diff options
author | Tomas Mraz <tmraz@fedoraproject.org> | 2019-02-01 14:32:36 +0100 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2019-02-11 15:24:12 +0100 |
commit | 9d5560331d86c6463e965321f774e4eed582ce0b (patch) | |
tree | 0c03c2a56ff2047a8632dc35f10b96eaa700f8a5 | |
parent | 2beb004b24ff524d1f27e71994cdcfffb85d7075 (diff) | |
download | openssl-9d5560331d86c6463e965321f774e4eed582ce0b.zip openssl-9d5560331d86c6463e965321f774e4eed582ce0b.tar.gz openssl-9d5560331d86c6463e965321f774e4eed582ce0b.tar.bz2 |
Allow the syntax of the .include directive to optionally have '='
If the old openssl versions not supporting the .include directive
load a config file with it, they will bail out with error.
This change allows using the .include = <filename> syntax which
is interpreted as variable assignment by the old openssl
config file parser.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8141)
-rw-r--r-- | crypto/conf/conf_def.c | 7 | ||||
-rw-r--r-- | doc/man5/config.pod | 7 | ||||
-rw-r--r-- | test/recipes/90-test_includes.t | 4 | ||||
-rw-r--r-- | test/recipes/90-test_includes_data/includes-eq-ws.cnf | 5 | ||||
-rw-r--r-- | test/recipes/90-test_includes_data/includes-eq.cnf | 5 |
5 files changed, 26 insertions, 2 deletions
diff --git a/crypto/conf/conf_def.c b/crypto/conf/conf_def.c index 8a34218..594f7c5 100644 --- a/crypto/conf/conf_def.c +++ b/crypto/conf/conf_def.c @@ -348,10 +348,15 @@ static int def_load_bio(CONF *conf, BIO *in, long *line) psection = section; } p = eat_ws(conf, end); - if (strncmp(pname, ".include", 8) == 0 && p != pname + 8) { + if (strncmp(pname, ".include", 8) == 0 + && (p != pname + 8 || *p == '=')) { char *include = NULL; BIO *next; + if (*p == '=') { + p++; + p = eat_ws(conf, p); + } trim_ws(conf, p); if (!str_copy(conf, psection, &include, p)) goto err; diff --git a/doc/man5/config.pod b/doc/man5/config.pod index 275d96c..3d0842c 100644 --- a/doc/man5/config.pod +++ b/doc/man5/config.pod @@ -42,6 +42,13 @@ working directory so unless the configuration file containing the B<.include> directive is application specific the inclusion will not work as expected. +There can be optional B<=> character and whitespace characters between +B<.include> directive and the path which can be useful in cases the +configuration file needs to be loaded by old OpenSSL versions which do +not support the B<.include> syntax. They would bail out with error +if the B<=> character is not present but with it they just ignore +the include. + Each section in a configuration file consists of a number of name and value pairs of the form B<name=value> diff --git a/test/recipes/90-test_includes.t b/test/recipes/90-test_includes.t index 5169700..c6a86fc 100644 --- a/test/recipes/90-test_includes.t +++ b/test/recipes/90-test_includes.t @@ -11,11 +11,13 @@ plan skip_all => "test_includes doesn't work without posix-io" if disabled("posix-io"); plan tests => # The number of tests being performed - 3 + 5 + ($^O eq "VMS" ? 2 : 0); ok(run(test(["conf_include_test", data_file("includes.cnf")])), "test directory includes"); ok(run(test(["conf_include_test", data_file("includes-file.cnf")])), "test file includes"); +ok(run(test(["conf_include_test", data_file("includes-eq.cnf")])), "test includes with equal character"); +ok(run(test(["conf_include_test", data_file("includes-eq-ws.cnf")])), "test includes with equal and whitespaces"); if ($^O eq "VMS") { ok(run(test(["conf_include_test", data_file("vms-includes.cnf")])), "test directory includes, VMS syntax"); diff --git a/test/recipes/90-test_includes_data/includes-eq-ws.cnf b/test/recipes/90-test_includes_data/includes-eq-ws.cnf new file mode 100644 index 0000000..38109a7 --- /dev/null +++ b/test/recipes/90-test_includes_data/includes-eq-ws.cnf @@ -0,0 +1,5 @@ +# +# Example configuration file using includes. +# + +.include = conf-includes diff --git a/test/recipes/90-test_includes_data/includes-eq.cnf b/test/recipes/90-test_includes_data/includes-eq.cnf new file mode 100644 index 0000000..9d37158 --- /dev/null +++ b/test/recipes/90-test_includes_data/includes-eq.cnf @@ -0,0 +1,5 @@ +# +# Example configuration file using includes. +# + +.include=conf-includes |