[thirdparty/openssl.git] / crypto / conf / conf_mod.c

/*
 * Written by Stephen Henson (steve@openssl.org) for the OpenSSL project
 * 2001.
 */
/* ====================================================================
 * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 *
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 *
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in
 *    the documentation and/or other materials provided with the
 *    distribution.
 *
 * 3. All advertising materials mentioning features or use of this
 *    software must display the following acknowledgment:
 *    "This product includes software developed by the OpenSSL Project
 *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
 *
 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
 *    endorse or promote products derived from this software without
 *    prior written permission. For written permission, please contact
 *    licensing@OpenSSL.org.
 *
 * 5. Products derived from this software may not be called "OpenSSL"
 *    nor may "OpenSSL" appear in their names without prior written
 *    permission of the OpenSSL Project.
 *
 * 6. Redistributions of any form whatsoever must retain the following
 *    acknowledgment:
 *    "This product includes software developed by the OpenSSL Project
 *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
 *
 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 * OF THE POSSIBILITY OF SUCH DAMAGE.
 * ====================================================================
 *
 * This product includes cryptographic software written by Eric Young
 * (eay@cryptsoft.com).  This product includes software written by Tim
 * Hudson (tjh@cryptsoft.com).
 *
 */

#include <stdio.h>
#include <ctype.h>
#include <openssl/crypto.h>
#include "internal/cryptlib.h"
#include <openssl/conf.h>
#include <openssl/dso.h>
#include <openssl/x509.h>

#define DSO_mod_init_name "OPENSSL_init"
#define DSO_mod_finish_name "OPENSSL_finish"

/*
 * This structure contains a data about supported modules. entries in this
 * table correspond to either dynamic or static modules.
 */

struct conf_module_st {
    /* DSO of this module or NULL if static */
    DSO *dso;
    /* Name of the module */
    char *name;
    /* Init function */
    conf_init_func *init;
    /* Finish function */
    conf_finish_func *finish;
    /* Number of successfully initialized modules */
    int links;
    void *usr_data;
};

/*
 * This structure contains information about modules that have been
 * successfully initialized. There may be more than one entry for a given
 * module.
 */

struct conf_imodule_st {
    CONF_MODULE *pmod;
    char *name;
    char *value;
    unsigned long flags;
    void *usr_data;
};

static STACK_OF(CONF_MODULE) *supported_modules = NULL;
static STACK_OF(CONF_IMODULE) *initialized_modules = NULL;

static void module_free(CONF_MODULE *md);
static void module_finish(CONF_IMODULE *imod);
static int module_run(const CONF *cnf, char *name, char *value,
                      unsigned long flags);
static CONF_MODULE *module_add(DSO *dso, const char *name,
                               conf_init_func *ifunc,
                               conf_finish_func *ffunc);
static CONF_MODULE *module_find(char *name);
static int module_init(CONF_MODULE *pmod, char *name, char *value,
                       const CONF *cnf);
static CONF_MODULE *module_load_dso(const CONF *cnf, char *name, char *value,
                                    unsigned long flags);

/* Main function: load modules from a CONF structure */

int CONF_modules_load(const CONF *cnf, const char *appname,
                      unsigned long flags)
{
    STACK_OF(CONF_VALUE) *values;
    CONF_VALUE *vl;
    char *vsection = NULL;

    int ret, i;

    if (!cnf)
        return 1;

    if (appname)
        vsection = NCONF_get_string(cnf, NULL, appname);

    if (!appname || (!vsection && (flags & CONF_MFLAGS_DEFAULT_SECTION)))
        vsection = NCONF_get_string(cnf, NULL, "openssl_conf");

    if (!vsection) {
        ERR_clear_error();
        return 1;
    }

    values = NCONF_get_section(cnf, vsection);

    if (!values)
        return 0;

    for (i = 0; i < sk_CONF_VALUE_num(values); i++) {
        vl = sk_CONF_VALUE_value(values, i);
        ret = module_run(cnf, vl->name, vl->value, flags);
        if (ret <= 0)
            if (!(flags & CONF_MFLAGS_IGNORE_ERRORS))
                return ret;
    }

    return 1;

}

int CONF_modules_load_file(const char *filename, const char *appname,
                           unsigned long flags)
{
    char *file = NULL;
    CONF *conf = NULL;
    int ret = 0;
    conf = NCONF_new(NULL);
    if (conf == NULL)
        goto err;

    if (filename == NULL) {
        file = CONF_get1_default_config_file();
        if (!file)
            goto err;
    } else
        file = (char *)filename;

    if (NCONF_load(conf, file, NULL) <= 0) {
        if ((flags & CONF_MFLAGS_IGNORE_MISSING_FILE) &&
            (ERR_GET_REASON(ERR_peek_last_error()) == CONF_R_NO_SUCH_FILE)) {
            ERR_clear_error();
            ret = 1;
        }
        goto err;
    }

    ret = CONF_modules_load(conf, appname, flags);

 err:
    if (filename == NULL)
        OPENSSL_free(file);
    NCONF_free(conf);

    return ret;
}

static int module_run(const CONF *cnf, char *name, char *value,
                      unsigned long flags)
{
    CONF_MODULE *md;
    int ret;

    md = module_find(name);

