1 /* $OpenBSD: ui_openssl.c,v 1.25 2015/09/10 15:56:26 jsing Exp $ */
2 /* Written by Richard Levitte (richard@levitte.org) and others
3 * for the OpenSSL project 2001.
4 */
5 /* ====================================================================
6 * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * openssl-core@openssl.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59 /* The lowest level part of this file was previously in crypto/des/read_pwd.c,
60 * Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
61 * All rights reserved.
62 *
63 * This package is an SSL implementation written
64 * by Eric Young (eay@cryptsoft.com).
65 * The implementation was written so as to conform with Netscapes SSL.
66 *
67 * This library is free for commercial and non-commercial use as long as
68 * the following conditions are aheared to. The following conditions
69 * apply to all code found in this distribution, be it the RC4, RSA,
70 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
71 * included with this distribution is covered by the same copyright terms
72 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
73 *
74 * Copyright remains Eric Young's, and as such any Copyright notices in
75 * the code are not to be removed.
76 * If this package is used in a product, Eric Young should be given attribution
77 * as the author of the parts of the library used.
78 * This can be in the form of a textual message at program startup or
79 * in documentation (online or textual) provided with the package.
80 *
81 * Redistribution and use in source and binary forms, with or without
82 * modification, are permitted provided that the following conditions
83 * are met:
84 * 1. Redistributions of source code must retain the copyright
85 * notice, this list of conditions and the following disclaimer.
86 * 2. Redistributions in binary form must reproduce the above copyright
87 * notice, this list of conditions and the following disclaimer in the
88 * documentation and/or other materials provided with the distribution.
89 * 3. All advertising materials mentioning features or use of this software
90 * must display the following acknowledgement:
91 * "This product includes cryptographic software written by
92 * Eric Young (eay@cryptsoft.com)"
93 * The word 'cryptographic' can be left out if the rouines from the library
94 * being used are not cryptographic related :-).
95 * 4. If you include any Windows specific code (or a derivative thereof) from
96 * the apps directory (application code) you must include an acknowledgement:
97 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
98 *
99 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
100 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
101 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
102 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
103 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
104 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
105 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
106 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
107 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
108 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
109 * SUCH DAMAGE.
110 *
111 * The licence and distribution terms for any publically available version or
112 * derivative of this code cannot be changed. i.e. this code cannot simply be
113 * copied and put under another distribution licence
114 * [including the GNU Public Licence.]
115 */
116
117 #include <sys/ioctl.h>
118
119 #include <openssl/opensslconf.h>
120
121 #include <errno.h>
122 #include <signal.h>
123 #include <stdio.h>
124 #include <string.h>
125 #include <termios.h>
126 #include <unistd.h>
127
128 #include "ui_locl.h"
129
130 #ifndef NX509_SIG
131 #define NX509_SIG 32
132 #endif
133
134 /* Define globals. They are protected by a lock */
135 static struct sigaction savsig[NX509_SIG];
136
137 static struct termios tty_orig;
138 static FILE *tty_in, *tty_out;
139 static int is_a_tty;
140
141 /* Declare static functions */
142 static int read_till_nl(FILE *);
143 static void recsig(int);
144 static void pushsig(void);
145 static void popsig(void);
146 static int read_string_inner(UI *ui, UI_STRING *uis, int echo, int strip_nl);
147
148 static int read_string(UI *ui, UI_STRING *uis);
149 static int write_string(UI *ui, UI_STRING *uis);
150
151 static int open_console(UI *ui);
152 static int echo_console(UI *ui);
153 static int noecho_console(UI *ui);
154 static int close_console(UI *ui);
155
156 static UI_METHOD ui_openssl = {
157 .name = "OpenSSL default user interface",
158 .ui_open_session = open_console,
159 .ui_write_string = write_string,
160 .ui_read_string = read_string,
161 .ui_close_session = close_console,
162 };
163
164 /* The method with all the built-in thingies */
165 UI_METHOD *
UI_OpenSSL(void)166 UI_OpenSSL(void)
167 {
168 return &ui_openssl;
169 }
170
171 /* The following function makes sure that info and error strings are printed
