1 files changed, 623 insertions, 0 deletions
diff --git a/src/lib/libcrypto/conf/conf_mod.c b/src/lib/libcrypto/conf/conf_mod.c
new file mode 100644
index 0000000000..df1642a0a5
--- /dev/null
+++ b/src/lib/libcrypto/conf/conf_mod.c
@@ -0,0 +1,623 @@
+/* conf_mod.c */
+/* Written by Stephen Henson (steve@openssl.org) for the OpenSSL
+ * project 2001.
+ */
+/* ====================================================================
+ * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+#include <stdio.h>
+#include <ctype.h>
+#include <openssl/crypto.h>
+#include "cryptlib.h"
+#include <openssl/conf.h>
+#include <openssl/dso.h>
+#include <openssl/x509.h>
+#define DSO_mod_init_name "OPENSSL_init"
+#define DSO_mod_finish_name "OPENSSL_finish"
+/* This structure contains a data about supported modules.
+ * entries in this table correspond to either dynamic or
+ * static modules.
+ */
+struct conf_module_st
+        {
+        /* DSO of this module or NULL if static */
+        DSO *dso;
+        /* Name of the module */
+        char *name;
+        /* Init function */
+        conf_init_func *init; 
+        /* Finish function */
+        conf_finish_func *finish;
+        /* Number of successfully initialized modules */
+        int links;
+        void *usr_data;
+        };
+/* This structure contains information about modules that have been
+ * successfully initialized. There may be more than one entry for a
+ * given module.
+ */
+struct conf_imodule_st
+        {
+        CONF_MODULE *pmod;
+        char *name;
+        char *value;
+        unsigned long flags;
+        void *usr_data;
+        };
+static STACK_OF(CONF_MODULE) *supported_modules = NULL;
+static STACK_OF(CONF_IMODULE) *initialized_modules = NULL;
+static void module_free(CONF_MODULE *md);
+static void module_finish(CONF_IMODULE *imod);
+static int module_run(const CONF *cnf, char *name, char *value,
+                                          unsigned long flags);
+static CONF_MODULE *module_add(DSO *dso, const char *name,
+                        conf_init_func *ifunc, conf_finish_func *ffunc);
+static CONF_MODULE *module_find(char *name);
+static int module_init(CONF_MODULE *pmod, char *name, char *value,
+                                           const CONF *cnf);
+static CONF_MODULE *module_load_dso(const CONF *cnf, char *name, char *value,
+                                                                        unsigned long flags);
+/* Main function: load modules from a CONF structure */
+int CONF_modules_load(const CONF *cnf, const char *appname,
+                      unsigned long flags)
+        {
+        STACK_OF(CONF_VALUE) *values;
+        CONF_VALUE *vl;
+        char *vsection = NULL;
+        int ret, i;
+        if (!cnf)
+                return 1;
+        if (appname)
+                vsection = NCONF_get_string(cnf, NULL, appname);
+        if (!appname || (!vsection && (flags & CONF_MFLAGS_DEFAULT_SECTION)))
+                vsection = NCONF_get_string(cnf, NULL, "openssl_conf");
+        if (!vsection)
+                {
+                ERR_clear_error();
+                return 1;
+                }
+        values = NCONF_get_section(cnf, vsection);
+        if (!values)
+                return 0;
+        for (i = 0; i < sk_CONF_VALUE_num(values); i++)
+                {
+                vl = sk_CONF_VALUE_value(values, i);
+                ret = module_run(cnf, vl->name, vl->value, flags);
+                if (ret <= 0)
+                        if(!(flags & CONF_MFLAGS_IGNORE_ERRORS))
+                                return ret;
+                }
+        return 1;
+        }
+int CONF_modules_load_file(const char *filename, const char *appname,
+                           unsigned long flags)
+        {
+        char *file = NULL;
+        CONF *conf = NULL;
+        int ret = 0;
+        conf = NCONF_new(NULL);
+        if (!conf)
+                goto err;
+        if (filename == NULL)
+                {
+                file = CONF_get1_default_config_file();
+                if (!file)
+                        goto err;
+                }
+        else
+                file = (char *)filename;
+        if (NCONF_load(conf, file, NULL) <= 0)
+                {
