static void *dlfcn_bind_var(DSO *dso, const char *symname)
{
void *ptr, *sym;
if((dso == NULL) || (symname == NULL))
{
DSOerr(DSO_F_DLFCN_BIND_VAR,ERR_R_PASSED_NULL_PARAMETER);
return(NULL);
}
if(sk_num(dso->meth_data) < 1)
{
DSOerr(DSO_F_DLFCN_BIND_VAR,DSO_R_STACK_ERROR);
return(NULL);
}
ptr = (void *)sk_value(dso->meth_data, sk_num(dso->meth_data) - 1);
if(ptr == NULL)
{
DSOerr(DSO_F_DLFCN_BIND_VAR,DSO_R_NULL_HANDLE);
return(NULL);
}
sym = dlsym(ptr, symname);
if(sym == NULL)
{
DSOerr(DSO_F_DLFCN_BIND_VAR,DSO_R_SYM_FAILURE);
return(NULL);
}
return(sym);
}
static void *dl_bind_var(DSO *dso, const char *symname)
{
shl_t ptr;
void *sym;
if((dso == NULL) || (symname == NULL))
{
DSOerr(DSO_F_DL_BIND_VAR,ERR_R_PASSED_NULL_PARAMETER);
return(NULL);
}
if(sk_num(dso->meth_data) < 1)
{
DSOerr(DSO_F_DL_BIND_VAR,DSO_R_STACK_ERROR);
return(NULL);
}
ptr = (shl_t)sk_value(dso->meth_data, sk_num(dso->meth_data) - 1);
if(ptr == NULL)
{
DSOerr(DSO_F_DL_BIND_VAR,DSO_R_NULL_HANDLE);
return(NULL);
}
if (shl_findsym(&ptr, symname, TYPE_UNDEFINED, &sym) < 0)
{
DSOerr(DSO_F_DL_BIND_VAR,DSO_R_SYM_FAILURE);
return(NULL);
}
return(sym);
}
static DSO_FUNC_TYPE win32_bind_func(DSO *dso, const char *symname)
{
HINSTANCE *ptr;
void *sym;
if((dso == NULL) || (symname == NULL))
{
DSOerr(DSO_F_WIN32_BIND_FUNC,ERR_R_PASSED_NULL_PARAMETER);
return(NULL);
}
if(sk_num(dso->meth_data) < 1)
{
DSOerr(DSO_F_WIN32_BIND_FUNC,DSO_R_STACK_ERROR);
return(NULL);
}
ptr = (HINSTANCE *)sk_value(dso->meth_data, sk_num(dso->meth_data) - 1);
if(ptr == NULL)
{
DSOerr(DSO_F_WIN32_BIND_FUNC,DSO_R_NULL_HANDLE);
return(NULL);
}
sym = GetProcAddress(*ptr, symname);
if(sym == NULL)
{
DSOerr(DSO_F_WIN32_BIND_FUNC,DSO_R_SYM_FAILURE);
ERR_add_error_data(3, "symname(", symname, ")");
return(NULL);
}
return((DSO_FUNC_TYPE)sym);
}
static DSO_FUNC_TYPE beos_bind_func (DSO * dso, const char *symname)
{
image_id id;
void *sym;
if ((dso == NULL) || (symname == NULL))
{
DSOerr (DSO_F_BEOS_BIND_FUNC, ERR_R_PASSED_NULL_PARAMETER);
return (NULL);
}
if (sk_num (dso->meth_data) < 1)
{
DSOerr (DSO_F_BEOS_BIND_FUNC, DSO_R_STACK_ERROR);
return (NULL);
}
id = (image_id) sk_value (dso->meth_data, sk_num (dso->meth_data) - 1);
if (id < 1)
{
DSOerr (DSO_F_BEOS_BIND_FUNC, DSO_R_NULL_HANDLE);
return (NULL);
}
if (get_image_symbol (id, symname, B_SYMBOL_TYPE_TEXT, &sym) != B_OK)
{
DSOerr (DSO_F_BEOS_BIND_FUNC, DSO_R_SYM_FAILURE);
ERR_add_error_data (3, "symname(", symname, ")");
return (NULL);
}
return ((DSO_FUNC_TYPE) sym);
}
static DSO_FUNC_TYPE dlfcn_bind_func(DSO *dso, const char *symname)
{
void *ptr;
DSO_FUNC_TYPE sym, *tsym = &sym;
if((dso == NULL) || (symname == NULL))
{
DSOerr(DSO_F_DLFCN_BIND_FUNC,ERR_R_PASSED_NULL_PARAMETER);
return(NULL);
}
if(sk_num(dso->meth_data) < 1)
{
DSOerr(DSO_F_DLFCN_BIND_FUNC,DSO_R_STACK_ERROR);
return(NULL);
}
ptr = (void *)sk_value(dso->meth_data, sk_num(dso->meth_data) - 1);
if(ptr == NULL)
{
DSOerr(DSO_F_DLFCN_BIND_FUNC,DSO_R_NULL_HANDLE);
return(NULL);
}
*(void **)(tsym) = dlsym(ptr, symname);
if(sym == NULL)
{
DSOerr(DSO_F_DLFCN_BIND_FUNC,DSO_R_SYM_FAILURE);
ERR_add_error_data(4, "symname(", symname, "): ", dlerror());
return(NULL);
}
return(sym);
}
static DSO_FUNC_TYPE dl_bind_func(DSO *dso, const char *symname)
{
shl_t ptr;
void *sym;
if ((dso == NULL) || (symname == NULL)) {
DSOerr(DSO_F_DL_BIND_FUNC, ERR_R_PASSED_NULL_PARAMETER);
return (NULL);
}
if (sk_num(dso->meth_data) < 1) {
DSOerr(DSO_F_DL_BIND_FUNC, DSO_R_STACK_ERROR);
return (NULL);
}
ptr = (shl_t) sk_value(dso->meth_data, sk_num(dso->meth_data) - 1);
if (ptr == NULL) {
DSOerr(DSO_F_DL_BIND_FUNC, DSO_R_NULL_HANDLE);
return (NULL);
}
if (shl_findsym(&ptr, symname, TYPE_UNDEFINED, &sym) < 0) {
DSOerr(DSO_F_DL_BIND_FUNC, DSO_R_SYM_FAILURE);
ERR_add_error_data(4, "symname(", symname, "): ", strerror(errno));
return (NULL);
}
return ((DSO_FUNC_TYPE)sym);
}
static STORE_OBJECT *mem_list_next(STORE *s, void *handle)
{
int i;
struct mem_ctx_st *context = (struct mem_ctx_st *)handle;
struct mem_object_data_st key = { 0, 0, 1 };
