GCC Code Coverage Report
Directory: ./ Exec Total Coverage
File: usr.bin/openssl/openssl.c Lines: 212 258 82.2 %
Date: 2017-11-13 Branches: 114 156 73.1 %

Line Branch Exec Source
1
/* $OpenBSD: openssl.c,v 1.25 2017/01/20 08:57:12 deraadt Exp $ */
2
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3
 * All rights reserved.
4
 *
5
 * This package is an SSL implementation written
6
 * by Eric Young (eay@cryptsoft.com).
7
 * The implementation was written so as to conform with Netscapes SSL.
8
 *
9
 * This library is free for commercial and non-commercial use as long as
10
 * the following conditions are aheared to.  The following conditions
11
 * apply to all code found in this distribution, be it the RC4, RSA,
12
 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
13
 * included with this distribution is covered by the same copyright terms
14
 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15
 *
16
 * Copyright remains Eric Young's, and as such any Copyright notices in
17
 * the code are not to be removed.
18
 * If this package is used in a product, Eric Young should be given attribution
19
 * as the author of the parts of the library used.
20
 * This can be in the form of a textual message at program startup or
21
 * in documentation (online or textual) provided with the package.
22
 *
23
 * Redistribution and use in source and binary forms, with or without
24
 * modification, are permitted provided that the following conditions
25
 * are met:
26
 * 1. Redistributions of source code must retain the copyright
27
 *    notice, this list of conditions and the following disclaimer.
28
 * 2. Redistributions in binary form must reproduce the above copyright
29
 *    notice, this list of conditions and the following disclaimer in the
30
 *    documentation and/or other materials provided with the distribution.
31
 * 3. All advertising materials mentioning features or use of this software
32
 *    must display the following acknowledgement:
33
 *    "This product includes cryptographic software written by
34
 *     Eric Young (eay@cryptsoft.com)"
35
 *    The word 'cryptographic' can be left out if the rouines from the library
36
 *    being used are not cryptographic related :-).
37
 * 4. If you include any Windows specific code (or a derivative thereof) from
38
 *    the apps directory (application code) you must include an acknowledgement:
39
 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40
 *
41
 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51
 * SUCH DAMAGE.
52
 *
53
 * The licence and distribution terms for any publically available version or
54
 * derivative of this code cannot be changed.  i.e. this code cannot simply be
55
 * copied and put under another distribution licence
56
 * [including the GNU Public Licence.]
57
 */
58
/* ====================================================================
59
 * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
60
 *
61
 * Redistribution and use in source and binary forms, with or without
62
 * modification, are permitted provided that the following conditions
63
 * are met:
64
 *
65
 * 1. Redistributions of source code must retain the above copyright
66
 *    notice, this list of conditions and the following disclaimer.
67
 *
68
 * 2. Redistributions in binary form must reproduce the above copyright
69
 *    notice, this list of conditions and the following disclaimer in
70
 *    the documentation and/or other materials provided with the
71
 *    distribution.
72
 *
73
 * 3. All advertising materials mentioning features or use of this
74
 *    software must display the following acknowledgment:
75
 *    "This product includes software developed by the OpenSSL Project
76
 *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77
 *
78
 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79
 *    endorse or promote products derived from this software without
80
 *    prior written permission. For written permission, please contact
81
 *    openssl-core@openssl.org.
82
 *
83
 * 5. Products derived from this software may not be called "OpenSSL"
84
 *    nor may "OpenSSL" appear in their names without prior written
85
 *    permission of the OpenSSL Project.
86
 *
87
 * 6. Redistributions of any form whatsoever must retain the following
88
 *    acknowledgment:
89
 *    "This product includes software developed by the OpenSSL Project
90
 *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91
 *
92
 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93
 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95
 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
96
 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99
 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101
 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103
 * OF THE POSSIBILITY OF SUCH DAMAGE.
104
 * ====================================================================
105
 *
106
 * This product includes cryptographic software written by Eric Young
107
 * (eay@cryptsoft.com).  This product includes software written by Tim
108
 * Hudson (tjh@cryptsoft.com).