+                if ((flags & CONF_MFLAGS_IGNORE_MISSING_FILE) &&
+                  (ERR_GET_REASON(ERR_peek_last_error()) == CONF_R_NO_SUCH_FILE))
+                        {
+                        ERR_clear_error();
+                        ret = 1;
+                        }
+                goto err;
+                }
+        ret = CONF_modules_load(conf, appname, flags);
+        err:
+        if (filename == NULL)
+                OPENSSL_free(file);
+        NCONF_free(conf);
+        return ret;
+        }
+static int module_run(const CONF *cnf, char *name, char *value,
+                      unsigned long flags)
+        {
+        CONF_MODULE *md;
+        int ret;
+        md = module_find(name);
+        /* Module not found: try to load DSO */
+        if (!md && !(flags & CONF_MFLAGS_NO_DSO))
+                md = module_load_dso(cnf, name, value, flags);
+        if (!md)
+                {
+                if (!(flags & CONF_MFLAGS_SILENT))
+                        {
+                        CONFerr(CONF_F_MODULE_RUN, CONF_R_UNKNOWN_MODULE_NAME);
+                        ERR_add_error_data(2, "module=", name);
+                        }
+                return -1;
+                }
+        ret = module_init(md, name, value, cnf);
+        if (ret <= 0)
+                {
+                if (!(flags & CONF_MFLAGS_SILENT))
+                        {
+                        char rcode[DECIMAL_SIZE(ret)+1];
+                        CONFerr(CONF_F_MODULE_RUN, CONF_R_MODULE_INITIALIZATION_ERROR);
+                        BIO_snprintf(rcode, sizeof rcode, "%-8d", ret);
+                        ERR_add_error_data(6, "module=", name, ", value=", value, ", retcode=", rcode);
+                        }
+                }
+        return ret;
+        }
+/* Load a module from a DSO */
+static CONF_MODULE *module_load_dso(const CONF *cnf, char *name, char *value,
+                                    unsigned long flags)
+        {
+        DSO *dso = NULL;
+        conf_init_func *ifunc;
+        conf_finish_func *ffunc;
+        char *path = NULL;
+        int errcode = 0;
+        CONF_MODULE *md;
+        /* Look for alternative path in module section */
+        path = NCONF_get_string(cnf, value, "path");
+        if (!path)
+                {
+                ERR_clear_error();
+                path = name;
+                }
+        dso = DSO_load(NULL, path, NULL, 0);
+        if (!dso)
+                {
+                errcode = CONF_R_ERROR_LOADING_DSO;
+                goto err;
+                }
+        ifunc = (conf_init_func *)DSO_bind_func(dso, DSO_mod_init_name);
+        if (!ifunc)
+                {
+                errcode = CONF_R_MISSING_INIT_FUNCTION;
+                goto err;
+                }
+        ffunc = (conf_finish_func *)DSO_bind_func(dso, DSO_mod_finish_name);
+        /* All OK, add module */
+        md = module_add(dso, name, ifunc, ffunc);
+        if (!md)
+                goto err;
+        return md;
+        err:
+        if (dso)
+                DSO_free(dso);
+        CONFerr(CONF_F_MODULE_LOAD_DSO, errcode);
+        ERR_add_error_data(4, "module=", name, ", path=", path);
+        return NULL;
+        }
+/* add module to list */
+static CONF_MODULE *module_add(DSO *dso, const char *name,
+                               conf_init_func *ifunc, conf_finish_func *ffunc)
+        {
+        CONF_MODULE *tmod = NULL;
+        if (supported_modules == NULL)
+                supported_modules = sk_CONF_MODULE_new_null();
+        if (supported_modules == NULL)
+                return NULL;
+        tmod = OPENSSL_malloc(sizeof(CONF_MODULE));
+        if (tmod == NULL)
+                return NULL;
+        tmod->dso = dso;
+        tmod->name = BUF_strdup(name);
+        tmod->init = ifunc;
+        tmod->finish = ffunc;
+        tmod->links = 0;
+        if (!sk_CONF_MODULE_push(supported_modules, tmod))
+                {
+                OPENSSL_free(tmod);
+                return NULL;
+                }
+        return tmod;
+        }
+/* Find a module from the list. We allow module names of the
+ * form modname.XXXX to just search for modname to allow the
+ * same module to be initialized more than once.
