(ERR_LIB_CONF, ERR_R_CRYPTO_LIB);
  447. BIO_free(next);
  448. goto err;
  449. }
  450. /* continue with reading from the included BIO */
  451. in = next;
  452. }
  453. continue;
  454. } else if (*p != '=') {
  455. ERR_raise_data(ERR_LIB_CONF, CONF_R_MISSING_EQUAL_SIGN,
  456. "HERE-->%s", p);
  457. goto err;
  458. }
  459. *end = '\0';
  460. p++;
  461. start = eat_ws(conf, p);
  462. trim_ws(conf, start);
  463. if ((v = OPENSSL_malloc(sizeof(*v))) == NULL)
  464. goto err;
  465. v->name = OPENSSL_strdup(pname);
  466. v->value = NULL;
  467. if (v->name == NULL)
  468. goto err;
  469. if (!str_copy(conf, psection, &(v->value), start))
  470. goto err;
  471. if (strcmp(psection, section) != 0) {
  472. if ((tv = _CONF_get_section(conf, psection))
  473. == NULL)
  474. tv = _CONF_new_section(conf, psection);
  475. if (tv == NULL) {
  476. ERR_raise(ERR_LIB_CONF,
  477. CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
  478. goto err;
  479. }
  480. } else
  481. tv = sv;
  482. if (_CONF_add_string(conf, tv, v) == 0) {
  483. ERR_raise(ERR_LIB_CONF, ERR_R_CONF_LIB);
  484. goto err;
  485. }
  486. v = NULL;
  487. }
  488. }
  489. BUF_MEM_free(buff);
  490. OPENSSL_free(section);
  491. /*
  492. * No need to pop, since we only get here if the stack is empty.
  493. * If this causes a BIO leak, THE ISSUE IS SOMEWHERE ELSE!
  494. */
  495. sk_BIO_free(biosk);
  496. return 1;
  497. err:
  498. BUF_MEM_free(buff);
  499. OPENSSL_free(section);
  500. /*
  501. * Since |in| is the first element of the stack and should NOT be freed
  502. * here, we cannot use sk_BIO_pop_free(). Instead, we pop and free one
  503. * BIO at a time, making sure that the last one popped isn't.
  504. */
  505. while (sk_BIO_num(biosk) > 0) {
  506. BIO *popped = sk_BIO_pop(biosk);
  507. BIO_vfree(in);
  508. in = popped;
  509. }
  510. sk_BIO_free(biosk);
  511. #ifndef OPENSSL_NO_POSIX_IO
  512. OPENSSL_free(dirpath);
  513. if (dirctx != NULL)
  514. OPENSSL_DIR_end(&dirctx);
  515. #endif
  516. if (line != NULL)
  517. *line = eline;
  518. BIO_snprintf(btmp, sizeof(btmp), "%ld", eline);
  519. ERR_add_error_data(2, "line ", btmp);
  520. if (h != conf->data) {
  521. CONF_free(conf->data);
  522. conf->data = NULL;
  523. }
  524. if (v != NULL) {
  525. OPENSSL_free(v->name);
  526. OPENSSL_free(v->value);
  527. OPENSSL_free(v);
  528. }
  529. return 0;
  530. }
  531. static void clear_comments(CONF *conf, char *p)
  532. {
  533. for (;;) {
  534. if (IS_FCOMMENT(conf, *p)) {
  535. *p = '\0';
  536. return;
  537. }
  538. if (!IS_WS(conf, *p)) {
  539. break;
  540. }
  541. p++;
  542. }
  543. for (;;) {
  544. if (IS_COMMENT(conf, *p)) {
  545. *p = '\0';
  546. return;
  547. }
  548. if (IS_DQUOTE(conf, *p)) {
  549. p = scan_dquote(conf, p);
  550. continue;
  551. }
  552. if (IS_QUOTE(conf, *p)) {
