]>
Commit | Line | Data |
---|---|---|
62867571 | 1 | /* |
da1c088f | 2 | * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved. |
d02b48c6 | 3 | * |
2044d382 | 4 | * Licensed under the Apache License 2.0 (the "License"). You may not use |
62867571 RS |
5 | * this file except in compliance with the License. You can obtain a copy |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
d02b48c6 RE |
8 | */ |
9 | ||
d86b6915 RL |
10 | /* Part of the code in here was originally in conf.c, which is now removed */ |
11 | ||
d02b48c6 | 12 | #include <stdio.h> |
9887c71c | 13 | #include <string.h> |
fba140c7 | 14 | #include "internal/e_os.h" /* struct stat */ |
08073700 | 15 | #ifdef __TANDEM |
650c6687 RB |
16 | # include <sys/types.h> /* needed for stat.h */ |
17 | # include <sys/stat.h> /* struct stat */ | |
08073700 | 18 | #endif |
b39fc560 | 19 | #include "internal/cryptlib.h" |
b524b808 | 20 | #include "internal/o_dir.h" |
ec577822 BM |
21 | #include <openssl/lhash.h> |
22 | #include <openssl/conf.h> | |
d86b6915 | 23 | #include <openssl/conf_api.h> |
ff234c68 | 24 | #include "conf_local.h" |
d86b6915 | 25 | #include "conf_def.h" |
ec577822 BM |
26 | #include <openssl/buffer.h> |
27 | #include <openssl/err.h> | |
b524b808 TM |
28 | #ifndef OPENSSL_NO_POSIX_IO |
29 | # include <sys/stat.h> | |
30 | # ifdef _WIN32 | |
31 | # define stat _stat | |
b524b808 TM |
32 | # endif |
33 | #endif | |
d02b48c6 | 34 | |
f20aa69e AP |
35 | #ifndef S_ISDIR |
36 | # define S_ISDIR(a) (((a) & S_IFMT) == S_IFDIR) | |
37 | #endif | |
38 | ||
8a585601 MC |
39 | /* |
40 | * The maximum length we can grow a value to after variable expansion. 64k | |
41 | * should be more than enough for all reasonable uses. | |
42 | */ | |
43 | #define MAX_CONF_VALUE_LENGTH 65536 | |
44 | ||
a9b7a06e | 45 | static int is_keytype(const CONF *conf, char c, unsigned short type); |
d86b6915 | 46 | static char *eat_ws(CONF *conf, char *p); |
b524b808 | 47 | static void trim_ws(CONF *conf, char *start); |
d86b6915 RL |
48 | static char *eat_alpha_numeric(CONF *conf, char *p); |
49 | static void clear_comments(CONF *conf, char *p); | |
0f113f3e | 50 | static int str_copy(CONF *conf, char *section, char **to, char *from); |
d86b6915 RL |
51 | static char *scan_quote(CONF *conf, char *p); |
52 | static char *scan_dquote(CONF *conf, char *p); | |
0f113f3e | 53 | #define scan_esc(conf,p) (((IS_EOF((conf),(p)[1]))?((p)+1):((p)+2))) |
b524b808 TM |
54 | #ifndef OPENSSL_NO_POSIX_IO |
55 | static BIO *process_include(char *include, OPENSSL_DIR_CTX **dirctx, | |
56 | char **dirpath); | |
57 | static BIO *get_next_file(const char *path, OPENSSL_DIR_CTX **dirctx); | |
58 | #endif | |
d86b6915 RL |
59 | |
60 | static CONF *def_create(CONF_METHOD *meth); | |
61 | static int def_init_default(CONF *conf); | |
936c2b9e | 62 | #ifndef OPENSSL_NO_DEPRECATED_3_0 |
d86b6915 | 63 | static int def_init_WIN32(CONF *conf); |
7cfc0a55 | 64 | #endif |
d86b6915 RL |
65 | static int def_destroy(CONF *conf); |
66 | static int def_destroy_data(CONF *conf); | |
befb3e7a RL |
67 | static int def_load(CONF *conf, const char *name, long *eline); |
68 | static int def_load_bio(CONF *conf, BIO *bp, long *eline); | |
9dd5ae65 BL |
69 | static int def_dump(const CONF *conf, BIO *bp); |
70 | static int def_is_number(const CONF *conf, char c); | |
71 | static int def_to_int(const CONF *conf, char c); | |
d86b6915 | 72 | |
d86b6915 | 73 | static CONF_METHOD default_method = { |
0f113f3e MC |
74 | "OpenSSL default", |
75 | def_create, | |
76 | def_init_default, | |
77 | def_destroy, | |
78 | def_destroy_data, | |
79 | def_load_bio, | |
80 | def_dump, | |
81 | def_is_number, | |
82 | def_to_int, | |
83 | def_load | |
84 | }; | |
d86b6915 | 85 | |
7cfc0a55 RS |
86 | CONF_METHOD *NCONF_default(void) |
87 | { | |
88 | return &default_method; | |
89 | } | |
90 | ||
936c2b9e | 91 | #ifndef OPENSSL_NO_DEPRECATED_3_0 |
d86b6915 | 92 | static CONF_METHOD WIN32_method = { |
0f113f3e MC |
93 | "WIN32", |
94 | def_create, | |
95 | def_init_WIN32, | |
96 | def_destroy, | |
97 | def_destroy_data, | |
98 | def_load_bio, | |
99 | def_dump, | |
100 | def_is_number, | |
101 | def_to_int, | |
102 | def_load | |
103 | }; | |
d86b6915 | 104 | |
