]> git.ipfire.org Git - thirdparty/openssl.git/blob - test/recipes/90-test_store.t
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
APPS: generated certs bear X.509 V3, unless -x509v1 option of req app is given
[thirdparty/openssl.git] / test / recipes / 90-test_store.t
1 #! /usr/bin/env perl
2 # Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
3 #
4 # Licensed under the Apache License 2.0 (the "License"). You may not use
5 # this file except in compliance with the License. You can obtain a copy
6 # in the file LICENSE in the source distribution or at
7 # https://www.openssl.org/source/license.html
8
9 use File::Spec::Functions;
10 use File::Copy;
11 use MIME::Base64;
12 use OpenSSL::Test qw(:DEFAULT srctop_file srctop_dir bldtop_file bldtop_dir
13 data_file);
14 use OpenSSL::Test::Utils;
15
16 my $test_name = "test_store";
17 setup($test_name);
18
19 my $use_md5 = !disabled("md5");
20 my $use_des = !(disabled("des") || disabled("legacy")); # also affects 3des and pkcs12 app
21 my $use_dsa = !disabled("dsa");
22 my $use_ecc = !disabled("ec");
23
24 my @noexist_files =
25 ( "test/blahdiblah.pem",
26 "test/blahdibleh.der" );
27 my @src_files =
28 ( "test/testx509.pem",
29 "test/testrsa.pem",
30 "test/testrsapub.pem",
31 "test/testcrl.pem",
32 "apps/server.pem" );
33 my @data_files =
34 ( "testrsa.msb" );
35 push(@data_files,
36 ( "testrsa.pvk" ))
37 unless disabled("legacy") || disabled("rc4");
38 my @src_rsa_files =
39 ( "test/testrsa.pem",
40 "test/testrsapub.pem" );
41 my @generated_files =
42 (
43 ### generated from the source files
44
45 "testx509.der",
46 "testrsa.der",
47 "testrsapub.der",
48 "testcrl.der",
49
50 ### generated locally
51
52 "rsa-key-pkcs1.pem", "rsa-key-pkcs1.der",
53 "rsa-key-pkcs1-aes128.pem",
54 "rsa-key-pkcs8.pem", "rsa-key-pkcs8.der",
55 "rsa-key-pkcs8-pbes2-sha1.pem", "rsa-key-pkcs8-pbes2-sha1.der",
56 "rsa-key-pkcs8-pbes2-sha256.pem", "rsa-key-pkcs8-pbes2-sha256.der",
57 );
58 push(@generated_files, (
59 "rsa-key-pkcs8-pbes1-sha1-3des.pem", "rsa-key-pkcs8-pbes1-sha1-3des.der",
60 )) if $use_des;
61 push(@generated_files, (
62 "rsa-key-sha1-3des-sha1.p12", "rsa-key-sha1-3des-sha256.p12",
63 "rsa-key-aes256-cbc-sha256.p12",
64 "rsa-key-md5-des-sha1.p12",
65 "rsa-key-aes256-cbc-md5-des-sha256.p12"
66 )) if $use_des;
67 push(@generated_files, (
68 "rsa-key-pkcs8-pbes1-md5-des.pem", "rsa-key-pkcs8-pbes1-md5-des.der"
69 )) if $use_md5 && $use_des;
70 push(@generated_files, (
71 "dsa-key-pkcs1.pem", "dsa-key-pkcs1.der",
72 "dsa-key-pkcs1-aes128.pem",
73 "dsa-key-pkcs8.pem", "dsa-key-pkcs8.der",
74 "dsa-key-pkcs8-pbes2-sha1.pem", "dsa-key-pkcs8-pbes2-sha1.der",
75 )) if $use_dsa;
76 push(@generated_files, "dsa-key-aes256-cbc-sha256.p12") if $use_dsa && $use_des;
77 push(@generated_files, (
78 "ec-key-pkcs1.pem", "ec-key-pkcs1.der",
79 "ec-key-pkcs1-aes128.pem",
80 "ec-key-pkcs8.pem", "ec-key-pkcs8.der",
81 "ec-key-pkcs8-pbes2-sha1.pem", "ec-key-pkcs8-pbes2-sha1.der",
82 )) if $use_ecc;
83 push(@generated_files, "ec-key-aes256-cbc-sha256.p12") if $use_ecc && $use_des;
84 my %generated_file_files =
85 $^O eq 'linux'
86 ? ( "test/testx509.pem" => "file:testx509.pem",
87 "test/testrsa.pem" => "file:testrsa.pem",
88 "test/testrsapub.pem" => "file:testrsapub.pem",
89 "test/testcrl.pem" => "file:testcrl.pem",
90 "apps/server.pem" => "file:server.pem" )
91 : ();
92 my @noexist_file_files =
93 ( "file:blahdiblah.pem",
94 "file:test/blahdibleh.der" );
95
96 # There is more than one method to get a 'file:' loader.
