/src/openssl111/crypto/conf/conf_def.c
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. |
3 | | * |
4 | | * Licensed under the OpenSSL license (the "License"). You may not use |
5 | | * this file except in compliance with the License. You can obtain a copy |
6 | | * in the file LICENSE in the source distribution or at |
7 | | * https://www.openssl.org/source/license.html |
8 | | */ |
9 | | |
10 | | /* Part of the code in here was originally in conf.c, which is now removed */ |
11 | | |
12 | | #include <stdio.h> |
13 | | #include <string.h> |
14 | | #include "internal/cryptlib.h" |
15 | | #include "internal/o_dir.h" |
16 | | #include <openssl/lhash.h> |
17 | | #include <openssl/conf.h> |
18 | | #include <openssl/conf_api.h> |
19 | | #include "conf_def.h" |
20 | | #include <openssl/buffer.h> |
21 | | #include <openssl/err.h> |
22 | | #ifndef OPENSSL_NO_POSIX_IO |
23 | | # include <sys/stat.h> |
24 | | # ifdef _WIN32 |
25 | | # define stat _stat |
26 | | # define strcasecmp _stricmp |
27 | | # endif |
28 | | #endif |
29 | | |
30 | | #ifndef S_ISDIR |
31 | | # define S_ISDIR(a) (((a) & S_IFMT) == S_IFDIR) |
32 | | #endif |
33 | | |
34 | | /* |
35 | | * The maximum length we can grow a value to after variable expansion. 64k |
36 | | * should be more than enough for all reasonable uses. |
37 | | */ |
38 | 17.2k | #define MAX_CONF_VALUE_LENGTH 65536 |
39 | | |
40 | | static int is_keytype(const CONF *conf, char c, unsigned short type); |
41 | | static char *eat_ws(CONF *conf, char *p); |
42 | | static void trim_ws(CONF *conf, char *start); |
43 | | static char *eat_alpha_numeric(CONF *conf, char *p); |
44 | | static void clear_comments(CONF *conf, char *p); |
45 | | static int str_copy(CONF *conf, char *section, char **to, char *from); |
46 | | static char *scan_quote(CONF *conf, char *p); |
47 | | static char *scan_dquote(CONF *conf, char *p); |
48 | 345k | #define scan_esc(conf,p) (((IS_EOF((conf),(p)[1]))?((p)+1):((p)+2))) |
49 | | #ifndef OPENSSL_NO_POSIX_IO |
50 | | static BIO *process_include(char *include, OPENSSL_DIR_CTX **dirctx, |
51 | | char **dirpath); |
52 | | static BIO *get_next_file(const char *path, OPENSSL_DIR_CTX **dirctx); |
53 | | #endif |
54 | | |
55 | | static CONF *def_create(CONF_METHOD *meth); |
56 | | static int def_init_default(CONF *conf); |
57 | | static int def_init_WIN32(CONF *conf); |
58 | | static int def_destroy(CONF *conf); |
59 | | static int def_destroy_data(CONF *conf); |
60 | | static int def_load(CONF *conf, const char *name, long *eline); |
61 | | static int def_load_bio(CONF *conf, BIO *bp, long *eline); |
62 | | static int def_dump(const CONF *conf, BIO *bp); |
63 | | static int def_is_number(const CONF *conf, char c); |
64 | | static int def_to_int(const CONF *conf, char c); |
65 | | |
66 | | static CONF_METHOD default_method = { |
67 | | "OpenSSL default", |
68 | | def_create, |
69 | | def_init_default, |
70 | | def_destroy, |
71 | | def_destroy_data, |
72 | | def_load_bio, |
73 | | def_dump, |
74 | | def_is_number, |
75 | | def_to_int, |
76 | | def_load |
77 | | }; |
78 | | |
79 | | static CONF_METHOD WIN32_method = { |
80 | | "WIN32", |
81 | | def_create, |
82 | | def_init_WIN32, |
83 | | def_destroy, |
84 | | def_destroy_data, |
85 | | def_load_bio, |
86 | | def_dump, |
87 | | def_is_number, |
88 | | def_to_int, |
89 | | def_load |
90 | | }; |
91 | | |
92 | | CONF_METHOD *NCONF_default(void) |
93 | 2.49k | { |
94 | 2.49k | return &default_method; |
95 | 2.49k | } |
96 | | |
97 | | CONF_METHOD *NCONF_WIN32(void) |
98 | 0 | { |
99 | 0 | return &WIN32_method; |
100 | 0 | } |
101 | | |
102 | | static CONF *def_create(CONF_METHOD *meth) |
