Load the default config file before working with default properties

author Matt Caswell <matt@openssl.org>

Fri, 31 Jul 2020 16:29:21 +0000 (17:29 +0100)

committer Matt Caswell <matt@openssl.org>

Mon, 17 Aug 2020 10:27:51 +0000 (11:27 +0100)
author Matt Caswell <matt@openssl.org>
Fri, 31 Jul 2020 16:29:21 +0000 (17:29 +0100)
committer Matt Caswell <matt@openssl.org>
Mon, 17 Aug 2020 10:27:51 +0000 (11:27 +0100)
diff --git a/crypto/evp/evp_cnf.c b/crypto/evp/evp_cnf.c

index 27815553bd1795c369dd8cff1ac79cf245f2da55..455b258a9a1555c21eddeac3c59d506ddfc3d029 100644 (file)
--- a/crypto/evp/evp_cnf.c
+++ b/crypto/evp/evp_cnf.c
@@ -14,6 +14,7 @@
  #include <openssl/x509.h>
  #include <openssl/x509v3.h>
  #include <openssl/trace.h>
+#include "crypto/evp.h"
  
  DEFINE_STACK_OF(CONF_VALUE)
  
@@ -52,7 +53,7 @@ static int alg_module_init(CONF_IMODULE *md, const CONF *cnf)
                  return 0;
              }
          } else if (strcmp(oval->name, "default_properties") == 0) {
-            if (!EVP_set_default_properties(cnf->libctx, oval->value)) {
+            if (!evp_set_default_properties_int(cnf->libctx, oval->value, 0)) {
                  EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_SET_DEFAULT_PROPERTY_FAILURE);
                  return 0;
              }
diff --git a/crypto/evp/evp_fetch.c b/crypto/evp/evp_fetch.c

index 4c3992ab408a7f2462879f2ac461cdeae200bfac..7b0cea7f0b756170e646ff0d6526234806fb2242 100644 (file)
--- a/crypto/evp/evp_fetch.c
+++ b/crypto/evp/evp_fetch.c
@@ -377,11 +377,12 @@ void evp_method_store_flush(OPENSSL_CTX *libctx)
          ossl_method_store_flush_cache(store, 1);
  }
  
-static int evp_set_default_properties(OPENSSL_CTX *libctx,
-                                      OSSL_PROPERTY_LIST *def_prop)
+static int evp_set_parsed_default_properties(OPENSSL_CTX *libctx,
+                                             OSSL_PROPERTY_LIST *def_prop,
+                                             int loadconfig)
  {
      OSSL_METHOD_STORE *store = get_evp_method_store(libctx);
-    OSSL_PROPERTY_LIST **plp = ossl_ctx_global_properties(libctx);
+    OSSL_PROPERTY_LIST **plp = ossl_ctx_global_properties(libctx, loadconfig);
  
      if (plp != NULL) {
          ossl_property_free(*plp);
@@ -394,7 +395,8 @@ static int evp_set_default_properties(OPENSSL_CTX *libctx,
      return 0;
  }
  
-int EVP_set_default_properties(OPENSSL_CTX *libctx, const char *propq)
+int evp_set_default_properties_int(OPENSSL_CTX *libctx, const char *propq,
+                                   int loadconfig)
  {
      OSSL_PROPERTY_LIST *pl = NULL;
  
@@ -402,13 +404,17 @@ int EVP_set_default_properties(OPENSSL_CTX *libctx, const char *propq)
          EVPerr(0, EVP_R_DEFAULT_QUERY_PARSE_ERROR);
          return 0;
      }
-    return evp_set_default_properties(libctx, pl);
+    return evp_set_parsed_default_properties(libctx, pl, loadconfig);
  }
  
+int EVP_set_default_properties(OPENSSL_CTX *libctx, const char *propq)
+{
+    return evp_set_default_properties_int(libctx, propq, 1);
+}
  
  static int evp_default_properties_merge(OPENSSL_CTX *libctx, const char *propq)
  {
-    OSSL_PROPERTY_LIST **plp = ossl_ctx_global_properties(libctx);
+    OSSL_PROPERTY_LIST **plp = ossl_ctx_global_properties(libctx, 1);
      OSSL_PROPERTY_LIST *pl1, *pl2;
  