  553. p = scan_quote(conf, p);
  554. continue;
  555. }
  556. if (IS_ESC(conf, *p)) {
  557. p = scan_esc(conf, p);
  558. continue;
  559. }
  560. if (IS_EOF(conf, *p))
  561. return;
  562. else
  563. p++;
  564. }
  565. }
  566. static int str_copy(CONF *conf, char *section, char **pto, char *from)
  567. {
  568. int q, r, rr = 0, to = 0, len = 0;
  569. char *s, *e, *rp, *p, *rrp, *np, *cp, v;
  570. BUF_MEM *buf;
  571. if ((buf = BUF_MEM_new()) == NULL)
  572. return 0;
  573. len = strlen(from) + 1;
  574. if (!BUF_MEM_grow(buf, len))
  575. goto err;
  576. for (;;) {
  577. if (IS_QUOTE(conf, *from)) {
  578. q = *from;
  579. from++;
  580. while (!IS_EOF(conf, *from) && (*from != q)) {
  581. if (IS_ESC(conf, *from)) {
  582. from++;
  583. if (IS_EOF(conf, *from))
  584. break;
  585. }
  586. buf->data[to++] = *(from++);
  587. }
  588. if (*from == q)
  589. from++;
  590. } else if (IS_DQUOTE(conf, *from)) {
  591. q = *from;
  592. from++;
  593. while (!IS_EOF(conf, *from)) {
  594. if (*from == q) {
  595. if (*(from + 1) == q) {
  596. from++;
  597. } else {
  598. break;
  599. }
  600. }
  601. buf->data[to++] = *(from++);
  602. }
  603. if (*from == q)
  604. from++;
  605. } else if (IS_ESC(conf, *from)) {
  606. from++;
  607. v = *(from++);
  608. if (IS_EOF(conf, v))
  609. break;
  610. else if (v == 'r')
  611. v = '\r';
  612. else if (v == 'n')
  613. v = '\n';
  614. else if (v == 'b')
  615. v = '\b';
  616. else if (v == 't')
  617. v = '\t';
  618. buf->data[to++] = v;
  619. } else if (IS_EOF(conf, *from))
  620. break;
  621. else if (*from == '$'
  622. && (!conf->flag_dollarid
  623. || from[1] == '{'
  624. || from[1] == '(')) {
  625. size_t newsize;
  626. /* try to expand it */
  627. rrp = NULL;
  628. s = &(from[1]);
  629. if (*s == '{')
  630. q = '}';
  631. else if (*s == '(')
  632. q = ')';
  633. else
  634. q = 0;
  635. if (q)
  636. s++;
  637. cp = section;
  638. e = np = s;
  639. while (IS_ALNUM(conf, *e)
  640. || (conf->flag_dollarid && IS_DOLLAR(conf, *e)))
  641. e++;
  642. if ((e[0] == ':') && (e[1] == ':')) {
  643. cp = np;
  644. rrp = e;
  645. rr = *e;
  646. *rrp = '\0';
  647. e += 2;
  648. np = e;
  649. while (IS_ALNUM(conf, *e)
  650. || (conf->flag_dollarid && IS_DOLLAR(conf, *e)))
  651. e++;
  652. }
  653. r = *e;
  654. *e = '\0';
  655. rp = e;
  656. if (q) {
  657. if (r != q) {
  658. ERR_raise(ERR_LIB_CONF, CONF_R_NO_CLOSE_BRACE);
  659. goto err;
  660. }
  661. e++;
  662. }
  663. /*-
  664. * So at this point we have
  665. * np which is the start of the name string which is
  666. * '\0' terminated.
  667. * cp which is the start of the section string which is
  668. * '\0' terminated.
  669. * e is the 'next point after'.
  670. * r and rr are the chars replaced by the '\0'
  671. * rp and rrp is where 'r' and 'rr' came from.
