default_algorithms option in ENGINE config.

7 files changed, 106 insertions, 2 deletions

diff --git a/CHANGES b/CHANGES
index a56411c12b..3f5092a59d 100644
--- a/CHANGES
+++ b/CHANGES
@@ -12,6 +12,12 @@
          *) applies to 0.9.6a/0.9.6b/0.9.6c and 0.9.7
          +) applies to 0.9.7 only
 
+  +) default_algorithms option in ENGINE config module. This allows things
+     like:
+     default_algorithms = ALL
+     default_algorithms = RSA, DSA, RAND, CIPHERS, DIGESTS
+     [Steve Henson]
+
   +) Prelminary ENGINE config module.
      [Steve Henson]
 
diff --git a/crypto/conf/conf.h b/crypto/conf/conf.h
index 26452d4c81..882d75c74e 100644
--- a/crypto/conf/conf.h
+++ b/crypto/conf/conf.h
@@ -190,6 +190,9 @@ void CONF_module_set_usr_data(CONF_MODULE *pmod, void *usr_data);
 
 char *CONF_get1_default_config_file(void);
 
+int CONF_parse_list(char *list, int sep, int nospc,
+		int (*list_cb)(char *elem, int len, void *usr), void *arg);
+
 /* BEGIN ERROR CODES */
 /* The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
diff --git a/crypto/conf/conf_mod.c b/crypto/conf/conf_mod.c
index 234eb7a06e..100d72ed03 100644
--- a/crypto/conf/conf_mod.c
+++ b/crypto/conf/conf_mod.c
@@ -57,6 +57,7 @@
  */
 
 #include <stdio.h>
+#include <ctype.h>
 #include <openssl/crypto.h>
 #include "cryptlib.h"
 #include <openssl/conf.h>
@@ -549,3 +550,48 @@ char *CONF_get1_default_config_file(void)
 
 	return file;
 	}
+
+/* This function takes a list separated by 'sep' and calls the
+ * callback function giving the start and length of each member
+ * optionally stripping leading and trailing whitespace. This can
+ * be used to parse comma separated lists for example.
+ */
+
+int CONF_parse_list(char *list, int sep, int nospc,
+		int (*list_cb)(char *elem, int len, void *usr), void *arg)
+	{
+	int ret;
+	char *lstart, *tmpend, *p;
+	lstart = list;
+
+	for(;;)
+		{
+		if (nospc)
+			{
+			while(*lstart && isspace((unsigned char)*lstart))
+				lstart++;
+			}
+		p = strchr(lstart, sep);
+		if (p == lstart || !*lstart)
+			ret = list_cb(NULL, 0, arg);
+		else
+			{
+			if (p)
+				tmpend = p - 1;
+			else 
+				tmpend = lstart + strlen(lstart) - 1;
+			if (nospc)
+				{
+				while(isspace((unsigned char)*tmpend))
+					tmpend--;
+				}
+			ret = list_cb(lstart, tmpend - lstart + 1, arg);
+			}
+		if (ret <= 0)
+			return ret;
+		if (p == NULL)
+			return 1;
+		lstart = p + 1;
+		}
+	}
+
diff --git a/crypto/engine/eng_cnf.c b/crypto/engine/eng_cnf.c
index 8e3f894f66..3f5aa73943 100644
--- a/crypto/engine/eng_cnf.c
+++ b/crypto/engine/eng_cnf.c
@@ -138,7 +138,12 @@ int int_engine_configure(char *name, char *value, const CONF *cnf)
 		 	 */
 			if (!strcmp(ctrlvalue, "EMPTY"))
 				ctrlvalue = NULL;
-			if (!ENGINE_ctrl_cmd_string(e,
+			if (!strcmp(ctrlname, "default_algorithms"))
+				{
+				if (!ENGINE_set_default_string(e, ctrlvalue))
+					goto err;
+				}
+			else if (!ENGINE_ctrl_cmd_string(e,
 					ctrlname, ctrlvalue, 0))
 				return 0;
 			}
@@ -151,7 +156,7 @@ int int_engine_configure(char *name, char *value, const CONF *cnf)
 		ENGINE_free(e);
 	return ret;
 	}
-	
+
 
