[openssl-commits] [openssl] master update
Andy Polyakov
appro at openssl.org
Wed Jun 22 19:53:45 UTC 2016
The branch master has been updated
via fc6076ca272f74eb1364c29e6974ad5da5ef9777 (commit)
via 094878164de102cf97c4e9f2392f41e03ef2f11c (commit)
from eeac54ef6d7eedd42a97025ddddaf06777be3c6b (commit)
- Log -----------------------------------------------------------------
commit fc6076ca272f74eb1364c29e6974ad5da5ef9777
Author: Andy Polyakov <appro at openssl.org>
Date: Tue Jun 21 15:28:23 2016 +0200
rand/randfile.c: make it non-ASCII-savvy.
Reviewed-by: Richard Levitte <levitte at openssl.org>
commit 094878164de102cf97c4e9f2392f41e03ef2f11c
Author: Andy Polyakov <appro at openssl.org>
Date: Tue Jun 21 15:26:18 2016 +0200
Move OS-specific fopen quirks to o_fopen.c.
Reviewed-by: Richard Levitte <levitte at openssl.org>
-----------------------------------------------------------------------
Summary of changes:
crypto/bio/bss_file.c | 85 +----------------------
crypto/build.info | 2 +-
crypto/include/internal/cryptlib.h | 6 +-
crypto/o_fopen.c | 103 ++++++++++++++++++++++++++++
crypto/rand/randfile.c | 134 +++++++++++++++++++++++--------------
5 files changed, 196 insertions(+), 134 deletions(-)
create mode 100644 crypto/o_fopen.c
diff --git a/crypto/bio/bss_file.c b/crypto/bio/bss_file.c
index 36099f8..4f79c32 100644
--- a/crypto/bio/bss_file.c
+++ b/crypto/bio/bss_file.c
@@ -61,91 +61,10 @@ static const BIO_METHOD methods_filep = {
NULL,
};
-static FILE *file_fopen(const char *filename, const char *mode)
-{
- FILE *file = NULL;
-
-# if defined(_WIN32) && defined(CP_UTF8)
- int sz, len_0 = (int)strlen(filename) + 1;
- DWORD flags;
-
- /*
- * Basically there are three cases to cover: a) filename is
- * pure ASCII string; b) actual UTF-8 encoded string and
- * c) locale-ized string, i.e. one containing 8-bit
- * characters that are meaningful in current system locale.
- * If filename is pure ASCII or real UTF-8 encoded string,
- * MultiByteToWideChar succeeds and _wfopen works. If
- * filename is locale-ized string, chances are that
- * MultiByteToWideChar fails reporting
- * ERROR_NO_UNICODE_TRANSLATION, in which case we fall
- * back to fopen...
- */
- if ((sz = MultiByteToWideChar(CP_UTF8, (flags = MB_ERR_INVALID_CHARS),
- filename, len_0, NULL, 0)) > 0 ||
- (GetLastError() == ERROR_INVALID_FLAGS &&
- (sz = MultiByteToWideChar(CP_UTF8, (flags = 0),
- filename, len_0, NULL, 0)) > 0)
- ) {
- WCHAR wmode[8];
- WCHAR *wfilename = _alloca(sz * sizeof(WCHAR));
-
- if (MultiByteToWideChar(CP_UTF8, flags,
- filename, len_0, wfilename, sz) &&
- MultiByteToWideChar(CP_UTF8, 0, mode, strlen(mode) + 1,
- wmode, OSSL_NELEM(wmode)) &&
- (file = _wfopen(wfilename, wmode)) == NULL &&
- (errno == ENOENT || errno == EBADF)
- ) {
- /*
- * UTF-8 decode succeeded, but no file, filename
- * could still have been locale-ized...
- */
- file = fopen(filename, mode);
- }
- } else if (GetLastError() == ERROR_NO_UNICODE_TRANSLATION) {
- file = fopen(filename, mode);
- }
-# elif defined(__DJGPP__)
- {
- char *newname = NULL;
-
- if (!HAS_LFN_SUPPORT(filename)) {
- char *iterator;
- char lastchar;
-
- newname = OPENSSL_malloc(strlen(filename) + 1);
- if (newname == NULL)
- return NULL;
-
- for(iterator = newname, lastchar = '\0';
- *filename; filename++, iterator++) {
- if (lastchar == '/' && filename[0] == '.'
