]> git.ipfire.org Git - thirdparty/openssl.git/blob - providers/implementations/storemgmt/file_store.c
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
update set_ctx_param store management calls to return 1 for a NULL params
[thirdparty/openssl.git] / providers / implementations / storemgmt / file_store.c
1 /*
2 * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 #include "e_os.h" /* To get strncasecmp() on Windows */
11
12 #include <string.h>
13 #include <sys/stat.h>
14 #include <ctype.h> /* isdigit */
15 #include <assert.h>
16
17 #include <openssl/core_dispatch.h>
18 #include <openssl/core_names.h>
19 #include <openssl/core_object.h>
20 #include <openssl/bio.h>
21 #include <openssl/err.h>
22 #include <openssl/params.h>
23 #include <openssl/decoder.h>
24 #include <openssl/proverr.h>
25 #include <openssl/store.h> /* The OSSL_STORE_INFO type numbers */
26 #include "internal/cryptlib.h"
27 #include "internal/o_dir.h"
28 #include "crypto/decoder.h"
29 #include "prov/implementations.h"
30 #include "prov/bio.h"
31 #include "file_store_local.h"
32
33 DEFINE_STACK_OF(OSSL_STORE_INFO)
34
35 #ifdef _WIN32
36 # define stat _stat
37 #endif
38
39 #ifndef S_ISDIR
40 # define S_ISDIR(a) (((a) & S_IFMT) == S_IFDIR)
41 #endif
42
43 static OSSL_FUNC_store_open_fn file_open;
44 static OSSL_FUNC_store_attach_fn file_attach;
45 static OSSL_FUNC_store_settable_ctx_params_fn file_settable_ctx_params;
46 static OSSL_FUNC_store_set_ctx_params_fn file_set_ctx_params;
47 static OSSL_FUNC_store_load_fn file_load;
48 static OSSL_FUNC_store_eof_fn file_eof;
49 static OSSL_FUNC_store_close_fn file_close;
50
51 /*
52 * This implementation makes full use of OSSL_DECODER, and then some.
53 * It uses its own internal decoder implementation that reads DER and
54 * passes that on to the data callback; this decoder is created with
55 * internal OpenSSL functions, thereby bypassing the need for a surrounding
56 * provider. This is ok, since this is a local decoder, not meant for
57 * public consumption. It also uses the libcrypto internal decoder
58 * setup function ossl_decoder_ctx_setup_for_pkey(), to allow the
59 * last resort decoder to be added first (and thereby be executed last).
60 * Finally, it sets up its own construct and cleanup functions.
61 *
62 * Essentially, that makes this implementation a kind of glorified decoder.
63 */
64
65 struct file_ctx_st {
66 void *provctx;
67 char *uri; /* The URI we currently try to load */
68 enum {
69 IS_FILE = 0, /* Read file and pass results */
70 IS_DIR /* Pass directory entry names */
71 } type;
72
73 union {
74 /* Used with |IS_FILE| */
75 struct {
76 BIO *file;
77
78 OSSL_DECODER_CTX *decoderctx;
79 char *input_type;
80 char *propq; /* The properties we got as a parameter */
81 } file;
82
83 /* Used with |IS_DIR| */
84 struct {
85 OPENSSL_DIR_CTX *ctx;
86 int end_reached;
87
88 /*
89 * When a search expression is given, these are filled in.
90 * |search_name| contains the file basename to look for.
91 * The string is exactly 8 characters long.
92 */
93 char search_name[9];
94
95 /*
96 * The directory reading utility we have combines opening with
97 * reading the first name. To make sure we can detect the end
98 * at the right time, we read early and cache the name.