struct mem_data_st *store =
(struct mem_data_st *)STORE_get_ex_data(s, 1);
int srch;
int cres = 0;
if (!context)
{
STOREerr(STORE_F_MEM_LIST_NEXT, ERR_R_PASSED_NULL_PARAMETER);
return NULL;
}
if (!store)
{
STOREerr(STORE_F_MEM_LIST_NEXT, STORE_R_NO_STORE);
return NULL;
}
if (context->search_index == -1)
{
for (i = 0; i < sk_num(context->search_attributes); i++)
{
key.attr_info =
(STORE_ATTR_INFO *)sk_value(context->search_attributes, i);
srch = sk_find_ex(store->data, (char *)&key);
if (srch >= 0)
{
context->search_index = srch;
break;
}
}
}
if (context->search_index < 0)
return NULL;
key.attr_info =
(STORE_ATTR_INFO *)sk_value(context->search_attributes,
context->search_index);
for(srch = context->search_index;
srch < sk_num(store->data)
&& STORE_ATTR_INFO_in_range(key.attr_info,
(STORE_ATTR_INFO *)sk_value(store->data, srch))
&& !(cres = STORE_ATTR_INFO_in_ex(key.attr_info,
(STORE_ATTR_INFO *)sk_value(store->data, srch)));
srch++)
;
context->search_index = srch;
if (cres)
return ((struct mem_object_data_st *)sk_value(store->data,
srch))->object;
return NULL;
}
/* check whether cert contains extended key usage with a SGC tag */
BOOL SSL_X509_isSGC(X509 *cert)
{
X509_EXTENSION *ext;
int ext_nid;
STACK *sk;
BOOL is_sgc;
int idx;
int i;
is_sgc = FALSE;
idx = X509_get_ext_by_NID(cert, NID_ext_key_usage, -1);
if (idx >= 0) {
ext = X509_get_ext(cert, idx);
if ((sk = (STACK *)X509V3_EXT_d2i(ext)) != NULL) {
for (i = 0; i < sk_num(sk); i++) {
ext_nid = OBJ_obj2nid((ASN1_OBJECT *)sk_value(sk, i));
if (ext_nid == NID_ms_sgc || ext_nid == NID_ns_sgc) {
is_sgc = TRUE;
break;
}
}
}
}
return is_sgc;
}
static void print_conf(CONF_VALUE *cv)
{
int i;
CONF_VALUE *v;
char *section;
char *name;
char *value;
STACK *s;
/* If it is a single entry, return */
if (cv->name != NULL) return;
TINYCLR_SSL_PRINTF("[ %s ]\n",cv->section);
s=(STACK *)cv->value;
for (i=0; i<sk_num(s); i++)
{
v=(CONF_VALUE *)sk_value(s,i);
section=(v->section == NULL)?"None":v->section;
name=(v->name == NULL)?"None":v->name;
value=(v->value == NULL)?"None":v->value;
TINYCLR_SSL_PRINTF("%s=%s\n",name,value);
}
TINYCLR_SSL_PRINTF("\n");
}
int ASN1_template_print(BIO *out, void *fld, int indent, const ASN1_TEMPLATE *tt)
{
int i, flags;
#if 0
if(!fld) return 0;
#endif
flags = tt->flags;
if(flags & ASN1_TFLG_SK_MASK) {
char *tname;
void *skitem;
/* SET OF, SEQUENCE OF */
if(flags & ASN1_TFLG_SET_OF) tname = "SET";
else tname = "SEQUENCE";
if(fld) {
BIO_printf(out, "%*s%s OF %s {\n", indent, "", tname, tt->field_name);
for(i = 0; i < sk_num(fld); i++) {
skitem = sk_value(fld, i);
asn1_item_print_nm(out, skitem, indent + 2, tt->item, "");
}
BIO_printf(out, "%*s}\n", indent, "");
} else
BIO_printf(out, "%*s%s OF %s ABSENT\n", indent, "", tname, tt->field_name);
return 1;
}
return asn1_item_print_nm(out, fld, indent, tt->item, tt->field_name);
}
static int win32_unload(DSO *dso)
{
HINSTANCE *p;
if(dso == NULL)
{
DSOerr(DSO_F_WIN32_UNLOAD,ERR_R_PASSED_NULL_PARAMETER);
return(0);
}
if(sk_num(dso->meth_data) < 1)
return(1);
p = (HINSTANCE *)sk_pop(dso->meth_data);
if(p == NULL)
{
DSOerr(DSO_F_WIN32_UNLOAD,DSO_R_NULL_HANDLE);
return(0);
}
if(!FreeLibrary(*p))
{
DSOerr(DSO_F_WIN32_UNLOAD,DSO_R_UNLOAD_FAILED);
/* We should push the value back onto the stack in
* case of a retry. */
sk_push(dso->meth_data, (char *)p);
return(0);
}
/* Cleanup */
OPENSSL_free(p);
return(1);
}
static int beos_unload (DSO * dso)
{
image_id id;
if (dso == NULL)
{
DSOerr (DSO_F_BEOS_UNLOAD, ERR_R_PASSED_NULL_PARAMETER);
return (0);
}
if (sk_num (dso->meth_data) < 1)
return (1);
id = (image_id) sk_pop (dso->meth_data);
if (id < 1)
{
DSOerr (DSO_F_BEOS_UNLOAD, DSO_R_NULL_HANDLE);
return (0);
}
if (unload_add_on (id) != B_OK)
{
DSOerr (DSO_F_BEOS_UNLOAD, DSO_R_UNLOAD_FAILED);
/* We should push the value back onto the stack in
* case of a retry. */
sk_push (dso->meth_data, (char *) id);
return (0);
}
return (1);
}
/*
* call-seq:
* ssl.peer_cert_chain => [cert, ...] or nil
*/
static VALUE
ossl_ssl_get_peer_cert_chain(VALUE self)
