CoCalc -- opt.c

GitHub Repository: freebsd/freebsd-src
Path: blob/main/crypto/openssl/apps/lib/opt.c
¹⁰³³⁷³ views
1
/*
2
 * Copyright 2015-2024 The OpenSSL Project Authors. All Rights Reserved.
3
 *
4
 * Licensed under the Apache License 2.0 (the "License").  You may not use
5
 * this file except in compliance with the License.  You can obtain a copy
6
 * in the file LICENSE in the source distribution or at
7
 * https://www.openssl.org/source/license.html
8
 */
9

10
/*
11
 * This file is also used by the test suite. Do not #include "apps.h".
12
 */
13
#include "opt.h"
14
#include "fmt.h"
15
#include "app_libctx.h"
16
#include "internal/nelem.h"
17
#include "internal/numbers.h"
18
#include <string.h>
19
#if !defined(OPENSSL_SYS_MSDOS)
20
#include <unistd.h>
21
#endif
22

23
#include <stdlib.h>
24
#include <errno.h>
25
#include <ctype.h>
26
#include <limits.h>
27
#include <openssl/err.h>
28
#include <openssl/bio.h>
29
#include <openssl/x509v3.h>
30

31
#define MAX_OPT_HELP_WIDTH 30
32
const char OPT_HELP_STR[] = "-H";
33
const char OPT_MORE_STR[] = "-M";
34
const char OPT_SECTION_STR[] = "-S";
35
const char OPT_PARAM_STR[] = "-P";
36

37
/* Our state */
38
static char **argv;
39
static int argc;
40
static int opt_index;
41
static char *arg;
42
static char *flag;
43
static char *dunno;
44
static const char *unknown_name;
45
static const OPTIONS *unknown;
46
static const OPTIONS *opts;
47
static char prog[40];
48

49
/*
50
 * Return the simple name of the program; removing various platform gunk.
51
 */
52
#if defined(OPENSSL_SYS_WIN32)
53

54
const char *opt_path_end(const char *filename)
55
{
56
    const char *p;
57

58
    /* find the last '/', '\' or ':' */
59
    for (p = filename + strlen(filename); --p > filename;)
60
        if (*p == '/' || *p == '\\' || *p == ':') {
61
            p++;
62
            break;
63
        }
64
    return p;
65
}
66

67
char *opt_progname(const char *argv0)
68
{
69
    size_t i, n;
70
    const char *p;
71
    char *q;
72

73
    p = opt_path_end(argv0);
74

75
    /* Strip off trailing nonsense. */
76
    n = strlen(p);
77
    if (n > 4 && (strcmp(&p[n - 4], ".exe") == 0 || strcmp(&p[n - 4], ".EXE") == 0))
78
        n -= 4;
79

80
    /* Copy over the name, in lowercase. */
81
    if (n > sizeof(prog) - 1)
82
        n = sizeof(prog) - 1;
83
    for (q = prog, i = 0; i < n; i++, p++)
84
        *q++ = tolower((unsigned char)*p);
85
    *q = '\0';
86
    return prog;
87
}
88

89
#elif defined(OPENSSL_SYS_VMS)
90

91
const char *opt_path_end(const char *filename)
92
{
93
    const char *p;
94

95
    /* Find last special character sys:[foo.bar]openssl */
96
    for (p = filename + strlen(filename); --p > filename;)
97
        if (*p == ':' || *p == ']' || *p == '>') {
98
            p++;
99
            break;
100
        }
101
    return p;
102
}
103

104
char *opt_progname(const char *argv0)
105
{
106
    const char *p, *q;
107

108
    /* Find last special character sys:[foo.bar]openssl */
109
    p = opt_path_end(argv0);
110
    q = strrchr(p, '.');
111
    if (prog != p)
112
        strncpy(prog, p, sizeof(prog) - 1);
113
    prog[sizeof(prog) - 1] = '\0';
114
    if (q != NULL && q - p < sizeof(prog))
115
        prog[q - p] = '\0';
116
    return prog;
117
}
118

119
#else
120

121
const char *opt_path_end(const char *filename)
122
{
123
    const char *p;
124

125
    /* Could use strchr, but this is like the ones above. */
126
    for (p = filename + strlen(filename); --p > filename;)
127
        if (*p == '/') {
128
            p++;
129
            break;
130
        }
131
    return p;
132
}
133

134
char *opt_progname(const char *argv0)
135
{
136
    const char *p;
137

138
    p = opt_path_end(argv0);
139
    if (prog != p)
140
        strncpy(prog, p, sizeof(prog) - 1);
141
    prog[sizeof(prog) - 1] = '\0';
142
    return prog;
143
}
144
#endif
145

146
char *opt_appname(const char *argv0)
147
{
148
    size_t len = strlen(prog);
149

150
    if (argv0 != NULL)
151
        BIO_snprintf(prog + len, sizeof(prog) - len - 1, " %s", argv0);
152
    return prog;
153
}
154

155
char *opt_getprog(void)
156
{
157
    return prog;
158
}
159

160
/* Set up the arg parsing. */
161
char *opt_init(int ac, char **av, const OPTIONS *o)
162
{
163
    /* Store state. */
164
    argc = ac;
165
    argv = av;
166
    opt_begin();
167
    opts = o;
168
    unknown = NULL;
169
    /* Make sure prog name is set for usage output */
170
    (void)opt_progname(argv[0]);
171

172
    /* Check all options up until the PARAM marker (if present) */
173
    for (; o->name != NULL && o->name != OPT_PARAM_STR; ++o) {
174
#ifndef NDEBUG
175
        const OPTIONS *next;
176
        int duplicated, i;
177
#endif
178

179
        if (o->name == OPT_HELP_STR
180
            || o->name == OPT_MORE_STR
181
            || o->name == OPT_SECTION_STR)
182
            continue;
183
#ifndef NDEBUG
184
        i = o->valtype;
185