109
 *
110
 */
111
112
#include <err.h>
113
#include <signal.h>
114
#include <stdio.h>
115
#include <string.h>
116
#include <stdlib.h>
117
#include <unistd.h>
118
119
#include "apps.h"
120
121
#include <openssl/bio.h>
122
#include <openssl/conf.h>
123
#include <openssl/crypto.h>
124
#include <openssl/err.h>
125
#include <openssl/lhash.h>
126
#include <openssl/pem.h>
127
#include <openssl/ssl.h>
128
#include <openssl/x509.h>
129
130
#include "progs.h"
131
#include "s_apps.h"
132
133
#define FUNC_TYPE_GENERAL       1
134
#define FUNC_TYPE_MD            2
135
#define FUNC_TYPE_CIPHER        3
136
#define FUNC_TYPE_PKEY          4
137
#define FUNC_TYPE_MD_ALG        5
138
#define FUNC_TYPE_CIPHER_ALG    6
139
140
int single_execution = 0;
141
142
typedef struct {
143
        int type;
144
        const char *name;
145
        int (*func)(int argc, char **argv);
146
} FUNCTION;
147
148
DECLARE_LHASH_OF(FUNCTION);
149
150
FUNCTION functions[] = {
151
152
	/* General functions. */
153
	{ FUNC_TYPE_GENERAL, "asn1parse", asn1parse_main },
154
	{ FUNC_TYPE_GENERAL, "ca", ca_main },
155
	{ FUNC_TYPE_GENERAL, "certhash", certhash_main },
156
	{ FUNC_TYPE_GENERAL, "ciphers", ciphers_main },
157
	{ FUNC_TYPE_GENERAL, "crl2pkcs7", crl2pkcs7_main },
158
	{ FUNC_TYPE_GENERAL, "crl", crl_main },
159
	{ FUNC_TYPE_GENERAL, "dgst", dgst_main },
160
	{ FUNC_TYPE_GENERAL, "enc", enc_main },
161
	{ FUNC_TYPE_GENERAL, "errstr", errstr_main },
162
	{ FUNC_TYPE_GENERAL, "genpkey", genpkey_main },
163
	{ FUNC_TYPE_GENERAL, "nseq", nseq_main },
164
#ifndef OPENSSL_NO_OCSP
165
	{ FUNC_TYPE_GENERAL, "ocsp", ocsp_main },
166
#endif
167
	{ FUNC_TYPE_GENERAL, "passwd", passwd_main },
168
	{ FUNC_TYPE_GENERAL, "pkcs7", pkcs7_main },
169
	{ FUNC_TYPE_GENERAL, "pkcs8", pkcs8_main },
170
#if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_SHA1)
171
	{ FUNC_TYPE_GENERAL, "pkcs12", pkcs12_main },
172
#endif
173
	{ FUNC_TYPE_GENERAL, "pkey", pkey_main },
174
	{ FUNC_TYPE_GENERAL, "pkeyparam", pkeyparam_main },
175
	{ FUNC_TYPE_GENERAL, "pkeyutl", pkeyutl_main },
176
	{ FUNC_TYPE_GENERAL, "prime", prime_main },
177
	{ FUNC_TYPE_GENERAL, "rand", rand_main },
178
	{ FUNC_TYPE_GENERAL, "req", req_main },
179
	{ FUNC_TYPE_GENERAL, "s_client", s_client_main },
180
	{ FUNC_TYPE_GENERAL, "s_server", s_server_main },
181
	{ FUNC_TYPE_GENERAL, "s_time", s_time_main },
182
	{ FUNC_TYPE_GENERAL, "sess_id", sess_id_main },
183
	{ FUNC_TYPE_GENERAL, "smime", smime_main },
184
#ifndef OPENSSL_NO_SPEED
185
	{ FUNC_TYPE_GENERAL, "speed", speed_main },
186
#endif
187
	{ FUNC_TYPE_GENERAL, "spkac", spkac_main },
188
	{ FUNC_TYPE_GENERAL, "ts", ts_main },
189
	{ FUNC_TYPE_GENERAL, "verify", verify_main },
190
	{ FUNC_TYPE_GENERAL, "version", version_main },
191
	{ FUNC_TYPE_GENERAL, "x509", x509_main },
192
193
#ifndef OPENSSL_NO_DH
194
	{ FUNC_TYPE_GENERAL, "dh", dh_main },
195
	{ FUNC_TYPE_GENERAL, "dhparam", dhparam_main },
196
	{ FUNC_TYPE_GENERAL, "gendh", gendh_main },
197
#endif
198
#ifndef OPENSSL_NO_DSA
199
	{ FUNC_TYPE_GENERAL, "dsa", dsa_main },
200
	{ FUNC_TYPE_GENERAL, "dsaparam", dsaparam_main },
201
