Add a way for the application to get OpenSSL configuration data
OpenSSL_version(OPENSSL_DIR) gives you a nicely formatted string for display, but if all you really want is the directory itself, you were forced to parsed the string. This introduces a new function to get diverse configuration data from the library, OPENSSL_info(). This works the same way as OpenSSL_version(), but has its own series of types, currently including: OPENSSL_INFO_CONFIG_DIR returns OPENSSLDIR OPENSSL_INFO_ENGINES_DIR returns ENGINESDIR OPENSSL_INFO_MODULES_DIR returns MODULESDIR OPENSSL_INFO_DSO_EXTENSION returns DSO_EXTENSION OPENSSL_INFO_DIR_FILENAME_SEPARATOR returns directory/filename separator OPENSSL_INFO_LIST_SEPARATOR returns list separator For scripting purposes, this also adds the command 'openssl info'. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8709)
This commit is contained in:
parent
47ca833835
commit
0109e030db
12 changed files with 296 additions and 4 deletions
5
CHANGES
5
CHANGES
|
@ -9,6 +9,11 @@
|
|||
|
||||
Changes between 1.1.1 and 3.0.0 [xx XXX xxxx]
|
||||
|
||||
*) Added OPENSSL_info() to get diverse built-in OpenSSL data, such
|
||||
as default directories. Also added the command 'openssl info'
|
||||
for scripting purposes.
|
||||
[Richard Levitte]
|
||||
|
||||
*) The functions AES_ige_encrypt() and AES_bi_ige_encrypt() have been
|
||||
deprecated. These undocumented functions were never integrated into the EVP
|
||||
layer and implement the AES Infinite Garble Extension (IGE) mode and AES
|
||||
|
|
1
NEWS
1
NEWS
|
@ -7,6 +7,7 @@
|
|||
|
||||
Major changes between OpenSSL 1.1.1 and OpenSSL 3.0.0 [under development]
|
||||
|
||||
o Add OPENSSL_info() and 'openssl info' to get built-in data.
|
||||
o Add support for enabling instrumentation through trace and debug
|
||||
output.
|
||||
o Changed our version number scheme and set the next major release to
|
||||
|
|
|
@ -5,7 +5,8 @@
|
|||
genpkey.c genrsa.c mac.c nseq.c ocsp.c passwd.c pkcs12.c pkcs7.c
|
||||
pkcs8.c pkey.c pkeyparam.c pkeyutl.c prime.c rand.c req.c rsa.c
|
||||
rsautl.c s_client.c s_server.c s_time.c sess_id.c smime.c speed.c
|
||||
spkac.c srp.c ts.c verify.c version.c x509.c rehash.c storeutl.c);
|
||||
spkac.c srp.c ts.c verify.c version.c x509.c rehash.c storeutl.c
|
||||
info.c);
|
||||
our @apps_lib_src =
|
||||
( qw(apps.c apps_ui.c opt.c fmt.c s_cb.c s_socket.c app_rand.c
|
||||
bf_prefix.c),
|
||||
|
|
97
apps/info.c
Normal file
97
apps/info.c
Normal file
|
@ -0,0 +1,97 @@
|
|||
/*
|
||||
* Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
* in the file LICENSE in the source distribution or at
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
#include <openssl/crypto.h>
|
||||
#include "apps.h"
|
||||
#include "progs.h"
|
||||
|
||||
typedef enum OPTION_choice {
|
||||
OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
|
||||
OPT_CONFIGDIR, OPT_ENGINESDIR, OPT_MODULESDIR, OPT_DSOEXT, OPT_DIRNAMESEP,
|
||||
OPT_LISTSEP
|
||||
} OPTION_CHOICE;
|
||||
|
||||
const OPTIONS info_options[] = {
|
||||
{"help", OPT_HELP, '-', "Display this summary"},
|
||||
{"configdir", OPT_CONFIGDIR, '-', "Default configuration file directory"},
|
||||
{"c", OPT_CONFIGDIR, '-', "Default configuration file directory"},
|
||||
{"enginesdir", OPT_ENGINESDIR, '-', "Default engine module directory"},
|
||||
{"e", OPT_ENGINESDIR, '-', "Default engine module directory"},
