1392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom/* apps/srp.c */ 2392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom/* Written by Peter Sylvester (peter.sylvester@edelweb.fr) 3392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * for the EdelKey project and contributed to the OpenSSL project 2004. 4392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom */ 5392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom/* ==================================================================== 6392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * Copyright (c) 2004 The OpenSSL Project. All rights reserved. 7392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * 8392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * Redistribution and use in source and binary forms, with or without 9392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * modification, are permitted provided that the following conditions 10392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * are met: 11392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * 12392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * 1. Redistributions of source code must retain the above copyright 13392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * notice, this list of conditions and the following disclaimer. 14392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * 15392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * 2. Redistributions in binary form must reproduce the above copyright 16392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * notice, this list of conditions and the following disclaimer in 17392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * the documentation and/or other materials provided with the 18392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * distribution. 19392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * 20392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * 3. All advertising materials mentioning features or use of this 21392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * software must display the following acknowledgment: 22392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * "This product includes software developed by the OpenSSL Project 23392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 24392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * 25392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 26392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * endorse or promote products derived from this software without 27392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * prior written permission. For written permission, please contact 28392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * licensing@OpenSSL.org. 29392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * 30392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * 5. Products derived from this software may not be called "OpenSSL" 31392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * nor may "OpenSSL" appear in their names without prior written 32392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * permission of the OpenSSL Project. 33392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * 34392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * 6. Redistributions of any form whatsoever must retain the following 35392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * acknowledgment: 36392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * "This product includes software developed by the OpenSSL Project 37392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 38392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * 39392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 40392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 41392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 42392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 43392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 44392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 45392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 46392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 47392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 48392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 49392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 50392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * OF THE POSSIBILITY OF SUCH DAMAGE. 51392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * ==================================================================== 52392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * 53392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * This product includes cryptographic software written by Eric Young 54392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * (eay@cryptsoft.com). This product includes software written by Tim 55392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * Hudson (tjh@cryptsoft.com). 56392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * 57392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom */ 58392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#include <openssl/opensslconf.h> 59392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 60392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#ifndef OPENSSL_NO_SRP 61392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#include <stdio.h> 62392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#include <stdlib.h> 63392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#include <string.h> 64392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#include <openssl/conf.h> 65392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#include <openssl/bio.h> 66392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#include <openssl/err.h> 67392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#include <openssl/txt_db.h> 68392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#include <openssl/buffer.h> 69392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#include <openssl/srp.h> 70392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 71392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#include "apps.h" 72392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 73392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#undef PROG 74392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#define PROG srp_main 75392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 76392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#define BASE_SECTION "srp" 77392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#define CONFIG_FILE "openssl.cnf" 78392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 79392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#define ENV_RANDFILE "RANDFILE" 80392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 81392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#define ENV_DATABASE "srpvfile" 82392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#define ENV_DEFAULT_SRP "default_srp" 83392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 84392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstromstatic char *srp_usage[]={ 85392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom"usage: srp [args] [user] \n", 86392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom"\n", 87392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom" -verbose Talk alot while doing things\n", 88392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom" -config file A config file\n", 89392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom" -name arg The particular srp definition to use\n", 90392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom" -srpvfile arg The srp verifier file name\n", 91392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom" -add add an user and srp verifier\n", 92392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom" -modify modify the srp verifier of an existing user\n", 93392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom" -delete delete user from verifier file\n", 94392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom" -list list user\n", 95392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom" -gn arg g and N values to be used for new verifier\n", 96392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom" -userinfo arg additional info to be set for user\n", 97392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom" -passin arg input file pass phrase source\n", 98392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom" -passout arg output file pass phrase source\n", 99392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#ifndef OPENSSL_NO_ENGINE 100392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom" -engine e - use engine e, possibly a hardware device.