diff options
| author | Richard Levitte <levitte@openssl.org> | 2019-05-06 10:50:35 +0200 |
|---|---|---|
| committer | Richard Levitte <levitte@openssl.org> | 2019-11-12 13:33:12 +0100 |
| commit | 0255c1742a5a8186802fdef19b4f1c8c701a27bc (patch) | |
| tree | dac795407b3aba52bffa35cc1bea437a1f66777a /crypto | |
| parent | Make sure KDF reason codes are conserved in their current state (diff) | |
| download | openssl-0255c1742a5a8186802fdef19b4f1c8c701a27bc.tar.xz openssl-0255c1742a5a8186802fdef19b4f1c8c701a27bc.zip | |
Add a .pragma directive for configuration files
Currently added pragma:
.pragma dollarid:on
This allows dollar signs to be a keyword character unless it's
followed by a opening brace or parenthesis.
Fixes #8207
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8882)
Diffstat (limited to 'crypto')
| -rw-r--r-- | crypto/conf/conf_def.c | 58 | ||||
| -rw-r--r-- | crypto/conf/conf_def.h | 6 | ||||
| -rw-r--r-- | crypto/conf/conf_err.c | 3 | ||||
| -rw-r--r-- | crypto/conf/keysets.pl | 5 | ||||
| -rw-r--r-- | crypto/err/openssl.txt | 3 |
5 files changed, 68 insertions, 7 deletions
diff --git a/crypto/conf/conf_def.c b/crypto/conf/conf_def.c index 91ae658f65..811f8809d3 100644 --- a/crypto/conf/conf_def.c +++ b/crypto/conf/conf_def.c @@ -354,7 +354,49 @@ static int def_load_bio(CONF *conf, BIO *in, long *line) psection = section; } p = eat_ws(conf, end); - if (strncmp(pname, ".include", 8) == 0 + if (strncmp(pname, ".pragma", 7) == 0 + && (p != pname + 7 || *p == '=')) { + char *pval; + + if (*p == '=') { + p++; + p = eat_ws(conf, p); + } + trim_ws(conf, p); + + /* Pragma values take the form keyword:value */ + pval = strchr(p, ':'); + if (pval == NULL || pval == p || pval[1] == '\0') { + CONFerr(CONF_F_DEF_LOAD_BIO, CONF_R_INVALID_PRAGMA); + goto err; + } + + *pval++ = '\0'; + trim_ws(conf, p); + pval = eat_ws(conf, pval); + + /* + * Known pragmas: + * + * dollarid takes "on", "true or "off", "false" + */ + if (strcmp(p, "dollarid") == 0) { + if (strcmp(pval, "on") == 0 + || strcmp(pval, "true") == 0) { + conf->flag_dollarid = 1; + } else if (strcmp(pval, "off") == 0 + || strcmp(pval, "false") == 0) { + conf->flag_dollarid = 0; + } else { + CONFerr(CONF_F_DEF_LOAD_BIO, CONF_R_INVALID_PRAGMA); + goto err; + } + } + /* + * We *ignore* any unknown pragma. + */ + continue; + } else if (strncmp(pname, ".include", 8) == 0 && (p != pname + 8 || *p == '=')) { char *include = NULL; BIO *next; @@ -590,7 +632,10 @@ static int str_copy(CONF *conf, char *section, char **pto, char *from) buf->data[to++] = v; } else if (IS_EOF(conf, *from)) break; - else if (*from == '$') { + else if (*from == '$' + && (!conf->flag_dollarid + || from[1] == '{' + || from[1] == '(')) { size_t newsize; /* try to expand it */ @@ -607,7 +652,8 @@ static int str_copy(CONF *conf, char *section, char **pto, char *from) s++; cp = section; e = np = s; - while (IS_ALNUM(conf, *e)) + while (IS_ALNUM(conf, *e) + || (conf->flag_dollarid && IS_DOLLAR(conf, *e))) e++; if ((e[0] == ':') && (e[1] == ':')) { cp = np; @@ -616,7 +662,8 @@ static int str_copy(CONF *conf, char *section, char **pto, char *from) *rrp = '\0'; e += 2; np = e; - while (IS_ALNUM(conf, *e)) + while (IS_ALNUM(conf, *e) + || (conf->flag_dollarid && IS_DOLLAR(conf, *e))) e++; } r = *e; @@ -832,7 +879,8 @@ static char *eat_alpha_numeric(CONF *conf, char *p) p = scan_esc(conf, p); continue; } - if (!IS_ALNUM_PUNCT(conf, *p)) + if (!(IS_ALNUM_PUNCT(conf, *p) + || (conf->flag_dollarid && IS_DOLLAR(conf, *p)))) return p; p++; } diff --git a/crypto/conf/conf_def.h b/crypto/conf/conf_def.h index 160611788f..1a3557d954 100644 --- a/crypto/conf/conf_def.h +++ b/crypto/conf/conf_def.h @@ -20,6 +20,7 @@ #define CONF_DQUOTE 1024 #define CONF_COMMENT 128 #define CONF_FCOMMENT 2048 +#define CONF_DOLLAR 4096 #define CONF_EOF 8 #define CONF_ALPHA (CONF_UPPER|CONF_LOWER) #define CONF_ALNUM (CONF_ALPHA|CONF_NUMBER|CONF_UNDER) @@ -36,13 +37,14 @@ #define IS_ALNUM_PUNCT(conf,c) is_keytype(conf, c, CONF_ALNUM_PUNCT) #define IS_QUOTE(conf,c) is_keytype(conf, c, CONF_QUOTE) #define IS_DQUOTE(conf,c) is_keytype(conf, c, CONF_DQUOTE) +#define IS_DOLLAR(conf,c) is_keytype(conf, c, CONF_DOLLAR) static const unsigned short CONF_type_default[128] = { 0x0008, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0010, 0x0010, 0x0000, 0x0000, 0x0010, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, - 0x0010, 0x0200, 0x0040, 0x0080, 0x0000, 0x0200, 0x0200, 0x0040, + 0x0010, 0x0200, 0x0040, 0x0080, 0x1000, 0x0200, 0x0200, 0x0040, 0x0000, 0x0000, 0x0200, 0x0200, 0x0200, 0x0200, 0x0200, 0x0200, 0x0001, 0x0001, 0x0001, 0x0001, 0x0001, 0x0001, 0x0001, 0x0001, 0x0001, 0x0001, 0x0000, 0x0200, 0x0000, 0x0000, 0x0000, 0x0200, @@ -62,7 +64,7 @@ static const unsigned short CONF_type_win32[128] = { 0x0000, 0x0010, 0x0010, 0x0000, 0x0000, 0x0010, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, - 0x0010, 0x0200, 0x0400, 0x0000, 0x0000, 0x0200, 0x0200, 0x0000, + 0x0010, 0x0200, 0x0400, 0x0000, 0x1000, 0x0200, 0x0200, 0x0000, 0x0000, 0x0000, 0x0200, 0x0200, 0x0200, 0x0200, 0x0200, 0x0200, 0x0001, 0x0001, 0x0001, 0x0001, 0x0001, 0x0001, 0x0001, 0x0001, 0x0001, 0x0001, 0x0000, 0x0A00, 0x0000, 0x0000, 0x0000, 0x0200, diff --git a/crypto/conf/conf_err.c b/crypto/conf/conf_err.c index 96d2cd99f5..daf2320a19 100644 --- a/crypto/conf/conf_err.c +++ b/crypto/conf/conf_err.c @@ -15,8 +15,11 @@ static const ERR_STRING_DATA CONF_str_reasons[] = { {ERR_PACK(ERR_LIB_CONF, 0, CONF_R_ERROR_LOADING_DSO), "error loading dso"}, + {ERR_PACK(ERR_LIB_CONF, 0, CONF_R_INVALID_PRAGMA), "invalid pragma"}, {ERR_PACK(ERR_LIB_CONF, 0, CONF_R_LIST_CANNOT_BE_NULL), "list cannot be null"}, + {ERR_PACK(ERR_LIB_CONF, 0, CONF_R_MANDATORY_BRACES_IN_VARIABLE_EXPANSION), + "mandatory braces in variable expansion"}, {ERR_PACK(ERR_LIB_CONF, 0, CONF_R_MISSING_CLOSE_SQUARE_BRACKET), "missing close square bracket"}, {ERR_PACK(ERR_LIB_CONF, 0, CONF_R_MISSING_EQUAL_SIGN), diff --git a/crypto/conf/keysets.pl b/crypto/conf/keysets.pl index 3c6eecd9ca..b0e2249364 100644 --- a/crypto/conf/keysets.pl +++ b/crypto/conf/keysets.pl @@ -20,6 +20,7 @@ my $QUOTE = 0x0040; my $DQUOTE = 0x0400; my $COMMENT = 0x0080; my $FCOMMENT = 0x0800; +my $DOLLAR = 0x1000; my $EOF = 0x0008; my @V_def; my @V_w32; @@ -38,6 +39,7 @@ foreach (0 .. 127) { $v |= $ESC if $c =~ /\\/; $v |= $QUOTE if $c =~ /['`"]/; # for emacs: "`' $v |= $COMMENT if $c =~ /\#/; + $v |= $DOLLAR if $c eq '$'; $v |= $EOF if $c =~ /\0/; push(@V_def, $v); @@ -50,6 +52,7 @@ foreach (0 .. 127) { $v |= $WS if $c =~ /[ \t\r\n]/; $v |= $DQUOTE if $c =~ /["]/; # for emacs: " $v |= $FCOMMENT if $c =~ /;/; + $v |= $DOLLAR if $c eq '$'; $v |= $EOF if $c =~ /\0/; push(@V_w32, $v); } @@ -80,6 +83,7 @@ print <<"EOF"; #define CONF_DQUOTE $DQUOTE #define CONF_COMMENT $COMMENT #define CONF_FCOMMENT $FCOMMENT +#define CONF_DOLLAR $DOLLAR #define CONF_EOF $EOF #define CONF_ALPHA (CONF_UPPER|CONF_LOWER) #define CONF_ALNUM (CONF_ALPHA|CONF_NUMBER|CONF_UNDER) @@ -96,6 +100,7 @@ print <<"EOF"; #define IS_ALNUM_PUNCT(conf,c) is_keytype(conf, c, CONF_ALNUM_PUNCT) #define IS_QUOTE(conf,c) is_keytype(conf, c, CONF_QUOTE) #define IS_DQUOTE(conf,c) is_keytype(conf, c, CONF_DQUOTE) +#define IS_DOLLAR(conf,c) is_keytype(conf, c, CONF_DOLLAR) EOF diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt index abbf232133..f3fb8a55d9 100644 --- a/crypto/err/openssl.txt +++ b/crypto/err/openssl.txt @@ -2163,7 +2163,10 @@ COMP_R_ZLIB_DEFLATE_ERROR:99:zlib deflate error COMP_R_ZLIB_INFLATE_ERROR:100:zlib inflate error COMP_R_ZLIB_NOT_SUPPORTED:101:zlib not supported CONF_R_ERROR_LOADING_DSO:110:error loading dso +CONF_R_INVALID_PRAGMA:122:invalid pragma CONF_R_LIST_CANNOT_BE_NULL:115:list cannot be null +CONF_R_MANDATORY_BRACES_IN_VARIABLE_EXPANSION:123:\ + mandatory braces in variable expansion CONF_R_MISSING_CLOSE_SQUARE_BRACKET:100:missing close square bracket CONF_R_MISSING_EQUAL_SIGN:101:missing equal sign CONF_R_MISSING_INIT_FUNCTION:112:missing init function |