186
        /* Make sure options are legit. */
187
        OPENSSL_assert(o->name[0] != '-');
188
        if (o->valtype == '.')
189
            OPENSSL_assert(o->retval == OPT_PARAM);
190
        else
191
            OPENSSL_assert(o->retval == OPT_DUP || o->retval > OPT_PARAM);
192
        switch (i) {
193
        case 0:
194
        case '-':
195
        case '.':
196
        case '/':
197
        case '<':
198
        case '>':
199
        case 'E':
200
        case 'F':
201
        case 'M':
202
        case 'U':
203
        case 'f':
204
        case 'l':
205
        case 'n':
206
        case 'p':
207
        case 's':
208
        case 'u':
209
        case 'c':
210
        case ':':
211
        case 'N':
212
        case 'A':
213
            break;
214
        default:
215
            OPENSSL_assert(0);
216
        }
217

218
        /* Make sure there are no duplicates. */
219
        for (next = o + 1; next->name; ++next) {
220
            /*
221
             * Some compilers inline strcmp and the assert string is too long.
222
             */
223
            duplicated = next->retval != OPT_DUP
224
                && strcmp(o->name, next->name) == 0;
225
            if (duplicated) {
226
                opt_printf_stderr("%s: Internal error: duplicate option %s\n",
227
                    prog, o->name);
228
                OPENSSL_assert(!duplicated);
229
            }
230
        }
231
#endif
232
        if (o->name[0] == '\0') {
233
            OPENSSL_assert(unknown_name != NULL);
234
            OPENSSL_assert(unknown == NULL);
235
            unknown = o;
236
            OPENSSL_assert(unknown->valtype == 0 || unknown->valtype == '-');
237
        }
238
    }
239
    return prog;
240
}
241

242
static OPT_PAIR formats[] = {
243
    { "pem", OPT_FMT_PEM },
244
    { "der", OPT_FMT_DER },
245
    { "b64", OPT_FMT_B64 },
246
    { "pkcs12", OPT_FMT_PKCS12 },
247
    { "smime", OPT_FMT_SMIME },
248
    { "engine", OPT_FMT_ENGINE },
249
    { "msblob", OPT_FMT_MSBLOB },
250
    { "nss", OPT_FMT_NSS },
251
    { "text", OPT_FMT_TEXT },
252
    { "http", OPT_FMT_HTTP },
253
    { "pvk", OPT_FMT_PVK },
254
    { NULL }
255
};
256

257
void opt_set_unknown_name(const char *name)
258
{
259
    unknown_name = name;
260
}
261

262
/* Print an error message about a failed format parse. */
263
static int opt_format_error(const char *s, unsigned long flags)
264
{
265
    OPT_PAIR *ap;
266

267
    opt_printf_stderr("%s: Bad format \"%s\"; must be one of: ", prog, s);
268
    for (ap = formats; ap->name; ap++)
269
        if (flags & ap->retval)
270
            opt_printf_stderr(" %s", ap->name);
271
    opt_printf_stderr("\n");
272

273
    return 0;
274
}
275

276
/* Parse a format string, put it into *result; return 0 on failure, else 1. */
277
int opt_format(const char *s, unsigned long flags, int *result)
278
{
279
    switch (*s) {
280
    default:
281
        opt_printf_stderr("%s: Bad format \"%s\"\n", prog, s);
282
        return 0;
283
    case 'B':
284
    case 'b':
285
        if (s[1] == '\0'
286
            || strcmp(s, "B64") == 0 || strcmp(s, "b64") == 0
287
            || strcmp(s, "BASE64") == 0 || strcmp(s, "base64") == 0) {
288
            if ((flags & OPT_FMT_B64) == 0)
289
                return opt_format_error(s, flags);
290
            *result = FORMAT_BASE64;
291
        } else {
292
            return 0;
293
        }
294
        break;
295
    case 'D':
296
    case 'd':
297
        if ((flags & OPT_FMT_DER) == 0)
298
            return opt_format_error(s, flags);
299
        *result = FORMAT_ASN1;
300
        break;
301
    case 'T':
302
    case 't':
303
        if ((flags & OPT_FMT_TEXT) == 0)
304
            return opt_format_error(s, flags);
305
        *result = FORMAT_TEXT;
306
        break;
307
    case 'N':
308
    case 'n':
309
        if ((flags & OPT_FMT_NSS) == 0)
310
            return opt_format_error(s, flags);
311
        if (strcmp(s, "NSS") != 0 && strcmp(s, "nss") != 0)
312
            return opt_format_error(s, flags);
313
        *result = FORMAT_NSS;
314
        break;
315
    case 'S':
316
    case 's':
317
        if ((flags & OPT_FMT_SMIME) == 0)
318
            return opt_format_error(s, flags);
319
        *result = FORMAT_SMIME;
320
        break;
321
    case 'M':
322
    case 'm':
323
        if ((flags & OPT_FMT_MSBLOB) == 0)
324
            return opt_format_error(s, flags);
325
        *result = FORMAT_MSBLOB;
326
        break;
327
    case 'E':
328
    case 'e':
329
        if ((flags & OPT_FMT_ENGINE) == 0)
330
            return opt_format_error(s, flags);
331
        *result = FORMAT_ENGINE;
332
        break;
333
    case 'H':
334
    case 'h':
335
        if ((flags & OPT_FMT_HTTP) == 0)
336
            return opt_format_error(s, flags);
337
        *result = FORMAT_HTTP;
338
        break;
339
    case '1':
340
        if ((flags & OPT_FMT_PKCS12) == 0)
341
            return opt_format_error(s, flags);
342
        *result = FORMAT_PKCS12;
343
        break;
344
    case 'P':
345
    case 'p':
346
        if (s[1] == '\0' || strcmp(s, "PEM") == 0 || strcmp(s, "pem") == 0) {
347
            if ((flags & OPT_FMT_PEM) == 0)
348
                return opt_format_error(s, flags);
349
            *result = FORMAT_PEM;
350
        } else if (strcmp(s, "PVK") == 0 || strcmp(s, "pvk") == 0) {
351
            if ((flags & OPT_FMT_PVK) == 0)
352
                return opt_format_error(s, flags);
353
            *result = FORMAT_PVK;
354
        } else if (strcmp(s, "P12") == 0 || strcmp(s, "p12") == 0
355
            || strcmp(s, "PKCS12") == 0 || strcmp(s, "pkcs12") == 0) {
356
            if ((flags & OPT_FMT_PKCS12) == 0)
357
                return opt_format_error(s, flags);
358
            *result = FORMAT_PKCS12;
359
        } else {
360
            opt_printf_stderr("%s: Bad format \"%s\"\n", prog, s);
361
            return 0;
362
        }
363
        break;
364
    }
365
    return 1;
366
}
367

