kopenssl.cc

konqueror3 embedded版本, KDE环境下的当家浏览器的嵌入式版本源码包.

/* This file is part of the KDE libraries
   Copyright (C) 2001-2003 George Staikos <staikos@kde.org>

   This library is free software; you can redistribute it and/or
   modify it under the terms of the GNU Library General Public
   License version 2 as published by the Free Software Foundation.

   This library is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
   Library General Public License for more details.

   You should have received a copy of the GNU Library General Public License
   along with this library; see the file COPYING.LIB.  If not, write to
   the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
   Boston, MA 02110-1301, USA.
*/

#ifdef HAVE_CONFIG_H
#include <config.h>
#endif


#ifdef KSSL_HAVE_SSL
#include <openssl/opensslv.h>
#endif

#include <kdebug.h>
#include <kconfig.h>
#include <kstaticdeleter.h>
#include <qregexp.h>


#include <stdio.h>
#include <unistd.h>
#include "kopenssl.h"

extern "C" {
#ifdef KSSL_HAVE_SSL
static int (*K_SSL_connect)     (SSL *) = 0L;
static int (*K_SSL_accept)      (SSL *) = 0L;
static int (*K_SSL_read)        (SSL *, void *, int) = 0L;
static int (*K_SSL_write)       (SSL *, const void *, int) = 0L;
static SSL *(*K_SSL_new)        (SSL_CTX *) = 0L;
static void (*K_SSL_free)       (SSL *) = 0L;
static int (*K_SSL_shutdown)    (SSL *) = 0L;
static SSL_CTX *(*K_SSL_CTX_new)(SSL_METHOD *) = 0L;
static void (*K_SSL_CTX_free)   (SSL_CTX *) = 0L;
static int (*K_SSL_set_fd)      (SSL *, int) = 0L;
static int (*K_SSL_pending)     (SSL *) = 0L;
static int (*K_SSL_peek)        (SSL *, void *, int) = 0L;
static int (*K_SSL_CTX_set_cipher_list)(SSL_CTX *, const char *) = 0L;
static void (*K_SSL_CTX_set_verify)(SSL_CTX *, int,
                         int (*)(int, X509_STORE_CTX *)) = 0L;
static int (*K_SSL_use_certificate)(SSL *, X509 *) = 0L;
static SSL_CIPHER *(*K_SSL_get_current_cipher)(SSL *) = 0L;
static long (*K_SSL_ctrl)      (SSL *,int, long, char *) = 0L;
static int (*K_RAND_egd)        (const char *) = 0L;
static const char* (*K_RAND_file_name) (char *, size_t) = 0L;
static int (*K_RAND_load_file)  (const char *, long) = 0L;
static int (*K_RAND_write_file) (const char *) = 0L;
static SSL_METHOD * (*K_TLSv1_client_method) () = 0L;
static SSL_METHOD * (*K_SSLv2_client_method) () = 0L;
static SSL_METHOD * (*K_SSLv3_client_method) () = 0L;
static SSL_METHOD * (*K_SSLv23_client_method) () = 0L;
static X509 * (*K_SSL_get_peer_certificate) (SSL *) = 0L;
static int (*K_SSL_CIPHER_get_bits) (SSL_CIPHER *,int *) = 0L;
static char * (*K_SSL_CIPHER_get_version) (SSL_CIPHER *) = 0L;
static const char * (*K_SSL_CIPHER_get_name) (SSL_CIPHER *) = 0L;
static char * (*K_SSL_CIPHER_description) (SSL_CIPHER *, char *, int) = 0L;
static X509 * (*K_d2i_X509) (X509 **,unsigned char **,long) = 0L;
static int (*K_i2d_X509) (X509 *,unsigned char **) = 0L;
static int (*K_X509_cmp) (X509 *, X509 *) = 0L;
static void (*K_X509_STORE_CTX_free) (X509_STORE_CTX *) = 0L;
static int (*K_X509_verify_cert) (X509_STORE_CTX *) = 0L;
static X509_STORE_CTX *(*K_X509_STORE_CTX_new) (void) = 0L;
static void (*K_X509_STORE_free) (X509_STORE *) = 0L;
static X509_STORE *(*K_X509_STORE_new) (void) = 0L;
static void (*K_X509_free) (X509 *) = 0L;
static char *(*K_X509_NAME_oneline) (X509_NAME *,char *,int) = 0L;
static X509_NAME *(*K_X509_get_subject_name) (X509 *) = 0L;
static X509_NAME *(*K_X509_get_issuer_name) (X509 *) = 0L;
static X509_LOOKUP *(*K_X509_STORE_add_lookup) (X509_STORE *, X509_LOOKUP_METHOD *) = 0L;