|
||||
{"modulesdir", OPT_ENGINESDIR, '-',
|
||||
"Default module directory (other than engine modules)"},
|
||||
{"m", OPT_ENGINESDIR, '-',
|
||||
"Default module directory (other than engine modules)"},
|
||||
{"dsoext", OPT_DSOEXT, '-', "Configured extension for modules"},
|
||||
{"dirnamesep", OPT_DIRNAMESEP, '-', "Directory-filename separator"},
|
||||
{"listsep", OPT_LISTSEP, '-', "List separator character"},
|
||||
{NULL}
|
||||
};
|
||||
|
||||
int info_main(int argc, char **argv)
|
||||
{
|
||||
int ret = 1, dirty = 0, type = 0;
|
||||
char *prog;
|
||||
OPTION_CHOICE o;
|
||||
|
||||
prog = opt_init(argc, argv, info_options);
|
||||
while ((o = opt_next()) != OPT_EOF) {
|
||||
switch (o) {
|
||||
case OPT_EOF:
|
||||
case OPT_ERR:
|
||||
opthelp:
|
||||
BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
|
||||
goto end;
|
||||
case OPT_HELP:
|
||||
opt_help(info_options);
|
||||
ret = 0;
|
||||
goto end;
|
||||
case OPT_CONFIGDIR:
|
||||
type = OPENSSL_INFO_CONFIG_DIR;
|
||||
dirty++;
|
||||
break;
|
||||
case OPT_ENGINESDIR:
|
||||
type = OPENSSL_INFO_ENGINES_DIR;
|
||||
dirty++;
|
||||
break;
|
||||
case OPT_MODULESDIR:
|
||||
type = OPENSSL_INFO_MODULES_DIR;
|
||||
dirty++;
|
||||
break;
|
||||
case OPT_DSOEXT:
|
||||
type = OPENSSL_INFO_DSO_EXTENSION;
|
||||
dirty++;
|
||||
break;
|
||||
case OPT_DIRNAMESEP:
|
||||
type = OPENSSL_INFO_DIR_FILENAME_SEPARATOR;
|
||||
dirty++;
|
||||
break;
|
||||
case OPT_LISTSEP:
|
||||
type = OPENSSL_INFO_LIST_SEPARATOR;
|
||||
dirty++;
|
||||
break;
|
||||
}
|
||||
}
|
||||
if (opt_num_rest() != 0) {
|
||||
BIO_printf(bio_err, "%s: Extra parameters given.\n", prog);
|
||||
goto opthelp;
|
||||
}
|
||||
if (dirty > 1) {
|
||||
BIO_printf(bio_err, "%s: Only one item allowed\n", prog);
|
||||
goto opthelp;
|
||||
}
|
||||
if (dirty == 0) {
|
||||
BIO_printf(bio_err, "%s: No items chosen\n", prog);
|
||||
goto opthelp;
|
||||
}
|
||||
|
||||
BIO_printf(bio_out, "%s\n", OPENSSL_info(type));
|
||||
ret = 0;
|
||||
end:
|
||||
return ret;
|
||||
}
|
|
@ -51,6 +51,9 @@ print <<"EOF";
|
|||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
#include <openssl/lhash.h>
|
||||
#include "opt.h"
|
||||
|
||||
typedef enum FUNC_TYPE {
|
||||
FT_none, FT_general, FT_md, FT_cipher, FT_pkey,
|
||||
FT_md_alg, FT_cipher_alg
|
||||
|
|
|
@ -14,7 +14,7 @@ SOURCE[../libcrypto]=provider_core.c provider_predefined.c provider_conf.c \
|
|||
|
||||
# Central utilities
|
||||
SOURCE[../libcrypto]=\
|
||||
cryptlib.c mem.c mem_dbg.c cversion.c ex_data.c cpt_err.c \
|
||||
cryptlib.c mem.c mem_dbg.c cversion.c info.c ex_data.c cpt_err.c \
|
||||
ebcdic.c uid.c o_time.c o_str.c o_dir.c o_fopen.c ctype.c \
|
||||
threads_pthread.c threads_win.c threads_none.c getenv.c \
|
||||
o_init.c o_fips.c mem_sec.c init.c context.c sparse_array.c \
|
||||
|
|
44
crypto/info.c
Normal file
44
crypto/info.c
Normal file
|
@ -0,0 +1,44 @@
|
|||
/*
|
||||
* Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||
* this file except in compliance with the License. You can obtain a copy
|
||||
* in the file LICENSE in the source distribution or at
|
||||
* https://www.openssl.org/source/license.html
|
||||
*/
|
||||
|
||||
#include <stddef.h>
|
||||
#include <openssl/crypto.h>
|
||||
#include "internal/dso_conf.h"
|
||||
#include "e_os.h"
|
||||
|
||||
const char *OPENSSL_info(int t)
