/* char *value: Value */
static X509_EXTENSION *
do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid, int crit, char *value)
{
const X509V3_EXT_METHOD *method;
X509_EXTENSION *ext;
STACK_OF(CONF_VALUE) *nval;
void *ext_struc;
if (ext_nid == NID_undef) {
X509V3err(X509V3_F_DO_EXT_NCONF,
X509V3_R_UNKNOWN_EXTENSION_NAME);
return NULL;
}
if (!(method = X509V3_EXT_get_nid(ext_nid))) {
X509V3err(X509V3_F_DO_EXT_NCONF, X509V3_R_UNKNOWN_EXTENSION);
return NULL;
}
/* Now get internal extension representation based on type */
if (method->v2i) {
if (*value == '@')
nval = NCONF_get_section(conf, value + 1);
else
nval = X509V3_parse_list(value);
if (sk_CONF_VALUE_num(nval) <= 0) {
X509V3err(X509V3_F_DO_EXT_NCONF,
X509V3_R_INVALID_EXTENSION_STRING);
ERR_asprintf_error_data("name=%s,section=%s",
OBJ_nid2sn(ext_nid), value);
return NULL;
}
ext_struc = method->v2i(method, ctx, nval);
if (*value != '@')
sk_CONF_VALUE_pop_free(nval, X509V3_conf_free);
if (!ext_struc)
return NULL;
} else if (method->s2i) {
if (!(ext_struc = method->s2i(method, ctx, value)))
return NULL;
} else if (method->r2i) {
if (!ctx->db || !ctx->db_meth) {
X509V3err(X509V3_F_DO_EXT_NCONF,
X509V3_R_NO_CONFIG_DATABASE);
return NULL;
}
if (!(ext_struc = method->r2i(method, ctx, value)))
return NULL;
} else {
X509V3err(X509V3_F_DO_EXT_NCONF,
X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED);
ERR_asprintf_error_data("name=%s", OBJ_nid2sn(ext_nid));
return NULL;
}
ext = do_ext_i2d(method, ext_nid, crit, ext_struc);
if (method->it)
ASN1_item_free(ext_struc, ASN1_ITEM_ptr(method->it));
else
method->ext_free(ext_struc);
return ext;
}
BIO *
BIO_new_file(const char *filename, const char *mode)
{
BIO *ret;
FILE *file = NULL;
file = fopen(filename, mode);
if (file == NULL) {
SYSerr(SYS_F_FOPEN, errno);
ERR_asprintf_error_data("fopen('%s', '%s')", filename, mode);
if (errno == ENOENT)
BIOerr(BIO_F_BIO_NEW_FILE, BIO_R_NO_SUCH_FILE);
else
BIOerr(BIO_F_BIO_NEW_FILE, ERR_R_SYS_LIB);
return (NULL);
}
if ((ret = BIO_new(BIO_s_file())) == NULL) {
fclose(file);
return (NULL);
}
BIO_set_fp(ret, file, BIO_CLOSE);
return (ret);
}
static void *
dlfcn_bind_var(DSO *dso, const char *symname)
{
void *ptr, *sym;
if ((dso == NULL) || (symname == NULL)) {
DSOerr(DSO_F_DLFCN_BIND_VAR, ERR_R_PASSED_NULL_PARAMETER);
return (NULL);
}
if (sk_void_num(dso->meth_data) < 1) {
DSOerr(DSO_F_DLFCN_BIND_VAR, DSO_R_STACK_ERROR);
return (NULL);
}
ptr = sk_void_value(dso->meth_data, sk_void_num(dso->meth_data) - 1);
if (ptr == NULL) {
DSOerr(DSO_F_DLFCN_BIND_VAR, DSO_R_NULL_HANDLE);
return (NULL);
}
sym = dlsym(ptr, symname);
if (sym == NULL) {
DSOerr(DSO_F_DLFCN_BIND_VAR, DSO_R_SYM_FAILURE);