static X509_LOOKUP_METHOD *(*K_X509_LOOKUP_file)(void) = 0L;
static void (*K_X509_LOOKUP_free)(X509_LOOKUP *) = 0L;
static int (*K_X509_LOOKUP_ctrl)(X509_LOOKUP *, int, const char *, long, char **) = 0L;
static void (*K_X509_STORE_CTX_init)(X509_STORE_CTX *, X509_STORE *, X509 *, STACK_OF(X509) *) = 0L;
static void (*K_CRYPTO_free)       (void *) = 0L;
static X509* (*K_X509_dup)         (X509 *) = 0L;
static BIO_METHOD *(*K_BIO_s_mem) (void) = 0L;
static BIO* (*K_BIO_new) (BIO_METHOD *) = 0L;
static BIO* (*K_BIO_new_fp)   (FILE *, int) = 0L;
static BIO* (*K_BIO_new_mem_buf) (void *, int) = 0L;
static int  (*K_BIO_free)           (BIO *) = 0L;
static long (*K_BIO_ctrl) (BIO *,int,long,void *) = 0L;
static int  (*K_BIO_write) (BIO *b, const void *data, int len) = 0L;
static int (*K_PEM_ASN1_write_bio) (int (*)(),const char *,BIO *,char *,
                                   const EVP_CIPHER *,unsigned char *,int ,
                                            pem_password_cb *, void *) = 0L;
static ASN1_METHOD* (*K_X509_asn1_meth) (void) = 0L;
static int (*K_ASN1_i2d_fp)(int (*)(),FILE *,unsigned char *) = 0L;
static int (*K_i2d_ASN1_HEADER)(ASN1_HEADER *, unsigned char **) = 0L;
static int (*K_X509_print_fp)  (FILE *, X509*) = 0L;
static int (*K_i2d_PKCS12)  (PKCS12*, unsigned char**) = 0L;
static int (*K_i2d_PKCS12_fp)  (FILE *, PKCS12*) = 0L;
static int (*K_PKCS12_newpass) (PKCS12*, char*, char*) = 0L;
static PKCS12* (*K_d2i_PKCS12_fp) (FILE*, PKCS12**) = 0L;
static PKCS12* (*K_PKCS12_new) (void) = 0L;
static void (*K_PKCS12_free) (PKCS12 *) = 0L;
static int (*K_PKCS12_parse) (PKCS12*, const char *, EVP_PKEY**,
                                             X509**, STACK_OF(X509)**) = 0L;
static void (*K_EVP_PKEY_free) (EVP_PKEY *) = 0L;
static EVP_PKEY* (*K_EVP_PKEY_new) () = 0L;
static void (*K_X509_REQ_free) (X509_REQ *) = 0L;
static X509_REQ* (*K_X509_REQ_new) () = 0L;
static int (*K_SSL_CTX_use_PrivateKey) (SSL_CTX*, EVP_PKEY*) = 0L;
static int (*K_SSL_CTX_use_certificate) (SSL_CTX*, X509*) = 0L;
static int (*K_SSL_get_error) (SSL*, int) = 0L;
static STACK_OF(X509)* (*K_SSL_get_peer_cert_chain) (SSL*) = 0L;
static void (*K_X509_STORE_CTX_set_chain) (X509_STORE_CTX *, STACK_OF(X509)*) = 0L;
static void (*K_X509_STORE_CTX_set_purpose) (X509_STORE_CTX *, int) = 0L;
static void (*K_sk_free) (STACK*) = 0L;
static int (*K_sk_num) (STACK*) = 0L;
static char* (*K_sk_pop) (STACK*) = 0L;
static char* (*K_sk_value) (STACK*, int) = 0L;
static STACK* (*K_sk_new) (int (*)()) = 0L;
static int (*K_sk_push) (STACK*, char*) = 0L;
static STACK* (*K_sk_dup) (STACK *) = 0L;
static char * (*K_i2s_ASN1_INTEGER) (X509V3_EXT_METHOD *, ASN1_INTEGER *) =0L;
static ASN1_INTEGER * (*K_X509_get_serialNumber) (X509 *) = 0L;
static EVP_PKEY *(*K_X509_get_pubkey)(X509 *) = 0L;
static int (*K_i2d_PublicKey)(EVP_PKEY *, unsigned char **) = 0L;
static int (*K_X509_check_private_key)(X509 *, EVP_PKEY *) = 0L;
static char * (*K_BN_bn2hex)(const BIGNUM *) = 0L;
static int (*K_X509_digest)(const X509 *,const EVP_MD *, unsigned char *, unsigned int *) = 0L;
static EVP_MD* (*K_EVP_md5)() = 0L;
static void (*K_ASN1_INTEGER_free)(ASN1_INTEGER *) = 0L;
static int (*K_OBJ_obj2nid)(ASN1_OBJECT *) = 0L;
static const char * (*K_OBJ_nid2ln)(int) = 0L;
static int (*K_X509_get_ext_count)(X509*) = 0L;
static int (*K_X509_get_ext_by_NID)(X509*, int, int) = 0L;
static int (*K_X509_get_ext_by_OBJ)(X509*,ASN1_OBJECT*,int) = 0L;
