[openssl] master update
Richard Levitte
levitte at openssl.org
Tue Apr 23 13:53:20 UTC 2019
The branch master has been updated
via 0109e030db9207a47e195b4c3a3b13e9017f0ed2 (commit)
via 47ca8338358b01ef429a3801ce6173f7a0791674 (commit)
from 71ef78d71f638c7de893c635ee9b0fd16247c762 (commit)
- Log -----------------------------------------------------------------
commit 0109e030db9207a47e195b4c3a3b13e9017f0ed2
Author: Richard Levitte <levitte at openssl.org>
Date: Tue Apr 9 14:39:54 2019 +0200
Add a way for the application to get OpenSSL configuration data
OpenSSL_version(OPENSSL_DIR) gives you a nicely formatted string for
display, but if all you really want is the directory itself, you were
forced to parsed the string.
This introduces a new function to get diverse configuration data from
the library, OPENSSL_info(). This works the same way as
OpenSSL_version(), but has its own series of types, currently
including:
OPENSSL_INFO_CONFIG_DIR returns OPENSSLDIR
OPENSSL_INFO_ENGINES_DIR returns ENGINESDIR
OPENSSL_INFO_MODULES_DIR returns MODULESDIR
OPENSSL_INFO_DSO_EXTENSION returns DSO_EXTENSION
OPENSSL_INFO_DIR_FILENAME_SEPARATOR returns directory/filename separator
OPENSSL_INFO_LIST_SEPARATOR returns list separator
For scripting purposes, this also adds the command 'openssl info'.
Reviewed-by: Paul Dale <paul.dale at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8709)
commit 47ca8338358b01ef429a3801ce6173f7a0791674
Author: Richard Levitte <levitte at openssl.org>
Date: Tue Apr 9 14:33:29 2019 +0200
Add the possibility to display and use MODULESDIR
This adds the flag OPENSSL_MODULES_DIR for OpenSSL_version(), and the
flag '-m' for 'openssl version'.
Reviewed-by: Paul Dale <paul.dale at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8709)
-----------------------------------------------------------------------
Summary of changes:
CHANGES | 5 +++
NEWS | 1 +
apps/build.info | 3 +-
apps/info.c | 97 ++++++++++++++++++++++++++++++++++++++++++++
apps/progs.pl | 3 ++
apps/version.c | 13 ++++--
crypto/build.info | 2 +-
crypto/cversion.c | 6 +++
crypto/info.c | 44 ++++++++++++++++++++
doc/man1/info.pod | 81 ++++++++++++++++++++++++++++++++++++
doc/man1/openssl.pod | 4 ++
doc/man3/OpenSSL_version.pod | 47 ++++++++++++++++++++-
include/openssl/crypto.h | 13 ++++++
util/libcrypto.num | 1 +
14 files changed, 313 insertions(+), 7 deletions(-)
create mode 100644 apps/info.c
create mode 100644 crypto/info.c
create mode 100644 doc/man1/info.pod
diff --git a/CHANGES b/CHANGES
index 164787c..d0e2d3a 100644
--- a/CHANGES
+++ b/CHANGES
@@ -9,6 +9,11 @@
Changes between 1.1.1 and 3.0.0 [xx XXX xxxx]
+ *) Added OPENSSL_info() to get diverse built-in OpenSSL data, such
+ as default directories. Also added the command 'openssl info'
+ for scripting purposes.
+ [Richard Levitte]
+
*) The functions AES_ige_encrypt() and AES_bi_ige_encrypt() have been
deprecated. These undocumented functions were never integrated into the EVP
layer and implement the AES Infinite Garble Extension (IGE) mode and AES
diff --git a/NEWS b/NEWS
index 3c38c78..0800b76 100644
--- a/NEWS
+++ b/NEWS
@@ -7,6 +7,7 @@
Major changes between OpenSSL 1.1.1 and OpenSSL 3.0.0 [under development]
+ o Add OPENSSL_info() and 'openssl info' to get built-in data.
o Add support for enabling instrumentation through trace and debug
output.
