X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;ds=sidebyside;f=apps%2Fapps.c;h=8703d0cc31eee3d145426bb84918705802f712d7;hb=16df8dfe62e2fc4c8dd40a42b5abe280a63b7608;hp=cca42ac30756e65e68e358aa733d8ff88569fb12;hpb=846e33c729311169d9c988ceba29484b3783f244;p=oweals%2Fopenssl.git diff --git a/apps/apps.c b/apps/apps.c index cca42ac307..8703d0cc31 100644 --- a/apps/apps.c +++ b/apps/apps.c @@ -14,12 +14,11 @@ */ # define _POSIX_C_SOURCE 2 #endif + #include #include #include -#ifndef NO_SYS_TYPES_H -# include -#endif +#include #ifndef OPENSSL_NO_POSIX_IO # include # include @@ -41,7 +40,7 @@ #endif #include #include - +#include "s_apps.h" #include "apps.h" #ifdef _WIN32 @@ -243,36 +242,27 @@ int password_callback(char *buf, int bufsiz, int verify, PW_CB_DATA *cb_tmp) int res = 0; #ifndef OPENSSL_NO_UI UI *ui = NULL; - const char *prompt_info = NULL; #endif - const char *password = NULL; PW_CB_DATA *cb_data = (PW_CB_DATA *)cb_tmp; - if (cb_data) { - if (cb_data->password) - password = cb_data->password; -#ifndef OPENSSL_NO_UI - if (cb_data->prompt_info) - prompt_info = cb_data->prompt_info; -#endif - } - - if (password) { - res = strlen(password); +#ifdef OPENSSL_NO_UI + if (cb_data != NULL && cb_data->password != NULL) { + res = strlen(cb_data->password); if (res > bufsiz) res = bufsiz; - memcpy(buf, password, res); - return res; + memcpy(buf, cb_data->password, res); } - -#ifndef OPENSSL_NO_UI +#else ui = UI_new_method(ui_method); if (ui) { int ok = 0; char *buff = NULL; int ui_flags = 0; + const char *prompt_info = NULL; char *prompt; + if (cb_data != NULL && cb_data->prompt_info != NULL) + prompt_info = cb_data->prompt_info; prompt = UI_construct_prompt(ui, "pass phrase", prompt_info); if (!prompt) { BIO_printf(bio_err, "Out of memory\n"); @@ -283,6 +273,9 @@ int password_callback(char *buf, int bufsiz, int verify, PW_CB_DATA *cb_tmp) ui_flags |= UI_INPUT_FLAG_DEFAULT_PWD; UI_ctrl(ui, UI_CTRL_PRINT_ERRORS, 1, 0, 0); + /* We know that there is no previous user data to return to us */ + (void)UI_add_user_data(ui, cb_data); + if (ok >= 0) ok = UI_add_input_string(ui, prompt, ui_flags, buf, PW_MIN_LENGTH, bufsiz - 1); @@ -319,9 +312,9 @@ int password_callback(char *buf, int bufsiz, int verify, PW_CB_DATA *cb_tmp) return res; } -static char *app_get_pass(char *arg, int keepbio); +static char *app_get_pass(const char *arg, int keepbio); -int app_passwd(char *arg1, char *arg2, char **pass1, char **pass2) +int app_passwd(const char *arg1, const char *arg2, char **pass1, char **pass2) { int same; if (!arg2 || !arg1 || strcmp(arg1, arg2)) @@ -343,7 +336,7 @@ int app_passwd(char *arg1, char *arg2, char **pass1, char **pass2) return 1; } -static char *app_get_pass(char *arg, int keepbio) +static char *app_get_pass(const char *arg, int keepbio) { char *tmp, tpass[APP_PASS_LEN]; static BIO *pwdbio = NULL; @@ -691,7 +684,10 @@ EVP_PKEY *load_key(const char *file, int format, int maybe_stdin, BIO_printf(bio_err, "no engine