103 | 2.49k | { |
104 | 2.49k | CONF *ret; |
105 | | |
106 | 2.49k | ret = OPENSSL_malloc(sizeof(*ret)); |
107 | 2.49k | if (ret != NULL) |
108 | 2.49k | if (meth->init(ret) == 0) { |
109 | 0 | OPENSSL_free(ret); |
110 | 0 | ret = NULL; |
111 | 0 | } |
112 | 2.49k | return ret; |
113 | 2.49k | } |
114 | | |
115 | | static int def_init_default(CONF *conf) |
116 | 3.35k | { |
117 | 3.35k | if (conf == NULL) |
118 | 0 | return 0; |
119 | | |
120 | 3.35k | conf->meth = &default_method; |
121 | 3.35k | conf->meth_data = (void *)CONF_type_default; |
122 | 3.35k | conf->data = NULL; |
123 | | |
124 | 3.35k | return 1; |
125 | 3.35k | } |
126 | | |
127 | | static int def_init_WIN32(CONF *conf) |
128 | 0 | { |
129 | 0 | if (conf == NULL) |
130 | 0 | return 0; |
131 | | |
132 | 0 | conf->meth = &WIN32_method; |
133 | 0 | conf->meth_data = (void *)CONF_type_win32; |
134 | 0 | conf->data = NULL; |
135 | |
|
136 | 0 | return 1; |
137 | 0 | } |
138 | | |
139 | | static int def_destroy(CONF *conf) |
140 | 2.49k | { |
141 | 2.49k | if (def_destroy_data(conf)) { |
142 | 2.49k | OPENSSL_free(conf); |
143 | 2.49k | return 1; |
144 | 2.49k | } |
145 | 0 | return 0; |
146 | 2.49k | } |
147 | | |
148 | | static int def_destroy_data(CONF *conf) |
149 | 3.35k | { |
150 | 3.35k | if (conf == NULL) |
151 | 0 | return 0; |
152 | 3.35k | _CONF_free_data(conf); |
153 | 3.35k | return 1; |
154 | 3.35k | } |
155 | | |
156 | | static int def_load(CONF *conf, const char *name, long *line) |
157 | 0 | { |
158 | 0 | int ret; |
159 | 0 | BIO *in = NULL; |
160 | |
|
161 | | #ifdef OPENSSL_SYS_VMS |
162 | | in = BIO_new_file(name, "r"); |
163 | | #else |
164 | 0 | in = BIO_new_file(name, "rb"); |
165 | 0 | #endif |
166 | 0 | if (in == NULL) { |
167 | 0 | if (ERR_GET_REASON(ERR_peek_last_error()) == BIO_R_NO_SUCH_FILE) |
168 | 0 | CONFerr(CONF_F_DEF_LOAD, CONF_R_NO_SUCH_FILE); |
169 | 0 | else |
170 | 0 | CONFerr(CONF_F_DEF_LOAD, ERR_R_SYS_LIB); |
171 | 0 | return 0; |
172 | 0 | } |
173 | | |
174 | 0 | ret = def_load_bio(conf, in, line); |
175 | 0 | BIO_free(in); |
176 | |
|
177 | 0 | return ret; |
178 | 0 | } |
179 | | |
180 | | static int def_load_bio(CONF *conf, BIO *in, long *line) |
181 | 2.49k | { |
182 | | /* The macro BUFSIZE conflicts with a system macro in VxWorks */ |
183 | 24.0M | #define CONFBUFSIZE 512 |
184 | 2.49k | int bufnum = 0, i, ii; |
185 | 2.49k | BUF_MEM *buff = NULL; |
186 | 2.49k | char *s, *p, *end; |
187 | 2.49k | int again; |
188 | 2.49k | int first_call = 1; |
189 | 2.49k | long eline = 0; |
190 | 2.49k | char btmp[DECIMAL_SIZE(eline) + 1]; |
191 | 2.49k | CONF_VALUE *v = NULL, *tv; |
192 | 2.49k | CONF_VALUE *sv = NULL; |
193 | 2.49k | char *section = NULL, *buf; |
194 | 2.49k | char *start, *psection, *pname; |
195 | 2.49k | void *h = (void *)(conf->data); |
196 | 2.49k | STACK_OF(BIO) *biosk = NULL; |
197 | 2.49k | #ifndef OPENSSL_NO_POSIX_IO |
198 | 2.49k | char *dirpath = NULL; |
199 | 2.49k | OPENSSL_DIR_CTX *dirctx = NULL; |
200 | 2.49k | #endif |
201 | | |
202 | 2.49k | if ((buff = BUF_MEM_new()) == NULL) { |
203 | 0 | CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_BUF_LIB); |
204 | 0 | goto err; |
205 | 0 | } |
206 | | |
207 | 2.49k | section = OPENSSL_strdup("default"); |
208 | 2.49k | if (section == NULL) { |
209 | 0 | CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE); |
210 | 0 | goto err; |
211 | 0 | } |
212 | | |
213 | 2.49k | if (_CONF_new_data(conf) == 0) { |
214 | 0 | CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE); |
215 | 0 | goto err; |
216 | 0 | } |
217 | | |
218 | 2.49k | sv = _CONF_new_section(conf, section); |
219 | 2.49k | if (sv == NULL) { |
