OLD | NEW |
1 /* apps/apps.c */ | 1 /* apps/apps.c */ |
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
3 * All rights reserved. | 3 * All rights reserved. |
4 * | 4 * |
5 * This package is an SSL implementation written | 5 * This package is an SSL implementation written |
6 * by Eric Young (eay@cryptsoft.com). | 6 * by Eric Young (eay@cryptsoft.com). |
7 * The implementation was written so as to conform with Netscapes SSL. | 7 * The implementation was written so as to conform with Netscapes SSL. |
8 * | 8 * |
9 * This library is free for commercial and non-commercial use as long as | 9 * This library is free for commercial and non-commercial use as long as |
10 * the following conditions are aheared to. The following conditions | 10 * the following conditions are aheared to. The following conditions |
(...skipping 91 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | 102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED |
103 * OF THE POSSIBILITY OF SUCH DAMAGE. | 103 * OF THE POSSIBILITY OF SUCH DAMAGE. |
104 * ==================================================================== | 104 * ==================================================================== |
105 * | 105 * |
106 * This product includes cryptographic software written by Eric Young | 106 * This product includes cryptographic software written by Eric Young |
107 * (eay@cryptsoft.com). This product includes software written by Tim | 107 * (eay@cryptsoft.com). This product includes software written by Tim |
108 * Hudson (tjh@cryptsoft.com). | 108 * Hudson (tjh@cryptsoft.com). |
109 * | 109 * |
110 */ | 110 */ |
111 | 111 |
| 112 #ifndef _POSIX_C_SOURCE |
| 113 #define _POSIX_C_SOURCE 2 /* On VMS, you need to define this to get |
| 114 the declaration of fileno(). The value |
| 115 2 is to make sure no function defined |
| 116 in POSIX-2 is left undefined. */ |
| 117 #endif |
112 #include <stdio.h> | 118 #include <stdio.h> |
113 #include <stdlib.h> | 119 #include <stdlib.h> |
114 #include <string.h> | 120 #include <string.h> |
| 121 #if !defined(OPENSSL_SYSNAME_WIN32) && !defined(NETWARE_CLIB) |
| 122 #include <strings.h> |
| 123 #endif |
115 #include <sys/types.h> | 124 #include <sys/types.h> |
116 #include <sys/stat.h> | |
117 #include <ctype.h> | 125 #include <ctype.h> |
| 126 #include <errno.h> |
118 #include <assert.h> | 127 #include <assert.h> |
119 #include <openssl/err.h> | 128 #include <openssl/err.h> |
120 #include <openssl/x509.h> | 129 #include <openssl/x509.h> |
121 #include <openssl/x509v3.h> | 130 #include <openssl/x509v3.h> |
122 #include <openssl/pem.h> | 131 #include <openssl/pem.h> |
123 #include <openssl/pkcs12.h> | 132 #include <openssl/pkcs12.h> |
124 #include <openssl/ui.h> | 133 #include <openssl/ui.h> |
125 #include <openssl/safestack.h> | 134 #include <openssl/safestack.h> |
126 #ifndef OPENSSL_NO_ENGINE | 135 #ifndef OPENSSL_NO_ENGINE |
127 #include <openssl/engine.h> | 136 #include <openssl/engine.h> |
128 #endif | 137 #endif |
129 #ifndef OPENSSL_NO_RSA | 138 #ifndef OPENSSL_NO_RSA |
130 #include <openssl/rsa.h> | 139 #include <openssl/rsa.h> |
131 #endif | 140 #endif |
132 #include <openssl/bn.h> | 141 #include <openssl/bn.h> |
133 #ifndef OPENSSL_NO_JPAKE | 142 #ifndef OPENSSL_NO_JPAKE |
134 #include <openssl/jpake.h> | 143 #include <openssl/jpake.h> |
135 #endif | 144 #endif |
136 | 145 |
137 #define NON_MAIN | 146 #define NON_MAIN |
138 #include "apps.h" | 147 #include "apps.h" |
139 #undef NON_MAIN | 148 #undef NON_MAIN |
140 | 149 |
| 150 #ifdef _WIN32 |
| 151 static int WIN32_rename(const char *from, const char *to); |
| 152 #define rename(from,to) WIN32_rename((from),(to)) |
| 153 #endif |
| 154 |
141 typedef struct { | 155 typedef struct { |
142 const char *name; | 156 const char *name; |
143 unsigned long flag; | 157 unsigned long flag; |
144 unsigned long mask; | 158 unsigned long mask; |
145 } NAME_EX_TBL; | 159 } NAME_EX_TBL; |
146 | 160 |
147 static UI_METHOD *ui_method = NULL; | 161 static UI_METHOD *ui_method = NULL; |
148 | 162 |
149 static int set_table_opts(unsigned long *flags, const char *arg, const NAME_EX_T
BL *in_tbl); | 163 static int set_table_opts(unsigned long *flags, const char *arg, const NAME_EX_T
BL *in_tbl); |
150 static int set_multi_opts(unsigned long *flags, const char *arg, const NAME_EX_T
BL *in_tbl); | 164 static int set_multi_opts(unsigned long *flags, const char *arg, const NAME_EX_T
BL *in_tbl); |
151 | 165 |
152 #if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_RSA) | 166 #if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_RSA) |
153 /* Looks like this stuff is worth moving into separate function */ | 167 /* Looks like this stuff is worth moving into separate function */ |
154 static EVP_PKEY * | 168 static EVP_PKEY * |
155 load_netscape_key(BIO *err, BIO *key, const char *file, | 169 load_netscape_key(BIO *err, BIO *key, const char *file, |
156 const char *key_descrip, int format); | 170 const char *key_descrip, int format); |
157 #endif | 171 #endif |
158 | 172 |
159 int app_init(long mesgwin); | 173 int app_init(long mesgwin); |
160 #ifdef undef /* never finished - probably never will be :-) */ | 174 #ifdef undef /* never finished - probably never will be :-) */ |
161 int args_from_file(char *file, int *argc, char **argv[]) | 175 int args_from_file(char *file, int *argc, char **argv[]) |
162 { | 176 { |
163 FILE *fp; | 177 FILE *fp; |
164 int num,i; | 178 int num,i; |
165 unsigned int len; | 179 unsigned int len; |
166 static char *buf=NULL; | 180 static char *buf=NULL; |
167 static char **arg=NULL; | 181 static char **arg=NULL; |
168 char *p; | 182 char *p; |
169 struct stat stbuf; | |
170 | |
171 if (stat(file,&stbuf) < 0) return(0); | |
172 | 183 |
173 fp=fopen(file,"r"); | 184 fp=fopen(file,"r"); |
174 if (fp == NULL) | 185 if (fp == NULL) |
175 return(0); | 186 return(0); |
176 | 187 |
| 188 if (fseek(fp,0,SEEK_END)==0) |
| 189 len=ftell(fp), rewind(fp); |
| 190 else len=-1; |
| 191 if (len<=0) |
| 192 { |
| 193 fclose(fp); |
| 194 return(0); |
| 195 } |
| 196 |
177 *argc=0; | 197 *argc=0; |
178 *argv=NULL; | 198 *argv=NULL; |
179 | 199 |
180 len=(unsigned int)stbuf.st_size; | |
181 if (buf != NULL) OPENSSL_free(buf); | 200 if (buf != NULL) OPENSSL_free(buf); |
182 buf=(char *)OPENSSL_malloc(len+1); | 201 buf=(char *)OPENSSL_malloc(len+1); |
183 if (buf == NULL) return(0); | 202 if (buf == NULL) return(0); |
184 | 203 |
185 len=fread(buf,1,len,fp); | 204 len=fread(buf,1,len,fp); |
186 if (len <= 1) return(0); | 205 if (len <= 1) return(0); |
187 buf[len]='\0'; | 206 buf[len]='\0'; |
188 | 207 |
189 i=0; | 208 i=0; |
190 for (p=buf; *p; p++) | 209 for (p=buf; *p; p++) |
(...skipping 40 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
231 /* else *p == '\n' */ | 250 /* else *p == '\n' */ |
232 *(p++)='\0'; | 251 *(p++)='\0'; |
233 } | 252 } |
234 *argc=num; | 253 *argc=num; |
235 return(1); | 254 return(1); |
236 } | 255 } |
237 #endif | 256 #endif |
238 | 257 |
239 int str2fmt(char *s) | 258 int str2fmt(char *s) |
240 { | 259 { |
| 260 if (s == NULL) |
| 261 return FORMAT_UNDEF; |
241 if ((*s == 'D') || (*s == 'd')) | 262 if ((*s == 'D') || (*s == 'd')) |
242 return(FORMAT_ASN1); | 263 return(FORMAT_ASN1); |
243 else if ((*s == 'T') || (*s == 't')) | 264 else if ((*s == 'T') || (*s == 't')) |
244 return(FORMAT_TEXT); | 265 return(FORMAT_TEXT); |
245 » else if ((*s == 'P') || (*s == 'p')) | 266 » else if ((*s == 'N') || (*s == 'n')) |
246 » » return(FORMAT_PEM); | 267 » » return(FORMAT_NETSCAPE); |
247 » else if ((*s == 'N') || (*s == 'n')) | 268 » else if ((*s == 'S') || (*s == 's')) |
248 » » return(FORMAT_NETSCAPE); | 269 » » return(FORMAT_SMIME); |
249 » else if ((*s == 'S') || (*s == 's')) | 270 » else if ((*s == 'M') || (*s == 'm')) |
250 » » return(FORMAT_SMIME); | 271 » » return(FORMAT_MSBLOB); |
251 else if ((*s == '1') | 272 else if ((*s == '1') |
252 || (strcmp(s,"PKCS12") == 0) || (strcmp(s,"pkcs12") == 0) | 273 || (strcmp(s,"PKCS12") == 0) || (strcmp(s,"pkcs12") == 0) |
253 || (strcmp(s,"P12") == 0) || (strcmp(s,"p12") == 0)) | 274 || (strcmp(s,"P12") == 0) || (strcmp(s,"p12") == 0)) |
254 return(FORMAT_PKCS12); | 275 return(FORMAT_PKCS12); |
255 else if ((*s == 'E') || (*s == 'e')) | 276 else if ((*s == 'E') || (*s == 'e')) |
256 return(FORMAT_ENGINE); | 277 return(FORMAT_ENGINE); |
| 278 else if ((*s == 'P') || (*s == 'p')) |
| 279 { |
| 280 if (s[1] == 'V' || s[1] == 'v') |
| 281 return FORMAT_PVK; |
| 282 else |
| 283 return(FORMAT_PEM); |
| 284 } |
257 else | 285 else |
258 return(FORMAT_UNDEF); | 286 return(FORMAT_UNDEF); |
259 } | 287 } |
260 | 288 |
261 #if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_
SYS_WIN16) || defined(OPENSSL_SYS_NETWARE) | 289 #if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_
SYS_WIN16) || defined(OPENSSL_SYS_NETWARE) |
262 void program_name(char *in, char *out, int size) | 290 void program_name(char *in, char *out, int size) |
263 { | 291 { |
264 int i,n; | 292 int i,n; |
265 char *p=NULL; | 293 char *p=NULL; |
266 | 294 |
(...skipping 77 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
344 p++; | 372 p++; |
345 else | 373 else |
