search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
dmake: do not set MAKEFLAGS=k
[unleashed/tickless.git] / lib / libcrypto / conf / conf_mod.c
blob9f252385e8a0c479b2979e10b854acf03a2772ce
1 /* $OpenBSD: conf_mod.c,v 1.27 2017/01/29 17:49:22 beck Exp $ */
2 /* Written by Stephen Henson (steve@openssl.org) for the OpenSSL
3 * project 2001.
4 */
5 /* ====================================================================
6 * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59 #include <ctype.h>
60 #include <stdio.h>
61 #include <string.h>
62 #include <unistd.h>
63
64 #include <openssl/conf.h>
65 #include <openssl/crypto.h>
66 #include <openssl/dso.h>
67 #include <openssl/err.h>
68 #include <openssl/x509.h>
69
70 #define DSO_mod_init_name "OPENSSL_init"
71 #define DSO_mod_finish_name "OPENSSL_finish"
72
73 /* This structure contains a data about supported modules.
74 * entries in this table correspond to either dynamic or
75 * static modules.
76 */
77
78 struct conf_module_st {
79 /* DSO of this module or NULL if static */
80 DSO *dso;
81 /* Name of the module */
82 char *name;
83 /* Init function */
84 conf_init_func *init;
85 /* Finish function */
86 conf_finish_func *finish;
87 /* Number of successfully initialized modules */
88 int links;
89 void *usr_data;
90 };
91
92
93 /* This structure contains information about modules that have been
94 * successfully initialized. There may be more than one entry for a
95 * given module.
96 */
97
98 struct conf_imodule_st {
99 CONF_MODULE *pmod;
100 char *name;
101 char *value;
102 unsigned long flags;
103 void *usr_data;
104 };
105
106 static STACK_OF(CONF_MODULE) *supported_modules = NULL;
107 static STACK_OF(CONF_IMODULE) *initialized_modules = NULL;
108
109 static void module_free(CONF_MODULE *md);
110 static void module_finish(CONF_IMODULE *imod);
111 static int module_run(const CONF *cnf, char *name, char *value,
112 unsigned long flags);
113 static CONF_MODULE *module_add(DSO *dso, const char *name,
114 conf_init_func *ifunc, conf_finish_func *ffunc);
115 static CONF_MODULE *module_find(char *name);
116 static int module_init(CONF_MODULE *pmod, char *name, char *value,
117 const CONF *cnf);
118 static CONF_MODULE *module_load_dso(const CONF *cnf, char *name, char *value,
119 unsigned long flags);
120
121 /* Main function: load modules from a CONF structure */
122
123 int
124 CONF_modules_load(const CONF *cnf, const char *appname, unsigned long flags)
125 {
126 STACK_OF(CONF_VALUE) *values;
127 CONF_VALUE *vl;
128 char *vsection = NULL;
129
130 int ret, i;
131
132 if (!cnf)
133 return 1;
134
135 if (appname)
136 vsection = NCONF_get_string(cnf, NULL, appname);
137
138 if (!appname || (!vsection && (flags & CONF_MFLAGS_DEFAULT_SECTION)))
139 vsection = NCONF_get_string(cnf, NULL, "openssl_conf");
140
141 if (!vsection) {
142 ERR_clear_error();
143 return 1;
144 }
145
146 values = NCONF_get_section(cnf, vsection);
147
148 if (!values)
149 return 0;
150
151 for (i = 0; i < sk_CONF_VALUE_num(values); i++) {
152 vl = sk_CONF_VALUE_value(values, i);
153 ret = module_run(cnf, vl->name, vl->value, flags);
154 if (ret <= 0)
155 if (!(flags & CONF_MFLAGS_IGNORE_ERRORS))
156 return ret;
157 }
158
159 return 1;
160 }
161
162 int
163 CONF_modules_load_file(const char *filename, const char *appname,
164 unsigned long flags)
165 {
166 char *file = NULL;
167 CONF *conf = NULL;