static X509_EXTENSION *(*K_X509_get_ext)(X509*, int loc) = 0L;
static X509_EXTENSION *(*K_X509_delete_ext)(X509*, int) = 0L;
static int (*K_X509_add_ext)(X509*, X509_EXTENSION*, int) = 0L;
static void *(*K_X509_get_ext_d2i)(X509*, int, int*, int*) = 0L;
static char *(*K_i2s_ASN1_OCTET_STRING)(X509V3_EXT_METHOD*, ASN1_OCTET_STRING*) = 0L;
static int (*K_ASN1_BIT_STRING_get_bit)(ASN1_BIT_STRING*, int) = 0L;
static PKCS7 *(*K_PKCS7_new)() = 0L;
static void (*K_PKCS7_free)(PKCS7*) = 0L;
static void (*K_PKCS7_content_free)(PKCS7*) = 0L;
static int (*K_i2d_PKCS7)(PKCS7*, unsigned char**) = 0L;
static PKCS7 *(*K_d2i_PKCS7)(PKCS7**, unsigned char**,long) = 0L;
static int (*K_i2d_PKCS7_fp)(FILE*,PKCS7*) = 0L;
static PKCS7* (*K_d2i_PKCS7_fp)(FILE*,PKCS7**) = 0L;
static int (*K_i2d_PKCS7_bio)(BIO *bp,PKCS7 *p7) = 0L;
static PKCS7 *(*K_d2i_PKCS7_bio)(BIO *bp,PKCS7 **p7) = 0L;
static PKCS7* (*K_PKCS7_dup)(PKCS7*) = 0L;
static STACK_OF(X509_NAME) *(*K_SSL_load_client_CA_file)(const char*) = 0L;
static STACK_OF(X509_INFO) *(*K_PEM_X509_INFO_read)(FILE*, STACK_OF(X509_INFO)*, pem_password_cb*, void*) = 0L;
static char *(*K_ASN1_d2i_fp)(char *(*)(),char *(*)(),FILE*,unsigned char**) = 0L;
static X509 *(*K_X509_new)() = 0L;
static int (*K_X509_PURPOSE_get_count)() = 0L;
static int (*K_X509_PURPOSE_get_id)(X509_PURPOSE *) = 0L;
static int (*K_X509_check_purpose)(X509*,int,int) = 0L;
static X509_PURPOSE* (*K_X509_PURPOSE_get0)(int) = 0L;
static int (*K_EVP_PKEY_assign)(EVP_PKEY*, int, char*) = 0L;
static int (*K_X509_REQ_set_pubkey)(X509_REQ*, EVP_PKEY*) = 0L;
static RSA *(*K_RSA_generate_key)(int, unsigned long, void (*)(int,int,void *), void *) = 0L;
static int (*K_i2d_X509_REQ_fp)(FILE*, X509_REQ*) = 0L;
static void (*K_ERR_clear_error)() = 0L;
static unsigned long (*K_ERR_get_error)() = 0L;
static void (*K_ERR_print_errors_fp)(FILE*) = 0L;
static PKCS7 *(*K_PKCS7_sign)(X509*, EVP_PKEY*, STACK_OF(X509)*, BIO*, int) = 0L;
static int (*K_PKCS7_verify)(PKCS7*,STACK_OF(X509)*,X509_STORE*,BIO*,BIO*,int) = 0L;
static STACK_OF(X509) *(*K_PKCS7_get0_signers)(PKCS7 *, STACK_OF(X509) *, int) = 0L;
static PKCS7 *(*K_PKCS7_encrypt)(STACK_OF(X509) *, BIO *, EVP_CIPHER *, int) = 0L;
static int (*K_PKCS7_decrypt)(PKCS7 *, EVP_PKEY *, X509 *, BIO *, int) = 0L;
static SSL_SESSION* (*K_SSL_get1_session)(SSL*) = 0L;
static void (*K_SSL_SESSION_free)(SSL_SESSION*) = 0L;
static int (*K_SSL_set_session)(SSL*,SSL_SESSION*) = 0L;
static SSL_SESSION* (*K_d2i_SSL_SESSION)(SSL_SESSION**,unsigned char**, long) = 0L;
static int (*K_i2d_SSL_SESSION)(SSL_SESSION*,unsigned char**) = 0L;
static STACK *(*K_X509_get1_email)(X509 *x) = 0L;
static void (*K_X509_email_free)(STACK *sk) = 0L;
static EVP_CIPHER *(*K_EVP_des_ede3_cbc)() = 0L;
static EVP_CIPHER *(*K_EVP_des_cbc)() = 0L;
static EVP_CIPHER *(*K_EVP_rc2_cbc)() = 0L;
static EVP_CIPHER *(*K_EVP_rc2_64_cbc)() = 0L;
static EVP_CIPHER *(*K_EVP_rc2_40_cbc)() = 0L;
static int (*K_i2d_PrivateKey_fp)(FILE*,EVP_PKEY*) = 0L;
static int (*K_i2d_PKCS8PrivateKey_fp)(FILE*, EVP_PKEY*, const EVP_CIPHER*, char*, int, pem_password_cb*, void*) = 0L;
static void (*K_RSA_free)(RSA*) = 0L;
static EVP_CIPHER *(*K_EVP_bf_cbc)() = 0L;
static int (*K_X509_REQ_sign)(X509_REQ*, EVP_PKEY*, const EVP_MD*) = 0L;
static int (*K_X509_NAME_add_entry_by_txt)(X509_NAME*, char*, int, unsigned char*, int, int, int) = 0L;
static X509_NAME *(*K_X509_NAME_new)() = 0L;
static int (*K_X509_REQ_set_subject_name)(X509_REQ*,X509_NAME*) = 0L;
static unsigned char *(*K_ASN1_STRING_data)(ASN1_STRING*) = 0L;
#endif
}