346 p=in; | 374 p=in; |
347 BUF_strlcpy(out,p,size); | 375 BUF_strlcpy(out,p,size); |
348 } | 376 } |
349 #endif | 377 #endif |
350 #endif | 378 #endif |
351 | 379 |
352 int chopup_args(ARGS *arg, char *buf, int *argc, char **argv[]) | 380 int chopup_args(ARGS *arg, char *buf, int *argc, char **argv[]) |
353 { | 381 { |
354 » int num,len,i; | 382 » int num,i; |
355 char *p; | 383 char *p; |
356 | 384 |
357 *argc=0; | 385 *argc=0; |
358 *argv=NULL; | 386 *argv=NULL; |
359 | 387 |
360 len=strlen(buf); | |
361 i=0; | 388 i=0; |
362 if (arg->count == 0) | 389 if (arg->count == 0) |
363 { | 390 { |
364 arg->count=20; | 391 arg->count=20; |
365 arg->data=(char **)OPENSSL_malloc(sizeof(char *)*arg->count); | 392 arg->data=(char **)OPENSSL_malloc(sizeof(char *)*arg->count); |
366 } | 393 } |
367 for (i=0; i<arg->count; i++) | 394 for (i=0; i<arg->count; i++) |
368 arg->data[i]=NULL; | 395 arg->data[i]=NULL; |
369 | 396 |
370 num=0; | 397 num=0; |
(...skipping 261 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
632 } | 659 } |
633 return BUF_strdup(tmp); | 660 return BUF_strdup(tmp); |
634 } | 661 } |
635 if(!keepbio || !pwdbio) { | 662 if(!keepbio || !pwdbio) { |
636 if(!strncmp(arg, "file:", 5)) { | 663 if(!strncmp(arg, "file:", 5)) { |
637 pwdbio = BIO_new_file(arg + 5, "r"); | 664 pwdbio = BIO_new_file(arg + 5, "r"); |
638 if(!pwdbio) { | 665 if(!pwdbio) { |
639 BIO_printf(err, "Can't open file %s\n", arg + 5)
; | 666 BIO_printf(err, "Can't open file %s\n", arg + 5)
; |
640 return NULL; | 667 return NULL; |
641 } | 668 } |
| 669 #if !defined(_WIN32) |
| 670 /* |
| 671 * Under _WIN32, which covers even Win64 and CE, file |
| 672 * descriptors referenced by BIO_s_fd are not inherited |
| 673 * by child process and therefore below is not an option. |
| 674 * It could have been an option if bss_fd.c was operating |
| 675 * on real Windows descriptors, such as those obtained |
| 676 * with CreateFile. |
| 677 */ |
642 } else if(!strncmp(arg, "fd:", 3)) { | 678 } else if(!strncmp(arg, "fd:", 3)) { |
643 BIO *btmp; | 679 BIO *btmp; |
644 i = atoi(arg + 3); | 680 i = atoi(arg + 3); |
645 if(i >= 0) pwdbio = BIO_new_fd(i, BIO_NOCLOSE); | 681 if(i >= 0) pwdbio = BIO_new_fd(i, BIO_NOCLOSE); |
646 if((i < 0) || !pwdbio) { | 682 if((i < 0) || !pwdbio) { |
647 BIO_printf(err, "Can't access file descriptor %s
\n", arg + 3); | 683 BIO_printf(err, "Can't access file descriptor %s
\n", arg + 3); |
648 return NULL; | 684 return NULL; |
649 } | 685 } |
650 /* Can't do BIO_gets on an fd BIO so add a buffering BIO
*/ | 686 /* Can't do BIO_gets on an fd BIO so add a buffering BIO
*/ |
651 btmp = BIO_new(BIO_f_buffer()); | 687 btmp = BIO_new(BIO_f_buffer()); |
652 pwdbio = BIO_push(btmp, pwdbio); | 688 pwdbio = BIO_push(btmp, pwdbio); |
| 689 #endif |
653 } else if(!strcmp(arg, "stdin")) { | 690 } else if(!strcmp(arg, "stdin")) { |
654 pwdbio = BIO_new_fp(stdin, BIO_NOCLOSE); | 691 pwdbio = BIO_new_fp(stdin, BIO_NOCLOSE); |
655 if(!pwdbio) { | 692 if(!pwdbio) { |
656 BIO_printf(err, "Can't open BIO for stdin\n"); | 693 BIO_printf(err, "Can't open BIO for stdin\n"); |
657 return NULL; | 694 return NULL; |
658 } | 695 } |
659 } else { | 696 } else { |
660 BIO_printf(err, "Invalid password argument \"%s\"\n", ar
g); | 697 BIO_printf(err, "Invalid password argument \"%s\"\n", ar
g); |
661 return NULL; | 698 return NULL; |
662 } | 699 } |
(...skipping 79 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
742 ret = PKCS12_parse(p12, pass, pkey, cert, ca); | 779 ret = PKCS12_parse(p12, pass, pkey, cert, ca); |
743 die: | 780 die: |
744 if (p12) | 781 if (p12) |
745 PKCS12_free(p12); | 782 PKCS12_free(p12); |
746 return ret; | 783 return ret; |
747 } | 784 } |
748 | 785 |
749 X509 *load_cert(BIO *err, const char *file, int format, | 786 X509 *load_cert(BIO *err, const char *file, int format, |
750 const char *pass, ENGINE *e, const char *cert_descrip) | 787 const char *pass, ENGINE *e, const char *cert_descrip) |
751 { | 788 { |
752 ASN1_HEADER *ah=NULL; | |
753 BUF_MEM *buf=NULL; | |
754 X509 *x=NULL; | 789 X509 *x=NULL; |
755 BIO *cert; | 790 BIO *cert; |
756 | 791 |
757 if ((cert=BIO_new(BIO_s_file())) == NULL) | 792 if ((cert=BIO_new(BIO_s_file())) == NULL) |
758 { | 793 { |
759 ERR_print_errors(err); | 794 ERR_print_errors(err); |
760 goto end; | 795 goto end; |
761 } | 796 } |
762 | 797 |
763 if (file == NULL) | 798 if (file == NULL) |
764 { | 799 { |
| 800 #ifdef _IONBF |
| 801 # ifndef OPENSSL_NO_SETVBUF_IONBF |
765 setvbuf(stdin, NULL, _IONBF, 0); | 802 setvbuf(stdin, NULL, _IONBF, 0); |
| 803 # endif /* ndef OPENSSL_NO_SETVBUF_IONBF */ |
| 804 #endif |
766 BIO_set_fp(cert,stdin,BIO_NOCLOSE); | 805 BIO_set_fp(cert,stdin,BIO_NOCLOSE); |
767 } | 806 } |
768 else | 807 else |
769 { | 808 { |
770 if (BIO_read_filename(cert,file) <= 0) | 809 if (BIO_read_filename(cert,file) <= 0) |
771 { | 810 { |
772 BIO_printf(err, "Error opening %s %s\n", | 811 BIO_printf(err, "Error opening %s %s\n", |
773 cert_descrip, file); | 812 cert_descrip, file); |
774 ERR_print_errors(err); | 813 ERR_print_errors(err); |
775 goto end; | 814 goto end; |
776 } | 815 } |
777 } | 816 } |
778 | 817 |
779 if (format == FORMAT_ASN1) | 818 if (format == FORMAT_ASN1) |
780 x=d2i_X509_bio(cert,NULL); | 819 x=d2i_X509_bio(cert,NULL); |
781 else if (format == FORMAT_NETSCAPE) | 820 else if (format == FORMAT_NETSCAPE) |
782 { | 821 { |
783 » » const unsigned char *p,*op; | 822 » » NETSCAPE_X509 *nx; |
784 » » int size=0,i; | 823 » » nx=ASN1_item_d2i_bio(ASN1_ITEM_rptr(NETSCAPE_X509),cert,NULL); |
| 824 » » if (nx == NULL) |
| 825 » » » » goto end; |
785 | 826 |
786 » » /* We sort of have to do it this way because it is sort of nice | 827 » » if ((strncmp(NETSCAPE_CERT_HDR,(char *)nx->header->data, |
787 » » * to read the header first and check it, then | 828 » » » nx->header->length) != 0)) |
788 » » * try to read the certificate */ | |
789 » » buf=BUF_MEM_new(); | |
790 » » for (;;) | |
791 { | 829 { |
792 » » » if ((buf == NULL) || (!BUF_MEM_grow(buf,size+1024*10))) | 830 » » » NETSCAPE_X509_free(nx); |
793 » » » » goto end; | |
794 » » » i=BIO_read(cert,&(buf->data[size]),1024*10); | |
795 » » » size+=i; | |
796 » » » if (i == 0) break; | |
797 » » » if (i < 0) | |
798 » » » » { | |
799 » » » » perror("reading certificate"); | |
800 » » » » goto end; | |
801 » » » » } | |
802 » » » } | |
803 » » p=(unsigned char *)buf->data; | |
804 » » op=p; | |
805 | |
806 » » /* First load the header */ | |
807 » » if ((ah=d2i_ASN1_HEADER(NULL,&p,(long)size)) == NULL) | |
808 » » » goto end; | |
809 » » if ((ah->header == NULL) || (ah->header->data == NULL) || | |
810 » » » (strncmp(NETSCAPE_CERT_HDR,(char *)ah->header->data, | |
811 » » » ah->header->length) != 0)) | |
812 » » » { | |
813 BIO_printf(err,"Error reading header on certificate\n"); | 831 BIO_printf(err,"Error reading header on certificate\n"); |
814 goto end; | 832 goto end; |
815 } | 833 } |
816 » » /* header is ok, so now read the object */ | 834 » » x=nx->cert; |
817 » » p=op; | 835 » » nx->cert = NULL; |
818 » » ah->meth=X509_asn1_meth(); | 836 » » NETSCAPE_X509_free(nx); |
819 » » if ((ah=d2i_ASN1_HEADER(&ah,&p,(long)size)) == NULL) | |
820 » » » goto end; | |
821 » » x=(X509 *)ah->data; | |
822 » » ah->data=NULL; | |
823 } | 837 } |
824 else if (format == FORMAT_PEM) | 838 else if (format == FORMAT_PEM) |
825 x=PEM_read_bio_X509_AUX(cert,NULL, | 839 x=PEM_read_bio_X509_AUX(cert,NULL, |
826 (pem_password_cb *)password_callback, NULL); | 840 (pem_password_cb *)password_callback, NULL); |
827 else if (format == FORMAT_PKCS12) | 841 else if (format == FORMAT_PKCS12) |
828 { | 842 { |
829 if (!load_pkcs12(err, cert,cert_descrip, NULL, NULL, | 843 if (!load_pkcs12(err, cert,cert_descrip, NULL, NULL, |
830 NULL, &x, NULL)) | 844 NULL, &x, NULL)) |
831 goto end; | 845 goto end; |
832 } | 846 } |
833 else { | 847 else { |
834 BIO_printf(err,"bad input format specified for %s\n", | 848 BIO_printf(err,"bad input format specified for %s\n", |
835 cert_descrip); | 849 cert_descrip); |
836 goto end; | 850 goto end; |
837 } | 851 } |
838 end: | 852 end: |
839 if (x == NULL) | 853 if (x == NULL) |
840 { | 854 { |
841 BIO_printf(err,"unable to load certificate\n"); | 855 BIO_printf(err,"unable to load certificate\n"); |
842 ERR_print_errors(err); | 856 ERR_print_errors(err); |
843 } | 857 } |
844 if (ah != NULL) ASN1_HEADER_free(ah); | |
845 if (cert != NULL) BIO_free(cert); | 858 if (cert != NULL) BIO_free(cert); |
846 if (buf != NULL) BUF_MEM_free(buf); | |
847 return(x); | 859 return(x); |
848 } | 860 } |
849 | 861 |
850 EVP_PKEY *load_key(BIO *err, const char *file, int format, int maybe_stdin, | 862 EVP_PKEY *load_key(BIO *err, const char *file, int format, int maybe_stdin, |
851 const char *pass, ENGINE *e, const char *key_descrip) | 863 const char *pass, ENGINE *e, const char *key_descrip) |
852 { | 864 { |
853 BIO *key=NULL; | 865 BIO *key=NULL; |
854 EVP_PKEY *pkey=NULL; | 866 EVP_PKEY *pkey=NULL; |
855 PW_CB_DATA cb_data; | 867 PW_CB_DATA cb_data; |
856 | 868 |
(...skipping 24 matching lines...) Expand all Loading... |
881 } | 893 } |
882 #endif | 894 #endif |
