From 9bc487ad89cdc45a96f768a9aa951381839f53be Mon Sep 17 00:00:00 2001 From: doug Date: Sat, 10 Oct 2015 22:28:51 +0000 Subject: [PATCH] Initial support for pledges in openssl(1) commands. openssl(1) has two mechanisms for operating: either a single execution of one command (looking at argv[0] or argv[1]) or as an interactive session than may execute any number of commands. We already have a top level pledge that should cover all commands and that's what interactive mode must continue using. However, we can tighten up the pledges when only executing one command. This is an initial stab at support and may contain regressions. Most commands only need "stdio rpath wpath cpath". The pledges could be further restricted by evaluating the situation after parsing options. deraadt@ and beck@ are roughly fine with this approach. --- usr.bin/openssl/apps.h | 5 ++++- usr.bin/openssl/asn1pars.c | 7 ++++++- usr.bin/openssl/ca.c | 7 ++++++- usr.bin/openssl/certhash.c | 5 +++++ usr.bin/openssl/ciphers.c | 7 ++++++- usr.bin/openssl/cms.c | 7 ++++++- usr.bin/openssl/crl.c | 7 ++++++- usr.bin/openssl/crl2p7.c | 7 ++++++- usr.bin/openssl/dgst.c | 7 ++++++- usr.bin/openssl/dh.c | 7 ++++++- usr.bin/openssl/dhparam.c | 7 ++++++- usr.bin/openssl/dsa.c | 7 ++++++- usr.bin/openssl/dsaparam.c | 7 ++++++- usr.bin/openssl/ec.c | 7 ++++++- usr.bin/openssl/ecparam.c | 7 ++++++- usr.bin/openssl/enc.c | 7 ++++++- usr.bin/openssl/errstr.c | 7 ++++++- usr.bin/openssl/gendh.c | 7 ++++++- usr.bin/openssl/gendsa.c | 7 ++++++- usr.bin/openssl/genpkey.c | 7 ++++++- usr.bin/openssl/genrsa.c | 7 ++++++- usr.bin/openssl/nseq.c | 7 ++++++- usr.bin/openssl/ocsp.c | 7 ++++++- usr.bin/openssl/openssl.c | 8 +++++++- usr.bin/openssl/passwd.c | 7 ++++++- usr.bin/openssl/pkcs12.c | 7 ++++++- usr.bin/openssl/pkcs7.c | 7 ++++++- usr.bin/openssl/pkcs8.c | 7 ++++++- usr.bin/openssl/pkey.c | 7 ++++++- usr.bin/openssl/pkeyparam.c | 7 ++++++- usr.bin/openssl/pkeyutl.c | 7 ++++++- usr.bin/openssl/prime.c | 7 ++++++- usr.bin/openssl/rand.c | 7 ++++++- usr.bin/openssl/req.c | 7 ++++++- usr.bin/openssl/rsa.c | 7 ++++++- usr.bin/openssl/rsautl.c | 7 ++++++- usr.bin/openssl/s_client.c | 7 ++++++- usr.bin/openssl/s_server.c | 8 +++++++- usr.bin/openssl/s_time.c | 7 ++++++- usr.bin/openssl/sess_id.c | 7 ++++++- usr.bin/openssl/smime.c | 7 ++++++- usr.bin/openssl/speed.c | 7 ++++++- usr.bin/openssl/spkac.c | 7 ++++++- usr.bin/openssl/ts.c | 7 ++++++- usr.bin/openssl/verify.c | 7 ++++++- usr.bin/openssl/version.c | 7 ++++++- usr.bin/openssl/x509.c | 7 ++++++- 47 files changed, 281 insertions(+), 46 deletions(-) diff --git a/usr.bin/openssl/apps.h b/usr.bin/openssl/apps.h index bb9fd0dd7ae..4813fa35df4 100644 --- a/usr.bin/openssl/apps.h +++ b/usr.bin/openssl/apps.h @@ -1,4 +1,4 @@ -/* $OpenBSD: apps.h,v 1.16 2015/09/13 12:41:01 bcook Exp $ */ +/* $OpenBSD: apps.h,v 1.17 2015/10/10 22:28:51 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -126,6 +126,9 @@ #include #endif +#include +extern int single_execution; + extern CONF *config; extern char *default_config_file; extern BIO *bio_err; diff --git a/usr.bin/openssl/asn1pars.c b/usr.bin/openssl/asn1pars.c index da3bf761ce4..2ce9d1a3bad 100644 --- a/usr.bin/openssl/asn1pars.c +++ b/usr.bin/openssl/asn1pars.c @@ -1,4 +1,4 @@ -/* $OpenBSD: asn1pars.c,v 1.4 2015/08/19 18:25:31 deraadt Exp $ */ +/* $OpenBSD: asn1pars.c,v 1.5 2015/10/10 22:28:51 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -247,6 +247,11 @@ asn1parse_main(int argc, char **argv) BUF_MEM *buf = NULL; ASN1_TYPE *at = NULL; + if (single_execution) { + if (pledge("stdio rpath wpath cpath", NULL) == -1) + perror("pledge"); + } + memset(&asn1pars_config, 0, sizeof(asn1pars_config)); asn1pars_config.informat = FORMAT_PEM; diff --git a/usr.bin/openssl/ca.c b/usr.bin/openssl/ca.c index e32abcdf211..0b246aeb154 100644 --- a/usr.bin/openssl/ca.c +++ b/usr.bin/openssl/ca.