bool KOpenSSLProxy::hasLibSSL() const {
   return _sslLib != 0L;
}


bool KOpenSSLProxy::hasLibCrypto() const {
   return _cryptoLib != 0L;
}


void KOpenSSLProxy::destroy() {
  delete this;
  _me = 0L;
}

#ifdef __OpenBSD__
#include <qdir.h>
#include <qstring.h>
#include <qstringlist.h>

static QString findMostRecentLib(QString dir, QString name)
{
       // Grab all shared libraries in the directory
       QString filter = "lib"+name+".so.*";
       QDir d(dir, filter);
       if (!d.exists())
               return 0L;
       QStringList l = d.entryList();

       // Find the best one
       int bestmaj = -1;
       int bestmin = -1;
       QString best = 0L;
       // where do we start
       uint s = filter.length()-1;
       for (QStringList::Iterator it = l.begin(); it != l.end(); ++it) {
               QString numberpart = (*it).mid(s);
               uint endmaj = numberpart.find('.');
               if (endmaj == -1)
                       continue;
               bool ok;
               int maj = numberpart.left(endmaj).toInt(&ok);
               if (!ok)
                       continue;
               int min = numberpart.mid(endmaj+1).toInt(&ok);
               if (!ok)
                       continue;
               if (maj > bestmaj || (maj == bestmaj && min > bestmin)) {
                       bestmaj = maj;
                       bestmin = min;
                       best = (*it);
               }
       }
       if (best.isNull())
               return 0L;
       else
               return dir+"/"+best;
}
#endif


KOpenSSLProxy::KOpenSSLProxy() {
KLibLoader *ll = KLibLoader::self();
_ok = false;
QStringList libpaths, libnamesc, libnamess;
KConfig *cfg;

   _cryptoLib = 0L;
   _sslLib = 0L;

   cfg = new KConfig("cryptodefaults", false, false);
   cfg->setGroup("OpenSSL");
   QString upath = cfg->readPathEntry("Path");
   if (!upath.isEmpty())
      libpaths << upath;

   delete cfg;