3cb7c5cf | 105 | CONF_METHOD *NCONF_WIN32(void) |
0f113f3e MC |
106 | { |
107 | return &WIN32_method; | |
108 | } | |
7cfc0a55 | 109 | #endif |
d02b48c6 | 110 | |
d86b6915 | 111 | static CONF *def_create(CONF_METHOD *meth) |
0f113f3e MC |
112 | { |
113 | CONF *ret; | |
114 | ||
b4faea50 | 115 | ret = OPENSSL_malloc(sizeof(*ret)); |
90945fa3 | 116 | if (ret != NULL) |
0f113f3e MC |
117 | if (meth->init(ret) == 0) { |
118 | OPENSSL_free(ret); | |
119 | ret = NULL; | |
120 | } | |
121 | return ret; | |
122 | } | |
123 | ||
d86b6915 | 124 | static int def_init_default(CONF *conf) |
0f113f3e MC |
125 | { |
126 | if (conf == NULL) | |
127 | return 0; | |
d86b6915 | 128 | |
c15faa8d | 129 | memset(conf, 0, sizeof(*conf)); |
0f113f3e MC |
130 | conf->meth = &default_method; |
131 | conf->meth_data = (void *)CONF_type_default; | |
d02b48c6 | 132 | |
0f113f3e MC |
133 | return 1; |
134 | } | |
8623f693 | 135 | |
936c2b9e | 136 | #ifndef OPENSSL_NO_DEPRECATED_3_0 |
d86b6915 | 137 | static int def_init_WIN32(CONF *conf) |
0f113f3e MC |
138 | { |
139 | if (conf == NULL) | |
140 | return 0; | |
8623f693 | 141 | |
c15faa8d | 142 | memset(conf, 0, sizeof(*conf)); |
0f113f3e MC |
143 | conf->meth = &WIN32_method; |
144 | conf->meth_data = (void *)CONF_type_win32; | |
d86b6915 | 145 | |
0f113f3e MC |
146 | return 1; |
147 | } | |
7cfc0a55 | 148 | #endif |
d86b6915 RL |
149 | |
150 | static int def_destroy(CONF *conf) | |
0f113f3e MC |
151 | { |
152 | if (def_destroy_data(conf)) { | |
153 | OPENSSL_free(conf); | |
154 | return 1; | |
155 | } | |
156 | return 0; | |
157 | } | |
8623f693 | 158 | |
d86b6915 | 159 | static int def_destroy_data(CONF *conf) |
0f113f3e MC |
160 | { |
161 | if (conf == NULL) | |
162 | return 0; | |
163 | _CONF_free_data(conf); | |
164 | return 1; | |
165 | } | |
8623f693 | 166 | |
befb3e7a | 167 | static int def_load(CONF *conf, const char *name, long *line) |
0f113f3e MC |
168 | { |
169 | int ret; | |
170 | BIO *in = NULL; | |
befb3e7a | 171 | |
bc36ee62 | 172 | #ifdef OPENSSL_SYS_VMS |
0f113f3e | 173 | in = BIO_new_file(name, "r"); |
befb3e7a | 174 | #else |
0f113f3e | 175 | in = BIO_new_file(name, "rb"); |
befb3e7a | 176 | #endif |
0f113f3e MC |
177 | if (in == NULL) { |
178 | if (ERR_GET_REASON(ERR_peek_last_error()) == BIO_R_NO_SUCH_FILE) | |
9311d0c4 | 179 | ERR_raise(ERR_LIB_CONF, CONF_R_NO_SUCH_FILE); |
0f113f3e | 180 | else |
9311d0c4 | 181 | ERR_raise(ERR_LIB_CONF, ERR_R_SYS_LIB); |
0f113f3e MC |
182 | return 0; |
183 | } | |
befb3e7a | 184 | |
0f113f3e MC |
185 | ret = def_load_bio(conf, in, line); |
186 | BIO_free(in); | |
befb3e7a | 187 | |
0f113f3e MC |
188 | return ret; |
189 | } | |
befb3e7a | 190 | |
3fb985fd RS |
191 | |
192 | /* Parse a boolean value and fill in *flag. Return 0 on error. */ | |
193 | static int parsebool(const char *pval, int *flag) | |
194 | { | |
fba140c7 DB |
195 | if (OPENSSL_strcasecmp(pval, "on") == 0 |
196 | || OPENSSL_strcasecmp(pval, "true") == 0) { | |
3fb985fd | 197 | *flag = 1; |
fba140c7 DB |
198 | } else if (OPENSSL_strcasecmp(pval, "off") == 0 |
199 | || OPENSSL_strcasecmp(pval, "false") == 0) { | |
3fb985fd RS |
200 | *flag = 0; |
201 | } else { | |
202 | ERR_raise(ERR_LIB_CONF, CONF_R_INVALID_PRAGMA); | |
203 | return 0; | |
204 | } | |
205 | return 1; | |
206 | } | |
207 | ||
befb3e7a | 208 | static int def_load_bio(CONF *conf, BIO *in, long *line) |
0f113f3e | 209 | { |
6a89a25c | 210 | /* The macro BUFSIZE conflicts with a system macro in VxWorks */ |
0f113f3e MC |
211 | #define CONFBUFSIZE 512 |
212 | int bufnum = 0, i, ii; | |
213 | BUF_MEM *buff = NULL; | |
214 | char *s, *p, *end; | |
215 | int again; | |
4369a882 | 216 | int first_call = 1; |
0f113f3e MC |
217 | long eline = 0; |
218 | char btmp[DECIMAL_SIZE(eline) + 1]; | |
219 | CONF_VALUE *v = NULL, *tv; | |
220 | CONF_VALUE *sv = NULL; | |
221 | char *section = NULL, *buf; | |
222 | char *start, *psection, *pname; | |
223 | void *h = (void *)(conf->data); | |
b524b808 TM |
224 | STACK_OF(BIO) *biosk = NULL; |
225 | #ifndef OPENSSL_NO_POSIX_IO | |
226 | char *dirpath = NULL; | |
227 | OPENSSL_DIR_CTX *dirctx = NULL; | |
228 | #endif | |
5f3adf39 MC |
229 | #ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION |
230 | int numincludes = 0; | |
231 | #endif | |
0f113f3e MC |
232 | |
233 | if ((buff = BUF_MEM_new()) == NULL) { | |
9311d0c4 | 234 | ERR_raise(ERR_LIB_CONF, ERR_R_BUF_LIB); |
0f113f3e MC |
235 | goto err; |
236 | } | |
237 | ||
7644a9ae | 238 | section = OPENSSL_strdup("default"); |
e077455e | 239 | if (section == NULL) |
0f113f3e | 240 | goto err; |
0f113f3e MC |
241 | |
242 | if (_CONF_new_data(conf) == 0) { | |
e077455e | 243 | ERR_raise(ERR_LIB_CONF, ERR_R_CONF_LIB); |
0f113f3e MC |
244 | goto err; |
245 | } | |
246 | ||
247 | sv = _CONF_new_section(conf, section); | |
248 | if (sv == NULL) { | |
9311d0c4 | 249 | ERR_raise(ERR_LIB_CONF, CONF_R_UNABLE_TO_CREATE_NEW_SECTION); |
0f113f3e MC |
250 | goto err; |
251 | } | |
252 | ||
253 | bufnum = 0; | |
254 | again = 0; | |
255 | for (;;) { | |
256 | if (!BUF_MEM_grow(buff, bufnum + CONFBUFSIZE)) { | |
9311d0c4 | 257 | ERR_raise(ERR_LIB_CONF, ERR_R_BUF_LIB); |
0f113f3e MC |
258 | goto err; |
259 | } | |
260 | p = &(buff->data[bufnum]); | |
261 | *p = '\0'; | |
b524b808 | 262 | read_retry: |
15795943 DDO |
263 | if (in != NULL && BIO_gets(in, p, CONFBUFSIZE - 1) < 0) |
264 | goto err; | |
0f113f3e MC |
265 | p[CONFBUFSIZE - 1] = '\0'; |
266 | ii = i = strlen(p); | |
4369a882 DB |
267 | if (first_call) { |
268 | /* Other BOMs imply unsupported multibyte encoding, | |
269 | * so don't strip them and let the error raise */ | |
270 | const unsigned char utf8_bom[3] = {0xEF, 0xBB, 0xBF}; | |
271 | ||
272 | if (i >= 3 && memcmp(p, utf8_bom, 3) == 0) { | |
273 | memmove(p, p + 3, i - 3); | |
274 | p[i - 3] = 0; | |
275 | i -= 3; | |
276 | ii -= 3; | |
277 | } | |
278 | first_call = 0; | |
279 | } | |
b524b808 | 280 | if (i == 0 && !again) { |
15795943 | 281 | /* the currently processed BIO is NULL or at EOF */ |
b524b808 TM |
282 | BIO *parent; |
283 | ||
284 | #ifndef OPENSSL_NO_POSIX_IO | |
285 | /* continue processing with the next file from directory */ | |
286 | if (dirctx != NULL) { | |
287 | BIO *next; | |
288 | ||
289 | if ((next = get_next_file(dirpath, &dirctx)) != NULL) { | |
290 | BIO_vfree(in); | |
291 | in = next; | |
292 | goto read_retry; | |
293 | } else { | |
294 | OPENSSL_free(dirpath); | |
295 | dirpath = NULL; | |
296 | } | |
297 | } | |
298 | #endif | |
299 | /* no more files in directory, continue with processing parent */ | |
a8086e6b | 300 | if ((parent = sk_BIO_pop(biosk)) == NULL) { |
b524b808 TM |
301 | /* everything processed get out of the loop */ |
302 | break; | |
303 | } else { | |
304 | BIO_vfree(in); | |
305 | in = parent; | |
306 | goto read_retry; | |
307 | } | |
308 | } | |
0f113f3e MC |
309 | again = 0; |
310 | while (i > 0) { | |
311 | if ((p[i - 1] != '\r') && (p[i - 1] != '\n')) | |
312 | break; | |
313 | else | |
314 | i--; | |
315 | } | |
316 | /* | |
317 | * we removed some trailing stuff so there is a new line on the end. | |
318 | */ | |
319 | if (ii && i == ii) | |
320 | again = 1; /* long line */ | |
321 | else { | |
322 | p[i] = '\0'; | |
323 | eline++; /* another input line */ | |
324 | } | |
325 | ||
326 | /* we now have a line with trailing \r\n removed */ | |
327 | ||
328 | /* i is the number of bytes */ | |
329 | bufnum += i; | |
330 | ||
331 | v = NULL; | |
332 | /* check for line continuation */ | |
333 | if (bufnum >= 1) { | |
334 | /* | |
335 | * If we have bytes and the last char '\\' and second last char | |
336 | * is not '\\' | |
337 | */ | |
338 | p = &(buff->data[bufnum - 1]); | |
339 | if (IS_ESC(conf, p[0]) && ((bufnum <= 1) || !IS_ESC(conf, p[-1]))) { | |
340 | bufnum--; | |
341 | again = 1; | |
342 | } | |
343 | } | |
344 | if (again) | |
345 | continue; | |
346 | bufnum = 0; | |
347 | buf = buff->data; | |
348 | ||
349 | clear_comments(conf, buf); | |
350 | s = eat_ws(conf, buf); | |
351 | if (IS_EOF(conf, *s)) | |
352 | continue; /* blank line */ | |
353 | if (*s == '[') { | |
354 | char *ss; | |
355 | ||
356 | s++; | |
357 | start = eat_ws(conf, s); | |
358 | ss = start; | |
359 | again: | |
360 | end = eat_alpha_numeric(conf, ss); | |
361 | p = eat_ws(conf, end); | |
362 | if (*p != ']') { | |
363 | if (*p != '\0' && ss != p) { | |
364 | ss = p; | |
365 | goto again; | |
366 | } | |
9311d0c4 | 367 | ERR_raise(ERR_LIB_CONF, CONF_R_MISSING_CLOSE_SQUARE_BRACKET); |
