### Changes between 1.1.1 and 3.0 [xx XXX xxxx]
+ * Add ".pragma abspath:true" to prevent relative file inclusion in
+ config files.
+
+ * Rich Salz *
+
* OpenSSL includes a cryptographic module that is intended to be FIPS 140-2
validated. The module is implemented as an OpenSSL provider, the so-called
FIPS provider. A list of all changes related to the FIPS provider would go
return ret;
}
+
+/* Parse a boolean value and fill in *flag. Return 0 on error. */
+static int parsebool(const char *pval, int *flag)
+{
+ if (strcmp(pval, "on") == 0
+ || strcmp(pval, "true") == 0) {
+ *flag = 1;
+ } else if (strcmp(pval, "off") == 0
+ || strcmp(pval, "false") == 0) {
+ *flag = 0;
+ } else {
+ ERR_raise(ERR_LIB_CONF, CONF_R_INVALID_PRAGMA);
+ return 0;
+ }
+ return 1;
+}
+
static int def_load_bio(CONF *conf, BIO *in, long *line)
{
/* The macro BUFSIZE conflicts with a system macro in VxWorks */
* dollarid takes "on", "true or "off", "false"
*/
if (strcmp(p, "dollarid") == 0) {
- if (strcmp(pval, "on") == 0
- || strcmp(pval, "true") == 0) {
- conf->flag_dollarid = 1;
- } else if (strcmp(pval, "off") == 0
- || strcmp(pval, "false") == 0) {
- conf->flag_dollarid = 0;
- } else {
- ERR_raise(ERR_LIB_CONF, CONF_R_INVALID_PRAGMA);
+ if (!parsebool(pval, &conf->flag_dollarid))
+ goto err;
+ } else if (strcmp(p, "abspath") == 0) {
+ if (!parsebool(pval, &conf->flag_abspath))
goto err;
- }
}
/*
* We *ignore* any unknown pragma.
if (!str_copy(conf, psection, &include, p))
goto err;
+ if (conf->flag_abspath && !ossl_is_absolute_path(include)) {
+ ERR_raise(ERR_LIB_CONF, CONF_R_RELATIVE_PATH);
+ goto err;
+ }
+
if (include_dir != NULL && !ossl_is_absolute_path(include)) {
size_t newlen = strlen(include_dir) + strlen(include) + 2;
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
"openssl conf references missing section"},
{ERR_PACK(ERR_LIB_CONF, 0, CONF_R_RECURSIVE_DIRECTORY_INCLUDE),
"recursive directory include"},
+ {ERR_PACK(ERR_LIB_CONF, 0, CONF_R_RELATIVE_PATH), "relative path"},
{ERR_PACK(ERR_LIB_CONF, 0, CONF_R_SSL_COMMAND_SECTION_EMPTY),
"ssl command section empty"},
{ERR_PACK(ERR_LIB_CONF, 0, CONF_R_SSL_COMMAND_SECTION_NOT_FOUND),
CONF_R_OPENSSL_CONF_REFERENCES_MISSING_SECTION:124:\
openssl conf references missing section
CONF_R_RECURSIVE_DIRECTORY_INCLUDE:111:recursive directory include
+CONF_R_RELATIVE_PATH:125:relative path
CONF_R_SSL_COMMAND_SECTION_EMPTY:117:ssl command section empty
CONF_R_SSL_COMMAND_SECTION_NOT_FOUND:118:ssl command section not found
CONF_R_SSL_SECTION_EMPTY:119:ssl section empty
while scanning a directory, and that file has an B<.include> directive
that specifies a directory, that is also ignored.
-As a general rule, the B<pathname> should be an absolute path. Relative
-paths are evaluated based on the current working directory, so unless the
-file with the B<.include> directive is application-specific, the inclusion
-will not work as expected. The environment variable B<OPENSSL_CONF_INCLUDE>,
-if it exists, will be prepended to all B<.include> B<pathname>'s.
+As a general rule, the B<pathname> should be an absolute path; this can
+be enforced with the B<relpath> pragma, described below.
+The environment variable B<OPENSSL_CONF_INCLUDE>, if it exists,
+is prepended to all relative pathnames.
+If the pathname is still relative, it is interpreted based on the
+current working directory.
+
+To require all file inclusions to name absolute paths, use the following
+directive:
+
+ .progma [=] abspath:value
+
+The default behavior, where the B<value> is B<false> or B<off>, is to allow
+relative paths. To require all B<.include> pathnames to be absolute paths,
+use a B<value> of B<true> or B<on>.
In these files, the dollar sign, B<$>, is used to reference a variable, as
described below. On some platforms, however, it is common to treat B<$>
.pragma [=] dollarid:value
-Where B<value> is one of the following:
-
-=over 4
-
-=item B<off> or B<false>
-
-This is the default behavior. For example, C<foo$bar> is interpreted as
-C<foo> followed by the expansion of the variable C<bar>.
-
-=item B<on> or B<true>
-
-This specifies that dollar signs are part of the symbol name and
+The default behavior, where the B<value> is B<false> or B<off>, is to treat
+the dollarsign as indicating a variable name; C<foo$bar> is interpreted as
+C<foo> followed by the expansion of the variable C<bar>. If B<value> is
+B<true> or B<on>, then C<foo$bar> is a single seven-character name nad
variable expansions must be specified using braces or parentheses.
-For example, C<foo$bar> is treated as a single seven-character name.
-
-=back
=head2 Settings
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
# define CONF_R_NUMBER_TOO_LARGE 121
# define CONF_R_OPENSSL_CONF_REFERENCES_MISSING_SECTION 124
# define CONF_R_RECURSIVE_DIRECTORY_INCLUDE 111
+# define CONF_R_RELATIVE_PATH 125
# define CONF_R_SSL_COMMAND_SECTION_EMPTY 117
# define CONF_R_SSL_COMMAND_SECTION_NOT_FOUND 118
# define CONF_R_SSL_SECTION_EMPTY 119