blob: 058a9624197a7c1d031a47a7c17869a9e2a39a8b [file] [log] [blame] [edit]
diff --git a/crypto/build.info b/crypto/build.info
index b515b7318e..f090ff458d 100644
--- a/crypto/build.info
+++ b/crypto/build.info
@@ -1,7 +1,7 @@
LIBS=../libcrypto
SOURCE[../libcrypto]=\
cryptlib.c mem.c mem_dbg.c cversion.c ex_data.c cpt_err.c \
- ebcdic.c uid.c o_time.c o_str.c o_dir.c o_fopen.c ctype.c \
+ ebcdic.c uid.c o_time.c o_str.c o_dir.c o_fopen.c pathtools.c ctype.c \
threads_pthread.c threads_win.c threads_none.c getenv.c \
o_init.c o_fips.c mem_sec.c init.c {- $target{cpuid_asm_src} -} \
{- $target{uplink_aux_src} -}
diff --git a/crypto/engine/eng_list.c b/crypto/engine/eng_list.c
index 4bc7ea173c..5f881fb2cb 100644
--- a/crypto/engine/eng_list.c
+++ b/crypto/engine/eng_list.c
@@ -9,6 +9,7 @@
*/
#include "eng_local.h"
+#include "pathtools.h"
/*
* The linked-list of pointers to engine types. engine_list_head incorporates
@@ -30,6 +31,20 @@ static ENGINE *engine_list_tail = NULL;
* cleanup.
*/
+char * enginedir_relocation(const char *path)
+{
+ char exe_path[PATH_MAX];
+ get_executable_path (NULL, &exe_path[0], sizeof(exe_path)/sizeof(exe_path[0]));
+ if (strrchr (exe_path, '/') != NULL)
+ {
+ strrchr (exe_path, '/')[1] = '\0';
+ }
+ char * rel_to_datadir = get_relative_path (OPENSSLBIN, path);
+ strcat (exe_path, rel_to_datadir);
+ simplify_path (&exe_path[0]);
+ return malloc_copy_string(exe_path);
+}
+
static void engine_list_cleanup(void)
{
ENGINE *iterator = engine_list_head;
@@ -318,8 +333,10 @@ ENGINE *ENGINE_by_id(const char *id)
* Prevent infinite recursion if we're looking for the dynamic engine.
*/
if (strcmp(id, "dynamic")) {
- if ((load_dir = ossl_safe_getenv("OPENSSL_ENGINES")) == NULL)
- load_dir = ENGINESDIR;
+ if ((load_dir = ossl_safe_getenv("OPENSSL_ENGINES")) == NULL) {
+ const char * reloc_engines = enginedir_relocation(ENGINESDIR);
+ load_dir = reloc_engines;
+ }
iterator = ENGINE_by_id("dynamic");
if (!iterator || !ENGINE_ctrl_cmd_string(iterator, "ID", id, 0) ||
!ENGINE_ctrl_cmd_string(iterator, "DIR_LOAD", "2", 0) ||
diff --git a/crypto/pathtools.c b/crypto/pathtools.c
new file mode 100644
index 0000000000..81ffa7e8a6
--- /dev/null
+++ b/crypto/pathtools.c
@@ -0,0 +1,499 @@
+/*
+ .Some useful path tools.
+ .ASCII only for now.
+ .Written by Ray Donnelly in 2014.
+ .Licensed under CC0 (and anything.
+ .else you need to license it under).
+ .No warranties whatsoever.
+ .email: <mingw.android@gmail.com>.