{
SSL *ssl;
STACK_OF(X509) *chain;
X509 *cert;
VALUE ary;
int i, num;
Data_Get_Struct(self, SSL, ssl);
if(!ssl){
rb_warning("SSL session is not started yet.");
return Qnil;
}
chain = SSL_get_peer_cert_chain(ssl);
if(!chain) return Qnil;
num = sk_num(chain);
ary = rb_ary_new2(num);
for (i = 0; i < num; i++){
cert = (X509*)sk_value(chain, i);
rb_ary_push(ary, ossl_x509_new(cert));
}
return ary;
}
/*
* call-seq:
* ctx.ciphers => [[name, version, bits, alg_bits], ...]
*/
static VALUE
ossl_sslctx_get_ciphers(VALUE self)
{
SSL_CTX *ctx;
STACK_OF(SSL_CIPHER) *ciphers;
SSL_CIPHER *cipher;
VALUE ary;
int i, num;
Data_Get_Struct(self, SSL_CTX, ctx);
if(!ctx){
rb_warning("SSL_CTX is not initialized.");
return Qnil;
}
ciphers = ctx->cipher_list;
if (!ciphers)
return rb_ary_new();
num = sk_num((STACK*)ciphers);
ary = rb_ary_new2(num);
for(i = 0; i < num; i++){
cipher = (SSL_CIPHER*)sk_value((STACK*)ciphers, i);
rb_ary_push(ary, ossl_ssl_cipher_to_ary(cipher));
}
return ary;
}
static int mem_list_endp(STORE *s, void *handle)
{
struct mem_ctx_st *context = (struct mem_ctx_st *)handle;
if (!context
|| context->search_index == sk_num(context->search_attributes))
return 1;
return 0;
}
const char *CRYPTO_get_lock_name(int type)
{
if (type < 0)
return("dynamic");
else if (type < CRYPTO_NUM_LOCKS)
return(lock_names[type]);
else if (type-CRYPTO_NUM_LOCKS > sk_num(app_locks))
return("ERROR");
else
return(sk_value(app_locks,type-CRYPTO_NUM_LOCKS));
}
long TXT_DB_write(BIO *out, TXT_DB *db)
{
long i,j,n,nn,l,tot=0;
char *p,**pp,*f;
BUF_MEM *buf=NULL;
long ret= -1;
if ((buf=BUF_MEM_new()) == NULL)
goto err;
n=sk_num(db->data);
nn=db->num_fields;
for (i=0; i<n; i++)
{
pp=(char **)sk_value(db->data,i);
l=0;
for (j=0; j<nn; j++)
{
if (pp[j] != NULL)
l+=strlen(pp[j]);
}
if (!BUF_MEM_grow_clean(buf,(int)(l*2+nn))) goto err;
p=buf->data;
for (j=0; j<nn; j++)
{
f=pp[j];
if (f != NULL)
for (;;)
{
if (*f == '\0') break;
if (*f == '\t') *(p++)='\\';
*(p++)= *(f++);
}
*(p++)='\t';
}
p[-1]='\n';
j=p-buf->data;
if (BIO_write(out,buf->data,(int)j) != j)
goto err;
tot+=j;
}
ret=tot;
err:
if (buf != NULL) BUF_MEM_free(buf);
return(ret);
}
void TXT_DB_free(TXT_DB *db)
{
int i,n;
char **p,*max;
if(db == NULL)
return;
if (db->index != NULL)
{
for (i=db->num_fields-1; i>=0; i--)
if (db->index[i] != NULL) lh_free(db->index[i]);
OPENSSL_free(db->index);
}
if (db->qual != NULL)
OPENSSL_free(db->qual);
if (db->data != NULL)
{
for (i=sk_num(db->data)-1; i>=0; i--)
{
/* check if any 'fields' have been allocated
* from outside of the initial block */
p=(char **)sk_value(db->data,i);
max=p[db->num_fields]; /* last address */
if (max == NULL) /* new row */
{
for (n=0; n<db->num_fields; n++)
if (p[n] != NULL) OPENSSL_free(p[n]);
}
else
{
for (n=0; n<db->num_fields; n++)
{
if (((p[n] < (char *)p) || (p[n] > max))
&& (p[n] != NULL))
OPENSSL_free(p[n]);
}
}
OPENSSL_free(sk_value(db->data,i));
}
sk_free(db->data);
}
OPENSSL_free(db);
}
static void util_do_cmds(ENGINE *e, STACK *cmds, BIO *bio_out, const char *indent)
{
int loop, res, num = sk_num(cmds);
if(num < 0)
{
BIO_printf(bio_out, "[Error]: internal stack error\n");
return;
}
for(loop = 0; loop < num; loop++)
{
char buf[256];
const char *cmd, *arg;
cmd = sk_value(cmds, loop);
res = 1; /* assume success */
/* Check if this command has no ":arg" */
if((arg = strstr(cmd, ":")) == NULL)
{
if(!ENGINE_ctrl_cmd_string(e, cmd, NULL, 0))
res = 0;
}
else
{
if((int)(arg - cmd) > 254)
{
BIO_printf(bio_out,"[Error]: command name too long\n");
return;
}
memcpy(buf, cmd, (int)(arg - cmd));
buf[arg-cmd] = '\0';
arg++; /* Move past the ":" */
/* Call the command with the argument */
if(!ENGINE_ctrl_cmd_string(e, buf, arg, 0))
res = 0;
}
if(res)
BIO_printf(bio_out, "[Success]: %s\n", cmd);
else
{
BIO_printf(bio_out, "[Failure]: %s\n", cmd);
ERR_print_errors(bio_out);
}
}
}
/* Note that this doesn't actually unload the shared image, as there is no
* such thing in VMS. Next time it get loaded again, a new copy will
* actually be loaded.