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ca.c,v 1.16 2015/09/21 13:31:26 bcook Exp $ */ +/* $OpenBSD: ca.c,v 1.17 2015/10/10 22:28:51 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -286,6 +286,11 @@ ca_main(int argc, char **argv) const char *errstr = NULL; DB_ATTR db_attr; + if (single_execution) { + if (pledge("stdio rpath wpath cpath", NULL) == -1) + perror("pledge"); + } + conf = NULL; key = NULL; section = NULL; diff --git a/usr.bin/openssl/certhash.c b/usr.bin/openssl/certhash.c index 77e641cef5c..bd0ac54ecfc 100644 --- a/usr.bin/openssl/certhash.c +++ b/usr.bin/openssl/certhash.c @@ -649,6 +649,11 @@ certhash_main(int argc, char **argv) int argsused; int i, cwdfd, ret = 0; + if (single_execution) { + if (pledge("stdio rpath wpath cpath", NULL) == -1) + perror("pledge"); + } + memset(&certhash_config, 0, sizeof(certhash_config)); if (options_parse(argc, argv, certhash_options, NULL, &argsused) != 0) { diff --git a/usr.bin/openssl/ciphers.c b/usr.bin/openssl/ciphers.c index 18b8d3e4d95..caa40854ea8 100644 --- a/usr.bin/openssl/ciphers.c +++ b/usr.bin/openssl/ciphers.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ciphers.c,v 1.6 2015/08/19 18:25:31 deraadt Exp $ */ +/* $OpenBSD: ciphers.c,v 1.7 2015/10/10 22:28:51 doug Exp $ */ /* * Copyright (c) 2014 Joel Sing * @@ -81,6 +81,11 @@ ciphers_main(int argc, char **argv) int i, rv = 0; char *desc; + if (single_execution) { + if (pledge("stdio rpath", NULL) == -1) + perror("pledge"); + } + memset(&ciphers_config, 0, sizeof(ciphers_config)); if (options_parse(argc, argv, ciphers_options, &cipherlist, diff --git a/usr.bin/openssl/cms.c b/usr.bin/openssl/cms.c index fccac23db74..29429f53e08 100644 --- a/usr.bin/openssl/cms.c +++ b/usr.bin/openssl/cms.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cms.c,v 1.3 2015/09/11 14:30:23 bcook Exp $ */ +/* $OpenBSD: cms.c,v 1.4 2015/10/10 22:28:51 doug Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project. */ @@ -135,6 +135,11 @@ cms_main(int argc, char **argv) X509_VERIFY_PARAM *vpm = NULL; + if (single_execution) { + if (pledge("stdio rpath wpath cpath", NULL) == -1) + perror("pledge"); + } + args = argv + 1; ret = 1; diff --git a/usr.bin/openssl/crl.c b/usr.bin/openssl/crl.c index 4ab9e6c6152..47173ec5edd 100644 --- a/usr.bin/openssl/crl.c +++ b/usr.bin/openssl/crl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: crl.c,v 1.7 2015/08/22 16:36:05 jsing Exp $ */ +/* $OpenBSD: crl.c,v 1.8 2015/10/10 22:28:51 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -230,6 +230,11 @@ crl_main(int argc, char **argv) const EVP_MD *digest; char *digest_name = NULL; + if (single_execution) { + if (pledge("stdio rpath wpath cpath", NULL) == -1) + perror("pledge"); + } + if (bio_out == NULL) { if ((bio_out = BIO_new(BIO_s_file())) != NULL) { BIO_set_fp(bio_out, stdout, BIO_NOCLOSE); diff --git a/usr.bin/openssl/crl2p7.c b/usr.bin/openssl/crl2p7.c index 4df986d3250..3935bd18e05 100644 --- a/usr.bin/openssl/crl2p7.c +++ b/usr.bin/openssl/crl2p7.c @@ -1,4 +1,4 @@ -/* $OpenBSD: crl2p7.c,v 1.4 2015/08/22 16:36:05 jsing Exp $ */ +/* $OpenBSD: crl2p7.c,v 1.5 2015/10/10 22:28:51 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -169,6 +169,11 @@ crl2pkcs7_main(int argc, char **argv) STACK_OF(X509) *cert_stack = NULL; int ret = 1; + if (single_execution) { + if (pledge("stdio rpath wpath cpath", NULL) == -1) + perror("pledge"); + } + memset(&crl2p7_config, 0, sizeof(crl2p7_config)); crl2p7_config.informat = FORMAT_PEM; diff --git a/usr.bin/openssl/dgst.c b/usr.bin/openssl/dgst.c index 94d98ac6a4c..b4632eefa35 100644 --- a/usr.bin/openssl/dgst.c +++ b/usr.bin/openssl/dgst.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dgst.c,v 1.6 2015/09/11 14:30:23 bcook Exp $ */ +/* $OpenBSD: dgst.c,v 1.7 2015/10/10 22:28:51 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -123,6 +123,11 @@ dgst_main(int argc, char **argv) char *mac_name = NULL; STACK_OF(OPENSSL_STRING) * sigopts = NULL, *macopts = NULL; + if (single_execution) { + if (pledge("stdio rpath wpath cpath", NULL) == -1) + perror("pledge"); + } + if ((buf = malloc(BUFSIZE)) == NULL) { BIO_printf(bio_err, "out of memory\n"); goto end; diff --git a/usr.bin/openssl/dh.c b/usr.bin/openssl/dh.c index f4112e87c21..7e8d65d1f62 100644 --- a/usr.bin/openssl/dh.c +++ b/usr.bin/openssl/dh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dh.c,v 1.6 2015/09/11 14:30:23 bcook Exp $ */ +/* $OpenBSD: dh.c,v 1.7 2015/10/10 22:28:51 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -158,6 +158,11 @@ dh_main(int argc, char **argv) BIO *in = NULL, *out = NULL; int ret = 1; + if (single_execution) { + if (pledge("stdio rpath wpath cpath", NULL) == -1) + perror("pledge"); + } + memset(&dh_config, 0, sizeof(dh_config)); dh_config.informat = FORMAT_PEM; diff --git a/usr.bin/openssl/dhparam.c b/usr.bin/openssl/dhparam.c index 158a07a5725..55b75663b31 100644 --- a/usr.bin/openssl/dhparam.c +++ b/usr.bin/openssl/dhparam.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dhparam.c,v 1.6 2015/09/11 14:30:23 bcook Exp $ */ +/* $OpenBSD: dhparam.c,v 1.7 2015/10/10 22:28:51 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -243,6 +243,11 @@ dhparam_main(int argc, char **argv) int ret = 1; int i; + if (single_execution) { + if (pledge("stdio rpath wpath cpath", NULL) == -1) + perror("pledge"); + } + memset(&dhparam_config, 0, sizeof(dhparam_config)); dhparam_config.informat = FORMAT_PEM; diff --git a/usr.bin/openssl/dsa.c b/usr.bin/openssl/dsa.c index 813e163662c..2c4feea0d58 100644 --- a/usr.bin/openssl/dsa.c +++ b/usr.bin/openssl/dsa.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dsa.c,v 1.5 2015/09/11 14:30:23 bcook Exp $ */ +/* $OpenBSD: dsa.c,v 1.6 2015/10/10 22:28:51 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -240,6 +240,11 @@ dsa_main(int argc, char **argv) BIO *in = NULL, *out = NULL; char *passin = NULL, *passout = NULL; + if (single_execution) { + if (pledge("stdio rpath wpath cpath", NULL) == -1) + perror("pledge"); + } + memset(&dsa_config, 0, sizeof(dsa_config)); dsa_config.pvk_encr = 2; diff --git a/usr.bin/openssl/dsaparam.c b/usr.bin/openssl/dsaparam.c index 0cdd5c1d51d..73249498fca 100644 --- a/usr.bin/openssl/dsaparam.c +++ b/usr.bin/openssl/dsaparam.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dsaparam.c,v 1.5 2015/09/11 14:30:23 bcook Exp $ */ +/* $OpenBSD: dsaparam.c,v 1.6 2015/10/10 22:28:51 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -168,6 +168,11 @@ dsaparam_main(int argc, char **argv) int numbits = -1; char *strbits = NULL; + if (single_execution) { + if (pledge("stdio rpath wpath cpath", NULL) == -1) + perror("pledge"); + } + memset(&dsaparam_config, 0, sizeof(dsaparam_config)); dsaparam_config.informat = FORMAT_PEM; diff --git a/usr.bin/openssl/ec.c b/usr.bin/openssl/ec.c index d5fe68f0d84..b4e2fe1daac 100644 --- a/usr.bin/openssl/ec.c +++ b/usr.bin/openssl/ec.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ec.c,v 1.5 2015/09/11 14:30:23 bcook Exp $ */ +/* $OpenBSD: ec.c,v 1.6 2015/10/10 22:28:51 doug Exp $ */ /* * Written by Nils Larsch for the OpenSSL project. */ @@ -277,6 +277,11 @@ ec_main(int argc, char **argv) BIO *in = NULL, *out = NULL; char *passin = NULL, *passout = NULL; + if (single_execution) { + if (pledge("stdio rpath wpath cpath", NULL) == -1) + perror("pledge"); + } + memset(&ec_config, 0, sizeof(ec_config)); ec_config.asn1_flag = OPENSSL_EC_NAMED_CURVE; diff --git a/usr.bin/openssl/ecparam.c b/usr.bin/openssl/ecparam.c index 6adac863d5c..bd0c5b8cc0c 100644 --- a/usr.bin/openssl/ecparam.c +++ b/usr.bin/openssl/ecparam.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ecparam.c,v 1.13 2015/09/11 14:30:23 bcook Exp $ */ +/* $OpenBSD: ecparam.c,v 1.14 2015/10/10 22:28:51 doug Exp $ */ /* * Written by Nils Larsch for the OpenSSL project. */ @@ -259,6 +259,11 @@ ecparam_main(int argc, char **argv) BIO *in = NULL, *out = NULL; int i, ret = 1; + if (single_execution) { + if (pledge("stdio rpath wpath cpath", NULL) == -1) + perror("pledge"); + } + memset(&ecparam_config, 0, sizeof(ecparam_config)); ecparam_config.asn1_flag = OPENSSL_EC_NAMED_CURVE; ecparam_config.form = POINT_CONVERSION_UNCOMPRESSED; diff --git a/usr.bin/openssl/enc.c b/usr.bin/openssl/enc.c index 6eb804fd49c..d7103823d3e 100644 --- a/usr.bin/openssl/enc.c +++ b/usr.bin/openssl/enc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: enc.c,v 1.7 2015/09/11 14:30:23 bcook Exp $ */ +/* $OpenBSD: enc.c,v 1.8 2015/10/10 22:28:51 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -338,6 +338,11 @@ enc_main(int argc, char **argv) char pname[PROG_NAME_SIZE + 1]; int i; + if (single_execution) { + if (pledge("stdio rpath wpath cpath", NULL) == -1) + perror("pledge"); + } + memset(&enc_config, 0, sizeof(enc_config)); enc_config.enc = 1; diff --git a/usr.bin/openssl/errstr.c b/usr.bin/openssl/errstr.c index 9cf7bfba4b7..7bd97d99b04 100644 --- a/usr.bin/openssl/errstr.c +++ b/usr.bin/openssl/errstr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: errstr.c,v 1.4 2015/08/22 16:36:05 jsing Exp $ */ +/* $OpenBSD: errstr.c,v 1.5 2015/10/10 22:28:51 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -98,6 +98,11 @@ errstr_main(int argc, char **argv) char buf[256]; int ret = 0; + if (single_execution) { + if (pledge("stdio rpath", NULL) == -1) + perror("pledge"); + } + memset(&errstr_config, 0, sizeof(errstr_config)); if (options_parse(argc, argv, errstr_options, NULL, &argsused) != 0) { diff --git a/usr.bin/openssl/gendh.c b/usr.bin/openssl/gendh.c index 208906e24c2..ceea237be13 100644 --- a/usr.bin/openssl/gendh.c +++ b/usr.bin/openssl/gendh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: gendh.c,v 1.5 2015/09/11 14:30:23 bcook Exp $ */ +/* $OpenBSD: gendh.c,v 1.6 2015/10/10 22:28:51 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -134,6 +134,11 @@ gendh_main(int argc, char **argv) BIO *out = NULL; char *strbits = NULL; + if (single_execution) { + if (pledge("stdio rpath wpath cpath", NULL) == -1) + perror("pledge"); + } + BN_GENCB_set(&cb, dh_cb, bio_err); memset(&gendh_config, 0, sizeof(gendh_config)); diff --git a/usr.bin/openssl/gendsa.c b/usr.bin/openssl/gendsa.c index ee2d6ba1b63..002380a1b9d 100644 --- a/usr.bin/openssl/gendsa.c +++ b/usr.bin/openssl/gendsa.c @@ -1,4 +1,4 @@ -/* $OpenBSD: gendsa.c,v 1.4 2015/09/11 14:30:23 bcook Exp $ */ +/* $OpenBSD: gendsa.c,v 1.5 2015/10/10 22:28:51 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -85,6 +85,11 @@ gendsa_main(int argc, char **argv) BIO *out = NULL, *in = NULL; const EVP_CIPHER *enc = NULL; + if (single_execution) { + if (pledge("stdio rpath wpath cpath", NULL) == -1) + perror("pledge"); + } + argv++; argc--; for (;;) { diff --git a/usr.bin/openssl/genpkey.c b/usr.bin/openssl/genpkey.c index d76e2febd89..4d11bc3c338 100644 --- a/usr.bin/openssl/genpkey.c +++ b/usr.bin/openssl/genpkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: genpkey.c,v 1.5 2015/09/11 14:30:23 bcook Exp $ */ +/* $OpenBSD: genpkey.c,v 1.6 2015/10/10 22:28:51 doug Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2006 */ @@ -86,6 +86,11 @@ genpkey_main(int argc, char **argv) int do_param = 0; + if (single_execution) { + if (pledge("stdio rpath wpath cpath", NULL) == -1) + perror("pledge"); + } + outformat = FORMAT_PEM; args = argv + 1; diff --git a/usr.bin/openssl/genrsa.c b/usr.bin/openssl/genrsa.c index 9f78f0d65d8..1ca8713ed28 100644 --- a/usr.bin/openssl/genrsa.c +++ b/usr.bin/openssl/genrsa.c @@ -1,4 +1,4 @@ -/* $OpenBSD: genrsa.c,v 1.5 2015/09/11 14:30:23 bcook Exp $ */ +/* $OpenBSD: genrsa.c,v 1.6 2015/10/10 22:28:51 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -100,6 +100,11 @@ genrsa_main(int argc, char **argv) BIGNUM *bn = BN_new(); RSA *rsa = NULL; + if (single_execution) { + if (pledge("stdio rpath wpath cpath", NULL) == -1) + perror("pledge"); + } + if (!bn) goto err; diff --git a/usr.bin/openssl/nseq.c b/usr.bin/openssl/nseq.c index b73f512aeef..15df3ffd40b 100644 --- a/usr.bin/openssl/nseq.c +++ b/usr.bin/openssl/nseq.c @@ -1,4 +1,4 @@ -/* $OpenBSD: nseq.c,v 1.4 2015/08/22 16:36:05 jsing Exp $ */ +/* $OpenBSD: nseq.c,v 1.5 2015/10/10 22:28:51 doug Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ @@ -109,6 +109,11 @@ nseq_main(int argc, char **argv) NETSCAPE_CERT_SEQUENCE *seq = NULL; int i, ret = 1; + if (single_execution) { + if (pledge("stdio rpath wpath cpath", NULL) == -1) + perror("pledge"); + } + memset(&nseq_config, 0, sizeof(nseq_config)); if (options_parse(argc, argv, nseq_options, NULL, NULL) != 0) { diff --git a/usr.bin/openssl/ocsp.c b/usr.bin/openssl/ocsp.c index 3a6ac36b1ed..c3b1b168ba7 100644 --- a/usr.bin/openssl/ocsp.c +++ b/usr.bin/openssl/ocsp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ocsp.c,v 1.5 2015/10/03 03:39:19 deraadt Exp $ */ +/* $OpenBSD: ocsp.c,v 1.6 2015/10/10 22:28:51 doug Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2000. */ @@ -146,6 +146,11 @@ ocsp_main(int argc, char **argv) const EVP_MD *cert_id_md = NULL; const char *errstr = NULL; + if (single_execution) { + if (pledge("stdio inet rpath wpath cpath", NULL) == -1) + perror("pledge"); + } + args = argv + 1; reqnames = sk_OPENSSL_STRING_new_null(); ids = sk_OCSP_CERTID_new_null(); diff --git a/usr.bin/openssl/openssl.c b/usr.bin/openssl/openssl.c index 9db7e5b4eb1..e842d6cc65d 100644 --- a/usr.bin/openssl/openssl.c +++ b/usr.bin/openssl/openssl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: openssl.c,v 1.16 2015/10/10 20:18:30 deraadt Exp $ */ +/* $OpenBSD: openssl.c,v 1.17 2015/10/10 22:28:51 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -137,6 +137,8 @@ #define FUNC_TYPE_MD_ALG 5 #define FUNC_TYPE_CIPHER_ALG 6 +int single_execution = 0; + typedef struct { int type; const char *name; @@ -499,6 +501,8 @@ main(int argc, char **argv) fp = lh_FUNCTION_retrieve(prog, &f); if (fp != NULL) { argv[0] = pname; + + single_execution = 1; ret = fp->func(argc, argv); goto end; } @@ -509,6 +513,8 @@ main(int argc, char **argv) if (argc != 1) { argc--; argv++; + + single_execution = 1; ret = do_cmd(prog, argc, argv); if (ret < 0) ret = 0; diff --git a/usr.bin/openssl/passwd.c b/usr.bin/openssl/passwd.c index b6285649e75..58fc5ecb4b4 100644 --- a/usr.bin/openssl/passwd.c +++ b/usr.bin/openssl/passwd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: passwd.c,v 1.4 2015/08/22 16:36:05 jsing Exp $ */ +/* $OpenBSD: passwd.c,v 1.5 2015/10/10 22:28:51 doug Exp $ */ #if defined OPENSSL_NO_MD5 #define NO_MD5CRYPT_1 @@ -145,6 +145,11 @@ passwd_main(int argc, char **argv) int argsused; int ret = 1; + if (single_execution) { + if (pledge("stdio rpath", NULL) == -1) + perror("pledge"); + } + memset(&passwd_config, 0, sizeof(passwd_config)); if (options_parse(argc, argv, passwd_options, NULL, &argsused) != 0) { diff --git a/usr.bin/openssl/pkcs12.c b/usr.bin/openssl/pkcs12.c index eaa7bcceac9..f8d8cc6115c 100644 --- a/usr.bin/openssl/pkcs12.c +++ b/usr.bin/openssl/pkcs12.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pkcs12.c,v 1.4 2015/09/11 14:30:23 bcook Exp $ */ +/* $OpenBSD: pkcs12.c,v 1.5 2015/10/10 22:28:51 doug Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project. */ @@ -124,6 +124,11 @@ pkcs12_main(int argc, char **argv) char *macalg = NULL; char *CApath = NULL, *CAfile = NULL; + if (single_execution) { + if (pledge("stdio rpath wpath cpath", NULL) == -1) + perror("pledge"); + } + cert_pbe = NID_pbe_WithSHA1And40BitRC2_CBC; enc = EVP_des_ede3_cbc(); diff --git a/usr.bin/openssl/pkcs7.c b/usr.bin/openssl/pkcs7.c index 717928d27b0..c29a9c8df27 100644 --- a/usr.bin/openssl/pkcs7.c +++ b/usr.bin/openssl/pkcs7.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pkcs7.c,v 1.6 2015/09/11 14:30:23 bcook Exp $ */ +/* $OpenBSD: pkcs7.c,v 1.7 2015/10/10 22:28:51 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -154,6 +154,11 @@ pkcs7_main(int argc, char **argv) int ret = 1; int i; + if (single_execution) { + if (pledge("stdio rpath wpath cpath", NULL) == -1) + perror("pledge"); + } + memset(&pkcs7_config, 0, sizeof(pkcs7_config)); pkcs7_config.informat = FORMAT_PEM; diff --git a/usr.bin/openssl/pkcs8.c b/usr.bin/openssl/pkcs8.c index b3ccd1966ef..4ac2af012ae 100644 --- a/usr.bin/openssl/pkcs8.c +++ b/usr.bin/openssl/pkcs8.