Coverage Report

Created: 2018-08-29 13:53

/src/openssl/ssl/ssl_mcnf.c
Line
Count
Source (jump to first uncovered line)
1
/*
2
 * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
3
 *
4
 * Licensed under the OpenSSL license (the "License").  You may not use
5
 * this file except in compliance with the License.  You can obtain a copy
6
 * in the file LICENSE in the source distribution or at
7
 * https://www.openssl.org/source/license.html
8
 */
9
10
#include <stdio.h>
11
#include <openssl/conf.h>
12
#include <openssl/ssl.h>
13
#include "ssl_locl.h"
14
#include "internal/sslconf.h"
15
16
/* SSL library configuration module. */
17
18
void SSL_add_ssl_module(void)
19
0
{
20
0
    /* Do nothing. This will be added automatically by libcrypto */
21
0
}
22
23
static int ssl_do_config(SSL *s, SSL_CTX *ctx, const char *name, int system)
24
0
{
25
0
    SSL_CONF_CTX *cctx = NULL;
26
0
    size_t i, idx, cmd_count;
27
0
    int rv = 0;
28
0
    unsigned int flags;
29
0
    const SSL_METHOD *meth;
30
0
    const SSL_CONF_CMD *cmds;
31
0
32
0
    if (s == NULL && ctx == NULL) {
33
0
        SSLerr(SSL_F_SSL_DO_CONFIG, ERR_R_PASSED_NULL_PARAMETER);
34
0
        goto err;
35
0
    }
36
0
37
0
    if (name == NULL && system)
38
0
        name = "system_default";
39
0
    if (!conf_ssl_name_find(name, &idx)) {
40
0
        if (!system) {
41
0
            SSLerr(SSL_F_SSL_DO_CONFIG, SSL_R_INVALID_CONFIGURATION_NAME);
42
0
            ERR_add_error_data(2, "name=", name);
43
0
        }
44
0
        goto err;
45
0
    }
46
0
    cmds = conf_ssl_get(idx, &name, &cmd_count);
47
0
    cctx = SSL_CONF_CTX_new();
48
0
    if (cctx == NULL)
49
0
        goto err;
50
0
    flags = SSL_CONF_FLAG_FILE;
51
0
    if (!system)
52
0
        flags |= SSL_CONF_FLAG_CERTIFICATE | SSL_CONF_FLAG_REQUIRE_PRIVATE;
53
0
    if (s != NULL) {
54
0
        meth = s->method;
55
0
        SSL_CONF_CTX_set_ssl(cctx, s);
56
0
    } else {
57
0
        meth = ctx->method;
58
0
        SSL_CONF_CTX_set_ssl_ctx(cctx, ctx);
59
0
    }
60
0
    if (meth->ssl_accept != ssl_undefined_function)
61
0
        flags |= SSL_CONF_FLAG_SERVER;
62
0
    if (meth->ssl_connect != ssl_undefined_function)
63
0
        flags |= SSL_CONF_FLAG_CLIENT;
64
0
    SSL_CONF_CTX_set_flags(cctx, flags);
65
0
    for (i = 0; i < cmd_count; i++) {
66
0
        char *cmdstr, *arg;
67
0
68
0
        conf_ssl_get_cmd(cmds, i, &cmdstr, &arg);
69
0
        rv = SSL_CONF_cmd(cctx, cmdstr, arg);
70
0
        if (rv <= 0) {
71
0
            if (rv == -2)
72
0
                SSLerr(SSL_F_SSL_DO_CONFIG, SSL_R_UNKNOWN_COMMAND);
73
0
            else
74
0
                SSLerr(SSL_F_SSL_DO_CONFIG, SSL_R_BAD_VALUE);
75
0
            ERR_add_error_data(6, "section=", name, ", cmd=", cmdstr,
76
0
                               ", arg=", arg);
77
0
            goto err;
78
0
        }
79
0
    }
80
0
    rv = SSL_CONF_CTX_finish(cctx);
81
0
 err:
82
0
    SSL_CONF_CTX_free(cctx);
83
0
    return rv <= 0 ? 0 : 1;
84
0
}
85
86
int SSL_config(SSL *s, const char *name)
87
0
{
88
0
    return ssl_do_config(s, NULL, name, 0);
89
0
}
90
91
int SSL_CTX_config(SSL_CTX *ctx, const char *name)
92
0
{
93
0
    return ssl_do_config(NULL, ctx, name, 0);
94
0
}
95
96
void ssl_ctx_system_config(SSL_CTX *ctx)
97
0
{
98
0
    ssl_do_config(NULL, ctx, NULL, 1);
99
0
}