+ */
+
+#if defined(__APPLE__)
+#include <stdlib.h>
+#else
+#include <malloc.h>
+#endif
+#include <limits.h>
+#include <stdio.h>
+#include <string.h>
+#if defined(__linux__) || defined(__CYGWIN__) || defined(__MSYS__)
+#include <alloca.h>
+#endif
+#include <unistd.h>
+
+/* If you don't define this, then get_executable_path()
+ can only use argv[0] which will often not work well */
+#define IMPLEMENT_SYS_GET_EXECUTABLE_PATH
+
+#if defined(IMPLEMENT_SYS_GET_EXECUTABLE_PATH)
+#if defined(__linux__) || defined(__CYGWIN__) || defined(__MSYS__)
+/* Nothing needed, unistd.h is enough. */
+#elif defined(__APPLE__)
+#include <mach-o/dyld.h>
+#elif defined(_WIN32)
+#define WIN32_MEAN_AND_LEAN
+#include <windows.h>
+#include <psapi.h>
+#endif
+#endif /* defined(IMPLEMENT_SYS_GET_EXECUTABLE_PATH) */
+
+#include "pathtools.h"
+
+char *
+malloc_copy_string(char const * original)
+{
+ char * result = (char *) malloc (sizeof (char*) * strlen (original)+1);
+ if (result != NULL)
+ {
+ strcpy (result, original);
+ }
+ return result;
+}
+
+void
+sanitise_path(char * path)
+{
+ size_t path_size = strlen (path);
+
+ /* Replace any '\' with '/' */
+ char * path_p = path;
+ while ((path_p = strchr (path_p, '\\')) != NULL)
+ {
+ *path_p = '/';
+ }
+ /* Replace any '//' with '/' */
+ path_p = path;
+ while ((path_p = strstr (path_p, "//")) != NULL)
+ {
+ memmove (path_p, path_p + 1, path_size--);
+ }
+ return;
+}
+
+char *
+get_relative_path(char const * from_in, char const * to_in)
+{
+ size_t from_size = (from_in == NULL) ? 0 : strlen (from_in);
+ size_t to_size = (to_in == NULL) ? 0 : strlen (to_in);
+ size_t max_size = (from_size + to_size) * 2 + 4;
+ char * scratch_space = (char *) alloca (from_size + 1 + to_size + 1 + max_size + max_size);
+ char * from;
+ char * to;
+ char * common_part;
+ char * result;
+ size_t count;
+
+ /* No to, return "./" */
+ if (to_in == NULL)
+ {
+ return malloc_copy_string ("./");
+ }
+
+ /* If alloca failed or no from was given return a copy of to */
+ if ( from_in == NULL
+ || scratch_space == NULL )
+ {
+ return malloc_copy_string (to_in);
+ }
+
+ from = scratch_space;
+ strcpy (from, from_in);
+ to = from + from_size + 1;
+ strcpy (to, to_in);
+ common_part = to + to_size + 1;
+ result = common_part + max_size;
+ simplify_path (from);
+ simplify_path (to);
+
+ result[0] = '\0';
+
+ size_t match_size_dirsep = 0; /* The match size up to the last /. Always wind back to this - 1 */
+ size_t match_size = 0; /* The running (and final) match size. */
+ size_t largest_size = (from_size > to_size) ? from_size : to_size;
+ int to_final_is_slash = (to[to_size-1] == '/') ? 1 : 0;
+ char from_c;
+ char to_c;
+ for (match_size = 0; match_size < largest_size; ++match_size)
+ {
+ /* To simplify the logic, always pretend the strings end with '/' */
+ from_c = (match_size < from_size) ? from[match_size] : '/';
+ to_c = (match_size < to_size) ? to[match_size] : '/';
+
+ if (from_c != to_c)
+ {
+ if (from_c != '\0' || to_c != '\0')
+ {
+ match_size = match_size_dirsep;
+ }
+ break;
+ }
+ else if (from_c == '/')
+ {
+ match_size_dirsep = match_size;
+ }
+ }
+ strncpy (common_part, from, match_size);
+ common_part[match_size] = '\0';
+ from += match_size;
+ to += match_size;
+ size_t ndotdots = 0;
+ char const* from_last = from + strlen(from) - 1;
+ while ((from = strchr (from, '/')) && from != from_last)
+ {
+ ++ndotdots;
+ ++from;
+ }
+ for (count = 0; count < ndotdots; ++count)
+ {
+ strcat(result, "../");
+ }
+ if (strlen(to) > 0)
+ {
+ strcat(result, to+1);
+ }
+ /* Make sure that if to ends with '/' result does the same, and
+ vice-versa. */
+ size_t size_result = strlen(result);
+ if ((to_final_is_slash == 1)
+ && (!size_result || result[size_result-1] != '/'))
+ {
+ strcat (result, "/");
+ }
+ else if (!to_final_is_slash
+ && size_result && result[size_result-1] == '/')
+ {
+ result[size_result-1] = '\0';
+ }
+
+ return malloc_copy_string (result);
+}
+
+void
+simplify_path(char * path)
+{
+ ssize_t n_toks = 1; /* in-case we need an empty initial token. */
+ ssize_t i, j;
+ size_t tok_size;
+ size_t in_size = strlen (path);
+ int it_ended_with_a_slash = (path[in_size - 1] == '/') ? 1 : 0;
+ char * result = path;
+ sanitise_path(result);
+ char * result_p = result;
+
+ do
+ {
+ ++n_toks;
+ ++result_p;
+ } while ((result_p = strchr (result_p, '/')) != NULL);
+
+ result_p = result;
+ char const ** toks = (char const **) alloca (sizeof (char const*) * n_toks);
+ n_toks = 0;
+ do
+ {
+ if (result_p > result)
+ {
+ *result_p++ = '\0';
+ }
+ else if (*result_p == '/')
+ {
+ /* A leading / creates an empty initial token. */
+ toks[n_toks++] = result_p;
+ *result_p++ = '\0';
+ }
+ toks[n_toks++] = result_p;
+ } while ((result_p = strchr (result_p, '/')) != NULL);
+
+ /* Remove all non-leading '.' and any '..' we can match
+ with an earlier forward path (i.e. neither '.' nor '..') */
+ for (i = 1; i < n_toks; ++i)
+ {
+ int removals[2] = { -1, -1 };
+ if ( strcmp (toks[i], "." ) == 0)
+ {
+ removals[0] = i;
+ }
+ else if ( strcmp (toks[i], ".." ) == 0)
+ {
+ /* Search backwards for a forward path to collapse.
