1 /* $OpenBSD: ui_openssl.c,v 1.28 2023/02/16 08:38:17 tb Exp $ */
2 /* Written by Richard Levitte (richard@levitte.org) and others
3 * for the OpenSSL project 2001.
4 */
5 /* ====================================================================
6 * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * openssl-core@openssl.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59 /* The lowest level part of this file was previously in crypto/des/read_pwd.c,
60 * Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
61 * All rights reserved.
62 *
63 * This package is an SSL implementation written
64 * by Eric Young (eay@cryptsoft.com).
65 * The implementation was written so as to conform with Netscapes SSL.
66 *
67 * This library is free for commercial and non-commercial use as long as
68 * the following conditions are aheared to. The following conditions
69 * apply to all code found in this distribution, be it the RC4, RSA,
70 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
71 * included with this distribution is covered by the same copyright terms
72 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
73 *
74 * Copyright remains Eric Young's, and as such any Copyright notices in
75 * the code are not to be removed.
76 * If this package is used in a product, Eric Young should be given attribution
77 * as the author of the parts of the library used.
78 * This can be in the form of a textual message at program startup or
79 * in documentation (online or textual) provided with the package.
80 *
81 * Redistribution and use in source and binary forms, with or without
82 * modification, are permitted provided that the following conditions
83 * are met:
84 * 1. Redistributions of source code must retain the copyright
85 * notice, this list of conditions and the following disclaimer.
86 * 2. Redistributions in binary form must reproduce the above copyright
87 * notice, this list of conditions and the following disclaimer in the
88 * documentation and/or other materials provided with the distribution.
89 * 3. All advertising materials mentioning features or use of this software
90 * must display the following acknowledgement:
91 * "This product includes cryptographic software written by
92 * Eric Young (eay@cryptsoft.com)"
93 * The word 'cryptographic' can be left out if the rouines from the library
94 * being used are not cryptographic related :-).
95 * 4. If you include any Windows specific code (or a derivative thereof) from
96 * the apps directory (application code) you must include an acknowledgement:
97 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
98 *
99 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
100 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
101 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
102 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
103 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
104 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
105 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
106 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
107 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
108 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
109 * SUCH DAMAGE.
110 *
111 * The licence and distribution terms for any publically available version or
112 * derivative of this code cannot be changed. i.e. this code cannot simply be
113 * copied and put under another distribution licence
114 * [including the GNU Public Licence.]
115 */
116
117 #include <sys/ioctl.h>
118
119 #include <openssl/opensslconf.h>
120
121 #include <errno.h>
122 #include <signal.h>
123 #include <stdio.h>
124 #include <string.h>
125 #include <termios.h>
126 #include <unistd.h>
127
128 #include "ui_local.h"
129
130 #ifndef NX509_SIG
131 #define NX509_SIG 32
132 #endif
133
134 /* Define globals. They are protected by a lock */
135 static struct sigaction savsig[NX509_SIG];
136
137 static struct termios tty_orig;
138 static FILE *tty_in, *tty_out;
139 static int is_a_tty;
140
141 /* Declare static functions */
142 static int read_till_nl(FILE *);
143 static void recsig(int);
144 static void pushsig(void);
145 static void popsig(void);
146 static int read_string_inner(UI *ui, UI_STRING *uis, int echo, int strip_nl);
147
148 static int read_string(UI *ui, UI_STRING *uis);
149 static int write_string(UI *ui, UI_STRING *uis);
150
151 static int open_console(UI *ui);
152 static int echo_console(UI *ui);
153 static int noecho_console(UI *ui);
154 static int close_console(UI *ui);
155
156 static UI_METHOD ui_openssl = {
157 .name = "OpenSSL default user interface",
158 .ui_open_session = open_console,
159 .ui_write_string = write_string,
160 .ui_read_string = read_string,
161 .ui_close_session = close_console,
162 };
163
164 /* The method with all the built-in thingies */
165 UI_METHOD *
UI_OpenSSL(void)166 UI_OpenSSL(void)
167 {
168 return &ui_openssl;
169 }
170 LCRYPTO_ALIAS(UI_OpenSSL);
171