    /* Module not found: try to load DSO */
    if (!md && !(flags & CONF_MFLAGS_NO_DSO))
        md = module_load_dso(cnf, name, value, flags);

    if (!md) {
        if (!(flags & CONF_MFLAGS_SILENT)) {
            CONFerr(CONF_F_MODULE_RUN, CONF_R_UNKNOWN_MODULE_NAME);
            ERR_add_error_data(2, "module=", name);
        }
        return -1;
    }

    ret = module_init(md, name, value, cnf);

    if (ret <= 0) {
        if (!(flags & CONF_MFLAGS_SILENT)) {
            char rcode[DECIMAL_SIZE(ret) + 1];
            CONFerr(CONF_F_MODULE_RUN, CONF_R_MODULE_INITIALIZATION_ERROR);
            BIO_snprintf(rcode, sizeof rcode, "%-8d", ret);
            ERR_add_error_data(6, "module=", name, ", value=", value,
                               ", retcode=", rcode);
        }
    }

    return ret;
}

/* Load a module from a DSO */
static CONF_MODULE *module_load_dso(const CONF *cnf, char *name, char *value,
                                    unsigned long flags)
{
    DSO *dso = NULL;
    conf_init_func *ifunc;
    conf_finish_func *ffunc;
    char *path = NULL;
    int errcode = 0;
    CONF_MODULE *md;
    /* Look for alternative path in module section */
    path = NCONF_get_string(cnf, value, "path");
    if (!path) {
        ERR_clear_error();
        path = name;
    }
    dso = DSO_load(NULL, path, NULL, 0);
    if (!dso) {
        errcode = CONF_R_ERROR_LOADING_DSO;
        goto err;
    }
    ifunc = (conf_init_func *)DSO_bind_func(dso, DSO_mod_init_name);
    if (!ifunc) {
        errcode = CONF_R_MISSING_INIT_FUNCTION;
        goto err;
    }
    ffunc = (conf_finish_func *)DSO_bind_func(dso, DSO_mod_finish_name);
    /* All OK, add module */
    md = module_add(dso, name, ifunc, ffunc);

    if (!md)
        goto err;

    return md;

 err:
    DSO_free(dso);
    CONFerr(CONF_F_MODULE_LOAD_DSO, errcode);
    ERR_add_error_data(4, "module=", name, ", path=", path);
    return NULL;
}

/* add module to list */
static CONF_MODULE *module_add(DSO *dso, const char *name,
                               conf_init_func *ifunc, conf_finish_func *ffunc)
{
    CONF_MODULE *tmod = NULL;
    if (supported_modules == NULL)
        supported_modules = sk_CONF_MODULE_new_null();
    if (supported_modules == NULL)
        return NULL;
    tmod = OPENSSL_zalloc(sizeof(*tmod));
    if (tmod == NULL)
        return NULL;

    tmod->dso = dso;
    tmod->name = OPENSSL_strdup(name);
    tmod->init = ifunc;
    tmod->finish = ffunc;

    if (!sk_CONF_MODULE_push(supported_modules, tmod)) {
        OPENSSL_free(tmod);
        return NULL;
    }

    return tmod;
}

/*
 * Find a module from the list. We allow module names of the form
 * modname.XXXX to just search for modname to allow the same module to be
 * initialized more than once.
 */

static CONF_MODULE *module_find(char *name)
{
    CONF_MODULE *tmod;
    int i, nchar;
    char *p;
    p = strrchr(name, '.');

    if (p)
        nchar = p - name;
    else
        nchar = strlen(name);

    for (i = 0; i < sk_CONF_MODULE_num(supported_modules); i++) {
        tmod = sk_CONF_MODULE_value(supported_modules, i);
        if (strncmp(tmod->name, name, nchar) == 0)
            return tmod;
    }

    return NULL;

}

/* initialize a module */
static int module_init(CONF_MODULE *pmod, char *name, char *value,
                       const CONF *cnf)
{
    int ret = 1;
    int init_called = 0;
    CONF_IMODULE *imod = NULL;

    /* Otherwise add initialized module to list */
    imod = OPENSSL_malloc(sizeof(*imod));
    if (imod == NULL)
        goto err;

    imod->pmod = pmod;
    imod->name = OPENSSL_strdup(name);
    imod->value = OPENSSL_strdup(value);
    imod->usr_data = NULL;

    if (!imod->name || !imod->value)
        goto memerr;