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pkcs8.c,v 1.6 2015/09/11 14:30:23 bcook Exp $ */ +/* $OpenBSD: pkcs8.c,v 1.7 2015/10/10 22:28:51 doug Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999-2004. */ @@ -226,6 +226,11 @@ pkcs8_main(int argc, char **argv) char pass[50], *passin = NULL, *passout = NULL, *p8pass = NULL; int ret = 1; + if (single_execution) { + if (pledge("stdio rpath wpath cpath", NULL) == -1) + perror("pledge"); + } + memset(&pkcs8_config, 0, sizeof(pkcs8_config)); pkcs8_config.iter = PKCS12_DEFAULT_ITER; diff --git a/usr.bin/openssl/pkey.c b/usr.bin/openssl/pkey.c index 72c03181f68..d1ddf5a9299 100644 --- a/usr.bin/openssl/pkey.c +++ b/usr.bin/openssl/pkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pkey.c,v 1.5 2015/09/11 14:30:23 bcook Exp $ */ +/* $OpenBSD: pkey.c,v 1.6 2015/10/10 22:28:51 doug Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2006 */ @@ -79,6 +79,11 @@ pkey_main(int argc, char **argv) int badarg = 0; int ret = 1; + if (single_execution) { + if (pledge("stdio rpath wpath cpath", NULL) == -1) + perror("pledge"); + } + informat = FORMAT_PEM; outformat = FORMAT_PEM; diff --git a/usr.bin/openssl/pkeyparam.c b/usr.bin/openssl/pkeyparam.c index 8f4d3a53f42..cb40fbb3ed6 100644 --- a/usr.bin/openssl/pkeyparam.c +++ b/usr.bin/openssl/pkeyparam.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pkeyparam.c,v 1.7 2015/09/11 14:30:23 bcook Exp $ */ +/* $OpenBSD: pkeyparam.c,v 1.8 2015/10/10 22:28:51 doug Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2006 */ @@ -118,6 +118,11 @@ pkeyparam_main(int argc, char **argv) EVP_PKEY *pkey = NULL; int ret = 1; + if (single_execution) { + if (pledge("stdio rpath wpath cpath", NULL) == -1) + perror("pledge"); + } + memset(&pkeyparam_config, 0, sizeof(pkeyparam_config)); if (options_parse(argc, argv, pkeyparam_options, NULL, NULL) != 0) { diff --git a/usr.bin/openssl/pkeyutl.c b/usr.bin/openssl/pkeyutl.c index 2caa61e282c..64d1f90f507 100644 --- a/usr.bin/openssl/pkeyutl.c +++ b/usr.bin/openssl/pkeyutl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pkeyutl.c,v 1.7 2015/09/11 14:30:23 bcook Exp $ */ +/* $OpenBSD: pkeyutl.c,v 1.8 2015/10/10 22:28:51 doug Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2006. */ @@ -100,6 +100,11 @@ pkeyutl_main(int argc, char **argv) int ret = 1, rv = -1; + if (single_execution) { + if (pledge("stdio rpath wpath cpath", NULL) == -1) + perror("pledge"); + } + argc--; argv++; diff --git a/usr.bin/openssl/prime.c b/usr.bin/openssl/prime.c index 55fac455e9b..13398b01b04 100644 --- a/usr.bin/openssl/prime.c +++ b/usr.bin/openssl/prime.c @@ -1,4 +1,4 @@ -/* $OpenBSD: prime.c,v 1.8 2015/09/12 15:04:06 lteo Exp $ */ +/* $OpenBSD: prime.c,v 1.9 2015/10/10 22:28:51 doug Exp $ */ /* ==================================================================== * Copyright (c) 2004 The OpenSSL Project. All rights reserved. * @@ -118,6 +118,11 @@ prime_main(int argc, char **argv) char *s; int ret = 1; + if (single_execution) { + if (pledge("stdio rpath", NULL) == -1) + perror("pledge"); + } + memset(&prime_config, 0, sizeof(prime_config)); /* Default iterations for Miller-Rabin probabilistic primality test. */ diff --git a/usr.bin/openssl/rand.c b/usr.bin/openssl/rand.c index b0df4eb1b53..2377c6e72be 100644 --- a/usr.bin/openssl/rand.c +++ b/usr.bin/openssl/rand.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rand.c,v 1.8 2015/09/11 14:30:23 bcook Exp $ */ +/* $OpenBSD: rand.c,v 1.9 2015/10/10 22:28:51 doug Exp $ */ /* ==================================================================== * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. * @@ -109,6 +109,11 @@ rand_main(int argc, char **argv) int i, r; BIO *out = NULL; + if (single_execution) { + if (pledge("stdio rpath wpath cpath", NULL) == -1) + perror("pledge"); + } + memset(&rand_config, 0, sizeof(rand_config)); if (options_parse(argc, argv, rand_options, &num_bytes, NULL) != 0) { diff --git a/usr.bin/openssl/req.c b/usr.bin/openssl/req.c index c7256ae59a4..032944b233f 100644 --- a/usr.bin/openssl/req.c +++ b/usr.bin/openssl/req.c @@ -1,4 +1,4 @@ -/* $OpenBSD: req.c,v 1.9 2015/09/14 01:45:03 doug Exp $ */ +/* $OpenBSD: req.c,v 1.10 2015/10/10 22:28:51 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -176,6 +176,11 @@ req_main(int argc, char **argv) const EVP_MD *md_alg = NULL, *digest = NULL; unsigned long chtype = MBSTRING_ASC; + if (single_execution) { + if (pledge("stdio rpath wpath cpath", NULL) == -1) + perror("pledge"); + } + req_conf = NULL; cipher = EVP_aes_256_cbc(); digest = EVP_sha256(); diff --git a/usr.bin/openssl/rsa.c b/usr.bin/openssl/rsa.c index 708332a8d11..a5737605fea 100644 --- a/usr.bin/openssl/rsa.c +++ b/usr.bin/openssl/rsa.