+ */
+static CONF_MODULE *module_find(char *name)
+        {
+        CONF_MODULE *tmod;
+        int i, nchar;
+        char *p;
+        p = strrchr(name, '.');
+        if (p)
+                nchar = p - name;
+        else 
+                nchar = strlen(name);
+        for (i = 0; i < sk_CONF_MODULE_num(supported_modules); i++)
+                {
+                tmod = sk_CONF_MODULE_value(supported_modules, i);
+                if (!strncmp(tmod->name, name, nchar))
+                        return tmod;
+                }
+        return NULL;
+        }
+/* initialize a module */
+static int module_init(CONF_MODULE *pmod, char *name, char *value,
+                       const CONF *cnf)
+        {
+        int ret = 1;
+        int init_called = 0;
+        CONF_IMODULE *imod = NULL;
+        /* Otherwise add initialized module to list */
+        imod = OPENSSL_malloc(sizeof(CONF_IMODULE));
+        if (!imod)
+                goto err;
+        imod->pmod = pmod;
+        imod->name = BUF_strdup(name);
+        imod->value = BUF_strdup(value);
+        imod->usr_data = NULL;
+        if (!imod->name || !imod->value)
+                goto memerr;
+        /* Try to initialize module */
+        if(pmod->init)
+                {
+                ret = pmod->init(imod, cnf);
+                init_called = 1;
+                /* Error occurred, exit */
+                if (ret <= 0)
+                        goto err;
+                }
+        if (initialized_modules == NULL)
+                {
+                initialized_modules = sk_CONF_IMODULE_new_null();
+                if (!initialized_modules)
+                        {
+                        CONFerr(CONF_F_MODULE_INIT, ERR_R_MALLOC_FAILURE);
+                        goto err;
+                        }
+                }
+        if (!sk_CONF_IMODULE_push(initialized_modules, imod))
+                {
+                CONFerr(CONF_F_MODULE_INIT, ERR_R_MALLOC_FAILURE);
+                goto err;
+                }
+        pmod->links++;
+        return ret;
+        err:
+        /* We've started the module so we'd better finish it */
+        if (pmod->finish && init_called)
+                pmod->finish(imod);
+        memerr:
+        if (imod)
+                {
+                if (imod->name)
+                        OPENSSL_free(imod->name);
+                if (imod->value)
+                        OPENSSL_free(imod->value);
+                OPENSSL_free(imod);
+                }
+        return -1;
+        }
+/* Unload any dynamic modules that have a link count of zero:
+ * i.e. have no active initialized modules. If 'all' is set
+ * then all modules are unloaded including static ones.
+ */
+void CONF_modules_unload(int all)
+        {
+        int i;
+        CONF_MODULE *md;
+        CONF_modules_finish();
+        /* unload modules in reverse order */
+        for (i = sk_CONF_MODULE_num(supported_modules) - 1; i >= 0; i--)
+                {
+                md = sk_CONF_MODULE_value(supported_modules, i);
+                /* If static or in use and 'all' not set ignore it */
+                if (((md->links > 0) || !md->dso) && !all)
+                        continue;
+                /* Since we're working in reverse this is OK */
+                (void)sk_CONF_MODULE_delete(supported_modules, i);
+                module_free(md);
+                }
+        if (sk_CONF_MODULE_num(supported_modules) == 0)
+                {
+                sk_CONF_MODULE_free(supported_modules);
+                supported_modules = NULL;
+                }
+        }
+/* unload a single module */
+static void module_free(CONF_MODULE *md)
+        {
+        if (md->dso)
+                DSO_free(md->dso);
+        OPENSSL_free(md->name);
+        OPENSSL_free(md);
+        }
+/* finish and free up all modules instances */
+void CONF_modules_finish(void)
+        {
+        CONF_IMODULE *imod;
+        while (sk_CONF_IMODULE_num(initialized_modules) > 0)
+                {
+                imod = sk_CONF_IMODULE_pop(initialized_modules);
+                module_finish(imod);
+                }
+        sk_CONF_IMODULE_free(initialized_modules);
+        initialized_modules = NULL;
+        }
+/* finish a module instance */
+static void module_finish(CONF_IMODULE *imod)
+        {
+        if (imod->pmod->finish)
+                imod->pmod->finish(imod);
+        imod->pmod->links--;
+        OPENSSL_free(imod->name);
+        OPENSSL_free(imod->value);
+        OPENSSL_free(imod);
+        }
+/* Add a static module to OpenSSL */
+int CONF_module_add(const char *name, conf_init_func *ifunc, 
+                    conf_finish_func *ffunc)
+        {
+        if (module_add(NULL, name, ifunc, ffunc))
+                return 1;
+        else
+                return 0;
+        }
+void CONF_modules_free(void)
+        {
+        CONF_modules_finish();
+        CONF_modules_unload(1);
+        }
+/* Utility functions */
+const char *CONF_imodule_get_name(const CONF_IMODULE *md)
+        {
+        return md->name;
+        }
