ssl_util.c revision 184f5da95d14895f7f33c90b8b8f70653afb0d92
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz** _ __ ___ ___ __| | ___ ___| | mod_ssl
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz** | '_ ` _ \ / _ \ / _` | / __/ __| | Apache Interface to OpenSSL
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz** | | | | | | (_) | (_| | \__ \__ \ | www.modssl.org
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz** |_| |_| |_|\___/ \__,_|___|___/___/_| ftp.modssl.org
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz** Utility Functions
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz/* ====================================================================
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz * The Apache Software License, Version 1.1
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz * Copyright (c) 2000-2001 The Apache Software Foundation. All rights
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz * Redistribution and use in source and binary forms, with or without
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz * modification, are permitted provided that the following conditions
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz * 1. Redistributions of source code must retain the above copyright
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz * notice, this list of conditions and the following disclaimer.
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz * 2. Redistributions in binary form must reproduce the above copyright
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz * notice, this list of conditions and the following disclaimer in
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz * the documentation and/or other materials provided with the
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz * distribution.
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz * 3. The end-user documentation included with the redistribution,
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz * if any, must include the following acknowledgment:
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz * "This product includes software developed by the
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz * Apache Software Foundation (http://www.apache.org/)."
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz * Alternately, this acknowledgment may appear in the software itself,
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz * if and wherever such third-party acknowledgments normally appear.
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz * 4. The names "Apache" and "Apache Software Foundation" must
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz * not be used to endorse or promote products derived from this
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz * software without prior written permission. For written
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz * permission, please contact apache@apache.org.
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz * 5. Products derived from this software may not be called "Apache",
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz * nor may "Apache" appear in their name, without prior written
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz * permission of the Apache Software Foundation.
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz * SUCH DAMAGE.
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz * ====================================================================
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz /* ``Every day of my life
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz I am forced to add another
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz name to the list of people
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz who piss me off!''
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz/* _________________________________________________________________
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz** Utility Functions
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz** _________________________________________________________________
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulzchar *ssl_util_vhostid(apr_pool_t *p, server_rec *s)
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz unsigned int port;
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz for (; *s; ++s)
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulzstatic const char ssl_util_uuencode_six2pr[64+1] =
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulzvoid ssl_util_uuencode(char *szTo, const char *szFrom, BOOL bPad)
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz ssl_util_uuencode_binary((unsigned char *)szTo,
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz (const unsigned char *)szFrom,
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz unsigned char *szTo, const unsigned char *szFrom, int nLength, BOOL bPad)
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz const unsigned char *s;
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz *szTo++ = ssl_util_uuencode_six2pr[s[0] >> 2];
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz *szTo++ = ssl_util_uuencode_six2pr[(s[0] << 4 | s[1] >> 4) & 0x3f];
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz *szTo++ = ssl_util_uuencode_six2pr[(s[1] << 2 | s[2] >> 6) & 0x3f];
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz *szTo++ = ssl_util_uuencode_six2pr[s[2] & 0x3f];
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulzapr_file_t *ssl_util_ppopen(server_rec *s, apr_pool_t *p, char *cmd)
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz if (apr_procattr_create(&procattr, p) != APR_SUCCESS)
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz if (apr_procattr_io_set(procattr, APR_FULL_BLOCK, APR_FULL_BLOCK,
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz ap_make_dirstr_parent(p, cmd)) != APR_SUCCESS)
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz if (apr_procattr_cmdtype_set(procattr, APR_PROGRAM) != APR_SUCCESS)
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz if ((proc = (apr_proc_t *)apr_pcalloc(p, sizeof(apr_proc_t))) == NULL)
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz if (apr_proc_create(proc, cmd, NULL, NULL, procattr, p) != APR_SUCCESS)
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulzvoid ssl_util_ppclose(server_rec *s, apr_pool_t *p, apr_file_t *fp)
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz * Run a filter program and read the first line of its stdout output
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulzchar *ssl_util_readfilter(server_rec *s, apr_pool_t *p, char *cmd)
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz if ((fp = ssl_util_ppopen(s, p, cmd)) == NULL)
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz for (k = 0; apr_file_read(fp, &c, &nbytes) == APR_SUCCESS
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz && nbytes == 1 && (k < MAX_STRING_LEN-1) ; ) {
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst SchulzBOOL ssl_util_path_check(ssl_pathcheck_t pcm, char *path, apr_pool_t *p)
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz if (pcm & SSL_PCM_EXISTS && apr_stat(&finfo, path,
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz if (pcm & SSL_PCM_ISREG && finfo.filetype != APR_REG)
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz if (pcm & SSL_PCM_ISDIR && finfo.filetype != APR_DIR)
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz if (pcm & SSL_PCM_ISNONZERO && finfo.size <= 0)
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulzssl_algo_t ssl_util_algotypeof(X509 *pCert, EVP_PKEY *pKey)
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz apr_pool_t *p, const char *cpLine, const char *cpMatch, char *cpSubst)
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz * Pass 1: find substitution locations and calculate sizes
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz for (cpI = (char *)cpLine, i = 0, nResult = 0;
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz * Pass 2: allocate memory and assemble result
f474203c4cef7d85cb078f15ce5c2cea71e9a030Ewaryst Schulz for (cpI = (char *)cpLine, cpO = cpResult, i = 0; cppMatch[i] != NULL; i++) {