	{ FUNC_TYPE_GENERAL, "gendsa", gendsa_main },
202
#endif
203
#ifndef OPENSSL_NO_EC
204
	{ FUNC_TYPE_GENERAL, "ec", ec_main },
205
	{ FUNC_TYPE_GENERAL, "ecparam", ecparam_main },
206
#endif
207
#ifndef OPENSSL_NO_RSA
208
	{ FUNC_TYPE_GENERAL, "genrsa", genrsa_main },
209
	{ FUNC_TYPE_GENERAL, "rsa", rsa_main },
210
	{ FUNC_TYPE_GENERAL, "rsautl", rsautl_main },
211
#endif
212
213
	/* Message Digests. */
214
#ifndef OPENSSL_NO_GOST
215
	{ FUNC_TYPE_MD, "gost-mac", dgst_main },
216
	{ FUNC_TYPE_MD, "md_gost94", dgst_main },
217
	{ FUNC_TYPE_MD, "streebog256", dgst_main },
218
	{ FUNC_TYPE_MD, "streebog512", dgst_main },
219
#endif
220
#ifndef OPENSSL_NO_MD4
221
	{ FUNC_TYPE_MD, "md4", dgst_main },
222
#endif
223
#ifndef OPENSSL_NO_MD5
224
	{ FUNC_TYPE_MD, "md5", dgst_main },
225
#endif
226
#ifndef OPENSSL_NO_RIPEMD160
227
	{ FUNC_TYPE_MD, "ripemd160", dgst_main },
228
#endif
229
#ifndef OPENSSL_NO_SHA1
230
	{ FUNC_TYPE_MD, "sha1", dgst_main },
231
#endif
232
#ifndef OPENSSL_NO_SHA224
233
	{ FUNC_TYPE_MD, "sha224", dgst_main },
234
#endif
235
#ifndef OPENSSL_NO_SHA256
236
	{ FUNC_TYPE_MD, "sha256", dgst_main },
237
#endif
238
#ifndef OPENSSL_NO_SHA384
239
	{ FUNC_TYPE_MD, "sha384", dgst_main },
240
#endif
241
#ifndef OPENSSL_NO_SHA512
242
	{ FUNC_TYPE_MD, "sha512", dgst_main },
243
#endif
244
#ifndef OPENSSL_NO_WHIRLPOOL
245
	{ FUNC_TYPE_MD, "whirlpool", dgst_main },
246
#endif
247
248
	/* Ciphers. */
249
	{ FUNC_TYPE_CIPHER, "base64", enc_main },
250
#ifndef OPENSSL_NO_AES
251
	{ FUNC_TYPE_CIPHER, "aes-128-cbc", enc_main },
252
	{ FUNC_TYPE_CIPHER, "aes-128-ecb", enc_main },
253
	{ FUNC_TYPE_CIPHER, "aes-192-cbc", enc_main },
254
	{ FUNC_TYPE_CIPHER, "aes-192-ecb", enc_main },
255
	{ FUNC_TYPE_CIPHER, "aes-256-cbc", enc_main },
256
	{ FUNC_TYPE_CIPHER, "aes-256-ecb", enc_main },
257
#endif
258
#ifndef OPENSSL_NO_BF
259
	{ FUNC_TYPE_CIPHER, "bf", enc_main },
260
	{ FUNC_TYPE_CIPHER, "bf-cbc", enc_main },
261
	{ FUNC_TYPE_CIPHER, "bf-ecb", enc_main },
262
	{ FUNC_TYPE_CIPHER, "bf-cfb", enc_main },
263
	{ FUNC_TYPE_CIPHER, "bf-ofb", enc_main },
264
#endif
265
#ifndef OPENSSL_NO_CAMELLIA
266
	{ FUNC_TYPE_CIPHER, "camellia-128-cbc", enc_main },
267
	{ FUNC_TYPE_CIPHER, "camellia-128-ecb", enc_main },
268
	{ FUNC_TYPE_CIPHER, "camellia-192-cbc", enc_main },
269
	{ FUNC_TYPE_CIPHER, "camellia-192-ecb", enc_main },
270
	{ FUNC_TYPE_CIPHER, "camellia-256-cbc", enc_main },
271
	{ FUNC_TYPE_CIPHER, "camellia-256-ecb", enc_main },
272
#endif
273
#ifndef OPENSSL_NO_CAST
274
	{ FUNC_TYPE_CIPHER, "cast", enc_main },
275
	{ FUNC_TYPE_CIPHER, "cast5-cbc", enc_main },
276
	{ FUNC_TYPE_CIPHER, "cast5-ecb", enc_main },
277
	{ FUNC_TYPE_CIPHER, "cast5-cfb", enc_main },
278
	{ FUNC_TYPE_CIPHER, "cast5-ofb", enc_main },
279
	{ FUNC_TYPE_CIPHER, "cast-cbc", enc_main },
280
#endif
281
#ifndef OPENSSL_NO_CHACHA
282
	{ FUNC_TYPE_CIPHER, "chacha", enc_main },
283
#endif
284
#ifndef OPENSSL_NO_DES
285
	{ FUNC_TYPE_CIPHER, "des", enc_main },
286
	{ FUNC_TYPE_CIPHER, "des3", enc_main },
287
	{ FUNC_TYPE_CIPHER, "desx", enc_main },
288
	{ FUNC_TYPE_CIPHER, "des-ecb", enc_main },
289