368
/* Return string representing the given format. */
369
static const char *format2str(int format)
370
{
371
    switch (format) {
372
    default:
373
        return "(undefined)";
374
    case FORMAT_PEM:
375
        return "PEM";
376
    case FORMAT_ASN1:
377
        return "DER";
378
    case FORMAT_TEXT:
379
        return "TEXT";
380
    case FORMAT_NSS:
381
        return "NSS";
382
    case FORMAT_SMIME:
383
        return "SMIME";
384
    case FORMAT_MSBLOB:
385
        return "MSBLOB";
386
    case FORMAT_ENGINE:
387
        return "ENGINE";
388
    case FORMAT_HTTP:
389
        return "HTTP";
390
    case FORMAT_PKCS12:
391
        return "P12";
392
    case FORMAT_PVK:
393
        return "PVK";
394
    }
395
}
396

397
/* Print an error message about unsuitable/unsupported format requested. */
398
void print_format_error(int format, unsigned long flags)
399
{
400
    (void)opt_format_error(format2str(format), flags);
401
}
402

403
/*
404
 * Parse a cipher name, put it in *cipherp after freeing what was there, if
405
 * cipherp is not NULL.  Return 0 on failure, else 1.
406
 */
407
int opt_cipher_silent(const char *name, EVP_CIPHER **cipherp)
408
{
409
    EVP_CIPHER *c;
410

411
    ERR_set_mark();
412
    if ((c = EVP_CIPHER_fetch(app_get0_libctx(), name,
413
             app_get0_propq()))
414
            != NULL
415
        || (opt_legacy_okay()
416
            && (c = (EVP_CIPHER *)EVP_get_cipherbyname(name)) != NULL)) {
417
        ERR_pop_to_mark();
418
        if (cipherp != NULL) {
419
            EVP_CIPHER_free(*cipherp);
420
            *cipherp = c;
421
        } else {
422
            EVP_CIPHER_free(c);
423
        }
424
        return 1;
425
    }
426
    ERR_clear_last_mark();
427
    return 0;
428
}
429

430
int opt_cipher_any(const char *name, EVP_CIPHER **cipherp)
431
{
432
    int ret;
433

434
    if (name == NULL)
435
        return 1;
436
    if ((ret = opt_cipher_silent(name, cipherp)) == 0)
437
        opt_printf_stderr("%s: Unknown option or cipher: %s\n", prog, name);
438
    return ret;
439
}
440

441
int opt_cipher(const char *name, EVP_CIPHER **cipherp)
442
{
443
    int mode, ret = 0;
444
    unsigned long int flags;
445
    EVP_CIPHER *c = NULL;
446

447
    if (name == NULL)
448
        return 1;
449
    if (opt_cipher_any(name, &c)) {
450
        mode = EVP_CIPHER_get_mode(c);
451
        flags = EVP_CIPHER_get_flags(c);
452
        if (mode == EVP_CIPH_XTS_MODE) {
453
            opt_printf_stderr("%s XTS ciphers not supported\n", prog);
454
        } else if ((flags & EVP_CIPH_FLAG_AEAD_CIPHER) != 0) {
455
            opt_printf_stderr("%s: AEAD ciphers not supported\n", prog);
456
        } else {
457
            ret = 1;
458
            if (cipherp != NULL)
459
                *cipherp = c;
460
        }
461
    }
462
    return ret;
463
}
464

465
/*
466
 * Parse message digest name, put it in *EVP_MD; return 0 on failure, else 1.
467
 */
468
int opt_md_silent(const char *name, EVP_MD **mdp)
469
{
470
    EVP_MD *md;
471

472
    ERR_set_mark();
473
    if ((md = EVP_MD_fetch(app_get0_libctx(), name, app_get0_propq())) != NULL
474
        || (opt_legacy_okay()
475
            && (md = (EVP_MD *)EVP_get_digestbyname(name)) != NULL)) {
476
        ERR_pop_to_mark();
477
        if (mdp != NULL) {
478
            EVP_MD_free(*mdp);
479
            *mdp = md;
480
        } else {
481
            EVP_MD_free(md);
482
        }
483
        return 1;
484
    }
485
    ERR_clear_last_mark();
486
    return 0;
487
}
488

489
int opt_md(const char *name, EVP_MD **mdp)
490
{
491
    int ret;
492

493
    if (name == NULL)
494
        return 1;
495
    if ((ret = opt_md_silent(name, mdp)) == 0)
496
        opt_printf_stderr("%s: Unknown option or message digest: %s\n",
497
            prog, name);
498
    return ret;
499
}
500

501
int opt_check_md(const char *name)
502
{
503
    if (opt_md(name, NULL))
504
        return 1;
505
    ERR_clear_error();
506
    return 0;
507
}
508