0f113f3e MC |
368 | goto err; |
369 | } | |
370 | *end = '\0'; | |
371 | if (!str_copy(conf, NULL, §ion, start)) | |
372 | goto err; | |
373 | if ((sv = _CONF_get_section(conf, section)) == NULL) | |
374 | sv = _CONF_new_section(conf, section); | |
375 | if (sv == NULL) { | |
9311d0c4 | 376 | ERR_raise(ERR_LIB_CONF, CONF_R_UNABLE_TO_CREATE_NEW_SECTION); |
0f113f3e MC |
377 | goto err; |
378 | } | |
379 | continue; | |
380 | } else { | |
381 | pname = s; | |
0f113f3e MC |
382 | end = eat_alpha_numeric(conf, s); |
383 | if ((end[0] == ':') && (end[1] == ':')) { | |
384 | *end = '\0'; | |
385 | end += 2; | |
386 | psection = pname; | |
387 | pname = end; | |
388 | end = eat_alpha_numeric(conf, end); | |
b524b808 TM |
389 | } else { |
390 | psection = section; | |
0f113f3e MC |
391 | } |
392 | p = eat_ws(conf, end); | |
2ff286c2 DDO |
393 | if (CHECK_AND_SKIP_PREFIX(pname, ".pragma") |
394 | && (p != pname || *p == '=')) { | |
0255c174 RL |
395 | char *pval; |
396 | ||
397 | if (*p == '=') { | |
398 | p++; | |
399 | p = eat_ws(conf, p); | |
400 | } | |
401 | trim_ws(conf, p); | |
402 | ||
403 | /* Pragma values take the form keyword:value */ | |
404 | pval = strchr(p, ':'); | |
405 | if (pval == NULL || pval == p || pval[1] == '\0') { | |
9311d0c4 | 406 | ERR_raise(ERR_LIB_CONF, CONF_R_INVALID_PRAGMA); |
0255c174 RL |
407 | goto err; |
408 | } | |
409 | ||
410 | *pval++ = '\0'; | |
411 | trim_ws(conf, p); | |
412 | pval = eat_ws(conf, pval); | |
413 | ||
414 | /* | |
415 | * Known pragmas: | |
416 | * | |
417 | * dollarid takes "on", "true or "off", "false" | |
f7050588 RS |
418 | * abspath takes "on", "true or "off", "false" |
419 | * includedir directory prefix | |
0255c174 RL |
420 | */ |
421 | if (strcmp(p, "dollarid") == 0) { | |
3fb985fd RS |
422 | if (!parsebool(pval, &conf->flag_dollarid)) |
423 | goto err; | |
424 | } else if (strcmp(p, "abspath") == 0) { | |
425 | if (!parsebool(pval, &conf->flag_abspath)) | |
0255c174 | 426 | goto err; |
f7050588 | 427 | } else if (strcmp(p, "includedir") == 0) { |
19b30f1c | 428 | OPENSSL_free(conf->includedir); |
e077455e | 429 | if ((conf->includedir = OPENSSL_strdup(pval)) == NULL) |
f7050588 | 430 | goto err; |
0255c174 | 431 | } |
f7050588 | 432 | |
0255c174 RL |
433 | /* |
434 | * We *ignore* any unknown pragma. | |
435 | */ | |
436 | continue; | |
2ff286c2 DDO |
437 | } else if (CHECK_AND_SKIP_PREFIX(pname, ".include") |
438 | && (p != pname || *p == '=')) { | |
b524b808 TM |
439 | char *include = NULL; |
440 | BIO *next; | |
7bb82f92 SL |
441 | const char *include_dir = ossl_safe_getenv("OPENSSL_CONF_INCLUDE"); |
442 | char *include_path = NULL; | |
b524b808 | 443 | |
5f3adf39 MC |
444 | #ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION |
445 | /* | |
446 | * The include processing below can cause the "conf" fuzzer to | |
447 | * timeout due to the fuzzer inserting large and complicated | |
448 | * includes - with a large amount of time spent in | |
449 | * OPENSSL_strlcat/OPENSSL_strcpy. This is not a security | |
450 | * concern because config files should never come from untrusted | |
451 | * sources. We just set an arbitrary limit on the allowed | |
452 | * number of includes when fuzzing to prevent this timeout. | |
453 | */ | |
454 | if (numincludes++ > 10) | |
455 | goto err; | |
456 | #endif | |
457 | ||
f7050588 RS |
458 | if (include_dir == NULL) |
459 | include_dir = conf->includedir; | |
460 | ||
9d556033 TM |
461 | if (*p == '=') { |
462 | p++; | |
463 | p = eat_ws(conf, p); | |
464 | } | |
b524b808 TM |
465 | trim_ws(conf, p); |
466 | if (!str_copy(conf, psection, &include, p)) | |
467 | goto err; | |
7bb82f92 | 468 | |
d8701e25 | 469 | if (include_dir != NULL && !ossl_is_absolute_path(include)) { |
7bb82f92 SL |
470 | size_t newlen = strlen(include_dir) + strlen(include) + 2; |
471 | ||
472 | include_path = OPENSSL_malloc(newlen); | |
d8701e25 | 473 | if (include_path == NULL) { |
d8701e25 TM |
474 | OPENSSL_free(include); |
475 | goto err; | |
476 | } | |
477 | ||
7bb82f92 | 478 | OPENSSL_strlcpy(include_path, include_dir, newlen); |
d8701e25 TM |
479 | if (!ossl_ends_with_dirsep(include_path)) |
480 | OPENSSL_strlcat(include_path, "/", newlen); | |