ERR_asprintf_error_data("symname(%s): %s", symname, dlerror());
return (NULL);
}
return (sym);
}
int
BIO_get_host_ip(const char *str, unsigned char *ip)
{
int i;
int err = 1;
struct hostent *he;
if (inet_pton(AF_INET, str, ip) == 1)
return (1);
/* do a gethostbyname */
CRYPTO_w_lock(CRYPTO_LOCK_GETHOSTBYNAME);
he = BIO_gethostbyname(str);
if (he == NULL) {
BIOerr(BIO_F_BIO_GET_HOST_IP, BIO_R_BAD_HOSTNAME_LOOKUP);
goto err;
}
if (he->h_addrtype != AF_INET) {
BIOerr(BIO_F_BIO_GET_HOST_IP,
BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET);
goto err;
}
for (i = 0; i < 4; i++)
ip[i] = he->h_addr_list[0][i];
err = 0;
err:
CRYPTO_w_unlock(CRYPTO_LOCK_GETHOSTBYNAME);
if (err) {
ERR_asprintf_error_data("host=%s", str);
return 0;
} else
return 1;
}
static DSO_FUNC_TYPE
dlfcn_bind_func(DSO *dso, const char *symname)
{
void *ptr;
union {
DSO_FUNC_TYPE sym;
void *dlret;
} u;
if ((dso == NULL) || (symname == NULL)) {
DSOerr(DSO_F_DLFCN_BIND_FUNC, ERR_R_PASSED_NULL_PARAMETER);
return (NULL);
}
if (sk_void_num(dso->meth_data) < 1) {
DSOerr(DSO_F_DLFCN_BIND_FUNC, DSO_R_STACK_ERROR);
return (NULL);
}
ptr = sk_void_value(dso->meth_data, sk_void_num(dso->meth_data) - 1);
if (ptr == NULL) {
DSOerr(DSO_F_DLFCN_BIND_FUNC, DSO_R_NULL_HANDLE);
return (NULL);
}
u.dlret = dlsym(ptr, symname);
if (u.dlret == NULL) {
DSOerr(DSO_F_DLFCN_BIND_FUNC, DSO_R_SYM_FAILURE);
ERR_asprintf_error_data("symname(%s): %s", symname, dlerror());
return (NULL);
}
return u.sym;
}
static int
dlfcn_pathbyaddr(void *addr, char *path, int sz)
{
Dl_info dli;
int len;
if (addr == NULL) {
union{
int(*f)(void*, char*, int);
void *p;
} t = { dlfcn_pathbyaddr };
addr = t.p;
}
if (dladdr(addr, &dli)) {
len = (int)strlen(dli.dli_fname);
if (sz <= 0)
return len + 1;
if (len >= sz)
len = sz - 1;
memcpy(path, dli.dli_fname, len);
path[len++] = 0;
return len;
}
ERR_asprintf_error_data("dlfcn_pathbyaddr(): %s", dlerror());
return -1;
}
/* Create a generic extension: for now just handle DER type */
static X509_EXTENSION *
v3_generic_extension(const char *ext, char *value, int crit, int gen_type,
X509V3_CTX *ctx)
{
unsigned char *ext_der = NULL;
long ext_len;
ASN1_OBJECT *obj = NULL;
ASN1_OCTET_STRING *oct = NULL;
X509_EXTENSION *extension = NULL;
if (!(obj = OBJ_txt2obj(ext, 0))) {
X509V3err(X509V3_F_V3_GENERIC_EXTENSION,
X509V3_R_EXTENSION_NAME_ERROR);
ERR_asprintf_error_data("name=%s", ext);
goto err;
}
if (gen_type == 1)
ext_der = string_to_hex(value, &ext_len);
else if (gen_type == 2)
ext_der = generic_asn1(value, ctx, &ext_len);
if (ext_der == NULL) {
X509V3err(X509V3_F_V3_GENERIC_EXTENSION,
X509V3_R_EXTENSION_VALUE_ERROR);
ERR_asprintf_error_data("value=%s", value);
goto err;
}
if (!(oct = M_ASN1_OCTET_STRING_new())) {