- && filename[1] != '.' && filename[1] != '/') {
- /* Leading dots are not permitted in plain DOS. */
- *iterator = '_';
- } else {
- *iterator = *filename;
- }
- lastchar = *filename;
- }
- *iterator = '\0';
- filename = newname;
- }
- file = fopen(filename, mode);
-
- OPENSSL_free(newname);
- }
-# else
- file = fopen(filename, mode);
-# endif
- return (file);
-}
-
BIO *BIO_new_file(const char *filename, const char *mode)
{
BIO *ret;
- FILE *file = file_fopen(filename, mode);
+ FILE *file = openssl_fopen(filename, mode);
int fp_flags = BIO_CLOSE;
if (strchr(mode, 'b') == NULL)
@@ -363,7 +282,7 @@ static long file_ctrl(BIO *b, int cmd, long num, void *ptr)
else
strcat(p, "t");
# endif
- fp = file_fopen(ptr, p);
+ fp = openssl_fopen(ptr, p);
if (fp == NULL) {
SYSerr(SYS_F_FOPEN, get_last_sys_error());
ERR_add_error_data(5, "fopen('", ptr, "','", p, "')");
diff --git a/crypto/build.info b/crypto/build.info
index 1b4ed14..916d24f 100644
--- a/crypto/build.info
+++ b/crypto/build.info
@@ -2,7 +2,7 @@
LIBS=../libcrypto
SOURCE[../libcrypto]=\
cryptlib.c mem.c mem_dbg.c cversion.c ex_data.c cpt_err.c \
- ebcdic.c uid.c o_time.c o_str.c o_dir.c \
+ ebcdic.c uid.c o_time.c o_str.c o_dir.c o_fopen.c \
threads_pthread.c threads_win.c threads_none.c \
o_init.c o_fips.c mem_sec.c init.c {- $target{cpuid_asm_src} -} \
{- $target{uplink_aux_src} -}
diff --git a/crypto/include/internal/cryptlib.h b/crypto/include/internal/cryptlib.h
index 05b8dc0..c9f76ba 100644
--- a/crypto/include/internal/cryptlib.h
+++ b/crypto/include/internal/cryptlib.h
@@ -25,7 +25,6 @@
# include <openssl/buffer.h>
# include <openssl/bio.h>
# include <openssl/err.h>
-# include <openssl/opensslconf.h>
#ifdef __cplusplus
extern "C" {
@@ -69,6 +68,11 @@ extern int OPENSSL_NONPIC_relocated;
void crypto_cleanup_all_ex_data_int(void);
int openssl_strerror_r(int errnum, char *buf, size_t buflen);
+# if !defined(OPENSSL_NO_STDIO)
+FILE *openssl_fopen(const char *filename, const char *mode);
+# else
+void *openssl_fopen(const char *filename, const char *mode);
+# endif
#ifdef __cplusplus
}
diff --git a/crypto/o_fopen.c b/crypto/o_fopen.c
new file mode 100644
index 0000000..0bdb53f
--- /dev/null
+++ b/crypto/o_fopen.c
@@ -0,0 +1,103 @@
+/*
+ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include "internal/cryptlib.h"
+
+#if !defined(OPENSSL_NO_STDIO)
+
+# include <stdio.h>
+
+FILE *openssl_fopen(const char *filename, const char *mode)
+{
+ FILE *file = NULL;
+# if defined(_WIN32) && defined(CP_UTF8)
+ int sz, len_0 = (int)strlen(filename) + 1;
+ DWORD flags;
+
+ /*
+ * Basically there are three cases to cover: a) filename is
+ * pure ASCII string; b) actual UTF-8 encoded string and
+ * c) locale-ized string, i.e. one containing 8-bit
+ * characters that are meaningful in current system locale.