\n", 101392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 102392aa7cc7d2b122614c5393c3e357da07fd07af3Brian CarlstromNULL 103392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom}; 104392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 105392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#ifdef EFENCE 106392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstromextern int EF_PROTECT_FREE; 107392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstromextern int EF_PROTECT_BELOW; 108392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstromextern int EF_ALIGNMENT; 109392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 110392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 111392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstromstatic CONF *conf=NULL; 112392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstromstatic char *section=NULL; 113392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 114392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#define VERBOSE if (verbose) 115392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#define VVERBOSE if (verbose>1) 116392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 117392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 118392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstromint MAIN(int, char **); 119392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 120392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstromstatic int get_index(CA_DB *db, char* id, char type) 121392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 122392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom char ** pp; 123392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom int i; 124392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (id == NULL) return -1; 125392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (type == DB_SRP_INDEX) 126392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++) 127392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 12804ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom pp = sk_OPENSSL_PSTRING_value(db->db->data,i); 12904ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom if (pp[DB_srptype][0] == DB_SRP_INDEX && !strcmp(id,pp[DB_srpid])) 130392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom return i; 131392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 132392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++) 133392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 13404ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom pp = sk_OPENSSL_PSTRING_value(db->db->data,i); 135392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 136392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (pp[DB_srptype][0] != DB_SRP_INDEX && !strcmp(id,pp[DB_srpid])) 137392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom return i; 138392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 139392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 140392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom return -1 ; 141392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 142392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 143392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstromstatic void print_entry(CA_DB *db, BIO *bio, int indx, int verbose, char *s) 144392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 145392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (indx >= 0 && verbose) 146392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 147392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom int j; 14804ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom char **pp = sk_OPENSSL_PSTRING_value(db->db->data, indx); 149392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio, "%s \"%s\"\n", s, pp[DB_srpid]); 150392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom for (j = 0; j < DB_NUMBER; j++) 151392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 152392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err," %d = \"%s\"\n", j, pp[j]); 153392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 154392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 155392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 156392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 157392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstromstatic void print_index(CA_DB *db, BIO *bio, int indexindex, int verbose) 158392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 159392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom print_entry(db, bio, indexindex, verbose, "g N entry") ; 160392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 161392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 162392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstromstatic void print_user(CA_DB *db, BIO *bio, int userindex, int verbose) 163392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 164392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (verbose > 0) 165392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 16604ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom char **pp = sk_OPENSSL_PSTRING_value(db->db->data,userindex); 167392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 168392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (pp[DB_srptype][0] != 'I') 169392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 170392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom print_entry(db, bio, userindex, verbose, "User entry"); 171392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom print_entry(db, bio, get_index(db, pp[DB_srpgN], 'I'), verbose, "g N entry"); 172392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 173392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 174392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 175392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 176392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 177392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstromstatic int update_index(CA_DB *db, BIO *bio, char **row) 178392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 179392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom char ** irow; 180392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom int i; 181392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 182392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if ((irow=(char **)OPENSSL_malloc(sizeof(char *)*(DB_NUMBER+1))) == NULL) 183392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 184392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err,"Memory allocation failure\n"); 185392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom return 0; 186392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 187392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 188392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom for (i=0; i<DB_NUMBER; i++) 189392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 190392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom irow[i]=row[i]; 191392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom row[i]=NULL; 192392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 193392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom irow[DB_NUMBER]=NULL; 194392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 195392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (!TXT_DB_insert(db->db,irow)) 196392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 197392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio,"failed to update srpvfile\n"); 198392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio,"TXT_DB error number %ld\n",db->db->error); 199392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom OPENSSL_free(irow); 200392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom return 0; 201392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 202392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom return 1; 203392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 204392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 205392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstromstatic void lookup_fail(const char *name, char *tag) 206392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 207392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err,"variable lookup failed for %s::%s\n",name,tag); 208392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 209392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 210392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 211392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstromstatic char *srp_verify_user(const char *user, const char *srp_verifier, 