168 int ret = 0;
169 conf = NCONF_new(NULL);
170 if (!conf)
171 goto err;
172
173 if (filename == NULL) {
174 file = CONF_get1_default_config_file();
175 if (!file)
176 goto err;
177 } else
178 file = (char *)filename;
179
180 if (NCONF_load(conf, file, NULL) <= 0) {
181 if ((flags & CONF_MFLAGS_IGNORE_MISSING_FILE) &&
182 (ERR_GET_REASON(ERR_peek_last_error()) ==
183 CONF_R_NO_SUCH_FILE)) {
184 ERR_clear_error();
185 ret = 1;
186 }
187 goto err;
188 }
189
190 ret = CONF_modules_load(conf, appname, flags);
191
192 err:
193 if (filename == NULL)
194 free(file);
195 NCONF_free(conf);
196
197 return ret;
198 }
199
200 static int
201 module_run(const CONF *cnf, char *name, char *value, unsigned long flags)
202 {
203 CONF_MODULE *md;
204 int ret;
205
206 md = module_find(name);
207
208 /* Module not found: try to load DSO */
209 if (!md && !(flags & CONF_MFLAGS_NO_DSO))
210 md = module_load_dso(cnf, name, value, flags);
211
212 if (!md) {
213 if (!(flags & CONF_MFLAGS_SILENT)) {
214 CONFerror(CONF_R_UNKNOWN_MODULE_NAME);
215 ERR_asprintf_error_data("module=%s", name);
216 }
217 return -1;
218 }
219
220 ret = module_init(md, name, value, cnf);
221
222 if (ret <= 0) {
223 if (!(flags & CONF_MFLAGS_SILENT)) {
224 CONFerror(CONF_R_MODULE_INITIALIZATION_ERROR);
225 ERR_asprintf_error_data
226 ("module=%s, value=%s, retcode=%-8d",
227 name, value, ret);
228 }
229 }
230
231 return ret;
232 }
233
234 /* Load a module from a DSO */
235 static CONF_MODULE *
236 module_load_dso(const CONF *cnf, char *name, char *value, unsigned long flags)
237 {
238 DSO *dso = NULL;
239 conf_init_func *ifunc;
240 conf_finish_func *ffunc;
241 char *path = NULL;
242 int errcode = 0;
243 CONF_MODULE *md;
244
245 /* Look for alternative path in module section */
246 path = NCONF_get_string(cnf, value, "path");
247 if (!path) {
248 ERR_clear_error();
249 path = name;
250 }
251 dso = DSO_load(NULL, path, NULL, 0);
252 if (!dso) {
253 errcode = CONF_R_ERROR_LOADING_DSO;
254 goto err;
255 }
256 ifunc = (conf_init_func *)DSO_bind_func(dso, DSO_mod_init_name);
257 if (!ifunc) {
258 errcode = CONF_R_MISSING_INIT_FUNCTION;
259 goto err;
260 }
261 ffunc = (conf_finish_func *)DSO_bind_func(dso, DSO_mod_finish_name);
262 /* All OK, add module */
263 md = module_add(dso, name, ifunc, ffunc);
264
265 if (!md)
266 goto err;
267
268 return md;
269
270 err:
271 if (dso)
272 DSO_free(dso);
273 CONFerror(errcode);
274 ERR_asprintf_error_data("module=%s, path=%s", name, path);
275 return NULL;
276 }
277
278 /* add module to list */
279 static CONF_MODULE *
280 module_add(DSO *dso, const char *name, conf_init_func *ifunc,
281 conf_finish_func *ffunc)
282 {
283 CONF_MODULE *tmod = NULL;
284
285 if (name == NULL)
286 return NULL;
287 if (supported_modules == NULL)
288 supported_modules = sk_CONF_MODULE_new_null();
289 if (supported_modules == NULL)
290 return NULL;
291 tmod = malloc(sizeof(CONF_MODULE));
292 if (tmod == NULL)
293 return NULL;
294
295 tmod->dso = dso;
296 tmod->name = strdup(name);
297 tmod->init = ifunc;
298 tmod->finish = ffunc;
299 tmod->links = 0;
300
301 if (!sk_CONF_MODULE_push(supported_modules, tmod)) {
302 free(tmod);
303 return NULL;
304 }
305
306 return tmod;
307 }
308
309 /* Find a module from the list. We allow module names of the
310 * form modname.XXXX to just search for modname to allow the
311 * same module to be initialized more than once.
312 */
313
314 static CONF_MODULE *
315 module_find(char *name)
316 {
317 CONF_MODULE *tmod;
318 int i, nchar;
319 char *p;
320
321 p = strrchr(name, '.');
322
323 if (p)
324 nchar = p - name;
325 else
326 nchar = strlen(name);
327
328 for (i = 0; i < sk_CONF_MODULE_num(supported_modules); i++) {
329 tmod = sk_CONF_MODULE_value(supported_modules, i);
330 if (!strncmp(tmod->name, name, nchar))
331 return tmod;
332 }
333
334 return NULL;
335 }
336
337 /* initialize a module */
338 static int
339 module_init(CONF_MODULE *pmod, char *name, char *value, const CONF *cnf)
340 {
341 int ret = 1;
342 int init_called = 0;
343 CONF_IMODULE *imod = NULL;
344
345 /* Otherwise add initialized module to list */
346 imod = malloc(sizeof(CONF_IMODULE));
347 if (!imod)
348 goto err;
349
350 imod->pmod = pmod;
351 imod->name = name ? strdup(name) : NULL;
352 imod->value = value ? strdup(value) : NULL;
353 imod->usr_data = NULL;
354
355 if (!imod->name || !imod->value)
356 goto memerr;
357
358 /* Try to initialize module */
359 if (pmod->init) {
360 ret = pmod->init(imod, cnf);
361 init_called = 1;
362 /* Error occurred, exit */
363 if (ret <= 0)
364 goto err;
365 }
366
367 if (initialized_modules == NULL) {
368 initialized_modules = sk_CONF_IMODULE_new_null();
369 if (!initialized_modules) {
370 CONFerror(ERR_R_MALLOC_FAILURE);
371 goto err;
372 }
373 }
374
375 if (!sk_CONF_IMODULE_push(initialized_modules, imod)) {
376 CONFerror(ERR_R_MALLOC_FAILURE);
377 goto err;
378 }
379
380 pmod->links++;
381
382 return ret;
383
384 err:
385 /* We've started the module so we'd better finish it */
386 if (pmod->finish && init_called)
387 pmod->finish(imod);
388
389 memerr:
390 if (imod) {
391 free(imod->name);
392 free(imod->value);
393 free(imod);
394 }
395
396 return -1;
397 }
398
399 /* Unload any dynamic modules that have a link count of zero:
400 * i.e. have no active initialized modules. If 'all' is set
401 * then all modules are unloaded including static ones.
402 */
403
404 void
405 CONF_modules_unload(int all)
406 {
407 int i;
408 CONF_MODULE *md;
409
410 CONF_modules_finish();
411
412 /* unload modules in reverse order */
413 for (i = sk_CONF_MODULE_num(supported_modules) - 1; i >= 0; i--) {
414 md = sk_CONF_MODULE_value(supported_modules, i);
415 /* If static or in use and 'all' not set ignore it */
416 if (((md->links > 0) || !md->dso) && !all)
417 continue;
418 /* Since we're working in reverse this is OK */
419 (void)sk_CONF_MODULE_delete(supported_modules, i);
420 module_free(md);
421 }
422 if (sk_CONF_MODULE_num(supported_modules) == 0) {
423 sk_CONF_MODULE_free(supported_modules);
424 supported_modules = NULL;
425 }
426 }
427
428 /* unload a single module */
429 static void
430 module_free(CONF_MODULE *md)
431 {
432 if (md->dso)
433 DSO_free(md->dso);
434 free(md->name);
435 free(md);
436 }
437
438 /* finish and free up all modules instances */
439
440 void
441 CONF_modules_finish(void)
442 {
443 CONF_IMODULE *imod;
444
445 while (sk_CONF_IMODULE_num(initialized_modules) > 0) {
446 imod = sk_CONF_IMODULE_pop(initialized_modules);
447 module_finish(imod);
448 }