97 # The default is a built-in provider implementation.
98 # However, there is also an engine, specially for testing purposes.
99 #
100 # @methods is a collection of extra 'openssl storeutl' arguments used to
101 # try the different methods.
102 my @methods;
103 my @prov_method = qw(-provider default);
104 push @prov_method, qw(-provider legacy) unless disabled('legacy');
105 push @methods, [ @prov_method ];
106 push @methods, [qw(-engine loader_attic)]
107 unless disabled('loadereng');
108
109 my $n = scalar @methods
110 * ( (3 * scalar @noexist_files)
111 + (6 * scalar @src_files)
112 + (2 * scalar @data_files)
113 + (4 * scalar @generated_files)
114 + (scalar keys %generated_file_files)
115 + (scalar @noexist_file_files)
116 + 3
117 + 11 );
118
119 # Test doesn't work under msys because the file name munging doesn't work
120 # correctly with the "ot:" prefix
121 my $do_test_ossltest_store =
122 !(disabled("engine") || disabled("dynamic-engine") || $^O =~ /^msys$/);
123
124 if ($do_test_ossltest_store) {
125 # test loading with apps 'org.openssl.engine:' loader, using the
126 # ossltest engine.
127 $n += 4 * scalar @src_rsa_files;
128 }
129
130 plan skip_all => "No plan" if $n == 0;
131
132 plan tests => $n;
133
134 indir "store_$$" => sub {
135 if ($do_test_ossltest_store) {
136 # ossltest loads PEM files, with names prefixed with 'ot:'.
137 # This prefix ensures that the files are, in fact, loaded through
138 # that engine and not mistakenly going through the 'file:' loader.
139
140 my $engine_scheme = 'org.openssl.engine:';
141 $ENV{OPENSSL_ENGINES} = bldtop_dir("engines");
142
143 foreach (@src_rsa_files) {
144 my $file = srctop_file($_);
145 my $file_abs = to_abs_file($file);
146 my @pubin = $_ =~ m|pub\.pem$| ? ("-pubin") : ();
147
148 ok(run(app(["openssl", "rsa", "-text", "-noout", @pubin,
149 "-engine", "ossltest", "-inform", "engine",
150 "-in", "ot:$file"])));
151 ok(run(app(["openssl", "rsa", "-text", "-noout", @pubin,
152 "-engine", "ossltest", "-inform", "engine",
153 "-in", "ot:$file_abs"])));
154 ok(run(app(["openssl", "rsa", "-text", "-noout", @pubin,
155 "-in", "${engine_scheme}ossltest:ot:$file"])));
156 ok(run(app(["openssl", "rsa", "-text", "-noout", @pubin,
157 "-in", "${engine_scheme}ossltest:ot:$file_abs"])));
158 }
159 }
160
161 SKIP:
162 {
163 init() or die "init failed";
164
165 my $rehash = init_rehash();
166
167 foreach my $method (@methods) {
168 my @storeutl = ( qw(openssl storeutl), @$method );
169
170 foreach (@noexist_files) {
171 my $file = srctop_file($_);
172
173 ok(!run(app([@storeutl, "-noout", $file])));
174 ok(!run(app([@storeutl, "-noout", to_abs_file($file)])));
175 {
176 local $ENV{MSYS2_ARG_CONV_EXCL} = "file:";
177
178 ok(!run(app([@storeutl, "-noout",
179 to_abs_file_uri($file)])));
180 }
181 }
182 foreach (@src_files) {
183 my $file = srctop_file($_);
184
185 ok(run(app([@storeutl, "-noout", $file])));
186 ok(run(app([@storeutl, "-noout", to_abs_file($file)])));
187 SKIP:
188 {
189 skip "file: tests disabled on MingW", 4 if $^O =~ /^msys$/;
190
191 ok(run(app([@storeutl, "-noout",
192 to_abs_file_uri($file)])));
193 ok(run(app([@storeutl, "-noout",
194 to_abs_file_uri($file, 0, "")])));
195 ok(run(app([@storeutl, "-noout",