212392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom char *srp_usersalt, const char *g, const char *N, 213392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom const char *passin, BIO *bio, int verbose) 214392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 215392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom char password[1024]; 216392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom PW_CB_DATA cb_tmp; 217392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom char *verifier = NULL; 218392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom char *gNid = NULL; 219392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 220392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom cb_tmp.prompt_info = user; 221392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom cb_tmp.password = passin; 222392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 223392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (password_callback(password, 1024, 0, &cb_tmp) >0) 224392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 225392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom VERBOSE BIO_printf(bio,"Validating\n user=\"%s\"\n srp_verifier=\"%s\"\n srp_usersalt=\"%s\"\n g=\"%s\"\n N=\"%s\"\n",user,srp_verifier,srp_usersalt, g, N); 226392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio, "Pass %s\n", password); 227392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 228392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (!(gNid=SRP_create_verifier(user, password, &srp_usersalt, &verifier, N, g))) 229392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 230392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio, "Internal error validating SRP verifier\n"); 231392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 232392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else 233392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 234392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (strcmp(verifier, srp_verifier)) 235392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom gNid = NULL; 236392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom OPENSSL_free(verifier); 237392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 238392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 239392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom return gNid; 240392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 241392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 242392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstromstatic char *srp_create_user(char *user, char **srp_verifier, 243392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom char **srp_usersalt, char *g, char *N, 244392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom char *passout, BIO *bio, int verbose) 245392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 246392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom char password[1024]; 247392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom PW_CB_DATA cb_tmp; 248392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom char *gNid = NULL; 249392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom char *salt = NULL; 250392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom cb_tmp.prompt_info = user; 251392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom cb_tmp.password = passout; 252392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 253392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (password_callback(password,1024,1,&cb_tmp) >0) 254392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 255392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom VERBOSE BIO_printf(bio,"Creating\n user=\"%s\"\n g=\"%s\"\n N=\"%s\"\n",user,g,N); 256392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (!(gNid =SRP_create_verifier(user, password, &salt, srp_verifier, N, g))) 257392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 258392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio,"Internal error creating SRP verifier\n"); 259392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 260392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else 261392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom *srp_usersalt = salt; 262392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom VVERBOSE BIO_printf(bio,"gNid=%s salt =\"%s\"\n verifier =\"%s\"\n", gNid,salt, *srp_verifier); 263392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 264392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 265392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom return gNid; 266392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 267392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 268392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstromint MAIN(int argc, char **argv) 269392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 270392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom int add_user = 0; 271392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom int list_user= 0; 272392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom int delete_user= 0; 273392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom int modify_user= 0; 274392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom char * user = NULL; 275392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 276392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom char *passargin = NULL, *passargout = NULL; 277392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom char *passin = NULL, *passout = NULL; 278392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom char * gN = NULL; 279392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom int gNindex = -1; 280392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom char ** gNrow = NULL; 281392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom int maxgN = -1; 282392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 283392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom char * userinfo = NULL; 284392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 285392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom int badops=0; 286392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom int ret=1; 287392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom int errors=0; 288392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom int verbose=0; 289392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom int doupdatedb=0; 290392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom char *configfile=NULL; 291392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom char *dbfile=NULL; 292392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom CA_DB *db=NULL; 293392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom char **pp ; 294392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom int i; 295392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom long errorline = -1; 296392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom char *randfile=NULL; 297392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#ifndef OPENSSL_NO_ENGINE 298392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom char *engine = NULL; 299392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 300392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom char *tofree=NULL; 301392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom DB_ATTR db_attr; 302392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 303392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#ifdef EFENCE 304392aa7cc7d2b122614c5393c3e357da07fd07af3Brian CarlstromEF_PROTECT_FREE=1; 305392aa7cc7d2b122614c5393c3e357da07fd07af3Brian CarlstromEF_PROTECT_BELOW=1; 306392aa7cc7d2b122614c5393c3e357da07fd07af3Brian CarlstromEF_ALIGNMENT=0; 307392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 308392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 309392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom apps_startup(); 310392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 311392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom conf = NULL; 312392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom section = NULL; 313392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 314392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (bio_err == NULL) 315392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if ((bio_err=BIO_new(BIO_s_file())) != NULL) 316392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); 317392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 318392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom argc--; 319392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom argv++; 320392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom while (argc >= 1 && badops == 0) 321392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 322392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (strcmp(*argv,"-verbose") == 0) 323392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom verbose++; 324392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else if (strcmp(*argv,"-config") == 0) 325392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 326392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (--argc < 1) goto bad; 327392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom configfile= *(++argv); 328392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 329392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else if (strcmp(*argv,"-name") == 0) 330392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 331392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (--argc < 1) goto bad; 332392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom section= *(++argv); 333392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 334392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else if (strcmp(*argv,"-srpvfile") == 0) 335392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 336392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (--argc < 1) goto bad; 337392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom dbfile= *(++argv); 338392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 339392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else if (strcmp(*argv,"-add") == 0) 340392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom add_user=1; 341392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else if (strcmp(*argv,"-delete") == 0) 342392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom delete_user=1; 343392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else if (strcmp(*argv,"-modify") == 0) 344392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom modify_user=1; 345392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else if (strcmp(*argv,"-list") == 0) 346392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom list_user=1; 347392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else if (strcmp(*argv,"-gn") == 0) 348392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 349392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (--argc < 1) goto bad; 350392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom gN= *(++argv); 351392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 352392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else if (strcmp(*argv,"-userinfo") == 0) 353392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 354392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (--argc < 1) goto bad; 355392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom userinfo= *(++argv); 356392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 357392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else if (strcmp(*argv,"-passin") == 0) 358392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 359392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (--argc < 1) goto bad; 360392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom passargin= *(++argv); 361392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 362392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else if (strcmp(*argv,"-passout") == 0) 363392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 364392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (--argc < 1) goto bad; 365392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom passargout= *(++argv); 366392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 367392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#ifndef OPENSSL_NO_ENGINE 368392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else if (strcmp(*argv,"-engine") == 0) 369392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 370392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (--argc < 1) goto bad; 371392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom engine= *(++argv); 372392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 373392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 374392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 375392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else if (**argv == '-') 376392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 377392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrombad: 378392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err,"unknown option %s\n",*argv); 379392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom badops=1; 380392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom break; 381392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 382392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else 383392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom break; 384392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 385392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom argc--; 386392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom argv++; 387392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 388392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 389392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (dbfile && configfile) 390392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 391392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err,"-dbfile and -configfile cannot be specified together.\n"); 392392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom badops = 1; 393392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 394392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (add_user+delete_user+modify_user+list_user != 1) 395392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 396392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err,"Exactly one of the options -add, -delete, -modify -list must be specified.\n"); 397392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom badops = 1; 398392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 399392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (delete_user+modify_user+delete_user== 1 && argc <= 0) 400392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 401392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err,"Need at least one user for options -add, -delete, -modify. \n"); 402392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom badops = 1; 403392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 404392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if ((passin || passout) && argc != 1 ) 405392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 406392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err,"-passin, -passout arguments only valid with one user.\n"); 407392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom badops = 1; 408392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 409392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 410392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (badops) 411392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 412392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom for (pp=srp_usage; (*pp != NULL); pp++) 413392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err,"%s",*pp); 414392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 415392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); 416392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err," load the file (or the files in the directory) into\n"); 417392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err," the random number generator\n"); 418392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom goto err; 419392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 420392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 421392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom ERR_load_crypto_strings(); 422392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 423392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#ifndef OPENSSL_NO_ENGINE 424392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom setup_engine(bio_err, engine, 0); 425392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 426392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 427392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) 428392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 429392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err, "Error getting passwords\n"); 430392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom goto err; 431392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 432392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 433392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (!dbfile) 434392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 