99 */
100 const char *last_entry;
101 int last_errno;
102 } dir;
103 } _;
104
105 /* Expected object type. May be unspecified */
106 int expected_type;
107 };
108
109 static void free_file_ctx(struct file_ctx_st *ctx)
110 {
111 if (ctx == NULL)
112 return;
113
114 OPENSSL_free(ctx->uri);
115 if (ctx->type != IS_DIR) {
116 OSSL_DECODER_CTX_free(ctx->_.file.decoderctx);
117 OPENSSL_free(ctx->_.file.propq);
118 OPENSSL_free(ctx->_.file.input_type);
119 }
120 OPENSSL_free(ctx);
121 }
122
123 static struct file_ctx_st *new_file_ctx(int type, const char *uri,
124 void *provctx)
125 {
126 struct file_ctx_st *ctx = NULL;
127
128 if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) != NULL
129 && (uri == NULL || (ctx->uri = OPENSSL_strdup(uri)) != NULL)) {
130 ctx->type = type;
131 ctx->provctx = provctx;
132 return ctx;
133 }
134 free_file_ctx(ctx);
135 return NULL;
136 }
137
138 static OSSL_DECODER_CONSTRUCT file_load_construct;
139 static OSSL_DECODER_CLEANUP file_load_cleanup;
140
141 /*-
142 * Opening / attaching streams and directories
143 * -------------------------------------------
144 */
145
146 /*
147 * Function to service both file_open() and file_attach()
148 *
149 *
150 */
151 static struct file_ctx_st *file_open_stream(BIO *source, const char *uri,
152 const char *input_type,
153 void *provctx)
154 {
155 struct file_ctx_st *ctx;
156
157 if ((ctx = new_file_ctx(IS_FILE, uri, provctx)) == NULL
158 || (input_type != NULL
159 && (ctx->_.file.input_type =
160 OPENSSL_strdup(input_type)) == NULL)) {
161 ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
162 goto err;
163 }
164
165 ctx->_.file.file = source;
166
167 return ctx;
168 err:
169 free_file_ctx(ctx);
170 return NULL;
171 }
172
173 static void *file_open_dir(const char *path, const char *uri, void *provctx)
174 {
175 struct file_ctx_st *ctx;
176
177 if ((ctx = new_file_ctx(IS_DIR, uri, provctx)) == NULL) {
178 ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
179 goto err;
180 }
181
182 ctx->_.dir.last_entry = OPENSSL_DIR_read(&ctx->_.dir.ctx, path);
183 ctx->_.dir.last_errno = errno;
184 if (ctx->_.dir.last_entry == NULL) {
185 if (ctx->_.dir.last_errno != 0) {
186 ERR_raise_data(ERR_LIB_SYS, ctx->_.dir.last_errno,
187 "Calling OPENSSL_DIR_read(\"%s\")", path);
188 goto err;
189 }
190 ctx->_.dir.end_reached = 1;
191 }
192 return ctx;
193 err:
194 file_close(ctx);
195 return NULL;
196 }
197
198 static void *file_open(void *provctx, const char *uri)
199 {
200 struct file_ctx_st *ctx = NULL;
201 struct stat st;
202 struct {
203 const char *path;
204 unsigned int check_absolute:1;
205 } path_data[2];
206 size_t path_data_n = 0, i;
207 const char *path;
208 BIO *bio;
209
210 ERR_set_mark();
211
212 /*
213 * First step, just take the URI as is.
214 */
215 path_data[path_data_n].check_absolute = 0;
216 path_data[path_data_n++].path = uri;
217
218 /*
219 * Second step, if the URI appears to start with the 'file' scheme,
220 * extract the path and make that the second path to check.
221 * There's a special case if the URI also contains an authority, then
222 * the full URI shouldn't be used as a path anywhere.