883 key=BIO_new(BIO_s_file()); | 895 key=BIO_new(BIO_s_file()); |
884 if (key == NULL) | 896 if (key == NULL) |
885 { | 897 { |
886 ERR_print_errors(err); | 898 ERR_print_errors(err); |
887 goto end; | 899 goto end; |
888 } | 900 } |
889 if (file == NULL && maybe_stdin) | 901 if (file == NULL && maybe_stdin) |
890 { | 902 { |
| 903 #ifdef _IONBF |
| 904 # ifndef OPENSSL_NO_SETVBUF_IONBF |
891 setvbuf(stdin, NULL, _IONBF, 0); | 905 setvbuf(stdin, NULL, _IONBF, 0); |
| 906 # endif /* ndef OPENSSL_NO_SETVBUF_IONBF */ |
| 907 #endif |
892 BIO_set_fp(key,stdin,BIO_NOCLOSE); | 908 BIO_set_fp(key,stdin,BIO_NOCLOSE); |
893 } | 909 } |
894 else | 910 else |
895 if (BIO_read_filename(key,file) <= 0) | 911 if (BIO_read_filename(key,file) <= 0) |
896 { | 912 { |
897 BIO_printf(err, "Error opening %s %s\n", | 913 BIO_printf(err, "Error opening %s %s\n", |
898 key_descrip, file); | 914 key_descrip, file); |
899 ERR_print_errors(err); | 915 ERR_print_errors(err); |
900 goto end; | 916 goto end; |
901 } | 917 } |
(...skipping 10 matching lines...) Expand all Loading... |
912 else if (format == FORMAT_NETSCAPE || format == FORMAT_IISSGC) | 928 else if (format == FORMAT_NETSCAPE || format == FORMAT_IISSGC) |
913 pkey = load_netscape_key(err, key, file, key_descrip, format); | 929 pkey = load_netscape_key(err, key, file, key_descrip, format); |
914 #endif | 930 #endif |
915 else if (format == FORMAT_PKCS12) | 931 else if (format == FORMAT_PKCS12) |
916 { | 932 { |
917 if (!load_pkcs12(err, key, key_descrip, | 933 if (!load_pkcs12(err, key, key_descrip, |
918 (pem_password_cb *)password_callback, &cb_data, | 934 (pem_password_cb *)password_callback, &cb_data, |
919 &pkey, NULL, NULL)) | 935 &pkey, NULL, NULL)) |
920 goto end; | 936 goto end; |
921 } | 937 } |
| 938 #if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DSA) && !defined (OPENSSL_NO
_RC4) |
| 939 else if (format == FORMAT_MSBLOB) |
| 940 pkey = b2i_PrivateKey_bio(key); |
| 941 else if (format == FORMAT_PVK) |
| 942 pkey = b2i_PVK_bio(key, (pem_password_cb *)password_callback, |
| 943 &cb_data); |
| 944 #endif |
922 else | 945 else |
923 { | 946 { |
924 BIO_printf(err,"bad input format specified for key file\n"); | 947 BIO_printf(err,"bad input format specified for key file\n"); |
925 goto end; | 948 goto end; |
926 } | 949 } |
927 end: | 950 end: |
928 if (key != NULL) BIO_free(key); | 951 if (key != NULL) BIO_free(key); |
929 if (pkey == NULL) | 952 if (pkey == NULL) |
930 { | 953 { |
931 BIO_printf(err,"unable to load %s\n", key_descrip); | 954 BIO_printf(err,"unable to load %s\n", key_descrip); |
(...skipping 29 matching lines...) Expand all Loading... |
961 } | 984 } |
962 #endif | 985 #endif |
963 key=BIO_new(BIO_s_file()); | 986 key=BIO_new(BIO_s_file()); |
964 if (key == NULL) | 987 if (key == NULL) |
965 { | 988 { |
966 ERR_print_errors(err); | 989 ERR_print_errors(err); |
967 goto end; | 990 goto end; |
968 } | 991 } |
969 if (file == NULL && maybe_stdin) | 992 if (file == NULL && maybe_stdin) |
970 { | 993 { |
| 994 #ifdef _IONBF |
| 995 # ifndef OPENSSL_NO_SETVBUF_IONBF |
971 setvbuf(stdin, NULL, _IONBF, 0); | 996 setvbuf(stdin, NULL, _IONBF, 0); |
| 997 # endif /* ndef OPENSSL_NO_SETVBUF_IONBF */ |
| 998 #endif |
972 BIO_set_fp(key,stdin,BIO_NOCLOSE); | 999 BIO_set_fp(key,stdin,BIO_NOCLOSE); |
973 } | 1000 } |
974 else | 1001 else |
975 if (BIO_read_filename(key,file) <= 0) | 1002 if (BIO_read_filename(key,file) <= 0) |
976 { | 1003 { |
977 BIO_printf(err, "Error opening %s %s\n", | 1004 BIO_printf(err, "Error opening %s %s\n", |
978 key_descrip, file); | 1005 key_descrip, file); |
979 ERR_print_errors(err); | 1006 ERR_print_errors(err); |
980 goto end; | 1007 goto end; |
981 } | 1008 } |
982 if (format == FORMAT_ASN1) | 1009 if (format == FORMAT_ASN1) |
983 { | 1010 { |
984 pkey=d2i_PUBKEY_bio(key, NULL); | 1011 pkey=d2i_PUBKEY_bio(key, NULL); |
985 } | 1012 } |
| 1013 #ifndef OPENSSL_NO_RSA |
| 1014 else if (format == FORMAT_ASN1RSA) |
| 1015 { |
| 1016 RSA *rsa; |
| 1017 rsa = d2i_RSAPublicKey_bio(key, NULL); |
| 1018 if (rsa) |
| 1019 { |
| 1020 pkey = EVP_PKEY_new(); |
| 1021 if (pkey) |
| 1022 EVP_PKEY_set1_RSA(pkey, rsa); |
| 1023 RSA_free(rsa); |
| 1024 } |
| 1025 else |
| 1026 pkey = NULL; |
| 1027 } |
| 1028 else if (format == FORMAT_PEMRSA) |
| 1029 { |
| 1030 RSA *rsa; |
| 1031 rsa = PEM_read_bio_RSAPublicKey(key, NULL, |
| 1032 (pem_password_cb *)password_callback, &cb_data); |
| 1033 if (rsa) |
| 1034 { |
| 1035 pkey = EVP_PKEY_new(); |
| 1036 if (pkey) |
| 1037 EVP_PKEY_set1_RSA(pkey, rsa); |
| 1038 RSA_free(rsa); |
| 1039 } |
| 1040 else |
| 1041 pkey = NULL; |
| 1042 } |
| 1043 #endif |
986 else if (format == FORMAT_PEM) | 1044 else if (format == FORMAT_PEM) |
987 { | 1045 { |
988 pkey=PEM_read_bio_PUBKEY(key,NULL, | 1046 pkey=PEM_read_bio_PUBKEY(key,NULL, |
989 (pem_password_cb *)password_callback, &cb_data); | 1047 (pem_password_cb *)password_callback, &cb_data); |
990 } | 1048 } |
991 #if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_RSA) | 1049 #if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_RSA) |
992 else if (format == FORMAT_NETSCAPE || format == FORMAT_IISSGC) | 1050 else if (format == FORMAT_NETSCAPE || format == FORMAT_IISSGC) |
993 pkey = load_netscape_key(err, key, file, key_descrip, format); | 1051 pkey = load_netscape_key(err, key, file, key_descrip, format); |
994 #endif | 1052 #endif |
| 1053 #if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DSA) |
| 1054 else if (format == FORMAT_MSBLOB) |
| 1055 pkey = b2i_PublicKey_bio(key); |
| 1056 #endif |
995 else | 1057 else |
996 { | 1058 { |
997 BIO_printf(err,"bad input format specified for key file\n"); | 1059 BIO_printf(err,"bad input format specified for key file\n"); |
998 goto end; | 1060 goto end; |
999 } | 1061 } |
1000 end: | 1062 end: |
1001 if (key != NULL) BIO_free(key); | 1063 if (key != NULL) BIO_free(key); |
1002 if (pkey == NULL) | 1064 if (pkey == NULL) |
1003 BIO_printf(err,"unable to load %s\n", key_descrip); | 1065 BIO_printf(err,"unable to load %s\n", key_descrip); |
1004 return(pkey); | 1066 return(pkey); |
(...skipping 38 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1043 BUF_MEM_free(buf); | 1105 BUF_MEM_free(buf); |
1044 EVP_PKEY_set1_RSA(pkey, rsa); | 1106 EVP_PKEY_set1_RSA(pkey, rsa); |
1045 return pkey; | 1107 return pkey; |
1046 error: | 1108 error: |
1047 BUF_MEM_free(buf); | 1109 BUF_MEM_free(buf); |
1048 EVP_PKEY_free(pkey); | 1110 EVP_PKEY_free(pkey); |
1049 return NULL; | 1111 return NULL; |
1050 } | 1112 } |
1051 #endif /* ndef OPENSSL_NO_RC4 */ | 1113 #endif /* ndef OPENSSL_NO_RC4 */ |
1052 | 1114 |
1053 STACK_OF(X509) *load_certs(BIO *err, const char *file, int format, | 1115 static int load_certs_crls(BIO *err, const char *file, int format, |
1054 » const char *pass, ENGINE *e, const char *cert_descrip) | 1116 » const char *pass, ENGINE *e, const char *desc, |
| 1117 » STACK_OF(X509) **pcerts, STACK_OF(X509_CRL) **pcrls) |
1055 { | 1118 { |
1056 BIO *certs; | |
1057 int i; | 1119 int i; |
1058 » STACK_OF(X509) *othercerts = NULL; | 1120 » BIO *bio; |
1059 » STACK_OF(X509_INFO) *allcerts = NULL; | 1121 » STACK_OF(X509_INFO) *xis = NULL; |
1060 X509_INFO *xi; | 1122 X509_INFO *xi; |
1061 PW_CB_DATA cb_data; | 1123 PW_CB_DATA cb_data; |
| 1124 int rv = 0; |
1062 | 1125 |
1063 cb_data.password = pass; | 1126 cb_data.password = pass; |
1064 cb_data.prompt_info = file; | 1127 cb_data.prompt_info = file; |
1065 | 1128 |
1066 » if((certs = BIO_new(BIO_s_file())) == NULL) | 1129 » if (format != FORMAT_PEM) |
1067 { | 1130 { |
1068 » » ERR_print_errors(err); | 1131 » » BIO_printf(err,"bad input format specified for %s\n", desc); |
1069 » » goto end; | 1132 » » return 0; |
1070 } | 1133 } |
1071 | 1134 |
1072 if (file == NULL) | 1135 if (file == NULL) |
1073 » » BIO_set_fp(certs,stdin,BIO_NOCLOSE); | 1136 » » bio = BIO_new_fp(stdin,BIO_NOCLOSE); |
1074 else | 1137 else |
| 1138 bio = BIO_new_file(file, "r"); |
| 1139 |
| 1140 if (bio == NULL) |
1075 { | 1141 { |
1076 » » if (BIO_read_filename(certs,file) <= 0) | 1142 » » BIO_printf(err, "Error opening %s %s\n", |
| 1143 » » » » desc, file ? file : "stdin"); |
| 1144 » » ERR_print_errors(err); |
| 1145 » » return 0; |
| 1146 » » } |
| 1147 |
| 1148 » xis = PEM_X509_INFO_read_bio(bio, NULL, |
| 1149 » » » » (pem_password_cb *)password_callback, &cb_data); |
| 1150 |
| 1151 » BIO_free(bio); |
| 1152 |
| 1153 » if (pcerts) |
| 1154 » » { |
| 1155 » » *pcerts = sk_X509_new_null(); |
| 1156 » » if (!*pcerts) |
| 1157 » » » goto end; |
| 1158 » » } |
| 1159 |
| 1160 » if (pcrls) |
| 1161 » » { |
| 1162 » » *pcrls = sk_X509_CRL_new_null(); |
| 1163 » » if (!*pcrls) |
| 1164 » » » goto end; |
| 1165 » » } |
| 1166 |
| 1167 » for(i = 0; i < sk_X509_INFO_num(xis); i++) |
| 1168 » » { |
| 1169 » » xi = sk_X509_INFO_value (xis, i); |
| 1170 » » if (xi->x509 && pcerts) |
1077 { | 1171 { |
1078 » » » BIO_printf(err, "Error opening %s %s\n", | 1172 » » » if (!sk_X509_push(*pcerts, xi->x509)) |
1079 » » » » cert_descrip, file); | 1173 » » » » goto end; |
1080 » » » ERR_print_errors(err); | 1174 » » » xi->x509 = NULL; |
1081 » » » goto end; | 1175 » » » } |
| 1176 » » if (xi->crl && pcrls) |