X509V3err(X509V3_F_V3_GENERIC_EXTENSION, ERR_R_MALLOC_FAILURE);
goto err;
}
oct->data = ext_der;
oct->length = ext_len;
ext_der = NULL;
extension = X509_EXTENSION_create_by_OBJ(NULL, obj, crit, oct);
err:
ASN1_OBJECT_free(obj);
M_ASN1_OCTET_STRING_free(oct);
free(ext_der);
return extension;
}
static int
bio_zlib_read(BIO *b, char *out, int outl)
{
BIO_ZLIB_CTX *ctx;
int ret;
z_stream *zin;
if (!out || !outl)
return 0;
ctx = (BIO_ZLIB_CTX *)b->ptr;
zin = &ctx->zin;
BIO_clear_retry_flags(b);
if (!ctx->ibuf) {
ctx->ibuf = malloc(ctx->ibufsize);
if (!ctx->ibuf) {
COMPerr(COMP_F_BIO_ZLIB_READ, ERR_R_MALLOC_FAILURE);
return 0;
}
inflateInit(zin);
zin->next_in = ctx->ibuf;
zin->avail_in = 0;
}
/* Copy output data directly to supplied buffer */
zin->next_out = (unsigned char *)out;
zin->avail_out = (unsigned int)outl;
for (;;) {
/* Decompress while data available */
while (zin->avail_in) {
ret = inflate(zin, 0);
if ((ret != Z_OK) && (ret != Z_STREAM_END)) {
COMPerr(COMP_F_BIO_ZLIB_READ,
COMP_R_ZLIB_INFLATE_ERROR);
ERR_asprintf_error_data("zlib error:%s",
zError(ret));
return 0;
}
/* If EOF or we've read everything then return */
if ((ret == Z_STREAM_END) || !zin->avail_out)
return outl - zin->avail_out;
}
/* No data in input buffer try to read some in,
* if an error then return the total data read.
*/
ret = BIO_read(b->next_bio, ctx->ibuf, ctx->ibufsize);
if (ret <= 0) {
/* Total data read */
int tot = outl - zin->avail_out;
BIO_copy_next_retry(b);
if (ret < 0)
return (tot > 0) ? tot : ret;
return tot;
}
zin->avail_in = ret;
zin->next_in = ctx->ibuf;
}
}
static int
parse_tagging(const char *vstart, int vlen, int *ptag, int *pclass)
{
long tag_num;
char *eptr;
if (!vstart)
return 0;
tag_num = strtoul(vstart, &eptr, 10);
/* Check we haven't gone past max length: should be impossible */
if (eptr && *eptr && (eptr > vstart + vlen))
return 0;
if (tag_num < 0) {
ASN1err(ASN1_F_PARSE_TAGGING, ASN1_R_INVALID_NUMBER);
return 0;
}
*ptag = tag_num;
/* If we have non numeric characters, parse them */
if (eptr)
vlen -= eptr - vstart;
else
vlen = 0;
if (vlen) {
switch (*eptr) {
case 'U':
*pclass = V_ASN1_UNIVERSAL;
break;
case 'A':
*pclass = V_ASN1_APPLICATION;
break;
case 'P':
*pclass = V_ASN1_PRIVATE;
break;
case 'C':
*pclass = V_ASN1_CONTEXT_SPECIFIC;
break;
default:
ASN1err(ASN1_F_PARSE_TAGGING, ASN1_R_INVALID_MODIFIER);
ERR_asprintf_error_data("Char=%c", *eptr);
return 0;
break;
}
} else
*pclass = V_ASN1_CONTEXT_SPECIFIC;
return 1;
}
int ENGINE_set_default_string(ENGINE *e, const char *def_list)
{
unsigned int flags = 0;
if (!CONF_parse_list(def_list, ',', 1, int_def_cb, &flags))
{
ENGINEerr(ENGINE_F_ENGINE_SET_DEFAULT_STRING,