220 | 0 | CONFerr(CONF_F_DEF_LOAD_BIO, CONF_R_UNABLE_TO_CREATE_NEW_SECTION); |
221 | 0 | goto err; |
222 | 0 | } |
223 | | |
224 | 2.49k | bufnum = 0; |
225 | 2.49k | again = 0; |
226 | 7.99M | for (;;) { |
227 | 7.99M | if (!BUF_MEM_grow(buff, bufnum + CONFBUFSIZE)) { |
228 | 0 | CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_BUF_LIB); |
229 | 0 | goto err; |
230 | 0 | } |
231 | 7.99M | p = &(buff->data[bufnum]); |
232 | 7.99M | *p = '\0'; |
233 | 8.00M | read_retry: |
234 | 8.00M | BIO_gets(in, p, CONFBUFSIZE - 1); |
235 | 8.00M | p[CONFBUFSIZE - 1] = '\0'; |
236 | 8.00M | ii = i = strlen(p); |
237 | 8.00M | if (first_call) { |
238 | | /* Other BOMs imply unsupported multibyte encoding, |
239 | | * so don't strip them and let the error raise */ |
240 | 2.49k | const unsigned char utf8_bom[3] = {0xEF, 0xBB, 0xBF}; |
241 | | |
242 | 2.49k | if (i >= 3 && memcmp(p, utf8_bom, 3) == 0) { |
243 | 7 | memmove(p, p + 3, i - 3); |
244 | 7 | p[i - 3] = 0; |
245 | 7 | i -= 3; |
246 | 7 | ii -= 3; |
247 | 7 | } |
248 | 2.49k | first_call = 0; |
249 | 2.49k | } |
250 | 8.00M | if (i == 0 && !again) { |
251 | | /* the currently processed BIO is at EOF */ |
252 | 14.5k | BIO *parent; |
253 | | |
254 | 14.5k | #ifndef OPENSSL_NO_POSIX_IO |
255 | | /* continue processing with the next file from directory */ |
256 | 14.5k | if (dirctx != NULL) { |
257 | 12.8k | BIO *next; |
258 | | |
259 | 12.8k | if ((next = get_next_file(dirpath, &dirctx)) != NULL) { |
260 | 6.45k | BIO_vfree(in); |
261 | 6.45k | in = next; |
262 | 6.45k | goto read_retry; |
263 | 6.45k | } else { |
264 | 6.43k | OPENSSL_free(dirpath); |
265 | 6.43k | dirpath = NULL; |
266 | 6.43k | } |
267 | 12.8k | } |
268 | 8.06k | #endif |
269 | | /* no more files in directory, continue with processing parent */ |
270 | 8.06k | if ((parent = sk_BIO_pop(biosk)) == NULL) { |
271 | | /* everything processed get out of the loop */ |
272 | 1.62k | break; |
273 | 6.43k | } else { |
274 | 6.43k | BIO_vfree(in); |
275 | 6.43k | in = parent; |
276 | 6.43k | goto read_retry; |
277 | 6.43k | } |
278 | 8.06k | } |
279 | 7.99M | again = 0; |
280 | 15.8M | while (i > 0) { |
281 | 8.52M | if ((p[i - 1] != '\r') && (p[i - 1] != '\n')) |
282 | 626k | break; |
283 | 7.90M | else |
284 | 7.90M | i--; |
285 | 8.52M | } |
286 | | /* |
287 | | * we removed some trailing stuff so there is a new line on the end. |
288 | | */ |
289 | 7.99M | if (ii && i == ii) |
290 | 89.9k | again = 1; /* long line */ |
291 | 7.90M | else { |
292 | 7.90M | p[i] = '\0'; |
293 | 7.90M | eline++; /* another input line */ |
294 | 7.90M | } |
295 | | |
296 | | /* we now have a line with trailing \r\n removed */ |
297 | | |
298 | | /* i is the number of bytes */ |
299 | 7.99M | bufnum += i; |
300 | | |
301 | 7.99M | v = NULL; |
302 | | /* check for line continuation */ |
303 | 7.99M | if (bufnum >= 1) { |
304 | | /* |
305 | | * If we have bytes and the last char '\\' and second last char |
306 | | * is not '\\' |
307 | | */ |
308 | 628k | p = &(buff->data[bufnum - 1]); |
309 | 628k | if (IS_ESC(conf, p[0]) && ((bufnum <= 1) || !IS_ESC(conf, p[-1]))) { |
310 | 1.96k | bufnum--; |
311 | 1.96k | again = 1; |
312 | 1.96k | } |
313 | 628k | } |
314 | 7.99M | if (again) |
315 | 91.1k | continue; |
316 | 7.90M | bufnum = 0; |
317 | 7.90M | buf = buff->data; |
318 | | |
319 | 7.90M | clear_comments(conf, buf); |
320 | 7.90M | s = eat_ws(conf, buf); |
321 | 7.90M | if (IS_EOF(conf, *s)) |
322 | 7.86M | continue; /* blank line */ |
323 | 40.6k | if (*s == '[') { |
324 | 3.16k | char *ss; |
325 | | |
326 | 3.16k | s++; |
327 | 3.16k | start = eat_ws(conf, s); |
328 | 3.16k | ss = start; |