+const char *CONF_imodule_get_value(const CONF_IMODULE *md)
+        {
+        return md->value;
+        }
+void *CONF_imodule_get_usr_data(const CONF_IMODULE *md)
+        {
+        return md->usr_data;
+        }
+void CONF_imodule_set_usr_data(CONF_IMODULE *md, void *usr_data)
+        {
+        md->usr_data = usr_data;
+        }
+CONF_MODULE *CONF_imodule_get_module(const CONF_IMODULE *md)
+        {
+        return md->pmod;
+        }
+unsigned long CONF_imodule_get_flags(const CONF_IMODULE *md)
+        {
+        return md->flags;
+        }
+void CONF_imodule_set_flags(CONF_IMODULE *md, unsigned long flags)
+        {
+        md->flags = flags;
+        }
+void *CONF_module_get_usr_data(CONF_MODULE *pmod)
+        {
+        return pmod->usr_data;
+        }
+void CONF_module_set_usr_data(CONF_MODULE *pmod, void *usr_data)
+        {
+        pmod->usr_data = usr_data;
+        }
+/* Return default config file name */
+char *CONF_get1_default_config_file(void)
+        {
+        char *file;
+        int len;
+        file = getenv("OPENSSL_CONF");
+        if (file) 
+                return BUF_strdup(file);
+        len = strlen(X509_get_default_cert_area());
+#ifndef OPENSSL_SYS_VMS
+        len++;
+#endif
+        len += strlen(OPENSSL_CONF);
+        file = OPENSSL_malloc(len + 1);
+        if (!file)
+                return NULL;
+        BUF_strlcpy(file,X509_get_default_cert_area(),len + 1);
+#ifndef OPENSSL_SYS_VMS
+        BUF_strlcat(file,"/",len + 1);
+#endif
+        BUF_strlcat(file,OPENSSL_CONF,len + 1);
+        return file;
+        }
+/* This function takes a list separated by 'sep' and calls the
+ * callback function giving the start and length of each member
+ * optionally stripping leading and trailing whitespace. This can
+ * be used to parse comma separated lists for example.
+ */
+int CONF_parse_list(const char *list_, int sep, int nospc,
+        int (*list_cb)(const char *elem, int len, void *usr), void *arg)
+        {
+        int ret;
+        const char *lstart, *tmpend, *p;
+        if(list_ == NULL)
+                {
+                CONFerr(CONF_F_CONF_PARSE_LIST, CONF_R_LIST_CANNOT_BE_NULL);
+                return 0;
+                }
+        lstart = list_;
+        for(;;)
+                {
+                if (nospc)
+                        {
+                        while(*lstart && isspace((unsigned char)*lstart))
+                                lstart++;
+                        }
+                p = strchr(lstart, sep);
+                if (p == lstart || !*lstart)
+                        ret = list_cb(NULL, 0, arg);
+                else
+                        {
+                        if (p)
+                                tmpend = p - 1;
+                        else 
+                                tmpend = lstart + strlen(lstart) - 1;
+                        if (nospc)
+                                {
+                                while(isspace((unsigned char)*tmpend))
+                                        tmpend--;
+                                }
+                        ret = list_cb(lstart, tmpend - lstart + 1, arg);
+                        }
+                if (ret <= 0)
+                        return ret;
+                if (p == NULL)
+                        return 1;
+                lstart = p + 1;
+                }
+        }

diff --git a/src/lib/libcrypto/conf/conf_mod.c b/src/lib/libcrypto/conf/conf_mod.c new file mode 100644 index 0000000000..df1642a0a5 --- /dev/null +++ b/src/lib/libcrypto/conf/conf_mod.c
@@ -0,0 +1,623 @@
	1	/* conf_mod.c */
	2	/* Written by Stephen Henson (steve@openssl.org) for the OpenSSL
	3	* project 2001.
	4	*/
	5	/* ====================================================================
	6	* Copyright (c) 2001 The OpenSSL Project. All rights reserved.
	7	*
	8	* Redistribution and use in source and binary forms, with or without
	9	* modification, are permitted provided that the following conditions
	10	* are met:
	11	*
	12	* 1. Redistributions of source code must retain the above copyright
	13	* notice, this list of conditions and the following disclaimer.
	14	*
	15	* 2. Redistributions in binary form must reproduce the above copyright
	16	* notice, this list of conditions and the following disclaimer in
	17	* the documentation and/or other materials provided with the
	18	* distribution.
	19	*
	20	* 3. All advertising materials mentioning features or use of this
	21	* software must display the following acknowledgment:
	22	* "This product includes software developed by the OpenSSL Project
	23	* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
	24	*
	25	* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
	26	* endorse or promote products derived from this software without
	27	* prior written permission. For written permission, please contact
	28	* licensing@OpenSSL.org.
	29	*
	30	* 5. Products derived from this software may not be called "OpenSSL"
	31	* nor may "OpenSSL" appear in their names without prior written
	32	* permission of the OpenSSL Project.