ENGINE_R_INVALID_STRING);
ERR_asprintf_error_data("str=%s",def_list);
return 0;
}
return ENGINE_set_default(e, flags);
}
int
EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de)
{
const EVP_CIPHER *cipher;
const EVP_MD *md;
int cipher_nid, md_nid;
EVP_PBE_KEYGEN *keygen;
if (!EVP_PBE_find(EVP_PBE_TYPE_OUTER, OBJ_obj2nid(pbe_obj),
&cipher_nid, &md_nid, &keygen)) {
char obj_tmp[80];
EVPerr(EVP_F_EVP_PBE_CIPHERINIT, EVP_R_UNKNOWN_PBE_ALGORITHM);
if (!pbe_obj)
strlcpy(obj_tmp, "NULL", sizeof obj_tmp);
else
i2t_ASN1_OBJECT(obj_tmp, sizeof obj_tmp, pbe_obj);
ERR_asprintf_error_data("TYPE=%s", obj_tmp);
return 0;
}
if (!pass)
passlen = 0;
else if (passlen == -1)
passlen = strlen(pass);
if (cipher_nid == -1)
cipher = NULL;
else {
cipher = EVP_get_cipherbynid(cipher_nid);
if (!cipher) {
EVPerr(EVP_F_EVP_PBE_CIPHERINIT, EVP_R_UNKNOWN_CIPHER);
return 0;
}
}
if (md_nid == -1)
md = NULL;
else {
md = EVP_get_digestbynid(md_nid);
if (!md) {
EVPerr(EVP_F_EVP_PBE_CIPHERINIT, EVP_R_UNKNOWN_DIGEST);
return 0;
}
}
if (!keygen(ctx, pass, passlen, param, cipher, md, en_de)) {
EVPerr(EVP_F_EVP_PBE_CIPHERINIT, EVP_R_KEYGEN_FAILURE);
return 0;
}
return 1;
}
int
BIO_get_host_ip(const char *str, unsigned char *ip)
{
int i;
int err = 1;
int locked = 0;
struct hostent *he;
i = get_ip(str, ip);
if (i < 0) {
BIOerr(BIO_F_BIO_GET_HOST_IP, BIO_R_INVALID_IP_ADDRESS);
goto err;
}
/* At this point, we have something that is most probably correct
in some way, so let's init the socket. */
if (BIO_sock_init() != 1)
return 0; /* don't generate another error code here */
/* If the string actually contained an IP address, we need not do
anything more */
if (i > 0)
return (1);
/* do a gethostbyname */
CRYPTO_w_lock(CRYPTO_LOCK_GETHOSTBYNAME);
locked = 1;
he = BIO_gethostbyname(str);
if (he == NULL) {
BIOerr(BIO_F_BIO_GET_HOST_IP, BIO_R_BAD_HOSTNAME_LOOKUP);
goto err;
}
/* cast to short because of win16 winsock definition */
if ((short)he->h_addrtype != AF_INET) {
BIOerr(BIO_F_BIO_GET_HOST_IP, BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET);
goto err;
}
for (i = 0; i < 4; i++)
ip[i] = he->h_addr_list[0][i];
err = 0;
err:
if (locked)
CRYPTO_w_unlock(CRYPTO_LOCK_GETHOSTBYNAME);
if (err) {
ERR_asprintf_error_data("host=%s", str);
return 0;
} else
return 1;
}
static int
bio_zlib_flush(BIO *b)
{
BIO_ZLIB_CTX *ctx;
int ret;
z_stream *zout;
ctx = (BIO_ZLIB_CTX *)b->ptr;
/* If no data written or already flush show success */
if (!ctx->obuf || (ctx->odone && !ctx->ocount))
return 1;
zout = &ctx->zout;
BIO_clear_retry_flags(b);
/* No more input data */
zout->next_in = NULL;
zout->avail_in = 0;
for (;;) {
/* If data in output buffer write it first */
while (ctx->ocount) {