329 | 3.72k | again: |
330 | 3.72k | end = eat_alpha_numeric(conf, ss); |
331 | 3.72k | p = eat_ws(conf, end); |
332 | 3.72k | if (*p != ']') { |
333 | 653 | if (*p != '\0' && ss != p) { |
334 | 554 | ss = p; |
335 | 554 | goto again; |
336 | 554 | } |
337 | 99 | CONFerr(CONF_F_DEF_LOAD_BIO, |
338 | 99 | CONF_R_MISSING_CLOSE_SQUARE_BRACKET); |
339 | 99 | goto err; |
340 | 653 | } |
341 | 3.06k | *end = '\0'; |
342 | 3.06k | if (!str_copy(conf, NULL, §ion, start)) |
343 | 0 | goto err; |
344 | 3.06k | if ((sv = _CONF_get_section(conf, section)) == NULL) |
345 | 2.56k | sv = _CONF_new_section(conf, section); |
346 | 3.06k | if (sv == NULL) { |
347 | 0 | CONFerr(CONF_F_DEF_LOAD_BIO, |
348 | 0 | CONF_R_UNABLE_TO_CREATE_NEW_SECTION); |
349 | 0 | goto err; |
350 | 0 | } |
351 | 3.06k | continue; |
352 | 37.5k | } else { |
353 | 37.5k | pname = s; |
354 | 37.5k | end = eat_alpha_numeric(conf, s); |
355 | 37.5k | if ((end[0] == ':') && (end[1] == ':')) { |
356 | 9.63k | *end = '\0'; |
357 | 9.63k | end += 2; |
358 | 9.63k | psection = pname; |
359 | 9.63k | pname = end; |
360 | 9.63k | end = eat_alpha_numeric(conf, end); |
361 | 27.8k | } else { |
362 | 27.8k | psection = section; |
363 | 27.8k | } |
364 | 37.5k | p = eat_ws(conf, end); |
365 | 37.5k | if (strncmp(pname, ".include", 8) == 0 |
366 | 37.5k | && (p != pname + 8 || *p == '=')) { |
367 | 8.30k | char *include = NULL; |
368 | 8.30k | BIO *next; |
369 | | |
370 | 8.30k | if (*p == '=') { |
371 | 375 | p++; |
372 | 375 | p = eat_ws(conf, p); |
373 | 375 | } |
374 | 8.30k | trim_ws(conf, p); |
375 | 8.30k | if (!str_copy(conf, psection, &include, p)) |
376 | 3 | goto err; |
377 | | /* get the BIO of the included file */ |
378 | 8.29k | #ifndef OPENSSL_NO_POSIX_IO |
379 | 8.29k | next = process_include(include, &dirctx, &dirpath); |
380 | 8.29k | if (include != dirpath) { |
381 | | /* dirpath will contain include in case of a directory */ |
382 | 1.84k | OPENSSL_free(include); |
383 | 1.84k | } |
384 | | #else |
385 | | next = BIO_new_file(include, "r"); |
386 | | OPENSSL_free(include); |
387 | | #endif |
388 | 8.29k | if (next != NULL) { |
389 | | /* push the currently processing BIO onto stack */ |
390 | 6.47k | if (biosk == NULL) { |
391 | 118 | if ((biosk = sk_BIO_new_null()) == NULL) { |
392 | 0 | CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE); |
393 | 0 | BIO_free(next); |
394 | 0 | goto err; |
395 | 0 | } |
396 | 118 | } |
397 | 6.47k | if (!sk_BIO_push(biosk, in)) { |
398 | 0 | CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE); |
399 | 0 | BIO_free(next); |
400 | 0 | goto err; |
401 | 0 | } |
402 | | /* continue with reading from the included BIO */ |
403 | 6.47k | in = next; |
404 | 6.47k | } |
405 | 8.29k | continue; |
406 | 29.2k | } else if (*p != '=') { |
407 | 542 | CONFerr(CONF_F_DEF_LOAD_BIO, CONF_R_MISSING_EQUAL_SIGN); |
408 | 542 | goto err; |
409 | 542 | } |
410 | 28.6k | *end = '\0'; |
411 | 28.6k | p++; |
412 | 28.6k | start = eat_ws(conf, p); |
413 | 28.6k | trim_ws(conf, start); |
414 | | |
415 | 28.6k | if ((v = OPENSSL_malloc(sizeof(*v))) == NULL) { |
416 | 0 | CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE); |
417 | 0 | goto err; |
418 | 0 | } |
419 | 28.6k | v->name = OPENSSL_strdup(pname); |
420 | 28.6k | v->value = NULL; |
421 | 28.6k | if (v->name == NULL) { |
422 | 0 | CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE); |
423 | 0 | goto err; |
424 | 0 | } |
425 | 28.6k | if (!str_copy(conf, psection, &(v->value), start)) |
426 | 221 | goto err; |
427 | | |
428 | 28.4k | if (strcmp(psection, section) != 0) { |
429 | 9.57k | if ((tv = _CONF_get_section(conf, psection)) |
