diff options
Diffstat (limited to 'rubbos/app/httpd-2.0.64/modules/ssl/ssl_engine_pphrase.c')
| -rw-r--r-- | rubbos/app/httpd-2.0.64/modules/ssl/ssl_engine_pphrase.c | 789 |
1 files changed, 0 insertions, 789 deletions
diff --git a/rubbos/app/httpd-2.0.64/modules/ssl/ssl_engine_pphrase.c b/rubbos/app/httpd-2.0.64/modules/ssl/ssl_engine_pphrase.c deleted file mode 100644 index 1ca3f32f..00000000 --- a/rubbos/app/httpd-2.0.64/modules/ssl/ssl_engine_pphrase.c +++ /dev/null @@ -1,789 +0,0 @@ -/* Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -/* _ _ - * _ __ ___ ___ __| | ___ ___| | mod_ssl - * | '_ ` _ \ / _ \ / _` | / __/ __| | Apache Interface to OpenSSL - * | | | | | | (_) | (_| | \__ \__ \ | - * |_| |_| |_|\___/ \__,_|___|___/___/_| - * |_____| - * ssl_engine_pphrase.c - * Pass Phrase Dialog - */ - /* ``Treat your password like your - toothbrush. Don't let anybody - else use it, and get a new one - every six months.'' - -- Clifford Stoll */ -#include "mod_ssl.h" - -/* - * Return true if the named file exists and is readable - */ - -static apr_status_t exists_and_readable(char *fname, apr_pool_t *pool, apr_time_t *mtime) -{ - apr_status_t stat; - apr_finfo_t sbuf; - apr_file_t *fd; - - if ((stat = apr_stat(&sbuf, fname, APR_FINFO_MIN, pool)) != APR_SUCCESS) - return stat; - - if (sbuf.filetype != APR_REG) - return APR_EGENERAL; - - if ((stat = apr_file_open(&fd, fname, APR_READ, 0, pool)) != APR_SUCCESS) - return stat; - - if (mtime) { - *mtime = sbuf.mtime; - } - - apr_file_close(fd); - return APR_SUCCESS; -} - -/* - * reuse vhost keys for asn1 tables where keys are allocated out - * of s->process->pool to prevent "leaking" each time we format - * a vhost key. since the key is stored in a table with lifetime - * of s->process->pool, the key needs to have the same lifetime. - * - * XXX: probably seems silly to use a hash table with keys and values - * being the same, but it is easier than doing a linear search - * and will make it easier to remove keys if needed in the future. - * also have the problem with apr_array_header_t that if we - * underestimate the number of vhost keys when we apr_array_make(), - * the array will get resized when we push past the initial number - * of elts. this resizing in the s->process->pool means "leaking" - * since apr_array_push() will apr_alloc arr->nalloc * 2 elts, - * leaving the original arr->elts to waste. - */ -static char *asn1_table_vhost_key(SSLModConfigRec *mc, apr_pool_t *p, - char *id, char *an) -{ - /* 'p' pool used here is cleared on restarts (or sooner) */ - char *key = apr_psprintf(p, "%s:%s", id, an); - void *keyptr = apr_hash_get(mc->tVHostKeys, key, - APR_HASH_KEY_STRING); - - if (!keyptr) { - /* make a copy out of s->process->pool */ - keyptr = apr_pstrdup(mc->pPool, key); - apr_hash_set(mc->tVHostKeys, keyptr, - APR_HASH_KEY_STRING, keyptr); - } - - return (char *)keyptr; -} - -/* _________________________________________________________________ -** -** Pass Phrase and Private Key Handling -** _________________________________________________________________ -*/ - -#define BUILTIN_DIALOG_BACKOFF 2 -#define BUILTIN_DIALOG_RETRIES 5 - -static apr_file_t *writetty = NULL; -static apr_file_t *readtty = NULL; - -/* - * sslc has a nasty flaw where its - * PEM_read_bio_PrivateKey does not take a callback arg. - */ -static server_rec *ssl_pphrase_server_rec = NULL; - -#ifdef SSLC_VERSION_NUMBER -int ssl_pphrase_Handle_CB(char *, int, int); -#else -int ssl_pphrase_Handle_CB(char *, int, int, void *); -#endif - -static char *pphrase_array_get(apr_array_header_t *arr, int idx) -{ - if ((idx < 0) || (idx >= arr->nelts)) { - return NULL; - } - - return ((char **)arr->elts)[idx]; -} - -static void pphrase_array_clear(apr_array_header_t *arr) -{ - if (arr->nelts > 0) { - memset(arr->elts, 0, arr->elt_size * arr->nelts); - } - arr->nelts = 0; -} - -void ssl_pphrase_Handle(server_rec *s, apr_pool_t *p) -{ - SSLModConfigRec *mc = myModConfig(s); - SSLSrvConfigRec *sc; - server_rec *pServ; - char *cpVHostID; - char szPath[MAX_STRING_LEN]; - EVP_PKEY *pPrivateKey; - ssl_asn1_t *asn1; - unsigned char *ucp; - long int length; - X509 *pX509Cert; - BOOL bReadable; - apr_array_header_t *aPassPhrase; - int nPassPhrase; - int nPassPhraseCur; - char *cpPassPhraseCur; - int nPassPhraseRetry; - int nPassPhraseDialog; - int nPassPhraseDialogCur; - BOOL bPassPhraseDialogOnce; - char **cpp; - int i, j; - ssl_algo_t algoCert, algoKey, at; - char *an; - char *cp; - apr_time_t pkey_mtime = 0; - int isterm = 1; - apr_status_t rv; - /* - * Start with a fresh pass phrase array - */ - aPassPhrase = apr_array_make(p, 2, sizeof(char *)); - nPassPhrase = 0; - nPassPhraseDialog = 0; - - /* - * Walk through all configured servers - */ - for (pServ = s; pServ != NULL; pServ = pServ->next) { - sc = mySrvConfig(pServ); - - if (!sc->enabled) - continue; - - cpVHostID = ssl_util_vhostid(p, pServ); - ap_log_error(APLOG_MARK, APLOG_INFO, 0, pServ, - "Loading certificate & private key of SSL-aware server"); - - /* - * Read in server certificate(s): This is the easy part - * because this file isn't encrypted in any way. - */ - if (sc->server->pks->cert_files[0] == NULL) { - ap_log_error(APLOG_MARK, APLOG_ERR, 0, pServ, - "Server should be SSL-aware but has no certificate " - "configured [Hint: SSLCertificateFile]"); - ssl_die(); - } - algoCert = SSL_ALGO_UNKNOWN; - algoKey = SSL_ALGO_UNKNOWN; - for (i = 0, j = 0; i < SSL_AIDX_MAX && sc->server->pks->cert_files[i] != NULL; i++) { - - apr_cpystrn(szPath, sc->server->pks->cert_files[i], sizeof(szPath)); - if ((rv = exists_and_readable(szPath, p, NULL)) != APR_SUCCESS) { - ap_log_error(APLOG_MARK, APLOG_ERR, rv, s, - "Init: Can't open server certificate file %s", - szPath); - ssl_die(); - } - if ((pX509Cert = SSL_read_X509(szPath, NULL, NULL)) == NULL) { - ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, - "Init: Unable to read server certificate from file %s", szPath); - ssl_log_ssl_error(APLOG_MARK, APLOG_ERR, s); - ssl_die(); - } - - /* - * check algorithm type of certificate and make - * sure only one certificate per type is used. - */ - at = ssl_util_algotypeof(pX509Cert, NULL); - an = ssl_util_algotypestr(at); - if (algoCert & at) { - ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, - "Init: Multiple %s server certificates not " - "allowed", an); - ssl_log_ssl_error(APLOG_MARK, APLOG_ERR, s); - ssl_die(); - } - algoCert |= at; - - /* - * Insert the certificate into global module configuration to let it - * survive the processing between