1 /* 2 * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the Apache License 2.0 (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10 #include "internal/e_os.h" 11 12 #include <stdio.h> 13 #include <stdlib.h> 14 #include "internal/common.h" 15 #include <openssl/bio.h> 16 #include <openssl/crypto.h> 17 #include <openssl/trace.h> 18 #include <openssl/lhash.h> 19 #include <openssl/conf.h> 20 #include <openssl/x509.h> 21 #include <openssl/pem.h> 22 #include <openssl/ssl.h> 23 #ifndef OPENSSL_NO_ENGINE 24 # include <openssl/engine.h> 25 #endif 26 #include <openssl/err.h> 27 /* Needed to get the other O_xxx flags. */ 28 #ifdef OPENSSL_SYS_VMS 29 # include <unixio.h> 30 #endif 31 #include "apps.h" 32 #include "progs.h" 33 34 /* 35 * The LHASH callbacks ("hash" & "cmp") have been replaced by functions with 36 * the base prototypes (we cast each variable inside the function to the 37 * required type of "FUNCTION*"). This removes the necessity for 38 * macro-generated wrapper functions. 39 */ 40 static LHASH_OF(FUNCTION) *prog_init(void); 41 static int do_cmd(LHASH_OF(FUNCTION) *prog, int argc, char *argv[]); 42 char *default_config_file = NULL; 43 44 BIO *bio_in = NULL; 45 BIO *bio_out = NULL; 46 BIO *bio_err = NULL; 47 48 static void warn_deprecated(const FUNCTION *fp) 49 { 50 if (fp->deprecated_version != NULL) 51 BIO_printf(bio_err, "The command %s was deprecated in version %s.", 52 fp->name, fp->deprecated_version); 53 else 54 BIO_printf(bio_err, "The command %s is deprecated.", fp->name); 55 if (strcmp(fp->deprecated_alternative, DEPRECATED_NO_ALTERNATIVE) != 0) 56 BIO_printf(bio_err, " Use '%s' instead.", fp->deprecated_alternative); 57 BIO_printf(bio_err, "\n"); 58 } 59 60 static int apps_startup(void) 61 { 62 const char *use_libctx = NULL; 63 #ifdef SIGPIPE 64 signal(SIGPIPE, SIG_IGN); 65 #endif 66 67 /* Set non-default library initialisation settings */ 68 if (!OPENSSL_init_ssl(OPENSSL_INIT_ENGINE_ALL_BUILTIN 69 | OPENSSL_INIT_LOAD_CONFIG, NULL)) 70 return 0; 71 72 (void)setup_ui_method(); 73 (void)setup_engine_loader(); 74 75 /* 76 * NOTE: This is an undocumented feature required for testing only. 77 * There are no guarantees that it will exist in future builds. 78 */ 79 use_libctx = getenv("OPENSSL_TEST_LIBCTX"); 80 if (use_libctx != NULL) { 81 /* Set this to "1" to create a global libctx */ 82 if (strcmp(use_libctx, "1") == 0) { 83 if (app_create_libctx() == NULL) 84 return 0; 85 } 86 } 87 88 return 1; 89 } 90 91 static void apps_shutdown(void) 92 { 93 app_providers_cleanup(); 94 OSSL_LIB_CTX_free(app_get0_libctx()); 95 destroy_engine_loader(); 96 destroy_ui_method(); 97 } 98 99 100 #ifndef OPENSSL_NO_TRACE 101 typedef struct tracedata_st { 102 BIO *bio; 103 unsigned int ingroup:1; 104 } tracedata; 105 106 static size_t internal_trace_cb(const char *buf, size_t cnt, 107 int category, int cmd, void *vdata) 108 { 109 int ret = 0; 110 tracedata *trace_data = vdata; 111 char buffer[256], *hex; 112 CRYPTO_THREAD_ID tid; 113 114 switch (cmd) { 115 case OSSL_TRACE_CTRL_BEGIN: 116 if (trace_data->ingroup) { 117 BIO_printf(bio_err, "ERROR: tracing already started\n"); 118 return 0; 119 } 120 trace_data->ingroup = 1; 121 122 tid = CRYPTO_THREAD_get_current_id(); 123 