430 | 9.57k | == NULL) |
431 | 8.88k | tv = _CONF_new_section(conf, psection); |
432 | 9.57k | if (tv == NULL) { |
433 | 0 | CONFerr(CONF_F_DEF_LOAD_BIO, |
434 | 0 | CONF_R_UNABLE_TO_CREATE_NEW_SECTION); |
435 | 0 | goto err; |
436 | 0 | } |
437 | 9.57k | } else |
438 | 18.8k | tv = sv; |
439 | 28.4k | if (_CONF_add_string(conf, tv, v) == 0) { |
440 | 0 | CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE); |
441 | 0 | goto err; |
442 | 0 | } |
443 | 28.4k | v = NULL; |
444 | 28.4k | } |
445 | 40.6k | } |
446 | 1.62k | BUF_MEM_free(buff); |
447 | 1.62k | OPENSSL_free(section); |
448 | | /* |
449 | | * No need to pop, since we only get here if the stack is empty. |
450 | | * If this causes a BIO leak, THE ISSUE IS SOMEWHERE ELSE! |
451 | | */ |
452 | 1.62k | sk_BIO_free(biosk); |
453 | 1.62k | return 1; |
454 | 865 | err: |
455 | 865 | BUF_MEM_free(buff); |
456 | 865 | OPENSSL_free(section); |
457 | | /* |
458 | | * Since |in| is the first element of the stack and should NOT be freed |
459 | | * here, we cannot use sk_BIO_pop_free(). Instead, we pop and free one |
460 | | * BIO at a time, making sure that the last one popped isn't. |
461 | | */ |
462 | 906 | while (sk_BIO_num(biosk) > 0) { |
463 | 41 | BIO *popped = sk_BIO_pop(biosk); |
464 | 41 | BIO_vfree(in); |
465 | 41 | in = popped; |
466 | 41 | } |
467 | 865 | sk_BIO_free(biosk); |
468 | 865 | #ifndef OPENSSL_NO_POSIX_IO |
469 | 865 | OPENSSL_free(dirpath); |
470 | 865 | if (dirctx != NULL) |
471 | 22 | OPENSSL_DIR_end(&dirctx); |
472 | 865 | #endif |
473 | 865 | if (line != NULL) |
474 | 865 | *line = eline; |
475 | 865 | BIO_snprintf(btmp, sizeof(btmp), "%ld", eline); |
476 | 865 | ERR_add_error_data(2, "line ", btmp); |
477 | 865 | if (h != conf->data) { |
478 | 865 | CONF_free(conf->data); |
479 | 865 | conf->data = NULL; |
480 | 865 | } |
481 | 865 | if (v != NULL) { |
482 | 221 | OPENSSL_free(v->name); |
483 | 221 | OPENSSL_free(v->value); |
484 | 221 | OPENSSL_free(v); |
485 | 221 | } |
486 | 865 | return 0; |
487 | 2.49k | } |
488 | | |
489 | | static void clear_comments(CONF *conf, char *p) |
490 | 7.90M | { |
491 | 7.90M | for (;;) { |
492 | 7.90M | if (IS_FCOMMENT(conf, *p)) { |
493 | 0 | *p = '\0'; |
494 | 0 | return; |
495 | 0 | } |
496 | 7.90M | if (!IS_WS(conf, *p)) { |
497 | 7.90M | break; |
498 | 7.90M | } |
499 | 629 | p++; |
500 | 629 | } |
501 | | |
502 | 34.4M | for (;;) { |
503 | 34.4M | if (IS_COMMENT(conf, *p)) { |
504 | 497k | *p = '\0'; |
505 | 497k | return; |
506 | 497k | } |
507 | 33.9M | if (IS_DQUOTE(conf, *p)) { |
508 | 0 | p = scan_dquote(conf, p); |
509 | 0 | continue; |
510 | 0 | } |
511 | 33.9M | if (IS_QUOTE(conf, *p)) { |
512 | 2.55k | p = scan_quote(conf, p); |
513 | 2.55k | continue; |
514 | 2.55k | } |
515 | 33.9M | if (IS_ESC(conf, *p)) { |
516 | 289k | p = scan_esc(conf, p); |
517 | 289k | continue; |
518 | 289k | } |
519 | 33.6M | if (IS_EOF(conf, *p)) |
520 | 7.40M | return; |
521 | 26.2M | else |
522 | 26.2M | p++; |
523 | 33.6M | } |
524 | 7.90M | } |
525 | | |
526 | | static int str_copy(CONF *conf, char *section, char **pto, char *from) |
527 | 40.0k | { |
528 | 40.0k | int q, r, rr = 0, to = 0, len = 0; |
529 | 40.0k | char *s, *e, *rp, *p, *rrp, *np, *cp, v; |
530 | 40.0k | BUF_MEM *buf; |
531 | | |
532 | 40.0k | if ((buf = BUF_MEM_new()) == NULL) |
533 | 0 | return 0; |
534 | | |
535 | 40.0k | len = strlen(from) + 1; |
536 | 40.0k | if (!BUF_MEM_grow(buf, len)) |
537 | 0 | goto err; |
538 | | |
539 | 13.4M | for (;;) { |
540 | 13.4M | if (IS_QUOTE(conf, *from)) { |
541 | 2.19k | q = *from; |
542 | 2.19k | from++; |
543 | 16.1M | while (!IS_EOF(conf, *from) && (*from != q)) { |