*/
static int vms_unload(DSO *dso)
{
DSO_VMS_INTERNAL *p;
if(dso == NULL)
{
DSOerr(DSO_F_VMS_UNLOAD,ERR_R_PASSED_NULL_PARAMETER);
return(0);
}
if(sk_num(dso->meth_data) < 1)
return(1);
p = (DSO_VMS_INTERNAL *)sk_pop(dso->meth_data);
if(p == NULL)
{
DSOerr(DSO_F_VMS_UNLOAD,DSO_R_NULL_HANDLE);
return(0);
}
/* Cleanup */
OPENSSL_free(p);
return(1);
}
static int dl_unload(DSO *dso)
{
shl_t ptr;
if (dso == NULL) {
DSOerr(DSO_F_DL_UNLOAD, ERR_R_PASSED_NULL_PARAMETER);
return (0);
}
if (sk_num(dso->meth_data) < 1)
return (1);
/* Is this statement legal? */
ptr = (shl_t) sk_pop(dso->meth_data);
if (ptr == NULL) {
DSOerr(DSO_F_DL_UNLOAD, DSO_R_NULL_HANDLE);
/*
* Should push the value back onto the stack in case of a retry.
*/
sk_push(dso->meth_data, (char *)ptr);
return (0);
}
shl_unload(ptr);
return (1);
}
static int dlfcn_unload(DSO *dso)
{
void *ptr;
if(dso == NULL)
{
DSOerr(DSO_F_DLFCN_UNLOAD,ERR_R_PASSED_NULL_PARAMETER);
return(0);
}
if(sk_num(dso->meth_data) < 1)
return(1);
ptr = (void *)sk_pop(dso->meth_data);
if(ptr == NULL)
{
DSOerr(DSO_F_DLFCN_UNLOAD,DSO_R_NULL_HANDLE);
/* Should push the value back onto the stack in
* case of a retry. */
sk_push(dso->meth_data, (char *)ptr);
return(0);
}
/* For now I'm not aware of any errors associated with dlclose() */
dlclose(ptr);
return(1);
}
carray * mailstream_low_ssl_get_certificate_chain(mailstream_low * s)
{
#ifdef USE_SSL
#ifndef USE_GNUTLS
STACK_OF(X509) * skx;
struct mailstream_ssl_data * ssl_data;
carray * result;
int skpos;
ssl_data = (struct mailstream_ssl_data *) s->data;
if (!(skx = SSL_get_peer_cert_chain(ssl_data->ssl_conn))) {
return NULL;
}
result = carray_new(4);
for(skpos = 0 ; skpos < sk_num(skx) ; skpos ++) {
X509 * x = (X509 *) sk_value(skx, skpos);
unsigned char * p;
MMAPString * str;
int length = i2d_X509(x, NULL);
str = mmap_string_sized_new(length);
p = (unsigned char *) str->str;
str->len = length;
i2d_X509(x, &p);
carray_add(result, str, NULL);
}
return result;
#else
/* TODO: GnuTLS implementation */
return NULL;
#endif
#else
return NULL;
#endif
}
int TXT_DB_create_index(TXT_DB *db, int field, int (*qual)(char **),
LHASH_HASH_FN_TYPE hash, LHASH_COMP_FN_TYPE cmp)
{
LHASH *idx;
char **r;
int i,n;
if (field >= db->num_fields)
{
db->error=DB_ERROR_INDEX_OUT_OF_RANGE;
return(0);
}
if ((idx=lh_new(hash,cmp)) == NULL)
{
db->error=DB_ERROR_MALLOC;
return(0);
}
n=sk_num(db->data);
for (i=0; i<n; i++)
{
r=(char **)sk_value(db->data,i);
if ((qual != NULL) && (qual(r) == 0)) continue;
if ((r=lh_insert(idx,r)) != NULL)
{
db->error=DB_ERROR_INDEX_CLASH;
db->arg1=sk_find(db->data,(char *)r);
db->arg2=i;
lh_free(idx);
return(0);
}
}
if (db->index[field] != NULL) lh_free(db->index[field]);
db->index[field]=idx;
db->qual[field]=qual;
return(1);
}
int
EAC_CTX_print_private(BIO *out, const EAC_CTX *ctx, int indent)
{
if (ctx) {
if (!BIO_indent(out, indent, 80)
|| !BIO_printf(out, "%d Context%s for PACE (default has parameterID 0x%02X)\n",
sk_num((_STACK*) ctx->pace_ctxs),
sk_num((_STACK*) ctx->pace_ctxs) > 1 ? "s" : "",
ctx->pace_ctx ? ctx->pace_ctx->id : -1))
return 0;
stack_print_private(PACE_CTX, out, ctx->pace_ctxs, indent+4);
if (!BIO_indent(out, indent, 80)
|| !BIO_printf(out, "Context for TA\n")
|| !TA_CTX_print_private(out, ctx->ta_ctx, indent+4)
|| !BIO_indent(out, indent, 80)
|| !BIO_printf(out, "%d Context%s for CA (default has keyID 0x%02X)\n",
sk_num((_STACK*) ctx->ca_ctxs),
sk_num((_STACK*) ctx->ca_ctxs) > 1 ? "s" : "",
ctx->ca_ctx ? ctx->ca_ctx->id : -1))
return 0;
stack_print_private(CA_CTX, out, ctx->ca_ctxs, indent+4);
if (!BIO_indent(out, indent, 80)
/* FIXME segfaults for me */