+ If none are found then the .. also stays. */
+ for (j = i - 1; j > -1; --j)
+ {
+ if ( strcmp (toks[j], "." )
+ && strcmp (toks[j], ".." ) )
+ {
+ removals[0] = j;
+ removals[1] = i;
+ break;
+ }
+ }
+ }
+ for (j = 0; j < 2; ++j)
+ {
+ if (removals[j] >= 0) /* Can become -2 */
+ {
+ --n_toks;
+ memmove (&toks[removals[j]], &toks[removals[j]+1], (n_toks - removals[j])*sizeof (char*));
+ --i;
+ if (!j)
+ {
+ --removals[1];
+ }
+ }
+ }
+ }
+ result_p = result;
+ for (i = 0; i < n_toks; ++i)
+ {
+ tok_size = strlen(toks[i]);
+ memmove (result_p, toks[i], tok_size);
+ result_p += tok_size;
+ if ((!i || tok_size) && ((i < n_toks - 1) || it_ended_with_a_slash == 1))
+ {
+ *result_p = '/';
+ ++result_p;
+ }
+ }
+ *result_p = '\0';
+}
+
+/* Returns actual_to by calculating the relative path from -> to and
+ applying that to actual_from. An assumption that actual_from is a
+ dir is made, and it may or may not end with a '/' */
+char const *
+get_relocated_path (char const * from, char const * to, char const * actual_from)
+{
+ char const * relative_from_to = get_relative_path (from, to);
+ char * actual_to = (char *) malloc (strlen(actual_from) + 2 + strlen(relative_from_to));
+ return actual_to;
+}
+
+int
+get_executable_path(char const * argv0, char * result, ssize_t max_size)
+{
+ char * system_result = (char *) alloca (max_size);
+ ssize_t system_result_size = -1;
+ ssize_t result_size = -1;
+
+ if (system_result != NULL)
+ {
+#if defined(IMPLEMENT_SYS_GET_EXECUTABLE_PATH)
+#if defined(__linux__) || defined(__CYGWIN__) || defined(__MSYS__)
+ system_result_size = readlink("/proc/self/exe", system_result, max_size);
+#elif defined(__APPLE__)
+ uint32_t bufsize = (uint32_t)max_size;
+ if (_NSGetExecutablePath(system_result, &bufsize) == 0)
+ {
+ system_result_size = (ssize_t)bufsize;
+ }
+#elif defined(_WIN32)
+ unsigned long bufsize = (unsigned long)max_size;
+ system_result_size = GetModuleFileNameA(NULL, system_result, bufsize);
+ if (system_result_size == 0 || system_result_size == (ssize_t)bufsize)
+ {
+ /* Error, possibly not enough space. */
+ system_result_size = -1;
+ }
+ else
+ {
+ /* Early conversion to unix slashes instead of more changes
+ everywhere else .. */
+ char * winslash;
+ system_result[system_result_size] = '\0';
+ while ((winslash = strchr (system_result, '\\')) != NULL)
+ {
+ *winslash = '/';
+ }
+ }
+#else
+#warning "Don't know how to get executable path on this system"
+#endif
+#endif /* defined(IMPLEMENT_SYS_GET_EXECUTABLE_PATH) */
+ }
+ /* Use argv0 as a default in-case of failure */
+ if (system_result_size != -1)
+ {
+ strncpy (result, system_result, system_result_size);
+ result[system_result_size] = '\0';
+ }
+ else
+ {
+ if (argv0 != NULL)
+ {
+ strncpy (result, argv0, max_size);
+ result[max_size-1] = '\0';