509
/* Look through a list of name/value pairs. */
510
int opt_pair(const char *name, const OPT_PAIR *pairs, int *result)
511
{
512
    const OPT_PAIR *pp;
513

514
    for (pp = pairs; pp->name; pp++)
515
        if (strcmp(pp->name, name) == 0) {
516
            *result = pp->retval;
517
            return 1;
518
        }
519
    opt_printf_stderr("%s: Value must be one of:\n", prog);
520
    for (pp = pairs; pp->name; pp++)
521
        opt_printf_stderr("\t%s\n", pp->name);
522
    return 0;
523
}
524

525
/* Look through a list of valid names */
526
int opt_string(const char *name, const char **options)
527
{
528
    const char **p;
529

530
    for (p = options; *p != NULL; p++)
531
        if (strcmp(*p, name) == 0)
532
            return 1;
533
    opt_printf_stderr("%s: Value must be one of:\n", prog);
534
    for (p = options; *p != NULL; p++)
535
        opt_printf_stderr("\t%s\n", *p);
536
    return 0;
537
}
538

539
/* Parse an int, put it into *result; return 0 on failure, else 1. */
540
int opt_int(const char *value, int *result)
541
{
542
    long l;
543

544
    if (!opt_long(value, &l))
545
        return 0;
546
    *result = (int)l;
547
    if (*result != l) {
548
        opt_printf_stderr("%s: Value \"%s\" outside integer range\n",
549
            prog, value);
550
        return 0;
551
    }
552
    return 1;
553
}
554

555
/* Parse and return an integer, assuming range has been checked before. */
556
int opt_int_arg(void)
557
{
558
    int result = -1;
559

560
    (void)opt_int(arg, &result);
561
    return result;
562
}
563

564
static void opt_number_error(const char *v)
565
{
566
    size_t i = 0;
567
    struct strstr_pair_st {
568
        char *prefix;
569
        char *name;
570
    } b[] = {
571
        { "0x", "a hexadecimal" },
572
        { "0X", "a hexadecimal" },
573
        { "0", "an octal" }
574
    };
575

576
    for (i = 0; i < OSSL_NELEM(b); i++) {
577
        if (strncmp(v, b[i].prefix, strlen(b[i].prefix)) == 0) {
578
            opt_printf_stderr("%s: Can't parse \"%s\" as %s number\n",
579
                prog, v, b[i].name);
580
            return;
581
        }
582
    }
583
    opt_printf_stderr("%s: Can't parse \"%s\" as a number\n", prog, v);
584
    return;
585
}
586

587
/* Parse a long, put it into *result; return 0 on failure, else 1. */
588
int opt_long(const char *value, long *result)
589
{
590
    int oerrno = errno;
591
    long l;
592
    char *endp;
593

594
    errno = 0;
595
    l = strtol(value, &endp, 0);
596
    if (*endp
597
        || endp == value
598
        || ((l == LONG_MAX || l == LONG_MIN) && errno == ERANGE)
599
        || (l == 0 && errno != 0)) {
600
        opt_number_error(value);
601
        errno = oerrno;
602
        return 0;
603
    }
604
    *result = l;
605
    errno = oerrno;
606
    return 1;
607
}
608

609
#if defined(__STDC_VERSION__) && __STDC_VERSION__ >= 199901L && defined(INTMAX_MAX) && defined(UINTMAX_MAX) && !defined(OPENSSL_NO_INTTYPES_H)
610

611
/* Parse an intmax_t, put it into *result; return 0 on failure, else 1. */
612
int opt_intmax(const char *value, ossl_intmax_t *result)
613
{
614
    int oerrno = errno;
615
    intmax_t m;
616
    char *endp;
617

618
    errno = 0;
619
    m = strtoimax(value, &endp, 0);
620
    if (*endp
621
        || endp == value
622
        || ((m == INTMAX_MAX || m == INTMAX_MIN)
623
            && errno == ERANGE)
624
        || (m == 0 && errno != 0)) {
625
        opt_number_error(value);
626
        errno = oerrno;
627
        return 0;
628
    }
629
    /* Ensure that the value in |m| is never too big for |*result| */
630
    if (sizeof(m) > sizeof(*result)
631
        && (m < OSSL_INTMAX_MIN || m > OSSL_INTMAX_MAX)) {
632
        opt_number_error(value);
633
        return 0;
634
    }
635
    *result = (ossl_intmax_t)m;
636
    errno = oerrno;
637
    return 1;
638
}
639

640
/* Parse a uintmax_t, put it into *result; return 0 on failure, else 1. */
641
int opt_uintmax(const char *value, ossl_uintmax_t *result)
642
{
643
    int oerrno = errno;
644
    uintmax_t m;
645
    char *endp;
646

647
    errno = 0;
648
    m = strtoumax(value, &endp, 0);
649
    if (*endp
650
        || endp == value
651
        || (m == UINTMAX_MAX && errno == ERANGE)
652
        || (m == 0 && errno != 0)) {
653
        opt_number_error(value);
654
        errno = oerrno;
655
        return 0;
656
    }
657
    /* Ensure that the value in |m| is never too big for |*result| */
658
    if (sizeof(m) > sizeof(*result)
659
        && m > OSSL_UINTMAX_MAX) {
660
        opt_number_error(value);
661
        return 0;
662
    }
663
    *result = (ossl_uintmax_t)m;
664
    errno = oerrno;
665
    return 1;
666
}
667
#else
668
/* Fallback implementations based on long */
669
int opt_intmax(const char *value, ossl_intmax_t *result)
670
{
671
    long m;
672
    int ret;
673

674
    if ((ret = opt_long(value, &m)))
675
        *result = m;
676
    return ret;
677
}
678

679
int opt_uintmax(const char *value, ossl_uintmax_t *result)
680
{
681
    unsigned long m;
682
    int ret;
683

684
    if ((ret = opt_ulong(value, &m)))
685
        *result = m;
686
    return ret;
687
}
688
#endif
689

690
/*
691
 * Parse an unsigned long, put it into *result; return 0 on failure, else 1.
692
 */
693
int opt_ulong(const char *value, unsigned long *result)
694
{
695
    int oerrno = errno;
696
    char *endptr;
697
    unsigned long l;
698

699
    errno = 0;
700
    l = strtoul(value, &endptr, 0);
701
    if (*endptr
702
        || endptr == value
703
        || ((l == ULONG_MAX) && errno == ERANGE)
704
        || (l == 0 && errno != 0)) {
705
        opt_number_error(value);
706
        errno = oerrno;
707
        return 0;
708
    }
709
    *result = l;
710
    errno = oerrno;
711
    return 1;
712
}
713

714
/*
715
 * We pass opt as an int but cast it to "enum range" so that all the
716
 * items in the OPT_V_ENUM enumeration are caught; this makes -Wswitch
717
 * in gcc do the right thing.
718
 */
719
enum range { OPT_V_ENUM };
720

721
int opt_verify(int opt, X509_VERIFY_PARAM *vpm)
722
{
723
    int i;
724
    ossl_intmax_t t = 0;
725
    ASN1_OBJECT *otmp;
726
    X509_PURPOSE *xptmp;
727
    const X509_VERIFY_PARAM *vtmp;
728

729
    OPENSSL_assert(vpm != NULL);
730
    OPENSSL_assert(opt > OPT_V__FIRST);
731
    OPENSSL_assert(opt < OPT_V__LAST);
732

733
    switch ((enum range)opt) {
734
    case OPT_V__FIRST:
735
    case OPT_V__LAST:
736
        return 0;
737
    case OPT_V_POLICY:
738
        otmp = OBJ_txt2obj(opt_arg(), 0);
739
        if (otmp == NULL) {
740
            opt_printf_stderr("%s: Invalid Policy %s\n", prog, opt_arg());
741
            return 0;
742
        }
743
        if (!X509_VERIFY_PARAM_add0_policy(vpm, otmp)) {
744
            ASN1_OBJECT_free(otmp);
745
            opt_printf_stderr("%s: Internal error adding Policy %s\n",
746
                prog, opt_arg());
747
            return 0;
748
        }
749
        break;
750
    case OPT_V_PURPOSE:
751
        /* purpose name -> purpose index */
752
        i = X509_PURPOSE_get_by_sname(opt_arg());
753
        if (i < 0) {
754
            opt_printf_stderr("%s: Invalid purpose %s\n", prog, opt_arg());
755
            return 0;
756
        }
757

758
        /* purpose index -> purpose object */
759
        xptmp = X509_PURPOSE_get0(i);
760

761
        /* purpose object -> purpose value */
762
        i = X509_PURPOSE_get_id(xptmp);
763