| 1177 » » » { |
| 1178 » » » if (!sk_X509_CRL_push(*pcrls, xi->crl)) |
| 1179 » » » » goto end; |
| 1180 » » » xi->crl = NULL; |
1082 } | 1181 } |
1083 } | 1182 } |
1084 | 1183 |
1085 » if (format == FORMAT_PEM) | 1184 » if (pcerts && sk_X509_num(*pcerts) > 0) |
| 1185 » » rv = 1; |
| 1186 |
| 1187 » if (pcrls && sk_X509_CRL_num(*pcrls) > 0) |
| 1188 » » rv = 1; |
| 1189 |
| 1190 » end: |
| 1191 |
| 1192 » if (xis) |
| 1193 » » sk_X509_INFO_pop_free(xis, X509_INFO_free); |
| 1194 |
| 1195 » if (rv == 0) |
1086 { | 1196 { |
1087 » » othercerts = sk_X509_new_null(); | 1197 » » if (pcerts) |
1088 » » if(!othercerts) | |
1089 { | 1198 { |
1090 » » » sk_X509_free(othercerts); | 1199 » » » sk_X509_pop_free(*pcerts, X509_free); |
1091 » » » othercerts = NULL; | 1200 » » » *pcerts = NULL; |
1092 » » » goto end; | |
1093 } | 1201 } |
1094 » » allcerts = PEM_X509_INFO_read_bio(certs, NULL, | 1202 » » if (pcrls) |
1095 » » » » (pem_password_cb *)password_callback, &cb_data); | |
1096 » » for(i = 0; i < sk_X509_INFO_num(allcerts); i++) | |
1097 { | 1203 { |
1098 » » » xi = sk_X509_INFO_value (allcerts, i); | 1204 » » » sk_X509_CRL_pop_free(*pcrls, X509_CRL_free); |
1099 » » » if (xi->x509) | 1205 » » » *pcrls = NULL; |
1100 » » » » { | |
1101 » » » » sk_X509_push(othercerts, xi->x509); | |
1102 » » » » xi->x509 = NULL; | |
1103 » » » » } | |
1104 } | 1206 } |
1105 » » goto end; | 1207 » » BIO_printf(err,"unable to load %s\n", |
1106 » » } | 1208 » » » » pcerts ? "certificates" : "CRLs"); |
1107 » else» { | |
1108 » » BIO_printf(err,"bad input format specified for %s\n", | |
1109 » » » cert_descrip); | |
1110 » » goto end; | |
1111 » » } | |
1112 end: | |
1113 » if (othercerts == NULL) | |
1114 » » { | |
1115 » » BIO_printf(err,"unable to load certificates\n"); | |
1116 ERR_print_errors(err); | 1209 ERR_print_errors(err); |
1117 } | 1210 } |
1118 » if (allcerts) sk_X509_INFO_pop_free(allcerts, X509_INFO_free); | 1211 » return rv; |
1119 » if (certs != NULL) BIO_free(certs); | |
1120 » return(othercerts); | |
1121 } | 1212 } |
1122 | 1213 |
| 1214 STACK_OF(X509) *load_certs(BIO *err, const char *file, int format, |
| 1215 const char *pass, ENGINE *e, const char *desc) |
| 1216 { |
| 1217 STACK_OF(X509) *certs; |
| 1218 load_certs_crls(err, file, format, pass, e, desc, &certs, NULL); |
| 1219 return certs; |
| 1220 } |
| 1221 |
| 1222 STACK_OF(X509_CRL) *load_crls(BIO *err, const char *file, int format, |
| 1223 const char *pass, ENGINE *e, const char *desc) |
| 1224 { |
| 1225 STACK_OF(X509_CRL) *crls; |
| 1226 load_certs_crls(err, file, format, pass, e, desc, NULL, &crls); |
| 1227 return crls; |
| 1228 } |
1123 | 1229 |
1124 #define X509V3_EXT_UNKNOWN_MASK (0xfL << 16) | 1230 #define X509V3_EXT_UNKNOWN_MASK (0xfL << 16) |
1125 /* Return error for unknown extensions */ | 1231 /* Return error for unknown extensions */ |
1126 #define X509V3_EXT_DEFAULT 0 | 1232 #define X509V3_EXT_DEFAULT 0 |
1127 /* Print error for unknown extensions */ | 1233 /* Print error for unknown extensions */ |
1128 #define X509V3_EXT_ERROR_UNKNOWN (1L << 16) | 1234 #define X509V3_EXT_ERROR_UNKNOWN (1L << 16) |
1129 /* ASN1 parse unknown extensions */ | 1235 /* ASN1 parse unknown extensions */ |
1130 #define X509V3_EXT_PARSE_UNKNOWN (2L << 16) | 1236 #define X509V3_EXT_PARSE_UNKNOWN (2L << 16) |
1131 /* BIO_dump unknown extensions */ | 1237 /* BIO_dump unknown extensions */ |
1132 #define X509V3_EXT_DUMP_UNKNOWN (3L << 16) | 1238 #define X509V3_EXT_DUMP_UNKNOWN (3L << 16) |
(...skipping 266 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1399 | 1505 |
1400 /* Free our "structural" reference. */ | 1506 /* Free our "structural" reference. */ |
1401 ENGINE_free(e); | 1507 ENGINE_free(e); |
1402 } | 1508 } |
1403 return e; | 1509 return e; |
1404 } | 1510 } |
1405 #endif | 1511 #endif |
1406 | 1512 |
1407 int load_config(BIO *err, CONF *cnf) | 1513 int load_config(BIO *err, CONF *cnf) |
1408 { | 1514 { |
| 1515 static int load_config_called = 0; |
| 1516 if (load_config_called) |
| 1517 return 1; |
| 1518 load_config_called = 1; |
1409 if (!cnf) | 1519 if (!cnf) |
1410 cnf = config; | 1520 cnf = config; |
1411 if (!cnf) | 1521 if (!cnf) |
1412 return 1; | 1522 return 1; |
1413 | 1523 |
1414 OPENSSL_load_builtin_modules(); | 1524 OPENSSL_load_builtin_modules(); |
1415 | 1525 |
1416 if (CONF_modules_load(cnf, NULL, 0) <= 0) | 1526 if (CONF_modules_load(cnf, NULL, 0) <= 0) |
1417 { | 1527 { |
1418 BIO_printf(err, "Error configuring OpenSSL\n"); | 1528 BIO_printf(err, "Error configuring OpenSSL\n"); |
(...skipping 13 matching lines...) Expand all Loading... |
1432 p=OPENSSL_malloc(len); | 1542 p=OPENSSL_malloc(len); |
1433 BUF_strlcpy(p,t,len); | 1543 BUF_strlcpy(p,t,len); |
1434 #ifndef OPENSSL_SYS_VMS | 1544 #ifndef OPENSSL_SYS_VMS |
1435 BUF_strlcat(p,"/",len); | 1545 BUF_strlcat(p,"/",len); |
1436 #endif | 1546 #endif |
1437 BUF_strlcat(p,OPENSSL_CONF,len); | 1547 BUF_strlcat(p,OPENSSL_CONF,len); |
1438 | 1548 |
1439 return p; | 1549 return p; |
1440 } | 1550 } |
1441 | 1551 |
1442 static unsigned long index_serial_hash(const char **a) | 1552 static unsigned long index_serial_hash(const OPENSSL_CSTRING *a) |
1443 { | 1553 { |
1444 const char *n; | 1554 const char *n; |
1445 | 1555 |
1446 n=a[DB_serial]; | 1556 n=a[DB_serial]; |
1447 while (*n == '0') n++; | 1557 while (*n == '0') n++; |
1448 return(lh_strhash(n)); | 1558 return(lh_strhash(n)); |
1449 } | 1559 } |
1450 | 1560 |
1451 static int index_serial_cmp(const char **a, const char **b) | 1561 static int index_serial_cmp(const OPENSSL_CSTRING *a, const OPENSSL_CSTRING *b) |
1452 { | 1562 { |
1453 const char *aa,*bb; | 1563 const char *aa,*bb; |
1454 | 1564 |
1455 for (aa=a[DB_serial]; *aa == '0'; aa++); | 1565 for (aa=a[DB_serial]; *aa == '0'; aa++); |
1456 for (bb=b[DB_serial]; *bb == '0'; bb++); | 1566 for (bb=b[DB_serial]; *bb == '0'; bb++); |
1457 return(strcmp(aa,bb)); | 1567 return(strcmp(aa,bb)); |
1458 } | 1568 } |
1459 | 1569 |
1460 static int index_name_qual(char **a) | 1570 static int index_name_qual(char **a) |
1461 { return(a[0][0] == 'V'); } | 1571 { return(a[0][0] == 'V'); } |
1462 | 1572 |
1463 static unsigned long index_name_hash(const char **a) | 1573 static unsigned long index_name_hash(const OPENSSL_CSTRING *a) |
1464 { return(lh_strhash(a[DB_name])); } | 1574 { return(lh_strhash(a[DB_name])); } |
1465 | 1575 |
1466 int index_name_cmp(const char **a, const char **b) | 1576 int index_name_cmp(const OPENSSL_CSTRING *a, const OPENSSL_CSTRING *b) |
1467 » { return(strcmp(a[DB_name], | 1577 » { return(strcmp(a[DB_name], b[DB_name])); } |
1468 » b[DB_name])); } | |
1469 | 1578 |
1470 static IMPLEMENT_LHASH_HASH_FN(index_serial_hash,const char **) | 1579 static IMPLEMENT_LHASH_HASH_FN(index_serial, OPENSSL_CSTRING) |
1471 static IMPLEMENT_LHASH_COMP_FN(index_serial_cmp,const char **) | 1580 static IMPLEMENT_LHASH_COMP_FN(index_serial, OPENSSL_CSTRING) |
1472 static IMPLEMENT_LHASH_HASH_FN(index_name_hash,const char **) | 1581 static IMPLEMENT_LHASH_HASH_FN(index_name, OPENSSL_CSTRING) |
1473 static IMPLEMENT_LHASH_COMP_FN(index_name_cmp,const char **) | 1582 static IMPLEMENT_LHASH_COMP_FN(index_name, OPENSSL_CSTRING) |
1474 | 1583 |
1475 #undef BSIZE | 1584 #undef BSIZE |
1476 #define BSIZE 256 | 1585 #define BSIZE 256 |
1477 | 1586 |
1478 BIGNUM *load_serial(char *serialfile, int create, ASN1_INTEGER **retai) | 1587 BIGNUM *load_serial(char *serialfile, int create, ASN1_INTEGER **retai) |
1479 { | 1588 { |
1480 BIO *in=NULL; | 1589 BIO *in=NULL; |
1481 BIGNUM *ret=NULL; | 1590 BIGNUM *ret=NULL; |
1482 MS_STATIC char buf[1024]; | 1591 MS_STATIC char buf[1024]; |
1483 ASN1_INTEGER *ai=NULL; | 1592 ASN1_INTEGER *ai=NULL; |
(...skipping 107 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1591 err: | 1700 err: |
1592 if (out != NULL) BIO_free_all(out); | 1701 if (out != NULL) BIO_free_all(out); |
1593 if (ai != NULL) ASN1_INTEGER_free(ai); | 1702 if (ai != NULL) ASN1_INTEGER_free(ai); |
1594 return(ret); | 1703 return(ret); |
1595 } | 1704 } |
1596 | 1705 |
1597 int rotate_serial(char *serialfile, char *new_suffix, char *old_suffix) | 1706 int rotate_serial(char *serialfile, char *new_suffix, char *old_suffix) |
1598 { | 1707 { |
1599 char buf[5][BSIZE]; | 1708 char buf[5][BSIZE]; |
1600 int i,j; | 1709 int i,j; |
1601 struct stat sb; | |
1602 | 1710 |
1603 i = strlen(serialfile) + strlen(old_suffix); | 1711 i = strlen(serialfile) + strlen(old_suffix); |
1604 j = strlen(serialfile) + strlen(new_suffix); | 1712 j = strlen(serialfile) + strlen(new_suffix); |
1605 if (i > j) j = i; | 1713 if (i > j) j = i; |
1606 if (j + 1 >= BSIZE) | 1714 if (j + 1 >= BSIZE) |
1607 { | 1715 { |
1608 BIO_printf(bio_err,"file name too long\n"); | 1716 BIO_printf(bio_err,"file name too long\n"); |
1609 goto err; | 1717 goto err; |
1610 } | 1718 } |
1611 | 1719 |
1612 #ifndef OPENSSL_SYS_VMS | 1720 #ifndef OPENSSL_SYS_VMS |
1613 j = BIO_snprintf(buf[0], sizeof buf[0], "%s.%s", | 1721 j = BIO_snprintf(buf[0], sizeof buf[0], "%s.%s", |
1614 serialfile, new_suffix); | 1722 serialfile, new_suffix); |
1615 #else | 1723 #else |