ret = BIO_write(b->next_bio, ctx->optr, ctx->ocount);
if (ret <= 0) {
BIO_copy_next_retry(b);
return ret;
}
ctx->optr += ret;
ctx->ocount -= ret;
}
if (ctx->odone)
return 1;
/* Compress some more */
/* Reset buffer */
ctx->optr = ctx->obuf;
zout->next_out = ctx->obuf;
zout->avail_out = ctx->obufsize;
/* Compress some more */
ret = deflate(zout, Z_FINISH);
if (ret == Z_STREAM_END)
ctx->odone = 1;
else if (ret != Z_OK) {
COMPerr(COMP_F_BIO_ZLIB_FLUSH,
COMP_R_ZLIB_DEFLATE_ERROR);
ERR_asprintf_error_data("zlib error:%s", zError(ret));
return 0;
}
ctx->ocount = ctx->obufsize - zout->avail_out;
}
}
ENGINE *
ENGINE_by_id(const char *id)
{
ENGINE *iterator;
ENGINE *tmp;
tmp = engine_list_head;
while (tmp) {
printf("my engine iterator, id%s\n", tmp->id);
tmp = tmp->next;
}
printf("my engine, file:%s line:%d\n", __FILE__, __LINE__);
if (id == NULL) {
ENGINEerr(ENGINE_F_ENGINE_BY_ID,
ERR_R_PASSED_NULL_PARAMETER);
return NULL;
}
CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
printf("my engine, file:%s line:%d\n", __FILE__, __LINE__);
iterator = engine_list_head;
while (iterator && (strcmp(id, iterator->id) != 0) && printf("my engine iterator, id%s\n", iterator->id))
iterator = iterator->next;
if (iterator) {
/* We need to return a structural reference. If this is an
* ENGINE type that returns copies, make a duplicate - otherwise
* increment the existing ENGINE's reference count. */
if (iterator->flags & ENGINE_FLAGS_BY_ID_COPY) {
ENGINE *cp = ENGINE_new();
if (!cp)
iterator = NULL;
else {
engine_cpy(cp, iterator);
iterator = cp;
}
} else {
iterator->struct_ref++;
engine_ref_debug(iterator, 0, 1)
}
}
CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
printf("my engine, file:%s line:%d\n", __FILE__, __LINE__);
if (iterator == NULL) {
ENGINEerr(ENGINE_F_ENGINE_BY_ID, ENGINE_R_NO_SUCH_ENGINE);
ERR_asprintf_error_data("id=%s", id);
}
return iterator;
}
X509_NAME_ENTRY *
X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne,
const char *field, int type, const unsigned char *bytes, int len)
{
ASN1_OBJECT *obj;
X509_NAME_ENTRY *nentry;
obj = OBJ_txt2obj(field, 0);
if (obj == NULL) {
X509error(X509_R_INVALID_FIELD_NAME);
ERR_asprintf_error_data("name=%s", field);
return (NULL);
}
nentry = X509_NAME_ENTRY_create_by_OBJ(ne, obj, type, bytes, len);
ASN1_OBJECT_free(obj);
return nentry;
}
/* char *value: Value */
X509_EXTENSION *
X509V3_EXT_nconf(CONF *conf, X509V3_CTX *ctx, char *name, char *value)
{
int crit;
int ext_type;
X509_EXTENSION *ret;
crit = v3_check_critical(&value);
if ((ext_type = v3_check_generic(&value)))
return v3_generic_extension(name, value, crit, ext_type, ctx);
ret = do_ext_nconf(conf, ctx, OBJ_sn2nid(name), crit, value);