  672. */
  673. p = _CONF_get_string(conf, cp, np);
  674. if (rrp != NULL)
  675. *rrp = rr;
  676. *rp = r;
  677. if (p == NULL) {
  678. ERR_raise(ERR_LIB_CONF, CONF_R_VARIABLE_HAS_NO_VALUE);
  679. goto err;
  680. }
  681. newsize = strlen(p) + buf->length - (e - from);
  682. if (newsize > MAX_CONF_VALUE_LENGTH) {
  683. ERR_raise(ERR_LIB_CONF, CONF_R_VARIABLE_EXPANSION_TOO_LONG);
  684. goto err;
  685. }
  686. if (!BUF_MEM_grow_clean(buf, newsize)) {
  687. ERR_raise(ERR_LIB_CONF, ERR_R_BUF_LIB);
  688. goto err;
  689. }
  690. while (*p)
  691. buf->data[to++] = *(p++);
  692. /*
  693. * Since we change the pointer 'from', we also have to change the
  694. * perceived length of the string it points at. /RL
  695. */
  696. len -= e - from;
  697. from = e;
  698. /*
  699. * In case there were no braces or parenthesis around the
  700. * variable reference, we have to put back the character that was
  701. * replaced with a '\0'. /RL
  702. */
  703. *rp = r;
  704. } else
  705. buf->data[to++] = *(from++);
  706. }
  707. buf->data[to] = '\0';
  708. OPENSSL_free(*pto);
  709. *pto = buf->data;
  710. OPENSSL_free(buf);
  711. return 1;
  712. err:
  713. BUF_MEM_free(buf);
  714. return 0;
  715. }
  716. #ifndef OPENSSL_NO_POSIX_IO
  717. /*
  718. * Check whether included path is a directory.
  719. * Returns next BIO to process and in case of a directory
  720. * also an opened directory context and the include path.
  721. */
  722. static BIO *process_include(char *include, OPENSSL_DIR_CTX **dirctx,
  723. char **dirpath)
  724. {
  725. struct stat st;
  726. BIO *next;
  727. if (stat(include, &st) < 0) {
  728. ERR_raise_data(ERR_LIB_SYS, errno, "calling stat(%s)", include);
  729. /* missing include file is not fatal error */
  730. return NULL;
  731. }
  732. if (S_ISDIR(st.st_mode)) {
  733. if (*dirctx != NULL) {
  734. ERR_raise_data(ERR_LIB_CONF, CONF_R_RECURSIVE_DIRECTORY_INCLUDE,
  735. "%s", include);
  736. return NULL;
  737. }
  738. /* a directory, load its contents */
  739. if ((next = get_next_file(include, dirctx)) != NULL)
  740. *dirpath = include;
  741. return next;
  742. }
  743. next = BIO_new_file(include, "r");
  744. return next;
  745. }
  746. /*
  747. * Get next file from the directory path.
  748. * Returns BIO of the next file to read and updates dirctx.
  749. */
  750. static BIO *get_next_file(const char *path, OPENSSL_DIR_CTX **dirctx)
  751. {
  752. const char *filename;
  753. size_t pathlen;
  754. pathlen = strlen(path);
  755. while ((filename = OPENSSL_DIR_read(dirctx, path)) != NULL) {
  756. size_t namelen;
  757. namelen = strlen(filename);
  758. if ((namelen > 5
  759. && OPENSSL_strcasecmp(filename + namelen - 5, ".conf") == 0)
  760. || (namelen > 4
  761. && OPENSSL_strcasecmp(filename + namelen - 4, ".cnf") == 0)) {
  762. size_t newlen;
  763. char *newpath;
  764. BIO *bio;
  765. newlen = pathlen + namelen + 2;
  766. newpath = OPENSSL_zalloc(newlen);
  767. if (newpath == NULL)
  768. break;
  769. #ifdef OPENSSL_SYS_VMS
  770. /*
  771. * If the given path isn't clear VMS syntax,
  772. * we treat it as on Unix.