	33	*
	34	* 6. Redistributions of any form whatsoever must retain the following
	35	* acknowledgment:
	36	* "This product includes software developed by the OpenSSL Project
	37	* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
	38	*
	39	* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
	40	* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	41	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
	42	* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
	43	* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
	44	* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
	45	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
	46	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	47	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
	48	* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
	49	* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
	50	* OF THE POSSIBILITY OF SUCH DAMAGE.
	51	* ====================================================================
	52	*
	53	* This product includes cryptographic software written by Eric Young
	54	* (eay@cryptsoft.com). This product includes software written by Tim
	55	* Hudson (tjh@cryptsoft.com).
	56	*
	57	*/
	58
	59	#include <stdio.h>
	60	#include <ctype.h>
	61	#include <openssl/crypto.h>
	62	#include "cryptlib.h"
	63	#include <openssl/conf.h>
	64	#include <openssl/dso.h>
	65	#include <openssl/x509.h>
	66
	67
	68	#define DSO_mod_init_name "OPENSSL_init"
	69	#define DSO_mod_finish_name "OPENSSL_finish"
	70
	71
	72	/* This structure contains a data about supported modules.
	73	* entries in this table correspond to either dynamic or
	74	* static modules.
	75	*/
	76
	77	struct conf_module_st
	78	{
	79	/* DSO of this module or NULL if static */
	80	DSO *dso;
	81	/* Name of the module */
	82	char *name;
	83	/* Init function */
	84	conf_init_func *init;
	85	/* Finish function */
	86	conf_finish_func *finish;
	87	/* Number of successfully initialized modules */
	88	int links;
	89	void *usr_data;
	90	};
	91
	92
	93	/* This structure contains information about modules that have been
	94	* successfully initialized. There may be more than one entry for a
	95	* given module.
	96	*/
	97
	98	struct conf_imodule_st
	99	{
	100	CONF_MODULE *pmod;
	101	char *name;
	102	char *value;
	103	unsigned long flags;
	104	void *usr_data;
	105	};
	106
	107	static STACK_OF(CONF_MODULE) *supported_modules = NULL;
	108	static STACK_OF(CONF_IMODULE) *initialized_modules = NULL;
	109
	110	static void module_free(CONF_MODULE *md);
	111	static void module_finish(CONF_IMODULE *imod);
	112	static int module_run(const CONF cnf, char name, char *value,
	113	unsigned long flags);
	114	static CONF_MODULE module_add(DSO dso, const char *name,
	115	conf_init_func ifunc, conf_finish_func ffunc);
	116	static CONF_MODULE module_find(char name);
	117	static int module_init(CONF_MODULE pmod, char name, char *value,
	118	const CONF *cnf);
	119	static CONF_MODULE module_load_dso(const CONF cnf, char name, char value,
	120	unsigned long flags);
	121
	122	/* Main function: load modules from a CONF structure */
	123
	124	int CONF_modules_load(const CONF cnf, const char appname,
	125	unsigned long flags)
	126	{
	127	STACK_OF(CONF_VALUE) *values;
	128	CONF_VALUE *vl;
	129	char *vsection = NULL;
	130
	131	int ret, i;
	132
	133	if (!cnf)
	134	return 1;
	135
	136	if (appname)
	137	vsection = NCONF_get_string(cnf, NULL, appname);
	138
	139	if (!appname \|\| (!vsection && (flags & CONF_MFLAGS_DEFAULT_SECTION)))
	140	vsection = NCONF_get_string(cnf, NULL, "openssl_conf");
	141
	142	if (!vsection)
	143	{
	144	ERR_clear_error();
	145	return 1;
	146	}
	147
	148	values = NCONF_get_section(cnf, vsection);
	149
	150	if (!values)
	151	return 0;
	152
	153	for (i = 0; i < sk_CONF_VALUE_num(values); i++)
	154	{
	155	vl = sk_CONF_VALUE_value(values, i);
	156	ret = module_run(cnf, vl->name, vl->value, flags);
	157	if (ret <= 0)