223 */
224 if (strncasecmp(uri, "file:", 5) == 0) {
225 const char *p = &uri[5];
226
227 if (strncmp(&uri[5], "//", 2) == 0) {
228 path_data_n--; /* Invalidate using the full URI */
229 if (strncasecmp(&uri[7], "localhost/", 10) == 0) {
230 p = &uri[16];
231 } else if (uri[7] == '/') {
232 p = &uri[7];
233 } else {
234 ERR_clear_last_mark();
235 ERR_raise(ERR_LIB_PROV, PROV_R_URI_AUTHORITY_UNSUPPORTED);
236 return NULL;
237 }
238 }
239
240 path_data[path_data_n].check_absolute = 1;
241 #ifdef _WIN32
242 /* Windows file: URIs with a drive letter start with a / */
243 if (p[0] == '/' && p[2] == ':' && p[3] == '/') {
244 char c = tolower(p[1]);
245
246 if (c >= 'a' && c <= 'z') {
247 p++;
248 /* We know it's absolute, so no need to check */
249 path_data[path_data_n].check_absolute = 0;
250 }
251 }
252 #endif
253 path_data[path_data_n++].path = p;
254 }
255
256
257 for (i = 0, path = NULL; path == NULL && i < path_data_n; i++) {
258 /*
259 * If the scheme "file" was an explicit part of the URI, the path must
260 * be absolute. So says RFC 8089
261 */
262 if (path_data[i].check_absolute && path_data[i].path[0] != '/') {
263 ERR_clear_last_mark();
264 ERR_raise_data(ERR_LIB_PROV, PROV_R_PATH_MUST_BE_ABSOLUTE,
265 "Given path=%s", path_data[i].path);
266 return NULL;
267 }
268
269 if (stat(path_data[i].path, &st) < 0) {
270 ERR_raise_data(ERR_LIB_SYS, errno,
271 "calling stat(%s)",
272 path_data[i].path);
273 } else {
274 path = path_data[i].path;
275 }
276 }
277 if (path == NULL) {
278 ERR_clear_last_mark();
279 return NULL;
280 }
281
282 /* Successfully found a working path, clear possible collected errors */
283 ERR_pop_to_mark();
284
285 if (S_ISDIR(st.st_mode))
286 ctx = file_open_dir(path, uri, provctx);
287 else if ((bio = BIO_new_file(path, "rb")) == NULL
288 || (ctx = file_open_stream(bio, uri, NULL, provctx)) == NULL)
289 BIO_free_all(bio);
290
291 return ctx;
292 }
293
294 void *file_attach(void *provctx, OSSL_CORE_BIO *cin)
295 {
296 struct file_ctx_st *ctx;
297 BIO *new_bio = bio_new_from_core_bio(provctx, cin);
298
299 if (new_bio == NULL)
300 return NULL;
301
302 ctx = file_open_stream(new_bio, NULL, NULL, provctx);
303 if (ctx == NULL)
304 BIO_free(new_bio);
305 return ctx;
306 }
307
308 /*-
309 * Setting parameters
310 * ------------------
311 */
312
313 static const OSSL_PARAM *file_settable_ctx_params(void *provctx)
314 {
315 static const OSSL_PARAM known_settable_ctx_params[] = {
316 OSSL_PARAM_utf8_string(OSSL_STORE_PARAM_PROPERTIES, NULL, 0),
317 OSSL_PARAM_int(OSSL_STORE_PARAM_EXPECT, NULL),
318 OSSL_PARAM_octet_string(OSSL_STORE_PARAM_SUBJECT, NULL, 0),
319 OSSL_PARAM_END
320 };
321 return known_settable_ctx_params;
322 }
323
324 static int file_set_ctx_params(void *loaderctx, const OSSL_PARAM params[])
325 {
326 struct file_ctx_st *ctx = loaderctx;
327 const OSSL_PARAM *p;
328
329 if (params == NULL)
330 return 1;
331
332 p = OSSL_PARAM_locate_const(params, OSSL_STORE_PARAM_PROPERTIES);
333 if (p != NULL) {
334 OPENSSL_free(ctx->_.file.propq);
335 ctx->_.file.propq = NULL;
336 if (!OSSL_PARAM_get_utf8_string(p, &ctx->_.file.propq, 0))
337 return 0;
338 }
339 p = OSSL_PARAM_locate_const(params, OSSL_STORE_PARAM_EXPECT);