|| !BIO_printf(out, "%d Context%s for RI (default has keyID 0x%02X)\n",
sk_num((_STACK*) ctx->ri_ctxs),
sk_num((_STACK*) ctx->ri_ctxs) > 1 ? "s" : "",
ctx->ri_ctx ? ctx->ri_ctx->id : -1))
return 0;
stack_print_private(RI_CTX, out, ctx->ri_ctxs, indent);
} else {
if (!BIO_indent(out, indent, 80)
|| !BIO_printf(out, "<ABSENT>\n"))
return 0;
}
return 1;
}
carray * mailstream_low_ssl_get_certificate_chain(mailstream_low * s)
{
#ifdef USE_SSL
struct mailstream_ssl_data * ssl_data;
carray * result;
int skpos;
#ifndef USE_GNUTLS
STACK_OF(X509) * skx;
ssl_data = (struct mailstream_ssl_data *) s->data;
if (!(skx = SSL_get_peer_cert_chain(ssl_data->ssl_conn))) {
return NULL;
}
result = carray_new(4);
for(skpos = 0 ; skpos < sk_num((_STACK *) skx) ; skpos ++) {
X509 * x = (X509 *) sk_value((_STACK *) skx, skpos);
unsigned char * p;
MMAPString * str;
int length = i2d_X509(x, NULL);
str = mmap_string_sized_new(length);
p = (unsigned char *) str->str;
str->len = length;
i2d_X509(x, &p);
carray_add(result, str, NULL);
}
return result;
#else
gnutls_session session = NULL;
const gnutls_datum *raw_cert_list;
unsigned int raw_cert_list_length;
ssl_data = (struct mailstream_ssl_data *) s->data;
session = ssl_data->session;
raw_cert_list = gnutls_certificate_get_peers(session, &raw_cert_list_length);
if (raw_cert_list && gnutls_certificate_type_get(session) == GNUTLS_CRT_X509) {
result = carray_new(4);
for(skpos = 0 ; skpos < raw_cert_list_length ; skpos ++) {
gnutls_x509_crt cert = NULL;
if (gnutls_x509_crt_init(&cert) >= 0
&& gnutls_x509_crt_import(cert, &raw_cert_list[skpos], GNUTLS_X509_FMT_DER) >= 0) {
size_t cert_size = 0;
MMAPString * str = NULL;
unsigned char * p;
if (gnutls_x509_crt_export(cert, GNUTLS_X509_FMT_DER, NULL, &cert_size)
== GNUTLS_E_SHORT_MEMORY_BUFFER) {
str = mmap_string_sized_new(cert_size);
p = (unsigned char *) str->str;
str->len = cert_size;
}
if (str != NULL &&
gnutls_x509_crt_export(cert, GNUTLS_X509_FMT_DER, p, &cert_size) >= 0) {
carray_add(result, str, NULL);
} else {
return NULL;
}
gnutls_x509_crt_deinit(cert);
}
}
}
return result;
return NULL;
#endif
#else
return NULL;
#endif
}
int MAIN(int argc, char **argv)
{
int i,badops=0,offset=0,ret=1,j;
unsigned int length=0;
long num,tmplen;
BIO *in=NULL,*out=NULL,*b64=NULL, *derout = NULL;
int informat,indent=0, noout = 0, dump = 0;
char *infile=NULL,*str=NULL,*prog,*oidfile=NULL, *derfile=NULL;
unsigned char *tmpbuf;
BUF_MEM *buf=NULL;
STACK *osk=NULL;
ASN1_TYPE *at=NULL;
informat=FORMAT_PEM;
apps_startup();
if (bio_err == NULL)
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
prog=argv[0];
argc--;
argv++;
if ((osk=sk_new_null()) == NULL)
{
BIO_printf(bio_err,"Memory allocation failure\n");
goto end;
}
while (argc >= 1)
{
if (strcmp(*argv,"-inform") == 0)
{
if (--argc < 1) goto bad;
informat=str2fmt(*(++argv));
}
else if (strcmp(*argv,"-in") == 0)
{
if (--argc < 1) goto bad;
infile= *(++argv);
}
else if (strcmp(*argv,"-out") == 0)
{
if (--argc < 1) goto bad;
derfile= *(++argv);
}
else if (strcmp(*argv,"-i") == 0)
{
indent=1;
}
else if (strcmp(*argv,"-noout") == 0) noout = 1;
else if (strcmp(*argv,"-oid") == 0)
{
if (--argc < 1) goto bad;
oidfile= *(++argv);
}
else if (strcmp(*argv,"-offset") == 0)
{
if (--argc < 1) goto bad;
offset= atoi(*(++argv));
}
else if (strcmp(*argv,"-length") == 0)
{
if (--argc < 1) goto bad;
length= atoi(*(++argv));
if (length == 0) goto bad;
}
else if (strcmp(*argv,"-dump") == 0)
{
dump= -1;
}
else if (strcmp(*argv,"-dlimit") == 0)
{
if (--argc < 1) goto bad;
dump= atoi(*(++argv));
if (dump <= 0) goto bad;
}
else if (strcmp(*argv,"-strparse") == 0)
{
if (--argc < 1) goto bad;
sk_push(osk,*(++argv));
}
else
{