	158	if(!(flags & CONF_MFLAGS_IGNORE_ERRORS))
	159	return ret;
	160	}
	161
	162	return 1;
	163
	164	}
	165
	166	int CONF_modules_load_file(const char filename, const char appname,
	167	unsigned long flags)
	168	{
	169	char *file = NULL;
	170	CONF *conf = NULL;
	171	int ret = 0;
	172	conf = NCONF_new(NULL);
	173	if (!conf)
	174	goto err;
	175
	176	if (filename == NULL)
	177	{
	178	file = CONF_get1_default_config_file();
	179	if (!file)
	180	goto err;
	181	}
	182	else
	183	file = (char *)filename;
	184
	185	if (NCONF_load(conf, file, NULL) <= 0)
	186	{
	187	if ((flags & CONF_MFLAGS_IGNORE_MISSING_FILE) &&
	188	(ERR_GET_REASON(ERR_peek_last_error()) == CONF_R_NO_SUCH_FILE))
	189	{
	190	ERR_clear_error();
	191	ret = 1;
	192	}
	193	goto err;
	194	}
	195
	196	ret = CONF_modules_load(conf, appname, flags);
	197
	198	err:
	199	if (filename == NULL)
	200	OPENSSL_free(file);
	201	NCONF_free(conf);
	202
	203	return ret;
	204	}
	205
	206	static int module_run(const CONF cnf, char name, char *value,
	207	unsigned long flags)
	208	{
	209	CONF_MODULE *md;
	210	int ret;
	211
	212	md = module_find(name);
	213
	214	/* Module not found: try to load DSO */
	215	if (!md && !(flags & CONF_MFLAGS_NO_DSO))
	216	md = module_load_dso(cnf, name, value, flags);
	217
	218	if (!md)
	219	{
	220	if (!(flags & CONF_MFLAGS_SILENT))
	221	{
	222	CONFerr(CONF_F_MODULE_RUN, CONF_R_UNKNOWN_MODULE_NAME);
	223	ERR_add_error_data(2, "module=", name);
	224	}
	225	return -1;
	226	}
	227
	228	ret = module_init(md, name, value, cnf);
	229
	230	if (ret <= 0)
	231	{
	232	if (!(flags & CONF_MFLAGS_SILENT))
	233	{
	234	char rcode[DECIMAL_SIZE(ret)+1];
	235	CONFerr(CONF_F_MODULE_RUN, CONF_R_MODULE_INITIALIZATION_ERROR);
	236	BIO_snprintf(rcode, sizeof rcode, "%-8d", ret);
	237	ERR_add_error_data(6, "module=", name, ", value=", value, ", retcode=", rcode);
	238	}
	239	}
	240
	241	return ret;
	242	}
	243
	244	/* Load a module from a DSO */
	245	static CONF_MODULE module_load_dso(const CONF cnf, char name, char value,
	246	unsigned long flags)
	247	{
	248	DSO *dso = NULL;
	249	conf_init_func *ifunc;
	250	conf_finish_func *ffunc;
	251	char *path = NULL;
	252	int errcode = 0;
	253	CONF_MODULE *md;
	254	/* Look for alternative path in module section */
	255	path = NCONF_get_string(cnf, value, "path");
	256	if (!path)
	257	{
	258	ERR_clear_error();
	259	path = name;
	260	}
	261	dso = DSO_load(NULL, path, NULL, 0);
	262	if (!dso)
	263	{
	264	errcode = CONF_R_ERROR_LOADING_DSO;
	265	goto err;
	266	}
	267	ifunc = (conf_init_func *)DSO_bind_func(dso, DSO_mod_init_name);
	268	if (!ifunc)
	269	{
	270	errcode = CONF_R_MISSING_INIT_FUNCTION;
	271	goto err;
	272	}
	273	ffunc = (conf_finish_func *)DSO_bind_func(dso, DSO_mod_finish_name);
	274	/* All OK, add module */
	275	md = module_add(dso, name, ifunc, ffunc);
	276
	277	if (!md)
	278	goto err;
	279
	280	return md;
	281
	282	err:
	283	if (dso)
	284	DSO_free(dso);
	285	CONFerr(CONF_F_MODULE_LOAD_DSO, errcode);
	286	ERR_add_error_data(4, "module=", name, ", path=", path);
	287	return NULL;
	288	}
	289
	290	/* add module to list */
	291	static CONF_MODULE module_add(DSO dso, const char *name,
	292	conf_init_func ifunc, conf_finish_func ffunc)
	293	{
	294	CONF_MODULE *tmod = NULL;
	295	if (supported_modules == NULL)
	296	supported_modules = sk_CONF_MODULE_new_null();
	297	if (supported_modules == NULL)
	298	return NULL;
	299	tmod = OPENSSL_malloc(sizeof(CONF_MODULE));
	300	if (tmod == NULL)
	301	return NULL;
	302
	303	tmod->dso = dso;
	304	tmod->name = BUF_strdup(name);
	305	tmod->init = ifunc;
	306	tmod->finish = ffunc;
	307	tmod->links = 0;
	308
	309	if (!sk_CONF_MODULE_push(supported_modules, tmod))
	310	{
	311	OPENSSL_free(tmod);
	312	return NULL;
	313	}
	314
	315	return tmod;
	316	}
	317
	318	/* Find a module from the list. We allow module names of the
	319	* form modname.XXXX to just search for modname to allow the
	320	* same module to be initialized more than once.
