aboutsummaryrefslogtreecommitdiffstats
path: root/crypto/conf/conf_mod.c
diff options
context:
space:
mode:
Diffstat (limited to 'crypto/conf/conf_mod.c')
-rw-r--r--crypto/conf/conf_mod.c152
1 files changed, 51 insertions, 101 deletions
diff --git a/crypto/conf/conf_mod.c b/crypto/conf/conf_mod.c
index e2a9a81678ed..df53609cc47e 100644
--- a/crypto/conf/conf_mod.c
+++ b/crypto/conf/conf_mod.c
@@ -1,68 +1,18 @@
-/* conf_mod.c */
/*
- * Written by Stephen Henson (steve@openssl.org) for the OpenSSL project
- * 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
+ * Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.
*
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
*/
+#include "internal/cryptlib.h"
#include <stdio.h>
#include <ctype.h>
#include <openssl/crypto.h>
-#include "cryptlib.h"
-#include <openssl/conf.h>
-#include <openssl/dso.h>
+#include "internal/conf.h"
+#include "internal/dso.h"
#include <openssl/x509.h>
#define DSO_mod_init_name "OPENSSL_init"
@@ -106,16 +56,16 @@ static STACK_OF(CONF_IMODULE) *initialized_modules = NULL;
static void module_free(CONF_MODULE *md);
static void module_finish(CONF_IMODULE *imod);
-static int module_run(const CONF *cnf, char *name, char *value,
+static int module_run(const CONF *cnf, const char *name, const char *value,
unsigned long flags);
static CONF_MODULE *module_add(DSO *dso, const char *name,
conf_init_func *ifunc,
conf_finish_func *ffunc);
-static CONF_MODULE *module_find(char *name);
-static int module_init(CONF_MODULE *pmod, char *name, char *value,
+static CONF_MODULE *module_find(const char *name);
+static int module_init(CONF_MODULE *pmod, const char *name, const char *value,
const CONF *cnf);
-static CONF_MODULE *module_load_dso(const CONF *cnf, char *name, char *value,
- unsigned long flags);
+static CONF_MODULE *module_load_dso(const CONF *cnf, const char *name,
+ const char *value);
/* Main function: load modules from a CONF structure */
@@ -166,7 +116,7 @@ int CONF_modules_load_file(const char *filename, const char *appname,
CONF *conf = NULL;
int ret = 0;
conf = NCONF_new(NULL);
- if (!conf)
+ if (conf == NULL)
goto err;
if (filename == NULL) {
@@ -195,7 +145,7 @@ int CONF_modules_load_file(const char *filename, const char *appname,
return ret;
}
-static int module_run(const CONF *cnf, char *name, char *value,
+static int module_run(const CONF *cnf, const char *name, const char *value,
unsigned long flags)
{
CONF_MODULE *md;
@@ -205,7 +155,7 @@ static int module_run(const CONF *cnf, char *name, char *value,
/* Module not found: try to load DSO */
if (!md && !(flags & CONF_MFLAGS_NO_DSO))
- md = module_load_dso(cnf, name, value, flags);
+ md = module_load_dso(cnf, name, value);
if (!md) {
if (!(flags & CONF_MFLAGS_SILENT)) {
@@ -220,6 +170,7 @@ static int module_run(const CONF *cnf, char *name, char *value,
if (ret <= 0) {
if (!(flags & CONF_MFLAGS_SILENT)) {
char rcode[DECIMAL_SIZE(ret) + 1];
+
CONFerr(CONF_F_MODULE_RUN, CONF_R_MODULE_INITIALIZATION_ERROR);
BIO_snprintf(rcode, sizeof(rcode), "%-8d", ret);
ERR_add_error_data(6, "module=", name, ", value=", value,
@@ -231,13 +182,13 @@ static int module_run(const CONF *cnf, char *name, char *value,
}
/* Load a module from a DSO */
-static CONF_MODULE *module_load_dso(const CONF *cnf, char *name, char *value,
- unsigned long flags)
+static CONF_MODULE *module_load_dso(const CONF *cnf,
+ const char *name, const char *value)
{
DSO *dso = NULL;
conf_init_func *ifunc;
conf_finish_func *ffunc;
- char *path = NULL;
+ const char *path = NULL;
int errcode = 0;
CONF_MODULE *md;
/* Look for alternative path in module section */
@@ -266,8 +217,7 @@ static CONF_MODULE *module_load_dso(const CONF *cnf, char *name, char *value,
return md;
err:
- if (dso)
- DSO_free(dso);
+ DSO_free(dso);
CONFerr(CONF_F_MODULE_LOAD_DSO, errcode);
ERR_add_error_data(4, "module=", name, ", path=", path);
return NULL;
@@ -282,21 +232,22 @@ static CONF_MODULE *module_add(DSO *dso, const char *name,
supported_modules = sk_CONF_MODULE_new_null();
if (supported_modules == NULL)
return NULL;
- tmod = OPENSSL_malloc(sizeof(CONF_MODULE));
- if (tmod == NULL)
+ if ((tmod = OPENSSL_zalloc(sizeof(*tmod))) == NULL) {
+ CONFerr(CONF_F_MODULE_ADD, ERR_R_MALLOC_FAILURE);
return NULL;
+ }
tmod->dso = dso;
- tmod->name = BUF_strdup(name);
+ tmod->name = OPENSSL_strdup(name);
+ tmod->init = ifunc;
+ tmod->finish = ffunc;
if (tmod->name == NULL) {
OPENSSL_free(tmod);
return NULL;
}
- tmod->init = ifunc;
- tmod->finish = ffunc;
- tmod->links = 0;
if (!sk_CONF_MODULE_push(supported_modules, tmod)) {
+ OPENSSL_free(tmod->name);
OPENSSL_free(tmod);
return NULL;
}
@@ -310,7 +261,7 @@ static CONF_MODULE *module_add(DSO *dso, const char *name,
* initialized more than once.