BIO_printf(bio_err,"unknown option %s\n",*argv);
badops=1;
break;
}
argc--;
argv++;
}
if (badops)
{
bad:
BIO_printf(bio_err,"%s [options] <infile\n",prog);
BIO_printf(bio_err,"where options are\n");
BIO_printf(bio_err," -inform arg input format - one of DER TXT PEM\n");
BIO_printf(bio_err," -in arg input file\n");
BIO_printf(bio_err," -out arg output file (output format is always DER\n");
BIO_printf(bio_err," -noout arg don't produce any output\n");
BIO_printf(bio_err," -offset arg offset into file\n");
BIO_printf(bio_err," -length arg length of section in file\n");
BIO_printf(bio_err," -i indent entries\n");
BIO_printf(bio_err," -dump dump unknown data in hex form\n");
BIO_printf(bio_err," -dlimit arg dump the first arg bytes of unknown data in hex form\n");
BIO_printf(bio_err," -oid file file of extra oid definitions\n");
BIO_printf(bio_err," -strparse offset\n");
BIO_printf(bio_err," a series of these can be used to 'dig' into multiple\n");
BIO_printf(bio_err," ASN1 blob wrappings\n");
goto end;
}
ERR_load_crypto_strings();
in=BIO_new(BIO_s_file());
out=BIO_new(BIO_s_file());
if ((in == NULL) || (out == NULL))
{
ERR_print_errors(bio_err);
goto end;
}
BIO_set_fp(out,stdout,BIO_NOCLOSE|BIO_FP_TEXT);
#ifdef VMS
{
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
out = BIO_push(tmpbio, out);
}
#endif
if (oidfile != NULL)
{
if (BIO_read_filename(in,oidfile) <= 0)
{
BIO_printf(bio_err,"problems opening %s\n",oidfile);
ERR_print_errors(bio_err);
goto end;
}
OBJ_create_objects(in);
}
if (infile == NULL)
BIO_set_fp(in,stdin,BIO_NOCLOSE);
else
{
if (BIO_read_filename(in,infile) <= 0)
{
perror(infile);
goto end;
}
}
if (derfile) {
if(!(derout = BIO_new_file(derfile, "wb"))) {
BIO_printf(bio_err,"problems opening %s\n",derfile);
ERR_print_errors(bio_err);
goto end;
}
}
if ((buf=BUF_MEM_new()) == NULL) goto end;
if (!BUF_MEM_grow(buf,BUFSIZ*8)) goto end; /* Pre-allocate :-) */
if (informat == FORMAT_PEM)
{
BIO *tmp;
if ((b64=BIO_new(BIO_f_base64())) == NULL)
goto end;
BIO_push(b64,in);
tmp=in;
in=b64;
b64=tmp;
}
num=0;
for (;;)
{
if (!BUF_MEM_grow(buf,(int)num+BUFSIZ)) goto end;
i=BIO_read(in,&(buf->data[num]),BUFSIZ);
if (i <= 0) break;
num+=i;
}
str=buf->data;
/* If any structs to parse go through in sequence */
if (sk_num(osk))
{
tmpbuf=(unsigned char *)str;
tmplen=num;
for (i=0; i<sk_num(osk); i++)
{
ASN1_TYPE *atmp;
j=atoi(sk_value(osk,i));
if (j == 0)
{
BIO_printf(bio_err,"'%s' is an invalid number\n",sk_value(osk,i));
continue;
}
tmpbuf+=j;
tmplen-=j;
atmp = at;
at = d2i_ASN1_TYPE(NULL,&tmpbuf,tmplen);
ASN1_TYPE_free(atmp);
if(!at)
{
BIO_printf(bio_err,"Error parsing structure\n");
ERR_print_errors(bio_err);
goto end;
}
/* hmm... this is a little evil but it works */
tmpbuf=at->value.asn1_string->data;
tmplen=at->value.asn1_string->length;
}
str=(char *)tmpbuf;
num=tmplen;
}
if (length == 0) length=(unsigned int)num;
if(derout) {
if(BIO_write(derout, str + offset, length) != (int)length) {
BIO_printf(bio_err, "Error writing output\n");
ERR_print_errors(bio_err);
goto end;
}
}
if (!noout &&
!ASN1_parse_dump(out,(unsigned char *)&(str[offset]),length,
indent,dump))
{
ERR_print_errors(bio_err);
goto end;
}
ret=0;
end:
BIO_free(derout);
if (in != NULL) BIO_free(in);
if (out != NULL) BIO_free_all(out);
if (b64 != NULL) BIO_free(b64);
if (ret != 0)
ERR_print_errors(bio_err);
if (buf != NULL) BUF_MEM_free(buf);
if (at != NULL) ASN1_TYPE_free(at);
if (osk != NULL) sk_free(osk);
OBJ_cleanup();
OPENSSL_EXIT(ret);
}
static int asn1_template_noexp_d2i(ASN1_VALUE **val,
const unsigned char **in, long len,
const ASN1_TEMPLATE *tt, char opt,
ASN1_TLC *ctx)
{
int flags, aclass;
int ret;
const unsigned char *p, *q;
