provider_conf.c source code [ClickHouse/contrib/openssl/crypto/provider_conf.c]

1	/*
2	* Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
3	*
4	* Licensed under the Apache License 2.0 (the "License"). You may not use
5	* this file except in compliance with the License. You can obtain a copy
6	* in the file LICENSE in the source distribution or at
7	* https://www.openssl.org/source/license.html
8	*/
9
10	#include <string.h>
11	#include <openssl/trace.h>
12	#include <openssl/err.h>
13	#include <openssl/conf.h>
14	#include <openssl/safestack.h>
15	#include "internal/provider.h"
16
17	/ PROVIDER config module /
18
19	DEFINE_STACK_OF(OSSL_PROVIDER)
20	static STACK_OF(OSSL_PROVIDER) *activated_providers = NULL;
21
22	static const char skip_dot(const* char *name)
23	{
24	const char *p = strchr(name, `'.'`);
25
26	if (p != NULL)
27	return p + `1`;
28	return name;
29	}
30
31	static int provider_conf_params(OSSL_PROVIDER *prov,
32	const char name, const* char *value,
33	const CONF *cnf)
34	{
35	STACK_OF(CONF_VALUE) *sect;
36	int ok = `1`;
37
38	sect = NCONF_get_section(cnf, value);
39	if (sect != NULL) {
40	int i;
41	char buffer[`512`];
42	size_t buffer_len = `0`;
43
44	OSSL_TRACE1(CONF, "Provider params: start section %s\n", value);
45
46	if (name != NULL) {
47	OPENSSL_strlcpy(buffer, name, sizeof(buffer));
48	OPENSSL_strlcat(buffer, ".", sizeof(buffer));
49	buffer_len = strlen(buffer);
50	}
51
52	for (i = `0`; i < sk_CONF_VALUE_num(sect); i++) {
53	CONF_VALUE *sectconf = sk_CONF_VALUE_value(sect, i);
54
55	if (buffer_len + strlen(sectconf->name) >= sizeof(buffer))
56	return `0`;
57	buffer[buffer_len] = `'\0'`;
58	OPENSSL_strlcat(buffer, sectconf->name, sizeof(buffer));
59	if (!provider_conf_params(prov, buffer, sectconf->value, cnf))
60	return `0`;
61	}
62
63	OSSL_TRACE1(CONF, "Provider params: finish section %s\n", value);
64	} else {
65	OSSL_TRACE2(CONF, "Provider params: %s = %s\n", name, value);
66	ok = ossl_provider_add_parameter(prov, name, value);
67	}
68
69	return ok;
70	}
71
72	static int provider_conf_load(OPENSSL_CTX libctx, const* char *name,
73	const char value, const* CONF *cnf)
74	{
75	int i;
76	STACK_OF(CONF_VALUE) *ecmds;
77	int soft = `0`;
78	OSSL_PROVIDER *prov = NULL;
79	const char *path = NULL;
80	long activate = `0`;
81	int ok = `0`;
82
83	name = skip_dot(name);
84	OSSL_TRACE1(CONF, "Configuring provider %s\n", name);
85	/ Value is a section containing PROVIDER commands /
86	ecmds = NCONF_get_section(cnf, value);
87
88	if (!ecmds) {
89	CRYPTOerr(CRYPTO_F_PROVIDER_CONF_LOAD, CRYPTO_R_PROVIDER_SECTION_ERROR);
90	return `0`;
91	}
92
93	/ Find the needed data first /
94	for (i = `0`; i < sk_CONF_VALUE_num(ecmds); i++) {
95	CONF_VALUE *ecmd = sk_CONF_VALUE_value(ecmds, i);
96	const char *confname = skip_dot(ecmd->name);
97	const char *confvalue = ecmd->value;
98
99	OSSL_TRACE2(CONF, "Provider command: %s = %s\n",
100	confname, confvalue);
101
102	/ First handle some special pseudo confs /
103
104	/ Override provider name to use /
105	if (strcmp(confname, "identity") == `0`)
106	name = confvalue;
107	else if (strcmp(confname, "soft_load") == `0`)
108	soft = `1`;
109	/ Load a dynamic PROVIDER /
110	else if (strcmp(confname, "module") == `0`)
111	path = confvalue;
112	else if (strcmp(confname, "activate") == `0`)
113	activate = `1`;
114	}
115
116	prov = ossl_provider_find(libctx, name, `1`);
117	if (prov == NULL)
118	prov = ossl_provider_new(libctx, name, NULL, `1`);
119	if (prov == NULL) {
120	if (soft)
121	ERR_clear_error();
122	return `0`;
123	}
124
125	if (path != NULL)
126	ossl_provider_set_module_path(prov, path);
127
128	ok = provider_conf_params(prov, NULL, value, cnf);
129
130	if (ok && activate) {
131	if (!ossl_provider_activate(prov)) {
132	ok = `0`;
133	} else {
134	if (activated_providers == NULL)
135	activated_providers = sk_OSSL_PROVIDER_new_null();
136	sk_OSSL_PROVIDER_push(activated_providers, prov);
137	ok = `1`;
138	}
139	}
140
141	if (!(activate && ok))
142	ossl_provider_free(prov);
143
144	return ok;
145	}
146
147	static int provider_conf_init(CONF_IMODULE md, const* CONF *cnf)
148	{
149	STACK_OF(CONF_VALUE) *elist;
150	CONF_VALUE *cval;
151	int i;
152
153	OSSL_TRACE1(CONF, "Loading providers module: section %s\n",
154	CONF_imodule_get_value(md));
155
156	/ Value is a section containing PROVIDERs to configure /
157	elist = NCONF_get_section(cnf, CONF_imodule_get_value(md));
158
159	if (!elist) {
160	CRYPTOerr(CRYPTO_F_PROVIDER_CONF_INIT,
161	CRYPTO_R_PROVIDER_SECTION_ERROR);
162	return `0`;
163	}
164
165	for (i = `0`; i < sk_CONF_VALUE_num(elist); i++) {
166	cval = sk_CONF_VALUE_value(elist, i);
167	if (!provider_conf_load(NULL, cval->name, cval->value, cnf))
168	return `0`;
169	}
170
171	return `1`;
172	}
173
174
175	static void provider_conf_deinit(CONF_IMODULE *md)
176	{
177	sk_OSSL_PROVIDER_pop_free(activated_providers, ossl_provider_free);
178	activated_providers = NULL;
179	OSSL_TRACE(CONF, "Cleaned up providers\n");
180	}
181
182	void ossl_provider_add_conf_module(void)
183	{
184	OSSL_TRACE(CONF, "Adding config module 'providers'\n");
185	CONF_module_add("providers", provider_conf_init, provider_conf_deinit);
186	}
187

Browse the source code of ClickHouse/contrib/openssl/crypto/provider_conf.c