544 | 16.1M | if (IS_ESC(conf, *from)) { |
545 | 107k | from++; |
546 | 107k | if (IS_EOF(conf, *from)) |
547 | 391 | break; |
548 | 107k | } |
549 | 16.1M | buf->data[to++] = *(from++); |
550 | 16.1M | } |
551 | 2.19k | if (*from == q) |
552 | 1.21k | from++; |
553 | 13.4M | } else if (IS_DQUOTE(conf, *from)) { |
554 | 0 | q = *from; |
555 | 0 | from++; |
556 | 0 | while (!IS_EOF(conf, *from)) { |
557 | 0 | if (*from == q) { |
558 | 0 | if (*(from + 1) == q) { |
559 | 0 | from++; |
560 | 0 | } else { |
561 | 0 | break; |
562 | 0 | } |
563 | 0 | } |
564 | 0 | buf->data[to++] = *(from++); |
565 | 0 | } |
566 | 0 | if (*from == q) |
567 | 0 | from++; |
568 | 13.4M | } else if (IS_ESC(conf, *from)) { |
569 | 226k | from++; |
570 | 226k | v = *(from++); |
571 | 226k | if (IS_EOF(conf, v)) |
572 | 410 | break; |
573 | 225k | else if (v == 'r') |
574 | 522 | v = '\r'; |
575 | 225k | else if (v == 'n') |
576 | 276 | v = '\n'; |
577 | 224k | else if (v == 'b') |
578 | 265 | v = '\b'; |
579 | 224k | else if (v == 't') |
580 | 505 | v = '\t'; |
581 | 225k | buf->data[to++] = v; |
582 | 13.2M | } else if (IS_EOF(conf, *from)) |
583 | 39.4k | break; |
584 | 13.1M | else if (*from == '$') { |
585 | 17.4k | size_t newsize; |
586 | | |
587 | | /* try to expand it */ |
588 | 17.4k | rrp = NULL; |
589 | 17.4k | s = &(from[1]); |
590 | 17.4k | if (*s == '{') |
591 | 209 | q = '}'; |
592 | 17.2k | else if (*s == '(') |
593 | 269 | q = ')'; |
594 | 16.9k | else |
595 | 16.9k | q = 0; |
596 | | |
597 | 17.4k | if (q) |
598 | 478 | s++; |
599 | 17.4k | cp = section; |
600 | 17.4k | e = np = s; |
601 | 2.87M | while (IS_ALNUM(conf, *e)) |
602 | 2.85M | e++; |
603 | 17.4k | if ((e[0] == ':') && (e[1] == ':')) { |
604 | 631 | cp = np; |
605 | 631 | rrp = e; |
606 | 631 | rr = *e; |
607 | 631 | *rrp = '\0'; |
608 | 631 | e += 2; |
609 | 631 | np = e; |
610 | 2.30k | while (IS_ALNUM(conf, *e)) |
611 | 1.67k | e++; |
612 | 631 | } |
613 | 17.4k | r = *e; |
614 | 17.4k | *e = '\0'; |
615 | 17.4k | rp = e; |
616 | 17.4k | if (q) { |
617 | 478 | if (r != q) { |
618 | 34 | CONFerr(CONF_F_STR_COPY, CONF_R_NO_CLOSE_BRACE); |
619 | 34 | goto err; |
620 | 34 | } |
621 | 444 | e++; |
622 | 444 | } |
623 | | /*- |
624 | | * So at this point we have |
625 | | * np which is the start of the name string which is |
626 | | * '\0' terminated. |
627 | | * cp which is the start of the section string which is |
628 | | * '\0' terminated. |
629 | | * e is the 'next point after'. |
630 | | * r and rr are the chars replaced by the '\0' |
631 | | * rp and rrp is where 'r' and 'rr' came from. |
632 | | */ |
633 | 17.4k | p = _CONF_get_string(conf, cp, np); |
634 | 17.4k | if (rrp != NULL) |
635 | 631 | *rrp = rr; |
636 | 17.4k | *rp = r; |
637 | 17.4k | if (p == NULL) { |
638 | 180 | CONFerr(CONF_F_STR_COPY, CONF_R_VARIABLE_HAS_NO_VALUE); |
639 | 180 | goto err; |
640 | 180 | } |
641 | 17.2k | newsize = strlen(p) + buf->length - (e - from); |
642 | 17.2k | if (newsize > MAX_CONF_VALUE_LENGTH) { |
643 | 10 | CONFerr(CONF_F_STR_COPY, CONF_R_VARIABLE_EXPANSION_TOO_LONG); |
644 | 10 | goto err; |
645 | 10 | } |
646 | 17.2k | if (!BUF_MEM_grow_clean(buf, newsize)) { |
647 | 0 | CONFerr(CONF_F_STR_COPY, ERR_R_MALLOC_FAILURE); |
648 | 0 | goto err; |
649 | 0 | } |
650 | 31.3M | while (*p) |
651 | 31.3M | buf->data[to++] = *(p++); |
652 | | |
653 | | /* |
654 | | * Since we change the pointer 'from', we also have to change the |
655 | | * perceived length of the string it points at. /RL |
656 | | */ |
657 | 17.2k | len -= e - from; |
658 | 17.2k | from = e; |
659 | | |
660 | | /* |
661 | | * In case there were no braces or parenthesis around the |