|
||||
{
|
||||
switch (t) {
|
||||
case OPENSSL_INFO_CONFIG_DIR:
|
||||
return OPENSSLDIR;
|
||||
case OPENSSL_INFO_ENGINES_DIR:
|
||||
return ENGINESDIR;
|
||||
case OPENSSL_INFO_MODULES_DIR:
|
||||
return MODULESDIR;
|
||||
case OPENSSL_INFO_DSO_EXTENSION:
|
||||
return DSO_EXTENSION;
|
||||
case OPENSSL_INFO_DIR_FILENAME_SEPARATOR:
|
||||
#if defined(_WIN32)
|
||||
return "\\";
|
||||
#elif defined(__VMS)
|
||||
return "";
|
||||
#else /* Assume POSIX */
|
||||
return "/";
|
||||
#endif
|
||||
case OPENSSL_INFO_LIST_SEPARATOR:
|
||||
{
|
||||
static const char list_sep[] = { LIST_SEPARATOR_CHAR, '\0' };
|
||||
return list_sep;
|
||||
}
|
||||
default:
|
||||
break;
|
||||
}
|
||||
/* Not an error */
|
||||
return NULL;
|
||||
}
|
81
doc/man1/info.pod
Normal file
81
doc/man1/info.pod
Normal file
|
@ -0,0 +1,81 @@
|
|||
=pod
|
||||
|
||||
=head1 NAME
|
||||
|
||||
openssl-info,
|
||||
info - print OpenSSL built-in information
|
||||
|
||||
=head1 SYNOPSIS
|
||||
|
||||
B<openssl info>
|
||||
[B<-help>]
|
||||
[B<-configdir> | B<-c>]
|
||||
[B<-enginesdir> | B<-e>]
|
||||
[B<-modulesdir> | B<-m>]
|
||||
[B<-dsoext>]
|
||||
[B<-dirfilesep>]
|
||||
[B<-listsep]>
|
||||
|
||||
=head1 DESCRIPTION
|
||||
|
||||
This command is used to print out information about OpenSSL.
|
||||
The information is written exactly as it is with no extra text, which
|
||||
makes useful for scripts.
|
||||
|
||||
As a consequence, only one item may be chosen for each run of this
|
||||
command.
|
||||
|
||||
=head1 OPTIONS
|
||||
|
||||
=over 4
|
||||
|
||||
=item B<-help>
|
||||
|
||||
Print out a usage message.
|
||||
|
||||
=item B<-configdir>, B<-c>
|
||||
|
||||
Outputs the default directory for OpenSSL configuration files.
|
||||
|
||||
=item B<-enginesdir>, B<-e>
|
||||
|
||||
Outputs the default directory for OpenSSL engine modules.
|
||||
|
||||
=item B<-modulesdir>, B<-m>
|
||||
|
||||
Outputs the default directory for OpenSSL dynamically loadable modules
|
||||
other than engine modules.
|
||||
|
||||
=item B<-dsoext>
|
||||
|
||||
Outputs the DSO extension OpenSSL uses.
|
||||
|
||||
=item B<-dirnamesep>
|
||||
|
||||
Outputs the separator character between a directory specification and
|
||||
a file name.
|
||||
Note that on some operating systems, this is not the same as the
|
||||
separator between directory elements.
|
||||
|
||||
=item B<-listsep>
|
||||
|
||||
Outputs the OpenSSL list separator character.
|
||||
This is typically used to construct C<$PATH> (C<%PATH%> on Windows)
|
||||
style lists.
|
||||
|
||||
=back
|
||||
|
||||
=head1 HISTORY
|
||||
|
||||
The B<openssl info> command was added in OpenSSL 3.0.
|
||||
|
||||
=head1 COPYRIGHT
|
||||
|
||||
Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
|
||||
|
||||
Licensed under the Apache License 2.0 (the "License"). You may not use
|
||||
this file except in compliance with the License. You can obtain a copy
|
||||
in the file LICENSE in the source distribution or at
|
||||
L<https://www.openssl.org/source/license.html>.
|
||||
|
||||
=cut
|
|
@ -167,6 +167,10 @@ Generation of Private Key or Parameters.
|
|||
|
||||
Generation of RSA Private Key. Superseded by L<genpkey(1)>.
|
||||
|
||||
=item B<info>
|
||||
|
||||
Display diverse information built into the OpenSSL libraries.
|
||||
|
||||
=item B<mac>
|
||||
|
||||
Message Authentication Code Calculation.