if (!ret) {
X509V3err(X509V3_F_X509V3_EXT_NCONF,
X509V3_R_ERROR_IN_EXTENSION);
ERR_asprintf_error_data("name=%s, value=%s", name, value);
}
return ret;
}
int
PEM_bytes_read_bio(unsigned char **pdata, long *plen, char **pnm,
const char *name, BIO *bp, pem_password_cb *cb, void *u)
{
EVP_CIPHER_INFO cipher;
char *nm = NULL, *header = NULL;
unsigned char *data = NULL;
long len;
int ret = 0;
for (;;) {
if (!PEM_read_bio(bp, &nm, &header, &data, &len)) {
if (ERR_GET_REASON(ERR_peek_error()) ==
PEM_R_NO_START_LINE)
ERR_asprintf_error_data("Expecting: %s", name);
return 0;
}
if (check_pem(nm, name))
break;
free(nm);
free(header);
free(data);
}
if (!PEM_get_EVP_CIPHER_INFO(header, &cipher))
goto err;
if (!PEM_do_header(&cipher, data, &len, cb, u))
goto err;
*pdata = data;
*plen = len;
if (pnm)
*pnm = nm;
ret = 1;
err:
if (!ret || !pnm)
free(nm);
free(header);
if (!ret)
free(data);
return ret;
}
int
BIO_get_port(const char *str, unsigned short *port_ptr)
{
int i;
struct servent *s;
if (str == NULL) {
BIOerr(BIO_F_BIO_GET_PORT, BIO_R_NO_PORT_DEFINED);
return (0);
}
i = atoi(str);
if (i != 0)
*port_ptr = (unsigned short)i;
else {
CRYPTO_w_lock(CRYPTO_LOCK_GETSERVBYNAME);
s = getservbyname(str, "tcp");
if (s != NULL)
*port_ptr = ntohs((unsigned short)s->s_port);
CRYPTO_w_unlock(CRYPTO_LOCK_GETSERVBYNAME);
if (s == NULL) {
if (strcmp(str, "http") == 0)
*port_ptr = 80;
else if (strcmp(str, "telnet") == 0)
*port_ptr = 23;
else if (strcmp(str, "socks") == 0)
*port_ptr = 1080;
else if (strcmp(str, "https") == 0)
*port_ptr = 443;
else if (strcmp(str, "ssl") == 0)
*port_ptr = 443;
else if (strcmp(str, "ftp") == 0)
*port_ptr = 21;
else if (strcmp(str, "gopher") == 0)
*port_ptr = 70;
else {
SYSerr(SYS_F_GETSERVBYNAME, errno);
ERR_asprintf_error_data("service='%s'", str);
return (0);
}
}
}
return (1);
}
EVP_PKEY *
EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8)
{
EVP_PKEY *pkey = NULL;
ASN1_OBJECT *algoid;
char obj_tmp[80];
if (!PKCS8_pkey_get0(&algoid, NULL, NULL, NULL, p8))
return NULL;
if (!(pkey = EVP_PKEY_new())) {
EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_MALLOC_FAILURE);
return NULL;
}
if (!EVP_PKEY_set_type(pkey, OBJ_obj2nid(algoid))) {
EVPerr(EVP_F_EVP_PKCS82PKEY,
EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM);
i2t_ASN1_OBJECT(obj_tmp, 80, algoid);
ERR_asprintf_error_data("TYPE=%s", obj_tmp);
goto error;
}
if (pkey->ameth->priv_decode) {
if (!pkey->ameth->priv_decode(pkey, p8)) {
EVPerr(EVP_F_EVP_PKCS82PKEY,
EVP_R_PRIVATE_KEY_DECODE_ERROR);
goto error;
}
} else {
EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_METHOD_NOT_SUPPORTED);
goto error;
}
return pkey;
error:
EVP_PKEY_free (pkey);
return NULL;
}