1616 j = BIO_snprintf(buf[0], sizeof buf[0], "%s-%s", | 1724 j = BIO_snprintf(buf[0], sizeof buf[0], "%s-%s", |
1617 serialfile, new_suffix); | 1725 serialfile, new_suffix); |
1618 #endif | 1726 #endif |
1619 #ifndef OPENSSL_SYS_VMS | 1727 #ifndef OPENSSL_SYS_VMS |
1620 j = BIO_snprintf(buf[1], sizeof buf[1], "%s.%s", | 1728 j = BIO_snprintf(buf[1], sizeof buf[1], "%s.%s", |
1621 serialfile, old_suffix); | 1729 serialfile, old_suffix); |
1622 #else | 1730 #else |
1623 j = BIO_snprintf(buf[1], sizeof buf[1], "%s-%s", | 1731 j = BIO_snprintf(buf[1], sizeof buf[1], "%s-%s", |
1624 serialfile, old_suffix); | 1732 serialfile, old_suffix); |
1625 #endif | 1733 #endif |
1626 » if (stat(serialfile,&sb) < 0) | 1734 #ifdef RL_DEBUG |
1627 » » { | 1735 » BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n", |
1628 » » if (errno != ENOENT | 1736 » » serialfile, buf[1]); |
| 1737 #endif |
| 1738 » if (rename(serialfile,buf[1]) < 0 && errno != ENOENT |
1629 #ifdef ENOTDIR | 1739 #ifdef ENOTDIR |
1630 && errno != ENOTDIR | 1740 && errno != ENOTDIR |
1631 #endif | 1741 #endif |
1632 » » ) | 1742 » )» » { |
1633 » » » goto err; | |
1634 » » } | |
1635 » else | |
1636 » » { | |
1637 #ifdef RL_DEBUG | |
1638 » » BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n", | |
1639 » » » serialfile, buf[1]); | |
1640 #endif | |
1641 » » if (rename(serialfile,buf[1]) < 0) | |
1642 » » » { | |
1643 BIO_printf(bio_err, | 1743 BIO_printf(bio_err, |
1644 "unable to rename %s to %s\n", | 1744 "unable to rename %s to %s\n", |
1645 serialfile, buf[1]); | 1745 serialfile, buf[1]); |
1646 perror("reason"); | 1746 perror("reason"); |
1647 goto err; | 1747 goto err; |
1648 } | 1748 } |
1649 } | |
1650 #ifdef RL_DEBUG | 1749 #ifdef RL_DEBUG |
1651 BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n", | 1750 BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n", |
1652 buf[0],serialfile); | 1751 buf[0],serialfile); |
1653 #endif | 1752 #endif |
1654 if (rename(buf[0],serialfile) < 0) | 1753 if (rename(buf[0],serialfile) < 0) |
1655 { | 1754 { |
1656 BIO_printf(bio_err, | 1755 BIO_printf(bio_err, |
1657 "unable to rename %s to %s\n", | 1756 "unable to rename %s to %s\n", |
1658 buf[0],serialfile); | 1757 buf[0],serialfile); |
1659 perror("reason"); | 1758 perror("reason"); |
(...skipping 46 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1706 ERR_print_errors(bio_err); | 1805 ERR_print_errors(bio_err); |
1707 goto err; | 1806 goto err; |
1708 } | 1807 } |
1709 if (BIO_read_filename(in,dbfile) <= 0) | 1808 if (BIO_read_filename(in,dbfile) <= 0) |
1710 { | 1809 { |
1711 perror(dbfile); | 1810 perror(dbfile); |
1712 BIO_printf(bio_err,"unable to open '%s'\n",dbfile); | 1811 BIO_printf(bio_err,"unable to open '%s'\n",dbfile); |
1713 goto err; | 1812 goto err; |
1714 } | 1813 } |
1715 if ((tmpdb = TXT_DB_read(in,DB_NUMBER)) == NULL) | 1814 if ((tmpdb = TXT_DB_read(in,DB_NUMBER)) == NULL) |
1716 { | |
1717 if (tmpdb != NULL) TXT_DB_free(tmpdb); | |
1718 goto err; | 1815 goto err; |
1719 } | |
1720 | 1816 |
1721 #ifndef OPENSSL_SYS_VMS | 1817 #ifndef OPENSSL_SYS_VMS |
1722 BIO_snprintf(buf[0], sizeof buf[0], "%s.attr", dbfile); | 1818 BIO_snprintf(buf[0], sizeof buf[0], "%s.attr", dbfile); |
1723 #else | 1819 #else |
1724 BIO_snprintf(buf[0], sizeof buf[0], "%s-attr", dbfile); | 1820 BIO_snprintf(buf[0], sizeof buf[0], "%s-attr", dbfile); |
1725 #endif | 1821 #endif |
1726 dbattr_conf = NCONF_new(NULL); | 1822 dbattr_conf = NCONF_new(NULL); |
1727 if (NCONF_load(dbattr_conf,buf[0],&errorline) <= 0) | 1823 if (NCONF_load(dbattr_conf,buf[0],&errorline) <= 0) |
1728 { | 1824 { |
1729 if (errorline > 0) | 1825 if (errorline > 0) |
(...skipping 40 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1770 err: | 1866 err: |
1771 if (dbattr_conf) NCONF_free(dbattr_conf); | 1867 if (dbattr_conf) NCONF_free(dbattr_conf); |
1772 if (tmpdb) TXT_DB_free(tmpdb); | 1868 if (tmpdb) TXT_DB_free(tmpdb); |
1773 if (in) BIO_free_all(in); | 1869 if (in) BIO_free_all(in); |
1774 return retdb; | 1870 return retdb; |
1775 } | 1871 } |
1776 | 1872 |
1777 int index_index(CA_DB *db) | 1873 int index_index(CA_DB *db) |
1778 { | 1874 { |
1779 if (!TXT_DB_create_index(db->db, DB_serial, NULL, | 1875 if (!TXT_DB_create_index(db->db, DB_serial, NULL, |
1780 » » » » LHASH_HASH_FN(index_serial_hash), | 1876 » » » » LHASH_HASH_FN(index_serial), |
1781 » » » » LHASH_COMP_FN(index_serial_cmp))) | 1877 » » » » LHASH_COMP_FN(index_serial))) |
1782 { | 1878 { |
1783 BIO_printf(bio_err, | 1879 BIO_printf(bio_err, |
1784 "error creating serial number index:(%ld,%ld,%ld)\n", | 1880 "error creating serial number index:(%ld,%ld,%ld)\n", |
1785 db->db->error,db->db->arg1,db->db->arg2)
; | 1881 db->db->error,db->db->arg1,db->db->arg2)
; |
1786 return 0; | 1882 return 0; |
1787 } | 1883 } |
1788 | 1884 |
1789 if (db->attributes.unique_subject | 1885 if (db->attributes.unique_subject |
1790 && !TXT_DB_create_index(db->db, DB_name, index_name_qual, | 1886 && !TXT_DB_create_index(db->db, DB_name, index_name_qual, |
1791 » » » LHASH_HASH_FN(index_name_hash), | 1887 » » » LHASH_HASH_FN(index_name), |
1792 » » » LHASH_COMP_FN(index_name_cmp))) | 1888 » » » LHASH_COMP_FN(index_name))) |
1793 { | 1889 { |
1794 BIO_printf(bio_err,"error creating name index:(%ld,%ld,%ld)\n", | 1890 BIO_printf(bio_err,"error creating name index:(%ld,%ld,%ld)\n", |
1795 db->db->error,db->db->arg1,db->db->arg2); | 1891 db->db->error,db->db->arg1,db->db->arg2); |
1796 return 0; | 1892 return 0; |
1797 } | 1893 } |
1798 return 1; | 1894 return 1; |
1799 } | 1895 } |
1800 | 1896 |
1801 int save_index(const char *dbfile, const char *suffix, CA_DB *db) | 1897 int save_index(const char *dbfile, const char *suffix, CA_DB *db) |
1802 { | 1898 { |
(...skipping 59 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1862 | 1958 |
1863 return 1; | 1959 return 1; |
1864 err: | 1960 err: |
1865 return 0; | 1961 return 0; |
1866 } | 1962 } |
1867 | 1963 |
1868 int rotate_index(const char *dbfile, const char *new_suffix, const char *old_suf
fix) | 1964 int rotate_index(const char *dbfile, const char *new_suffix, const char *old_suf
fix) |
1869 { | 1965 { |
1870 char buf[5][BSIZE]; | 1966 char buf[5][BSIZE]; |
1871 int i,j; | 1967 int i,j; |
1872 struct stat sb; | |
1873 | 1968 |
1874 i = strlen(dbfile) + strlen(old_suffix); | 1969 i = strlen(dbfile) + strlen(old_suffix); |
1875 j = strlen(dbfile) + strlen(new_suffix); | 1970 j = strlen(dbfile) + strlen(new_suffix); |
1876 if (i > j) j = i; | 1971 if (i > j) j = i; |
1877 if (j + 6 >= BSIZE) | 1972 if (j + 6 >= BSIZE) |
1878 { | 1973 { |
1879 BIO_printf(bio_err,"file name too long\n"); | 1974 BIO_printf(bio_err,"file name too long\n"); |
1880 goto err; | 1975 goto err; |
1881 } | 1976 } |
1882 | 1977 |
(...skipping 23 matching lines...) Expand all Loading... |
1906 j = BIO_snprintf(buf[1], sizeof buf[1], "%s-%s", | 2001 j = BIO_snprintf(buf[1], sizeof buf[1], "%s-%s", |
1907 dbfile, old_suffix); | 2002 dbfile, old_suffix); |
1908 #endif | 2003 #endif |
1909 #ifndef OPENSSL_SYS_VMS | 2004 #ifndef OPENSSL_SYS_VMS |
1910 j = BIO_snprintf(buf[3], sizeof buf[3], "%s.attr.%s", | 2005 j = BIO_snprintf(buf[3], sizeof buf[3], "%s.attr.%s", |
1911 dbfile, old_suffix); | 2006 dbfile, old_suffix); |
1912 #else | 2007 #else |
1913 j = BIO_snprintf(buf[3], sizeof buf[3], "%s-attr-%s", | 2008 j = BIO_snprintf(buf[3], sizeof buf[3], "%s-attr-%s", |
1914 dbfile, old_suffix); | 2009 dbfile, old_suffix); |
1915 #endif | 2010 #endif |
1916 » if (stat(dbfile,&sb) < 0) | 2011 #ifdef RL_DEBUG |
1917 » » { | 2012 » BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n", |
1918 » » if (errno != ENOENT | 2013 » » dbfile, buf[1]); |
| 2014 #endif |
| 2015 » if (rename(dbfile,buf[1]) < 0 && errno != ENOENT |
1919 #ifdef ENOTDIR | 2016 #ifdef ENOTDIR |
1920 » » » && errno != ENOTDIR | 2017 » » && errno != ENOTDIR |
1921 #endif | 2018 #endif |
1922 » » ) | 2019 » )» » { |
1923 » » » goto err; | |
1924 » » } | |
1925 » else | |
1926 » » { | |
1927 #ifdef RL_DEBUG | |
1928 » » BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n", | |
1929 » » » dbfile, buf[1]); | |
1930 #endif | |
1931 » » if (rename(dbfile,buf[1]) < 0) | |
1932 » » » { | |
1933 BIO_printf(bio_err, | 2020 BIO_printf(bio_err, |
1934 "unable to rename %s to %s\n", | 2021 "unable to rename %s to %s\n", |
1935 dbfile, buf[1]); | 2022 dbfile, buf[1]); |
1936 perror("reason"); | 2023 perror("reason"); |
1937 goto err; | 2024 goto err; |
1938 } | 2025 } |
1939 } | |
1940 #ifdef RL_DEBUG | 2026 #ifdef RL_DEBUG |
1941 BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n", | 2027 BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n", |
1942 buf[0],dbfile); | 2028 buf[0],dbfile); |
1943 #endif | 2029 #endif |
1944 if (rename(buf[0],dbfile) < 0) | 2030 if (rename(buf[0],dbfile) < 0) |
1945 { | 2031 { |
1946 BIO_printf(bio_err, | 2032 BIO_printf(bio_err, |
1947 "unable to rename %s to %s\n", | 2033 "unable to rename %s to %s\n", |
1948 buf[0],dbfile); | 2034 buf[0],dbfile); |
1949 perror("reason"); | 2035 perror("reason"); |
1950 rename(buf[1],dbfile); | 2036 rename(buf[1],dbfile); |
1951 goto err; | 2037 goto err; |
1952 } | 2038 } |