7bb82f92 | 481 | OPENSSL_strlcat(include_path, include, newlen); |
15dd075f | 482 | OPENSSL_free(include); |
7bb82f92 SL |
483 | } else { |
484 | include_path = include; | |
485 | } | |
486 | ||
f7050588 RS |
487 | if (conf->flag_abspath |
488 | && !ossl_is_absolute_path(include_path)) { | |
489 | ERR_raise(ERR_LIB_CONF, CONF_R_RELATIVE_PATH); | |
74b48584 | 490 | OPENSSL_free(include_path); |
f7050588 RS |
491 | goto err; |
492 | } | |
493 | ||
b524b808 TM |
494 | /* get the BIO of the included file */ |
495 | #ifndef OPENSSL_NO_POSIX_IO | |
7bb82f92 SL |
496 | next = process_include(include_path, &dirctx, &dirpath); |
497 | if (include_path != dirpath) { | |
b524b808 | 498 | /* dirpath will contain include in case of a directory */ |
15dd075f | 499 | OPENSSL_free(include_path); |
b524b808 TM |
500 | } |
501 | #else | |
7bb82f92 | 502 | next = BIO_new_file(include_path, "r"); |
15dd075f | 503 | OPENSSL_free(include_path); |
b524b808 | 504 | #endif |
7bb82f92 | 505 | |
b524b808 TM |
506 | if (next != NULL) { |
507 | /* push the currently processing BIO onto stack */ | |
508 | if (biosk == NULL) { | |
509 | if ((biosk = sk_BIO_new_null()) == NULL) { | |
e077455e | 510 | ERR_raise(ERR_LIB_CONF, ERR_R_CRYPTO_LIB); |
4348995b | 511 | BIO_free(next); |
b524b808 TM |
512 | goto err; |
513 | } | |
514 | } | |
515 | if (!sk_BIO_push(biosk, in)) { | |
e077455e | 516 | ERR_raise(ERR_LIB_CONF, ERR_R_CRYPTO_LIB); |
4348995b | 517 | BIO_free(next); |
b524b808 TM |
518 | goto err; |
519 | } | |
520 | /* continue with reading from the included BIO */ | |
521 | in = next; | |
522 | } | |
523 | continue; | |
524 | } else if (*p != '=') { | |
a150f8e1 RL |
525 | ERR_raise_data(ERR_LIB_CONF, CONF_R_MISSING_EQUAL_SIGN, |
526 | "HERE-->%s", p); | |
0f113f3e MC |
527 | goto err; |
528 | } | |
529 | *end = '\0'; | |
530 | p++; | |
531 | start = eat_ws(conf, p); | |
b524b808 | 532 | trim_ws(conf, start); |
0f113f3e | 533 | |
e077455e | 534 | if ((v = OPENSSL_malloc(sizeof(*v))) == NULL) |
0f113f3e | 535 | goto err; |
a2371fa9 | 536 | v->name = OPENSSL_strdup(pname); |
0f113f3e | 537 | v->value = NULL; |
e077455e | 538 | if (v->name == NULL) |
0f113f3e | 539 | goto err; |
0f113f3e MC |
540 | if (!str_copy(conf, psection, &(v->value), start)) |
541 | goto err; | |
542 | ||
543 | if (strcmp(psection, section) != 0) { | |
544 | if ((tv = _CONF_get_section(conf, psection)) | |
545 | == NULL) | |
546 | tv = _CONF_new_section(conf, psection); | |
547 | if (tv == NULL) { | |
9311d0c4 RL |
548 | ERR_raise(ERR_LIB_CONF, |
549 | CONF_R_UNABLE_TO_CREATE_NEW_SECTION); | |
0f113f3e MC |
550 | goto err; |
551 | } | |
552 | } else | |
553 | tv = sv; | |
0f113f3e | 554 | if (_CONF_add_string(conf, tv, v) == 0) { |
e077455e | 555 | ERR_raise(ERR_LIB_CONF, ERR_R_CONF_LIB); |
0f113f3e MC |
556 | goto err; |
557 | } | |
0f113f3e MC |
558 | v = NULL; |
559 | } | |
560 | } | |
25aaa98a | 561 | BUF_MEM_free(buff); |
b548a1f1 | 562 | OPENSSL_free(section); |
85aebfcc RL |
563 | /* |
564 | * No need to pop, since we only get here if the stack is empty. | |
565 | * If this causes a BIO leak, THE ISSUE IS SOMEWHERE ELSE! | |
566 | */ | |
567 | sk_BIO_free(biosk); | |
a2371fa9 | 568 | return 1; |
f7050588 | 569 | |
0f113f3e | 570 | err: |
25aaa98a | 571 | BUF_MEM_free(buff); |
b548a1f1 | 572 | OPENSSL_free(section); |
85aebfcc RL |
573 | /* |
574 | * Since |in| is the first element of the stack and should NOT be freed | |
575 | * here, we cannot use sk_BIO_pop_free(). Instead, we pop and free one | |
576 | * BIO at a time, making sure that the last one popped isn't. | |
577 | */ | |
578 | while (sk_BIO_num(biosk) > 0) { | |
579 | BIO *popped = sk_BIO_pop(biosk); | |
580 | BIO_vfree(in); | |
581 | in = popped; | |
582 | } | |
583 | sk_BIO_free(biosk); | |
b524b808 TM |
584 | #ifndef OPENSSL_NO_POSIX_IO |
585 | OPENSSL_free(dirpath); | |
586 | if (dirctx != NULL) | |
587 | OPENSSL_DIR_end(&dirctx); | |
588 | #endif | |
0f113f3e MC |
589 | if (line != NULL) |
590 | *line = eline; | |
a2371fa9 | 591 | BIO_snprintf(btmp, sizeof(btmp), "%ld", eline); |
0f113f3e | 592 | ERR_add_error_data(2, "line ", btmp); |
25aaa98a | 593 | if (h != conf->data) { |
0f113f3e MC |