    /* Try to initialize module */
    if (pmod->init) {
        ret = pmod->init(imod, cnf);
        init_called = 1;
        /* Error occurred, exit */
        if (ret <= 0)
            goto err;
    }

    if (initialized_modules == NULL) {
        initialized_modules = sk_CONF_IMODULE_new_null();
        if (!initialized_modules) {
            CONFerr(CONF_F_MODULE_INIT, ERR_R_MALLOC_FAILURE);
            goto err;
        }
    }

    if (!sk_CONF_IMODULE_push(initialized_modules, imod)) {
        CONFerr(CONF_F_MODULE_INIT, ERR_R_MALLOC_FAILURE);
        goto err;
    }

    pmod->links++;

    return ret;

 err:

    /* We've started the module so we'd better finish it */
    if (pmod->finish && init_called)
        pmod->finish(imod);

 memerr:
    if (imod) {
        OPENSSL_free(imod->name);
        OPENSSL_free(imod->value);
        OPENSSL_free(imod);
    }

    return -1;

}

/*
 * Unload any dynamic modules that have a link count of zero: i.e. have no
 * active initialized modules. If 'all' is set then all modules are unloaded
 * including static ones.
 */

void CONF_modules_unload(int all)
{
    int i;
    CONF_MODULE *md;
    CONF_modules_finish();
    /* unload modules in reverse order */
    for (i = sk_CONF_MODULE_num(supported_modules) - 1; i >= 0; i--) {
        md = sk_CONF_MODULE_value(supported_modules, i);
        /* If static or in use and 'all' not set ignore it */
        if (((md->links > 0) || !md->dso) && !all)
            continue;
        /* Since we're working in reverse this is OK */
        (void)sk_CONF_MODULE_delete(supported_modules, i);
        module_free(md);
    }
    if (sk_CONF_MODULE_num(supported_modules) == 0) {
        sk_CONF_MODULE_free(supported_modules);
        supported_modules = NULL;
    }
}

/* unload a single module */
static void module_free(CONF_MODULE *md)
{
    DSO_free(md->dso);
    OPENSSL_free(md->name);
    OPENSSL_free(md);
}

/* finish and free up all modules instances */

void CONF_modules_finish(void)
{
    CONF_IMODULE *imod;
    while (sk_CONF_IMODULE_num(initialized_modules) > 0) {
        imod = sk_CONF_IMODULE_pop(initialized_modules);
        module_finish(imod);
    }
    sk_CONF_IMODULE_free(initialized_modules);
    initialized_modules = NULL;
}

/* finish a module instance */

static void module_finish(CONF_IMODULE *imod)
{
    if (!imod)
        return;
    if (imod->pmod->finish)
        imod->pmod->finish(imod);
    imod->pmod->links--;
    OPENSSL_free(imod->name);
    OPENSSL_free(imod->value);
    OPENSSL_free(imod);
}

/* Add a static module to OpenSSL */

int CONF_module_add(const char *name, conf_init_func *ifunc,
                    conf_finish_func *ffunc)
{
    if (module_add(NULL, name, ifunc, ffunc))
        return 1;
    else
        return 0;
}

void CONF_modules_free(void)
{
    CONF_modules_finish();
    CONF_modules_unload(1);
}

/* Utility functions */

const char *CONF_imodule_get_name(const CONF_IMODULE *md)
{
    return md->name;
}

const char *CONF_imodule_get_value(const CONF_IMODULE *md)
{
    return md->value;
}

void *CONF_imodule_get_usr_data(const CONF_IMODULE *md)
{
    return md->usr_data;
}

void CONF_imodule_set_usr_data(CONF_IMODULE *md, void *usr_data)
{
    md->usr_data = usr_data;
}

CONF_MODULE *CONF_imodule_get_module(const CONF_IMODULE *md)
{
    return md->pmod;
}

unsigned long CONF_imodule_get_flags(const CONF_IMODULE *md)
{
    return md->flags;
}

void CONF_imodule_set_flags(CONF_IMODULE *md, unsigned long flags)
{
    md->flags = flags;
}

void *CONF_module_get_usr_data(CONF_MODULE *pmod)
{
    return pmod->usr_data;
}

void CONF_module_set_usr_data(CONF_MODULE *pmod, void *usr_data)
{
    pmod->usr_data = usr_data;
}