specified\n"); else { #ifndef OPENSSL_NO_ENGINE - pkey = ENGINE_load_private_key(e, file, ui_method, &cb_data); + if (ENGINE_init(e)) { + pkey = ENGINE_load_private_key(e, file, ui_method, &cb_data); + ENGINE_finish(e); + } if (pkey == NULL) { BIO_printf(bio_err, "cannot load %s from engine\n", key_descrip); ERR_print_errors(bio_err); @@ -925,7 +921,7 @@ void* app_malloc(int sz, const char *what) } /* - * Initialize or extend, if *certs != NULL, a certificate stack. + * Initialize or extend, if *certs != NULL, a certificate stack. */ int load_certs(const char *file, STACK_OF(X509) **certs, int format, const char *pass, const char *desc) @@ -934,7 +930,7 @@ int load_certs(const char *file, STACK_OF(X509) **certs, int format, } /* - * Initialize or extend, if *crls != NULL, a certificate stack. + * Initialize or extend, if *crls != NULL, a certificate stack. */ int load_crls(const char *file, STACK_OF(X509_CRL) **crls, int format, const char *pass, const char *desc) @@ -985,6 +981,7 @@ int set_name_ex(unsigned long *flags, const char *arg) { static const NAME_EX_TBL ex_tbl[] = { {"esc_2253", ASN1_STRFLGS_ESC_2253, 0}, + {"esc_2254", ASN1_STRFLGS_ESC_2254, 0}, {"esc_ctrl", ASN1_STRFLGS_ESC_CTRL, 0}, {"esc_msb", ASN1_STRFLGS_ESC_MSB, 0}, {"use_quote", ASN1_STRFLGS_ESC_QUOTE, 0}, @@ -1146,7 +1143,7 @@ void print_name(BIO *out, const char *title, X509_NAME *nm, } } -void print_bignum_var(BIO *out, BIGNUM *in, const char *var, +void print_bignum_var(BIO *out, const BIGNUM *in, const char *var, int len, unsigned char *buffer) { BIO_printf(out, " static unsigned char %s_%d[] = {", var, len); @@ -1183,7 +1180,7 @@ void print_array(BIO *out, const char* title, int len, const unsigned char* d) BIO_printf(out, "\n};\n"); } -X509_STORE *setup_verify(char *CAfile, char *CApath, int noCAfile, int noCApath) +X509_STORE *setup_verify(const char *CAfile, const char *CApath, int noCAfile, int noCApath) { X509_STORE *store = X509_STORE_new(); X509_LOOKUP *lookup; @@ -1191,7 +1188,7 @@ X509_STORE *setup_verify(char *CAfile, char *CApath, int noCAfile, int noCApath) if (store == NULL) goto end; - if(CAfile != NULL || !noCAfile) { + if (CAfile != NULL || !noCAfile) { lookup = X509_STORE_add_lookup(store, X509_LOOKUP_file()); if (lookup == NULL) goto end; @@ -1204,7 +1201,7 @@ X509_STORE *setup_verify(char *CAfile, char *CApath, int noCAfile, int noCApath) X509_LOOKUP_load_file(lookup, NULL, X509_FILETYPE_DEFAULT); } - if(CApath != NULL || !noCApath) { + if (CApath != NULL || !noCApath) { lookup = X509_STORE_add_lookup(store, X509_LOOKUP_hash_dir()); if (lookup == NULL) goto end; @@ -1238,11 +1235,13 @@ static ENGINE *try_load_engine(const char *engine) } return e; } +#endif ENGINE *setup_engine(const char *engine, int debug) { ENGINE *e = NULL; +#ifndef OPENSSL_NO_ENGINE if (engine) { if (strcmp(engine, "auto") == 0) { BIO_printf(bio_err, "enabling auto ENGINE support\n"); @@ -1267,13 +1266,19 @@ ENGINE *setup_engine(const char *engine, int debug) } BIO_printf(bio_err, "engine \"%s\" set.