594 | CONF_free(conf->data); |
595 | conf->data = NULL; | |
596 | } | |
597 | if (v != NULL) { | |
b548a1f1 RS |
598 | OPENSSL_free(v->name); |
599 | OPENSSL_free(v->value); | |
600 | OPENSSL_free(v); | |
0f113f3e | 601 | } |
a2371fa9 | 602 | return 0; |
0f113f3e | 603 | } |
8623f693 | 604 | |
d86b6915 | 605 | static void clear_comments(CONF *conf, char *p) |
0f113f3e MC |
606 | { |
607 | for (;;) { | |
608 | if (IS_FCOMMENT(conf, *p)) { | |
609 | *p = '\0'; | |
610 | return; | |
611 | } | |
612 | if (!IS_WS(conf, *p)) { | |
613 | break; | |
614 | } | |
615 | p++; | |
616 | } | |
617 | ||
618 | for (;;) { | |
619 | if (IS_COMMENT(conf, *p)) { | |
620 | *p = '\0'; | |
621 | return; | |
622 | } | |
623 | if (IS_DQUOTE(conf, *p)) { | |
624 | p = scan_dquote(conf, p); | |
625 | continue; | |
626 | } | |
627 | if (IS_QUOTE(conf, *p)) { | |
628 | p = scan_quote(conf, p); | |
629 | continue; | |
630 | } | |
631 | if (IS_ESC(conf, *p)) { | |
632 | p = scan_esc(conf, p); | |
633 | continue; | |
634 | } | |
635 | if (IS_EOF(conf, *p)) | |
636 | return; | |
637 | else | |
638 | p++; | |
639 | } | |
640 | } | |
d02b48c6 | 641 | |
d86b6915 | 642 | static int str_copy(CONF *conf, char *section, char **pto, char *from) |
0f113f3e MC |
643 | { |
644 | int q, r, rr = 0, to = 0, len = 0; | |
645 | char *s, *e, *rp, *p, *rrp, *np, *cp, v; | |
646 | BUF_MEM *buf; | |
647 | ||
648 | if ((buf = BUF_MEM_new()) == NULL) | |
a2371fa9 | 649 | return 0; |
0f113f3e MC |
650 | |
651 | len = strlen(from) + 1; | |
652 | if (!BUF_MEM_grow(buf, len)) | |
653 | goto err; | |
654 | ||
655 | for (;;) { | |
656 | if (IS_QUOTE(conf, *from)) { | |
657 | q = *from; | |
658 | from++; | |
659 | while (!IS_EOF(conf, *from) && (*from != q)) { | |
660 | if (IS_ESC(conf, *from)) { | |
661 | from++; | |
662 | if (IS_EOF(conf, *from)) | |
663 | break; | |
664 | } | |
665 | buf->data[to++] = *(from++); | |
666 | } | |
667 | if (*from == q) | |
668 | from++; | |
669 | } else if (IS_DQUOTE(conf, *from)) { | |
670 | q = *from; | |
671 | from++; | |
672 | while (!IS_EOF(conf, *from)) { | |
673 | if (*from == q) { | |
674 | if (*(from + 1) == q) { | |
675 | from++; | |
676 | } else { | |
677 | break; | |
678 | } | |
679 | } | |
680 | buf->data[to++] = *(from++); | |
681 | } | |
682 | if (*from == q) | |
683 | from++; | |
684 | } else if (IS_ESC(conf, *from)) { | |
685 | from++; | |
686 | v = *(from++); | |
687 | if (IS_EOF(conf, v)) | |
688 | break; | |
689 | else if (v == 'r') | |
690 | v = '\r'; | |
691 | else if (v == 'n') | |
692 | v = '\n'; | |
693 | else if (v == 'b') | |
694 | v = '\b'; | |
695 | else if (v == 't') | |
696 | v = '\t'; | |
697 | buf->data[to++] = v; | |
698 | } else if (IS_EOF(conf, *from)) | |
699 | break; | |
0255c174 RL |
700 | else if (*from == '$' |
701 | && (!conf->flag_dollarid | |
702 | || from[1] == '{' | |
703 | || from[1] == '(')) { | |
8a585601 MC |
704 | size_t newsize; |
705 | ||
0f113f3e MC |
706 | /* try to expand it */ |
707 | rrp = NULL; | |
708 | s = &(from[1]); | |
709 | if (*s == '{') | |
710 | q = '}'; | |
711 | else if (*s == '(') | |
712 | q = ')'; | |
713 | else | |
714 | q = 0; | |
715 | ||
716 | if (q) | |
717 | s++; | |
718 | cp = section; | |
719 | e = np = s; | |
0255c174 RL |
720 | while (IS_ALNUM(conf, *e) |
721 | || (conf->flag_dollarid && IS_DOLLAR(conf, *e))) | |
0f113f3e MC |
722 | e++; |
723 | if ((e[0] == ':') && (e[1] == ':')) { | |
724 | cp = np; | |
725 | rrp = e; | |
726 | rr = *e; | |
727 | *rrp = '\0'; | |
728 | e += 2; | |
729 | np = e; | |
0255c174 RL |
730 | while (IS_ALNUM(conf, *e) |
731 | || (conf->flag_dollarid && IS_DOLLAR(conf, *e))) | |
0f113f3e MC |
732 | e++; |
733 | } | |
734 | r = *e; | |
735 | *e = '\0'; | |
736 | rp = e; | |
737 | if (q) { | |
738 | if (r != q) { | |
9311d0c4 | 739 | ERR_raise(ERR_LIB_CONF, CONF_R_NO_CLOSE_BRACE); |
0f113f3e MC |
740 | goto err; |
741 | } | |
742 | e++; | |
743 | } | |
50e735f9 MC |
744 | /*- |
745 | * So at this point we have | |
746 | * np which is the start of the name string which is | |
747 | * '\0' terminated. | |
748 | * cp which is the start of the section string which is | |
749 | * '\0' terminated. | |
750 | * e is the 'next point after'. | |
751 | * r and rr are the chars replaced by the '\0' | |