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rsa.c,v 1.5 2015/09/11 14:30:23 bcook Exp $ */ +/* $OpenBSD: rsa.c,v 1.6 2015/10/10 22:28:51 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -268,6 +268,11 @@ rsa_main(int argc, char **argv) BIO *out = NULL; char *passin = NULL, *passout = NULL; + if (single_execution) { + if (pledge("stdio rpath wpath cpath", NULL) == -1) + perror("pledge"); + } + memset(&rsa_config, 0, sizeof(rsa_config)); rsa_config.pvk_encr = 2; rsa_config.informat = FORMAT_PEM; diff --git a/usr.bin/openssl/rsautl.c b/usr.bin/openssl/rsautl.c index 2e9793297bd..92dceff8a17 100644 --- a/usr.bin/openssl/rsautl.c +++ b/usr.bin/openssl/rsautl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rsautl.c,v 1.7 2015/09/11 14:30:23 bcook Exp $ */ +/* $OpenBSD: rsautl.c,v 1.8 2015/10/10 22:28:51 doug Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2000. */ @@ -98,6 +98,11 @@ rsautl_main(int argc, char **argv) int ret = 1; + if (single_execution) { + if (pledge("stdio rpath wpath cpath", NULL) == -1) + perror("pledge"); + } + argc--; argv++; diff --git a/usr.bin/openssl/s_client.c b/usr.bin/openssl/s_client.c index 6d250f177f0..63f30389c4b 100644 --- a/usr.bin/openssl/s_client.c +++ b/usr.bin/openssl/s_client.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s_client.c,v 1.20 2015/10/06 03:29:49 deraadt Exp $ */ +/* $OpenBSD: s_client.c,v 1.21 2015/10/10 22:28:51 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -364,6 +364,11 @@ s_client_main(int argc, char **argv) int enable_timeouts = 0; long socket_mtu = 0; + if (single_execution) { + if (pledge("stdio inet rpath wpath cpath", NULL) == -1) + perror("pledge"); + } + meth = SSLv23_client_method(); c_Pause = 0; diff --git a/usr.bin/openssl/s_server.c b/usr.bin/openssl/s_server.c index 11e98141351..198508398b3 100644 --- a/usr.bin/openssl/s_server.c +++ b/usr.bin/openssl/s_server.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s_server.c,v 1.19 2015/10/06 03:29:49 deraadt Exp $ */ +/* $OpenBSD: s_server.c,v 1.20 2015/10/10 22:28:51 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -603,6 +603,12 @@ s_server_main(int argc, char *argv[]) tlsextnextprotoctx next_proto = { NULL, 0 }; const char *alpn_in = NULL; tlsextalpnctx alpn_ctx = { NULL, 0 }; + + if (single_execution) { + if (pledge("stdio inet rpath", NULL) == -1) + perror("pledge"); + } + meth = SSLv23_server_method(); local_argc = argc; diff --git a/usr.bin/openssl/s_time.c b/usr.bin/openssl/s_time.c index c102726b7e2..417ff81f3fd 100644 --- a/usr.bin/openssl/s_time.c +++ b/usr.bin/openssl/s_time.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s_time.c,v 1.12 2015/09/11 14:43:57 lteo Exp $ */ +/* $OpenBSD: s_time.c,v 1.13 2015/10/10 22:28:51 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -258,6 +258,11 @@ s_time_main(int argc, char **argv) char buf[1024 * 8]; int ver; + if (single_execution) { + if (pledge("stdio inet rpath", NULL) == -1) + perror("pledge"); + } + s_time_meth = SSLv23_client_method(); verify_depth = 0; diff --git a/usr.bin/openssl/sess_id.c b/usr.bin/openssl/sess_id.c index d7f33395097..7bf14adbea2 100644 --- a/usr.bin/openssl/sess_id.c +++ b/usr.bin/openssl/sess_id.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sess_id.c,v 1.5 2015/08/19 18:25:31 deraadt Exp $ */ +/* $OpenBSD: sess_id.c,v 1.6 2015/10/10 22:28:51 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -158,6 +158,11 @@ sess_id_main(int argc, char **argv) int ret = 1, i; BIO *out = NULL; + if (single_execution) { + if (pledge("stdio rpath wpath cpath", NULL) == -1) + perror("pledge"); + } + memset(&sess_id_config, 0, sizeof(sess_id_config)); sess_id_config.informat = FORMAT_PEM; diff --git a/usr.bin/openssl/smime.c b/usr.bin/openssl/smime.c index d9813351798..fee7c71e761 100644 --- a/usr.bin/openssl/smime.c +++ b/usr.bin/openssl/smime.c @@ -1,4 +1,4 @@ -/* $OpenBSD: smime.c,v 1.4 2015/09/11 14:30:23 bcook Exp $ */ +/* $OpenBSD: smime.c,v 1.5 2015/10/10 22:28:51 doug Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project. */ @@ -112,6 +112,11 @@ smime_main(int argc, char **argv) X509_VERIFY_PARAM *vpm = NULL; + if (single_execution) { + if (pledge("stdio rpath wpath cpath", NULL) == -1) + perror("pledge"); + } + args = argv + 1; ret = 1; diff --git a/usr.bin/openssl/speed.c b/usr.bin/openssl/speed.c index 1657a43c029..cc555afe8ce 100644 --- a/usr.bin/openssl/speed.c +++ b/usr.bin/openssl/speed.c @@ -1,4 +1,4 @@ -/* $OpenBSD: speed.c,v 1.16 2015/09/20 13:39:13 miod Exp $ */ +/* $OpenBSD: speed.c,v 1.17 2015/10/10 22:28:51 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -469,6 +469,11 @@ speed_main(int argc, char **argv) int multi = 0; const char *errstr = NULL; + if (single_execution) { + if (pledge("stdio proc", NULL) == -1) + perror("pledge"); + } + usertime = -1; memset(results, 0, sizeof(results)); diff --git a/usr.bin/openssl/spkac.c b/usr.bin/openssl/spkac.c index b635b5e3b28..1c8b7073d8e 100644 --- a/usr.bin/openssl/spkac.c +++ b/usr.bin/openssl/spkac.c @@ -1,4 +1,4 @@ -/* $OpenBSD: spkac.c,v 1.5 2015/09/11 14:30:23 bcook Exp $ */ +/* $OpenBSD: spkac.c,v 1.6 2015/10/10 22:28:51 doug Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. Based on an original idea by Massimiliano Pala * (madwolf@openca.org). @@ -181,6 +181,11 @@ spkac_main(int argc, char **argv) NETSCAPE_SPKI *spki = NULL; EVP_PKEY *pkey = NULL; + if (single_execution) { + if (pledge("stdio rpath wpath cpath", NULL) == -1) + perror("pledge"); + } + memset(&spkac_config, 0, sizeof(spkac_config)); spkac_config.spkac = "SPKAC"; spkac_config.spksect = "default"; diff --git a/usr.bin/openssl/ts.c b/usr.bin/openssl/ts.c index 93d258d583e..04ff60ae485 100644 --- a/usr.bin/openssl/ts.c +++ b/usr.bin/openssl/ts.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ts.c,v 1.10 2015/09/21 13:13:06 bcook Exp $ */ +/* $OpenBSD: ts.c,v 1.11 2015/10/10 22:28:51 doug Exp $ */ /* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL * project 2002. */ @@ -149,6 +149,11 @@ ts_main(int argc, char **argv) /* Output is ContentInfo instead of TimeStampResp. */ int token_out = 0; + if (single_execution) { + if (pledge("stdio rpath wpath cpath", NULL) == -1) + perror("pledge"); + } + for (argc--, argv++; argc > 0; argc--, argv++) { if (strcmp(*argv, "-config") == 0) { if (argc-- < 1) diff --git a/usr.bin/openssl/verify.c b/usr.bin/openssl/verify.c index 62ca63f01b1..4975ad5b6e1 100644 --- a/usr.bin/openssl/verify.c +++ b/usr.bin/openssl/verify.c @@ -1,4 +1,4 @@ -/* $OpenBSD: verify.c,v 1.4 2015/09/11 14:30:23 bcook Exp $ */ +/* $OpenBSD: verify.c,v 1.5 2015/10/10 22:28:51 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -85,6 +85,11 @@ verify_main(int argc, char **argv) X509_LOOKUP *lookup = NULL; X509_VERIFY_PARAM *vpm = NULL; + if (single_execution) { + if (pledge("stdio rpath", NULL) == -1) + perror("pledge"); + } + cert_ctx = X509_STORE_new(); if (cert_ctx == NULL) goto end; diff --git a/usr.bin/openssl/version.c b/usr.bin/openssl/version.c index f47369df9d8..e096f899699 100644 --- a/usr.bin/openssl/version.c +++ b/usr.bin/openssl/version.c @@ -1,4 +1,4 @@ -/* $OpenBSD: version.c,v 1.6 2015/08/22 16:36:05 jsing Exp $ */ +/* $OpenBSD: version.c,v 1.7 2015/10/10 22:28:51 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -213,6 +213,11 @@ version_usage(void) int version_main(int argc, char **argv) { + if (single_execution) { + if (pledge("stdio", NULL) == -1) + perror("pledge"); + } + memset(&version_config, 0, sizeof(version_config)); if (options_parse(argc, argv, version_options, NULL, NULL) != 0) { diff --git a/usr.bin/openssl/x509.c b/usr.bin/openssl/x509.c index ec592c29d7b..07c28789d3f 100644 --- a/usr.bin/openssl/x509.c +++ b/usr.bin/openssl/x509.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509.c,v 1.9 2015/10/01 06:31:21 jsing Exp $ */ +/* $OpenBSD: x509.c,v 1.10 2015/10/10 22:28:51 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -198,6 +198,11 @@ x509_main(int argc, char **argv) unsigned long nmflag = 0, certflag = 0; const char *errstr = NULL; + if (single_execution) { + if (pledge("stdio rpath wpath cpath", NULL) == -1) + perror("pledge"); + } + reqfile = 0; STDout = BIO_new_fp(stdout, BIO_NOCLOSE); -- 2.20.1