	{ FUNC_TYPE_CIPHER, "des-ede", enc_main },
290
	{ FUNC_TYPE_CIPHER, "des-ede3", enc_main },
291
	{ FUNC_TYPE_CIPHER, "des-cbc", enc_main },
292
	{ FUNC_TYPE_CIPHER, "des-ede-cbc", enc_main },
293
	{ FUNC_TYPE_CIPHER, "des-ede3-cbc", enc_main },
294
	{ FUNC_TYPE_CIPHER, "des-cfb", enc_main },
295
	{ FUNC_TYPE_CIPHER, "des-ede-cfb", enc_main },
296
	{ FUNC_TYPE_CIPHER, "des-ede3-cfb", enc_main },
297
	{ FUNC_TYPE_CIPHER, "des-ofb", enc_main },
298
	{ FUNC_TYPE_CIPHER, "des-ede-ofb", enc_main },
299
	{ FUNC_TYPE_CIPHER, "des-ede3-ofb", enc_main },
300
#endif
301
#ifndef OPENSSL_NO_IDEA
302
	{ FUNC_TYPE_CIPHER, "idea", enc_main },
303
	{ FUNC_TYPE_CIPHER, "idea-cbc", enc_main },
304
	{ FUNC_TYPE_CIPHER, "idea-ecb", enc_main },
305
	{ FUNC_TYPE_CIPHER, "idea-cfb", enc_main },
306
	{ FUNC_TYPE_CIPHER, "idea-ofb", enc_main },
307
#endif
308
#ifndef OPENSSL_NO_RC2
309
	{ FUNC_TYPE_CIPHER, "rc2", enc_main },
310
	{ FUNC_TYPE_CIPHER, "rc2-cbc", enc_main },
311
	{ FUNC_TYPE_CIPHER, "rc2-ecb", enc_main },
312
	{ FUNC_TYPE_CIPHER, "rc2-cfb", enc_main },
313
	{ FUNC_TYPE_CIPHER, "rc2-ofb", enc_main },
314
	{ FUNC_TYPE_CIPHER, "rc2-64-cbc", enc_main },
315
	{ FUNC_TYPE_CIPHER, "rc2-40-cbc", enc_main },
316
#endif
317
#ifndef OPENSSL_NO_RC4
318
	{ FUNC_TYPE_CIPHER, "rc4", enc_main },
319
	{ FUNC_TYPE_CIPHER, "rc4-40", enc_main },
320
#endif
321
#ifdef ZLIB
322
	{ FUNC_TYPE_CIPHER, "zlib", enc_main },
323
#endif
324
325
	{ 0, NULL, NULL }
326
};
327
328
static void openssl_startup(void);
329
static void openssl_shutdown(void);
330
331
/* The LHASH callbacks ("hash" & "cmp") have been replaced by functions with the
332
 * base prototypes (we cast each variable inside the function to the required
333
 * type of "FUNCTION*"). This removes the necessity for macro-generated wrapper
334
 * functions. */
335
336
static LHASH_OF(FUNCTION) *prog_init(void);
337
static int do_cmd(LHASH_OF(FUNCTION) *prog, int argc, char *argv[]);
338
static void list_pkey(BIO * out);
339
static void list_cipher(BIO * out);
340
static void list_md(BIO * out);
341
char *default_config_file = NULL;
342
343
CONF *config = NULL;
344
BIO *bio_err = NULL;
345
346
static void
347
lock_dbg_cb(int mode, int type, const char *file, int line)
348
{
349
	static int modes[CRYPTO_NUM_LOCKS];	/* = {0, 0, ... } */
350
	const char *errstr = NULL;
351
	int rw;
352
353
288946220
	rw = mode & (CRYPTO_READ | CRYPTO_WRITE);
354
144473110
	if (!((rw == CRYPTO_READ) || (rw == CRYPTO_WRITE))) {
355
		errstr = "invalid mode";
356
		goto err;
357
	}
358
144473110
	if (type < 0 || type >= CRYPTO_NUM_LOCKS) {
359
		errstr = "type out of bounds";
360
		goto err;
361
	}
362
144473110
	if (mode & CRYPTO_LOCK) {
363
72236555
		if (modes[type]) {
364
			errstr = "already locked";
365
			/*
366
			 * must not happen in a single-threaded program
367
			 * (would deadlock)
368
			 */
369
			goto err;
370
		}
371
72236555
		modes[type] = rw;
372
144473110
	} else if (mode & CRYPTO_UNLOCK) {
373
72236555
		if (!modes[type]) {
374
			errstr = "not locked";
375
			goto err;
376
		}
377
72236555
		if (modes[type] != rw) {
378
			errstr = (rw == CRYPTO_READ) ?