hex = OPENSSL_buf2hexstr((const unsigned char *)&tid, sizeof(tid)); 124 BIO_snprintf(buffer, sizeof(buffer), "TRACE[%s]:%s: ", 125 hex == NULL ? "<null>" : hex, 126 OSSL_trace_get_category_name(category)); 127 OPENSSL_free(hex); 128 BIO_set_prefix(trace_data->bio, buffer); 129 break; 130 case OSSL_TRACE_CTRL_WRITE: 131 if (!trace_data->ingroup) { 132 BIO_printf(bio_err, "ERROR: writing when tracing not started\n"); 133 return 0; 134 } 135 136 ret = BIO_write(trace_data->bio, buf, cnt); 137 break; 138 case OSSL_TRACE_CTRL_END: 139 if (!trace_data->ingroup) { 140 BIO_printf(bio_err, "ERROR: finishing when tracing not started\n"); 141 return 0; 142 } 143 trace_data->ingroup = 0; 144 145 BIO_set_prefix(trace_data->bio, NULL); 146 147 break; 148 } 149 150 return ret < 0 ? 0 : ret; 151 } 152 153 DEFINE_STACK_OF(tracedata) 154 static STACK_OF(tracedata) *trace_data_stack; 155 156 static void tracedata_free(tracedata *data) 157 { 158 BIO_free_all(data->bio); 159 OPENSSL_free(data); 160 } 161 162 static void cleanup_trace(void) 163 { 164 sk_tracedata_pop_free(trace_data_stack, tracedata_free); 165 } 166 167 static void setup_trace_category(int category) 168 { 169 BIO *channel; 170 tracedata *trace_data; 171 BIO *bio = NULL; 172 173 if (OSSL_trace_enabled(category)) 174 return; 175 176 bio = BIO_new(BIO_f_prefix()); 177 channel = BIO_push(bio, dup_bio_err(FORMAT_TEXT)); 178 trace_data = OPENSSL_zalloc(sizeof(*trace_data)); 179 180 if (trace_data == NULL 181 || bio == NULL 182 || (trace_data->bio = channel) == NULL 183 || OSSL_trace_set_callback(category, internal_trace_cb, 184 trace_data) == 0 185 || sk_tracedata_push(trace_data_stack, trace_data) == 0) { 186 187 fprintf(stderr, 188 "warning: unable to setup trace callback for category '%s'.\n", 189 OSSL_trace_get_category_name(category)); 190 191 OSSL_trace_set_callback(category, NULL, NULL); 192 BIO_free_all(channel); 193 } 194 } 195 196 static void setup_trace(const char *str) 197 { 198 char *val; 199 200 /* 201 * We add this handler as early as possible to ensure it's executed 202 * as late as possible, i.e. after the TRACE code has done its cleanup 203 * (which happens last in OPENSSL_cleanup). 204 */ 205 atexit(cleanup_trace); 206 207 trace_data_stack = sk_tracedata_new_null(); 208 val = OPENSSL_strdup(str); 209 210 if (val != NULL) { 211 char *valp = val; 212 char *item; 213 214 for (valp = val; (item = strtok(valp, ",")) != NULL; valp = NULL) { 215 int category = OSSL_trace_get_category_num(item); 216 217 if (category == OSSL_TRACE_CATEGORY_ALL) { 218 while (++category < OSSL_TRACE_CATEGORY_NUM) 219 setup_trace_category(category); 220 break; 221 } else if (category > 0) { 222 setup_trace_category(category); 223 } else { 224 fprintf(stderr, 225 "warning: unknown trace category: '%s'.