+ }
+ else
+ {
+ result[0] = '\0';
+ }
+ }
+ result_size = strlen (result);
+ return result_size;
+}
+
+char const *
+strip_n_prefix_folders(char const * path, size_t n)
+{
+ if (path == NULL)
+ {
+ return NULL;
+ }
+
+ if (path[0] != '/')
+ {
+ return path;
+ }
+
+ char const * last = path;
+ while (n-- && path != NULL)
+ {
+ last = path;
+ path = strchr (path + 1, '/');
+ }
+ return (path == NULL) ? last : path;
+}
+
+void
+strip_n_suffix_folders(char * path, size_t n)
+{
+ if (path == NULL)
+ {
+ return;
+ }
+ while (n--)
+ {
+ if (strrchr (path + 1, '/'))
+ {
+ *strrchr (path + 1, '/') = '\0';
+ }
+ else
+ {
+ return;
+ }
+ }
+ return;
+}
+
+size_t
+split_path_list(char const * path_list, char split_char, char *** arr)
+{
+ size_t path_count;
+ size_t path_list_size;
+ char const * path_list_p;
+
+ path_list_p = path_list;
+ if (path_list == NULL || path_list[0] == '\0')
+ {
+ return 0;
+ }
+ path_list_size = strlen (path_list);
+
+ path_count = 0;
+ do
+ {
+ ++path_count;
+ ++path_list_p;
+ }
+ while ((path_list_p = strchr (path_list_p, split_char)) != NULL);
+
+ /* allocate everything in one go. */
+ char * all_memory = (char *) malloc (sizeof (char *) * path_count + strlen(path_list) + 1);
+ if (all_memory == NULL)
+ return 0;
+ *arr = (char **)all_memory;
+ all_memory += sizeof (char *) * path_count;
+
+ path_count = 0;
+ path_list_p = path_list;
+ char const * next_path_list_p = 0;
+ do
+ {
+ next_path_list_p = strchr (path_list_p, split_char);
+ if (next_path_list_p != NULL)
+ {
+ ++next_path_list_p;
+ }
+ size_t this_size = (next_path_list_p != NULL)
+ ? next_path_list_p - path_list_p - 1
+ : &path_list[path_list_size] - path_list_p;
+ memcpy (all_memory, path_list_p, this_size);
+ all_memory[this_size] = '\0';
+ (*arr)[path_count++] = all_memory;
+ all_memory += this_size + 1;
+ } while ((path_list_p = next_path_list_p) != NULL);
+
+ return path_count;
+}
+
+char *
+get_relocated_path_list(char const * from, char const * to_path_list)
+{
+ char exe_path[MAX_PATH];
+ char * temp;
+ get_executable_path (NULL, &exe_path[0], sizeof (exe_path) / sizeof (exe_path[0]));
+ if ((temp = strrchr (exe_path, '/')) != NULL)
+ {
+ temp[1] = '\0';
+ }
+
+ char **arr = NULL;
+ /* Ask Alexey why he added this. Are we not 100% sure
+ that we're dealing with unix paths here? */
+ char split_char = ':';
+ if (strchr (to_path_list, ';'))
+ {
+ split_char = ';';
+ }
+ size_t count = split_path_list (to_path_list, split_char, &arr);
+ int result_size = 1 + (count - 1); /* count - 1 is for ; delim. */
+ size_t exe_path_size = strlen (exe_path);
+ size_t i;
+ /* Space required is:
+ count * (exe_path_size + strlen (rel_to_datadir))
+ rel_to_datadir upper bound is:
+ (count * strlen (from)) + (3 * num_slashes (from))
+ + strlen(arr[i]) + 1.