379
			    "CRYPTO_r_unlock on write lock" :
380
			    "CRYPTO_w_unlock on read lock";
381
		}
382
72236555
		modes[type] = 0;
383
	} else {
384
		errstr = "invalid mode";
385
		goto err;
386
	}
387
388
err:
389
144473110
	if (errstr) {
390
		/* we cannot use bio_err here */
391
		fprintf(stderr, "openssl (lock_dbg_cb): %s (mode=%d, type=%d) at %s:%d\n",
392
		    errstr, mode, type, file, line);
393
	}
394
144473110
}
395
396
static void
397
openssl_startup(void)
398
{
399
5550
	signal(SIGPIPE, SIG_IGN);
400
401
2775
	OpenSSL_add_all_algorithms();
402
2775
	SSL_library_init();
403
2775
	SSL_load_error_strings();
404
405
2775
	setup_ui();
406
2775
}
407
408
static void
409
openssl_shutdown(void)
410
{
411
5550
	CONF_modules_unload(1);
412
2775
	destroy_ui();
413
2775
	OBJ_cleanup();
414
2775
	EVP_cleanup();
415
2775
	CRYPTO_cleanup_all_ex_data();
416
2775
	ERR_remove_thread_state(NULL);
417
2775
	ERR_free_strings();
418
2775
}
419
420
int
421
main(int argc, char **argv)
422
{
423
2775
	ARGS arg;
424
#define PROG_NAME_SIZE	39
425
2775
	char pname[PROG_NAME_SIZE + 1];
426
2775
	FUNCTION f, *fp;
427
	const char *prompt;
428
2775
	char buf[1024];
429
	char *to_free = NULL;
430
	int n, i, ret = 0;
431
	char *p;
432
	LHASH_OF(FUNCTION) * prog = NULL;
433
2775
	long errline;
434
435
2775
	arg.data = NULL;
436
2775
	arg.count = 0;
437
438
2775
	if (pledge("stdio cpath wpath rpath inet dns proc flock tty", NULL) == -1) {
439
		fprintf(stderr, "openssl: pledge: %s\n", strerror(errno));
440
		exit(1);
441
	}
442
443
2775
	bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
444
2775
	if (bio_err == NULL) {
445
		fprintf(stderr, "openssl: failed to initialise bio_err\n");
446
		exit(1);
447
	}
448
449
2775
	if (BIO_sock_init() != 1) {
450
		BIO_printf(bio_err, "BIO_sock_init failed\n");
451
		exit(1);
452
	}
453
454
2775
	CRYPTO_set_locking_callback(lock_dbg_cb);
455
456
2775
	openssl_startup();
457
458
	/* Lets load up our environment a little */
459
2775
	p = getenv("OPENSSL_CONF");
460
2775
	if (p == NULL) {
461
891
		p = to_free = make_config_name();
462
891
		if (p == NULL) {
463
			BIO_printf(bio_err, "error making config file name\n");
464
			goto end;
465
		}
466
	}
467
468
2775
	default_config_file = p;
469
470
2775
	config = NCONF_new(NULL);
471
2775
	i = NCONF_load(config, p, &errline);
472
2775
	if (i == 0) {
473
		if (ERR_GET_REASON(ERR_peek_last_error()) ==
474
		    CONF_R_NO_SUCH_FILE) {
475
			BIO_printf(bio_err,
476
			    "WARNING: can't open config file: %s\n", p);
477
			ERR_clear_error();
478
			NCONF_free(config);
479
			config = NULL;
480
		} else {
481
			ERR_print_errors(bio_err);
482
			NCONF_free(config);
483
			exit(1);
484
		}
485
	}
486
487
2775
	if (!load_config(bio_err, NULL)) {
488
		BIO_printf(bio_err, "failed to load configuration\n");
489
		goto end;
490
	}
491
492
2775
	prog = prog_init();
493
494
	/* first check the program name */
495
2775
	program_name(argv[0], pname, sizeof pname);
496
497
2775
	f.name = pname;
498
2775
	fp = lh_FUNCTION_retrieve(prog, &f);
499
2775
	if (fp != NULL) {
500
		argv[0] = pname;
501
502
		single_execution = 1;
503