\n", item); 226 } 227 } 228 } 229 230 OPENSSL_free(val); 231 } 232 #endif /* OPENSSL_NO_TRACE */ 233 234 static char *help_argv[] = { "help", NULL }; 235 static char *version_argv[] = { "version", NULL }; 236 237 int main(int argc, char *argv[]) 238 { 239 FUNCTION f, *fp; 240 LHASH_OF(FUNCTION) *prog = NULL; 241 char *pname; 242 const char *fname; 243 ARGS arg; 244 int global_help = 0; 245 int global_version = 0; 246 int ret = 0; 247 248 arg.argv = NULL; 249 arg.size = 0; 250 251 /* Set up some of the environment. */ 252 bio_in = dup_bio_in(FORMAT_TEXT); 253 bio_out = dup_bio_out(FORMAT_TEXT); 254 bio_err = dup_bio_err(FORMAT_TEXT); 255 256 #if defined(OPENSSL_SYS_VMS) && defined(__DECC) 257 argv = copy_argv(&argc, argv); 258 #elif defined(_WIN32) 259 /* Replace argv[] with UTF-8 encoded strings. */ 260 win32_utf8argv(&argc, &argv); 261 #endif 262 263 #ifndef OPENSSL_NO_TRACE 264 setup_trace(getenv("OPENSSL_TRACE")); 265 #endif 266 267 if ((fname = "apps_startup", !apps_startup()) 268 || (fname = "prog_init", (prog = prog_init()) == NULL)) { 269 BIO_printf(bio_err, 270 "FATAL: Startup failure (dev note: %s()) for %s\n", 271 fname, argv[0]); 272 ERR_print_errors(bio_err); 273 ret = 1; 274 goto end; 275 } 276 pname = opt_progname(argv[0]); 277 278 default_config_file = CONF_get1_default_config_file(); 279 if (default_config_file == NULL) 280 app_bail_out("%s: could not get default config file\n", pname); 281 282 /* first check the program name */ 283 f.name = pname; 284 fp = lh_FUNCTION_retrieve(prog, &f); 285 if (fp == NULL) { 286 /* We assume we've been called as 'openssl ...' */ 287 global_help = argc > 1 288 && (strcmp(argv[1], "-help") == 0 || strcmp(argv[1], "--help") == 0 289 || strcmp(argv[1], "-h") == 0 || strcmp(argv[1], "--h") == 0); 290 global_version = argc > 1 291 && (strcmp(argv[1], "-version") == 0 || strcmp(argv[1], "--version") == 0 292 || strcmp(argv[1], "-v") == 0 || strcmp(argv[1], "--v") == 0); 293 294 argc--; 295 argv++; 296 opt_appname(argc == 1 || global_help ? "help" : global_version ? "version" : argv[0]); 297 } else { 298 argv[0] = pname; 299 } 300 301 /* 302 * If there's no command, assume "help". If there's an override for help 303 * or version run those, otherwise run the command given. 304 */ 305 ret = (argc == 0) || global_help 306 ? do_cmd(prog, 1, help_argv) 307 : global_version 308 ? do_cmd(prog, 1, version_argv) 309 : do_cmd(prog, argc, argv); 310 311 end: 312 OPENSSL_free(default_config_file); 313 lh_FUNCTION_free(prog); 314 OPENSSL_free(arg.argv); 315 if (!app_RAND_write()) 316 ret = EXIT_FAILURE; 317 318 BIO_free(bio_in); 319 BIO_free_all(bio_out); 320 apps_shutdown(); 321 BIO_free_all(bio_err); 322 EXIT(ret); 323 } 324 325 typedef enum HELP_CHOICE { 326 OPT_hERR = -1, OPT_hEOF = 0, OPT_hHELP 327 } HELP_CHOICE; 328 329 const OPTIONS help_options[] = { 330 {OPT_HELP_STR, 1, '-', "Usage: help [options] [command]\n"}, 331 332 OPT_SECTION("General"), 333 {"help", OPT_hHELP, '-', "Display this summary"}, 334 335 OPT_PARAMETERS(), 336 {"command", 0, 0, "Name of command to display help (optional)"}, 337 {NULL} 338 }; 339 340 int help_main(int argc, char **argv) 341 { 342 FUNCTION *fp; 343 int i, nl; 344 FUNC_TYPE tp; 345 char *prog; 346 HELP_CHOICE o; 347 DISPLAY_COLUMNS dc; 348 char *new_argv[3]; 349 350 prog = opt_init(argc, argv, help_options); 351 while ((o = opt_next()) != OPT_hEOF) { 352 switch (o) { 353 case OPT_hERR: 354 case OPT_hEOF: 355 BIO_printf(bio_err, "%s: Use -help for summary.