\n", ENGINE_get_id(e)); - - /* Free our "structural" reference. */ - ENGINE_free(e); } +#endif return e; } + +void release_engine(ENGINE *e) +{ +#ifndef OPENSSL_NO_ENGINE + if (e != NULL) + /* Free our "structural" reference. */ + ENGINE_free(e); #endif +} static unsigned long index_serial_hash(const OPENSSL_CSTRING *a) { @@ -1282,7 +1287,7 @@ static unsigned long index_serial_hash(const OPENSSL_CSTRING *a) n = a[DB_serial]; while (*n == '0') n++; - return (lh_strhash(n)); + return OPENSSL_LH_strhash(n); } static int index_serial_cmp(const OPENSSL_CSTRING *a, @@ -1302,7 +1307,7 @@ static int index_name_qual(char **a) static unsigned long index_name_hash(const OPENSSL_CSTRING *a) { - return (lh_strhash(a[DB_name])); + return OPENSSL_LH_strhash(a[DB_name]); } int index_name_cmp(const OPENSSL_CSTRING *a, const OPENSSL_CSTRING *b) @@ -1316,7 +1321,7 @@ static IMPLEMENT_LHASH_HASH_FN(index_name, OPENSSL_CSTRING) static IMPLEMENT_LHASH_COMP_FN(index_name, OPENSSL_CSTRING) #undef BSIZE #define BSIZE 256 -BIGNUM *load_serial(char *serialfile, int create, ASN1_INTEGER **retai) +BIGNUM *load_serial(const char *serialfile, int create, ASN1_INTEGER **retai) { BIO *in = NULL; BIGNUM *ret = NULL; @@ -1361,7 +1366,7 @@ BIGNUM *load_serial(char *serialfile, int create, ASN1_INTEGER **retai) return (ret); } -int save_serial(char *serialfile, char *suffix, BIGNUM *serial, +int save_serial(const char *serialfile, const char *suffix, const BIGNUM *serial, ASN1_INTEGER **retai) { char buf[1][BSIZE]; @@ -1383,9 +1388,9 @@ int save_serial(char *serialfile, char *suffix, BIGNUM *serial, OPENSSL_strlcpy(buf[0], serialfile, BSIZE); else { #ifndef OPENSSL_SYS_VMS - j = BIO_snprintf(buf[0], sizeof buf[0], "%s.%s", serialfile, suffix); + j = BIO_snprintf(buf[0], sizeof(buf[0]), "%s.%s", serialfile, suffix); #else - j = BIO_snprintf(buf[0], sizeof buf[0], "%s-%s", serialfile, suffix); + j = BIO_snprintf(buf[0], sizeof(buf[0]), "%s-%s", serialfile, suffix); #endif } out = BIO_new_file(buf[0], "w"); @@ -1411,9 +1416,10 @@ int save_serial(char *serialfile, char *suffix, BIGNUM *serial, return (ret); } -int rotate_serial(char *serialfile, char *new_suffix, char *old_suffix) +int rotate_serial(const char *serialfile, const char *new_suffix, + const char *old_suffix) { - char buf[5][BSIZE]; + char buf[2][BSIZE]; int i, j; i = strlen(serialfile) + strlen(old_suffix); @@ -1425,11 +1431,11 @@ int rotate_serial(char *serialfile, char *new_suffix, char *old_suffix) goto err; } #ifndef OPENSSL_SYS_VMS - j = BIO_snprintf(buf[0], sizeof buf[0], "%s.%s", serialfile, new_suffix); - j = BIO_snprintf(buf[1], sizeof buf[1], "%s.%s", serialfile, old_suffix); + j = BIO_snprintf(buf[0], sizeof(buf[0]), "%s.%s", serialfile, new_suffix); + j = BIO_snprintf(buf[1], sizeof(buf[1]), "%s.