#ifdef __OpenBSD__
   {
   QString libname = findMostRecentLib("/usr/lib" KDELIBSUFF, "crypto");
   if (!libname.isNull())
         _cryptoLib = ll->globalLibrary(libname.latin1());
   }
#elif defined(__CYGWIN__)
   libpaths << "/usr/bin/"             
   		<< "/usr/local/bin"             
   		<< "/usr/local/openssl/bin"     
   		<< "/opt/openssl/bin"           
   		<< "/opt/kde3/bin"              
   		<< "";                          
                                       
   libnamess << "cygssl-0.9.7.dll"     
		 << "cygssl.dll"                    
		 << "libssl.dll"                    
		 << "";                         
                                       
   libnamesc << "cygcrypto.dll"        
		 << "libcrypto.dll"                 
		 << "";                         
#else
   libpaths
            #ifdef _AIX
            << "/opt/freeware/lib/"
	    #endif
	    << "/usr/lib" KDELIBSUFF "/"
	    << "/usr/ssl/lib" KDELIBSUFF "/"
	    << "/usr/local/lib" KDELIBSUFF "/"
            << "/usr/local/openssl/lib" KDELIBSUFF "/"
            << "/usr/local/ssl/lib" KDELIBSUFF "/"
	    << "/opt/openssl/lib" KDELIBSUFF "/"
	    << "/lib" KDELIBSUFF "/"
            << "";
    
// FIXME: #define here for the various OS types to optimize
   libnamess
	     #ifdef hpux
             << "libssl.sl"
             #elif defined(_AIX)
             << "libssl.a(libssl.so.0)"
	     #elif defined(__APPLE__)
	     << "libssl.dylib"
	     << "libssl.0.9.dylib"
             #else
             #ifdef SHLIB_VERSION_NUMBER
             << "libssl.so." SHLIB_VERSION_NUMBER
             #endif
             << "libssl.so"
	     << "libssl.so.0"
             #endif
	     ;

   libnamesc
             #ifdef hpux
             << "libcrypto.sl"
             #elif defined(_AIX)
             << "libcrypto.a(libcrypto.so.0)"
	     #elif defined(__APPLE__)
	     << "libcrypto.dylib"
	     << "libcrypto.0.9.dylib"
	     #else
             #ifdef SHLIB_VERSION_NUMBER
             << "libcrypto.so." SHLIB_VERSION_NUMBER
             #endif
             << "libcrypto.so"
	     << "libcrypto.so.0"
             #endif
	     ;
#endif

   for (QStringList::Iterator it = libpaths.begin();
                              it != libpaths.end();
                              ++it) {
      for (QStringList::Iterator shit = libnamesc.begin();
                                 shit != libnamesc.end();
                                 ++shit) {
         QString alib = *it;
         if (!alib.isEmpty() && !alib.endsWith("/"))
            alib += "/";
         alib += *shit;
	 QString tmpStr(alib.latin1());
	 tmpStr.replace(QRegExp("\\(.*\\)"), "");
	 if (!access(tmpStr.latin1(), R_OK))
            _cryptoLib = ll->globalLibrary(alib.latin1());
         if (_cryptoLib) break;
      }
      if (_cryptoLib) break;
   }

   if (_cryptoLib) {
#ifdef KSSL_HAVE_SSL
      K_X509_free = (void (*) (X509 *)) _cryptoLib->symbol("X509_free");
      K_RAND_egd = (int (*)(const char *)) _cryptoLib->symbol("RAND_egd");
      K_RAND_load_file = (int (*)(const char *, long)) _cryptoLib->symbol("RAND_load_file");
      K_RAND_file_name = (const char* (*)(char *, size_t)) _cryptoLib->symbol("RAND_file_name");
      K_RAND_write_file = (int (*)(const char *)) _cryptoLib->symbol("RAND_write_file");
      K_CRYPTO_free = (void (*) (void *)) _cryptoLib->symbol("CRYPTO_free");
      K_d2i_X509 = (X509 * (*)(X509 **,unsigned char **,long)) _cryptoLib->symbol("d2i_X509");
      K_i2d_X509 = (int (*)(X509 *,unsigned char **)) _cryptoLib->symbol("i2d_X509");
      K_X509_cmp = (int (*)(X509 *, X509 *)) _cryptoLib->symbol("X509_cmp");
      K_X509_STORE_CTX_new = (X509_STORE_CTX * (*) (void)) _cryptoLib->symbol("X509_STORE_CTX_new");
      K_X509_STORE_CTX_free = (void (*) (X509_STORE_CTX *)) _cryptoLib->symbol("X509_STORE_CTX_free");