		ret = fp->func(argc, argv);
504
		goto end;
505
	}
506
	/*
507
	 * ok, now check that there are not arguments, if there are, run with
508
	 * them, shifting the ssleay off the front
509
	 */
510
2775
	if (argc != 1) {
511
2771
		argc--;
512
2771
		argv++;
513
514
2771
		single_execution = 1;
515
2771
		ret = do_cmd(prog, argc, argv);
516
2771
		if (ret < 0)
517
			ret = 0;
518
2771
		goto end;
519
	}
520
	/* ok, lets enter the old 'OpenSSL>' mode */
521
522
8
	for (;;) {
523
		ret = 0;
524
8
		p = buf;
525
		n = sizeof buf;
526
		i = 0;
527
8
		for (;;) {
528
8
			p[0] = '\0';
529
8
			if (i++)
530
				prompt = ">";
531
			else
532
				prompt = "OpenSSL> ";
533
8
			fputs(prompt, stdout);
534
8
			fflush(stdout);
535
8
			if (!fgets(p, n, stdin))
536
				goto end;
537
8
			if (p[0] == '\0')
538
				goto end;
539
8
			i = strlen(p);
540
8
			if (i <= 1)
541
				break;
542
8
			if (p[i - 2] != '\\')
543
				break;
544
			i -= 2;
545
			p += i;
546
			n -= i;
547
		}
548
8
		if (!chopup_args(&arg, buf, &argc, &argv))
549
			break;
550
551
8
		ret = do_cmd(prog, argc, argv);
552
8
		if (ret < 0) {
553
			ret = 0;
554
4
			goto end;
555
		}
556
4
		if (ret != 0)
557
			BIO_printf(bio_err, "error in %s\n", argv[0]);
558
4
		(void) BIO_flush(bio_err);
559
	}
560
	BIO_printf(bio_err, "bad exit\n");
561
	ret = 1;
562
563
end:
564
2775
	free(to_free);
565
566
2775
	if (config != NULL) {
567
2775
		NCONF_free(config);
568
2775
		config = NULL;
569
2775
	}
570
2775
	if (prog != NULL)
571
2775
		lh_FUNCTION_free(prog);
572
2775
	free(arg.data);
573
574
2775
	openssl_shutdown();
575
576
2775
	if (bio_err != NULL) {
577
2775
		BIO_free(bio_err);
578
2775
		bio_err = NULL;
579
2775
	}
580
2775
	return (ret);
581
2775
}
582
583
#define LIST_STANDARD_COMMANDS "list-standard-commands"
584
#define LIST_MESSAGE_DIGEST_COMMANDS "list-message-digest-commands"
585
#define LIST_MESSAGE_DIGEST_ALGORITHMS "list-message-digest-algorithms"
586
#define LIST_CIPHER_COMMANDS "list-cipher-commands"
587
#define LIST_CIPHER_ALGORITHMS "list-cipher-algorithms"
588
#define LIST_PUBLIC_KEY_ALGORITHMS "list-public-key-algorithms"
589
590
591
static int
592
do_cmd(LHASH_OF(FUNCTION) * prog, int argc, char *argv[])
593
{
594
5558
	FUNCTION f, *fp;
595
	int i, ret = 1, tp, nl;
596
597

5558
	if ((argc <= 0) || (argv[0] == NULL)) {
598
		ret = 0;
599
		goto end;
600
	}
601
2779
	f.name = argv[0];
602
2779
	fp = lh_FUNCTION_retrieve(prog, &f);
603
2779
	if (fp == NULL) {
604
51
		if (EVP_get_digestbyname(argv[0])) {
605
			f.type = FUNC_TYPE_MD;
606
			f.func = dgst_main;
607
			fp = &f;
608
51
		} else if (EVP_get_cipherbyname(argv[0])) {
609
			f.type = FUNC_TYPE_CIPHER;
610
			f.func = enc_main;
611
			fp = &f;
612
		}
613
	}
614
2779
	if (fp != NULL) {
615
2728
		ret = fp->func(argc, argv);
616
2779
	} else if ((strncmp(argv[0], "no-", 3)) == 0) {
617
3
		BIO *bio_stdout = BIO_new_fp(stdout, BIO_NOCLOSE);
618
3
		f.name = argv[0] + 3;
619
3
		ret = (lh_FUNCTION_retrieve(prog, &f) != NULL);
620
3
		if (!ret)
621
			BIO_printf(bio_stdout, "%s\n", argv[0]);
622
		else
623
3
			BIO_printf(bio_stdout, "%s\n", argv[0] + 3);