if (!val)
return 0;
flags = tt->flags;
aclass = flags & ASN1_TFLG_TAG_CLASS;
p = *in;
q = p;
if (flags & ASN1_TFLG_SK_MASK)
{
/* SET OF, SEQUENCE OF */
int sktag, skaclass;
char sk_eoc;
/* First work out expected inner tag value */
if (flags & ASN1_TFLG_IMPTAG)
{
sktag = tt->tag;
skaclass = aclass;
}
else
{
skaclass = V_ASN1_UNIVERSAL;
if (flags & ASN1_TFLG_SET_OF)
sktag = V_ASN1_SET;
else
sktag = V_ASN1_SEQUENCE;
}
/* Get the tag */
ret = asn1_check_tlen(&len, NULL, NULL, &sk_eoc, NULL,
&p, len, sktag, skaclass, opt, ctx);
if (!ret)
{
ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
ERR_R_NESTED_ASN1_ERROR);
return 0;
}
else if (ret == -1)
return -1;
if (!*val)
*val = (ASN1_VALUE *)sk_new_null();
else
{
/* We've got a valid STACK: free up any items present */
STACK *sktmp = (STACK *)*val;
ASN1_VALUE *vtmp;
while(sk_num(sktmp) > 0)
{
vtmp = (ASN1_VALUE *)sk_pop(sktmp);
ASN1_item_ex_free(&vtmp,
ASN1_ITEM_ptr(tt->item));
}
}
if (!*val)
{
ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
ERR_R_MALLOC_FAILURE);
goto err;
}
/* Read as many items as we can */
while(len > 0)
{
ASN1_VALUE *skfield;
q = p;
/* See if EOC found */
if (asn1_check_eoc(&p, len))
{
if (!sk_eoc)
{
ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
ASN1_R_UNEXPECTED_EOC);
goto err;
}
len -= p - q;
sk_eoc = 0;
break;
}
skfield = NULL;
if (!ASN1_item_ex_d2i(&skfield, &p, len,
ASN1_ITEM_ptr(tt->item),
-1, 0, 0, ctx))
{
ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
ERR_R_NESTED_ASN1_ERROR);
goto err;
}
len -= p - q;
if (!sk_push((STACK *)*val, (char *)skfield))
{
ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
ERR_R_MALLOC_FAILURE);
goto err;
}
}
if (sk_eoc)
{
ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ASN1_R_MISSING_EOC);
goto err;
}
}
else if (flags & ASN1_TFLG_IMPTAG)
{
/* IMPLICIT tagging */
ret = ASN1_item_ex_d2i(val, &p, len,
ASN1_ITEM_ptr(tt->item), tt->tag, aclass, opt, ctx);
if (!ret)
{
ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
ERR_R_NESTED_ASN1_ERROR);
goto err;
}
else if (ret == -1)
return -1;
}
else
{
/* Nothing special */
ret = ASN1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item),
-1, 0, opt, ctx);
if (!ret)
{
ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
ERR_R_NESTED_ASN1_ERROR);
goto err;
}
else if (ret == -1)
return -1;
}
*in = p;
return 1;
err:
ASN1_template_free(val, tt);
return 0;
}
/* int is_set: if TRUE, then sort the contents (i.e. it isn't a SEQUENCE) */
int i2d_ASN1_SET(STACK *a, unsigned char **pp, i2d_of_void *i2d, int ex_tag,
int ex_class, int is_set)
{
int ret=0,r;
int i;
unsigned char *p;
unsigned char *pStart, *pTempMem;
MYBLOB *rgSetBlob;
int totSize;
if (a == NULL) return(0);
for (i=sk_num(a)-1; i>=0; i--)
ret+=i2d(sk_value(a,i),NULL);
r=ASN1_object_size(1,ret,ex_tag);
if (pp == NULL) return(r);
p= *pp;
ASN1_put_object(&p,1,ret,ex_tag,ex_class);
/* Modified by [email protected] */
/* And then again by Ben */
/* And again by Steve */
if(!is_set || (sk_num(a) < 2))
{
for (i=0; i<sk_num(a); i++)
i2d(sk_value(a,i),&p);
*pp=p;
return(r);
}
pStart = p; /* Catch the beg of Setblobs*/
/* In this array we will store the SET blobs */
rgSetBlob = (MYBLOB *)OPENSSL_malloc(sk_num(a) * sizeof(MYBLOB));
if (rgSetBlob == NULL)
{
ASN1err(ASN1_F_I2D_ASN1_SET,ERR_R_MALLOC_FAILURE);
return(0);
}
for (i=0; i<sk_num(a); i++)
{
rgSetBlob[i].pbData = p; /* catch each set encode blob */
i2d(sk_value(a,i),&p);
rgSetBlob[i].cbData = (int)(p - rgSetBlob[i].pbData); /* Length of this
SetBlob
*/
}
*pp=p;
totSize = (int)(p - pStart); /* This is the total size of all set blobs */
/* Now we have to sort the blobs. I am using a simple algo.