%s", serialfile, old_suffix); #else - j = BIO_snprintf(buf[0], sizeof buf[0], "%s-%s", serialfile, new_suffix); - j = BIO_snprintf(buf[1], sizeof buf[1], "%s-%s", serialfile, old_suffix); + j = BIO_snprintf(buf[0], sizeof(buf[0]), "%s-%s", serialfile, new_suffix); + j = BIO_snprintf(buf[1], sizeof(buf[1]), "%s-%s", serialfile, old_suffix); #endif if (rename(serialfile, buf[1]) < 0 && errno != ENOENT #ifdef ENOTDIR @@ -1481,7 +1487,7 @@ int rand_serial(BIGNUM *b, ASN1_INTEGER *ai) return ret; } -CA_DB *load_index(char *dbfile, DB_ATTR *db_attr) +CA_DB *load_index(const char *dbfile, DB_ATTR *db_attr) { CA_DB *retdb = NULL; TXT_DB *tmpdb = NULL; @@ -1498,9 +1504,9 @@ CA_DB *load_index(char *dbfile, DB_ATTR *db_attr) goto err; #ifndef OPENSSL_SYS_VMS - BIO_snprintf(buf, sizeof buf, "%s.attr", dbfile); + BIO_snprintf(buf, sizeof(buf), "%s.attr", dbfile); #else - BIO_snprintf(buf, sizeof buf, "%s-attr", dbfile); + BIO_snprintf(buf, sizeof(buf), "%s-attr", dbfile); #endif dbattr_conf = app_load_config(buf); @@ -1561,13 +1567,13 @@ int save_index(const char *dbfile, const char *suffix, CA_DB *db) goto err; } #ifndef OPENSSL_SYS_VMS - j = BIO_snprintf(buf[2], sizeof buf[2], "%s.attr", dbfile); - j = BIO_snprintf(buf[1], sizeof buf[1], "%s.attr.%s", dbfile, suffix); - j = BIO_snprintf(buf[0], sizeof buf[0], "%s.%s", dbfile, suffix); + j = BIO_snprintf(buf[2], sizeof(buf[2]), "%s.attr", dbfile); + j = BIO_snprintf(buf[1], sizeof(buf[1]), "%s.attr.%s", dbfile, suffix); + j = BIO_snprintf(buf[0], sizeof(buf[0]), "%s.%s", dbfile, suffix); #else - j = BIO_snprintf(buf[2], sizeof buf[2], "%s-attr", dbfile); - j = BIO_snprintf(buf[1], sizeof buf[1], "%s-attr-%s", dbfile, suffix); - j = BIO_snprintf(buf[0], sizeof buf[0], "%s-%s", dbfile, suffix); + j = BIO_snprintf(buf[2], sizeof(buf[2]), "%s-attr", dbfile); + j = BIO_snprintf(buf[1], sizeof(buf[1]), "%s-attr-%s", dbfile, suffix); + j = BIO_snprintf(buf[0], sizeof(buf[0]), "%s-%s", dbfile, suffix); #endif out = BIO_new_file(buf[0], "w"); if (out == NULL) { @@ -1610,17 +1616,17 @@ int rotate_index(const char *dbfile, const char *new_suffix, goto err; } #ifndef OPENSSL_SYS_VMS - j = BIO_snprintf(buf[4], sizeof buf[4], "%s.attr", dbfile); - j = BIO_snprintf(buf[3], sizeof buf[3], "%s.attr.%s", dbfile, old_suffix); - j = BIO_snprintf(buf[2], sizeof buf[2], "%s.attr.%s", dbfile, new_suffix); - j = BIO_snprintf(buf[1], sizeof buf[1], "%s.%s", dbfile, old_suffix); - j = BIO_snprintf(buf[0], sizeof buf[0], "%s.%s", dbfile, new_suffix); + j = BIO_snprintf(buf[4], sizeof(buf[4]), "%s.attr", dbfile); + j = BIO_snprintf(buf[3], sizeof(buf[3]), "%s.attr.%s", dbfile, old_suffix); + j = BIO_snprintf(buf[2], sizeof(buf[2]), "%s.attr.%s", dbfile, new_suffix); + j = BIO_snprintf(buf[1], sizeof(buf[1]), "%s.%s", dbfile, old_suffix); + j = BIO_snprintf(buf[0], sizeof(buf[0]), "%s.