|
||||
|
|
|
@ -8,8 +8,8 @@ OPENSSL_VERSION_PRE_RELEASE_STR, OPENSSL_VERSION_BUILD_METADATA_STR,
|
|||
OPENSSL_VERSION_TEXT,
|
||||
OPENSSL_version_major, OPENSSL_version_minor, OPENSSL_version_patch,
|
||||
OPENSSL_version_pre_release, OPENSSL_version_build_metadata, OpenSSL_version,
|
||||
OPENSSL_VERSION_NUMBER, OpenSSL_version_num
|
||||
- get OpenSSL version number
|
||||
OPENSSL_VERSION_NUMBER, OpenSSL_version_num, OPENSSL_info
|
||||
- get OpenSSL version number and other information
|
||||
|
||||
=head1 SYNOPSIS
|
||||
|
||||
|
@ -37,6 +37,8 @@ OPENSSL_VERSION_NUMBER, OpenSSL_version_num
|
|||
|
||||
const char *OpenSSL_version(int t);
|
||||
|
||||
const char *OPENSSL_info(int t);
|
||||
|
||||
Deprecated:
|
||||
|
||||
/* from openssl/opensslv.h */
|
||||
|
@ -127,6 +129,47 @@ if available or "ENGINESDIR: N/A" otherwise.
|
|||
|
||||
For an unknown B<t>, the text "not available" is returned.
|
||||
|
||||
OPENSSL_info() also returns different strings depending on B<t>:
|
||||
|
||||
=over 4
|
||||
|
||||
=item OPENSSL_INFO_CONFIG_DIR
|
||||
|
||||
The configured C<OPENSSLDIR>, which is the default location for
|
||||
OpenSSL configuration files.
|
||||
|
||||
=item OPENSSL_INFO_ENGINES_DIR
|
||||
|
||||
The configured C<ENGINESDIR>, which is the default location for
|
||||
OpenSSL engines.
|
||||
|
||||
=item OPENSSL_INFO_MODULES_DIR
|
||||
|
||||
The configured C<MODULESDIR>, which is the default location for
|
||||
dynamically loadable OpenSSL modules other than engines.
|
||||
|
||||
=item OPENSSL_INFO_DSO_EXTENSION
|
||||
|
||||
The configured dynamically loadable module extension.
|
||||
|
||||
=item OPENSSL_INFO_DIR_FILENAME_SEPARATOR
|
||||
|
||||
The separator between a directory specification and a file name.
|
||||
Note that on some operating systems, this is not the same as the
|
||||
separator between directory elements.
|
||||
|
||||
=item OPENSSL_INFO_LIST_SEPARATOR
|
||||
|
||||
The OpenSSL list separator.
|
||||
This is typically used in strings that are lists of items, such as the
|
||||
value of the environment variable C<$PATH> on Unix (where the
|
||||
separator is ":") or C<%PATH%> on Windows (where the separator is
|
||||
";").
|
||||
|
||||
=back
|
||||
|
||||
For an unknown B<t>, NULL is returned.
|
||||
|
||||
=head1 BACKWARD COMPATIBILITY
|
||||
|
||||
For compatibility, some older macros and functions are retained or
|
||||
|
|
|
@ -165,6 +165,18 @@ const char *OpenSSL_version(int type);
|
|||
# define OPENSSL_FULL_VERSION_STRING 7
|
||||
# define OPENSSL_MODULES_DIR 8
|
||||
|
||||
const char *OPENSSL_info(int type);
|
||||
/*
|
||||
* The series starts at 1001 to avoid confusion with the OpenSSL_version
|
||||
* types.
|
||||
*/
|
||||
# define OPENSSL_INFO_CONFIG_DIR 1001
|
||||
# define OPENSSL_INFO_ENGINES_DIR 1002
|
||||
# define OPENSSL_INFO_MODULES_DIR 1003
|
||||
# define OPENSSL_INFO_DSO_EXTENSION 1004
|
||||
# define OPENSSL_INFO_DIR_FILENAME_SEPARATOR 1005
|
||||
# define OPENSSL_INFO_LIST_SEPARATOR 1006
|
||||
|
||||
int OPENSSL_issetugid(void);
|
||||
|
||||
typedef void CRYPTO_EX_new (void *parent, void *ptr, CRYPTO_EX_DATA *ad,
|
||||
|
|
|
@ -4799,3 +4799,4 @@ EC_GROUP_check_named_curve 4746 3_0_0 EXIST::FUNCTION:EC
|
|||
EVP_CIPHER_upref 4747 3_0_0 EXIST::FUNCTION:
|
||||
EVP_CIPHER_fetch 4748 3_0_0 EXIST::FUNCTION:
|
||||
EVP_CIPHER_mode 4749 3_0_0 EXIST::FUNCTION:
|
||||
OPENSSL_info 4750 3_0_0 EXIST::FUNCTION:
|
||||
|
|
Loading…
Reference in a new issue