Add a way for the application to get OpenSSL configuration data

OpenSSL_version(OPENSSL_DIR) gives you a nicely formatted string for
display, but if all you really want is the directory itself, you were
forced to parsed the string.

This introduces a new function to get diverse configuration data from
the library, OPENSSL_info().  This works the same way as
OpenSSL_version(), but has its own series of types, currently
including:

OPENSSL_INFO_CONFIG_DIR         returns OPENSSLDIR
OPENSSL_INFO_ENGINES_DIR        returns ENGINESDIR
OPENSSL_INFO_MODULES_DIR        returns MODULESDIR
OPENSSL_INFO_DSO_EXTENSION      returns DSO_EXTENSION

OPENSSL_INFO_DIR_FILENAME_SEPARATOR     returns directory/filename separator
OPENSSL_INFO_LIST_SEPARATOR             returns list separator

For scripting purposes, this also adds the command 'openssl info'.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8709)
This commit is contained in:
Richard Levitte 2019-04-09 14:39:54 +02:00
parent 47ca833835
commit 0109e030db
12 changed files with 296 additions and 4 deletions

View file

@ -9,6 +9,11 @@
Changes between 1.1.1 and 3.0.0 [xx XXX xxxx]
*) Added OPENSSL_info() to get diverse built-in OpenSSL data, such
as default directories. Also added the command 'openssl info'
for scripting purposes.
[Richard Levitte]
*) The functions AES_ige_encrypt() and AES_bi_ige_encrypt() have been
deprecated. These undocumented functions were never integrated into the EVP
layer and implement the AES Infinite Garble Extension (IGE) mode and AES

1
NEWS
View file

@ -7,6 +7,7 @@
Major changes between OpenSSL 1.1.1 and OpenSSL 3.0.0 [under development]
o Add OPENSSL_info() and 'openssl info' to get built-in data.
o Add support for enabling instrumentation through trace and debug
output.
o Changed our version number scheme and set the next major release to

View file

@ -5,7 +5,8 @@
genpkey.c genrsa.c mac.c nseq.c ocsp.c passwd.c pkcs12.c pkcs7.c
pkcs8.c pkey.c pkeyparam.c pkeyutl.c prime.c rand.c req.c rsa.c
rsautl.c s_client.c s_server.c s_time.c sess_id.c smime.c speed.c
spkac.c srp.c ts.c verify.c version.c x509.c rehash.c storeutl.c);
spkac.c srp.c ts.c verify.c version.c x509.c rehash.c storeutl.c
info.c);
our @apps_lib_src =
( qw(apps.c apps_ui.c opt.c fmt.c s_cb.c s_socket.c app_rand.c
bf_prefix.c),

97
apps/info.c Normal file
View file

@ -0,0 +1,97 @@
/*
* Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <openssl/crypto.h>
#include "apps.h"
#include "progs.h"
typedef enum OPTION_choice {
OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
OPT_CONFIGDIR, OPT_ENGINESDIR, OPT_MODULESDIR, OPT_DSOEXT, OPT_DIRNAMESEP,
OPT_LISTSEP
} OPTION_CHOICE;
const OPTIONS info_options[] = {
{"help", OPT_HELP, '-', "Display this summary"},
{"configdir", OPT_CONFIGDIR, '-', "Default configuration file directory"},
{"c", OPT_CONFIGDIR, '-', "Default configuration file directory"},
{"enginesdir", OPT_ENGINESDIR, '-', "Default engine module directory"},
{"e", OPT_ENGINESDIR, '-', "Default engine module directory"},
{"modulesdir", OPT_ENGINESDIR, '-',
"Default module directory (other than engine modules)"},
{"m", OPT_ENGINESDIR, '-',
"Default module directory (other than engine modules)"},
{"dsoext", OPT_DSOEXT, '-', "Configured extension for modules"},
{"dirnamesep", OPT_DIRNAMESEP, '-', "Directory-filename separator"},
{"listsep", OPT_LISTSEP, '-', "List separator character"},
{NULL}
};
int info_main(int argc, char **argv)
{
int ret = 1, dirty = 0, type = 0;
char *prog;
OPTION_CHOICE o;
prog = opt_init(argc, argv, info_options);
while ((o = opt_next()) != OPT_EOF) {
switch (o) {
case OPT_EOF:
case OPT_ERR:
opthelp:
BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
goto end;
case OPT_HELP:
opt_help(info_options);
ret = 0;
goto end;
case OPT_CONFIGDIR:
type = OPENSSL_INFO_CONFIG_DIR;
dirty++;
break;
case OPT_ENGINESDIR:
type = OPENSSL_INFO_ENGINES_DIR;
dirty++;
break;
case OPT_MODULESDIR:
type = OPENSSL_INFO_MODULES_DIR;
dirty++;
break;
case OPT_DSOEXT:
type = OPENSSL_INFO_DSO_EXTENSION;
dirty++;
break;
case OPT_DIRNAMESEP:
type = OPENSSL_INFO_DIR_FILENAME_SEPARATOR;
dirty++;
break;
case OPT_LISTSEP:
type = OPENSSL_INFO_LIST_SEPARATOR;
dirty++;
break;
}
}
if (opt_num_rest() != 0) {
BIO_printf(bio_err, "%s: Extra parameters given.\n", prog);
goto opthelp;
}
if (dirty > 1) {
BIO_printf(bio_err, "%s: Only one item allowed\n", prog);
goto opthelp;
}
if (dirty == 0) {
BIO_printf(bio_err, "%s: No items chosen\n", prog);
goto opthelp;
}
BIO_printf(bio_out, "%s\n", OPENSSL_info(type));
ret = 0;
end:
return ret;
}