340 if (p != NULL && !OSSL_PARAM_get_int(p, &ctx->expected_type))
341 return 0;
342 p = OSSL_PARAM_locate_const(params, OSSL_STORE_PARAM_SUBJECT);
343 if (p != NULL) {
344 const unsigned char *der = NULL;
345 size_t der_len = 0;
346 X509_NAME *x509_name;
347 unsigned long hash;
348 int ok;
349
350 if (ctx->type != IS_DIR) {
351 ERR_raise(ERR_LIB_PROV,
352 PROV_R_SEARCH_ONLY_SUPPORTED_FOR_DIRECTORIES);
353 return 0;
354 }
355
356 if (!OSSL_PARAM_get_octet_string_ptr(p, (const void **)&der, &der_len)
357 || (x509_name = d2i_X509_NAME(NULL, &der, der_len)) == NULL)
358 return 0;
359 hash = X509_NAME_hash_ex(x509_name,
360 ossl_prov_ctx_get0_libctx(ctx->provctx), NULL,
361 &ok);
362 BIO_snprintf(ctx->_.dir.search_name, sizeof(ctx->_.dir.search_name),
363 "%08lx", hash);
364 X509_NAME_free(x509_name);
365 if (ok == 0)
366 return 0;
367 }
368 return 1;
369 }
370
371 /*-
372 * Loading an object from a stream
373 * -------------------------------
374 */
375
376 struct file_load_data_st {
377 OSSL_CALLBACK *object_cb;
378 void *object_cbarg;
379 };
380
381 static int file_load_construct(OSSL_DECODER_INSTANCE *decoder_inst,
382 const OSSL_PARAM *params, void *construct_data)
383 {
384 struct file_load_data_st *data = construct_data;
385
386 /*
387 * At some point, we may find it justifiable to recognise PKCS#12 and
388 * handle it specially here, making |file_load()| return pass its
389 * contents one piece at ta time, like |e_loader_attic.c| does.
390 *
391 * However, that currently means parsing them out, which converts the
392 * DER encoded PKCS#12 into a bunch of EVP_PKEYs and X509s, just to
393 * have to re-encode them into DER to create an object abstraction for
394 * each of them.
395 * It's much simpler (less churn) to pass on the object abstraction we
396 * get to the load_result callback and leave it to that one to do the
397 * work. If that's libcrypto code, we know that it has much better
398 * possibilities to handle the EVP_PKEYs and X509s without the extra
399 * churn.
400 */
401
402 return data->object_cb(params, data->object_cbarg);
403 }
404
405 void file_load_cleanup(void *construct_data)
406 {
407 /* Nothing to do */
408 }
409
410 static int file_setup_decoders(struct file_ctx_st *ctx)
411 {
412 EVP_PKEY *dummy; /* for ossl_decoder_ctx_setup_for_pkey() */
413 OSSL_LIB_CTX *libctx = ossl_prov_ctx_get0_libctx(ctx->provctx);
414 OSSL_DECODER *to_obj = NULL; /* Last resort decoder */
415 OSSL_DECODER_INSTANCE *to_obj_inst = NULL;
416 OSSL_DECODER_CLEANUP *old_cleanup = NULL;
417 void *old_construct_data = NULL;
418 int ok = 0;
419
420 /* Setup for this session, so only if not already done */
421 if (ctx->_.file.decoderctx == NULL) {
422 if ((ctx->_.file.decoderctx = OSSL_DECODER_CTX_new()) == NULL) {
423 ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
424 goto err;
425 }
426
427 /* Make sure the input type is set */
428 if (!OSSL_DECODER_CTX_set_input_type(ctx->_.file.decoderctx,
429 ctx->_.file.input_type)) {
430 ERR_raise(ERR_LIB_PROV, ERR_R_OSSL_DECODER_LIB);
431 goto err;
432 }
433
434 /*
435 * Create the internal last resort decoder implementation together
436 * with a "decoder instance".
