diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2002-01-21 03:02:36 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2002-01-21 03:02:36 +0000 |
commit | c9501c223f0a3d48a17418afd107e7bfb25af6b1 (patch) | |
tree | ec206960238bbceddf610d8957418af1e37a4772 /crypto/conf | |
parent | 9dd5ae65533ec43e66efe66e1bbcddce4cb05509 (diff) | |
download | openssl-new-c9501c223f0a3d48a17418afd107e7bfb25af6b1.tar.gz |
Initial ENGINE config module, docs to follow.
Fix buffer overrun errors in OPENSSL_conf().
Diffstat (limited to 'crypto/conf')
-rw-r--r-- | crypto/conf/conf.h | 2 | ||||
-rw-r--r-- | crypto/conf/conf_mall.c | 25 | ||||
-rw-r--r-- | crypto/conf/conf_mod.c | 29 |
3 files changed, 40 insertions, 16 deletions
diff --git a/crypto/conf/conf.h b/crypto/conf/conf.h index df84fa4de4..26452d4c81 100644 --- a/crypto/conf/conf.h +++ b/crypto/conf/conf.h @@ -188,6 +188,8 @@ void CONF_imodule_set_flags(CONF_IMODULE *md, unsigned long flags); void *CONF_module_get_usr_data(CONF_MODULE *pmod); void CONF_module_set_usr_data(CONF_MODULE *pmod, void *usr_data); +char *CONF_get1_default_config_file(void); + /* BEGIN ERROR CODES */ /* The following lines are auto generated by the script mkerr.pl. Any changes * made after this point may be overwritten when the script is next run. diff --git a/crypto/conf/conf_mall.c b/crypto/conf/conf_mall.c index 3e752ac694..814d5df877 100644 --- a/crypto/conf/conf_mall.c +++ b/crypto/conf/conf_mall.c @@ -63,11 +63,13 @@ #include <openssl/dso.h> #include <openssl/x509.h> #include <openssl/asn1.h> +#include <openssl/engine.h> void OPENSSL_load_builtin_modules(void) { /* Add builtin modules here */ ASN1_add_oid_module(); + ENGINE_add_conf_module(); } /* This is the automatic configuration loader: it is called automatically by @@ -77,32 +79,24 @@ void OPENSSL_load_builtin_modules(void) static int openssl_configured = 0; -#if 0 /* Disabled because of obvious buffer overflow. - * This is not yet actually used anywhere -- but it shouldn't - * unless it is fixed first. */ void OPENSSL_config(void) { - char *file, config_name[256]; + int ret; + char *file; if (openssl_configured) return; OPENSSL_load_builtin_modules(); - file = getenv("OPENSSL_CONF"); + file = CONF_get1_default_config_file(); if (!file) - { - strcpy(config_name,X509_get_default_cert_area()); -#ifndef OPENSSL_SYS_VMS - strcat(config_name,"/"); -#endif - strcat(config_name,OPENSSL_CONF); - file=config_name; - } + return; - if(CONF_modules_load_file(file, "openssl_config", 0) <= 0) + ret = CONF_modules_load_file(file, "openssl_config", 0); + OPENSSL_free(file); + if (ret <= 0) { BIO *bio_err; - ERR_load_crypto_strings(); if ((bio_err=BIO_new(BIO_s_file())) != NULL) { @@ -116,7 +110,6 @@ void OPENSSL_config(void) return; } -#endif void OPENSSL_no_config() { diff --git a/crypto/conf/conf_mod.c b/crypto/conf/conf_mod.c index e2e357fe6a..234eb7a06e 100644 --- a/crypto/conf/conf_mod.c +++ b/crypto/conf/conf_mod.c @@ -520,3 +520,32 @@ void CONF_module_set_usr_data(CONF_MODULE *pmod, void *usr_data) pmod->usr_data = usr_data; } +/* Return default config file name */ + +char *CONF_get1_default_config_file(void) + { + char *file; + int len; + + file = getenv("OPENSSL_CONF"); + if (file) + return BUF_strdup(file); + + len = strlen(X509_get_default_cert_area()); +#ifndef OPENSSL_SYS_VMS + len++; +#endif + len += strlen(OPENSSL_CONF); + + file = OPENSSL_malloc(len + 1); + + if (!file) + return NULL; + strcpy(file,X509_get_default_cert_area()); +#ifndef OPENSSL_SYS_VMS + strcat(file,"/"); +#endif + strcat(file,OPENSSL_CONF); + + return file; + } |