752 | * rp and rrp is where 'r' and 'rr' came from. | |
753 | */ | |
0f113f3e MC |
754 | p = _CONF_get_string(conf, cp, np); |
755 | if (rrp != NULL) | |
756 | *rrp = rr; | |
757 | *rp = r; | |
758 | if (p == NULL) { | |
9311d0c4 | 759 | ERR_raise(ERR_LIB_CONF, CONF_R_VARIABLE_HAS_NO_VALUE); |
0f113f3e MC |
760 | goto err; |
761 | } | |
8a585601 MC |
762 | newsize = strlen(p) + buf->length - (e - from); |
763 | if (newsize > MAX_CONF_VALUE_LENGTH) { | |
9311d0c4 | 764 | ERR_raise(ERR_LIB_CONF, CONF_R_VARIABLE_EXPANSION_TOO_LONG); |
8a585601 MC |
765 | goto err; |
766 | } | |
767 | if (!BUF_MEM_grow_clean(buf, newsize)) { | |
e077455e | 768 | ERR_raise(ERR_LIB_CONF, ERR_R_BUF_LIB); |
b0333e69 GP |
769 | goto err; |
770 | } | |
0f113f3e MC |
771 | while (*p) |
772 | buf->data[to++] = *(p++); | |
773 | ||
774 | /* | |
775 | * Since we change the pointer 'from', we also have to change the | |
776 | * perceived length of the string it points at. /RL | |
777 | */ | |
778 | len -= e - from; | |
779 | from = e; | |
780 | ||
781 | /* | |
782 | * In case there were no braces or parenthesis around the | |
783 | * variable reference, we have to put back the character that was | |
784 | * replaced with a '\0'. /RL | |
785 | */ | |
786 | *rp = r; | |
787 | } else | |
788 | buf->data[to++] = *(from++); | |
789 | } | |
790 | buf->data[to] = '\0'; | |
b548a1f1 | 791 | OPENSSL_free(*pto); |
0f113f3e MC |
792 | *pto = buf->data; |
793 | OPENSSL_free(buf); | |
a2371fa9 | 794 | return 1; |
0f113f3e | 795 | err: |
25aaa98a | 796 | BUF_MEM_free(buf); |
a2371fa9 | 797 | return 0; |
0f113f3e | 798 | } |
d02b48c6 | 799 | |
b524b808 TM |
800 | #ifndef OPENSSL_NO_POSIX_IO |
801 | /* | |
802 | * Check whether included path is a directory. | |
803 | * Returns next BIO to process and in case of a directory | |
804 | * also an opened directory context and the include path. | |
805 | */ | |
806 | static BIO *process_include(char *include, OPENSSL_DIR_CTX **dirctx, | |
807 | char **dirpath) | |
808 | { | |
2661d716 | 809 | struct stat st; |
b524b808 TM |
810 | BIO *next; |
811 | ||
812 | if (stat(include, &st) < 0) { | |
9311d0c4 | 813 | ERR_raise_data(ERR_LIB_SYS, errno, "calling stat(%s)", include); |
b524b808 TM |
814 | /* missing include file is not fatal error */ |
815 | return NULL; | |
816 | } | |
817 | ||
f20aa69e | 818 | if (S_ISDIR(st.st_mode)) { |
b524b808 | 819 | if (*dirctx != NULL) { |
a150f8e1 RL |
820 | ERR_raise_data(ERR_LIB_CONF, CONF_R_RECURSIVE_DIRECTORY_INCLUDE, |
821 | "%s", include); | |
b524b808 TM |
822 | return NULL; |
823 | } | |
824 | /* a directory, load its contents */ | |
825 | if ((next = get_next_file(include, dirctx)) != NULL) | |
826 | *dirpath = include; | |
827 | return next; | |
828 | } | |
829 | ||
830 | next = BIO_new_file(include, "r"); | |
831 | return next; | |
832 | } | |
833 | ||
834 | /* | |
835 | * Get next file from the directory path. | |
836 | * Returns BIO of the next file to read and updates dirctx. | |
837 | */ | |
838 | static BIO *get_next_file(const char *path, OPENSSL_DIR_CTX **dirctx) | |
839 | { | |
840 | const char *filename; | |
d1c1fb2d | 841 | size_t pathlen; |
b524b808 | 842 | |
d1c1fb2d | 843 | pathlen = strlen(path); |
b524b808 TM |
844 | while ((filename = OPENSSL_DIR_read(dirctx, path)) != NULL) { |
845 | size_t namelen; | |
846 | ||
847 | namelen = strlen(filename); | |
848 | ||
4f7c840a | 849 | |
fba140c7 DB |
850 | if ((namelen > 5 |
851 | && OPENSSL_strcasecmp(filename + namelen - 5, ".conf") == 0) | |
852 | || (namelen > 4 | |
853 | && OPENSSL_strcasecmp(filename + namelen - 4, ".cnf") == 0)) { | |
b524b808 TM |
854 | size_t newlen; |
855 | char *newpath; | |
856 | BIO *bio; | |
857 | ||
d1c1fb2d | 858 | newlen = pathlen + namelen + 2; |
b524b808 | 859 | newpath = OPENSSL_zalloc(newlen); |
e077455e | 860 | if (newpath == NULL) |
b524b808 | 861 | break; |
4f7c840a RL |
862 | #ifdef OPENSSL_SYS_VMS |
863 | /* | |
864 | * If the given path isn't clear VMS syntax, | |
865 | * we treat it as on Unix. | |
866 | */ | |
d1c1fb2d | 867 | if (path[pathlen - 1] == ']' |
868 | || path[pathlen - 1] == '>' | |
869 | || path[pathlen - 1] == ':') { | |
870 | /* Clear VMS directory syntax, just copy as is */ | |