/* Return default config file name */

char *CONF_get1_default_config_file(void)
{
    char *file;
    int len;

    file = getenv("OPENSSL_CONF");
    if (file)
        return OPENSSL_strdup(file);

    len = strlen(X509_get_default_cert_area());
#ifndef OPENSSL_SYS_VMS
    len++;
#endif
    len += strlen(OPENSSL_CONF);

    file = OPENSSL_malloc(len + 1);

    if (file == NULL)
        return NULL;
    OPENSSL_strlcpy(file, X509_get_default_cert_area(), len + 1);
#ifndef OPENSSL_SYS_VMS
    OPENSSL_strlcat(file, "/", len + 1);
#endif
    OPENSSL_strlcat(file, OPENSSL_CONF, len + 1);

    return file;
}

/*
 * This function takes a list separated by 'sep' and calls the callback
 * function giving the start and length of each member optionally stripping
 * leading and trailing whitespace. This can be used to parse comma separated
 * lists for example.
 */

int CONF_parse_list(const char *list_, int sep, int nospc,
                    int (*list_cb) (const char *elem, int len, void *usr),
                    void *arg)
{
    int ret;
    const char *lstart, *tmpend, *p;

    if (list_ == NULL) {
        CONFerr(CONF_F_CONF_PARSE_LIST, CONF_R_LIST_CANNOT_BE_NULL);
        return 0;
    }