	321	*/
	322
	323	static CONF_MODULE module_find(char name)
	324	{
	325	CONF_MODULE *tmod;
	326	int i, nchar;
	327	char *p;
	328	p = strrchr(name, '.');
	329
	330	if (p)
	331	nchar = p - name;
	332	else
	333	nchar = strlen(name);
	334
	335	for (i = 0; i < sk_CONF_MODULE_num(supported_modules); i++)
	336	{
	337	tmod = sk_CONF_MODULE_value(supported_modules, i);
	338	if (!strncmp(tmod->name, name, nchar))
	339	return tmod;
	340	}
	341
	342	return NULL;
	343
	344	}
	345
	346	/* initialize a module */
	347	static int module_init(CONF_MODULE pmod, char name, char *value,
	348	const CONF *cnf)
	349	{
	350	int ret = 1;
	351	int init_called = 0;
	352	CONF_IMODULE *imod = NULL;
	353
	354	/* Otherwise add initialized module to list */
	355	imod = OPENSSL_malloc(sizeof(CONF_IMODULE));
	356	if (!imod)
	357	goto err;
	358
	359	imod->pmod = pmod;
	360	imod->name = BUF_strdup(name);
	361	imod->value = BUF_strdup(value);
	362	imod->usr_data = NULL;
	363
	364	if (!imod->name \|\| !imod->value)
	365	goto memerr;
	366
	367	/* Try to initialize module */
	368	if(pmod->init)
	369	{
	370	ret = pmod->init(imod, cnf);
	371	init_called = 1;
	372	/* Error occurred, exit */
	373	if (ret <= 0)
	374	goto err;
	375	}
	376
	377	if (initialized_modules == NULL)
	378	{
	379	initialized_modules = sk_CONF_IMODULE_new_null();
	380	if (!initialized_modules)
	381	{
	382	CONFerr(CONF_F_MODULE_INIT, ERR_R_MALLOC_FAILURE);
	383	goto err;
	384	}
	385	}
	386
	387	if (!sk_CONF_IMODULE_push(initialized_modules, imod))
	388	{
	389	CONFerr(CONF_F_MODULE_INIT, ERR_R_MALLOC_FAILURE);
	390	goto err;
	391	}
	392
	393	pmod->links++;
	394
	395	return ret;
	396
	397	err:
	398
	399	/* We've started the module so we'd better finish it */
	400	if (pmod->finish && init_called)
	401	pmod->finish(imod);
	402
	403	memerr:
	404	if (imod)
	405	{
	406	if (imod->name)
	407	OPENSSL_free(imod->name);
	408	if (imod->value)
	409	OPENSSL_free(imod->value);
	410	OPENSSL_free(imod);
	411	}
	412
	413	return -1;
	414
	415	}
	416
	417	/* Unload any dynamic modules that have a link count of zero:
	418	* i.e. have no active initialized modules. If 'all' is set
	419	* then all modules are unloaded including static ones.
	420	*/
	421
	422	void CONF_modules_unload(int all)
	423	{
	424	int i;
	425	CONF_MODULE *md;
	426	CONF_modules_finish();
	427	/* unload modules in reverse order */
	428	for (i = sk_CONF_MODULE_num(supported_modules) - 1; i >= 0; i--)
	429	{
	430	md = sk_CONF_MODULE_value(supported_modules, i);
	431	/* If static or in use and 'all' not set ignore it */
	432	if (((md->links > 0) \|\| !md->dso) && !all)
	433	continue;
	434	/* Since we're working in reverse this is OK */
	435	(void)sk_CONF_MODULE_delete(supported_modules, i);
	436	module_free(md);
	437	}
	438	if (sk_CONF_MODULE_num(supported_modules) == 0)
	439	{
	440	sk_CONF_MODULE_free(supported_modules);
	441	supported_modules = NULL;
	442	}
	443	}
	444
	445	/* unload a single module */
	446	static void module_free(CONF_MODULE *md)
	447	{
	448	if (md->dso)
	449	DSO_free(md->dso);
	450	OPENSSL_free(md->name);
	451	OPENSSL_free(md);
	452	}
	453
	454	/* finish and free up all modules instances */
	455
	456	void CONF_modules_finish(void)
	457	{
	458	CONF_IMODULE *imod;
	459	while (sk_CONF_IMODULE_num(initialized_modules) > 0)
	460	{
	461	imod = sk_CONF_IMODULE_pop(initialized_modules);
	462	module_finish(imod);
	463	}
	464	sk_CONF_IMODULE_free(initialized_modules);
	465	initialized_modules = NULL;
	466	}
	467
	468	/* finish a module instance */