437 * The decoder doesn't need any identification or to be attached to
438 * any provider, since it's only used locally.
439 */
440 to_obj = ossl_decoder_from_dispatch(0, &ossl_der_to_obj_algorithm,
441 NULL);
442 if (to_obj == NULL)
443 goto err;
444 to_obj_inst = ossl_decoder_instance_new(to_obj, ctx->provctx);
445 if (to_obj_inst == NULL)
446 goto err;
447
448 if (!ossl_decoder_ctx_add_decoder_inst(ctx->_.file.decoderctx,
449 to_obj_inst)) {
450 ERR_raise(ERR_LIB_PROV, ERR_R_OSSL_DECODER_LIB);
451 goto err;
452 }
453
454 /*
455 * OSSL_DECODER_INSTANCE shouldn't be freed from this point on.
456 * That's going to happen whenever the OSSL_DECODER_CTX is freed.
457 */
458 to_obj_inst = NULL;
459
460 /*
461 * Add on the usual decoder context for keys, with a dummy object.
462 * Since we're setting up our own constructor, we don't need to care
463 * more than that...
464 */
465 if (!ossl_decoder_ctx_setup_for_pkey(ctx->_.file.decoderctx,
466 &dummy, NULL,
467 libctx, ctx->_.file.propq)
468 || !OSSL_DECODER_CTX_add_extra(ctx->_.file.decoderctx,
469 libctx, ctx->_.file.propq)) {
470 ERR_raise(ERR_LIB_PROV, ERR_R_OSSL_DECODER_LIB);
471 goto err;
472 }
473
474 /*
475 * Then we throw away the installed finalizer data, and install our
476 * own instead.
477 */
478 old_cleanup = OSSL_DECODER_CTX_get_cleanup(ctx->_.file.decoderctx);
479 old_construct_data =
480 OSSL_DECODER_CTX_get_construct_data(ctx->_.file.decoderctx);
481 if (old_cleanup != NULL)
482 old_cleanup(old_construct_data);
483
484 /*
485 * Set the hooks.
486 */
487 if (!OSSL_DECODER_CTX_set_construct(ctx->_.file.decoderctx,
488 file_load_construct)
489 || !OSSL_DECODER_CTX_set_cleanup(ctx->_.file.decoderctx,
490 file_load_cleanup)) {
491 ERR_raise(ERR_LIB_PROV, ERR_R_OSSL_DECODER_LIB);
492 goto err;
493 }
494 }
495
496 ok = 1;
497 err:
498 OSSL_DECODER_free(to_obj);
499 return ok;
500 }
501
502 static int file_load_file(struct file_ctx_st *ctx,
503 OSSL_CALLBACK *object_cb, void *object_cbarg,
504 OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg)
505 {
506 struct file_load_data_st data;
507
508 /* Setup the decoders (one time shot per session */
509
510 if (!file_setup_decoders(ctx))
511 return 0;
512
513 /* Setup for this object */
514
515 data.object_cb = object_cb;
516 data.object_cbarg = object_cbarg;
517 OSSL_DECODER_CTX_set_construct_data(ctx->_.file.decoderctx, &data);
518 OSSL_DECODER_CTX_set_passphrase_cb(ctx->_.file.decoderctx, pw_cb, pw_cbarg);
519
520 /* Launch */
521
522 return OSSL_DECODER_from_bio(ctx->_.file.decoderctx, ctx->_.file.file);
523 }
524
525 /*-
526 * Loading a name object from a directory
527 * --------------------------------------
528 */
529
530 static char *file_name_to_uri(struct file_ctx_st *ctx, const char *name)
531 {
532 char *data = NULL;
533
534 assert(name != NULL);
535 {
536 const char *pathsep = ossl_ends_with_dirsep(ctx->uri) ? "" : "/";
537 long calculated_length = strlen(ctx->uri) + strlen(pathsep)
538 + strlen(name) + 1 /* \0 */;
539
540 data = OPENSSL_zalloc(calculated_length);
541 if (data == NULL) {
542 ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
543 return NULL;
544 }
545
546 OPENSSL_strlcat(data, ctx->uri, calculated_length);
547 OPENSSL_strlcat(data, pathsep, calculated_length);
548 OPENSSL_strlcat(data, name, calculated_length);
549 }
550 return data;
551 }
552
553 static int file_name_check(struct file_ctx_st *ctx, const char *name)
554 {
555 const char *p = NULL;
556
557 /* If there are no search criteria, all names are accepted */
558 if (ctx->_.dir.search_name[0] == '\0')
559 return 1;
560
561 /* If the expected type isn't supported, no name is accepted */
562 if (ctx->expected_type != 0
563 && ctx->expected_type != OSSL_STORE_INFO_CERT
564 && ctx->expected_type != OSSL_STORE_INFO_CRL)
565 return 0;
566
567 /*
568 * First, check the basename
569 */
570 if (strncasecmp(name, ctx->_.dir.search_name,
571 sizeof(ctx->_.dir.search_name) - 1) != 0
572 || name[sizeof(ctx->_.dir.search_name) - 1] != '.')