*/
-static CONF_MODULE *module_find(char *name)
+static CONF_MODULE *module_find(const char *name)
{
CONF_MODULE *tmod;
int i, nchar;
@@ -324,7 +275,7 @@ static CONF_MODULE *module_find(char *name)
for (i = 0; i < sk_CONF_MODULE_num(supported_modules); i++) {
tmod = sk_CONF_MODULE_value(supported_modules, i);
- if (!strncmp(tmod->name, name, nchar))
+ if (strncmp(tmod->name, name, nchar) == 0)
return tmod;
}
@@ -333,7 +284,7 @@ static CONF_MODULE *module_find(char *name)
}
/* initialize a module */
-static int module_init(CONF_MODULE *pmod, char *name, char *value,
+static int module_init(CONF_MODULE *pmod, const char *name, const char *value,
const CONF *cnf)
{
int ret = 1;
@@ -341,13 +292,13 @@ static int module_init(CONF_MODULE *pmod, char *name, char *value,
CONF_IMODULE *imod = NULL;
/* Otherwise add initialized module to list */
- imod = OPENSSL_malloc(sizeof(CONF_IMODULE));
- if (!imod)
+ imod = OPENSSL_malloc(sizeof(*imod));
+ if (imod == NULL)
goto err;
imod->pmod = pmod;
- imod->name = BUF_strdup(name);
- imod->value = BUF_strdup(value);
+ imod->name = OPENSSL_strdup(name);
+ imod->value = OPENSSL_strdup(value);
imod->usr_data = NULL;
if (!imod->name || !imod->value)
@@ -387,10 +338,8 @@ static int module_init(CONF_MODULE *pmod, char *name, char *value,
memerr:
if (imod) {
- if (imod->name)
- OPENSSL_free(imod->name);
- if (imod->value)
- OPENSSL_free(imod->value);
+ OPENSSL_free(imod->name);
+ OPENSSL_free(imod->value);
OPENSSL_free(imod);
}
@@ -428,8 +377,7 @@ void CONF_modules_unload(int all)
/* unload a single module */
static void module_free(CONF_MODULE *md)
{
- if (md->dso)
- DSO_free(md->dso);
+ DSO_free(md->dso);
OPENSSL_free(md->name);
OPENSSL_free(md);
}
@@ -451,6 +399,8 @@ void CONF_modules_finish(void)
static void module_finish(CONF_IMODULE *imod)
{
+ if (!imod)
+ return;
if (imod->pmod->finish)
imod->pmod->finish(imod);
imod->pmod->links--;
@@ -470,7 +420,7 @@ int CONF_module_add(const char *name, conf_init_func *ifunc,
return 0;
}
-void CONF_modules_free(void)
+void conf_modules_free_int(void)
{
CONF_modules_finish();
CONF_modules_unload(1);
@@ -527,28 +477,28 @@ void CONF_module_set_usr_data(CONF_MODULE *pmod, void *usr_data)
char *CONF_get1_default_config_file(void)
{
- char *file;
+ char *file, *sep = "";
int len;
- file = getenv("OPENSSL_CONF");
- if (file)
- return BUF_strdup(file);
+ if (!OPENSSL_issetugid()) {
+ file = getenv("OPENSSL_CONF");
+ if (file)
+ return OPENSSL_strdup(file);
+ }
len = strlen(X509_get_default_cert_area());
#ifndef OPENSSL_SYS_VMS
len++;
+ sep = "/";
#endif
len += strlen(OPENSSL_CONF);
file = OPENSSL_malloc(len + 1);
- if (!file)
+ if (file == NULL)
return NULL;
- BUF_strlcpy(file, X509_get_default_cert_area(), len + 1);
-#ifndef OPENSSL_SYS_VMS
- BUF_strlcat(file, "/", len + 1);
-#endif
- BUF_strlcat(file, OPENSSL_CONF, len + 1);
+ BIO_snprintf(file, len + 1, "%s%s%s", X509_get_default_cert_area(),
+ sep, OPENSSL_CONF);
return file;
}