1953 » if (stat(buf[4],&sb) < 0) | 2039 #ifdef RL_DEBUG |
1954 » » { | 2040 » BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n", |
1955 » » if (errno != ENOENT | 2041 » » buf[4],buf[3]); |
| 2042 #endif |
| 2043 » if (rename(buf[4],buf[3]) < 0 && errno != ENOENT |
1956 #ifdef ENOTDIR | 2044 #ifdef ENOTDIR |
1957 » » » && errno != ENOTDIR | 2045 » » && errno != ENOTDIR |
1958 #endif | 2046 #endif |
1959 » » ) | 2047 » )» » { |
1960 » » » goto err; | |
1961 » » } | |
1962 » else | |
1963 » » { | |
1964 #ifdef RL_DEBUG | |
1965 » » BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n", | |
1966 » » » buf[4],buf[3]); | |
1967 #endif | |
1968 » » if (rename(buf[4],buf[3]) < 0) | |
1969 » » » { | |
1970 BIO_printf(bio_err, | 2048 BIO_printf(bio_err, |
1971 "unable to rename %s to %s\n", | 2049 "unable to rename %s to %s\n", |
1972 buf[4], buf[3]); | 2050 buf[4], buf[3]); |
1973 perror("reason"); | 2051 perror("reason"); |
1974 rename(dbfile,buf[0]); | 2052 rename(dbfile,buf[0]); |
1975 rename(buf[1],dbfile); | 2053 rename(buf[1],dbfile); |
1976 goto err; | 2054 goto err; |
1977 } | 2055 } |
1978 } | |
1979 #ifdef RL_DEBUG | 2056 #ifdef RL_DEBUG |
1980 BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n", | 2057 BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n", |
1981 buf[2],buf[4]); | 2058 buf[2],buf[4]); |
1982 #endif | 2059 #endif |
1983 if (rename(buf[2],buf[4]) < 0) | 2060 if (rename(buf[2],buf[4]) < 0) |
1984 { | 2061 { |
1985 BIO_printf(bio_err, | 2062 BIO_printf(bio_err, |
1986 "unable to rename %s to %s\n", | 2063 "unable to rename %s to %s\n", |
1987 buf[2],buf[4]); | 2064 buf[2],buf[4]); |
1988 perror("reason"); | 2065 perror("reason"); |
(...skipping 174 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2163 X509_NAME_free(n); | 2240 X509_NAME_free(n); |
2164 if (ne_values) | 2241 if (ne_values) |
2165 OPENSSL_free(ne_values); | 2242 OPENSSL_free(ne_values); |
2166 if (ne_types) | 2243 if (ne_types) |
2167 OPENSSL_free(ne_types); | 2244 OPENSSL_free(ne_types); |
2168 if (buf) | 2245 if (buf) |
2169 OPENSSL_free(buf); | 2246 OPENSSL_free(buf); |
2170 return NULL; | 2247 return NULL; |
2171 } | 2248 } |
2172 | 2249 |
2173 /* This code MUST COME AFTER anything that uses rename() */ | |
2174 #ifdef OPENSSL_SYS_WIN32 | |
2175 int WIN32_rename(const char *from, const char *to) | |
2176 { | |
2177 #ifndef OPENSSL_SYS_WINCE | |
2178 /* Windows rename gives an error if 'to' exists, so delete it | |
2179 * first and ignore file not found errror | |
2180 */ | |
2181 if((remove(to) != 0) && (errno != ENOENT)) | |
2182 return -1; | |
2183 #undef rename | |
2184 return rename(from, to); | |
2185 #else | |
2186 /* convert strings to UNICODE */ | |
2187 { | |
2188 BOOL result = FALSE; | |
2189 WCHAR* wfrom; | |
2190 WCHAR* wto; | |
2191 int i; | |
2192 wfrom = malloc((strlen(from)+1)*2); | |
2193 wto = malloc((strlen(to)+1)*2); | |
2194 if (wfrom != NULL && wto != NULL) | |
2195 { | |
2196 for (i=0; i<(int)strlen(from)+1; i++) | |
2197 wfrom[i] = (short)from[i]; | |
2198 for (i=0; i<(int)strlen(to)+1; i++) | |
2199 wto[i] = (short)to[i]; | |
2200 result = MoveFile(wfrom, wto); | |
2201 } | |
2202 if (wfrom != NULL) | |
2203 free(wfrom); | |
2204 if (wto != NULL) | |
2205 free(wto); | |
2206 return result; | |
2207 } | |
2208 #endif | |
2209 } | |
2210 #endif | |
2211 | |
2212 int args_verify(char ***pargs, int *pargc, | 2250 int args_verify(char ***pargs, int *pargc, |
2213 int *badarg, BIO *err, X509_VERIFY_PARAM **pm) | 2251 int *badarg, BIO *err, X509_VERIFY_PARAM **pm) |
2214 { | 2252 { |
2215 ASN1_OBJECT *otmp = NULL; | 2253 ASN1_OBJECT *otmp = NULL; |
2216 unsigned long flags = 0; | 2254 unsigned long flags = 0; |
2217 int i; | 2255 int i; |
2218 » int purpose = 0; | 2256 » int purpose = 0, depth = -1; |
2219 char **oldargs = *pargs; | 2257 char **oldargs = *pargs; |
2220 char *arg = **pargs, *argn = (*pargs)[1]; | 2258 char *arg = **pargs, *argn = (*pargs)[1]; |
2221 if (!strcmp(arg, "-policy")) | 2259 if (!strcmp(arg, "-policy")) |
2222 { | 2260 { |
2223 if (!argn) | 2261 if (!argn) |
2224 *badarg = 1; | 2262 *badarg = 1; |
2225 else | 2263 else |
2226 { | 2264 { |
2227 otmp = OBJ_txt2obj(argn, 0); | 2265 otmp = OBJ_txt2obj(argn, 0); |
2228 if (!otmp) | 2266 if (!otmp) |
(...skipping 19 matching lines...) Expand all Loading... |
2248 *badarg = 1; | 2286 *badarg = 1; |
2249 } | 2287 } |
2250 else | 2288 else |
2251 { | 2289 { |
2252 xptmp = X509_PURPOSE_get0(i); | 2290 xptmp = X509_PURPOSE_get0(i); |
2253 purpose = X509_PURPOSE_get_id(xptmp); | 2291 purpose = X509_PURPOSE_get_id(xptmp); |
2254 } | 2292 } |
2255 } | 2293 } |
2256 (*pargs)++; | 2294 (*pargs)++; |
2257 } | 2295 } |
| 2296 else if (strcmp(arg,"-verify_depth") == 0) |
| 2297 { |
| 2298 if (!argn) |
| 2299 *badarg = 1; |
| 2300 else |
| 2301 { |
| 2302 depth = atoi(argn); |
| 2303 if(depth < 0) |
| 2304 { |
| 2305 BIO_printf(err, "invalid depth\n"); |
| 2306 *badarg = 1; |
| 2307 } |
| 2308 } |
| 2309 (*pargs)++; |
| 2310 } |
2258 else if (!strcmp(arg, "-ignore_critical")) | 2311 else if (!strcmp(arg, "-ignore_critical")) |
2259 flags |= X509_V_FLAG_IGNORE_CRITICAL; | 2312 flags |= X509_V_FLAG_IGNORE_CRITICAL; |
2260 else if (!strcmp(arg, "-issuer_checks")) | 2313 else if (!strcmp(arg, "-issuer_checks")) |
2261 flags |= X509_V_FLAG_CB_ISSUER_CHECK; | 2314 flags |= X509_V_FLAG_CB_ISSUER_CHECK; |
2262 else if (!strcmp(arg, "-crl_check")) | 2315 else if (!strcmp(arg, "-crl_check")) |
2263 flags |= X509_V_FLAG_CRL_CHECK; | 2316 flags |= X509_V_FLAG_CRL_CHECK; |
2264 else if (!strcmp(arg, "-crl_check_all")) | 2317 else if (!strcmp(arg, "-crl_check_all")) |
2265 flags |= X509_V_FLAG_CRL_CHECK|X509_V_FLAG_CRL_CHECK_ALL; | 2318 flags |= X509_V_FLAG_CRL_CHECK|X509_V_FLAG_CRL_CHECK_ALL; |
2266 else if (!strcmp(arg, "-policy_check")) | 2319 else if (!strcmp(arg, "-policy_check")) |
2267 flags |= X509_V_FLAG_POLICY_CHECK; | 2320 flags |= X509_V_FLAG_POLICY_CHECK; |
2268 else if (!strcmp(arg, "-explicit_policy")) | 2321 else if (!strcmp(arg, "-explicit_policy")) |
2269 flags |= X509_V_FLAG_EXPLICIT_POLICY; | 2322 flags |= X509_V_FLAG_EXPLICIT_POLICY; |
| 2323 else if (!strcmp(arg, "-inhibit_any")) |
| 2324 flags |= X509_V_FLAG_INHIBIT_ANY; |
| 2325 else if (!strcmp(arg, "-inhibit_map")) |
| 2326 flags |= X509_V_FLAG_INHIBIT_MAP; |
2270 else if (!strcmp(arg, "-x509_strict")) | 2327 else if (!strcmp(arg, "-x509_strict")) |
2271 flags |= X509_V_FLAG_X509_STRICT; | 2328 flags |= X509_V_FLAG_X509_STRICT; |
| 2329 else if (!strcmp(arg, "-extended_crl")) |
| 2330 flags |= X509_V_FLAG_EXTENDED_CRL_SUPPORT; |
| 2331 else if (!strcmp(arg, "-use_deltas")) |
| 2332 flags |= X509_V_FLAG_USE_DELTAS; |
2272 else if (!strcmp(arg, "-policy_print")) | 2333 else if (!strcmp(arg, "-policy_print")) |
2273 flags |= X509_V_FLAG_NOTIFY_POLICY; | 2334 flags |= X509_V_FLAG_NOTIFY_POLICY; |
2274 else if (!strcmp(arg, "-check_ss_sig")) | 2335 else if (!strcmp(arg, "-check_ss_sig")) |
2275 flags |= X509_V_FLAG_CHECK_SS_SIGNATURE; | 2336 flags |= X509_V_FLAG_CHECK_SS_SIGNATURE; |
2276 else | 2337 else |
2277 return 0; | 2338 return 0; |
2278 | 2339 |
2279 if (*badarg) | 2340 if (*badarg) |
2280 { | 2341 { |
2281 if (*pm) | 2342 if (*pm) |
2282 X509_VERIFY_PARAM_free(*pm); | 2343 X509_VERIFY_PARAM_free(*pm); |
2283 *pm = NULL; | 2344 *pm = NULL; |
2284 goto end; | 2345 goto end; |
2285 } | 2346 } |
2286 | 2347 |
2287 if (!*pm && !(*pm = X509_VERIFY_PARAM_new())) | 2348 if (!*pm && !(*pm = X509_VERIFY_PARAM_new())) |
2288 { | 2349 { |
2289 *badarg = 1; | 2350 *badarg = 1; |
2290 goto end; | 2351 goto end; |
2291 } | 2352 } |
2292 | 2353 |
2293 if (otmp) | 2354 if (otmp) |
2294 X509_VERIFY_PARAM_add0_policy(*pm, otmp); | 2355 X509_VERIFY_PARAM_add0_policy(*pm, otmp); |
2295 if (flags) | 2356 if (flags) |
2296 X509_VERIFY_PARAM_set_flags(*pm, flags); | 2357 X509_VERIFY_PARAM_set_flags(*pm, flags); |
2297 | 2358 |
2298 if (purpose) | 2359 if (purpose) |
2299 X509_VERIFY_PARAM_set_purpose(*pm, purpose); | 2360 X509_VERIFY_PARAM_set_purpose(*pm, purpose); |
2300 | 2361 |
| 2362 if (depth >= 0) |
| 2363 X509_VERIFY_PARAM_set_depth(*pm, depth); |
| 2364 |
2301 end: | 2365 end: |
2302 | 2366 |
2303 (*pargs)++; | 2367 (*pargs)++; |
2304 | 2368 |
2305 if (pargc) | 2369 if (pargc) |
2306 *pargc -= *pargs - oldargs; | 2370 *pargc -= *pargs - oldargs; |
2307 | 2371 |
2308 return 1; | 2372 return 1; |
2309 | 2373 |
2310 } | 2374 } |
2311 | 2375 |
| 2376 /* Read whole contents of a BIO into an allocated memory buffer and |
| 2377 * return it. |
| 2378 */ |
| 2379 |
| 2380 int bio_to_mem(unsigned char **out, int maxlen, BIO *in) |
| 2381 { |
| 2382 BIO *mem; |
| 2383 int len, ret; |
| 2384 unsigned char tbuf[1024]; |
| 2385 mem = BIO_new(BIO_s_mem()); |
| 2386 if (!mem) |
| 2387 return -1; |
| 2388 for(;;) |
| 2389 { |
| 2390 if ((maxlen != -1) && maxlen < 1024) |
| 2391 len = maxlen; |
| 2392 else |
| 2393 len = 1024; |
| 2394 len = BIO_read(in, tbuf, len); |
| 2395 if (len <= 0) |
| 2396 break; |
| 2397 if (BIO_write(mem, tbuf, len) != len) |
| 2398 { |
| 2399 BIO_free(mem); |
| 2400 return -1; |
| 2401 } |
| 2402 maxlen -= len; |
| 2403 |
| 2404 if (maxlen == 0) |