the 1st Apache API init round (where - * we operate here) and the 2nd Apache init round (where the - * certificate is actually used to configure mod_ssl's per-server - * configuration structures). - */ - cp = asn1_table_vhost_key(mc, p, cpVHostID, an); - length = i2d_X509(pX509Cert, NULL); - ucp = ssl_asn1_table_set(mc->tPublicCert, cp, length); - (void)i2d_X509(pX509Cert, &ucp); /* 2nd arg increments */ - - /* - * Free the X509 structure - */ - X509_free(pX509Cert); - - /* - * Read in the private key: This is the non-trivial part, because the - * key is typically encrypted, so a pass phrase dialog has to be used - * to request it from the user (or it has to be alternatively gathered - * from a dialog program). The important point here is that ISPs - * usually have hundrets of virtual servers configured and a lot of - * them use SSL, so really we have to minimize the pass phrase - * dialogs. - * - * The idea is this: When N virtual hosts are configured and all of - * them use encrypted private keys with different pass phrases, we - * have no chance and have to pop up N pass phrase dialogs. But - * usually the admin is clever enough and uses the same pass phrase - * for more private key files (typically he even uses one single pass - * phrase for all). When this is the case we can minimize the dialogs - * by trying to re-use already known/entered pass phrases. - */ - if (sc->server->pks->key_files[j] != NULL) - apr_cpystrn(szPath, sc->server->pks->key_files[j++], sizeof(szPath)); - - /* - * Try to read the private key file with the help of - * the callback function which serves the pass - * phrases to OpenSSL - */ - myCtxVarSet(mc, 1, pServ); - myCtxVarSet(mc, 2, p); - myCtxVarSet(mc, 3, aPassPhrase); - myCtxVarSet(mc, 4, &nPassPhraseCur); - myCtxVarSet(mc, 5, &cpPassPhraseCur); - myCtxVarSet(mc, 6, cpVHostID); - myCtxVarSet(mc, 7, an); - myCtxVarSet(mc, 8, &nPassPhraseDialog); - myCtxVarSet(mc, 9, &nPassPhraseDialogCur); - myCtxVarSet(mc, 10, &bPassPhraseDialogOnce); - - nPassPhraseCur = 0; - nPassPhraseRetry = 0; - nPassPhraseDialogCur = 0; - bPassPhraseDialogOnce = TRUE; - - pPrivateKey = NULL; - - for (;;) { - /* - * Try to read the private key file with the help of - * the callback function which serves the pass - * phrases to OpenSSL - */ - if ((rv = exists_and_readable(szPath, p, - &pkey_mtime)) != APR_SUCCESS ) { - ap_log_error(APLOG_MARK, APLOG_ERR, rv, s, - "Init: Can't open server private key file " - "%s",szPath); - ssl_die(); - } - - /* - * if the private key is encrypted and SSLPassPhraseDialog - * is configured to "builtin" it isn't possible to prompt for - * a password after httpd has detached from the tty. - * in this case if we already have a private key and the - * file name/mtime hasn't changed, then reuse the existing key. - * we also reuse existing private keys that were encrypted for - * exec: and pipe: dialogs to minimize chances to snoop the - * password. that and pipe: dialogs might prompt the user - * for password, which on win32 for example could happen 4 - * times at startup. twice for each child and twice within - * each since apache "restarts itself" on startup. - * of course this will not work for the builtin dialog if - * the server was started without LoadModule ssl_module - * configured, then restarted with it configured. - * but we fall through with a chance of success if the key - * is not encrypted or can be handled via exec or pipe dialog. - * and in the case of fallthrough, pkey_mtime and isatty() - * are used to give a better idea as to what failed. - */ - if (pkey_mtime) { - int i; - - for (i=0; i < SSL_AIDX_MAX; i++) { - const char *key_id = - ssl_asn1_table_keyfmt(p, cpVHostID, i); - ssl_asn1_t *asn1 = - ssl_asn1_table_get(mc->tPrivateKey, key_id); - - if (asn1 && (asn1->source_mtime == pkey_mtime)) { - ap_log_error(APLOG_MARK, APLOG_INFO, - 0, pServ, - "%s reusing existing " - "%s private key on restart", - cpVHostID, ssl_asn1_keystr(i)); - return; - } - } - } - - cpPassPhraseCur = NULL; - ssl_pphrase_server_rec = s; /* to make up for sslc flaw */ - - /* Ensure that the error stack is empty; some SSL - * functions will fail spuriously if the error stack - * is not empty. */ - ERR_clear_error(); - - bReadable = ((pPrivateKey = SSL_read_PrivateKey(szPath, NULL, - ssl_pphrase_Handle_CB, s)) != NULL ? TRUE : FALSE); - - /* - * when the private key file now was readable, - * it's fine and we go out of the loop - */ - if (bReadable) - break; - - /* - * when we have more remembered pass phrases - * try to reuse these first. - */ - if (nPassPhraseCur < nPassPhrase) { - nPassPhraseCur++; - continue; - } - - /* - * else it's not readable and we have no more - * remembered pass phrases. Then this has to mean - * that the callback function popped up the dialog - * but a wrong pass phrase was entered. We give the - * user (but not the dialog program) a few more - * chances... - */ -#ifndef WIN32 - if ((sc->server->pphrase_dialog_type == SSL_PPTYPE_BUILTIN - || sc->server->pphrase_dialog_type == SSL_PPTYPE_PIPE) -#else - if (sc->server->pphrase_dialog_type == SSL_PPTYPE_PIPE -#endif - && cpPassPhraseCur != NULL - && nPassPhraseRetry < BUILTIN_DIALOG_RETRIES ) { - apr_file_printf(writetty, "Apache:mod_ssl:Error: Pass phrase incorrect " - "(%d more retr%s permitted).\n", - (BUILTIN_DIALOG_RETRIES-nPassPhraseRetry), - (BUILTIN_DIALOG_RETRIES-nPassPhraseRetry) == 1 ? "y" : "ies"); - nPassPhraseRetry++; - if (nPassPhraseRetry > BUILTIN_DIALOG_BACKOFF) - apr_sleep((nPassPhraseRetry-BUILTIN_DIALOG_BACKOFF) - * 5 * APR_USEC_PER_SEC); - continue; - } -#ifdef WIN32 - if (sc->server->pphrase_dialog_type == SSL_PPTYPE_BUILTIN) { - ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, - "Init: SSLPassPhraseDialog builtin is not " - "supported on Win32 (key file " - "%s)", szPath); - ssl_die(); - } -#endif /* WIN32 */ - - /* - * Ok, anything else now means a fatal error. - */ - if (cpPassPhraseCur == NULL) { - if (nPassPhraseDialogCur && pkey_mtime && - !(isterm = isatty(fileno(stdout)))) /* XXX: apr_isatty() */ - { - ap_log_error(APLOG_MARK, APLOG_ERR, 0, - pServ, - "Init: Unable to read pass phrase " - "[Hint: key introduced or changed " - "before restart?]"); - ssl_log_ssl_error(APLOG_MARK, APLOG_ERR, pServ); - } - else { - ap_log_error(APLOG_MARK, APLOG_ERR, 0, - pServ, "Init: Private key not found"); - ssl_log_ssl_error(APLOG_MARK, APLOG_ERR, pServ); - } - if (writetty) { - apr_file_printf(writetty, "Apache:mod_ssl:Error: Private key not found.