435392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 436392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 437392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom /*****************************************************************/ 438392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom tofree=NULL; 439392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (configfile == NULL) configfile = getenv("OPENSSL_CONF"); 440392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (configfile == NULL) configfile = getenv("SSLEAY_CONF"); 441392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (configfile == NULL) 442392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 443392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom const char *s=X509_get_default_cert_area(); 444392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom size_t len; 445392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 446392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#ifdef OPENSSL_SYS_VMS 447392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom len = strlen(s)+sizeof(CONFIG_FILE); 448392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom tofree=OPENSSL_malloc(len); 449392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom strcpy(tofree,s); 450392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#else 451392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom len = strlen(s)+sizeof(CONFIG_FILE)+1; 452392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom tofree=OPENSSL_malloc(len); 453392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BUF_strlcpy(tofree,s,len); 454392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BUF_strlcat(tofree,"/",len); 455392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 456392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BUF_strlcat(tofree,CONFIG_FILE,len); 457392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom configfile=tofree; 458392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 459392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 460392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom VERBOSE BIO_printf(bio_err,"Using configuration from %s\n",configfile); 461392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom conf = NCONF_new(NULL); 462392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (NCONF_load(conf,configfile,&errorline) <= 0) 463392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 464392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (errorline <= 0) 465392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err,"error loading the config file '%s'\n", 466392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom configfile); 467392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else 468392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err,"error on line %ld of config file '%s'\n" 469392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom ,errorline,configfile); 470392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom goto err; 471392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 472392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if(tofree) 473392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 474392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom OPENSSL_free(tofree); 475392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom tofree = NULL; 476392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 477392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 478392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (!load_config(bio_err, conf)) 479392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom goto err; 480392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 481392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom /* Lets get the config section we are using */ 482392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (section == NULL) 483392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 484392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom VERBOSE BIO_printf(bio_err,"trying to read " ENV_DEFAULT_SRP " in \" BASE_SECTION \"\n"); 485392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 486392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom section=NCONF_get_string(conf,BASE_SECTION,ENV_DEFAULT_SRP); 487392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (section == NULL) 488392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 489392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom lookup_fail(BASE_SECTION,ENV_DEFAULT_SRP); 490392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom goto err; 491392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 492392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 493392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 494392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (randfile == NULL && conf) 495392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom randfile = NCONF_get_string(conf, BASE_SECTION, "RANDFILE"); 496392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 497392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 498392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom VERBOSE BIO_printf(bio_err,"trying to read " ENV_DATABASE " in section \"%s\"\n",section); 499392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 500392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if ((dbfile=NCONF_get_string(conf,section,ENV_DATABASE)) == NULL) 501392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 502392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom lookup_fail(section,ENV_DATABASE); 503392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom goto err; 504392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 505392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 506392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 507392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (randfile == NULL) 508392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom ERR_clear_error(); 509392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else 510392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom app_RAND_load_file(randfile, bio_err, 0); 511392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 512392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom VERBOSE BIO_printf(bio_err,"Trying to read SRP verifier file \"%s\"\n",dbfile); 513392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 514392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom db = load_index(dbfile, &db_attr); 515392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (db == NULL) goto err; 516392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 517392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom /* Lets check some fields */ 518392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++) 519392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 52004ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom pp = sk_OPENSSL_PSTRING_value(db->db->data, i); 521392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 522392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (pp[DB_srptype][0] == DB_SRP_INDEX) 523392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 524392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom maxgN = i; 525392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (gNindex < 0 && gN != NULL && !strcmp(gN, pp[DB_srpid])) 526392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom gNindex = i; 527392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 528392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom print_index(db, bio_err, i, verbose > 1); 529392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 530392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 531392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 532392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom VERBOSE BIO_printf(bio_err, "Database initialised\n"); 533392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 534392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (gNindex >= 0) 535392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 53604ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom gNrow = sk_OPENSSL_PSTRING_value(db->db->data,gNindex); 53704ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom print_entry(db, bio_err, gNindex, verbose > 1, "Default g and N"); 538392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 539392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else if (maxgN > 0 && !SRP_get_default_gN(gN)) 540392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 541392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err, "No g and N value for index \"%s\"\n", gN); 542392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom goto err; 543392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 544392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else 545392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 546392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom VERBOSE BIO_printf(bio_err, "Database has no g N information.