172 before any prompt. */
173 static int
write_string(UI * ui,UI_STRING * uis)174 write_string(UI *ui, UI_STRING *uis)
175 {
176 switch (UI_get_string_type(uis)) {
177 case UIT_ERROR:
178 case UIT_INFO:
179 fputs(UI_get0_output_string(uis), tty_out);
180 fflush(tty_out);
181 break;
182 default:
183 break;
184 }
185 return 1;
186 }
187
188 static int
read_string(UI * ui,UI_STRING * uis)189 read_string(UI *ui, UI_STRING *uis)
190 {
191 int ok = 0;
192
193 switch (UI_get_string_type(uis)) {
194 case UIT_BOOLEAN:
195 fputs(UI_get0_output_string(uis), tty_out);
196 fputs(UI_get0_action_string(uis), tty_out);
197 fflush(tty_out);
198 return read_string_inner(ui, uis,
199 UI_get_input_flags(uis) & UI_INPUT_FLAG_ECHO, 0);
200 case UIT_PROMPT:
201 fputs(UI_get0_output_string(uis), tty_out);
202 fflush(tty_out);
203 return read_string_inner(ui, uis,
204 UI_get_input_flags(uis) & UI_INPUT_FLAG_ECHO, 1);
205 case UIT_VERIFY:
206 fprintf(tty_out, "Verifying - %s",
207 UI_get0_output_string(uis));
208 fflush(tty_out);
209 if ((ok = read_string_inner(ui, uis, UI_get_input_flags(uis) &
210 UI_INPUT_FLAG_ECHO, 1)) <= 0)
211 return ok;
212 if (strcmp(UI_get0_result_string(uis),
213 UI_get0_test_string(uis)) != 0) {
214 fprintf(tty_out, "Verify failure\n");
215 fflush(tty_out);
216 return 0;
217 }
218 break;
219 default:
220 break;
221 }
222 return 1;
223 }
224
225
226 /* Internal functions to read a string without echoing */
227 static int
read_till_nl(FILE * in)228 read_till_nl(FILE *in)
229 {
230 #define SIZE 4
231 char buf[SIZE + 1];
232
233 do {
234 if (!fgets(buf, SIZE, in))
235 return 0;
236 } while (strchr(buf, '\n') == NULL);
237 return 1;
238 }
239
240 static volatile sig_atomic_t intr_signal;
241
242 static int
read_string_inner(UI * ui,UI_STRING * uis,int echo,int strip_nl)243 read_string_inner(UI *ui, UI_STRING *uis, int echo, int strip_nl)
244 {
245 static int ps;
246 int ok;
247 char result[BUFSIZ];
248 int maxsize = BUFSIZ - 1;
249 char *p;
250
251 intr_signal = 0;
252 ok = 0;
253 ps = 0;
254
255 pushsig();
256 ps = 1;
257
258 if (!echo && !noecho_console(ui))
259 goto error;
260 ps = 2;
261
262 result[0] = '\0';
263 p = fgets(result, maxsize, tty_in);
264 if (!p)
265 goto error;
266 if (feof(tty_in))
267 goto error;
268 if (ferror(tty_in))
269 goto error;
270 if ((p = strchr(result, '\n')) != NULL) {
271 if (strip_nl)
272 *p = '\0';
273 } else if (!read_till_nl(tty_in))
274 goto error;
275 if (UI_set_result(ui, uis, result) >= 0)
276 ok = 1;
277
278 error:
279 if (intr_signal == SIGINT)
280 ok = -1;
281 if (!echo)
282 fprintf(tty_out, "\n");
283 if (ps >= 2 && !echo && !echo_console(ui))
284 ok = 0;
285
286 if (ps >= 1)
287 popsig();
288
289 explicit_bzero(result, BUFSIZ);
290 return ok;
291 }
292
293
294 /* Internal functions to open, handle and close a channel to the console. */
295 static int
open_console(UI * ui)296 open_console(UI *ui)
297 {
298 CRYPTO_w_lock(CRYPTO_LOCK_UI);
299 is_a_tty = 1;
300
301 #define DEV_TTY "/dev/tty"
302 if ((tty_in = fopen(DEV_TTY, "r")) == NULL)
303 tty_in = stdin;
304 if ((tty_out = fopen(DEV_TTY, "w")) == NULL)
305 tty_out = stderr;
306
307 if (tcgetattr(fileno(tty_in), &tty_orig) == -1) {
308 if (errno == ENOTTY)
309 is_a_tty = 0;
310 else
311 /*
312 * Ariel Glenn ariel@columbia.edu reports that
313 * solaris can return EINVAL instead. This should be
314 * ok
315 */
316 if (errno == EINVAL)
317 is_a_tty = 0;
318 else
319 return 0;
320 }
321
322 return 1;
323 }
324
325 static int
noecho_console(UI * ui)326 noecho_console(UI *ui)
327 {
328 struct termios tty_new = tty_orig;
329
330 tty_new.c_lflag &= ~ECHO;
331 if (is_a_tty && (tcsetattr(fileno(tty_in), TCSANOW, &tty_new) == -1))
332 return 0;
333 return 1;
334 }
335
336 static int
echo_console(UI * ui)337 echo_console(UI *ui)
338 {
339 if (is_a_tty && (tcsetattr(fileno(tty_in), TCSANOW, &tty_orig) == -1))
340 return 0;
341 return 1;
342 }
343
344 static int
close_console(UI * ui)345 close_console(UI *ui)
346 {
347 if (tty_in != stdin)
348 fclose(tty_in);
349 if (tty_out != stderr)
350 fclose(tty_out);
351 CRYPTO_w_unlock(CRYPTO_LOCK_UI);
352
353 return 1;
354 }
355
356
357 /* Internal functions to handle signals and act on them */
358 static void
pushsig(void)359 pushsig(void)
360 {
361 int i;
362 struct sigaction sa;
363
364 memset(&sa, 0, sizeof sa);
365 sa.sa_handler = recsig;
366
367 for (i = 1; i < NX509_SIG; i++) {
368 if (i == SIGUSR1)
369 continue;
370 if (i == SIGUSR2)
371 continue;
372 if (i == SIGKILL) /* We can't make any action on that. */
373 continue;
374 sigaction(i, &sa, &savsig[i]);
375 }
376
377 signal(SIGWINCH, SIG_DFL);
378 }
379
380 static void
popsig(void)381 popsig(void)
382 {
383 int i;
384 for (i = 1; i < NX509_SIG; i++) {
385 if (i == SIGUSR1)
386 continue;
387 if (i == SIGUSR2)
388 continue;
389 sigaction(i, &savsig[i], NULL);
390 }
391 }
392
393 static void
recsig(int i)394 recsig(int i)
395 {
396 intr_signal = i;
397 }
398