+ .. pathalogically num_slashes (from) is strlen (from)
+ (from = ////////) */
+ size_t space_required = (count * (exe_path_size + 4 * strlen (from))) + count - 1;
+ for (i = 0; i < count; ++i)
+ {
+ space_required += strlen (arr[i]);
+ }
+ char * scratch = (char *) alloca (space_required);
+ if (scratch == NULL)
+ return NULL;
+ for (i = 0; i < count; ++i)
+ {
+ char * rel_to_datadir = get_relative_path (from, arr[i]);
+ scratch[0] = '\0';
+ arr[i] = scratch;
+ strcat (scratch, exe_path);
+ strcat (scratch, rel_to_datadir);
+ simplify_path (arr[i]);
+ size_t arr_i_size = strlen (arr[i]);
+ result_size += arr_i_size;
+ scratch = arr[i] + arr_i_size + 1;
+ }
+ char * result = (char *) malloc (result_size);
+ if (result == NULL)
+ {
+ return NULL;
+ }
+ result[0] = '\0';
+ for (i = 0; i < count; ++i)
+ {
+ strcat (result, arr[i]);
+ if (i != count-1)
+ {
+#if defined(_WIN32)
+ strcat (result, ";");
+#else
+ strcat (result, ":");
+#endif
+ }
+ }
+ free ((void*)arr);
+ return result;
+}
diff --git a/crypto/x509/x509_def.c b/crypto/x509/x509_def.c
index bfa8d7d852..6fcc1b021a 100644
--- a/crypto/x509/x509_def.c
+++ b/crypto/x509/x509_def.c
@@ -9,27 +9,42 @@
#include <stdio.h>
#include "internal/cryptlib.h"
+#include "pathtools.h"
#include <openssl/crypto.h>
#include <openssl/x509.h>
+char * openssl_relocation(const char *path)
+{
+ char exe_path[PATH_MAX];
+ get_executable_path (NULL, &exe_path[0], sizeof(exe_path)/sizeof(exe_path[0]));
+ if (strrchr (exe_path, '/') != NULL)
+ {
+ strrchr (exe_path, '/')[1] = '\0';
+ }
+ char * rel_to_datadir = get_relative_path (OPENSSLBIN, path);
+ strcat (exe_path, rel_to_datadir);
+ simplify_path (&exe_path[0]);
+ return malloc_copy_string(exe_path);
+}
+
const char *X509_get_default_private_dir(void)
{
- return X509_PRIVATE_DIR;
+ return openssl_relocation(X509_PRIVATE_DIR);
}
const char *X509_get_default_cert_area(void)
{
- return X509_CERT_AREA;
+ return openssl_relocation(X509_CERT_AREA);
}
const char *X509_get_default_cert_dir(void)
{
- return X509_CERT_DIR;
+ return openssl_relocation(X509_CERT_DIR);
}
const char *X509_get_default_cert_file(void)
{
- return X509_CERT_FILE;
+ return openssl_relocation(X509_CERT_FILE);
}
const char *X509_get_default_cert_dir_env(void)
diff --git a/pathtools.h b/pathtools.h
new file mode 100644
index 0000000000..a8a2928049
--- /dev/null
+++ b/pathtools.h
@@ -0,0 +1,49 @@
+/*
+ .Some useful path tools.
+ .ASCII only for now.
+ .Written by Ray Donnelly in 2014.
+ .Licensed under CC0 (and anything.
+ .else you need to license it under).
+ .No warranties whatsoever.
+ .email: <mingw.android@gmail.com>.
+ */
+
+#ifndef PATHTOOLS_H
+#define PATHTOOLS_H
+
+#include <unistd.h>
+#if defined(__APPLE__)
+#include <stdlib.h>
+#else
+#include <malloc.h>
+#endif
+#include <stdio.h>
+
+char * malloc_copy_string(char const * original);
+
+/* In-place replaces any '\' with '/' and any '//' with '/' */
+void sanitise_path(char * path);
+
+/* Uses a host OS specific function to determine the path of the executable,
+ if IMPLEMENT_SYS_GET_EXECUTABLE_PATH is defined, otherwise uses argv0. */
+int get_executable_path(char const * argv0, char * result, ssize_t max_size);
+
+/* Where possible, in-place removes occourances of '.' and 'path/..' */
+void simplify_path(char * path);
+
+/* Allocates (via malloc) and returns the path to get from from to to. */
+char * get_relative_path(char const * from, char const * to);
+
+size_t split_path_list(char const * path_list, char split_char, char *** arr);
+
+/* Advances path along by the amount that removes n prefix folders. */
+char const *
+strip_n_prefix_folders(char const * path, size_t n);
+
+/* NULL terminates path to remove n suffix folders. */
+void
+strip_n_suffix_folders(char * path, size_t n);
+
+char * get_relocated_path_list(char const * from, char const * to_path_list);
+
+#endif /* PATHTOOLS_H */