  773. */
  774. if (path[pathlen - 1] == ']'
  775. || path[pathlen - 1] == '>'
  776. || path[pathlen - 1] == ':') {
  777. /* Clear VMS directory syntax, just copy as is */
  778. OPENSSL_strlcpy(newpath, path, newlen);
  779. }
  780. #endif
  781. if (newpath[0] == '\0') {
  782. OPENSSL_strlcpy(newpath, path, newlen);
  783. OPENSSL_strlcat(newpath, "/", newlen);
  784. }
  785. OPENSSL_strlcat(newpath, filename, newlen);
  786. bio = BIO_new_file(newpath, "r");
  787. OPENSSL_free(newpath);
  788. /* Errors when opening files are non-fatal. */
  789. if (bio != NULL)
  790. return bio;
  791. }
  792. }
  793. OPENSSL_DIR_end(dirctx);
  794. *dirctx = NULL;
  795. return NULL;
  796. }
  797. #endif
  798. static int is_keytype(const CONF *conf, char c, unsigned short type)
  799. {
  800. const unsigned short * keytypes = (const unsigned short *) conf->meth_data;
  801. unsigned char key = (unsigned char)c;
  802. #ifdef CHARSET_EBCDIC
  803. # if CHAR_BIT > 8
  804. if (key > 255) {
  805. /* key is out of range for os_toascii table */
  806. return 0;
  807. }
  808. # endif
  809. /* convert key from ebcdic to ascii */
  810. key = os_toascii[key];
  811. #endif
  812. if (key > 127) {
  813. /* key is not a seven bit ascii character */
  814. return 0;
  815. }
  816. return (keytypes[key] & type) ? 1 : 0;
  817. }
  818. static char *eat_ws(CONF *conf, char *p)
  819. {
  820. while (IS_WS(conf, *p) && (!IS_EOF(conf, *p)))
  821. p++;
  822. return p;
  823. }
  824. static void trim_ws(CONF *conf, char *start)
  825. {
  826. char *p = start;
  827. while (!IS_EOF(conf, *p))
  828. p++;
  829. p--;
  830. while ((p >= start) && IS_WS(conf, *p))
  831. p--;
  832. p++;
  833. *p = '\0';
  834. }
  835. static char *eat_alpha_numeric(CONF *conf, char *p)
  836. {
  837. for (;;) {
  838. if (IS_ESC(conf, *p)) {
  839. p = scan_esc(conf, p);
  840. continue;
  841. }
  842. if (!(IS_ALNUM_PUNCT(conf, *p)
  843. || (conf->flag_dollarid && IS_DOLLAR(conf, *p))))
  844. return p;
  845. p++;
  846. }
  847. }
  848. static char *scan_quote(CONF *conf, char *p)
  849. {
  850. int q = *p;
  851. p++;
  852. while (!(IS_EOF(conf, *p)) && (*p != q)) {
  853. if (IS_ESC(conf, *p)) {
  854. p++;
  855. if (IS_EOF(conf, *p))
  856. return p;
  857. }
  858. p++;
  859. }
  860. if (*p == q)
  861. p++;
  862. return p;
  863. }
  864. static char *scan_dquote(CONF *conf, char *p)
  865. {
  866. int q = *p;
  867. p++;
  868. while (!(IS_EOF(conf, *p))) {
  869. if (*p == q) {
  870. if (*(p + 1) == q) {
  871. p++;
  872. } else {
  873. break;
  874. }
  875. }
  876. p++;
  877. }
  878. if (*p == q)
  879. p++;
  880. return p;
  881. }
  882. static void dump_value_doall_arg(const CONF_VALUE *a, BIO *out)
  883. {
  884. if (a->name)
  885. BIO_printf(out, "[%s] %s=%s\n", a->section, a->name, a->value);
  886. else
  887. BIO_printf(out, "[[%s]]\n", a->section);
  888. }
  889. IMPLEMENT_LHASH_DOALL_ARG_CONST(CONF_VALUE, BIO);
  890. static int def_dump(const CONF *conf, BIO *out)
  891. {
  892. lh_CONF_VALUE_doall_BIO(conf->data, dump_value_doall_arg, out);
  893. return 1;
  894. }
  895. static int def_is_number(const CONF *conf, char c)
  896. {
  897. return IS_NUMBER(conf, c);
  898. }
  899. static int def_to_int(const CONF *conf, char c)
  900. {
  901. return c - '0';
  902. }