\n"); 547392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom gNrow = NULL; 548392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 549392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 550392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 551392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom VVERBOSE BIO_printf(bio_err,"Starting user processing\n"); 552392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 553392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (argc > 0) 554392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom user = *(argv++) ; 555392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 556392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom while (list_user || user) 557392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 558392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom int userindex = -1; 559392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (user) 560392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom VVERBOSE BIO_printf(bio_err, "Processing user \"%s\"\n", user); 561392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if ((userindex = get_index(db, user, 'U')) >= 0) 562392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 563392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom print_user(db, bio_err, userindex, (verbose > 0) || list_user); 564392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 565392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 566392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (list_user) 567392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 568392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (user == NULL) 569392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 570392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err,"List all users\n"); 571392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 572392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++) 573392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 574392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom print_user(db,bio_err, i, 1); 575392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 576392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom list_user = 0; 577392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 578392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else if (userindex < 0) 579392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 580392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err, "user \"%s\" does not exist, ignored. t\n", 581392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom user); 582392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom errors++; 583392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 584392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 585392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else if (add_user) 586392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 587392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (userindex >= 0) 588392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 589392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom /* reactivation of a new user */ 59004ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom char **row = sk_OPENSSL_PSTRING_value(db->db->data, userindex); 591392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err, "user \"%s\" reactivated.\n", user); 592392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom row[DB_srptype][0] = 'V'; 593392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 594392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom doupdatedb = 1; 595392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 596392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else 597392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 598392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom char *row[DB_NUMBER] ; char *gNid; 599392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom row[DB_srpverifier] = NULL; 600392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom row[DB_srpsalt] = NULL; 601392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom row[DB_srpinfo] = NULL; 602392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (!(gNid = srp_create_user(user,&(row[DB_srpverifier]), &(row[DB_srpsalt]),gNrow?gNrow[DB_srpsalt]:gN,gNrow?gNrow[DB_srpverifier]:NULL, passout, bio_err,verbose))) 603392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 604392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err, "Cannot create srp verifier for user \"%s\", operation abandoned .\n", user); 605392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom errors++; 606392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom goto err; 607392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 608392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom row[DB_srpid] = BUF_strdup(user); 609392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom row[DB_srptype] = BUF_strdup("v"); 610392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom row[DB_srpgN] = BUF_strdup(gNid); 611392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 612392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (!row[DB_srpid] || !row[DB_srpgN] || !row[DB_srptype] || !row[DB_srpverifier] || !row[DB_srpsalt] || 613392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom (userinfo && (!(row[DB_srpinfo] = BUF_strdup(userinfo)))) || 614392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom !update_index(db, bio_err, row)) 615392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 616392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (row[DB_srpid]) OPENSSL_free(row[DB_srpid]); 617392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (row[DB_srpgN]) OPENSSL_free(row[DB_srpgN]); 618392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (row[DB_srpinfo]) OPENSSL_free(row[DB_srpinfo]); 619392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (row[DB_srptype]) OPENSSL_free(row[DB_srptype]); 620392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (row[DB_srpverifier]) OPENSSL_free(row[DB_srpverifier]); 621392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (row[DB_srpsalt]) OPENSSL_free(row[DB_srpsalt]); 622392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom goto err; 623392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 624392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom doupdatedb = 1; 625392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 626392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 627392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else if (modify_user) 628392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 629392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (userindex < 0) 630392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 631392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err,"user \"%s\" does not exist, operation ignored.\n",user); 632392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom errors++; 633392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 634392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else 635392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 636392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 63704ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom char **row = sk_OPENSSL_PSTRING_value(db->db->data, userindex); 638392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom char type = row[DB_srptype][0]; 639392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (type == 'v') 640392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 641392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err,"user \"%s\" already updated, operation ignored.