      if (propq == NULL)
@@ -425,13 +431,13 @@ static int evp_default_properties_merge(OPENSSL_CTX *libctx, const char *propq)
          EVPerr(0, ERR_R_MALLOC_FAILURE);
          return 0;
      }
-    return evp_set_default_properties(libctx, pl2);
+    return evp_set_parsed_default_properties(libctx, pl2, 0);
  }
  
  static int evp_default_property_is_enabled(OPENSSL_CTX *libctx,
                                             const char *prop_name)
  {
-    OSSL_PROPERTY_LIST **plp = ossl_ctx_global_properties(libctx);
+    OSSL_PROPERTY_LIST **plp = ossl_ctx_global_properties(libctx, 1);
  
      return plp != NULL && ossl_property_is_enabled(libctx, prop_name, *plp);
  }
diff --git a/crypto/property/property.c b/crypto/property/property.c

index cb82f8956ba173fd2c9a6f5cc2a1f1e5c6ac10c5..608a909d49c2f3980bfade30b5755b640a863e90 100644 (file)
--- a/crypto/property/property.c
+++ b/crypto/property/property.c
@@ -96,8 +96,13 @@ static const OPENSSL_CTX_METHOD ossl_ctx_global_properties_method = {
      ossl_ctx_global_properties_free,
  };
  
-OSSL_PROPERTY_LIST **ossl_ctx_global_properties(OPENSSL_CTX *libctx)
+OSSL_PROPERTY_LIST **ossl_ctx_global_properties(OPENSSL_CTX *libctx,
+                                                int loadconfig)
  {
+#ifndef FIPS_MODULE
+    if (loadconfig && !OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG, NULL))
+        return NULL;
+#endif
      return openssl_ctx_get_data(libctx, OPENSSL_CTX_GLOBAL_PROPERTIES,
                                  &ossl_ctx_global_properties_method);
  }
@@ -352,7 +357,7 @@ int ossl_method_store_fetch(OSSL_METHOD_STORE *store, int nid,
  
      if (prop_query != NULL)
          p2 = pq = ossl_parse_query(store->ctx, prop_query);
-    plp = ossl_ctx_global_properties(store->ctx);
+    plp = ossl_ctx_global_properties(store->ctx, 1);
      if (plp != NULL && *plp != NULL) {
          if (pq == NULL) {
              pq = *plp;
diff --git a/include/crypto/evp.h b/include/crypto/evp.h

index f170e59324a7286f09214ffb7d34373ba4e16940..d2b2584357e5435c4ecd6d4675da60b653687359 100644 (file)
--- a/include/crypto/evp.h
+++ b/include/crypto/evp.h
@@ -771,3 +771,5 @@ EVP_PKEY *evp_pkcs82pkey_int(const PKCS8_PRIV_KEY_INFO *p8, OPENSSL_CTX *libctx,
                               const char *propq);
  #endif /* !defined(FIPS_MODULE) */
  void evp_method_store_flush(OPENSSL_CTX *libctx);
+int evp_set_default_properties_int(OPENSSL_CTX *libctx, const char *propq,
+                                   int loadconfig);
diff --git a/include/internal/property.h b/include/internal/property.h

index ca1d1e055c0dfac26d9119b960cb9ee704aeae95..cd3982549d48106655eabcedaac2432a52c78c6d 100644 (file)
--- a/include/internal/property.h
+++ b/include/internal/property.h
@@ -45,7 +45,7 @@ int ossl_method_store_fetch(OSSL_METHOD_STORE *store, int nid,
                              const char *prop_query, void **method);
  
  /* Get the global properties associate with the specified library context */
-OSSL_PROPERTY_LIST **ossl_ctx_global_properties(OPENSSL_CTX *ctx);
+OSSL_PROPERTY_LIST **ossl_ctx_global_properties(OPENSSL_CTX *ctx, int loadconfig);
  
  /* property query cache functions */
  int ossl_method_store_cache_get(OSSL_METHOD_STORE *store, int nid,
author	Matt Caswell <matt@openssl.org>
	Fri, 31 Jul 2020 16:29:21 +0000 (17:29 +0100)
committer	Matt Caswell <matt@openssl.org>
	Mon, 17 Aug 2020 10:27:51 +0000 (11:27 +0100)
crypto/evp/evp_cnf.c		patch \| blob \| blame \| history
crypto/evp/evp_fetch.c		patch \| blob \| blame \| history
crypto/property/property.c		patch \| blob \| blame \| history
include/crypto/evp.h		patch \| blob \| blame \| history
include/internal/property.h		patch \| blob \| blame \| history