871 | OPENSSL_strlcpy(newpath, path, newlen); | |
4f7c840a | 872 | } |
b524b808 | 873 | #endif |
4f7c840a RL |
874 | if (newpath[0] == '\0') { |
875 | OPENSSL_strlcpy(newpath, path, newlen); | |
876 | OPENSSL_strlcat(newpath, "/", newlen); | |
877 | } | |
b524b808 TM |
878 | OPENSSL_strlcat(newpath, filename, newlen); |
879 | ||
880 | bio = BIO_new_file(newpath, "r"); | |
881 | OPENSSL_free(newpath); | |
882 | /* Errors when opening files are non-fatal. */ | |
883 | if (bio != NULL) | |
884 | return bio; | |
885 | } | |
886 | } | |
887 | OPENSSL_DIR_end(dirctx); | |
888 | *dirctx = NULL; | |
889 | return NULL; | |
890 | } | |
891 | #endif | |
892 | ||
a9b7a06e DMSP |
893 | static int is_keytype(const CONF *conf, char c, unsigned short type) |
894 | { | |
bbaeadb0 | 895 | const unsigned short *keytypes = (const unsigned short *) conf->meth_data; |
a9b7a06e DMSP |
896 | unsigned char key = (unsigned char)c; |
897 | ||
898 | #ifdef CHARSET_EBCDIC | |
899 | # if CHAR_BIT > 8 | |
900 | if (key > 255) { | |
901 | /* key is out of range for os_toascii table */ | |
902 | return 0; | |
903 | } | |
904 | # endif | |
905 | /* convert key from ebcdic to ascii */ | |
906 | key = os_toascii[key]; | |
907 | #endif | |
908 | ||
909 | if (key > 127) { | |
910 | /* key is not a seven bit ascii character */ | |
911 | return 0; | |
912 | } | |
913 | ||
914 | return (keytypes[key] & type) ? 1 : 0; | |
915 | } | |
916 | ||
d86b6915 | 917 | static char *eat_ws(CONF *conf, char *p) |
0f113f3e MC |
918 | { |
919 | while (IS_WS(conf, *p) && (!IS_EOF(conf, *p))) | |
920 | p++; | |
a2371fa9 | 921 | return p; |
0f113f3e | 922 | } |
d02b48c6 | 923 | |
b524b808 TM |
924 | static void trim_ws(CONF *conf, char *start) |
925 | { | |
926 | char *p = start; | |
927 | ||
928 | while (!IS_EOF(conf, *p)) | |
929 | p++; | |
930 | p--; | |
931 | while ((p >= start) && IS_WS(conf, *p)) | |
932 | p--; | |
933 | p++; | |
934 | *p = '\0'; | |
935 | } | |
936 | ||
d86b6915 | 937 | static char *eat_alpha_numeric(CONF *conf, char *p) |
0f113f3e MC |
938 | { |
939 | for (;;) { | |
940 | if (IS_ESC(conf, *p)) { | |
941 | p = scan_esc(conf, p); | |
942 | continue; | |
943 | } | |
0255c174 RL |
944 | if (!(IS_ALNUM_PUNCT(conf, *p) |
945 | || (conf->flag_dollarid && IS_DOLLAR(conf, *p)))) | |
a2371fa9 | 946 | return p; |
0f113f3e MC |
947 | p++; |
948 | } | |
949 | } | |
d02b48c6 | 950 | |
d86b6915 | 951 | static char *scan_quote(CONF *conf, char *p) |
0f113f3e MC |
952 | { |
953 | int q = *p; | |
954 | ||
955 | p++; | |
956 | while (!(IS_EOF(conf, *p)) && (*p != q)) { | |
957 | if (IS_ESC(conf, *p)) { | |
958 | p++; | |
959 | if (IS_EOF(conf, *p)) | |
a2371fa9 | 960 | return p; |
0f113f3e MC |
961 | } |
962 | p++; | |
963 | } | |
964 | if (*p == q) | |
965 | p++; | |
a2371fa9 | 966 | return p; |
0f113f3e | 967 | } |
d86b6915 RL |
968 | |
969 | static char *scan_dquote(CONF *conf, char *p) | |
0f113f3e MC |
970 | { |
971 | int q = *p; | |
972 | ||
973 | p++; | |
974 | while (!(IS_EOF(conf, *p))) { | |
975 | if (*p == q) { | |
976 | if (*(p + 1) == q) { | |
977 | p++; | |
978 | } else { | |
979 | break; | |
980 | } | |
981 | } | |
982 | p++; | |
983 | } | |
984 | if (*p == q) | |
985 | p++; | |
a2371fa9 | 986 | return p; |
0f113f3e | 987 | } |
d02b48c6 | 988 | |
2a056de8 | 989 | static void dump_value_doall_arg(const CONF_VALUE *a, BIO *out) |
0f113f3e MC |
990 | { |
991 | if (a->name) | |
992 | BIO_printf(out, "[%s] %s=%s\n", a->section, a->name, a->value); | |
993 | else | |
994 | BIO_printf(out, "[[%s]]\n", a->section); | |
995 | } | |
d86b6915 | 996 | |
2a056de8 | 997 | IMPLEMENT_LHASH_DOALL_ARG_CONST(CONF_VALUE, BIO); |
3c914840 | 998 | |
9dd5ae65 | 999 | static int def_dump(const CONF *conf, BIO *out) |
0f113f3e | 1000 | { |
2a056de8 | 1001 | lh_CONF_VALUE_doall_BIO(conf->data, dump_value_doall_arg, out); |
0f113f3e MC |
1002 | return 1; |
1003 | } | |
d02b48c6 | 1004 | |
9dd5ae65 | 1005 | static int def_is_number(const CONF *conf, char c) |
0f113f3e MC |
1006 | { |
1007 | return IS_NUMBER(conf, c); | |
1008 | } | |
d02b48c6 | 1009 | |
9dd5ae65 | 1010 | static int def_to_int(const CONF *conf, char c) |
0f113f3e MC |
1011 | { |
1012 | return c - '0'; | |
1013 | } |