624
3
		BIO_free_all(bio_stdout);
625
		goto end;
626

92
	} else if ((strcmp(argv[0], "quit") == 0) ||
627
44
	    (strcmp(argv[0], "q") == 0) ||
628
44
	    (strcmp(argv[0], "exit") == 0) ||
629
44
	    (strcmp(argv[0], "bye") == 0)) {
630
		ret = -1;
631
4
		goto end;
632

56
	} else if ((strcmp(argv[0], LIST_STANDARD_COMMANDS) == 0) ||
633
36
	    (strcmp(argv[0], LIST_MESSAGE_DIGEST_COMMANDS) == 0) ||
634
28
	    (strcmp(argv[0], LIST_MESSAGE_DIGEST_ALGORITHMS) == 0) ||
635
24
	    (strcmp(argv[0], LIST_CIPHER_COMMANDS) == 0) ||
636
16
	    (strcmp(argv[0], LIST_CIPHER_ALGORITHMS) == 0) ||
637
12
	    (strcmp(argv[0], LIST_PUBLIC_KEY_ALGORITHMS) == 0)) {
638
		int list_type;
639
		BIO *bio_stdout;
640
641
36
		if (strcmp(argv[0], LIST_STANDARD_COMMANDS) == 0)
642
8
			list_type = FUNC_TYPE_GENERAL;
643
28
		else if (strcmp(argv[0], LIST_MESSAGE_DIGEST_COMMANDS) == 0)
644
8
			list_type = FUNC_TYPE_MD;
645
20
		else if (strcmp(argv[0], LIST_MESSAGE_DIGEST_ALGORITHMS) == 0)
646
4
			list_type = FUNC_TYPE_MD_ALG;
647
16
		else if (strcmp(argv[0], LIST_PUBLIC_KEY_ALGORITHMS) == 0)
648
4
			list_type = FUNC_TYPE_PKEY;
649
12
		else if (strcmp(argv[0], LIST_CIPHER_ALGORITHMS) == 0)
650
4
			list_type = FUNC_TYPE_CIPHER_ALG;
651
		else		/* strcmp(argv[0],LIST_CIPHER_COMMANDS) == 0 */
652
			list_type = FUNC_TYPE_CIPHER;
653
36
		bio_stdout = BIO_new_fp(stdout, BIO_NOCLOSE);
654
655
36
		if (list_type == FUNC_TYPE_PKEY)
656
4
			list_pkey(bio_stdout);
657
36
		if (list_type == FUNC_TYPE_MD_ALG)
658
4
			list_md(bio_stdout);
659
36
		if (list_type == FUNC_TYPE_CIPHER_ALG)
660
4
			list_cipher(bio_stdout);
661
		else {
662
7168
			for (fp = functions; fp->name != NULL; fp++)
663
3552
				if (fp->type == list_type)
664
888
					BIO_printf(bio_stdout, "%s\n",
665
					    fp->name);
666
		}
667
36
		BIO_free_all(bio_stdout);
668
		ret = 0;
669
		goto end;
670
	} else {
671
16
		BIO_printf(bio_err,
672
		    "openssl:Error: '%s' is an invalid command.\n",
673
8
		    argv[0]);
674
8
		BIO_printf(bio_err, "\nStandard commands");
675
		i = 0;
676
		tp = 0;
677
1792
		for (fp = functions; fp->name != NULL; fp++) {
678
			nl = 0;
679
#ifdef OPENSSL_NO_CAMELLIA
680
			if (((i++) % 5) == 0)
681
#else
682
888
			if (((i++) % 4) == 0)
683
#endif
684
			{
685
224
				BIO_printf(bio_err, "\n");
686
				nl = 1;
687
224
			}
688
888
			if (fp->type != tp) {
689
				tp = fp->type;
690
24
				if (!nl)
691
8
					BIO_printf(bio_err, "\n");
692
24
				if (tp == FUNC_TYPE_MD) {
693
					i = 1;
694
8
					BIO_printf(bio_err,
695
					    "\nMessage Digest commands (see the `dgst' command for more details)\n");
696
24
				} else if (tp == FUNC_TYPE_CIPHER) {
697
					i = 1;
698
8
					BIO_printf(bio_err, "\nCipher commands (see the `enc' command for more details)\n");
699
8
				}
700
			}
701
#ifdef OPENSSL_NO_CAMELLIA
702
			BIO_printf(bio_err, "%-15s", fp->name);
703
#else
704
888
			BIO_printf(bio_err, "%-18s", fp->name);
705
#endif
706
		}
707
8
		BIO_printf(bio_err, "\n\n");
708
		ret = 0;
709
	}
710
end:
711
2779
	return (ret);
712
2779
}
713
714
static int
715
SortFnByName(const void *_f1, const void *_f2)