196 to_abs_file_uri($file, 0, "localhost")])));
197 ok(!run(app([@storeutl, "-noout",
198 to_abs_file_uri($file, 0, "dummy")])));
199 }
200 }
201 foreach (@data_files) {
202 my $file = data_file($_);
203
204 ok(run(app([@storeutl, "-noout", "-passin", "pass:password",
205 $file])));
206 ok(run(app([@storeutl, "-noout", "-passin", "pass:password",
207 to_abs_file($file)])));
208 }
209 foreach (@generated_files) {
210 ok(run(app([@storeutl, "-noout", "-passin", "pass:password",
211 $_])));
212 ok(run(app([@storeutl, "-noout", "-passin", "pass:password",
213 to_abs_file($_)])));
214
215 SKIP:
216 {
217 skip "file: tests disabled on MingW", 2 if $^O =~ /^msys$/;
218
219 ok(run(app([@storeutl, "-noout", "-passin",
220 "pass:password", to_abs_file_uri($_)])));
221 ok(!run(app([@storeutl, "-noout", "-passin",
222 "pass:password", to_file_uri($_)])));
223 }
224 }
225 foreach (values %generated_file_files) {
226 SKIP:
227 {
228 skip "file: tests disabled on MingW", 1 if $^O =~ /^msys$/;
229
230 ok(run(app([@storeutl, "-noout", $_])));
231 }
232 }
233 foreach (@noexist_file_files) {
234 SKIP:
235 {
236 skip "file: tests disabled on MingW", 1 if $^O =~ /^msys$/;
237
238 ok(!run(app([@storeutl, "-noout", $_])));
239 }
240 }
241 {
242 my $dir = srctop_dir("test", "certs");
243
244 ok(run(app([@storeutl, "-noout", $dir])));
245 ok(run(app([@storeutl, "-noout", to_abs_file($dir, 1)])));
246 SKIP:
247 {
248 skip "file: tests disabled on MingW", 1 if $^O =~ /^msys$/;
249
250 ok(run(app([@storeutl, "-noout",
251 to_abs_file_uri($dir, 1)])));
252 }
253 }
254
255 ok(!run(app([@storeutl, '-noout',
256 '-subject', '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert',
257 srctop_file('test', 'testx509.pem')])),
258 "Checking that -subject can't be used with a single file");
259
260 ok(run(app([@storeutl, '-certs', '-noout',
261 srctop_file('test', 'testx509.pem')])),
262 "Checking that -certs returns 1 object on a certificate file");
263 ok(run(app([@storeutl, '-certs', '-noout',
264 srctop_file('test', 'testcrl.pem')])),
265 "Checking that -certs returns 0 objects on a CRL file");
266
267 ok(run(app([@storeutl, '-crls', '-noout',
268 srctop_file('test', 'testx509.pem')])),
269 "Checking that -crls returns 0 objects on a certificate file");
270 ok(run(app([@storeutl, '-crls', '-noout',
271 srctop_file('test', 'testcrl.pem')])),
272 "Checking that -crls returns 1 object on a CRL file");
273
274 SKIP: {
275 skip "failed rehash initialisation", 6 unless $rehash;
276
277 # subject from testx509.pem:
278 # '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert'
279 # issuer from testcrl.pem:
280 # '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority'
281 ok(run(app([@storeutl, '-noout',
282 '-subject', '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert',
283 catdir(curdir(), 'rehash')])));
284 ok(run(app([@storeutl, '-noout',
285 '-subject',
286 '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority',
287 catdir(curdir(), 'rehash')])));
288 ok(run(app([@storeutl, '-noout', '-certs',
289 '-subject', '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert',
290 catdir(curdir(), 'rehash')])));
291 ok(run(app([@storeutl, '-noout', '-crls',
292 '-subject', '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert',