573 return 0;
574 p = &name[sizeof(ctx->_.dir.search_name)];
575
576 /*
577 * Then, if the expected type is a CRL, check that the extension starts
578 * with 'r'
579 */
580 if (*p == 'r') {
581 p++;
582 if (ctx->expected_type != 0
583 && ctx->expected_type != OSSL_STORE_INFO_CRL)
584 return 0;
585 } else if (ctx->expected_type == OSSL_STORE_INFO_CRL) {
586 return 0;
587 }
588
589 /*
590 * Last, check that the rest of the extension is a decimal number, at
591 * least one digit long.
592 */
593 if (!isdigit(*p))
594 return 0;
595 while (isdigit(*p))
596 p++;
597
598 #ifdef __VMS
599 /*
600 * One extra step here, check for a possible generation number.
601 */
602 if (*p == ';')
603 for (p++; *p != '\0'; p++)
604 if (!ossl_isdigit(*p))
605 break;
606 #endif
607
608 /*
609 * If we've reached the end of the string at this point, we've successfully
610 * found a fitting file name.
611 */
612 return *p == '\0';
613 }
614
615 static int file_load_dir_entry(struct file_ctx_st *ctx,
616 OSSL_CALLBACK *object_cb, void *object_cbarg,
617 OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg)
618 {
619 /* Prepare as much as possible in advance */
620 static const int object_type = OSSL_OBJECT_NAME;
621 OSSL_PARAM object[] = {
622 OSSL_PARAM_int(OSSL_OBJECT_PARAM_TYPE, (int *)&object_type),
623 OSSL_PARAM_utf8_string(OSSL_OBJECT_PARAM_DATA, NULL, 0),
624 OSSL_PARAM_END
625 };
626 char *newname = NULL;
627 int ok;
628
629 /* Loop until we get an error or until we have a suitable name */
630 do {
631 if (ctx->_.dir.last_entry == NULL) {
632 if (!ctx->_.dir.end_reached) {
633 assert(ctx->_.dir.last_errno != 0);
634 ERR_raise(ERR_LIB_SYS, ctx->_.dir.last_errno);
635 }
636 /* file_eof() will tell if EOF was reached */
637 return 0;
638 }
639
640 /* flag acceptable names */
641 if (ctx->_.dir.last_entry[0] != '.'
642 && file_name_check(ctx, ctx->_.dir.last_entry)) {
643
644 /* If we can't allocate the new name, we fail */
645 if ((newname =
646 file_name_to_uri(ctx, ctx->_.dir.last_entry)) == NULL)
647 return 0;
648 }
649
650 /*
651 * On the first call (with a NULL context), OPENSSL_DIR_read()
652 * cares about the second argument. On the following calls, it
653 * only cares that it isn't NULL. Therefore, we can safely give
654 * it our URI here.