449 sk_CONF_IMODULE_free(initialized_modules);
450 initialized_modules = NULL;
451 }
452
453 /* finish a module instance */
454
455 static void
456 module_finish(CONF_IMODULE *imod)
457 {
458 if (imod->pmod->finish)
459 imod->pmod->finish(imod);
460 imod->pmod->links--;
461 free(imod->name);
462 free(imod->value);
463 free(imod);
464 }
465
466 /* Add a static module to OpenSSL */
467
468 int
469 CONF_module_add(const char *name, conf_init_func *ifunc,
470 conf_finish_func *ffunc)
471 {
472 if (module_add(NULL, name, ifunc, ffunc))
473 return 1;
474 else
475 return 0;
476 }
477
478 void
479 CONF_modules_free(void)
480 {
481 CONF_modules_finish();
482 CONF_modules_unload(1);
483 }
484
485 /* Utility functions */
486
487 const char *
488 CONF_imodule_get_name(const CONF_IMODULE *md)
489 {
490 return md->name;
491 }
492
493 const char *
494 CONF_imodule_get_value(const CONF_IMODULE *md)
495 {
496 return md->value;
497 }
498
499 void *
500 CONF_imodule_get_usr_data(const CONF_IMODULE *md)
501 {
502 return md->usr_data;
503 }
504
505 void
506 CONF_imodule_set_usr_data(CONF_IMODULE *md, void *usr_data)
507 {
508 md->usr_data = usr_data;
509 }
510
511 CONF_MODULE *
512 CONF_imodule_get_module(const CONF_IMODULE *md)
513 {
514 return md->pmod;
515 }
516
517 unsigned long
518 CONF_imodule_get_flags(const CONF_IMODULE *md)
519 {
520 return md->flags;
521 }
522
523 void
524 CONF_imodule_set_flags(CONF_IMODULE *md, unsigned long flags)
525 {
526 md->flags = flags;
527 }
528
529 void *
530 CONF_module_get_usr_data(CONF_MODULE *pmod)
531 {
532 return pmod->usr_data;
533 }
534
535 void
536 CONF_module_set_usr_data(CONF_MODULE *pmod, void *usr_data)
537 {
538 pmod->usr_data = usr_data;
539 }
540
541 /* Return default config file name */
542
543 char *
544 CONF_get1_default_config_file(void)
545 {
546 char *file = NULL;
547
548 if (asprintf(&file, "%s/openssl.cnf",
549 X509_get_default_cert_area()) == -1)
550 return (NULL);
551 return file;
552 }
553
554 /* This function takes a list separated by 'sep' and calls the
555 * callback function giving the start and length of each member
556 * optionally stripping leading and trailing whitespace. This can
557 * be used to parse comma separated lists for example.
558 */
559
560 int
561 CONF_parse_list(const char *list_, int sep, int nospc,
562 int (*list_cb)(const char *elem, int len, void *usr), void *arg)
563 {
564 int ret;
565 const char *lstart, *tmpend, *p;
566
567 if (list_ == NULL) {
568 CONFerror(CONF_R_LIST_CANNOT_BE_NULL);
569 return 0;
570 }
571
572 lstart = list_;
573 for (;;) {
574 if (nospc) {
575 while (*lstart && isspace((unsigned char)*lstart))
576 lstart++;
577 }
578 p = strchr(lstart, sep);
579 if (p == lstart || !*lstart)
580 ret = list_cb(NULL, 0, arg);
581 else {
582 if (p)
583 tmpend = p - 1;
584 else
585 tmpend = lstart + strlen(lstart) - 1;
586 if (nospc) {
587 while (isspace((unsigned char)*tmpend))
588 tmpend--;
589 }
590 ret = list_cb(lstart, tmpend - lstart + 1, arg);
591 }
592 if (ret <= 0)
593 return ret;
594 if (p == NULL)
595 return 1;
596 lstart = p + 1;
597 }
598 }
unleashed repo fork