o Changed our version number scheme and set the next major release to
diff --git a/apps/build.info b/apps/build.info
index ad14038..30847a0 100644
--- a/apps/build.info
+++ b/apps/build.info
@@ -5,7 +5,8 @@
genpkey.c genrsa.c mac.c nseq.c ocsp.c passwd.c pkcs12.c pkcs7.c
pkcs8.c pkey.c pkeyparam.c pkeyutl.c prime.c rand.c req.c rsa.c
rsautl.c s_client.c s_server.c s_time.c sess_id.c smime.c speed.c
- spkac.c srp.c ts.c verify.c version.c x509.c rehash.c storeutl.c);
+ spkac.c srp.c ts.c verify.c version.c x509.c rehash.c storeutl.c
+ info.c);
our @apps_lib_src =
( qw(apps.c apps_ui.c opt.c fmt.c s_cb.c s_socket.c app_rand.c
bf_prefix.c),
diff --git a/apps/info.c b/apps/info.c
new file mode 100644
index 0000000..aa019ad
--- /dev/null
+++ b/apps/info.c
@@ -0,0 +1,97 @@
+/*
+ * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <openssl/crypto.h>
+#include "apps.h"
+#include "progs.h"
+
+typedef enum OPTION_choice {
+ OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
+ OPT_CONFIGDIR, OPT_ENGINESDIR, OPT_MODULESDIR, OPT_DSOEXT, OPT_DIRNAMESEP,
+ OPT_LISTSEP
+} OPTION_CHOICE;
+
+const OPTIONS info_options[] = {
+ {"help", OPT_HELP, '-', "Display this summary"},
+ {"configdir", OPT_CONFIGDIR, '-', "Default configuration file directory"},
+ {"c", OPT_CONFIGDIR, '-', "Default configuration file directory"},
+ {"enginesdir", OPT_ENGINESDIR, '-', "Default engine module directory"},
+ {"e", OPT_ENGINESDIR, '-', "Default engine module directory"},
+ {"modulesdir", OPT_ENGINESDIR, '-',
+ "Default module directory (other than engine modules)"},
+ {"m", OPT_ENGINESDIR, '-',
+ "Default module directory (other than engine modules)"},
+ {"dsoext", OPT_DSOEXT, '-', "Configured extension for modules"},
+ {"dirnamesep", OPT_DIRNAMESEP, '-', "Directory-filename separator"},
+ {"listsep", OPT_LISTSEP, '-', "List separator character"},
+ {NULL}
+};
+
+int info_main(int argc, char **argv)
+{
+ int ret = 1, dirty = 0, type = 0;
+ char *prog;
+ OPTION_CHOICE o;
+
+ prog = opt_init(argc, argv, info_options);
+ while ((o = opt_next()) != OPT_EOF) {
+ switch (o) {
+ case OPT_EOF:
+ case OPT_ERR:
+opthelp:
+ BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
+ goto end;
+ case OPT_HELP:
+ opt_help(info_options);
+ ret = 0;
+ goto end;
+ case OPT_CONFIGDIR:
+ type = OPENSSL_INFO_CONFIG_DIR;
+ dirty++;
+ break;
+ case OPT_ENGINESDIR:
+ type = OPENSSL_INFO_ENGINES_DIR;
+ dirty++;
+ break;
+ case OPT_MODULESDIR:
+ type = OPENSSL_INFO_MODULES_DIR;
+ dirty++;
+ break;
+ case OPT_DSOEXT:
+ type = OPENSSL_INFO_DSO_EXTENSION;
+ dirty++;
+ break;
+ case OPT_DIRNAMESEP:
+ type = OPENSSL_INFO_DIR_FILENAME_SEPARATOR;
+ dirty++;
+ break;
+ case OPT_LISTSEP:
+ type = OPENSSL_INFO_LIST_SEPARATOR;
+ dirty++;
+ break;
+ }
+ }
+ if (opt_num_rest() != 0) {
+ BIO_printf(bio_err, "%s: Extra parameters given.\n", prog);
+ goto opthelp;
+ }
+ if (dirty > 1) {
+ BIO_printf(bio_err, "%s: Only one item allowed\n", prog);
+ goto opthelp;
+ }
+ if (dirty == 0) {
+ BIO_printf(bio_err, "%s: No items chosen\n", prog);