764
        if (!X509_VERIFY_PARAM_set_purpose(vpm, i)) {
765
            opt_printf_stderr("%s: Internal error setting purpose %s\n",
766
                prog, opt_arg());
767
            return 0;
768
        }
769
        break;
770
    case OPT_V_VERIFY_NAME:
771
        vtmp = X509_VERIFY_PARAM_lookup(opt_arg());
772
        if (vtmp == NULL) {
773
            opt_printf_stderr("%s: Invalid verify name %s\n",
774
                prog, opt_arg());
775
            return 0;
776
        }
777
        X509_VERIFY_PARAM_set1(vpm, vtmp);
778
        break;
779
    case OPT_V_VERIFY_DEPTH:
780
        i = atoi(opt_arg());
781
        if (i >= 0)
782
            X509_VERIFY_PARAM_set_depth(vpm, i);
783
        break;
784
    case OPT_V_VERIFY_AUTH_LEVEL:
785
        i = atoi(opt_arg());
786
        if (i >= 0)
787
            X509_VERIFY_PARAM_set_auth_level(vpm, i);
788
        break;
789
    case OPT_V_ATTIME:
790
        if (!opt_intmax(opt_arg(), &t))
791
            return 0;
792
        if (t != (time_t)t) {
793
            opt_printf_stderr("%s: epoch time out of range %s\n",
794
                prog, opt_arg());
795
            return 0;
796
        }
797
        X509_VERIFY_PARAM_set_time(vpm, (time_t)t);
798
        break;
799
    case OPT_V_VERIFY_HOSTNAME:
800
        if (!X509_VERIFY_PARAM_set1_host(vpm, opt_arg(), 0))
801
            return 0;
802
        break;
803
    case OPT_V_VERIFY_EMAIL:
804
        if (!X509_VERIFY_PARAM_set1_email(vpm, opt_arg(), 0))
805
            return 0;
806
        break;
807
    case OPT_V_VERIFY_IP:
808
        if (!X509_VERIFY_PARAM_set1_ip_asc(vpm, opt_arg()))
809
            return 0;
810
        break;
811
    case OPT_V_IGNORE_CRITICAL:
812
        X509_VERIFY_PARAM_set_flags(vpm, X509_V_FLAG_IGNORE_CRITICAL);
813
        break;
814
    case OPT_V_ISSUER_CHECKS:
815
        /* NOP, deprecated */
816
        break;
817
    case OPT_V_CRL_CHECK:
818
        X509_VERIFY_PARAM_set_flags(vpm, X509_V_FLAG_CRL_CHECK);
819
        break;
820
    case OPT_V_CRL_CHECK_ALL:
821
        X509_VERIFY_PARAM_set_flags(vpm,
822
            X509_V_FLAG_CRL_CHECK | X509_V_FLAG_CRL_CHECK_ALL);
823
        break;
824
    case OPT_V_POLICY_CHECK:
825
        X509_VERIFY_PARAM_set_flags(vpm, X509_V_FLAG_POLICY_CHECK);
826
        break;
827
    case OPT_V_EXPLICIT_POLICY:
828
        X509_VERIFY_PARAM_set_flags(vpm, X509_V_FLAG_EXPLICIT_POLICY);
829
        break;
830
    case OPT_V_INHIBIT_ANY:
831
        X509_VERIFY_PARAM_set_flags(vpm, X509_V_FLAG_INHIBIT_ANY);
832
        break;
833
    case OPT_V_INHIBIT_MAP:
834
        X509_VERIFY_PARAM_set_flags(vpm, X509_V_FLAG_INHIBIT_MAP);
835
        break;
836
    case OPT_V_X509_STRICT:
837
        X509_VERIFY_PARAM_set_flags(vpm, X509_V_FLAG_X509_STRICT);
838
        break;
839
    case OPT_V_EXTENDED_CRL:
840
        X509_VERIFY_PARAM_set_flags(vpm, X509_V_FLAG_EXTENDED_CRL_SUPPORT);
841
        break;
842
    case OPT_V_USE_DELTAS:
843
        X509_VERIFY_PARAM_set_flags(vpm, X509_V_FLAG_USE_DELTAS);
844
        break;
845
    case OPT_V_POLICY_PRINT:
846
        X509_VERIFY_PARAM_set_flags(vpm, X509_V_FLAG_NOTIFY_POLICY);
847
        break;
848
    case OPT_V_CHECK_SS_SIG:
849
        X509_VERIFY_PARAM_set_flags(vpm, X509_V_FLAG_CHECK_SS_SIGNATURE);
850
        break;
851
    case OPT_V_TRUSTED_FIRST:
852
        X509_VERIFY_PARAM_set_flags(vpm, X509_V_FLAG_TRUSTED_FIRST);
853
        break;
854
    case OPT_V_SUITEB_128_ONLY:
855
        X509_VERIFY_PARAM_set_flags(vpm, X509_V_FLAG_SUITEB_128_LOS_ONLY);
856
        break;
857
    case OPT_V_SUITEB_128:
858
        X509_VERIFY_PARAM_set_flags(vpm, X509_V_FLAG_SUITEB_128_LOS);
859
        break;
860
    case OPT_V_SUITEB_192:
861
        X509_VERIFY_PARAM_set_flags(vpm, X509_V_FLAG_SUITEB_192_LOS);
862
        break;
863
    case OPT_V_PARTIAL_CHAIN:
864
        X509_VERIFY_PARAM_set_flags(vpm, X509_V_FLAG_PARTIAL_CHAIN);
865
        break;
866
    case OPT_V_NO_ALT_CHAINS:
867
        X509_VERIFY_PARAM_set_flags(vpm, X509_V_FLAG_NO_ALT_CHAINS);
868
        break;
869
    case OPT_V_NO_CHECK_TIME:
870
        X509_VERIFY_PARAM_set_flags(vpm, X509_V_FLAG_NO_CHECK_TIME);
871
        break;
872
    case OPT_V_ALLOW_PROXY_CERTS:
873
        X509_VERIFY_PARAM_set_flags(vpm, X509_V_FLAG_ALLOW_PROXY_CERTS);
874
        break;
875
    }
876
    return 1;
877
}
878

879
void opt_begin(void)
880
{
881
    opt_index = 1;
882
    arg = NULL;
883
    flag = NULL;
884
}
885

886
/*
887
 * Parse the next flag (and value if specified), return 0 if done, -1 on
888
 * error, otherwise the flag's retval.
889
 */
890
int opt_next(void)
891
{
892
    char *p;
893
    const OPTIONS *o;
894
    int ival;
895
    long lval;
896
    unsigned long ulval;
897
    ossl_intmax_t imval;
898
    ossl_uintmax_t umval;
899

900
    /* Look at current arg; at end of the list? */
901
    arg = NULL;
902
    p = argv[opt_index];
903
    if (p == NULL)
904
        return 0;
905

906
    /* If word doesn't start with a -, we're done. */
907
    if (*p != '-')
908
        return 0;
909

910
    /* Hit "--" ? We're done. */
911
    opt_index++;
912
    if (strcmp(p, "--") == 0)
913
        return 0;
914

915
    /* Allow -nnn and --nnn */
916
    if (*++p == '-')
917
        p++;
918
    flag = p - 1;
919

920
    /* If we have --flag=foo, snip it off */
921
    if ((arg = strchr(p, '=')) != NULL)
922
        *arg++ = '\0';
923
    for (o = opts; o->name; ++o) {
924
        /* If not this option, move on to the next one. */
925
        if (!(strcmp(p, "h") == 0 && strcmp(o->name, "help") == 0)
926
            && strcmp(p, o->name) != 0)
927
            continue;
928

929
        /* If it doesn't take a value, make sure none was given. */
930
        if (o->valtype == 0 || o->valtype == '-') {
931
            if (arg) {
932
                opt_printf_stderr("%s: Option -%s does not take a value\n",
933
                    prog, p);
934
                return -1;
935
            }
936
            return o->retval;
937
        }
938

939
        /* Want a value; get the next param if =foo not used. */
940
        if (arg == NULL) {
941
            if (argv[opt_index] == NULL) {
942
                opt_printf_stderr("%s: Option -%s needs a value\n",
943
                    prog, o->name);
944
                return -1;
945
            }
946
            arg = argv[opt_index++];
947
        }
948