655 */
656 ctx->_.dir.last_entry = OPENSSL_DIR_read(&ctx->_.dir.ctx, ctx->uri);
657 ctx->_.dir.last_errno = errno;
658 if (ctx->_.dir.last_entry == NULL && ctx->_.dir.last_errno == 0)
659 ctx->_.dir.end_reached = 1;
660 } while (newname == NULL);
661
662 object[1].data = newname;
663 object[1].data_size = strlen(newname);
664 ok = object_cb(object, object_cbarg);
665 OPENSSL_free(newname);
666 return ok;
667 }
668
669 /*-
670 * Loading, local dispatcher
671 * -------------------------
672 */
673
674 static int file_load(void *loaderctx,
675 OSSL_CALLBACK *object_cb, void *object_cbarg,
676 OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg)
677 {
678 struct file_ctx_st *ctx = loaderctx;
679
680 switch (ctx->type) {
681 case IS_FILE:
682 return file_load_file(ctx, object_cb, object_cbarg, pw_cb, pw_cbarg);
683 case IS_DIR:
684 return
685 file_load_dir_entry(ctx, object_cb, object_cbarg, pw_cb, pw_cbarg);
686 default:
687 break;
688 }
689
690 /* ctx->type has an unexpected value */
691 assert(0);
692 return 0;
693 }
694
695 /*-
696 * Eof detection and closing
697 * -------------------------
698 */
699
700 static int file_eof(void *loaderctx)
701 {
702 struct file_ctx_st *ctx = loaderctx;
703
704 switch (ctx->type) {
705 case IS_DIR:
706 return ctx->_.dir.end_reached;
707 case IS_FILE:
708 /*
709 * BIO_pending() checks any filter BIO.
710 * BIO_eof() checks the source BIO.
711 */
712 return !BIO_pending(ctx->_.file.file)
713 && BIO_eof(ctx->_.file.file);
714 }
715
716 /* ctx->type has an unexpected value */
717 assert(0);
718 return 1;
719 }
720
721 static int file_close_dir(struct file_ctx_st *ctx)
722 {
723 if (ctx->_.dir.ctx != NULL)
724 OPENSSL_DIR_end(&ctx->_.dir.ctx);
725 free_file_ctx(ctx);
726 return 1;
727 }
728
729 static int file_close_stream(struct file_ctx_st *ctx)
730 {
731 /*
732 * This frees either the provider BIO filter (for file_attach()) OR
733 * the allocated file BIO (for file_open()).
734 */
735 BIO_free(ctx->_.file.file);
736 ctx->_.file.file = NULL;
737
738 free_file_ctx(ctx);
739 return 1;
740 }
741
742 static int file_close(void *loaderctx)
743 {
744 struct file_ctx_st *ctx = loaderctx;
745
746 switch (ctx->type) {
747 case IS_DIR:
748 return file_close_dir(ctx);
749 case IS_FILE:
750 return file_close_stream(ctx);
751 }
752
753 /* ctx->type has an unexpected value */
754 assert(0);
755 return 1;
756 }
757
758 const OSSL_DISPATCH ossl_file_store_functions[] = {
759 { OSSL_FUNC_STORE_OPEN, (void (*)(void))file_open },
760 { OSSL_FUNC_STORE_ATTACH, (void (*)(void))file_attach },
761 { OSSL_FUNC_STORE_SETTABLE_CTX_PARAMS,
762 (void (*)(void))file_settable_ctx_params },
763 { OSSL_FUNC_STORE_SET_CTX_PARAMS, (void (*)(void))file_set_ctx_params },
764 { OSSL_FUNC_STORE_LOAD, (void (*)(void))file_load },
765 { OSSL_FUNC_STORE_EOF, (void (*)(void))file_eof },
766 { OSSL_FUNC_STORE_CLOSE, (void (*)(void))file_close },
767 { 0, NULL },
768 };
A mirror of the official openssl repository