const char *RAND_file_name(char *buf, size_t size) { char *s = NULL; #ifdef __OpenBSD__ struct stat sb; #endif s = ossl_safe_getenv("RANDFILE"); if (s != NULL && *s && strlen(s) + 1 < size) { if (BUF_strlcpy(buf, s, size) >= size) return NULL; } else { s = ossl_safe_getenv("HOME"); #ifdef DEFAULT_HOME if (s == NULL) { s = DEFAULT_HOME; } #endif if (s && *s && strlen(s) + strlen(RFILE) + 2 < size) { BUF_strlcpy(buf, s, size); #ifndef OPENSSL_SYS_VMS BUF_strlcat(buf, "/", size); #endif BUF_strlcat(buf, RFILE, size); } else buf[0] = '\0'; /* no file name */ } #ifdef __OpenBSD__ /* * given that all random loads just fail if the file can't be seen on a * stat, we stat the file we're returning, if it fails, use /dev/arandom * instead. this allows the user to use their own source for good random * data, but defaults to something hopefully decent if that isn't * available. */ if (!buf[0]) if (BUF_strlcpy(buf, "/dev/arandom", size) >= size) { return (NULL); } if (stat(buf, &sb) == -1) if (BUF_strlcpy(buf, "/dev/arandom", size) >= size) { return (NULL); } #endif return (buf); }
static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl, char **ret) { int ok = 0; const char *file; switch (cmd) { case X509_L_FILE_LOAD: if (argl == X509_FILETYPE_DEFAULT) { file = ossl_safe_getenv(X509_get_default_cert_file_env()); if (file) ok = (X509_load_cert_crl_file(ctx, file, X509_FILETYPE_PEM) != 0); else ok = (X509_load_cert_crl_file (ctx, X509_get_default_cert_file(), X509_FILETYPE_PEM) != 0); if (!ok) { X509err(X509_F_BY_FILE_CTRL, X509_R_LOADING_DEFAULTS); } } else { if (argl == X509_FILETYPE_PEM) ok = (X509_load_cert_crl_file(ctx, argp, X509_FILETYPE_PEM) != 0); else ok = (X509_load_cert_file(ctx, argp, (int)argl) != 0); } break; } return ok; }
/* * Internal version that doesn't affect the store flags, and thereby avoid * locking. Direct callers must remember to set the store flags when * appropriate */ static int provider_activate(OSSL_PROVIDER *prov) { const OSSL_DISPATCH *provider_dispatch = NULL; if (prov->flag_initialized) return 1; /* * If the init function isn't set, it indicates that this provider is * a loadable module. */ if (prov->init_function == NULL) { if (prov->module == NULL) { char *allocated_path = NULL; const char *module_path = NULL; char *merged_path = NULL; const char *load_dir = ossl_safe_getenv("OPENSSL_MODULES"); if ((prov->module = DSO_new()) == NULL) { /* DSO_new() generates an error already */ return 0; } if (load_dir == NULL) load_dir = MODULESDIR; DSO_ctrl(prov->module, DSO_CTRL_SET_FLAGS, DSO_FLAG_NAME_TRANSLATION_EXT_ONLY, NULL); module_path = prov->path; if (module_path == NULL) module_path = allocated_path = DSO_convert_filename(prov->module, prov->name); if (module_path != NULL) merged_path = DSO_merge(prov->module, module_path, load_dir); if (merged_path == NULL || (DSO_load(prov->module, merged_path, NULL, 0)) == NULL) { DSO_free(prov->module); prov->module = NULL; } OPENSSL_free(merged_path); OPENSSL_free(allocated_path); } if (prov->module != NULL) prov->init_function = (OSSL_provider_init_fn *) DSO_bind_func(prov->module, "OSSL_provider_init"); } if (prov->init_function == NULL || !prov->init_function(prov, core_dispatch, &provider_dispatch)) { CRYPTOerr(CRYPTO_F_PROVIDER_ACTIVATE, ERR_R_INIT_FAIL); ERR_add_error_data(2, "name=", prov->name); DSO_free(prov->module); prov->module = NULL; return 0; } for (; provider_dispatch->function_id != 0; provider_dispatch++) { switch (provider_dispatch->function_id) { case OSSL_FUNC_PROVIDER_TEARDOWN: prov->teardown = OSSL_get_provider_teardown(provider_dispatch); break; case OSSL_FUNC_PROVIDER_GET_PARAM_TYPES: prov->get_param_types = OSSL_get_provider_get_param_types(provider_dispatch); break; case OSSL_FUNC_PROVIDER_GET_PARAMS: prov->get_params = OSSL_get_provider_get_params(provider_dispatch); break; case OSSL_FUNC_PROVIDER_QUERY_OPERATION: prov->query_operation = OSSL_get_provider_query_operation(provider_dispatch); break; } } /* With this flag set, this provider has become fully "loaded". */ prov->flag_initialized = 1; return 1; }