+ * If filename is pure ASCII or real UTF-8 encoded string,
+ * MultiByteToWideChar succeeds and _wfopen works. If
+ * filename is locale-ized string, chances are that
+ * MultiByteToWideChar fails reporting
+ * ERROR_NO_UNICODE_TRANSLATION, in which case we fall
+ * back to fopen...
+ */
+ if ((sz = MultiByteToWideChar(CP_UTF8, (flags = MB_ERR_INVALID_CHARS),
+ filename, len_0, NULL, 0)) > 0 ||
+ (GetLastError() == ERROR_INVALID_FLAGS &&
+ (sz = MultiByteToWideChar(CP_UTF8, (flags = 0),
+ filename, len_0, NULL, 0)) > 0)
+ ) {
+ WCHAR wmode[8];
+ WCHAR *wfilename = _alloca(sz * sizeof(WCHAR));
+
+ if (MultiByteToWideChar(CP_UTF8, flags,
+ filename, len_0, wfilename, sz) &&
+ MultiByteToWideChar(CP_UTF8, 0, mode, strlen(mode) + 1,
+ wmode, OSSL_NELEM(wmode)) &&
+ (file = _wfopen(wfilename, wmode)) == NULL &&
+ (errno == ENOENT || errno == EBADF)
+ ) {
+ /*
+ * UTF-8 decode succeeded, but no file, filename
+ * could still have been locale-ized...
+ */
+ file = fopen(filename, mode);
+ }
+ } else if (GetLastError() == ERROR_NO_UNICODE_TRANSLATION) {
+ file = fopen(filename, mode);
+ }
+# elif defined(__DJGPP__)
+ {
+ char *newname = NULL;
+
+ if (!HAS_LFN_SUPPORT(filename)) {
+ char *iterator;
+ char lastchar;
+
+ newname = OPENSSL_malloc(strlen(filename) + 1);
+ if (newname == NULL)
+ return NULL;
+
+ for(iterator = newname, lastchar = '\0';
+ *filename; filename++, iterator++) {
+ if (lastchar == '/' && filename[0] == '.'
+ && filename[1] != '.' && filename[1] != '/') {
+ /* Leading dots are not permitted in plain DOS. */
+ *iterator = '_';
+ } else {
+ *iterator = *filename;
+ }
+ lastchar = *filename;
+ }
+ *iterator = '\0';
+ filename = newname;
+ }
+ file = fopen(filename, mode);
+
+ OPENSSL_free(newname);
+ }
+# else
+ file = fopen(filename, mode);
+# endif
+ return file;
+}
+
+#else
+
+void *openssl_fopen(const char *filename, const char *mode)
+{
+ return NULL;
+}
+
+#endif
diff --git a/crypto/rand/randfile.c b/crypto/rand/randfile.c
index c322268..7aeb871 100644
--- a/crypto/rand/randfile.c
+++ b/crypto/rand/randfile.c
@@ -7,7 +7,7 @@
* https://www.openssl.org/source/license.html
*/
-#include "e_os.h"
+#include "internal/cryptlib.h"
#include <errno.h>
#include <stdio.h>
@@ -57,6 +57,8 @@
# define chmod _chmod
# define open _open
# define fdopen _fdopen
+# define fstat _fstat
+# define fileno _fileno
#endif
#undef BUFSIZE
@@ -76,12 +78,8 @@
# if __INITIAL_POINTER_SIZE == 64
# pragma pointer_size save
# pragma pointer_size 32
-# endif
typedef char *char_ptr32;
-# if __INITIAL_POINTER_SIZE == 64
# pragma pointer_size restore
-# endif
-
/*
* On VMS, setbuf() will only take 32-bit pointers, and a compilation
* with /POINTER_SIZE=64 will give off a MAYLOSEDATA2 warning here.
@@ -90,20 +88,18 @@ typedef char *char_ptr32;
* As for the buffer parameter, we only use NULL here, so that passes as
* well...