| 2405 break; |
| 2406 } |
| 2407 ret = BIO_get_mem_data(mem, (char **)out); |
| 2408 BIO_set_flags(mem, BIO_FLAGS_MEM_RDONLY); |
| 2409 BIO_free(mem); |
| 2410 return ret; |
| 2411 } |
| 2412 |
| 2413 int pkey_ctrl_string(EVP_PKEY_CTX *ctx, char *value) |
| 2414 { |
| 2415 int rv; |
| 2416 char *stmp, *vtmp = NULL; |
| 2417 stmp = BUF_strdup(value); |
| 2418 if (!stmp) |
| 2419 return -1; |
| 2420 vtmp = strchr(stmp, ':'); |
| 2421 if (vtmp) |
| 2422 { |
| 2423 *vtmp = 0; |
| 2424 vtmp++; |
| 2425 } |
| 2426 rv = EVP_PKEY_CTX_ctrl_str(ctx, stmp, vtmp); |
| 2427 OPENSSL_free(stmp); |
| 2428 return rv; |
| 2429 } |
| 2430 |
2312 static void nodes_print(BIO *out, const char *name, | 2431 static void nodes_print(BIO *out, const char *name, |
2313 STACK_OF(X509_POLICY_NODE) *nodes) | 2432 STACK_OF(X509_POLICY_NODE) *nodes) |
2314 { | 2433 { |
2315 X509_POLICY_NODE *node; | 2434 X509_POLICY_NODE *node; |
2316 int i; | 2435 int i; |
2317 BIO_printf(out, "%s Policies:", name); | 2436 BIO_printf(out, "%s Policies:", name); |
2318 if (nodes) | 2437 if (nodes) |
2319 { | 2438 { |
2320 BIO_puts(out, "\n"); | 2439 BIO_puts(out, "\n"); |
2321 for (i = 0; i < sk_X509_POLICY_NODE_num(nodes); i++) | 2440 for (i = 0; i < sk_X509_POLICY_NODE_num(nodes); i++) |
(...skipping 21 matching lines...) Expand all Loading... |
2343 | 2462 |
2344 BIO_printf(out, "Require explicit Policy: %s\n", | 2463 BIO_printf(out, "Require explicit Policy: %s\n", |
2345 explicit_policy ? "True" : "False"); | 2464 explicit_policy ? "True" : "False"); |
2346 | 2465 |
2347 nodes_print(out, "Authority", X509_policy_tree_get0_policies(tree)); | 2466 nodes_print(out, "Authority", X509_policy_tree_get0_policies(tree)); |
2348 nodes_print(out, "User", X509_policy_tree_get0_user_policies(tree)); | 2467 nodes_print(out, "User", X509_policy_tree_get0_user_policies(tree)); |
2349 if (free_out) | 2468 if (free_out) |
2350 BIO_free(out); | 2469 BIO_free(out); |
2351 } | 2470 } |
2352 | 2471 |
2353 #ifndef OPENSSL_NO_JPAKE | 2472 #if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK) |
2354 | 2473 |
2355 static JPAKE_CTX *jpake_init(const char *us, const char *them, | 2474 static JPAKE_CTX *jpake_init(const char *us, const char *them, |
2356 const char *secret) | 2475 const char *secret) |
2357 { | 2476 { |
2358 BIGNUM *p = NULL; | 2477 BIGNUM *p = NULL; |
2359 BIGNUM *g = NULL; | 2478 BIGNUM *g = NULL; |
2360 BIGNUM *q = NULL; | 2479 BIGNUM *q = NULL; |
2361 BIGNUM *bnsecret = BN_new(); | 2480 BIGNUM *bnsecret = BN_new(); |
2362 JPAKE_CTX *ctx; | 2481 JPAKE_CTX *ctx; |
2363 | 2482 |
(...skipping 162 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2526 bconn = BIO_new(BIO_f_buffer()); | 2645 bconn = BIO_new(BIO_f_buffer()); |
2527 BIO_push(bconn, conn); | 2646 BIO_push(bconn, conn); |
2528 | 2647 |
2529 jpake_send_step1(bconn, ctx); | 2648 jpake_send_step1(bconn, ctx); |
2530 jpake_receive_step1(ctx, bconn); | 2649 jpake_receive_step1(ctx, bconn); |
2531 jpake_send_step2(bconn, ctx); | 2650 jpake_send_step2(bconn, ctx); |
2532 jpake_receive_step2(ctx, bconn); | 2651 jpake_receive_step2(ctx, bconn); |
2533 jpake_send_step3a(bconn, ctx); | 2652 jpake_send_step3a(bconn, ctx); |
2534 jpake_receive_step3b(ctx, bconn); | 2653 jpake_receive_step3b(ctx, bconn); |
2535 | 2654 |
2536 » /* | 2655 » BIO_puts(out, "JPAKE authentication succeeded, setting PSK\n"); |
2537 » * The problem is that you must use the derived key in the | 2656 |
2538 » * session key or you are subject to man-in-the-middle | 2657 » psk_key = BN_bn2hex(JPAKE_get_shared_key(ctx)); |
2539 » * attacks. | |
2540 » */ | |
2541 » BIO_puts(out, "JPAKE authentication succeeded (N.B. This version can" | |
2542 » » " be MitMed. See the version in HEAD for how to do it" | |
2543 » » " properly)\n"); | |
2544 | 2658 |
2545 BIO_pop(bconn); | 2659 BIO_pop(bconn); |
2546 BIO_free(bconn); | 2660 BIO_free(bconn); |
| 2661 |
| 2662 JPAKE_CTX_free(ctx); |
2547 } | 2663 } |
2548 | 2664 |
2549 void jpake_server_auth(BIO *out, BIO *conn, const char *secret) | 2665 void jpake_server_auth(BIO *out, BIO *conn, const char *secret) |
2550 { | 2666 { |
2551 JPAKE_CTX *ctx; | 2667 JPAKE_CTX *ctx; |
2552 BIO *bconn; | 2668 BIO *bconn; |
2553 | 2669 |
2554 BIO_puts(out, "Authenticating with JPAKE\n"); | 2670 BIO_puts(out, "Authenticating with JPAKE\n"); |
2555 | 2671 |
2556 ctx = jpake_init("server", "client", secret); | 2672 ctx = jpake_init("server", "client", secret); |
2557 | 2673 |
2558 bconn = BIO_new(BIO_f_buffer()); | 2674 bconn = BIO_new(BIO_f_buffer()); |
2559 BIO_push(bconn, conn); | 2675 BIO_push(bconn, conn); |
2560 | 2676 |
2561 jpake_receive_step1(ctx, bconn); | 2677 jpake_receive_step1(ctx, bconn); |
2562 jpake_send_step1(bconn, ctx); | 2678 jpake_send_step1(bconn, ctx); |
2563 jpake_receive_step2(ctx, bconn); | 2679 jpake_receive_step2(ctx, bconn); |
2564 jpake_send_step2(bconn, ctx); | 2680 jpake_send_step2(bconn, ctx); |
2565 jpake_receive_step3a(ctx, bconn); | 2681 jpake_receive_step3a(ctx, bconn); |
2566 jpake_send_step3b(bconn, ctx); | 2682 jpake_send_step3b(bconn, ctx); |
2567 | 2683 |
2568 » /* | 2684 » BIO_puts(out, "JPAKE authentication succeeded, setting PSK\n"); |
2569 » * The problem is that you must use the derived key in the | 2685 |
2570 » * session key or you are subject to man-in-the-middle | 2686 » psk_key = BN_bn2hex(JPAKE_get_shared_key(ctx)); |
2571 » * attacks. | |
2572 » */ | |
2573 » BIO_puts(out, "JPAKE authentication succeeded (N.B. This version can" | |
2574 » » " be MitMed. See the version in HEAD for how to do it" | |
2575 » » " properly)\n"); | |
2576 | 2687 |
2577 BIO_pop(bconn); | 2688 BIO_pop(bconn); |
2578 BIO_free(bconn); | 2689 BIO_free(bconn); |
2579 » } | 2690 |
2580 | 2691 » JPAKE_CTX_free(ctx); |
2581 #endif | 2692 » } |
2582 | 2693 |
| 2694 #endif |
| 2695 |
| 2696 /* |
| 2697 * Platform-specific sections |
| 2698 */ |
| 2699 #if defined(_WIN32) |
| 2700 # ifdef fileno |
| 2701 # undef fileno |
| 2702 # define fileno(a) (int)_fileno(a) |
| 2703 # endif |
| 2704 |
| 2705 # include <windows.h> |
| 2706 # include <tchar.h> |
| 2707 |
| 2708 static int WIN32_rename(const char *from, const char *to) |
| 2709 » { |
| 2710 » TCHAR *tfrom=NULL,*tto; |
| 2711 » DWORD» err; |
| 2712 » int» ret=0; |
| 2713 |
| 2714 » if (sizeof(TCHAR) == 1) |
| 2715 » » { |
| 2716 » » tfrom = (TCHAR *)from; |
| 2717 » » tto = (TCHAR *)to; |
| 2718 » » } |
| 2719 » else» /* UNICODE path */ |
| 2720 » » { |
| 2721 » » size_t i,flen=strlen(from)+1,tlen=strlen(to)+1; |
| 2722 » » tfrom = (TCHAR *)malloc(sizeof(TCHAR)*(flen+tlen)); |
| 2723 » » if (tfrom==NULL) goto err; |
| 2724 » » tto=tfrom+flen; |
| 2725 #if !defined(_WIN32_WCE) || _WIN32_WCE>=101 |
| 2726 » » if (!MultiByteToWideChar(CP_ACP,0,from,flen,(WCHAR *)tfrom,flen)
) |
| 2727 #endif |
| 2728 » » » for (i=0;i<flen;i++)» tfrom[i]=(TCHAR)from[i]; |
| 2729 #if !defined(_WIN32_WCE) || _WIN32_WCE>=101 |
| 2730 » » if (!MultiByteToWideChar(CP_ACP,0,to, tlen,(WCHAR *)tto, tlen)
) |
| 2731 #endif |
| 2732 » » » for (i=0;i<tlen;i++)» tto[i] =(TCHAR)to[i]; |
| 2733 » » } |
| 2734 |
| 2735 » if (MoveFile(tfrom,tto))» goto ok; |
| 2736 » err=GetLastError(); |
| 2737 » if (err==ERROR_ALREADY_EXISTS || err==ERROR_FILE_EXISTS) |
| 2738 » » { |
| 2739 » » if (DeleteFile(tto) && MoveFile(tfrom,tto)) |
| 2740 » » » goto ok; |
| 2741 » » err=GetLastError(); |
| 2742 » » } |
| 2743 » if (err==ERROR_FILE_NOT_FOUND || err==ERROR_PATH_NOT_FOUND) |
| 2744 » » errno = ENOENT; |
| 2745 » else if (err==ERROR_ACCESS_DENIED) |
| 2746 » » errno = EACCES; |
| 2747 » else |
| 2748 » » errno = EINVAL;»/* we could map more codes... */ |
| 2749 err: |
| 2750 » ret=-1; |
| 2751 ok: |
| 2752 » if (tfrom!=NULL && tfrom!=(TCHAR *)from)» free(tfrom); |
| 2753 » return ret; |
| 2754 » } |
| 2755 #endif |
| 2756 |
| 2757 /* app_tminterval section */ |
| 2758 #if defined(_WIN32) |
| 2759 double app_tminterval(int stop,int usertime) |
| 2760 » { |
| 2761 » FILETIME» » now; |
| 2762 » double» » » ret=0; |
| 2763 » static ULARGE_INTEGER» tmstart; |
| 2764 » static int» » warning=1; |
| 2765 #ifdef _WIN32_WINNT |
| 2766 » static HANDLE» » proc=NULL; |
| 2767 |
| 2768 » if (proc==NULL) |
| 2769 » » { |
| 2770 » » if (GetVersion() < 0x80000000) |
| 2771 » » » proc = OpenProcess(PROCESS_QUERY_INFORMATION,FALSE, |
| 2772 » » » » » » GetCurrentProcessId()); |
| 2773 » » if (proc==NULL) proc = (HANDLE)-1; |
| 2774 » » } |
| 2775 |
| 2776 » if (usertime && proc!=(HANDLE)-1) |
| 2777 » » { |
| 2778 » » FILETIME junk; |
| 2779 » » GetProcessTimes(proc,&junk,&junk,&junk,&now); |
| 2780 » » } |
| 2781 » else |
| 2782 #endif |
| 2783 » » { |
| 2784 » » SYSTEMTIME systime; |
| 2785 |
| 2786 » » if (usertime && warning) |
| 2787 » » » { |
| 2788 » » » BIO_printf(bio_err,"To get meaningful results, run " |
| 2789 » » » » » "this program on idle system.\n"); |
| 2790 » » » warning=0; |
| 2791 » » » } |
| 2792 » » GetSystemTime(&systime); |
| 2793 » » SystemTimeToFileTime(&systime,&now); |
| 2794 » » } |
| 2795 |
| 2796 » if (stop==TM_START) |
| 2797 » » { |
| 2798 » » tmstart.u.LowPart = now.dwLowDateTime; |
| 2799 » » tmstart.u.HighPart = now.dwHighDateTime; |