949
        /* Syntax-check value. */
950
        switch (o->valtype) {
951
        default:
952
        case 's':
953
        case ':':
954
            /* Just a string. */
955
            break;
956
        case '.':
957
            /* Parameters */
958
            break;
959
        case '/':
960
            if (opt_isdir(arg) > 0)
961
                break;
962
            opt_printf_stderr("%s: Not a directory: %s\n", prog, arg);
963
            return -1;
964
        case '<':
965
            /* Input file. */
966
            break;
967
        case '>':
968
            /* Output file. */
969
            break;
970
        case 'p':
971
        case 'n':
972
        case 'N':
973
            if (!opt_int(arg, &ival))
974
                return -1;
975
            if (o->valtype == 'p' && ival <= 0) {
976
                opt_printf_stderr("%s: Non-positive number \"%s\" for option -%s\n",
977
                    prog, arg, o->name);
978
                return -1;
979
            }
980
            if (o->valtype == 'N' && ival < 0) {
981
                opt_printf_stderr("%s: Negative number \"%s\" for option -%s\n",
982
                    prog, arg, o->name);
983
                return -1;
984
            }
985
            break;
986
        case 'M':
987
            if (!opt_intmax(arg, &imval))
988
                return -1;
989
            break;
990
        case 'U':
991
            if (!opt_uintmax(arg, &umval))
992
                return -1;
993
            break;
994
        case 'l':
995
            if (!opt_long(arg, &lval))
996
                return -1;
997
            break;
998
        case 'u':
999
            if (!opt_ulong(arg, &ulval))
1000
                return -1;
1001
            break;
1002
        case 'c':
1003
        case 'E':
1004
        case 'F':
1005
        case 'f':
1006
        case 'A':
1007
        case 'a':
1008
            if (opt_format(arg,
1009
                    o->valtype == 'c' ? OPT_FMT_PDS : o->valtype == 'E' ? OPT_FMT_PDE
1010
                        : o->valtype == 'F'                             ? OPT_FMT_PEMDER
1011
                        : o->valtype == 'A'                             ? OPT_FMT_ASN1
1012
                                                                        : OPT_FMT_ANY,
1013
                    &ival))
1014
                break;
1015
            opt_printf_stderr("%s: Invalid format \"%s\" for option -%s\n",
1016
                prog, arg, o->name);
1017
            return -1;
1018
        }
1019

1020
        /* Return the flag value. */
1021
        return o->retval;
1022
    }
1023
    if (unknown != NULL) {
1024
        if (dunno != NULL) {
1025
            opt_printf_stderr("%s: Multiple %s or unknown options: -%s and -%s\n",
1026
                prog, unknown_name, dunno, p);
1027
            return -1;
1028
        }
1029
        dunno = p;
1030
        return unknown->retval;
1031
    }
1032
    opt_printf_stderr("%s: Unknown option: -%s\n", prog, p);
1033
    return -1;
1034
}
1035

1036
/* Return the most recent flag parameter. */
1037
char *opt_arg(void)
1038
{
1039
    return arg;
1040
}
1041

1042
/* Return the most recent flag (option name including the preceding '-'). */
1043
char *opt_flag(void)
1044
{
1045
    return flag;
1046
}
1047

1048
/* Return the unknown option. */
1049
char *opt_unknown(void)
1050
{
1051
    return dunno;
1052
}
1053

1054
/* Reset the unknown option; needed by ocsp to allow multiple digest options. */
1055
void reset_unknown(void)
1056
{
1057
    dunno = NULL;
1058
}
1059

1060
/* Return the rest of the arguments after parsing flags. */
1061
char **opt_rest(void)
1062
{
1063
    return &argv[opt_index];
1064
}
1065

1066
/* How many items in remaining args? */
1067
int opt_num_rest(void)
1068
{
1069
    int i = 0;
1070
    char **pp;
1071

1072
    for (pp = opt_rest(); *pp; pp++, i++)
1073
        continue;
1074
    return i;
1075
}
1076

1077
int opt_check_rest_arg(const char *expected)
1078
{
1079
    char *opt = *opt_rest();
1080

1081
    if (opt == NULL || *opt == '\0') {
1082
        if (expected == NULL)
1083
            return 1;
1084
        opt_printf_stderr("%s: Missing argument: %s\n", prog, expected);
1085
        return 0;
1086
    }
1087
    if (expected != NULL) {
1088
        opt = argv[opt_index + 1];
1089
        if (opt == NULL || *opt == '\0')
1090
            return 1;
1091
        opt_printf_stderr("%s: Extra argument after %s: \"%s\"\n", prog, expected, opt);
1092
        return 0;
1093
    }
1094
    if (opt_unknown() == NULL)
1095
        opt_printf_stderr("%s: Extra option: \"%s\"\n", prog, opt);
1096
    else
1097
        opt_printf_stderr("%s: Extra (unknown) options: \"%s\" \"%s\"\n",
1098
            prog, opt_unknown(), opt);
1099
    return 0;
1100
}
1101

1102
/* Return a string describing the parameter type. */
1103
static const char *valtype2param(const OPTIONS *o)
1104
{
1105
    switch (o->valtype) {
1106
    case 0:
1107
    case '-':
1108
        return "";
1109
    case ':':
1110
        return "uri";
1111
    case 's':
1112
        return "val";
1113
    case '/':
1114
        return "dir";
1115
    case '<':
1116
        return "infile";
1117
    case '>':
1118
        return "outfile";
1119
    case 'p':
1120
        return "+int";
1121
    case 'n':
1122
        return "int";
1123
    case 'l':
1124
        return "long";
1125
    case 'u':
1126
        return "ulong";
1127
    case 'E':
1128
        return "PEM|DER|ENGINE";
1129
    case 'F':
1130
        return "PEM|DER";
1131
    case 'f':
1132
        return "format";
1133
    case 'M':
1134
        return "intmax";
1135
    case 'N':
1136
        return "nonneg";
1137
    case 'U':
1138
        return "uintmax";
1139
    }
1140
    return "parm";
1141
}
1142