+ goto opthelp;
+ }
+
+ BIO_printf(bio_out, "%s\n", OPENSSL_info(type));
+ ret = 0;
+ end:
+ return ret;
+}
diff --git a/apps/progs.pl b/apps/progs.pl
index ab1a729..3aec756 100644
--- a/apps/progs.pl
+++ b/apps/progs.pl
@@ -51,6 +51,9 @@ print <<"EOF";
* https://www.openssl.org/source/license.html
*/
+#include <openssl/lhash.h>
+#include "opt.h"
+
typedef enum FUNC_TYPE {
FT_none, FT_general, FT_md, FT_cipher, FT_pkey,
FT_md_alg, FT_cipher_alg
diff --git a/apps/version.c b/apps/version.c
index f9d280c..279aeff 100644
--- a/apps/version.c
+++ b/apps/version.c
@@ -33,7 +33,7 @@
typedef enum OPTION_choice {
OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
- OPT_B, OPT_D, OPT_E, OPT_F, OPT_O, OPT_P, OPT_V, OPT_A, OPT_R
+ OPT_B, OPT_D, OPT_E, OPT_M, OPT_F, OPT_O, OPT_P, OPT_V, OPT_A, OPT_R
} OPTION_CHOICE;
const OPTIONS version_options[] = {
@@ -42,6 +42,7 @@ const OPTIONS version_options[] = {
{"b", OPT_B, '-', "Show build date"},
{"d", OPT_D, '-', "Show configuration directory"},
{"e", OPT_E, '-', "Show engines directory"},
+ {"m", OPT_M, '-', "Show modules directory"},
{"f", OPT_F, '-', "Show compiler flags used"},
{"o", OPT_O, '-', "Show some internal datatype options"},
{"p", OPT_P, '-', "Show target build platform"},
@@ -64,7 +65,7 @@ int version_main(int argc, char **argv)
{
int ret = 1, dirty = 0, seed = 0;
int cflags = 0, version = 0, date = 0, options = 0, platform = 0, dir = 0;
- int engdir = 0;
+ int engdir = 0, moddir = 0;
char *prog;
OPTION_CHOICE o;
@@ -89,6 +90,9 @@ opthelp:
case OPT_E:
dirty = engdir = 1;
break;
+ case OPT_M:
+ dirty = moddir = 1;
+ break;
case OPT_F:
dirty = cflags = 1;
break;
@@ -105,7 +109,8 @@ opthelp:
dirty = version = 1;
break;
case OPT_A:
- seed = options = cflags = version = date = platform = dir = engdir
+ seed = options = cflags = version = date = platform
+ = dir = engdir = moddir
= 1;
break;
}
@@ -155,6 +160,8 @@ opthelp:
printf("%s\n", OpenSSL_version(OPENSSL_DIR));
if (engdir)
printf("%s\n", OpenSSL_version(OPENSSL_ENGINES_DIR));
+ if (moddir)
+ printf("%s\n", OpenSSL_version(OPENSSL_MODULES_DIR));
if (seed) {
printf("Seeding source:");
#ifdef OPENSSL_RAND_SEED_RTDSC
diff --git a/crypto/build.info b/crypto/build.info
index 77dcffb..30dcf8c 100644
--- a/crypto/build.info
+++ b/crypto/build.info
@@ -14,7 +14,7 @@ SOURCE[../libcrypto]=provider_core.c provider_predefined.c provider_conf.c \
# Central utilities
SOURCE[../libcrypto]=\
- cryptlib.c mem.c mem_dbg.c cversion.c ex_data.c cpt_err.c \
+ cryptlib.c mem.c mem_dbg.c cversion.c info.c ex_data.c cpt_err.c \
ebcdic.c uid.c o_time.c o_str.c o_dir.c o_fopen.c ctype.c \
threads_pthread.c threads_win.c threads_none.c getenv.c \
o_init.c o_fips.c mem_sec.c init.c context.c sparse_array.c \
diff --git a/crypto/cversion.c b/crypto/cversion.c
index db25fd6..aef84e9 100644
--- a/crypto/cversion.c
+++ b/crypto/cversion.c
@@ -70,6 +70,12 @@ const char *OpenSSL_version(int t)
#else
return "ENGINESDIR: N/A";
#endif
+ case OPENSSL_MODULES_DIR:
+#ifdef MODULESDIR