293 catdir(curdir(), 'rehash')])));
294 ok(run(app([@storeutl, '-noout', '-certs',
295 '-subject',
296 '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority',
297 catdir(curdir(), 'rehash')])));
298 ok(run(app([@storeutl, '-noout', '-crls',
299 '-subject',
300 '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority',
301 catdir(curdir(), 'rehash')])));
302 }
303 }
304 }
305 }, create => 1, cleanup => 1;
306
307 sub init {
308 my $cnf = srctop_file('test', 'ca-and-certs.cnf');
309 my $cakey = srctop_file('test', 'certs', 'ca-key.pem');
310 my @std_args = qw(-provider default);
311 push @std_args, qw(-provider legacy)
312 unless disabled('legacy');
313 return (
314 # rsa-key-pkcs1.pem
315 run(app(["openssl", "pkey", @std_args,
316 "-in", data_file("rsa-key-2432.pem"),
317 "-out", "rsa-key-pkcs1.pem"]))
318 # rsa-key-pkcs1-aes128.pem
319 && run(app(["openssl", "rsa", @std_args,
320 "-passout", "pass:password", "-aes128",
321 "-in", "rsa-key-pkcs1.pem",
322 "-out", "rsa-key-pkcs1-aes128.pem"]))
323 # dsa-key-pkcs1.pem
324 && (!$use_dsa
325 || run(app(["openssl", "gendsa", @std_args,
326 "-out", "dsa-key-pkcs1.pem",
327 data_file("dsaparam.pem")])))
328 # dsa-key-pkcs1-aes128.pem
329 && (!$use_dsa
330 || run(app(["openssl", "dsa", @std_args,
331 "-passout", "pass:password", "-aes128",
332 "-in", "dsa-key-pkcs1.pem",
333 "-out", "dsa-key-pkcs1-aes128.pem"])))
334 # ec-key-pkcs1.pem (one might think that 'genec' would be practical)
335 && (!$use_ecc
336 || run(app(["openssl", "ecparam", @std_args,
337 "-genkey",
338 "-name", "prime256v1",
339 "-out", "ec-key-pkcs1.pem"])))
340 # ec-key-pkcs1-aes128.pem
341 && (!$use_ecc
342 || run(app(["openssl", "ec", @std_args,
343 "-passout", "pass:password", "-aes128",
344 "-in", "ec-key-pkcs1.pem",
345 "-out", "ec-key-pkcs1-aes128.pem"])))
346 # *-key-pkcs8.pem
347 && runall(sub {
348 my $dstfile = shift;
349 (my $srcfile = $dstfile)
350 =~ s/-key-pkcs8\.pem$/-key-pkcs1.pem/i;
351 run(app(["openssl", "pkcs8", @std_args,
352 "-topk8", "-nocrypt",
353 "-in", $srcfile, "-out", $dstfile]));
354 }, grep(/-key-pkcs8\.pem$/, @generated_files))
355 # *-key-pkcs8-pbes1-sha1-3des.pem
356 && runall(sub {
357 my $dstfile = shift;
358 (my $srcfile = $dstfile)
359 =~ s/-key-pkcs8-pbes1-sha1-3des\.pem$
360 /-key-pkcs8.pem/ix;
361 run(app(["openssl", "pkcs8", @std_args,
362 "-topk8",
363 "-passout", "pass:password",
364 "-v1", "pbeWithSHA1And3-KeyTripleDES-CBC",
365 "-in", $srcfile, "-out", $dstfile]));
366 }, grep(/-key-pkcs8-pbes1-sha1-3des\.pem$/, @generated_files))
367 # *-key-pkcs8-pbes1-md5-des.pem
368 && runall(sub {
369 my $dstfile = shift;
370 (my $srcfile = $dstfile)
371 =~ s/-key-pkcs8-pbes1-md5-des\.pem$
372 /-key-pkcs8.pem/ix;
373 run(app(["openssl", "pkcs8", @std_args,
374 "-topk8",
375 "-passout", "pass:password",
376 "-v1", "pbeWithSHA1And3-KeyTripleDES-CBC",
377 "-in", $srcfile, "-out", $dstfile]));
378 }, grep(/-key-pkcs8-pbes1-md5-des\.pem$/, @generated_files))
379 # *-key-pkcs8-pbes2-sha1.pem
380 && runall(sub {
381 my $dstfile = shift;
382 (my $srcfile = $dstfile)
383 =~ s/-key-pkcs8-pbes2-sha1\.pem$
384 /-key-pkcs8.pem/ix;
385 run(app(["openssl", "pkcs8", @std_args,
386 "-topk8",
387 "-passout", "pass:password",
388 "-v2", "aes256", "-v2prf", "hmacWithSHA1",
389 "-in", $srcfile, "-out", $dstfile]));
390 }, grep(/-key-pkcs8-pbes2-sha1\.pem$/, @generated_files))
391 # *-key-pkcs8-pbes2-sha1.pem
392 && runall(sub {
393 my $dstfile = shift;
394 (my $srcfile = $dstfile)
395 =~ s/-key-pkcs8-pbes2-sha256\.pem$
396 /-key-pkcs8.pem/ix;
397 run(app(["openssl", "pkcs8", @std_args,
398 "-topk8",
399 "-passout", "pass:password",
400 "-v2", "aes256", "-v2prf", "hmacWithSHA256",
401 "-in", $srcfile, "-out", $dstfile]));
402 }, grep(/-key-pkcs8-pbes2-sha256\.pem$/, @generated_files))
403 # *-cert.pem (intermediary for the .p12 inits)
404 && run(app(["openssl", "req", "-x509", @std_args,
405 "-config", $cnf, "-reqexts", "v3_ca", "-noenc",
406 "-key", $cakey, "-out", "cacert.pem"]))
407 && runall(sub {
408 my $srckey = shift;
409 (my $dstfile = $srckey) =~ s|-key-pkcs8\.|-cert.|;
410 (my $csr = $dstfile) =~ s|\.pem|.csr|;
411
412 (run(app(["openssl", "req", "-new", @std_args,
413 "-config", $cnf, "-section", "userreq",
414 "-key", $srckey, "-out", $csr]))
415 &&
416 run(app(["openssl", "x509", @std_args,
417 "-days", "3650",
418 "-CA", "cacert.pem",
419 "-CAkey", $cakey,
420 "-set_serial", time(), "-req",
421 "-in", $csr, "-out", $dstfile])));
422 }, grep(/-key-pkcs8\.pem$/, @generated_files))
423 # *.p12
424 && runall(sub {
425 my $dstfile = shift;
426 my ($type, $certpbe_index, $keypbe_index,
427 $macalg_index) =
428 $dstfile =~ m{^(.*)-key-(?|
429 # cert and key PBE are same
430 () #
431 ([^-]*-[^-]*)- # key & cert PBE
432 ([^-]*) # MACalg
433 |
434 # cert and key PBE are not same
435 ([^-]*-[^-]*)- # cert PBE
436 ([^-]*-[^-]*)- # key PBE
437 ([^-]*) # MACalg
438 )\.}x;
439 if (!$certpbe_index) {
440 $certpbe_index = $keypbe_index;
441 }
442 my $srckey = "$type-key-pkcs8.pem";
443 my $srccert = "$type-cert.pem";
444 my %pbes =
445 (
446 "sha1-3des" => "pbeWithSHA1And3-KeyTripleDES-CBC",
447 "md5-des" => "pbeWithMD5AndDES-CBC",
448 "aes256-cbc" => "AES-256-CBC",
449 );
450 my %macalgs =
451 (
452 "sha1" => "SHA1",
453 "sha256" => "SHA256",
454 );
455 my $certpbe = $pbes{$certpbe_index};
456 my $keypbe = $pbes{$keypbe_index};
457 my $macalg = $macalgs{$macalg_index};
458 if (!defined($certpbe) || !defined($keypbe)
459 || !defined($macalg)) {
460 print STDERR "Cert PBE for $certpbe_index not defined\n"
461 unless defined $certpbe;
462 print STDERR "Key PBE for $keypbe_index not defined\n"
463 unless defined $keypbe;
464 print STDERR "MACALG for $macalg_index not defined\n"
465 unless defined $macalg;
466 print STDERR "(destination file was $dstfile)\n";
467 return 0;
468 }
469 run(app(["openssl", "pkcs12", @std_args,
470 "-inkey", $srckey,
471 "-in", $srccert, "-passout", "pass:password",
472 "-chain", "-CAfile", "cacert.pem",
473 "-export", "-macalg", $macalg,
474 "-certpbe", $certpbe, "-keypbe", $keypbe,
475 "-out", $dstfile]));
476 }, grep(/\.p12/, @generated_files))
477 # *.der (the end all init)
478 && runall(sub {
479 my $dstfile = shift;
480 (my $srcfile = $dstfile) =~ s/\.der$/.pem/i;
481 if (! -f $srcfile) {
482 $srcfile = srctop_file("test", $srcfile);
483 }
484 my $infh;
485 unless (open $infh, $srcfile) {
486 return 0;
487 }
488 my $l;
489 while (($l = <$infh>) !~ /^-----BEGIN\s/
490 || $l =~ /^-----BEGIN.*PARAMETERS-----/) {
491 }