 static int int_engine_module_init(CONF_IMODULE *md, const CONF *cnf)
 	{
diff --git a/crypto/engine/eng_err.c b/crypto/engine/eng_err.c
index f3c0c35863..8771a8d261 100644
--- a/crypto/engine/eng_err.c
+++ b/crypto/engine/eng_err.c
@@ -90,6 +90,7 @@ static ERR_STRING_DATA ENGINE_str_functs[]=
 {ERR_PACK(0,ENGINE_F_ENGINE_MODULE_INIT,0),	"ENGINE_MODULE_INIT"},
 {ERR_PACK(0,ENGINE_F_ENGINE_NEW,0),	"ENGINE_new"},
 {ERR_PACK(0,ENGINE_F_ENGINE_REMOVE,0),	"ENGINE_remove"},
+{ERR_PACK(0,ENGINE_F_ENGINE_SET_DEFAULT_STRING,0),	"ENGINE_set_default_string"},
 {ERR_PACK(0,ENGINE_F_ENGINE_SET_DEFAULT_TYPE,0),	"ENGINE_SET_DEFAULT_TYPE"},
 {ERR_PACK(0,ENGINE_F_ENGINE_SET_ID,0),	"ENGINE_set_id"},
 {ERR_PACK(0,ENGINE_F_ENGINE_SET_NAME,0),	"ENGINE_set_name"},
@@ -133,6 +134,7 @@ static ERR_STRING_DATA ENGINE_str_reasons[]=
 {ENGINE_R_INVALID_ARGUMENT               ,"invalid argument"},
 {ENGINE_R_INVALID_CMD_NAME               ,"invalid cmd name"},
 {ENGINE_R_INVALID_CMD_NUMBER             ,"invalid cmd number"},
+{ENGINE_R_INVALID_STRING                 ,"invalid string"},
 {ENGINE_R_MISSING_KEY_COMPONENTS         ,"missing key components"},
 {ENGINE_R_NOT_INITIALISED                ,"not initialised"},
 {ENGINE_R_NOT_LOADED                     ,"not loaded"},
diff --git a/crypto/engine/eng_fat.c b/crypto/engine/eng_fat.c
index 3fb379f37c..e101530ab1 100644
--- a/crypto/engine/eng_fat.c
+++ b/crypto/engine/eng_fat.c
@@ -57,6 +57,7 @@
 #include "cryptlib.h"
 #include "eng_int.h"
 #include <openssl/engine.h>
+#include <openssl/conf.h>
 
 int ENGINE_set_default(ENGINE *e, unsigned int flags)
 	{
@@ -81,6 +82,44 @@ int ENGINE_set_default(ENGINE *e, unsigned int flags)
 	return 1;
 	}
 
+/* Set default algorithms using a string */
+
+int int_def_cb(char *alg, int len, void *arg)
+	{
+	unsigned int *pflags = arg;
+	if (!strncmp(alg, "ALL", len))
+		*pflags |= ENGINE_METHOD_ALL;
+	else if (!strncmp(alg, "RSA", len))
+		*pflags |= ENGINE_METHOD_RSA;
+	else if (!strncmp(alg, "DSA", len))
+		*pflags |= ENGINE_METHOD_DSA;
+	else if (!strncmp(alg, "DH", len))
+		*pflags |= ENGINE_METHOD_DH;
+	else if (!strncmp(alg, "RAND", len))
+		*pflags |= ENGINE_METHOD_RAND;
+	else if (!strncmp(alg, "CIPHERS", len))
+		*pflags |= ENGINE_METHOD_CIPHERS;
+	else if (!strncmp(alg, "DIGESTS", len))
+		*pflags |= ENGINE_METHOD_DIGESTS;
+	else
+		return 0;
+	return 1;
+	}
+
+
+int ENGINE_set_default_string(ENGINE *e, char *list)
+	{
+	unsigned int flags = 0;
+	if (!CONF_parse_list(list, ',', 1, int_def_cb, &flags))
+		{
+		ENGINEerr(ENGINE_F_ENGINE_SET_DEFAULT_STRING,
+					ENGINE_R_INVALID_STRING);
+		ERR_add_error_data(2, "str=",list);
+		return 0;
+		}
+	return ENGINE_set_default(e, flags);
+	}
+
 int ENGINE_register_complete(ENGINE *e)
 	{
 	ENGINE_register_ciphers(e);
diff --git a/crypto/engine/engine.h b/crypto/engine/engine.h
index 291841abcc..1dcb53bb1b 100644
--- a/crypto/engine/engine.h
+++ b/crypto/engine/engine.h
@@ -503,6 +503,7 @@ ENGINE *ENGINE_get_digest_engine(int nid);
  * structure will have had its reference count up'd so the caller
  * should still free their own reference 'e'. */
 int ENGINE_set_default_RSA(ENGINE *e);
+int ENGINE_set_default_string(ENGINE *e, char *list);
 /* Same for the other "methods" */
 int ENGINE_set_default_DSA(ENGINE *e);
 int ENGINE_set_default_DH(ENGINE *e);
@@ -651,6 +652,7 @@ void ERR_load_ENGINE_strings(void);
 #define ENGINE_F_ENGINE_MODULE_INIT			 187
 #define ENGINE_F_ENGINE_NEW				 122
 #define ENGINE_F_ENGINE_REMOVE				 123
+#define ENGINE_F_ENGINE_SET_DEFAULT_STRING		 189
 #define ENGINE_F_ENGINE_SET_DEFAULT_TYPE		 126
 #define ENGINE_F_ENGINE_SET_ID				 129
 #define ENGINE_F_ENGINE_SET_NAME			 130
@@ -691,6 +693,7 @@ void ERR_load_ENGINE_strings(void);
 #define ENGINE_R_INVALID_ARGUMENT			 143
 #define ENGINE_R_INVALID_CMD_NAME			 137
 #define ENGINE_R_INVALID_CMD_NUMBER			 138
+#define ENGINE_R_INVALID_STRING				 150
 #define ENGINE_R_MISSING_KEY_COMPONENTS			 111
 #define ENGINE_R_NOT_INITIALISED			 117
 #define ENGINE_R_NOT_LOADED				 112