1143
static void opt_print(const OPTIONS *o, int doingparams, int width)
1144
{
1145
    const char *help;
1146
    char start[80 + 1];
1147
    int linelen, printlen;
1148

1149
    /* Avoid OOB if width is beyond the buffer size of start */
1150
    if (width >= (int)sizeof(start))
1151
        width = (int)sizeof(start) - 1;
1152

1153
    help = o->helpstr ? o->helpstr : "(No additional info)";
1154
    if (o->name == OPT_HELP_STR) {
1155
        opt_printf_stderr(help, prog);
1156
        return;
1157
    } else if (o->name == OPT_SECTION_STR) {
1158
        opt_printf_stderr("\n");
1159
        opt_printf_stderr(help, prog);
1160
        return;
1161
    } else if (o->name == OPT_PARAM_STR) {
1162
        opt_printf_stderr("\nParameters:\n");
1163
        return;
1164
    }
1165

1166
    /* Pad out prefix */
1167
    memset(start, ' ', sizeof(start) - 1);
1168
    start[sizeof(start) - 1] = '\0';
1169

1170
    if (o->name == OPT_MORE_STR) {
1171
        /* Continuation of previous line; pad and print. */
1172
        start[width] = '\0';
1173
        opt_printf_stderr("%s  %s\n", start, help);
1174
        return;
1175
    }
1176

1177
    /* Build up the "-flag [param]" part. */
1178
    linelen = 0;
1179

1180
    printlen = opt_printf_stderr(" %s", !doingparams ? "-" : "");
1181
    linelen += (printlen > 0) ? printlen : MAX_OPT_HELP_WIDTH;
1182

1183
    printlen = opt_printf_stderr("%s", o->name[0] ? o->name : "*");
1184
    linelen += (printlen > 0) ? printlen : MAX_OPT_HELP_WIDTH;
1185

1186
    if (o->valtype != '-') {
1187
        printlen = opt_printf_stderr(" %s", valtype2param(o));
1188
        linelen += (printlen > 0) ? printlen : MAX_OPT_HELP_WIDTH;
1189
    }
1190

1191
    if (linelen >= MAX_OPT_HELP_WIDTH || linelen > width) {
1192
        opt_printf_stderr("%s", "\n");
1193
        memset(start, ' ', sizeof(start));
1194
        linelen = 0;
1195
    }
1196

1197
    width -= linelen;
1198

1199
    start[width] = '\0';
1200
    opt_printf_stderr("%s  %s\n", start, help);
1201
}
1202

1203
void opt_help(const OPTIONS *list)
1204
{
1205
    const OPTIONS *o;
1206
    int i, sawparams = 0, width = 5;
1207
    int standard_prolog;
1208

1209
    /* Starts with its own help message? */
1210
    standard_prolog = list[0].name != OPT_HELP_STR;
1211

1212
    /* Find the widest help. */
1213
    for (o = list; o->name; o++) {
1214
        if (o->name == OPT_MORE_STR)
1215
            continue;
1216

1217
        i = 2 + (int)strlen(o->name);
1218
        if (o->valtype != '-')
1219
            i += 1 + strlen(valtype2param(o));
1220

1221
        if (i > width)
1222
            width = i;
1223
    }
1224

1225
    if (width > MAX_OPT_HELP_WIDTH)
1226
        width = MAX_OPT_HELP_WIDTH;
1227

1228
    if (standard_prolog) {
1229
        opt_printf_stderr("Usage: %s [options]\n", prog);
1230
        if (list[0].name != OPT_SECTION_STR)
1231
            opt_printf_stderr("Valid options are:\n", prog);
1232
    }
1233

1234
    /* Now let's print. */
1235
    for (o = list; o->name; o++) {
1236
        if (o->name == OPT_PARAM_STR)
1237
            sawparams = 1;
1238
        opt_print(o, sawparams, width);
1239
    }
1240
}
1241

1242
/* opt_isdir section */
1243
#ifdef _WIN32
1244
#include <windows.h>
1245
int opt_isdir(const char *name)
1246
{
1247
    DWORD attr;
1248
#if defined(UNICODE) || defined(_UNICODE)
1249
    size_t i, len_0 = strlen(name) + 1;
1250
    WCHAR tempname[MAX_PATH];
1251

1252
    if (len_0 > MAX_PATH)
1253
        return -1;
1254

1255
#if !defined(_WIN32_WCE) || _WIN32_WCE >= 101
1256
    if (!MultiByteToWideChar(CP_ACP, 0, name, len_0, tempname, MAX_PATH))
1257
#endif
1258
        for (i = 0; i < len_0; i++)
1259
            tempname[i] = (WCHAR)name[i];
1260

1261
    attr = GetFileAttributes(tempname);
1262
#else
1263
    attr = GetFileAttributes(name);
1264
#endif
1265
    if (attr == INVALID_FILE_ATTRIBUTES)
1266
        return -1;
1267
    return ((attr & FILE_ATTRIBUTE_DIRECTORY) != 0);
1268
}
1269
#else
1270
#include <sys/stat.h>
1271
#ifndef S_ISDIR
1272
#if defined(_S_IFMT) && defined(_S_IFDIR)
1273
#define S_ISDIR(a) (((a) & _S_IFMT) == _S_IFDIR)
1274
#else
1275
#define S_ISDIR(a) (((a) & S_IFMT) == S_IFDIR)
1276
#endif
1277
#endif
1278

1279
int opt_isdir(const char *name)
1280
{
1281
#if defined(S_ISDIR)
1282
    struct stat st;
1283

1284
    if (stat(name, &st) == 0)
1285
        return S_ISDIR(st.st_mode);
1286
    else
1287
        return -1;
1288
#else
1289
    return -1;
1290
#endif
1291
}
1292
#endif
1293

1294
Product

Resources

Company