662 | | * variable reference, we have to put back the character that was |
663 | | * replaced with a '\0'. /RL |
664 | | */ |
665 | 17.2k | *rp = r; |
666 | 17.2k | } else |
667 | 13.1M | buf->data[to++] = *(from++); |
668 | 13.4M | } |
669 | 39.8k | buf->data[to] = '\0'; |
670 | 39.8k | OPENSSL_free(*pto); |
671 | 39.8k | *pto = buf->data; |
672 | 39.8k | OPENSSL_free(buf); |
673 | 39.8k | return 1; |
674 | 224 | err: |
675 | 224 | BUF_MEM_free(buf); |
676 | 224 | return 0; |
677 | 40.0k | } |
678 | | |
679 | | #ifndef OPENSSL_NO_POSIX_IO |
680 | | /* |
681 | | * Check whether included path is a directory. |
682 | | * Returns next BIO to process and in case of a directory |
683 | | * also an opened directory context and the include path. |
684 | | */ |
685 | | static BIO *process_include(char *include, OPENSSL_DIR_CTX **dirctx, |
686 | | char **dirpath) |
687 | 8.29k | { |
688 | 8.29k | struct stat st = { 0 }; |
689 | 8.29k | BIO *next; |
690 | | |
691 | 8.29k | if (stat(include, &st) < 0) { |
692 | 1.32k | SYSerr(SYS_F_STAT, errno); |
693 | 1.32k | ERR_add_error_data(1, include); |
694 | | /* missing include file is not fatal error */ |
695 | 1.32k | return NULL; |
696 | 1.32k | } |
697 | | |
698 | 6.97k | if (S_ISDIR(st.st_mode)) { |
699 | 6.95k | if (*dirctx != NULL) { |
700 | 0 | CONFerr(CONF_F_PROCESS_INCLUDE, |
701 | 0 | CONF_R_RECURSIVE_DIRECTORY_INCLUDE); |
702 | 0 | ERR_add_error_data(1, include); |
703 | 0 | return NULL; |
704 | 0 | } |
705 | | /* a directory, load its contents */ |
706 | 6.95k | if ((next = get_next_file(include, dirctx)) != NULL) |
707 | 6.45k | *dirpath = include; |
708 | 6.95k | return next; |
709 | 6.95k | } |
710 | | |
711 | 19 | next = BIO_new_file(include, "r"); |
712 | 19 | return next; |
713 | 6.97k | } |
714 | | |
715 | | /* |
716 | | * Get next file from the directory path. |
717 | | * Returns BIO of the next file to read and updates dirctx. |
718 | | */ |
719 | | static BIO *get_next_file(const char *path, OPENSSL_DIR_CTX **dirctx) |
720 | 19.8k | { |
721 | 19.8k | const char *filename; |
722 | 19.8k | size_t pathlen; |
723 | | |
724 | 19.8k | pathlen = strlen(path); |
725 | 634k | while ((filename = OPENSSL_DIR_read(dirctx, path)) != NULL) { |
726 | 627k | size_t namelen; |
727 | | |
728 | 627k | namelen = strlen(filename); |
729 | | |
730 | | |
731 | 627k | if ((namelen > 5 && strcasecmp(filename + namelen - 5, ".conf") == 0) |
732 | 627k | || (namelen > 4 && strcasecmp(filename + namelen - 4, ".cnf") == 0)) { |
733 | 97.2k | size_t newlen; |
734 | 97.2k | char *newpath; |
735 | 97.2k | BIO *bio; |
736 | | |
737 | 97.2k | newlen = pathlen + namelen + 2; |
738 | 97.2k | newpath = OPENSSL_zalloc(newlen); |
739 | 97.2k | if (newpath == NULL) { |
740 | 0 | CONFerr(CONF_F_GET_NEXT_FILE, ERR_R_MALLOC_FAILURE); |
741 | 0 | break; |
742 | 0 | } |
743 | | #ifdef OPENSSL_SYS_VMS |
744 | | /* |
745 | | * If the given path isn't clear VMS syntax, |
746 | | * we treat it as on Unix. |
747 | | */ |
748 | | if (path[pathlen - 1] == ']' |
749 | | || path[pathlen - 1] == '>' |
750 | | || path[pathlen - 1] == ':') { |
751 | | /* Clear VMS directory syntax, just copy as is */ |
752 | | OPENSSL_strlcpy(newpath, path, newlen); |
753 | | } |
754 | | #endif |
755 | 97.2k | if (newpath[0] == '\0') { |
756 | 97.2k | OPENSSL_strlcpy(newpath, path, newlen); |
757 | 97.2k | OPENSSL_strlcat(newpath, "/", newlen); |
758 | 97.2k | } |
759 | 97.2k | OPENSSL_strlcat(newpath, filename, newlen); |
760 | | |
761 | 97.2k | bio = BIO_new_file(newpath, "r"); |
762 | 97.2k | OPENSSL_free(newpath); |
763 | | /* Errors when opening files are non-fatal. */ |