172 /* The following function makes sure that info and error strings are printed
173 before any prompt. */
174 static int
write_string(UI * ui,UI_STRING * uis)175 write_string(UI *ui, UI_STRING *uis)
176 {
177 switch (UI_get_string_type(uis)) {
178 case UIT_ERROR:
179 case UIT_INFO:
180 fputs(UI_get0_output_string(uis), tty_out);
181 fflush(tty_out);
182 break;
183 default:
184 break;
185 }
186 return 1;
187 }
188
189 static int
read_string(UI * ui,UI_STRING * uis)190 read_string(UI *ui, UI_STRING *uis)
191 {
192 int ok = 0;
193
194 switch (UI_get_string_type(uis)) {
195 case UIT_BOOLEAN:
196 fputs(UI_get0_output_string(uis), tty_out);
197 fputs(UI_get0_action_string(uis), tty_out);
198 fflush(tty_out);
199 return read_string_inner(ui, uis,
200 UI_get_input_flags(uis) & UI_INPUT_FLAG_ECHO, 0);
201 case UIT_PROMPT:
202 fputs(UI_get0_output_string(uis), tty_out);
203 fflush(tty_out);
204 return read_string_inner(ui, uis,
205 UI_get_input_flags(uis) & UI_INPUT_FLAG_ECHO, 1);
206 case UIT_VERIFY:
207 fprintf(tty_out, "Verifying - %s",
208 UI_get0_output_string(uis));
209 fflush(tty_out);
210 if ((ok = read_string_inner(ui, uis, UI_get_input_flags(uis) &
211 UI_INPUT_FLAG_ECHO, 1)) <= 0)
212 return ok;
213 if (strcmp(UI_get0_result_string(uis),
214 UI_get0_test_string(uis)) != 0) {
215 fprintf(tty_out, "Verify failure\n");
216 fflush(tty_out);
217 return 0;
218 }
219 break;
220 default:
221 break;
222 }
223 return 1;
224 }
225
226
227 /* Internal functions to read a string without echoing */
228 static int
read_till_nl(FILE * in)229 read_till_nl(FILE *in)
230 {
231 #define SIZE 4
232 char buf[SIZE + 1];
233
234 do {
235 if (!fgets(buf, SIZE, in))
236 return 0;
237 } while (strchr(buf, '\n') == NULL);
238 return 1;
239 }
240
241 static volatile sig_atomic_t intr_signal;
242
243 static int
read_string_inner(UI * ui,UI_STRING * uis,int echo,int strip_nl)244 read_string_inner(UI *ui, UI_STRING *uis, int echo, int strip_nl)
245 {
246 static int ps;
247 int ok;
248 char result[BUFSIZ];
249 int maxsize = BUFSIZ - 1;
250 char *p;
251
252 intr_signal = 0;
253 ok = 0;
254 ps = 0;
255
256 pushsig();
257 ps = 1;
258
259 if (!echo && !noecho_console(ui))
260 goto error;
261 ps = 2;
262
263 result[0] = '\0';
264 p = fgets(result, maxsize, tty_in);
265 if (!p)
266 goto error;
267 if (feof(tty_in))
268 goto error;
269 if (ferror(tty_in))
270 goto error;
271 if ((p = strchr(result, '\n')) != NULL) {
272 if (strip_nl)
273 *p = '\0';
274 } else if (!read_till_nl(tty_in))
275 goto error;
276 if (UI_set_result(ui, uis, result) >= 0)
277 ok = 1;
278
279 error:
280 if (intr_signal == SIGINT)
281 ok = -1;
282 if (!echo)
283 fprintf(tty_out, "\n");
284 if (ps >= 2 && !echo && !echo_console(ui))
285 ok = 0;
286
287 if (ps >= 1)
288 popsig();
289
290 explicit_bzero(result, BUFSIZ);
291 return ok;
292 }
293
294
295 /* Internal functions to open, handle and close a channel to the console. */
296 static int
open_console(UI * ui)297 open_console(UI *ui)
298 {
299 CRYPTO_w_lock(CRYPTO_LOCK_UI);
300 is_a_tty = 1;
301
302 #define DEV_TTY "/dev/tty"
303 if ((tty_in = fopen(DEV_TTY, "r")) == NULL)
304 tty_in = stdin;
305 if ((tty_out = fopen(DEV_TTY, "w")) == NULL)
306 tty_out = stderr;
307
308 if (tcgetattr(fileno(tty_in), &tty_orig) == -1) {
309 if (errno == ENOTTY)
310 is_a_tty = 0;
311 else
312 /*
313 * Ariel Glenn ariel@columbia.edu reports that
314 * solaris can return EINVAL instead. This should be
315 * ok
316 */
317 if (errno == EINVAL)
318 is_a_tty = 0;
319 else
320 return 0;
321 }
322
323 return 1;
324 }
325
326 static int
noecho_console(UI * ui)327 noecho_console(UI *ui)
328 {
329 struct termios tty_new = tty_orig;
330
331 tty_new.c_lflag &= ~ECHO;
332 if (is_a_tty && (tcsetattr(fileno(tty_in), TCSANOW, &tty_new) == -1))
333 return 0;
334 return 1;
335 }
336
337 static int
echo_console(UI * ui)338 echo_console(UI *ui)
339 {
340 if (is_a_tty && (tcsetattr(fileno(tty_in), TCSANOW, &tty_orig) == -1))
341 return 0;
342 return 1;
343 }
344
345 static int
close_console(UI * ui)346 close_console(UI *ui)
347 {
348 if (tty_in != stdin)
349 fclose(tty_in);
350 if (tty_out != stderr)
351 fclose(tty_out);
352 CRYPTO_w_unlock(CRYPTO_LOCK_UI);
353
354 return 1;
355 }
356
357
358 /* Internal functions to handle signals and act on them */
359 static void
pushsig(void)360 pushsig(void)
361 {
362 int i;
363 struct sigaction sa;
364
365 memset(&sa, 0, sizeof sa);
366 sa.sa_handler = recsig;
367
368 for (i = 1; i < NX509_SIG; i++) {
369 if (i == SIGUSR1)
370 continue;
371 if (i == SIGUSR2)
372 continue;
373 if (i == SIGKILL) /* We can't make any action on that. */
374 continue;
375 sigaction(i, &sa, &savsig[i]);
376 }
377
378 signal(SIGWINCH, SIG_DFL);
379 }
380
381 static void
popsig(void)382 popsig(void)
383 {
384 int i;
385 for (i = 1; i < NX509_SIG; i++) {
386 if (i == SIGUSR1)
387 continue;
388 if (i == SIGUSR2)
389 continue;
390 sigaction(i, &savsig[i], NULL);
391 }
392 }
393
394 static void
recsig(int i)395 recsig(int i)
396 {
397 intr_signal = i;
398 }
399