\n"); - apr_file_printf(writetty, "**Stopped\n"); - } - } - else { - ap_log_error(APLOG_MARK, APLOG_ERR, 0, - pServ, "Init: Pass phrase incorrect"); - ssl_log_ssl_error(APLOG_MARK, APLOG_ERR, pServ); - - if (writetty) { - apr_file_printf(writetty, "Apache:mod_ssl:Error: Pass phrase incorrect.\n"); - apr_file_printf(writetty, "**Stopped\n"); - } - } - ssl_die(); - } - - if (pPrivateKey == NULL) { - ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, - "Init: Unable to read server private key from " - "file %s [Hint: Perhaps it is in a separate file? " - " See SSLCertificateKeyFile]", szPath); - ssl_log_ssl_error(APLOG_MARK, APLOG_ERR, s); - ssl_die(); - } - - /* - * check algorithm type of private key and make - * sure only one private key per type is used. - */ - at = ssl_util_algotypeof(NULL, pPrivateKey); - an = ssl_util_algotypestr(at); - if (algoKey & at) { - ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, - "Init: Multiple %s server private keys not " - "allowed", an); - ssl_log_ssl_error(APLOG_MARK, APLOG_ERR, s); - ssl_die(); - } - algoKey |= at; - - /* - * Log the type of reading - */ - if (nPassPhraseDialogCur == 0) { - ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, pServ, - "unencrypted %s private key - pass phrase not " - "required", an); - } - else { - if (cpPassPhraseCur != NULL) { - ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, - pServ, - "encrypted %s private key - pass phrase " - "requested", an); - } - else { - ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, - pServ, - "encrypted %s private key - pass phrase" - " reused", an); - } - } - - /* - * Ok, when we have one more pass phrase store it - */ - if (cpPassPhraseCur != NULL) { - cpp = (char **)apr_array_push(aPassPhrase); - *cpp = cpPassPhraseCur; - nPassPhrase++; - } - - /* - * Insert private key into the global module configuration - * (we convert it to a stand-alone DER byte sequence - * because the SSL library uses static variables inside a - * RSA structure which do not survive DSO reloads!) - */ - cp = asn1_table_vhost_key(mc, p, cpVHostID, an); - length = i2d_PrivateKey(pPrivateKey, NULL); - ucp = ssl_asn1_table_set(mc->tPrivateKey, cp, length); - (void)i2d_PrivateKey(pPrivateKey, &ucp); /* 2nd arg increments */ - - if (nPassPhraseDialogCur != 0) { - /* remember mtime of encrypted keys */ - asn1 = ssl_asn1_table_get(mc->tPrivateKey, cp); - asn1->source_mtime = pkey_mtime; - } - - /* - * Free the private key structure - */ - EVP_PKEY_free(pPrivateKey); - } - } - - /* - * Let the user know when we're successful. - */ - if (nPassPhraseDialog > 0) { - sc = mySrvConfig(s); - if (writetty) { - apr_file_printf(writetty, "\n"); - apr_file_printf(writetty, "Ok: Pass Phrase Dialog successful.\n"); - } - } - - /* - * Wipe out the used memory from the - * pass phrase array and then deallocate it - */ - if (aPassPhrase->nelts) { - pphrase_array_clear(aPassPhrase); - ap_log_error(APLOG_MARK, APLOG_INFO, 0, s, - "Init: Wiped out the queried pass phrases from memory"); - } - - /* Close the pipes if they were opened - */ - if (readtty) { - apr_file_close(readtty); - apr_file_close(writetty); - readtty = writetty = NULL; - } - return; -} - -static apr_status_t ssl_pipe_child_create(apr_pool_t *p, const char *progname) -{ - /* Child process code for 'ErrorLog "|..."'; - * may want a common framework for this, since I expect it will - * be common for other foo-loggers to want this sort of thing... - */ - apr_status_t rc; - apr_procattr_t *procattr; - apr_proc_t *procnew; - - if (((rc = apr_procattr_create(&procattr, p)) == APR_SUCCESS) && - ((rc = apr_procattr_io_set(procattr, - APR_FULL_BLOCK, - APR_FULL_BLOCK, - APR_NO_PIPE)) == APR_SUCCESS)) { - char **args; - const char *pname; - - apr_tokenize_to_argv(progname, &args, p); - pname = apr_pstrdup(p, args[0]); - procnew = (apr_proc_t *)apr_pcalloc(p, sizeof(*procnew)); - rc = apr_proc_create(procnew, pname, (const char * const *)args, - NULL, procattr, p); - if (rc == APR_SUCCESS) { - /* XXX: not sure if we aught to... - * apr_pool_note_subprocess(p, procnew, APR_KILL_AFTER_TIMEOUT); - */ - writetty = procnew->in; - readtty = procnew->out; - } - } - - return rc; -} - -static int pipe_get_passwd_cb(char *buf, int length, char *prompt, int verify) -{ - apr_status_t rc; - char *p; - - apr_file_puts(prompt, writetty); - - buf[0]='\0'; - rc = apr_file_gets(buf, length, readtty); - apr_file_puts(APR_EOL_STR, writetty); - - if (rc != APR_SUCCESS || apr_file_eof(readtty)) { - memset(buf, 0, length); - return 1; /* failure */ - } - if ((p = strchr(buf, '\n')) != NULL) { - *p = '\0'; - } -#ifdef WIN32 - /* XXX: apr_sometest */ - if ((p = strchr(buf, '\r')) != NULL) { - *p = '\0'; - } -#endif - return 0; -} - -#ifdef SSLC_VERSION_NUMBER -int ssl_pphrase_Handle_CB(char *buf, int bufsize, int verify) -{ - void *srv = ssl_pphrase_server_rec; -#else -int ssl_pphrase_Handle_CB(char *buf, int bufsize, int verify, void *srv) -{ -#endif - SSLModConfigRec *mc; - server_rec *s; - apr_pool_t *p; - apr_array_header_t *aPassPhrase; - SSLSrvConfigRec *sc; - int *pnPassPhraseCur; - char **cppPassPhraseCur; - char *cpVHostID; - char *cpAlgoType; - int *pnPassPhraseDialog; - int *pnPassPhraseDialogCur; - BOOL *pbPassPhraseDialogOnce; - char *cpp; - int len = -1; - - mc = myModConfig((server_rec *)srv); - - /* - * Reconnect to the context of ssl_phrase_Handle() - */ - s = myCtxVarGet(mc, 1, server_rec *); - p = myCtxVarGet(mc, 2, apr_pool_t *); - aPassPhrase = myCtxVarGet(mc, 3, apr_array_header_t *); - pnPassPhraseCur = myCtxVarGet(mc, 4, int *); - cppPassPhraseCur = myCtxVarGet(mc, 5, char **); - cpVHostID = myCtxVarGet(mc, 6, char *); - cpAlgoType = myCtxVarGet(mc, 7, char *); - pnPassPhraseDialog = myCtxVarGet(mc, 8, int *); - pnPassPhraseDialogCur = myCtxVarGet(mc, 9, int *); - pbPassPhraseDialogOnce = myCtxVarGet(mc, 10, BOOL *); - sc = mySrvConfig(s); - - (*pnPassPhraseDialog)++; - (*pnPassPhraseDialogCur)++; - - /* - * When remembered pass phrases are available use them... - */ - if ((cpp = pphrase_array_get(aPassPhrase, *pnPassPhraseCur)) != NULL) { - apr_cpystrn(buf, cpp, bufsize); - len = strlen(buf); - return len; - } - - /* - * Builtin or Pipe dialog - */ - if (sc->server->pphrase_dialog_type == SSL_PPTYPE_BUILTIN - || sc->server->pphrase_dialog_type == SSL_PPTYPE_PIPE) { - char *prompt; - int i; - - if (sc->server->pphrase_dialog_type == SSL_PPTYPE_PIPE) { - if (!readtty) { - ap_log_error(APLOG_MARK, APLOG_INFO, 0, s, - "Init: Creating pass phrase dialog pipe child " - "'%s'", sc->server->pphrase_dialog_path); - if (ssl_pipe_child_create(p, sc->server->pphrase_dialog_path) - != APR_SUCCESS) { - ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, - "Init: Failed to create pass phrase pipe '%s'", - sc->server->pphrase_dialog_path); - PEMerr(PEM_F_DEF_CALLBACK,PEM_R_PROBLEMS_GETTING_PASSWORD); - memset(buf, 0, (unsigned int)bufsize); - return (-1); - } - } - ap_log_error(APLOG_MARK, APLOG_INFO, 0, s, - "Init: Requesting pass phrase via piped dialog"); - } - else { /* sc->server->pphrase_dialog_type == SSL_PPTYPE_BUILTIN */ -#ifdef WIN32 - PEMerr(PEM_F_DEF_CALLBACK,PEM_R_PROBLEMS_GETTING_PASSWORD); - memset(buf, 0, (unsigned int)bufsize); - return (-1); -#else - /* - * stderr has already been redirected to the error_log. - * rather than attempting to temporarily rehook it to the terminal, - * we print the prompt to stdout before EVP_read_pw_string turns - * off tty echo - */ - apr_file_open_stdout(&writetty, p); - - ap_log_error(APLOG_MARK, APLOG_INFO, 0, s, - "Init: Requesting pass phrase via builtin terminal " - "dialog"); -#endif - } - - /* - * The first time display a header to inform the user about what - * program he actually speaks to, which module is responsible for - * this terminal dialog and why to the hell he has to enter - * something... - */ - if (*pnPassPhraseDialog == 1) { - apr_file_printf(writetty, "%s mod_ssl/%s (Pass Phrase Dialog)\n", - AP_SERVER_BASEVERSION, MOD_SSL_VERSION); - apr_file_printf(writetty, "Some of your private key files are encrypted for security reasons.\n"); - apr_file_printf(writetty, "In order to read them you have to provide us with the pass phrases.\n"); - } - if (*pbPassPhraseDialogOnce) { - *pbPassPhraseDialogOnce = FALSE; - apr_file_printf(writetty, "\n"); - apr_file_printf(writetty, "Server %s (%s)\n", cpVHostID, cpAlgoType); - } - - /* - * Emulate the OpenSSL internal pass phrase dialog - * (see crypto/pem/pem_lib.c:def_callback() for details) - */ - prompt = "Enter pass phrase:"; - - for (;;) { - apr_file_puts(prompt, writetty); - if (sc->server->pphrase_dialog_type == SSL_PPTYPE_PIPE) { - i = pipe_get_passwd_cb(buf, bufsize, "", FALSE); - } - else { /* sc->server->pphrase_dialog_type == SSL_PPTYPE_BUILTIN */ - i = EVP_read_pw_string(buf, bufsize, "", FALSE); - } - if (i != 0) { - PEMerr(PEM_F_DEF_CALLBACK,PEM_R_PROBLEMS_GETTING_PASSWORD); - memset(buf, 0, (unsigned int)bufsize); - return (-1); - } - len = strlen(buf); - if (len < 1) - apr_file_printf(writetty, "Apache:mod_ssl:Error: Pass phrase empty (needs to be at least 1 character).\n"); - else - break; - } - } - - /* - * Filter program - */ - else if (sc->server->pphrase_dialog_type == SSL_PPTYPE_FILTER) { - const char *cmd = sc->server->pphrase_dialog_path; - const char **argv = apr_palloc(p, sizeof(char *) * 4); - char *result; - - ap_log_error(APLOG_MARK, APLOG_INFO, 0, s, - "Init: Requesting pass phrase from dialog filter " - "program (%s)", cmd); - - argv[0] = cmd; - argv[1] = cpVHostID; - argv[2] = cpAlgoType; - argv[3] = NULL; - - result = ssl_util_readfilter(s, p, cmd, argv); - apr_cpystrn(buf, result, bufsize); - len = strlen(buf); - } - - /* - * Ok, we now have the pass phrase, so give it back - */ - *cppPassPhraseCur = apr_pstrdup(p, buf); - - /* - * And return it's length to OpenSSL... - */ - return (len); -} - |