+ return "MODULESDIR: \"" MODULESDIR "\"";
+#else
+ return "MODULESDIR: N/A";
+#endif
}
return "not available";
}
diff --git a/crypto/info.c b/crypto/info.c
new file mode 100644
index 0000000..5a929dd
--- /dev/null
+++ b/crypto/info.c
@@ -0,0 +1,44 @@
+/*
+ * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <stddef.h>
+#include <openssl/crypto.h>
+#include "internal/dso_conf.h"
+#include "e_os.h"
+
+const char *OPENSSL_info(int t)
+{
+ switch (t) {
+ case OPENSSL_INFO_CONFIG_DIR:
+ return OPENSSLDIR;
+ case OPENSSL_INFO_ENGINES_DIR:
+ return ENGINESDIR;
+ case OPENSSL_INFO_MODULES_DIR:
+ return MODULESDIR;
+ case OPENSSL_INFO_DSO_EXTENSION:
+ return DSO_EXTENSION;
+ case OPENSSL_INFO_DIR_FILENAME_SEPARATOR:
+#if defined(_WIN32)
+ return "\\";
+#elif defined(__VMS)
+ return "";
+#else /* Assume POSIX */
+ return "/";
+#endif
+ case OPENSSL_INFO_LIST_SEPARATOR:
+ {
+ static const char list_sep[] = { LIST_SEPARATOR_CHAR, '\0' };
+ return list_sep;
+ }
+ default:
+ break;
+ }
+ /* Not an error */
+ return NULL;
+}
diff --git a/doc/man1/info.pod b/doc/man1/info.pod
new file mode 100644
index 0000000..6eddf0f
--- /dev/null
+++ b/doc/man1/info.pod
@@ -0,0 +1,81 @@
+=pod
+
+=head1 NAME
+
+openssl-info,
+info - print OpenSSL built-in information
+
+=head1 SYNOPSIS
+
+B<openssl info>
+[B<-help>]
+[B<-configdir> | B<-c>]
+[B<-enginesdir> | B<-e>]
+[B<-modulesdir> | B<-m>]
+[B<-dsoext>]
+[B<-dirfilesep>]
+[B<-listsep]>
+
+=head1 DESCRIPTION
+
+This command is used to print out information about OpenSSL.
+The information is written exactly as it is with no extra text, which
+makes useful for scripts.
+
+As a consequence, only one item may be chosen for each run of this
+command.
+
+=head1 OPTIONS
+
+=over 4
+
+=item B<-help>
+
+Print out a usage message.
+
+=item B<-configdir>, B<-c>
+
+Outputs the default directory for OpenSSL configuration files.
+
+=item B<-enginesdir>, B<-e>
+
+Outputs the default directory for OpenSSL engine modules.
+
+=item B<-modulesdir>, B<-m>
+
+Outputs the default directory for OpenSSL dynamically loadable modules
+other than engine modules.
+
+=item B<-dsoext>
+
+Outputs the DSO extension OpenSSL uses.
+
+=item B<-dirnamesep>
+
+Outputs the separator character between a directory specification and
+a file name.
+Note that on some operating systems, this is not the same as the
+separator between directory elements.
+
+=item B<-listsep>
+
+Outputs the OpenSSL list separator character.
+This is typically used to construct C<$PATH> (C<%PATH%> on Windows)
+style lists.
+
+=back
+
+=head1 HISTORY
+
+The B<openssl info> command was added in OpenSSL 3.0.
+
+=head1 COPYRIGHT
+
+Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/doc/man1/openssl.pod b/doc/man1/openssl.pod
index 5f6f8d3..e41c76a 100644
--- a/doc/man1/openssl.pod
+++ b/doc/man1/openssl.pod
@@ -167,6 +167,10 @@ Generation of Private Key or Parameters.
Generation of RSA Private Key. Superseded by L<genpkey(1)>.
+=item B<info>
+
+Display diverse information built into the OpenSSL libraries.