    lstart = list_;
    for (;;) {
        if (nospc) {
            while (*lstart && isspace((unsigned char)*lstart))
                lstart++;
        }
        p = strchr(lstart, sep);
        if (p == lstart || !*lstart)
            ret = list_cb(NULL, 0, arg);
        else {
            if (p)
                tmpend = p - 1;
            else
                tmpend = lstart + strlen(lstart) - 1;
            if (nospc) {
                while (isspace((unsigned char)*tmpend))
                    tmpend--;
            }
            ret = list_cb(lstart, tmpend - lstart + 1, arg);
        }
        if (ret <= 0)
            return ret;
        if (p == NULL)
            return 1;
        lstart = p + 1;
    }
}
Commit	Line	Data
0f113f3e MC	1	/*
	2	* Written by Stephen Henson (steve@openssl.org) for the OpenSSL project
	3	* 2001.
bc37d996 DSH	4	*/
	5	/* ====================================================================
	6	* Copyright (c) 2001 The OpenSSL Project. All rights reserved.
	7	*
	8	* Redistribution and use in source and binary forms, with or without
	9	* modification, are permitted provided that the following conditions
	10	* are met:
	11	*
	12	* 1. Redistributions of source code must retain the above copyright
0f113f3e	13	* notice, this list of conditions and the following disclaimer.
bc37d996 DSH	14	*
	15	* 2. Redistributions in binary form must reproduce the above copyright
	16	* notice, this list of conditions and the following disclaimer in
	17	* the documentation and/or other materials provided with the
	18	* distribution.
	19	*
	20	* 3. All advertising materials mentioning features or use of this
	21	* software must display the following acknowledgment:
	22	* "This product includes software developed by the OpenSSL Project
	23	* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
	24	*
	25	* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
	26	* endorse or promote products derived from this software without
	27	* prior written permission. For written permission, please contact
	28	* licensing@OpenSSL.org.
	29	*
	30	* 5. Products derived from this software may not be called "OpenSSL"
	31	* nor may "OpenSSL" appear in their names without prior written
	32	* permission of the OpenSSL Project.
	33	*
	34	* 6. Redistributions of any form whatsoever must retain the following
	35	* acknowledgment:
	36	* "This product includes software developed by the OpenSSL Project
	37	* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
	38	*
	39	* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
	40	* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	41	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
	42	* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
	43	* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
	44	* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
	45	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
	46	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	47	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
	48	* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
	49	* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
	50	* OF THE POSSIBILITY OF SUCH DAMAGE.
	51	* ====================================================================
	52	*
	53	* This product includes cryptographic software written by Eric Young
	54	* (eay@cryptsoft.com). This product includes software written by Tim
	55	* Hudson (tjh@cryptsoft.com).
	56	*
	57	*/
	58
	59	#include <stdio.h>
df5eaa8a	60	#include <ctype.h>
bc37d996	61	#include <openssl/crypto.h>
b39fc560	62	#include "internal/cryptlib.h"
bc37d996 DSH	63	#include <openssl/conf.h>
	64	#include <openssl/dso.h>
	65	#include <openssl/x509.h>
	66
bc37d996 DSH	67	#define DSO_mod_init_name "OPENSSL_init"
	68	#define DSO_mod_finish_name "OPENSSL_finish"
	69
0f113f3e MC	70	/*
	71	* This structure contains a data about supported modules. entries in this
	72	* table correspond to either dynamic or static modules.
bc37d996 DSH	73	*/
bc37d996 DSH	74
0f113f3e MC	75	struct conf_module_st {
	76	/* DSO of this module or NULL if static */
	77	DSO *dso;
	78	/* Name of the module */
	79	char *name;
	80	/* Init function */
	81	conf_init_func *init;
	82	/* Finish function */
	83	conf_finish_func *finish;
	84	/* Number of successfully initialized modules */
	85	int links;
	86	void *usr_data;
	87	};
	88
	89	/*
	90	* This structure contains information about modules that have been
	91	* successfully initialized. There may be more than one entry for a given
	92	* module.
bc37d996 DSH	93	*/
bc37d996 DSH	94
0f113f3e MC	95	struct conf_imodule_st {
	96	CONF_MODULE *pmod;
	97	char *name;
	98	char *value;
	99	unsigned long flags;