492 my $b64 = "";
493 while (($l = <$infh>) !~ /^-----END\s/) {
494 $l =~ s|\R$||;
495 $b64 .= $l unless $l =~ /:/;
496 }
497 close $infh;
498 my $der = decode_base64($b64);
499 unless (length($b64) / 4 * 3 - length($der) < 3) {
500 print STDERR "Length error, ",length($b64),
501 " bytes of base64 became ",length($der),
502 " bytes of der? ($srcfile => $dstfile)\n";
503 return 0;
504 }
505 my $outfh;
506 unless (open $outfh, ">:raw", $dstfile) {
507 return 0;
508 }
509 print $outfh $der;
510 close $outfh;
511 return 1;
512 }, grep(/\.der$/, @generated_files))
513 && runall(sub {
514 my $srcfile = shift;
515 my $dstfile = $generated_file_files{$srcfile};
516
517 unless (copy srctop_file($srcfile), $dstfile) {
518 warn "$!\n";
519 return 0;
520 }
521 return 1;
522 }, keys %generated_file_files)
523 );
524 }
525
526 sub init_rehash {
527 return (
528 mkdir(catdir(curdir(), 'rehash'))
529 && copy(srctop_file('test', 'testx509.pem'),
530 catdir(curdir(), 'rehash'))
531 && copy(srctop_file('test', 'testcrl.pem'),
532 catdir(curdir(), 'rehash'))
533 && run(app(['openssl', 'rehash', catdir(curdir(), 'rehash')]))
534 );
535 }
536
537 sub runall {
538 my ($function, @items) = @_;
539
540 foreach (@items) {
541 return 0 unless $function->($_);
542 }
543 return 1;
544 }
545
546 # According to RFC8089, a relative file: path is invalid. We still produce
547 # them for testing purposes.
548 sub to_file_uri {
549 my ($file, $isdir, $authority) = @_;
550 my $vol;
551 my $dir;
552
553 die "to_file_uri: No file given\n" if !defined($file) || $file eq '';
554
555 ($vol, $dir, $file) = File::Spec->splitpath($file, $isdir // 0);
556
557 # Make sure we have a Unix style directory.
558 $dir = join('/', File::Spec->splitdir($dir));
559 # Canonicalise it (note: it seems to be only needed on Unix)
560 while (1) {
561 my $newdir = $dir;
562 $newdir =~ s|/[^/]*[^/\.]+[^/]*/\.\./|/|g;
563 last if $newdir eq $dir;
564 $dir = $newdir;
565 }
566 # Take care of the corner cases the loop can't handle, and that $dir
567 # ends with a / unless it's empty
568 $dir =~ s|/[^/]*[^/\.]+[^/]*/\.\.$|/|;
569 $dir =~ s|^[^/]*[^/\.]+[^/]*/\.\./|/|;
570 $dir =~ s|^[^/]*[^/\.]+[^/]*/\.\.$||;
571 if ($isdir // 0) {
572 $dir =~ s|/$|| if $dir ne '/';
573 } else {
574 $dir .= '/' if $dir ne '' && $dir !~ m|/$|;
575 }
576
577 # If the file system has separate volumes (at present, Windows and VMS)
578 # we need to handle them. In URIs, they are invariably the first
579 # component of the path, which is always absolute.
580 # On VMS, user:[foo.bar] translates to /user/foo/bar
581 # On Windows, c:\Users\Foo translates to /c:/Users/Foo
582 if ($vol ne '') {
583 $vol =~ s|:||g if ($^O eq "VMS");
584 $dir = '/' . $dir if $dir ne '' && $dir !~ m|^/|;
585 $dir = '/' . $vol . $dir;
586 }
587 $file = $dir . $file;
588
589 return "file://$authority$file" if defined $authority;
590 return "file:$file";
591 }
592
593 sub to_abs_file {
594 my ($file) = @_;
595
596 return File::Spec->rel2abs($file);
597 }
598
599 sub to_abs_file_uri {
600 my ($file, $isdir, $authority) = @_;
601
602 die "to_abs_file_uri: No file given\n" if !defined($file) || $file eq '';
603 return to_file_uri(to_abs_file($file), $isdir, $authority);
604 }
A mirror of the official openssl repository