+
=item B<mac>
Message Authentication Code Calculation.
diff --git a/doc/man3/OpenSSL_version.pod b/doc/man3/OpenSSL_version.pod
index 679273e..c1ced64 100644
--- a/doc/man3/OpenSSL_version.pod
+++ b/doc/man3/OpenSSL_version.pod
@@ -8,8 +8,8 @@ OPENSSL_VERSION_PRE_RELEASE_STR, OPENSSL_VERSION_BUILD_METADATA_STR,
OPENSSL_VERSION_TEXT,
OPENSSL_version_major, OPENSSL_version_minor, OPENSSL_version_patch,
OPENSSL_version_pre_release, OPENSSL_version_build_metadata, OpenSSL_version,
-OPENSSL_VERSION_NUMBER, OpenSSL_version_num
-- get OpenSSL version number
+OPENSSL_VERSION_NUMBER, OpenSSL_version_num, OPENSSL_info
+- get OpenSSL version number and other information
=head1 SYNOPSIS
@@ -37,6 +37,8 @@ OPENSSL_VERSION_NUMBER, OpenSSL_version_num
const char *OpenSSL_version(int t);
+ const char *OPENSSL_info(int t);
+
Deprecated:
/* from openssl/opensslv.h */
@@ -127,6 +129,47 @@ if available or "ENGINESDIR: N/A" otherwise.
For an unknown B<t>, the text "not available" is returned.
+OPENSSL_info() also returns different strings depending on B<t>:
+
+=over 4
+
+=item OPENSSL_INFO_CONFIG_DIR
+
+The configured C<OPENSSLDIR>, which is the default location for
+OpenSSL configuration files.
+
+=item OPENSSL_INFO_ENGINES_DIR
+
+The configured C<ENGINESDIR>, which is the default location for
+OpenSSL engines.
+
+=item OPENSSL_INFO_MODULES_DIR
+
+The configured C<MODULESDIR>, which is the default location for
+dynamically loadable OpenSSL modules other than engines.
+
+=item OPENSSL_INFO_DSO_EXTENSION
+
+The configured dynamically loadable module extension.
+
+=item OPENSSL_INFO_DIR_FILENAME_SEPARATOR
+
+The separator between a directory specification and a file name.
+Note that on some operating systems, this is not the same as the
+separator between directory elements.
+
+=item OPENSSL_INFO_LIST_SEPARATOR
+
+The OpenSSL list separator.
+This is typically used in strings that are lists of items, such as the
+value of the environment variable C<$PATH> on Unix (where the
+separator is ":") or C<%PATH%> on Windows (where the separator is
+";").
+
+=back
+
+For an unknown B<t>, NULL is returned.
+
=head1 BACKWARD COMPATIBILITY
For compatibility, some older macros and functions are retained or
diff --git a/include/openssl/crypto.h b/include/openssl/crypto.h
index deb369e..a7e78e4 100644
--- a/include/openssl/crypto.h
+++ b/include/openssl/crypto.h
@@ -163,6 +163,19 @@ const char *OpenSSL_version(int type);
# define OPENSSL_ENGINES_DIR 5
# define OPENSSL_VERSION_STRING 6
# define OPENSSL_FULL_VERSION_STRING 7
+# define OPENSSL_MODULES_DIR 8
+
+const char *OPENSSL_info(int type);
+/*
+ * The series starts at 1001 to avoid confusion with the OpenSSL_version
+ * types.
+ */
+# define OPENSSL_INFO_CONFIG_DIR 1001
+# define OPENSSL_INFO_ENGINES_DIR 1002
+# define OPENSSL_INFO_MODULES_DIR 1003
+# define OPENSSL_INFO_DSO_EXTENSION 1004
+# define OPENSSL_INFO_DIR_FILENAME_SEPARATOR 1005
+# define OPENSSL_INFO_LIST_SEPARATOR 1006
int OPENSSL_issetugid(void);
diff --git a/util/libcrypto.num b/util/libcrypto.num
index b9be349..8259ddb 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -4799,3 +4799,4 @@ EC_GROUP_check_named_curve 4746 3_0_0 EXIST::FUNCTION:EC
EVP_CIPHER_upref 4747 3_0_0 EXIST::FUNCTION:
EVP_CIPHER_fetch 4748 3_0_0 EXIST::FUNCTION:
EVP_CIPHER_mode 4749 3_0_0 EXIST::FUNCTION:
+OPENSSL_info 4750 3_0_0 EXIST::FUNCTION:
More information about the openssl-commits
mailing list