716
{
717
3707400
	const FUNCTION *f1 = _f1;
718
1853700
	const FUNCTION *f2 = _f2;
719
720
1853700
	if (f1->type != f2->type)
721
427350
		return f1->type - f2->type;
722
1426350
	return strcmp(f1->name, f2->name);
723
1853700
}
724
725
static void
726
list_pkey(BIO * out)
727
{
728
	int i;
729
730
132
	for (i = 0; i < EVP_PKEY_asn1_get_count(); i++) {
731
		const EVP_PKEY_ASN1_METHOD *ameth;
732
60
		int pkey_id, pkey_base_id, pkey_flags;
733
60
		const char *pinfo, *pem_str;
734
60
		ameth = EVP_PKEY_asn1_get0(i);
735
60
		EVP_PKEY_asn1_get0_info(&pkey_id, &pkey_base_id, &pkey_flags,
736
		    &pinfo, &pem_str, ameth);
737
60
		if (pkey_flags & ASN1_PKEY_ALIAS) {
738
28
			BIO_printf(out, "Name: %s\n",
739
28
			    OBJ_nid2ln(pkey_id));
740
28
			BIO_printf(out, "\tType: Alias to %s\n",
741
28
			    OBJ_nid2ln(pkey_base_id));
742
28
		} else {
743
32
			BIO_printf(out, "Name: %s\n", pinfo);
744
32
			BIO_printf(out, "\tType: %s Algorithm\n",
745
32
			    pkey_flags & ASN1_PKEY_DYNAMIC ?
746
			    "External" : "Builtin");
747
32
			BIO_printf(out, "\tOID: %s\n", OBJ_nid2ln(pkey_id));
748
32
			if (pem_str == NULL)
749
				pem_str = "(none)";
750
32
			BIO_printf(out, "\tPEM string: %s\n", pem_str);
751
		}
752
753
60
	}
754
4
}
755
756
static void
757
list_cipher_fn(const EVP_CIPHER * c, const char *from, const char *to,
758
    void *arg)
759
{
760
1624
	if (c)
761
696
		BIO_printf(arg, "%s\n", EVP_CIPHER_name(c));
762
	else {
763
116
		if (!from)
764
			from = "<undefined>";
765
116
		if (!to)
766
			to = "<undefined>";
767
116
		BIO_printf(arg, "%s => %s\n", from, to);
768
	}
769
812
}
770
771
static void
772
list_cipher(BIO * out)
773
{
774
8
	EVP_CIPHER_do_all_sorted(list_cipher_fn, out);
775
4
}
776
777
static void
778
list_md_fn(const EVP_MD * m, const char *from, const char *to, void *arg)
779
{
780
472
	if (m)
781
128
		BIO_printf(arg, "%s\n", EVP_MD_name(m));
782
	else {
783
108
		if (!from)
784
			from = "<undefined>";
785
108
		if (!to)
786
			to = "<undefined>";
787
108
		BIO_printf(arg, "%s => %s\n", from, to);
788
	}
789
236
}
790
791
static void
792
list_md(BIO * out)
793
{
794
8
	EVP_MD_do_all_sorted(list_md_fn, out);
795
4
}
796
797
static int
798
function_cmp(const FUNCTION * a, const FUNCTION * b)
799
{
800
5462
	return strncmp(a->name, b->name, 8);
801
}
802
803
5462
static IMPLEMENT_LHASH_COMP_FN(function, FUNCTION)
804
805
static unsigned long
806
function_hash(const FUNCTION * a)
807
{
808
627164
	return lh_strhash(a->name);
809
}
810
811
627164
static IMPLEMENT_LHASH_HASH_FN(function, FUNCTION)
812
813
static LHASH_OF(FUNCTION) *
814
prog_init(void)
815
{
816
	LHASH_OF(FUNCTION) * ret;
817
	FUNCTION *f;
818
	size_t i;
819
820
	/* Purely so it looks nice when the user hits ? */
821
624375
	for (i = 0, f = functions; f->name != NULL; ++f, ++i)
822
		;
823
2775
	qsort(functions, i, sizeof *functions, SortFnByName);
824
825
2775
	if ((ret = lh_FUNCTION_new()) == NULL)
826
		return (NULL);
827
828
621600
	for (f = functions; f->name != NULL; f++)
829
308025
		(void) lh_FUNCTION_insert(ret, f);
830
2775
	return (ret);
831
2775
}