764 | 97.2k | if (bio != NULL) |
765 | 12.9k | return bio; |
766 | 97.2k | } |
767 | 627k | } |
768 | 6.93k | OPENSSL_DIR_end(dirctx); |
769 | 6.93k | *dirctx = NULL; |
770 | 6.93k | return NULL; |
771 | 19.8k | } |
772 | | #endif |
773 | | |
774 | | static int is_keytype(const CONF *conf, char c, unsigned short type) |
775 | 376M | { |
776 | 376M | const unsigned short * keytypes = (const unsigned short *) conf->meth_data; |
777 | 376M | unsigned char key = (unsigned char)c; |
778 | | |
779 | | #ifdef CHARSET_EBCDIC |
780 | | # if CHAR_BIT > 8 |
781 | | if (key > 255) { |
782 | | /* key is out of range for os_toascii table */ |
783 | | return 0; |
784 | | } |
785 | | # endif |
786 | | /* convert key from ebcdic to ascii */ |
787 | | key = os_toascii[key]; |
788 | | #endif |
789 | | |
790 | 376M | if (key > 127) { |
791 | | /* key is not a seven bit ascii character */ |
792 | 28.2M | return 0; |
793 | 28.2M | } |
794 | | |
795 | 348M | return (keytypes[key] & type) ? 1 : 0; |
796 | 376M | } |
797 | | |
798 | | static char *eat_ws(CONF *conf, char *p) |
799 | 7.97M | { |
800 | 7.98M | while (IS_WS(conf, *p) && (!IS_EOF(conf, *p))) |
801 | 9.85k | p++; |
802 | 7.97M | return p; |
803 | 7.97M | } |
804 | | |
805 | | static void trim_ws(CONF *conf, char *start) |
806 | 36.9k | { |
807 | 36.9k | char *p = start; |
808 | | |
809 | 29.7M | while (!IS_EOF(conf, *p)) |
810 | 29.7M | p++; |
811 | 36.9k | p--; |
812 | 37.9k | while ((p >= start) && IS_WS(conf, *p)) |
813 | 959 | p--; |
814 | 36.9k | p++; |
815 | 36.9k | *p = '\0'; |
816 | 36.9k | } |
817 | | |
818 | | static char *eat_alpha_numeric(CONF *conf, char *p) |
819 | 50.8k | { |
820 | 10.0M | for (;;) { |
821 | 10.0M | if (IS_ESC(conf, *p)) { |
822 | 55.8k | p = scan_esc(conf, p); |
823 | 55.8k | continue; |
824 | 55.8k | } |
825 | 9.97M | if (!IS_ALNUM_PUNCT(conf, *p)) |
826 | 50.8k | return p; |
827 | 9.92M | p++; |
828 | 9.92M | } |
829 | 50.8k | } |
830 | | |
831 | | static char *scan_quote(CONF *conf, char *p) |
832 | 2.55k | { |
833 | 2.55k | int q = *p; |
834 | | |
835 | 2.55k | p++; |
836 | 17.3M | while (!(IS_EOF(conf, *p)) && (*p != q)) { |
837 | 17.3M | if (IS_ESC(conf, *p)) { |
838 | 108k | p++; |
839 | 108k | if (IS_EOF(conf, *p)) |
840 | 212 | return p; |
841 | 108k | } |
842 | 17.3M | p++; |
843 | 17.3M | } |
844 | 2.34k | if (*p == q) |
845 | 1.47k | p++; |
846 | 2.34k | return p; |
847 | 2.55k | } |
848 | | |
849 | | static char *scan_dquote(CONF *conf, char *p) |
850 | 0 | { |
851 | 0 | int q = *p; |
852 | |
|
853 | 0 | p++; |
854 | 0 | while (!(IS_EOF(conf, *p))) { |
855 | 0 | if (*p == q) { |
856 | 0 | if (*(p + 1) == q) { |
857 | 0 | p++; |
858 | 0 | } else { |
859 | 0 | break; |
860 | 0 | } |
861 | 0 | } |
862 | 0 | p++; |
863 | 0 | } |
864 | 0 | if (*p == q) |
865 | 0 | p++; |
866 | 0 | return p; |
867 | 0 | } |
868 | | |
869 | | static void dump_value_doall_arg(const CONF_VALUE *a, BIO *out) |
870 | 0 | { |
871 | 0 | if (a->name) |
872 | 0 | BIO_printf(out, "[%s] %s=%s\n", a->section, a->name, a->value); |
873 | 0 | else |
874 | 0 | BIO_printf(out, "[[%s]]\n", a->section); |
875 | 0 | } |
876 | | |
877 | | IMPLEMENT_LHASH_DOALL_ARG_CONST(CONF_VALUE, BIO); |
878 | | |
879 | | static int def_dump(const CONF *conf, BIO *out) |
880 | 0 | { |
881 | 0 | lh_CONF_VALUE_doall_BIO(conf->data, dump_value_doall_arg, out); |
882 | 0 | return 1; |
883 | 0 | } |
884 | | |
885 | | static int def_is_number(const CONF *conf, char c) |
886 | 0 | { |
887 | 0 | return IS_NUMBER(conf, c); |
888 | 0 | } |
889 | | |
890 | | static int def_to_int(const CONF *conf, char c) |
891 | 0 | { |
892 | 0 | return c - '0'; |
893 | 0 | } |