\n",user); 642392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom errors++; 643392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 644392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else 645392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 646392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom char *gNid; 647392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 648392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (row[DB_srptype][0] == 'V') 649392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 650392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom int user_gN; 651392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom char **irow = NULL; 652392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom VERBOSE BIO_printf(bio_err,"Verifying password for user \"%s\"\n",user); 653392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if ( (user_gN = get_index(db, row[DB_srpgN], DB_SRP_INDEX)) >= 0) 654392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom irow = (char **)sk_OPENSSL_PSTRING_value(db->db->data, userindex); 655392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 656392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (!srp_verify_user(user, row[DB_srpverifier], row[DB_srpsalt], irow ? irow[DB_srpsalt] : row[DB_srpgN], irow ? irow[DB_srpverifier] : NULL, passin, bio_err, verbose)) 657392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 658392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err, "Invalid password for user \"%s\", operation abandoned.\n", user); 659392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom errors++; 660392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom goto err; 661392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 662392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 663392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom VERBOSE BIO_printf(bio_err,"Password for user \"%s\" ok.\n",user); 664392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 665392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (!(gNid=srp_create_user(user,&(row[DB_srpverifier]), &(row[DB_srpsalt]),gNrow?gNrow[DB_srpsalt]:NULL, gNrow?gNrow[DB_srpverifier]:NULL, passout, bio_err,verbose))) 666392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 66704ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom BIO_printf(bio_err, "Cannot create srp verifier for user \"%s\", operation abandoned.\n", user); 66804ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom errors++; 66904ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom goto err; 670392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 671392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 672392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom row[DB_srptype][0] = 'v'; 673392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom row[DB_srpgN] = BUF_strdup(gNid); 674392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 675392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (!row[DB_srpid] || !row[DB_srpgN] || !row[DB_srptype] || !row[DB_srpverifier] || !row[DB_srpsalt] || 676392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom (userinfo && (!(row[DB_srpinfo] = BUF_strdup(userinfo))))) 677392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom goto err; 678392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 679392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom doupdatedb = 1; 680392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 681392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 682392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 683392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else if (delete_user) 684392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 685392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (userindex < 0) 686392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 687392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err, "user \"%s\" does not exist, operation ignored. t\n", user); 688392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom errors++; 689392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 690392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else 691392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 69204ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom char **xpp = sk_OPENSSL_PSTRING_value(db->db->data,userindex); 693392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom BIO_printf(bio_err, "user \"%s\" revoked. t\n", user); 694392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 695392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom xpp[DB_srptype][0] = 'R'; 696392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 697392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom doupdatedb = 1; 698392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 699392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 700392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (--argc > 0) 701392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom user = *(argv++) ; 702392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else 703392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 704392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom user = NULL; 705392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom list_user = 0; 706392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 707392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 708392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 709392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom VERBOSE BIO_printf(bio_err,"User procession done.\n"); 710392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 711392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 712392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (doupdatedb) 713392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 714392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom /* Lets check some fields */ 715392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++) 716392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 71704ef91b390dfcc6125913e2f2af502d23d7a5112Brian Carlstrom pp = sk_OPENSSL_PSTRING_value(db->db->data,i); 718392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 719392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (pp[DB_srptype][0] == 'v') 720392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 721392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom pp[DB_srptype][0] = 'V'; 722392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom print_user(db, bio_err, i, verbose); 723392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 724392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 725392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 726392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom VERBOSE BIO_printf(bio_err, "Trying to update srpvfile.\n"); 727392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (!save_index(dbfile, "new", db)) goto err; 728392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 729392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom VERBOSE BIO_printf(bio_err, "Temporary srpvfile created.\n"); 730392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (!rotate_index(dbfile, "new", "old")) goto err; 731392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 732392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom VERBOSE BIO_printf(bio_err, "srpvfile updated.\n"); 733392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 734392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 735392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom ret = (errors != 0); 736392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstromerr: 737392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (errors != 0) 738392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom VERBOSE BIO_printf(bio_err,"User errors %d.\n",errors); 739392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 740392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom VERBOSE BIO_printf(bio_err,"SRP terminating with code %d.\n",ret); 741392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if(tofree) 742392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom OPENSSL_free(tofree); 743392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (ret) ERR_print_errors(bio_err); 744392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (randfile) app_RAND_write_file(randfile, bio_err); 745392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (conf) NCONF_free(conf); 746392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (db) free_index(db); 747392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 748392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom OBJ_cleanup(); 749392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom apps_shutdown(); 750392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom OPENSSL_EXIT(ret); 751392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 752392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 753392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 754392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 755392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 756392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 757