%s", dbfile, new_suffix); #else - j = BIO_snprintf(buf[4], sizeof buf[4], "%s-attr", dbfile); - j = BIO_snprintf(buf[3], sizeof buf[3], "%s-attr-%s", dbfile, old_suffix); - j = BIO_snprintf(buf[2], sizeof buf[2], "%s-attr-%s", dbfile, new_suffix); - j = BIO_snprintf(buf[1], sizeof buf[1], "%s-%s", dbfile, old_suffix); - j = BIO_snprintf(buf[0], sizeof buf[0], "%s-%s", dbfile, new_suffix); + j = BIO_snprintf(buf[4], sizeof(buf[4]), "%s-attr", dbfile); + j = BIO_snprintf(buf[3], sizeof(buf[3]), "%s-attr-%s", dbfile, old_suffix); + j = BIO_snprintf(buf[2], sizeof(buf[2]), "%s-attr-%s", dbfile, new_suffix); + j = BIO_snprintf(buf[1], sizeof(buf[1]), "%s-%s", dbfile, old_suffix); + j = BIO_snprintf(buf[0], sizeof(buf[0]), "%s-%s", dbfile, new_suffix); #endif if (rename(dbfile, buf[1]) < 0 && errno != ENOENT #ifdef ENOTDIR @@ -1782,6 +1788,7 @@ int bio_to_mem(unsigned char **out, int maxlen, BIO *in) BIO *mem; int len, ret; unsigned char tbuf[1024]; + mem = BIO_new(BIO_s_mem()); if (mem == NULL) return -1; @@ -1935,7 +1942,7 @@ static const char *get_dp_url(DIST_POINT *dp) gen = sk_GENERAL_NAME_value(gens, i); uri = GENERAL_NAME_get0_value(gen, >ype); if (gtype == GEN_URI && ASN1_STRING_length(uri) > 6) { - char *uptr = (char *)ASN1_STRING_data(uri); + const char *uptr = (const char *)ASN1_STRING_get0_data(uri); if (strncmp(uptr, "http://", 7) == 0) return uptr; } @@ -1981,8 +1988,10 @@ static STACK_OF(X509_CRL) *crls_http_cb(X509_STORE_CTX *ctx, X509_NAME *nm) crldp = X509_get_ext_d2i(x, NID_crl_distribution_points, NULL, NULL); crl = load_crl_crldp(crldp); sk_DIST_POINT_pop_free(crldp, DIST_POINT_free); - if (!crl) + if (!crl) { + sk_X509_CRL_free(crls); return NULL; + } sk_X509_CRL_push(crls, crl); /* Try to download delta CRL */ crldp = X509_get_ext_d2i(x, NID_freshest_crl, NULL, NULL); @@ -2244,29 +2253,27 @@ int app_access(const char* name, int flag) #ifdef _WIN32 int app_isdir(const char *name) { - HANDLE hList; - WIN32_FIND_DATA FileData; + DWORD attr; # if defined(UNICODE) || defined(_UNICODE) size_t i, len_0 = strlen(name) + 1; + WCHAR tempname[MAX_PATH]; - if (len_0 > OSSL_NELEM(FileData.cFileName)) + if (len_0 > MAX_PATH) return -1; # if !defined(_WIN32_WCE) || _WIN32_WCE>=101 - if (!MultiByteToWideChar - (CP_ACP, 0, name, len_0, FileData.cFileName, len_0)) + if (!MultiByteToWideChar(CP_ACP, 0, name, len_0, tempname, MAX_PATH)) # endif for (i = 0; i < len_0; i++) - FileData.cFileName[i] = (WCHAR)name[i]; + tempname[i] = (WCHAR)name[i]; - hList = FindFirstFile(FileData.cFileName, &FileData); + attr = GetFileAttributes(tempname); # else - hList = FindFirstFile(name, &FileData); + attr = GetFileAttributes(name); # endif - if (hList == INVALID_HANDLE_VALUE) + if (attr == INVALID_FILE_ATTRIBUTES) return -1; - FindClose(hList); - return ((FileData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) != 0); + return ((attr & FILE_ATTRIBUTE_DIRECTORY) != 0); } #else # include @@ -2294,6 +2301,36 @@ int app_isdir(const char *name) #endif /* raw_read|write section */ +#if defined(__VMS) +# include "vms_term_sock.h" +static int stdin_sock = -1; + +static void close_stdin_sock(void) +{ + TerminalSocket (TERM_SOCK_DELETE, &stdin_sock); +} + +int fileno_stdin(void) +{ + if (stdin_sock == -1) { + TerminalSocket(TERM_SOCK_CREATE, &stdin_sock); + atexit(close_stdin_sock); + } + + return stdin_sock; +} +#else +int fileno_stdin(void) +{ + return fileno(stdin); +} +#endif + +int fileno_stdout(void) +{ + return fileno(stdout); +} + #if defined(_WIN32) && defined(STD_INPUT_HANDLE) int raw_read_stdin(void *buf, int siz) { @@ -2303,10 +2340,17 @@ int raw_read_stdin(void *buf, int siz) else return (-1); } +#elif defined(__VMS) +#include + +int raw_read_stdin(void *buf, int siz) +{ + return recv(fileno_stdin(), buf, siz, 0); +} #else int raw_read_stdin(void *buf, int siz) { - return read(fileno(stdin), buf, siz); + return read(fileno_stdin(), buf, siz); } #endif @@ -2322,7 +2366,7 @@ int raw_write_stdout(const void *buf, int siz) #else int raw_write_stdout(const void *buf, int siz) { - return write(fileno(stdout), buf, siz); + return write(fileno_stdout(), buf, siz); } #endif @@ -2527,6 +2571,7 @@ void wait_for_async(SSL *s) fd_set asyncfds; OSSL_ASYNC_FD *fds; size_t numfds; + size_t i; if (!SSL_get_all_async_fds(s, NULL, &numfds)) return; @@ -2535,16 +2580,71 @@ void wait_for_async(SSL *s) fds = app_malloc(sizeof(OSSL_ASYNC_FD) * numfds, "allocate async fds"); if (!SSL_get_all_async_fds(s, fds, &numfds)) { OPENSSL_free(fds); + return; } FD_ZERO(&asyncfds); - while (numfds > 0) { - if (width <= (int)*fds) - width = (int)*fds + 1; - openssl_fdset((int)*fds, &asyncfds); - numfds--; - fds++; + for (i = 0; i < numfds; i++) { + if (width <= (int)fds[i]) + width = (int)fds[i] + 1; + openssl_fdset((int)fds[i], &asyncfds); } select(width, (void *)&asyncfds, NULL, NULL, NULL); + OPENSSL_free(fds); +#endif +} + +/* if OPENSSL_SYS_WINDOWS is defined then so is OPENSSL_SYS_MSDOS */ +#if defined(OPENSSL_SYS_MSDOS) +int has_stdin_waiting(void) +{ +# if defined(OPENSSL_SYS_WINDOWS) + HANDLE inhand = GetStdHandle(STD_INPUT_HANDLE); + DWORD events = 0; + INPUT_RECORD inputrec; + DWORD insize = 1; + BOOL peeked; + + if (inhand == INVALID_HANDLE_VALUE) { + return 0; + } + + peeked = PeekConsoleInput(inhand, &inputrec, insize, &events); + if (!peeked) { + /* Probably redirected input? _kbhit() does not work in this case */ + if (!feof(stdin)) { + return 1; + } + return 0; + } +# endif + return _kbhit(); +} #endif + +/* Corrupt a signature by modifying final byte */ +void corrupt_signature(const ASN1_STRING *signature) +{ + unsigned char *s = signature->data; + s[signature->length - 1] ^= 0x1; +} + +int set_cert_times(X509 *x, const char *startdate, const char *enddate, + int days) +{ + if (startdate == NULL || strcmp(startdate, "today") == 0) { + if (X509_gmtime_adj(X509_getm_notBefore(x), 0) == NULL) + return 0; + } else { + if (!ASN1_TIME_set_string(X509_getm_notBefore(x), startdate)) + return 0; + } + if (enddate == NULL) { + if (X509_time_adj_ex(X509_getm_notAfter(x), days, 0, NULL) + == NULL) + return 0; + } else if (!ASN1_TIME_set_string(X509_getm_notAfter(x), enddate)) { + return 0; + } + return 1; }