*/
-static void vms_setbuf(FILE *fp, char *buf)
-{
- setbuf((__FILE_ptr32)fp, (char_ptr32)buf);
-}
+# define setbuf(fp,buf) (setbuf)((__FILE_ptr32)(fp), (char_ptr32)(buf))
+# endif
+
/*
* This declaration is a nasty hack to get around vms' extension to fopen for
* passing in sharing options being disabled by /STANDARD=ANSI89
*/
static __FILE_ptr32 (*const vms_fopen)(const char *, const char *, ...) =
- (__FILE_ptr32 (*)(const char *, const char *, ...))fopen;
+ (__FILE_ptr32 (*)(const char *, const char *, ...))fopen;
# define VMS_OPEN_ATTRS "shr=get,put,upd,del","ctx=bin,stm","rfm=stm","rat=none","mrs=0"
-# define fopen(fname,mode) vms_fopen((fname), (mode), VMS_OPEN_ATTRS)
-# define setbuf(fp,buf) vms_setbuf((fp), (buf))
+# define openssl_fopen(fname,mode) vms_fopen((fname), (mode), VMS_OPEN_ATTRS)
#endif
#define RFILE ".rnd"
@@ -125,10 +121,17 @@ int RAND_load_file(const char *file, long bytes)
struct stat sb;
#endif
int i, ret = 0, n;
- FILE *in;
+ FILE *in = NULL;
if (file == NULL)
- return (0);
+ return 0;
+
+ if (bytes == 0)
+ return ret;
+
+ in = openssl_fopen(file, "rb");
+ if (in == NULL)
+ goto err;
#ifndef OPENSSL_NO_POSIX_IO
/*
@@ -138,17 +141,11 @@ int RAND_load_file(const char *file, long bytes)
* applications such as Valgrind.
*/
memset(&sb, 0, sizeof(sb));
- if (stat(file, &sb) < 0)
- return (0);
+ if (fstat(fileno(in), &sb) < 0)
+ goto err;
RAND_add(&sb, sizeof(sb), 0.0);
-#endif
- if (bytes == 0)
- return (ret);
- in = fopen(file, "rb");
- if (in == NULL)
- goto err;
-#if defined(S_ISBLK) && defined(S_ISCHR) && !defined(OPENSSL_NO_POSIX_IO)
+# if defined(S_ISBLK) && defined(S_ISCHR)
if (S_ISBLK(sb.st_mode) || S_ISCHR(sb.st_mode)) {
/*
* this file is a device. we don't want read an infinite number of
@@ -158,6 +155,7 @@ int RAND_load_file(const char *file, long bytes)
bytes = (bytes == -1) ? 2048 : bytes; /* ok, is 2048 enough? */
setbuf(in, NULL); /* don't do buffered reads */
}
+# endif
#endif
for (;;) {
if (bytes > 0)
@@ -176,10 +174,11 @@ int RAND_load_file(const char *file, long bytes)
break;
}
}
- fclose(in);
OPENSSL_cleanse(buf, BUFSIZE);
err:
- return (ret);
+ if (in != NULL)
+ fclose(in);
+ return ret;
}
int RAND_write_file(const char *file)
@@ -191,9 +190,15 @@ int RAND_write_file(const char *file)
#ifndef OPENSSL_NO_POSIX_IO
struct stat sb;
+# if defined(S_ISBLK) && defined(S_ISCHR)
+# ifdef _WIN32
+ /*
+ * Check for |file| being a driver as "ASCII-safe" on Windows,
+ * because driver paths are always ASCII.
+ */
+# endif
i = stat(file, &sb);
if (i != -1) {
-# if defined(S_ISBLK) && defined(S_ISCHR)
if (S_ISBLK(sb.st_mode) || S_ISCHR(sb.st_mode)) {
/*
* this file is a device. we don't write back to it. we
@@ -201,13 +206,14 @@ int RAND_write_file(const char *file)
* device. Otherwise attempting to write to and chmod the device
* causes problems.
*/
- return (1);
+ return 1;
}
# endif
}
#endif
-#if defined(O_CREAT) && !defined(OPENSSL_NO_POSIX_IO) && !defined(OPENSSL_SYS_VMS)
+#if defined(O_CREAT) && !defined(OPENSSL_NO_POSIX_IO) && \
+ !defined(OPENSSL_SYS_VMS) && !defined(OPENSSL_SYS_WINDOWS)
{
# ifndef O_BINARY
# define O_BINARY 0
@@ -241,10 +247,10 @@ int RAND_write_file(const char *file)
* rand file in a concurrent use situation.
