APPS: Allow OPENSSL_CONF to be empty, not loading a config file

Also document the function CONF_get1_default_config_file() Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/13658)
author: Dr. David von Oheimb <David.von.Oheimb@siemens.com> 2020-12-10 21:02:47 +0100
committer: Dr. David von Oheimb <dev@ddvo.net> 2021-01-13 11:53:15 +0100
commit: 157959438308e586593592cc751195fbf3930a7d (patch)
tree: 16894ebf050450cd8245293e51f933981aeaea81 /crypto/conf
parent: ec2bfb7d23b4790a5fbe3b5d73a3418966d7e8ad (diff)
3 files changed, 11 insertions, 9 deletions
diff --git a/crypto/conf/conf_api.c b/crypto/conf/conf_api.c
index d64cc5031a..5133114fc8 100644
--- a/crypto/conf/conf_api.c
+++ b/crypto/conf/conf_api.c
@@ -27,7 +27,7 @@ CONF_VALUE *_CONF_get_section(const CONF *conf, const char *section)
         return NULL;
     vv.name = NULL;
     vv.section = (char *)section;
-    return lh_CONF_VALUE_retrieve(conf->data, &vv);
+    return conf->data != NULL ? lh_CONF_VALUE_retrieve(conf->data, &vv) : NULL;
 }
 
 STACK_OF(CONF_VALUE) *_CONF_get_section_values(const CONF *conf,
@@ -72,6 +72,8 @@ char *_CONF_get_string(const CONF *conf, const char *section,
         return NULL;
     if (conf == NULL)
         return ossl_safe_getenv(name);
+    if (conf->data == NULL)
+        return NULL;
     if (section != NULL) {
         vv.name = (char *)name;
         vv.section = (char *)section;
diff --git a/crypto/conf/conf_def.c b/crypto/conf/conf_def.c
index 3f63a5f88d..a7f5677a26 100644
--- a/crypto/conf/conf_def.c
+++ b/crypto/conf/conf_def.c
@@ -239,11 +239,12 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
         p = &(buff->data[bufnum]);
         *p = '\0';
  read_retry:
-        BIO_gets(in, p, CONFBUFSIZE - 1);
+        if (in != NULL && BIO_gets(in, p, CONFBUFSIZE - 1) < 0)
+            goto err;
         p[CONFBUFSIZE - 1] = '\0';
         ii = i = strlen(p);
         if (i == 0 && !again) {
-            /* the currently processed BIO is at EOF */
+            /* the currently processed BIO is NULL or at EOF */
             BIO *parent;
 
 #ifndef OPENSSL_NO_POSIX_IO
diff --git a/crypto/conf/conf_mod.c b/crypto/conf/conf_mod.c
index cb1bf7cd3c..8de3222c34 100644
--- a/crypto/conf/conf_mod.c
+++ b/crypto/conf/conf_mod.c
@@ -156,11 +156,6 @@ int CONF_modules_load_file_ex(OSSL_LIB_CTX *libctx, const char *filename,
     CONF *conf = NULL;
     int ret = 0, diagnostics = 0;
 
-    ERR_set_mark();
-    conf = NCONF_new_ex(libctx, NULL);
-    if (conf == NULL)
-        goto err;
-
     if (filename == NULL) {
         file = CONF_get1_default_config_file();
         if (file == NULL)
@@ -169,6 +164,11 @@ int CONF_modules_load_file_ex(OSSL_LIB_CTX *libctx, const char *filename,
         file = (char *)filename;
     }
 
+    ERR_set_mark();
+    conf = NCONF_new_ex(libctx, NULL);
+    if (conf == NULL)
+        goto err;
+
     if (NCONF_load(conf, file, NULL) <= 0) {
         if ((flags & CONF_MFLAGS_IGNORE_MISSING_FILE) &&
             (ERR_GET_REASON(ERR_peek_last_error()) == CONF_R_NO_SUCH_FILE)) {
@@ -539,7 +539,6 @@ void CONF_module_set_usr_data(CONF_MODULE *pmod, void *usr_data)
 }
 
 /* Return default config file name */
-
 char *CONF_get1_default_config_file(void)
 {
     const char *t;
author	Dr. David von Oheimb <David.von.Oheimb@siemens.com>	2020-12-10 21:02:47 +0100
committer	Dr. David von Oheimb <dev@ddvo.net>	2021-01-13 11:53:15 +0100
commit	157959438308e586593592cc751195fbf3930a7d (patch)
tree	16894ebf050450cd8245293e51f933981aeaea81 /crypto/conf
parent	ec2bfb7d23b4790a5fbe3b5d73a3418966d7e8ad (diff)