diff options
author | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2020-12-10 21:02:47 +0100 |
---|---|---|
committer | Dr. David von Oheimb <dev@ddvo.net> | 2021-01-13 11:53:15 +0100 |
commit | 157959438308e586593592cc751195fbf3930a7d (patch) | |
tree | 16894ebf050450cd8245293e51f933981aeaea81 /crypto/conf | |
parent | ec2bfb7d23b4790a5fbe3b5d73a3418966d7e8ad (diff) |
APPS: Allow OPENSSL_CONF to be empty, not loading a config file
Also document the function CONF_get1_default_config_file()
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13658)
Diffstat (limited to 'crypto/conf')
-rw-r--r-- | crypto/conf/conf_api.c | 4 | ||||
-rw-r--r-- | crypto/conf/conf_def.c | 5 | ||||
-rw-r--r-- | crypto/conf/conf_mod.c | 11 |
3 files changed, 11 insertions, 9 deletions
diff --git a/crypto/conf/conf_api.c b/crypto/conf/conf_api.c index d64cc5031a..5133114fc8 100644 --- a/crypto/conf/conf_api.c +++ b/crypto/conf/conf_api.c @@ -27,7 +27,7 @@ CONF_VALUE *_CONF_get_section(const CONF *conf, const char *section) return NULL; vv.name = NULL; vv.section = (char *)section; - return lh_CONF_VALUE_retrieve(conf->data, &vv); + return conf->data != NULL ? lh_CONF_VALUE_retrieve(conf->data, &vv) : NULL; } STACK_OF(CONF_VALUE) *_CONF_get_section_values(const CONF *conf, @@ -72,6 +72,8 @@ char *_CONF_get_string(const CONF *conf, const char *section, return NULL; if (conf == NULL) return ossl_safe_getenv(name); + if (conf->data == NULL) + return NULL; if (section != NULL) { vv.name = (char *)name; vv.section = (char *)section; diff --git a/crypto/conf/conf_def.c b/crypto/conf/conf_def.c index 3f63a5f88d..a7f5677a26 100644 --- a/crypto/conf/conf_def.c +++ b/crypto/conf/conf_def.c @@ -239,11 +239,12 @@ static int def_load_bio(CONF *conf, BIO *in, long *line) p = &(buff->data[bufnum]); *p = '\0'; read_retry: - BIO_gets(in, p, CONFBUFSIZE - 1); + if (in != NULL && BIO_gets(in, p, CONFBUFSIZE - 1) < 0) + goto err; p[CONFBUFSIZE - 1] = '\0'; ii = i = strlen(p); if (i == 0 && !again) { - /* the currently processed BIO is at EOF */ + /* the currently processed BIO is NULL or at EOF */ BIO *parent; #ifndef OPENSSL_NO_POSIX_IO diff --git a/crypto/conf/conf_mod.c b/crypto/conf/conf_mod.c index cb1bf7cd3c..8de3222c34 100644 --- a/crypto/conf/conf_mod.c +++ b/crypto/conf/conf_mod.c @@ -156,11 +156,6 @@ int CONF_modules_load_file_ex(OSSL_LIB_CTX *libctx, const char *filename, CONF *conf = NULL; int ret = 0, diagnostics = 0; - ERR_set_mark(); - conf = NCONF_new_ex(libctx, NULL); - if (conf == NULL) - goto err; - if (filename == NULL) { file = CONF_get1_default_config_file(); if (file == NULL) @@ -169,6 +164,11 @@ int CONF_modules_load_file_ex(OSSL_LIB_CTX *libctx, const char *filename, file = (char *)filename; } + ERR_set_mark(); + conf = NCONF_new_ex(libctx, NULL); + if (conf == NULL) + goto err; + if (NCONF_load(conf, file, NULL) <= 0) { if ((flags & CONF_MFLAGS_IGNORE_MISSING_FILE) && (ERR_GET_REASON(ERR_peek_last_error()) == CONF_R_NO_SUCH_FILE)) { @@ -539,7 +539,6 @@ void CONF_module_set_usr_data(CONF_MODULE *pmod, void *usr_data) } /* Return default config file name */ - char *CONF_get1_default_config_file(void) { const char *t; |