/src/openssl30/ssl/ssl_mcnf.c

Source (jump to first uncovered line)
/*
 * Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include <stdio.h>
#include <openssl/conf.h>
#include <openssl/ssl.h>
#include "ssl_local.h"
#include "internal/sslconf.h"

/* SSL library configuration module. */

void SSL_add_ssl_module(void)
{
    /* Do nothing. This will be added automatically by libcrypto */
}

static int ssl_do_config(SSL *s, SSL_CTX *ctx, const char *name, int system)
{
    SSL_CONF_CTX *cctx = NULL;
    size_t i, idx, cmd_count;
    int err = 1;
    unsigned int flags;
    const SSL_METHOD *meth;
    const SSL_CONF_CMD *cmds;
    OSSL_LIB_CTX *prev_libctx = NULL;
    OSSL_LIB_CTX *libctx = NULL;

    if (s == NULL && ctx == NULL) {
        ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER);
        goto err;
    }

    if (name == NULL && system)
        name = "system_default";
    if (!conf_ssl_name_find(name, &idx)) {
        if (!system)
            ERR_raise_data(ERR_LIB_SSL, SSL_R_INVALID_CONFIGURATION_NAME,
                           "name=%s", name);
        goto err;
    }
    cmds = conf_ssl_get(idx, &name, &cmd_count);
    cctx = SSL_CONF_CTX_new();
    if (cctx == NULL)
        goto err;
    flags = SSL_CONF_FLAG_FILE;
    if (!system)
        flags |= SSL_CONF_FLAG_CERTIFICATE | SSL_CONF_FLAG_REQUIRE_PRIVATE;
    if (s != NULL) {
        meth = s->method;
        SSL_CONF_CTX_set_ssl(cctx, s);
        libctx = s->ctx->libctx;
    } else {
        meth = ctx->method;
        SSL_CONF_CTX_set_ssl_ctx(cctx, ctx);
        libctx = ctx->libctx;
    }
    if (meth->ssl_accept != ssl_undefined_function)
        flags |= SSL_CONF_FLAG_SERVER;
    if (meth->ssl_connect != ssl_undefined_function)
        flags |= SSL_CONF_FLAG_CLIENT;
    SSL_CONF_CTX_set_flags(cctx, flags);
    prev_libctx = OSSL_LIB_CTX_set0_default(libctx);
    err = 0;
    for (i = 0; i < cmd_count; i++) {
        char *cmdstr, *arg;
        int rv;

        conf_ssl_get_cmd(cmds, i, &cmdstr, &arg);
        rv = SSL_CONF_cmd(cctx, cmdstr, arg);
        if (rv <= 0)
            ++err;
    }
    if (!SSL_CONF_CTX_finish(cctx))
        ++err;
 err:
    OSSL_LIB_CTX_set0_default(prev_libctx);
    SSL_CONF_CTX_free(cctx);
    return err == 0;
}

int SSL_config(SSL *s, const char *name)
{
    return ssl_do_config(s, NULL, name, 0);
}

int SSL_CTX_config(SSL_CTX *ctx, const char *name)
{
    return ssl_do_config(NULL, ctx, name, 0);
}

void ssl_ctx_system_config(SSL_CTX *ctx)
{
    ssl_do_config(NULL, ctx, NULL, 1);
}

Line	Count	Source (jump to first uncovered line)
1		/*
2		* Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved.
3		*
4		* Licensed under the Apache License 2.0 (the "License"). You may not use
5		* this file except in compliance with the License. You can obtain a copy
6		* in the file LICENSE in the source distribution or at
7		* https://www.openssl.org/source/license.html
8		*/
9
10		#include <stdio.h>
11		#include <openssl/conf.h>
12		#include <openssl/ssl.h>
13		#include "ssl_local.h"
14		#include "internal/sslconf.h"
15
16		/* SSL library configuration module. */
17
18		void SSL_add_ssl_module(void)
19	0	{
20		/* Do nothing. This will be added automatically by libcrypto */
21	0	}
22
23		static int ssl_do_config(SSL s, SSL_CTX ctx, const char *name, int system)
24	48.2k	{
25	48.2k	SSL_CONF_CTX *cctx = NULL;
26	48.2k	size_t i, idx, cmd_count;
27	48.2k	int err = 1;
28	48.2k	unsigned int flags;
29	48.2k	const SSL_METHOD *meth;
30	48.2k	const SSL_CONF_CMD *cmds;
31	48.2k	OSSL_LIB_CTX *prev_libctx = NULL;
32	48.2k	OSSL_LIB_CTX *libctx = NULL;
33
34	48.2k	if (s == NULL && ctx == NULL) {
35	0	ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER);
36	0	goto err;
37	0	}
38
39	48.2k	if (name == NULL && system)
40	48.2k	name = "system_default";
41	48.2k	if (!conf_ssl_name_find(name, &idx)) {
42	48.2k	if (!system)
43	0	ERR_raise_data(ERR_LIB_SSL, SSL_R_INVALID_CONFIGURATION_NAME,
44	0	"name=%s", name);
45	48.2k	goto err;
46	48.2k	}
47	0	cmds = conf_ssl_get(idx, &name, &cmd_count);
48	0	cctx = SSL_CONF_CTX_new();
49	0	if (cctx == NULL)
50	0	goto err;
51	0	flags = SSL_CONF_FLAG_FILE;
52	0	if (!system)
53	0	flags \|= SSL_CONF_FLAG_CERTIFICATE \| SSL_CONF_FLAG_REQUIRE_PRIVATE;
54	0	if (s != NULL) {
55	0	meth = s->method;
56	0	SSL_CONF_CTX_set_ssl(cctx, s);
57	0	libctx = s->ctx->libctx;
58	0	} else {
59	0	meth = ctx->method;
60	0	SSL_CONF_CTX_set_ssl_ctx(cctx, ctx);
61	0	libctx = ctx->libctx;
62	0	}
63	0	if (meth->ssl_accept != ssl_undefined_function)
64	0	flags \|= SSL_CONF_FLAG_SERVER;
65	0	if (meth->ssl_connect != ssl_undefined_function)
66	0	flags \|= SSL_CONF_FLAG_CLIENT;
67	0	SSL_CONF_CTX_set_flags(cctx, flags);
68	0	prev_libctx = OSSL_LIB_CTX_set0_default(libctx);
69	0	err = 0;
70	0	for (i = 0; i < cmd_count; i++) {
71	0	char cmdstr, arg;
72	0	int rv;
73
74	0	conf_ssl_get_cmd(cmds, i, &cmdstr, &arg);
75	0	rv = SSL_CONF_cmd(cctx, cmdstr, arg);
76	0	if (rv <= 0)
77	0	++err;
78	0	}
79	0	if (!SSL_CONF_CTX_finish(cctx))
80	0	++err;
81	48.2k	err:
82	48.2k	OSSL_LIB_CTX_set0_default(prev_libctx);
83	48.2k	SSL_CONF_CTX_free(cctx);
84	48.2k	return err == 0;
85	0	}
86
87		int SSL_config(SSL s, const char name)
88	0	{
89	0	return ssl_do_config(s, NULL, name, 0);
90	0	}
91
92		int SSL_CTX_config(SSL_CTX ctx, const char name)
93	0	{
94	0	return ssl_do_config(NULL, ctx, name, 0);
95	0	}
96
97		void ssl_ctx_system_config(SSL_CTX *ctx)
98	48.2k	{
99	48.2k	ssl_do_config(NULL, ctx, NULL, 1);
100	48.2k	}

Coverage Report

Created: 2025-06-13 06:58