*/
- out = fopen(file, "rb+");
+ out = openssl_fopen(file, "rb+");
#endif
if (out == NULL)
- out = fopen(file, "wb");
+ out = openssl_fopen(file, "wb");
if (out == NULL)
goto err;
@@ -276,38 +282,68 @@ int RAND_write_file(const char *file)
const char *RAND_file_name(char *buf, size_t size)
{
char *s = NULL;
+ int use_randfile = 1;
#ifdef __OpenBSD__
struct stat sb;
#endif
- if (OPENSSL_issetugid() == 0)
- s = getenv("RANDFILE");
- if (s != NULL && *s && strlen(s) + 1 < size) {
- if (OPENSSL_strlcpy(buf, s, size) >= size)
- return NULL;
- } else {
-#ifdef OPENSSL_SYS_WINDOWS
- if ((s = getenv("HOME")) == NULL
- && (s = getenv("USERPROFILE")) == NULL) {
- s = getenv("SYSTEMROOT");
+#if defined(_WIN32) && defined(CP_UTF8)
+ DWORD len;
+ WCHAR *var, *val;
+
+ if ((var = L"RANDFILE",
+ len = GetEnvironmentVariableW(var, NULL, 0)) == 0
+ && (var = L"HOME", use_randfile = 0,
+ len = GetEnvironmentVariableW(var, NULL, 0)) == 0
+ && (var = L"USERPROFILE",
+ len = GetEnvironmentVariableW(var, NULL, 0)) == 0) {
+ var = L"SYSTEMROOT",
+ len = GetEnvironmentVariableW(var, NULL, 0);
+ }
+
+ if (len != 0) {
+ int sz;
+
+ val = _alloca(len * sizeof(WCHAR));
+
+ if (GetEnvironmentVariableW(var, val, len) < len
+ && (sz = WideCharToMultiByte(CP_UTF8, 0, val, -1, NULL, 0,
+ NULL, NULL)) != 0) {
+ s = _alloca(sz);
+ if (WideCharToMultiByte(CP_UTF8, 0, val, -1, s, sz,
+ NULL, NULL) == 0)
+ s = NULL;
}
+ }
#else
+ if (OPENSSL_issetugid() == 0) {
+ s = getenv("RANDFILE");
+ } else {
+ use_randfile = 0;
if (OPENSSL_issetugid() == 0)
s = getenv("HOME");
+ }
#endif
#ifdef DEFAULT_HOME
- if (s == NULL) {
- s = DEFAULT_HOME;
- }
+ if (!use_randfile && s == NULL) {
+ s = DEFAULT_HOME;
+ }
#endif
- if (s && *s && strlen(s) + strlen(RFILE) + 2 < size) {
+ if (s != NULL && *s) {
+ size_t len = strlen(s);
+
+ if (use_randfile && len + 1 < size) {
+ if (OPENSSL_strlcpy(buf, s, size) >= size)
+ return NULL;
+ } else if (len + strlen(RFILE) + 2 < size) {
OPENSSL_strlcpy(buf, s, size);
#ifndef OPENSSL_SYS_VMS
OPENSSL_strlcat(buf, "/", size);
#endif
OPENSSL_strlcat(buf, RFILE, size);
- } else
- buf[0] = '\0'; /* no file name */
+ }
+ } else {
+ buf[0] = '\0'; /* no file name */
}
#ifdef __OpenBSD__
@@ -321,12 +357,12 @@ const char *RAND_file_name(char *buf, size_t size)
if (!buf[0])
if (OPENSSL_strlcpy(buf, "/dev/arandom", size) >= size) {
- return (NULL);
+ return NULL;
}
if (stat(buf, &sb) == -1)
if (OPENSSL_strlcpy(buf, "/dev/arandom", size) >= size) {
- return (NULL);
+ return NULL;
}
#endif
- return (buf);
+ return buf;
}
More information about the openssl-commits
mailing list