| 2800 » » } |
| 2801 » else» { |
| 2802 » » ULARGE_INTEGER tmstop; |
| 2803 |
| 2804 » » tmstop.u.LowPart = now.dwLowDateTime; |
| 2805 » » tmstop.u.HighPart = now.dwHighDateTime; |
| 2806 |
| 2807 » » ret = (__int64)(tmstop.QuadPart - tmstart.QuadPart)*1e-7; |
| 2808 » » } |
| 2809 |
| 2810 » return (ret); |
| 2811 » } |
| 2812 |
| 2813 #elif defined(OPENSSL_SYS_NETWARE) |
| 2814 #include <time.h> |
| 2815 |
| 2816 double app_tminterval(int stop,int usertime) |
| 2817 » { |
| 2818 » double» » ret=0; |
| 2819 » static clock_t» tmstart; |
| 2820 » static int» warning=1; |
| 2821 |
| 2822 » if (usertime && warning) |
| 2823 » » { |
| 2824 » » BIO_printf(bio_err,"To get meaningful results, run " |
| 2825 » » » » "this program on idle system.\n"); |
| 2826 » » warning=0; |
| 2827 » » } |
| 2828 |
| 2829 » if (stop==TM_START)» tmstart = clock(); |
| 2830 » else» » » ret = (clock()-tmstart)/(double)CLOCKS_PER_S
EC; |
| 2831 |
| 2832 » return (ret); |
| 2833 » } |
| 2834 |
| 2835 #elif defined(OPENSSL_SYSTEM_VXWORKS) |
| 2836 #include <time.h> |
| 2837 |
| 2838 double app_tminterval(int stop,int usertime) |
| 2839 » { |
| 2840 » double ret=0; |
| 2841 #ifdef CLOCK_REALTIME |
| 2842 » static struct timespec» tmstart; |
| 2843 » struct timespec»» now; |
| 2844 #else |
| 2845 » static unsigned long» tmstart; |
| 2846 » unsigned long» » now; |
| 2847 #endif |
| 2848 » static int warning=1; |
| 2849 |
| 2850 » if (usertime && warning) |
| 2851 » » { |
| 2852 » » BIO_printf(bio_err,"To get meaningful results, run " |
| 2853 » » » » "this program on idle system.\n"); |
| 2854 » » warning=0; |
| 2855 » » } |
| 2856 |
| 2857 #ifdef CLOCK_REALTIME |
| 2858 » clock_gettime(CLOCK_REALTIME,&now); |
| 2859 » if (stop==TM_START)» tmstart = now; |
| 2860 » else» ret = ( (now.tv_sec+now.tv_nsec*1e-9) |
| 2861 » » » - (tmstart.tv_sec+tmstart.tv_nsec*1e-9) ); |
| 2862 #else |
| 2863 » now = tickGet(); |
| 2864 » if (stop==TM_START)» tmstart = now; |
| 2865 » else» » » ret = (now - tmstart)/(double)sysClkRateGet(); |
| 2866 #endif |
| 2867 » return (ret); |
| 2868 » } |
| 2869 |
| 2870 #elif defined(OPENSSL_SYSTEM_VMS) |
| 2871 #include <time.h> |
| 2872 #include <times.h> |
| 2873 |
| 2874 double app_tminterval(int stop,int usertime) |
| 2875 » { |
| 2876 » static clock_t» tmstart; |
| 2877 » double» » ret = 0; |
| 2878 » clock_t»» now; |
| 2879 #ifdef __TMS |
| 2880 » struct tms» rus; |
| 2881 |
| 2882 » now = times(&rus); |
| 2883 » if (usertime)» now = rus.tms_utime; |
| 2884 #else |
| 2885 » if (usertime) |
| 2886 » » now = clock(); /* sum of user and kernel times */ |
| 2887 » else» { |
| 2888 » » struct timeval tv; |
| 2889 » » gettimeofday(&tv,NULL); |
| 2890 » » now = (clock_t)( |
| 2891 » » » (unsigned long long)tv.tv_sec*CLK_TCK + |
| 2892 » » » (unsigned long long)tv.tv_usec*(1000000/CLK_TCK) |
| 2893 » » » ); |
| 2894 » » } |
| 2895 #endif |
| 2896 » if (stop==TM_START)» tmstart = now; |
| 2897 » else» » » ret = (now - tmstart)/(double)(CLK_TCK); |
| 2898 |
| 2899 » return (ret); |
| 2900 » } |
| 2901 |
| 2902 #elif defined(_SC_CLK_TCK)» /* by means of unistd.h */ |
| 2903 #include <sys/times.h> |
| 2904 |
| 2905 double app_tminterval(int stop,int usertime) |
| 2906 » { |
| 2907 » double» » ret = 0; |
| 2908 » struct tms» rus; |
| 2909 » clock_t»» now = times(&rus); |
| 2910 » static clock_t» tmstart; |
| 2911 |
| 2912 » if (usertime)» » now = rus.tms_utime; |
| 2913 |
| 2914 » if (stop==TM_START)» tmstart = now; |
| 2915 » else |
| 2916 » » { |
| 2917 » » long int tck = sysconf(_SC_CLK_TCK); |
| 2918 » » ret = (now - tmstart)/(double)tck; |
| 2919 » » } |
| 2920 |
| 2921 » return (ret); |
| 2922 » } |
| 2923 |
| 2924 #else |
| 2925 #include <sys/time.h> |
| 2926 #include <sys/resource.h> |
| 2927 |
| 2928 double app_tminterval(int stop,int usertime) |
| 2929 » { |
| 2930 » double» » ret = 0; |
| 2931 » struct rusage» rus; |
| 2932 » struct timeval» now; |
| 2933 » static struct timeval tmstart; |
| 2934 |
| 2935 » if (usertime)» » getrusage(RUSAGE_SELF,&rus), now = rus.ru_utime; |
| 2936 » else» » » gettimeofday(&now,NULL); |
| 2937 |
| 2938 » if (stop==TM_START)» tmstart = now; |
| 2939 » else» » » ret = ( (now.tv_sec+now.tv_usec*1e-6) |
| 2940 » » » » » - (tmstart.tv_sec+tmstart.tv_usec*1e-6)
); |
| 2941 |
| 2942 » return ret; |
| 2943 » } |
| 2944 #endif |
| 2945 |
| 2946 /* app_isdir section */ |
| 2947 #ifdef _WIN32 |
| 2948 int app_isdir(const char *name) |
| 2949 » { |
| 2950 » HANDLE» » hList; |
| 2951 » WIN32_FIND_DATA»FileData; |
| 2952 #if defined(UNICODE) || defined(_UNICODE) |
| 2953 » size_t i, len_0 = strlen(name)+1; |
| 2954 |
| 2955 » if (len_0 > sizeof(FileData.cFileName)/sizeof(FileData.cFileName[0])) |
| 2956 » » return -1; |
| 2957 |
| 2958 #if !defined(_WIN32_WCE) || _WIN32_WCE>=101 |
| 2959 » if (!MultiByteToWideChar(CP_ACP,0,name,len_0,FileData.cFileName,len_0)) |
| 2960 #endif |
| 2961 » » for (i=0;i<len_0;i++) |
| 2962 » » » FileData.cFileName[i] = (WCHAR)name[i]; |
| 2963 |
| 2964 » hList = FindFirstFile(FileData.cFileName,&FileData); |
| 2965 #else |
| 2966 » hList = FindFirstFile(name,&FileData); |
| 2967 #endif |
| 2968 » if (hList == INVALID_HANDLE_VALUE)» return -1; |
| 2969 » FindClose(hList); |
| 2970 » return ((FileData.dwFileAttributes&FILE_ATTRIBUTE_DIRECTORY)!=0); |
| 2971 » } |
| 2972 #else |
| 2973 #include <sys/stat.h> |
| 2974 #ifndef S_ISDIR |
| 2975 # if defined(_S_IFMT) && defined(_S_IFDIR) |
| 2976 # define S_ISDIR(a) (((a) & _S_IFMT) == _S_IFDIR) |
| 2977 # else |
| 2978 # define S_ISDIR(a) (((a) & S_IFMT) == S_IFDIR) |
| 2979 # endif |
| 2980 #endif |
| 2981 |
| 2982 int app_isdir(const char *name) |
| 2983 » { |
| 2984 #if defined(S_ISDIR) |
| 2985 » struct stat st; |
| 2986 |
| 2987 » if (stat(name,&st)==0)» return S_ISDIR(st.st_mode); |
| 2988 » else» » » return -1; |
| 2989 #else |
| 2990 » return -1; |
| 2991 #endif |
| 2992 » } |
| 2993 #endif |
| 2994 |
| 2995 /* raw_read|write section */ |
| 2996 #if defined(_WIN32) && defined(STD_INPUT_HANDLE) |
| 2997 int raw_read_stdin(void *buf,int siz) |
| 2998 » { |
| 2999 » DWORD n; |
| 3000 » if (ReadFile(GetStdHandle(STD_INPUT_HANDLE),buf,siz,&n,NULL)) |
| 3001 » » return (n); |
| 3002 » else» return (-1); |
| 3003 » } |
| 3004 #else |
| 3005 int raw_read_stdin(void *buf,int siz) |
| 3006 » {» return read(fileno(stdin),buf,siz);» } |
| 3007 #endif |
| 3008 |
| 3009 #if defined(_WIN32) && defined(STD_OUTPUT_HANDLE) |
| 3010 int raw_write_stdout(const void *buf,int siz) |
| 3011 » { |
| 3012 » DWORD n; |
| 3013 » if (WriteFile(GetStdHandle(STD_OUTPUT_HANDLE),buf,siz,&n,NULL)) |
| 3014 » » return (n); |
| 3015 » else» return (-1); |
| 3016 » } |
| 3017 #else |
| 3018 int raw_write_stdout(const void *buf,int siz) |
| 3019 » {» return write(fileno(stdout),buf,siz);» } |
| 3020 #endif |
| 3021 |
| 3022 #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) |
2583 /* next_protos_parse parses a comma separated list of strings into a string | 3023 /* next_protos_parse parses a comma separated list of strings into a string |
2584 * in a format suitable for passing to SSL_CTX_set_next_protos_advertised. | 3024 * in a format suitable for passing to SSL_CTX_set_next_protos_advertised. |
2585 * outlen: (output) set to the length of the resulting buffer on success. | 3025 * outlen: (output) set to the length of the resulting buffer on success. |
2586 * err: (maybe NULL) on failure, an error message line is written to this BIO. | |
2587 * in: a NUL termianted string like "abc,def,ghi" | 3026 * in: a NUL termianted string like "abc,def,ghi" |
2588 * | 3027 * |
2589 * returns: a malloced buffer | 3028 * returns: a malloced buffer or NULL on failure. |
2590 */ | 3029 */ |
2591 unsigned char *next_protos_parse(unsigned short *outlen, const char *in) | 3030 unsigned char *next_protos_parse(unsigned short *outlen, const char *in) |
2592 { | 3031 { |
2593 size_t len; | 3032 size_t len; |
2594 unsigned char *out; | 3033 unsigned char *out; |
2595 size_t i, start = 0; | 3034 size_t i, start = 0; |
2596 | 3035 |
2597 len = strlen(in); | 3036 len = strlen(in); |
2598 » if (len > 65535) | 3037 » if (len >= 65535) |
2599 return NULL; | 3038 return NULL; |
2600 | 3039 |
2601 out = OPENSSL_malloc(strlen(in) + 1); | 3040 out = OPENSSL_malloc(strlen(in) + 1); |
2602 if (!out) | 3041 if (!out) |
2603 return NULL; | 3042 return NULL; |
2604 | 3043 |
2605 for (i = 0; i <= len; ++i) | 3044 for (i = 0; i <= len; ++i) |
2606 { | 3045 { |
2607 if (i == len || in[i] == ',') | 3046 if (i == len || in[i] == ',') |
2608 { | 3047 { |
2609 if (i - start > 255) | 3048 if (i - start > 255) |
2610 { | 3049 { |
2611 OPENSSL_free(out); | 3050 OPENSSL_free(out); |
2612 return NULL; | 3051 return NULL; |
2613 } | 3052 } |
2614 out[start] = i - start; | 3053 out[start] = i - start; |
2615 start = i + 1; | 3054 start = i + 1; |
2616 } | 3055 } |
2617 else | 3056 else |
2618 out[i+1] = in[i]; | 3057 out[i+1] = in[i]; |
2619 } | 3058 } |
2620 | 3059 |
2621 *outlen = len + 1; | 3060 *outlen = len + 1; |
2622 return out; | 3061 return out; |
2623 } | 3062 } |
| 3063 #endif /* !OPENSSL_NO_TLSEXT && !OPENSSL_NO_NEXTPROTONEG */ |
OLD | NEW |