View file

@ -51,6 +51,9 @@ print <<"EOF";
* https://www.openssl.org/source/license.html
*/
#include <openssl/lhash.h>
#include "opt.h"
typedef enum FUNC_TYPE {
FT_none, FT_general, FT_md, FT_cipher, FT_pkey,
FT_md_alg, FT_cipher_alg

View file

@ -14,7 +14,7 @@ SOURCE[../libcrypto]=provider_core.c provider_predefined.c provider_conf.c \
# Central utilities
SOURCE[../libcrypto]=\
cryptlib.c mem.c mem_dbg.c cversion.c ex_data.c cpt_err.c \
cryptlib.c mem.c mem_dbg.c cversion.c info.c ex_data.c cpt_err.c \
ebcdic.c uid.c o_time.c o_str.c o_dir.c o_fopen.c ctype.c \
threads_pthread.c threads_win.c threads_none.c getenv.c \
o_init.c o_fips.c mem_sec.c init.c context.c sparse_array.c \

44
crypto/info.c Normal file
View file

@ -0,0 +1,44 @@
/*
* Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <stddef.h>
#include <openssl/crypto.h>
#include "internal/dso_conf.h"
#include "e_os.h"
const char *OPENSSL_info(int t)
{
switch (t) {
case OPENSSL_INFO_CONFIG_DIR:
return OPENSSLDIR;
case OPENSSL_INFO_ENGINES_DIR:
return ENGINESDIR;
case OPENSSL_INFO_MODULES_DIR:
return MODULESDIR;
case OPENSSL_INFO_DSO_EXTENSION:
return DSO_EXTENSION;
case OPENSSL_INFO_DIR_FILENAME_SEPARATOR:
#if defined(_WIN32)
return "\\";
#elif defined(__VMS)
return "";
#else /* Assume POSIX */
return "/";
#endif
case OPENSSL_INFO_LIST_SEPARATOR:
{
static const char list_sep[] = { LIST_SEPARATOR_CHAR, '\0' };
return list_sep;
}
default:
break;
}
/* Not an error */
return NULL;
}

81
doc/man1/info.pod Normal file
View file

@ -0,0 +1,81 @@
=pod
=head1 NAME
openssl-info,
info - print OpenSSL built-in information
=head1 SYNOPSIS
B<openssl info>
[B<-help>]
[B<-configdir> | B<-c>]
[B<-enginesdir> | B<-e>]
[B<-modulesdir> | B<-m>]
[B<-dsoext>]
[B<-dirfilesep>]
[B<-listsep]>
=head1 DESCRIPTION
This command is used to print out information about OpenSSL.
The information is written exactly as it is with no extra text, which
makes useful for scripts.
As a consequence, only one item may be chosen for each run of this
command.
=head1 OPTIONS
=over 4
=item B<-help>
Print out a usage message.
=item B<-configdir>, B<-c>
Outputs the default directory for OpenSSL configuration files.
=item B<-enginesdir>, B<-e>
Outputs the default directory for OpenSSL engine modules.
=item B<-modulesdir>, B<-m>
Outputs the default directory for OpenSSL dynamically loadable modules
other than engine modules.
=item B<-dsoext>
Outputs the DSO extension OpenSSL uses.
=item B<-dirnamesep>
Outputs the separator character between a directory specification and
a file name.
Note that on some operating systems, this is not the same as the
separator between directory elements.
=item B<-listsep>
Outputs the OpenSSL list separator character.
This is typically used to construct C<$PATH> (C<%PATH%> on Windows)
style lists.
=back
=head1 HISTORY
The B<openssl info> command was added in OpenSSL 3.0.
=head1 COPYRIGHT
Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.
=cut