	100	void *usr_data;
	101	};
bc37d996 DSH	102
	103	static STACK_OF(CONF_MODULE) *supported_modules = NULL;
	104	static STACK_OF(CONF_IMODULE) *initialized_modules = NULL;
	105
	106	static void module_free(CONF_MODULE *md);
	107	static void module_finish(CONF_IMODULE *imod);
9dd5ae65	108	static int module_run(const CONF cnf, char name, char *value,
0f113f3e	109	unsigned long flags);
cca28b29	110	static CONF_MODULE module_add(DSO dso, const char *name,
0f113f3e MC	111	conf_init_func *ifunc,
0f113f3e MC	112	conf_finish_func *ffunc);
bc37d996	113	static CONF_MODULE module_find(char name);
9dd5ae65	114	static int module_init(CONF_MODULE pmod, char name, char *value,
0f113f3e	115	const CONF *cnf);
9dd5ae65	116	static CONF_MODULE module_load_dso(const CONF cnf, char name, char value,
0f113f3e	117	unsigned long flags);
bc37d996 DSH	118
	119	/* Main function: load modules from a CONF structure */
	120
9dd5ae65	121	int CONF_modules_load(const CONF cnf, const char appname,
0f113f3e MC	122	unsigned long flags)
	123	{
	124	STACK_OF(CONF_VALUE) *values;
	125	CONF_VALUE *vl;
	126	char *vsection = NULL;
bc37d996	127
0f113f3e	128	int ret, i;
bc37d996	129
0f113f3e MC	130	if (!cnf)
0f113f3e MC	131	return 1;
bc37d996	132
0f113f3e MC	133	if (appname)
0f113f3e MC	134	vsection = NCONF_get_string(cnf, NULL, appname);
bc37d996	135
0f113f3e MC	136	if (!appname \|\| (!vsection && (flags & CONF_MFLAGS_DEFAULT_SECTION)))
0f113f3e MC	137	vsection = NCONF_get_string(cnf, NULL, "openssl_conf");
bc37d996	138
0f113f3e MC	139	if (!vsection) {
	140	ERR_clear_error();
	141	return 1;
	142	}
bc37d996	143
0f113f3e	144	values = NCONF_get_section(cnf, vsection);
bc37d996	145
0f113f3e MC	146	if (!values)
0f113f3e MC	147	return 0;
bc37d996	148
0f113f3e MC	149	for (i = 0; i < sk_CONF_VALUE_num(values); i++) {
	150	vl = sk_CONF_VALUE_value(values, i);
	151	ret = module_run(cnf, vl->name, vl->value, flags);
	152	if (ret <= 0)
	153	if (!(flags & CONF_MFLAGS_IGNORE_ERRORS))
	154	return ret;
	155	}
bc37d996	156
0f113f3e	157	return 1;
bc37d996	158
0f113f3e	159	}
bc37d996	160
9dd5ae65	161	int CONF_modules_load_file(const char filename, const char appname,
0f113f3e MC	162	unsigned long flags)
	163	{
	164	char *file = NULL;
	165	CONF *conf = NULL;
	166	int ret = 0;
	167	conf = NCONF_new(NULL);
90945fa3	168	if (conf == NULL)
0f113f3e MC	169	goto err;
	170
	171	if (filename == NULL) {
	172	file = CONF_get1_default_config_file();
	173	if (!file)
	174	goto err;
	175	} else
	176	file = (char *)filename;
	177
	178	if (NCONF_load(conf, file, NULL) <= 0) {
	179	if ((flags & CONF_MFLAGS_IGNORE_MISSING_FILE) &&
	180	(ERR_GET_REASON(ERR_peek_last_error()) == CONF_R_NO_SUCH_FILE)) {
	181	ERR_clear_error();
	182	ret = 1;
	183	}
	184	goto err;
	185	}
	186
	187	ret = CONF_modules_load(conf, appname, flags);
	188
	189	err:
	190	if (filename == NULL)
	191	OPENSSL_free(file);
	192	NCONF_free(conf);
	193
	194	return ret;
	195	}
bc37d996	196
9dd5ae65	197	static int module_run(const CONF cnf, char name, char *value,
0f113f3e MC	198	unsigned long flags)
	199	{
	200	CONF_MODULE *md;
	201	int ret;
	202
	203	md = module_find(name);
	204
	205	/* Module not found: try to load DSO */
	206	if (!md && !(flags & CONF_MFLAGS_NO_DSO))
	207	md = module_load_dso(cnf, name, value, flags);
	208
	209	if (!md) {
	210	if (!(flags & CONF_MFLAGS_SILENT)) {
	211	CONFerr(CONF_F_MODULE_RUN, CONF_R_UNKNOWN_MODULE_NAME);
	212	ERR_add_error_data(2, "module=", name);
	213	}
	214	return -1;
	215	}
	216
	217	ret = module_init(md, name, value, cnf);
	218
	219	if (ret <= 0) {
	220	if (!(flags & CONF_MFLAGS_SILENT)) {
	221	char rcode[DECIMAL_SIZE(ret) + 1];
	222	CONFerr(CONF_F_MODULE_RUN, CONF_R_MODULE_INITIALIZATION_ERROR);
	223	BIO_snprintf(rcode, sizeof rcode, "%-8d", ret);
	224	ERR_add_error_data(6, "module=", name, ", value=", value,
	225	", retcode=", rcode);
	226	}
	227	}
	228
	229	return ret;
	230	}
bc37d996 DSH	231
bc37d996 DSH	232	/* Load a module from a DSO */
9dd5ae65	233	static CONF_MODULE module_load_dso(const CONF cnf, char name, char value,
0f113f3e MC	234	unsigned long flags)
	235	{
	236	DSO *dso = NULL;
	237	conf_init_func *ifunc;
	238	conf_finish_func *ffunc;
	239	char *path = NULL;
	240	int errcode = 0;
	241	CONF_MODULE *md;
	242	/* Look for alternative path in module section */
	243	path = NCONF_get_string(cnf, value, "path");
	244	if (!path) {
	245	ERR_clear_error();
	246	path = name;
	247	}
	248	dso = DSO_load(NULL, path, NULL, 0);
	249	if (!dso) {
	250	errcode = CONF_R_ERROR_LOADING_DSO;
	251	goto err;
	252	}
	253	ifunc = (conf_init_func *)DSO_bind_func(dso, DSO_mod_init_name);
	254	if (!ifunc) {
	255	errcode = CONF_R_MISSING_INIT_FUNCTION;
	256	goto err;
	257	}
	258	ffunc = (conf_finish_func *)DSO_bind_func(dso, DSO_mod_finish_name);
	259	/* All OK, add module */
	260	md = module_add(dso, name, ifunc, ffunc);
	261
	262	if (!md)
	263	goto err;
	264
	265	return md;
	266
	267	err:
efa7dd64	268	DSO_free(dso);
0f113f3e MC	269	CONFerr(CONF_F_MODULE_LOAD_DSO, errcode);
	270	ERR_add_error_data(4, "module=", name, ", path=", path);
	271	return NULL;
	272	}
bc37d996 DSH	273
bc37d996 DSH	274	/* add module to list */
cca28b29	275	static CONF_MODULE module_add(DSO dso, const char *name,
0f113f3e MC	276	conf_init_func ifunc, conf_finish_func ffunc)
	277	{
	278	CONF_MODULE *tmod = NULL;
	279	if (supported_modules == NULL)
	280	supported_modules = sk_CONF_MODULE_new_null();
	281	if (supported_modules == NULL)
	282	return NULL;
64b25758	283	tmod = OPENSSL_zalloc(sizeof(*tmod));
0f113f3e MC	284	if (tmod == NULL)
	285	return NULL;
	286
	287	tmod->dso = dso;
7644a9ae	288	tmod->name = OPENSSL_strdup(name);
0f113f3e MC	289	tmod->init = ifunc;
0f113f3e MC	290	tmod->finish = ffunc;
0f113f3e MC	291
	292	if (!sk_CONF_MODULE_push(supported_modules, tmod)) {
	293	OPENSSL_free(tmod);
	294	return NULL;
	295	}
	296
	297	return tmod;
	298	}
	299
	300	/*
	301	* Find a module from the list. We allow module names of the form
	302	* modname.XXXX to just search for modname to allow the same module to be
	303	* initialized more than once.
bc37d996 DSH	304	*/
	305
	306	static CONF_MODULE module_find(char name)
0f113f3e MC	307	{
	308	CONF_MODULE *tmod;
	309	int i, nchar;
	310	char *p;
	311	p = strrchr(name, '.');
bc37d996	312
0f113f3e MC	313	if (p)
	314	nchar = p - name;
	315	else
	316	nchar = strlen(name);
bc37d996	317
0f113f3e MC	318	for (i = 0; i < sk_CONF_MODULE_num(supported_modules); i++) {
0f113f3e MC	319	tmod = sk_CONF_MODULE_value(supported_modules, i);
86885c28	320	if (strncmp(tmod->name, name, nchar) == 0)
0f113f3e MC	321	return tmod;
0f113f3e MC	322	}
bc37d996	323
0f113f3e	324	return NULL;
bc37d996	325
0f113f3e	326	}
bc37d996 DSH	327
bc37d996 DSH	328	/* initialize a module */
9dd5ae65	329	static int module_init(CONF_MODULE pmod, char name, char *value,
0f113f3e MC	330	const CONF *cnf)
	331	{
	332	int ret = 1;
	333	int init_called = 0;
	334	CONF_IMODULE *imod = NULL;
	335
	336	/* Otherwise add initialized module to list */
b4faea50	337	imod = OPENSSL_malloc(sizeof(*imod));
90945fa3	338	if (imod == NULL)
0f113f3e MC	339	goto err;
	340
	341	imod->pmod = pmod;
7644a9ae RS	342	imod->name = OPENSSL_strdup(name);
7644a9ae RS	343	imod->value = OPENSSL_strdup(value);
0f113f3e MC	344	imod->usr_data = NULL;
	345
	346	if (!imod->name \|\| !imod->value)
	347	goto memerr;
	348
	349	/* Try to initialize module */
	350	if (pmod->init) {
	351	ret = pmod->init(imod, cnf);
	352	init_called = 1;
	353	/* Error occurred, exit */
	354	if (ret <= 0)
	355	goto err;
	356	}
	357
	358	if (initialized_modules == NULL) {
	359	initialized_modules = sk_CONF_IMODULE_new_null();
	360	if (!initialized_modules) {
	361	CONFerr(CONF_F_MODULE_INIT, ERR_R_MALLOC_FAILURE);
	362	goto err;
	363	}
	364	}
	365
	366	if (!sk_CONF_IMODULE_push(initialized_modules, imod)) {
	367	CONFerr(CONF_F_MODULE_INIT, ERR_R_MALLOC_FAILURE);
	368	goto err;
	369	}
	370
	371	pmod->links++;
	372
	373	return ret;
	374
	375	err:
	376
	377	/* We've started the module so we'd better finish it */
	378	if (pmod->finish && init_called)
	379	pmod->finish(imod);
	380
	381	memerr:
	382	if (imod) {
b548a1f1 RS	383	OPENSSL_free(imod->name);
b548a1f1 RS	384	OPENSSL_free(imod->value);
0f113f3e MC	385	OPENSSL_free(imod);
	386	}
	387
	388	return -1;
	389
	390	}
	391
	392	/*
	393	* Unload any dynamic modules that have a link count of zero: i.e. have no
	394	* active initialized modules. If 'all' is set then all modules are unloaded
	395	* including static ones.
bc37d996 DSH	396	*/
	397
	398	void CONF_modules_unload(int all)
0f113f3e MC	399	{
	400	int i;
	401	CONF_MODULE *md;
	402	CONF_modules_finish();
	403	/* unload modules in reverse order */
	404	for (i = sk_CONF_MODULE_num(supported_modules) - 1; i >= 0; i--) {
	405	md = sk_CONF_MODULE_value(supported_modules, i);
	406	/* If static or in use and 'all' not set ignore it */
	407	if (((md->links > 0) \|\| !md->dso) && !all)
	408	continue;
	409	/* Since we're working in reverse this is OK */
	410	(void)sk_CONF_MODULE_delete(supported_modules, i);
	411	module_free(md);
	412	}
	413	if (sk_CONF_MODULE_num(supported_modules) == 0) {
	414	sk_CONF_MODULE_free(supported_modules);
	415	supported_modules = NULL;
	416	}
	417	}
bc37d996 DSH	418
	419	/* unload a single module */
	420	static void module_free(CONF_MODULE *md)
0f113f3e	421	{
efa7dd64	422	DSO_free(md->dso);
0f113f3e MC	423	OPENSSL_free(md->name);
	424	OPENSSL_free(md);
	425	}
bc37d996 DSH	426
	427	/* finish and free up all modules instances */
	428
	429	void CONF_modules_finish(void)
0f113f3e MC	430	{
	431	CONF_IMODULE *imod;
	432	while (sk_CONF_IMODULE_num(initialized_modules) > 0) {
	433	imod = sk_CONF_IMODULE_pop(initialized_modules);
	434	module_finish(imod);
	435	}
	436	sk_CONF_IMODULE_free(initialized_modules);
	437	initialized_modules = NULL;
	438	}
bc37d996 DSH	439
	440	/* finish a module instance */
	441
	442	static void module_finish(CONF_IMODULE *imod)
0f113f3e	443	{
efa7dd64 RS	444	if (!imod)
efa7dd64 RS	445	return;
0f113f3e MC	446	if (imod->pmod->finish)
	447	imod->pmod->finish(imod);
	448	imod->pmod->links--;
	449	OPENSSL_free(imod->name);
	450	OPENSSL_free(imod->value);
	451	OPENSSL_free(imod);
	452	}
bc37d996 DSH	453
	454	/* Add a static module to OpenSSL */
	455
0f113f3e MC	456	int CONF_module_add(const char name, conf_init_func ifunc,
	457	conf_finish_func *ffunc)
	458	{
	459	if (module_add(NULL, name, ifunc, ffunc))
	460	return 1;
	461	else
	462	return 0;
	463	}
bc37d996 DSH	464
bc37d996 DSH	465	void CONF_modules_free(void)
0f113f3e MC	466	{
	467	CONF_modules_finish();
	468	CONF_modules_unload(1);
	469	}
bc37d996 DSH	470
	471	/* Utility functions */
	472
9dd5ae65	473	const char CONF_imodule_get_name(const CONF_IMODULE md)
0f113f3e MC	474	{
	475	return md->name;
	476	}
bc37d996	477
9dd5ae65	478	const char CONF_imodule_get_value(const CONF_IMODULE md)
0f113f3e MC	479	{
	480	return md->value;
	481	}
bc37d996	482
9dd5ae65	483	void CONF_imodule_get_usr_data(const CONF_IMODULE md)
0f113f3e MC	484	{
	485	return md->usr_data;
	486	}
bc37d996 DSH	487
bc37d996 DSH	488	void CONF_imodule_set_usr_data(CONF_IMODULE md, void usr_data)
0f113f3e MC	489	{
	490	md->usr_data = usr_data;
	491	}
bc37d996	492
9dd5ae65	493	CONF_MODULE CONF_imodule_get_module(const CONF_IMODULE md)
0f113f3e MC	494	{
	495	return md->pmod;
	496	}
bc37d996	497
9dd5ae65	498	unsigned long CONF_imodule_get_flags(const CONF_IMODULE *md)
0f113f3e MC	499	{
	500	return md->flags;
	501	}
bc37d996 DSH	502
bc37d996 DSH	503	void CONF_imodule_set_flags(CONF_IMODULE *md, unsigned long flags)
0f113f3e MC	504	{
	505	md->flags = flags;
	506	}
bc37d996 DSH	507
bc37d996 DSH	508	void CONF_module_get_usr_data(CONF_MODULE pmod)
0f113f3e MC	509	{
	510	return pmod->usr_data;
	511	}
bc37d996 DSH	512
bc37d996 DSH	513	void CONF_module_set_usr_data(CONF_MODULE pmod, void usr_data)
0f113f3e MC	514	{
	515	pmod->usr_data = usr_data;
	516	}
bc37d996	517
c9501c22 DSH	518	/* Return default config file name */
	519
	520	char *CONF_get1_default_config_file(void)
0f113f3e MC	521	{
	522	char *file;
	523	int len;
c9501c22	524
0f113f3e MC	525	file = getenv("OPENSSL_CONF");
0f113f3e MC	526	if (file)
7644a9ae	527	return OPENSSL_strdup(file);
c9501c22	528
0f113f3e	529	len = strlen(X509_get_default_cert_area());
c9501c22	530	#ifndef OPENSSL_SYS_VMS
0f113f3e	531	len++;
c9501c22	532	#endif
0f113f3e	533	len += strlen(OPENSSL_CONF);
c9501c22	534
0f113f3e	535	file = OPENSSL_malloc(len + 1);
c9501c22	536
90945fa3	537	if (file == NULL)
0f113f3e	538	return NULL;
7644a9ae	539	OPENSSL_strlcpy(file, X509_get_default_cert_area(), len + 1);
c9501c22	540	#ifndef OPENSSL_SYS_VMS
7644a9ae	541	OPENSSL_strlcat(file, "/", len + 1);
c9501c22	542	#endif
7644a9ae	543	OPENSSL_strlcat(file, OPENSSL_CONF, len + 1);
c9501c22	544
0f113f3e MC	545	return file;
0f113f3e MC	546	}
df5eaa8a	547
0f113f3e MC	548	/*
	549	* This function takes a list separated by 'sep' and calls the callback
	550	* function giving the start and length of each member optionally stripping
	551	* leading and trailing whitespace. This can be used to parse comma separated
	552	* lists for example.
df5eaa8a DSH	553	*/
df5eaa8a DSH	554
3822740c	555	int CONF_parse_list(const char *list_, int sep, int nospc,
0f113f3e MC	556	int (list_cb) (const char elem, int len, void *usr),
	557	void *arg)
	558	{
	559	int ret;
	560	const char lstart, tmpend, *p;
	561
	562	if (list_ == NULL) {
	563	CONFerr(CONF_F_CONF_PARSE_LIST, CONF_R_LIST_CANNOT_BE_NULL);
	564	return 0;
	565	}
	566
	567	lstart = list_;
	568	for (;;) {
	569	if (nospc) {
	570	while (lstart && isspace((unsigned char)lstart))
	571	lstart++;
	572	}
	573	p = strchr(lstart, sep);
	574	if (p == lstart \|\| !*lstart)
	575	ret = list_cb(NULL, 0, arg);
	576	else {
	577	if (p)
	578	tmpend = p - 1;
	579	else
	580	tmpend = lstart + strlen(lstart) - 1;
	581	if (nospc) {
	582	while (isspace((unsigned char)*tmpend))
	583	tmpend--;
	584	}
	585	ret = list_cb(lstart, tmpend - lstart + 1, arg);
	586	}
	587	if (ret <= 0)
	588	return ret;
	589	if (p == NULL)
	590	return 1;
	591	lstart = p + 1;
	592	}
	593	}