*Sort ptrs *Copy to temp-mem *Copy from temp-mem to user-mem*/
qsort( rgSetBlob, sk_num(a), sizeof(MYBLOB), SetBlobCmp);
if (!(pTempMem = OPENSSL_malloc(totSize)))
{
ASN1err(ASN1_F_I2D_ASN1_SET,ERR_R_MALLOC_FAILURE);
return(0);
}
/* Copy to temp mem */
p = pTempMem;
for(i=0; i<sk_num(a); ++i)
{
memcpy(p, rgSetBlob[i].pbData, rgSetBlob[i].cbData);
p += rgSetBlob[i].cbData;
}
/* Copy back to user mem*/
memcpy(pStart, pTempMem, totSize);
OPENSSL_free(pTempMem);
OPENSSL_free(rgSetBlob);
return(r);
}
int MAIN(int argc, char **argv)
{
int ret=1,i;
const char **pp;
int verbose=0, list_cap=0, test_avail=0, test_avail_noise = 0;
ENGINE *e;
STACK *engines = sk_new_null();
STACK *pre_cmds = sk_new_null();
STACK *post_cmds = sk_new_null();
int badops=1;
BIO *bio_out=NULL;
const char *indent = " ";
apps_startup();
SSL_load_error_strings();
if (bio_err == NULL)
bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
if (!load_config(bio_err, NULL))
goto end;
bio_out=BIO_new_fp(stdout,BIO_NOCLOSE);
#ifdef OPENSSL_SYS_VMS
{
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
bio_out = BIO_push(tmpbio, bio_out);
}
#endif
argc--;
argv++;
while (argc >= 1)
{
if (strncmp(*argv,"-v",2) == 0)
{
if(strspn(*argv + 1, "v") < strlen(*argv + 1))
goto skip_arg_loop;
if((verbose=strlen(*argv + 1)) > 4)
goto skip_arg_loop;
}
else if (strcmp(*argv,"-c") == 0)
list_cap=1;
else if (strncmp(*argv,"-t",2) == 0)
{
test_avail=1;
if(strspn(*argv + 1, "t") < strlen(*argv + 1))
goto skip_arg_loop;
if((test_avail_noise = strlen(*argv + 1) - 1) > 1)
goto skip_arg_loop;
}
else if (strcmp(*argv,"-pre") == 0)
{
argc--; argv++;
if (argc == 0)
goto skip_arg_loop;
sk_push(pre_cmds,*argv);
}
else if (strcmp(*argv,"-post") == 0)
{
argc--; argv++;
if (argc == 0)
goto skip_arg_loop;
sk_push(post_cmds,*argv);
}
else if ((strncmp(*argv,"-h",2) == 0) ||
(strcmp(*argv,"-?") == 0))
goto skip_arg_loop;
else
sk_push(engines,*argv);
argc--;
argv++;
}
/* Looks like everything went OK */
badops = 0;
skip_arg_loop:
if (badops)
{
for (pp=engine_usage; (*pp != NULL); pp++)
BIO_printf(bio_err,"%s",*pp);
goto end;
}
if (sk_num(engines) == 0)
{
for(e = ENGINE_get_first(); e != NULL; e = ENGINE_get_next(e))
{
sk_push(engines,(char *)ENGINE_get_id(e));
}
}
for (i=0; i<sk_num(engines); i++)
{
const char *id = sk_value(engines,i);
if ((e = ENGINE_by_id(id)) != NULL)
{
const char *name = ENGINE_get_name(e);
/* Do "id" first, then "name". Easier to auto-parse. */
BIO_printf(bio_out, "(%s) %s\n", id, name);
util_do_cmds(e, pre_cmds, bio_out, indent);
if (strcmp(ENGINE_get_id(e), id) != 0)
{
BIO_printf(bio_out, "Loaded: (%s) %s\n",
ENGINE_get_id(e), ENGINE_get_name(e));
}
if (list_cap)
{
int cap_size = 256;
char *cap_buf = NULL;
int k,n;
const int *nids;
ENGINE_CIPHERS_PTR fn_c;
ENGINE_DIGESTS_PTR fn_d;
if (ENGINE_get_RSA(e) != NULL
&& !append_buf(&cap_buf, "RSA",
&cap_size, 256))
goto end;
if (ENGINE_get_DSA(e) != NULL
&& !append_buf(&cap_buf, "DSA",
&cap_size, 256))
goto end;
if (ENGINE_get_DH(e) != NULL
&& !append_buf(&cap_buf, "DH",
&cap_size, 256))
goto end;
if (ENGINE_get_RAND(e) != NULL
&& !append_buf(&cap_buf, "RAND",
&cap_size, 256))
goto end;
fn_c = ENGINE_get_ciphers(e);
if(!fn_c) goto skip_ciphers;
n = fn_c(e, NULL, &nids, 0);
for(k=0 ; k < n ; ++k)
if(!append_buf(&cap_buf,
OBJ_nid2sn(nids[k]),
&cap_size, 256))
goto end;
skip_ciphers:
fn_d = ENGINE_get_digests(e);
if(!fn_d) goto skip_digests;
n = fn_d(e, NULL, &nids, 0);
for(k=0 ; k < n ; ++k)
if(!append_buf(&cap_buf,
OBJ_nid2sn(nids[k]),
&cap_size, 256))
goto end;
skip_digests:
if (cap_buf && (*cap_buf != '\0'))
BIO_printf(bio_out, " [%s]\n", cap_buf);
OPENSSL_free(cap_buf);
}
if(test_avail)
{
BIO_printf(bio_out, "%s", indent);
if (ENGINE_init(e))
{
BIO_printf(bio_out, "[ available ]\n");
util_do_cmds(e, post_cmds, bio_out, indent);
ENGINE_finish(e);
}
else
{
BIO_printf(bio_out, "[ unavailable ]\n");
if(test_avail_noise)
ERR_print_errors_fp(stdout);
ERR_clear_error();
}
}
if((verbose > 0) && !util_verbose(e, verbose, bio_out, indent))
goto end;
ENGINE_free(e);
}
else
ERR_print_errors(bio_err);
}
ret=0;
end:
ERR_print_errors(bio_err);
sk_pop_free(engines, identity);
sk_pop_free(pre_cmds, identity);
sk_pop_free(post_cmds, identity);
if (bio_out != NULL) BIO_free_all(bio_out);
apps_shutdown();
OPENSSL_EXIT(ret);
}