\n", prog); 356 return 1; 357 case OPT_hHELP: 358 opt_help(help_options); 359 return 0; 360 } 361 } 362 363 /* One optional argument, the command to get help for. */ 364 if (opt_num_rest() == 1) { 365 new_argv[0] = opt_rest()[0]; 366 new_argv[1] = "--help"; 367 new_argv[2] = NULL; 368 return do_cmd(prog_init(), 2, new_argv); 369 } 370 if (!opt_check_rest_arg(NULL)) { 371 BIO_printf(bio_err, "Usage: %s\n", prog); 372 return 1; 373 } 374 375 calculate_columns(functions, &dc); 376 BIO_printf(bio_err, "%s:\n\nStandard commands", prog); 377 i = 0; 378 tp = FT_none; 379 for (fp = functions; fp->name != NULL; fp++) { 380 nl = 0; 381 if (i++ % dc.columns == 0) { 382 BIO_printf(bio_err, "\n"); 383 nl = 1; 384 } 385 if (fp->type != tp) { 386 tp = fp->type; 387 if (!nl) 388 BIO_printf(bio_err, "\n"); 389 if (tp == FT_md) { 390 i = 1; 391 BIO_printf(bio_err, 392 "\nMessage Digest commands (see the `dgst' command for more details)\n"); 393 } else if (tp == FT_cipher) { 394 i = 1; 395 BIO_printf(bio_err, 396 "\nCipher commands (see the `enc' command for more details)\n"); 397 } 398 } 399 BIO_printf(bio_err, "%-*s", dc.width, fp->name); 400 } 401 BIO_printf(bio_err, "\n\n"); 402 return 0; 403 } 404 405 static int do_cmd(LHASH_OF(FUNCTION) *prog, int argc, char *argv[]) 406 { 407 FUNCTION f, *fp; 408 409 if (argc <= 0 || argv[0] == NULL) 410 return 0; 411 memset(&f, 0, sizeof(f)); 412 f.name = argv[0]; 413 fp = lh_FUNCTION_retrieve(prog, &f); 414 if (fp == NULL) { 415 if (EVP_get_digestbyname(argv[0])) { 416 f.type = FT_md; 417 f.func = dgst_main; 418 fp = &f; 419 } else if (EVP_get_cipherbyname(argv[0])) { 420 f.type = FT_cipher; 421 f.func = enc_main; 422 fp = &f; 423 } 424 } 425 if (fp != NULL) { 426 if (fp->deprecated_alternative != NULL) 427 warn_deprecated(fp); 428 return fp->func(argc, argv); 429 } 430 f.name = argv[0]; 431 if (CHECK_AND_SKIP_PREFIX(f.name, "no-")) { 432 /* 433 * User is asking if foo is unsupported, by trying to "run" the 434 * no-foo command. Strange. 435 */ 436 if (lh_FUNCTION_retrieve(prog, &f) == NULL) { 437 BIO_printf(bio_out, "%s\n", argv[0]); 438 return 0; 439 } 440 BIO_printf(bio_out, "%s\n", argv[0] + 3); 441 return 1; 442 } 443 444 BIO_printf(bio_err, "Invalid command '%s'; type \"help\" for a list.\n", 445 argv[0]); 446 return 1; 447 } 448 449 static int function_cmp(const FUNCTION *a, const FUNCTION *b) 450 { 451 return strncmp(a->name, b->name, 8); 452 } 453 454 static unsigned long function_hash(const FUNCTION *a) 455 { 456 return OPENSSL_LH_strhash(a->name); 457 } 458 459 static int SortFnByName(const void *_f1, const void *_f2) 460 { 461 const FUNCTION *f1 = _f1; 462 const FUNCTION *f2 = _f2; 463 464 if (f1->type != f2->type) 465 return f1->type - f2->type; 466 return strcmp(f1->name, f2->name); 467 } 468 469 static LHASH_OF(FUNCTION) *prog_init(void) 470 { 471 static LHASH_OF(FUNCTION) *ret = NULL; 472 static int prog_inited = 0; 473 FUNCTION *f; 474 size_t i; 475 476 if (prog_inited) 477 return ret; 478 479 prog_inited = 1; 480 481 /* Sort alphabetically within category. For nicer help displays. */ 482 for (i = 0, f = functions; f->name != NULL; ++f, ++i) 483 ; 484 qsort(functions, i, sizeof(*functions), SortFnByName); 485 486 if ((ret = lh_FUNCTION_new(function_hash, function_cmp)) == NULL) 487 return NULL; 488 489 for (f = functions; f->name != NULL; f++) 490 (void)lh_FUNCTION_insert(ret, f); 491 return ret; 492 } 493