	469
	470	static void module_finish(CONF_IMODULE *imod)
	471	{
	472	if (imod->pmod->finish)
	473	imod->pmod->finish(imod);
	474	imod->pmod->links--;
	475	OPENSSL_free(imod->name);
	476	OPENSSL_free(imod->value);
	477	OPENSSL_free(imod);
	478	}
	479
	480	/* Add a static module to OpenSSL */
	481
	482	int CONF_module_add(const char name, conf_init_func ifunc,
	483	conf_finish_func *ffunc)
	484	{
	485	if (module_add(NULL, name, ifunc, ffunc))
	486	return 1;
	487	else
	488	return 0;
	489	}
	490
	491	void CONF_modules_free(void)
	492	{
	493	CONF_modules_finish();
	494	CONF_modules_unload(1);
	495	}
	496
	497	/* Utility functions */
	498
	499	const char CONF_imodule_get_name(const CONF_IMODULE md)
	500	{
	501	return md->name;
	502	}
	503
	504	const char CONF_imodule_get_value(const CONF_IMODULE md)
	505	{
	506	return md->value;
	507	}
	508
	509	void CONF_imodule_get_usr_data(const CONF_IMODULE md)
	510	{
	511	return md->usr_data;
	512	}
	513
	514	void CONF_imodule_set_usr_data(CONF_IMODULE md, void usr_data)
	515	{
	516	md->usr_data = usr_data;
	517	}
	518
	519	CONF_MODULE CONF_imodule_get_module(const CONF_IMODULE md)
	520	{
	521	return md->pmod;
	522	}
	523
	524	unsigned long CONF_imodule_get_flags(const CONF_IMODULE *md)
	525	{
	526	return md->flags;
	527	}
	528
	529	void CONF_imodule_set_flags(CONF_IMODULE *md, unsigned long flags)
	530	{
	531	md->flags = flags;
	532	}
	533
	534	void CONF_module_get_usr_data(CONF_MODULE pmod)
	535	{
	536	return pmod->usr_data;
	537	}
	538
	539	void CONF_module_set_usr_data(CONF_MODULE pmod, void usr_data)
	540	{
	541	pmod->usr_data = usr_data;
	542	}
	543
	544	/* Return default config file name */
	545
	546	char *CONF_get1_default_config_file(void)
	547	{
	548	char *file;
	549	int len;
	550
	551	file = getenv("OPENSSL_CONF");
	552	if (file)
	553	return BUF_strdup(file);
	554
	555	len = strlen(X509_get_default_cert_area());
	556	#ifndef OPENSSL_SYS_VMS
	557	len++;
	558	#endif
	559	len += strlen(OPENSSL_CONF);
	560
	561	file = OPENSSL_malloc(len + 1);
	562
	563	if (!file)
	564	return NULL;
	565	BUF_strlcpy(file,X509_get_default_cert_area(),len + 1);
	566	#ifndef OPENSSL_SYS_VMS
	567	BUF_strlcat(file,"/",len + 1);
	568	#endif
	569	BUF_strlcat(file,OPENSSL_CONF,len + 1);
	570
	571	return file;
	572	}
	573
	574	/* This function takes a list separated by 'sep' and calls the
	575	* callback function giving the start and length of each member
	576	* optionally stripping leading and trailing whitespace. This can
	577	* be used to parse comma separated lists for example.
	578	*/
	579
	580	int CONF_parse_list(const char *list_, int sep, int nospc,
	581	int (list_cb)(const char elem, int len, void usr), void arg)
	582	{
	583	int ret;
	584	const char lstart, tmpend, *p;
	585
	586	if(list_ == NULL)
	587	{
	588	CONFerr(CONF_F_CONF_PARSE_LIST, CONF_R_LIST_CANNOT_BE_NULL);
	589	return 0;
	590	}
	591
	592	lstart = list_;
	593	for(;;)
	594	{
	595	if (nospc)
	596	{
	597	while(lstart && isspace((unsigned char)lstart))
	598	lstart++;
	599	}
	600	p = strchr(lstart, sep);
	601	if (p == lstart \|\| !*lstart)
	602	ret = list_cb(NULL, 0, arg);
	603	else
	604	{
	605	if (p)
	606	tmpend = p - 1;
	607	else
	608	tmpend = lstart + strlen(lstart) - 1;
	609	if (nospc)
	610	{
	611	while(isspace((unsigned char)*tmpend))
	612	tmpend--;
	613	}
	614	ret = list_cb(lstart, tmpend - lstart + 1, arg);
	615	}
	616	if (ret <= 0)
	617	return ret;
	618	if (p == NULL)
	619	return 1;
	620	lstart = p + 1;
	621	}
	622	}
	623