View file

@ -167,6 +167,10 @@ Generation of Private Key or Parameters.
Generation of RSA Private Key. Superseded by L<genpkey(1)>.
=item B<info>
Display diverse information built into the OpenSSL libraries.
=item B<mac>
Message Authentication Code Calculation.

View file

@ -8,8 +8,8 @@ OPENSSL_VERSION_PRE_RELEASE_STR, OPENSSL_VERSION_BUILD_METADATA_STR,
OPENSSL_VERSION_TEXT,
OPENSSL_version_major, OPENSSL_version_minor, OPENSSL_version_patch,
OPENSSL_version_pre_release, OPENSSL_version_build_metadata, OpenSSL_version,
OPENSSL_VERSION_NUMBER, OpenSSL_version_num
- get OpenSSL version number
OPENSSL_VERSION_NUMBER, OpenSSL_version_num, OPENSSL_info
- get OpenSSL version number and other information
=head1 SYNOPSIS
@ -37,6 +37,8 @@ OPENSSL_VERSION_NUMBER, OpenSSL_version_num
const char *OpenSSL_version(int t);
const char *OPENSSL_info(int t);
Deprecated:
/* from openssl/opensslv.h */
@ -127,6 +129,47 @@ if available or "ENGINESDIR: N/A" otherwise.
For an unknown B<t>, the text "not available" is returned.
OPENSSL_info() also returns different strings depending on B<t>:
=over 4
=item OPENSSL_INFO_CONFIG_DIR
The configured C<OPENSSLDIR>, which is the default location for
OpenSSL configuration files.
=item OPENSSL_INFO_ENGINES_DIR
The configured C<ENGINESDIR>, which is the default location for
OpenSSL engines.
=item OPENSSL_INFO_MODULES_DIR
The configured C<MODULESDIR>, which is the default location for
dynamically loadable OpenSSL modules other than engines.
=item OPENSSL_INFO_DSO_EXTENSION
The configured dynamically loadable module extension.
=item OPENSSL_INFO_DIR_FILENAME_SEPARATOR
The separator between a directory specification and a file name.
Note that on some operating systems, this is not the same as the
separator between directory elements.
=item OPENSSL_INFO_LIST_SEPARATOR
The OpenSSL list separator.
This is typically used in strings that are lists of items, such as the
value of the environment variable C<$PATH> on Unix (where the
separator is ":") or C<%PATH%> on Windows (where the separator is
";").
=back
For an unknown B<t>, NULL is returned.
=head1 BACKWARD COMPATIBILITY
For compatibility, some older macros and functions are retained or

View file

@ -165,6 +165,18 @@ const char *OpenSSL_version(int type);
# define OPENSSL_FULL_VERSION_STRING 7
# define OPENSSL_MODULES_DIR 8
const char *OPENSSL_info(int type);
/*
* The series starts at 1001 to avoid confusion with the OpenSSL_version
* types.
*/
# define OPENSSL_INFO_CONFIG_DIR 1001
# define OPENSSL_INFO_ENGINES_DIR 1002
# define OPENSSL_INFO_MODULES_DIR 1003
# define OPENSSL_INFO_DSO_EXTENSION 1004
# define OPENSSL_INFO_DIR_FILENAME_SEPARATOR 1005
# define OPENSSL_INFO_LIST_SEPARATOR 1006
int OPENSSL_issetugid(void);
typedef void CRYPTO_EX_new (void *parent, void *ptr, CRYPTO_EX_DATA *ad,

View file

@ -4799,3 +4799,4 @@ EC_GROUP_check_named_curve 4746 3_0_0 EXIST::FUNCTION:EC
EVP_CIPHER_upref 4747 3_0_0 EXIST::FUNCTION:
EVP_CIPHER_fetch 4748 3_0_0 EXIST::FUNCTION:
EVP_CIPHER_mode 4749 3_0_0 EXIST::FUNCTION:
OPENSSL_info 4750 3_0_0 EXIST::FUNCTION: