diff options
author | Rich Salz <rsalz@akamai.com> | 2014-07-07 18:09:16 -0400 |
---|---|---|
committer | Rich Salz <rsalz@akamai.com> | 2014-07-14 18:03:33 -0400 |
commit | 1d597aa8ee5dbe52b36ce6ab25ab5d690a60cff0 (patch) | |
tree | e285c67e0e70309f3afc152b960a63161b4b755d | |
parent | 9d6253cfd3395dfe7147dae134579c6b16544c53 (diff) | |
download | openssl-new-1d597aa8ee5dbe52b36ce6ab25ab5d690a60cff0.tar.gz |
checkpoint on new arg and file parsing
-rw-r--r-- | apps/Makefile | 344 | ||||
-rw-r--r-- | apps/app_rand.c | 2 | ||||
-rw-r--r-- | apps/apps.c | 352 | ||||
-rw-r--r-- | apps/apps.h | 84 | ||||
-rw-r--r-- | apps/asn1pars.c | 254 | ||||
-rw-r--r-- | apps/ca.c | 184 | ||||
-rw-r--r-- | apps/ciphers.c | 61 | ||||
-rw-r--r-- | apps/cms.c | 152 | ||||
-rw-r--r-- | apps/crl.c | 98 | ||||
-rw-r--r-- | apps/crl2p7.c | 84 | ||||
-rw-r--r-- | apps/dgst.c | 109 | ||||
-rw-r--r-- | apps/dh.c | 100 | ||||
-rw-r--r-- | apps/dhparam.c | 120 | ||||
-rw-r--r-- | apps/dsa.c | 135 | ||||
-rw-r--r-- | apps/dsaparam.c | 112 | ||||
-rw-r--r-- | apps/ec.c | 135 | ||||
-rw-r--r-- | apps/ecparam.c | 168 | ||||
-rw-r--r-- | apps/enc.c | 129 | ||||
-rw-r--r-- | apps/engine.c | 55 | ||||
-rw-r--r-- | apps/errstr.c | 57 | ||||
-rw-r--r-- | apps/gendh.c | 68 | ||||
-rw-r--r-- | apps/gendsa.c | 98 | ||||
-rw-r--r-- | apps/genpkey.c | 44 | ||||
-rw-r--r-- | apps/genrsa.c | 101 | ||||
-rw-r--r-- | apps/nseq.c | 22 | ||||
-rw-r--r-- | apps/ocsp.c | 113 | ||||
-rw-r--r-- | apps/openssl.c | 183 | ||||
-rw-r--r-- | apps/passwd.c | 105 | ||||
-rw-r--r-- | apps/pkcs12.c | 129 | ||||
-rw-r--r-- | apps/pkcs7.c | 102 | ||||
-rw-r--r-- | apps/pkcs8.c | 51 | ||||
-rw-r--r-- | apps/pkey.c | 34 | ||||
-rw-r--r-- | apps/pkeyparam.c | 42 | ||||
-rw-r--r-- | apps/pkeyutl.c | 56 | ||||
-rw-r--r-- | apps/prime.c | 43 | ||||
-rw-r--r-- | apps/progs.h | 333 | ||||
-rw-r--r-- | apps/progs.pl | 143 | ||||
-rw-r--r-- | apps/rand.c | 63 | ||||
-rw-r--r-- | apps/req.c | 547 | ||||
-rw-r--r-- | apps/rsa.c | 134 | ||||
-rw-r--r-- | apps/rsautl.c | 58 | ||||
-rw-r--r-- | apps/s_apps.h | 14 | ||||
-rw-r--r-- | apps/s_cb.c | 16 | ||||
-rw-r--r-- | apps/s_client.c | 228 | ||||
-rw-r--r-- | apps/s_server.c | 268 | ||||
-rw-r--r-- | apps/s_socket.c | 2 | ||||
-rw-r--r-- | apps/s_time.c | 81 | ||||
-rw-r--r-- | apps/sess_id.c | 94 | ||||
-rw-r--r-- | apps/smime.c | 137 | ||||
-rw-r--r-- | apps/speed.c | 333 | ||||
-rw-r--r-- | apps/spkac.c | 50 | ||||
-rw-r--r-- | apps/srp.c | 60 | ||||
-rw-r--r-- | apps/ts.c | 76 | ||||
-rw-r--r-- | apps/verify.c | 50 | ||||
-rw-r--r-- | apps/version.c | 26 | ||||
-rw-r--r-- | apps/x509.c | 189 | ||||
-rw-r--r-- | crypto/engine/Makefile | 15 | ||||
-rw-r--r-- | crypto/evp/Makefile | 1 | ||||
-rw-r--r-- | e_os.h | 8 | ||||
-rw-r--r-- | ssl/Makefile | 30 | ||||
-rw-r--r-- | test/Makefile | 251 |
61 files changed, 2863 insertions, 4270 deletions
diff --git a/apps/Makefile b/apps/Makefile index 4d2be30e32..5aaefc7456 100644 --- a/apps/Makefile +++ b/apps/Makefile @@ -20,7 +20,7 @@ EXE_EXT= SHLIB_TARGET= -CFLAGS= -DMONOLITH $(INCLUDES) $(CFLAG) +CFLAGS= $(INCLUDES) $(CFLAG) GENERAL=Makefile makeapps.com install.com @@ -43,8 +43,8 @@ E_EXE= verify asn1pars req dgst dh dhparam enc passwd gendh errstr \ PROGS= $(PROGRAM).c -A_OBJ=apps.o -A_SRC=apps.c +A_OBJ=apps.o opt.o +A_SRC=apps.c opt.c S_OBJ= s_cb.o s_socket.o S_SRC= s_cb.c s_socket.c RAND_OBJ=app_rand.o @@ -161,7 +161,8 @@ $(EXE): progs.h $(E_OBJ) $(PROGRAM).o $(DLIBCRYPTO) $(DLIBSSL) link_app.$${shlib_target} @(cd ..; $(MAKE) rehash) -progs.h: progs.pl +progs.h: progs.pl Makefile + $(RM) progs.h $(PERL) progs.pl $(E_EXE) >progs.h $(RM) $(PROGRAM).o @@ -181,7 +182,7 @@ app_rand.o: ../include/openssl/safestack.h ../include/openssl/sha.h app_rand.o: ../include/openssl/stack.h ../include/openssl/symhacks.h app_rand.o: ../include/openssl/txt_db.h ../include/openssl/x509.h app_rand.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h -app_rand.o: app_rand.c apps.h +app_rand.o: app_rand.c apps.h progs.h apps.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h apps.o: ../include/openssl/bn.h ../include/openssl/buffer.h apps.o: ../include/openssl/conf.h ../include/openssl/crypto.h @@ -199,6 +200,7 @@ apps.o: ../include/openssl/sha.h ../include/openssl/stack.h apps.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h apps.o: ../include/openssl/ui.h ../include/openssl/x509.h apps.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.c apps.h +apps.o: progs.h asn1pars.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h asn1pars.o: ../include/openssl/buffer.h ../include/openssl/conf.h asn1pars.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h @@ -214,7 +216,7 @@ asn1pars.o: ../include/openssl/safestack.h ../include/openssl/sha.h asn1pars.o: ../include/openssl/stack.h ../include/openssl/symhacks.h asn1pars.o: ../include/openssl/txt_db.h ../include/openssl/x509.h asn1pars.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h -asn1pars.o: asn1pars.c +asn1pars.o: asn1pars.c progs.h ca.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h ca.o: ../include/openssl/bn.h ../include/openssl/buffer.h ca.o: ../include/openssl/conf.h ../include/openssl/crypto.h @@ -230,7 +232,7 @@ ca.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h ca.o: ../include/openssl/sha.h ../include/openssl/stack.h ca.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h ca.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -ca.o: ../include/openssl/x509v3.h apps.h ca.c +ca.o: ../include/openssl/x509v3.h apps.h ca.c progs.h ciphers.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h ciphers.o: ../include/openssl/buffer.h ../include/openssl/comp.h ciphers.o: ../include/openssl/conf.h ../include/openssl/crypto.h @@ -251,7 +253,7 @@ ciphers.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h ciphers.o: ../include/openssl/stack.h ../include/openssl/symhacks.h ciphers.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h ciphers.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -ciphers.o: ../include/openssl/x509v3.h apps.h ciphers.c +ciphers.o: ../include/openssl/x509v3.h apps.h ciphers.c progs.h cms.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h cms.o: ../include/openssl/buffer.h ../include/openssl/cms.h cms.o: ../include/openssl/conf.h ../include/openssl/crypto.h @@ -267,7 +269,7 @@ cms.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h cms.o: ../include/openssl/sha.h ../include/openssl/stack.h cms.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h cms.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -cms.o: ../include/openssl/x509v3.h apps.h cms.c +cms.o: ../include/openssl/x509v3.h apps.h cms.c progs.h crl.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h crl.o: ../include/openssl/buffer.h ../include/openssl/conf.h crl.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h @@ -283,6 +285,7 @@ crl.o: ../include/openssl/safestack.h ../include/openssl/sha.h crl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h crl.o: ../include/openssl/txt_db.h ../include/openssl/x509.h crl.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h crl.c +crl.o: progs.h crl2p7.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h crl2p7.o: ../include/openssl/buffer.h ../include/openssl/conf.h crl2p7.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h @@ -298,7 +301,7 @@ crl2p7.o: ../include/openssl/safestack.h ../include/openssl/sha.h crl2p7.o: ../include/openssl/stack.h ../include/openssl/symhacks.h crl2p7.o: ../include/openssl/txt_db.h ../include/openssl/x509.h crl2p7.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h -crl2p7.o: crl2p7.c +crl2p7.o: crl2p7.c progs.h dgst.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h dgst.o: ../include/openssl/buffer.h ../include/openssl/conf.h dgst.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h @@ -314,7 +317,7 @@ dgst.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h dgst.o: ../include/openssl/sha.h ../include/openssl/stack.h dgst.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h dgst.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -dgst.o: ../include/openssl/x509v3.h apps.h dgst.c +dgst.o: ../include/openssl/x509v3.h apps.h dgst.c progs.h dh.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h dh.o: ../include/openssl/bn.h ../include/openssl/buffer.h dh.o: ../include/openssl/conf.h ../include/openssl/crypto.h @@ -331,23 +334,24 @@ dh.o: ../include/openssl/safestack.h ../include/openssl/sha.h dh.o: ../include/openssl/stack.h ../include/openssl/symhacks.h dh.o: ../include/openssl/txt_db.h ../include/openssl/x509.h dh.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h dh.c +dh.o: progs.h dsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h dsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h dsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h -dsa.o: ../include/openssl/dh.h ../include/openssl/dsa.h -dsa.o: ../include/openssl/e_os2.h ../include/openssl/ec.h -dsa.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h -dsa.o: ../include/openssl/engine.h ../include/openssl/err.h -dsa.o: ../include/openssl/evp.h ../include/openssl/lhash.h -dsa.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -dsa.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h -dsa.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -dsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h -dsa.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h -dsa.o: ../include/openssl/sha.h ../include/openssl/stack.h -dsa.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h -dsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -dsa.o: ../include/openssl/x509v3.h apps.h dsa.c +dsa.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h +dsa.o: ../include/openssl/ec.h ../include/openssl/ecdh.h +dsa.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h +dsa.o: ../include/openssl/err.h ../include/openssl/evp.h +dsa.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h +dsa.o: ../include/openssl/objects.h ../include/openssl/ocsp.h +dsa.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +dsa.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +dsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +dsa.o: ../include/openssl/safestack.h ../include/openssl/sha.h +dsa.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +dsa.o: ../include/openssl/txt_db.h ../include/openssl/x509.h +dsa.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h dsa.c +dsa.o: progs.h dsaparam.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h dsaparam.o: ../include/openssl/bn.h ../include/openssl/buffer.h dsaparam.o: ../include/openssl/conf.h ../include/openssl/crypto.h @@ -360,11 +364,13 @@ dsaparam.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h dsaparam.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h dsaparam.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h dsaparam.o: ../include/openssl/pem.h ../include/openssl/pem2.h -dsaparam.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h +dsaparam.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h +dsaparam.o: ../include/openssl/rsa.h ../include/openssl/safestack.h dsaparam.o: ../include/openssl/sha.h ../include/openssl/stack.h dsaparam.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h -dsaparam.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -dsaparam.o: ../include/openssl/x509v3.h apps.h dsaparam.c +dsaparam.o: ../include/openssl/ui.h ../include/openssl/x509.h +dsaparam.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h +dsaparam.o: dsaparam.c progs.h ec.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h ec.o: ../include/openssl/buffer.h ../include/openssl/conf.h ec.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h @@ -380,6 +386,7 @@ ec.o: ../include/openssl/safestack.h ../include/openssl/sha.h ec.o: ../include/openssl/stack.h ../include/openssl/symhacks.h ec.o: ../include/openssl/txt_db.h ../include/openssl/x509.h ec.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h ec.c +ec.o: progs.h ecparam.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h ecparam.o: ../include/openssl/bn.h ../include/openssl/buffer.h ecparam.o: ../include/openssl/conf.h ../include/openssl/crypto.h @@ -395,7 +402,7 @@ ecparam.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h ecparam.o: ../include/openssl/sha.h ../include/openssl/stack.h ecparam.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h ecparam.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -ecparam.o: ../include/openssl/x509v3.h apps.h ecparam.c +ecparam.o: ../include/openssl/x509v3.h apps.h ecparam.c progs.h enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h enc.o: ../include/openssl/buffer.h ../include/openssl/comp.h enc.o: ../include/openssl/conf.h ../include/openssl/crypto.h @@ -412,6 +419,7 @@ enc.o: ../include/openssl/safestack.h ../include/openssl/sha.h enc.o: ../include/openssl/stack.h ../include/openssl/symhacks.h enc.o: ../include/openssl/txt_db.h ../include/openssl/x509.h enc.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h enc.c +enc.o: progs.h engine.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h engine.o: ../include/openssl/buffer.h ../include/openssl/comp.h engine.o: ../include/openssl/conf.h ../include/openssl/crypto.h @@ -432,7 +440,7 @@ engine.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h engine.o: ../include/openssl/stack.h ../include/openssl/symhacks.h engine.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h engine.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -engine.o: ../include/openssl/x509v3.h apps.h engine.c +engine.o: ../include/openssl/x509v3.h apps.h engine.c progs.h errstr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h errstr.o: ../include/openssl/buffer.h ../include/openssl/comp.h errstr.o: ../include/openssl/conf.h ../include/openssl/crypto.h @@ -453,41 +461,43 @@ errstr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h errstr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h errstr.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h errstr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -errstr.o: ../include/openssl/x509v3.h apps.h errstr.c +errstr.o: ../include/openssl/x509v3.h apps.h errstr.c progs.h gendh.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h gendh.o: ../include/openssl/bn.h ../include/openssl/buffer.h gendh.o: ../include/openssl/conf.h ../include/openssl/crypto.h -gendh.o: ../include/openssl/dh.h ../include/openssl/e_os2.h -gendh.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -gendh.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h -gendh.o: ../include/openssl/err.h ../include/openssl/evp.h -gendh.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h -gendh.o: ../include/openssl/objects.h ../include/openssl/ocsp.h -gendh.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -gendh.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h -gendh.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -gendh.o: ../include/openssl/rand.h ../include/openssl/safestack.h +gendh.o: ../include/openssl/dh.h ../include/openssl/dsa.h +gendh.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +gendh.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +gendh.o: ../include/openssl/engine.h ../include/openssl/err.h +gendh.o: ../include/openssl/evp.h ../include/openssl/lhash.h +gendh.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +gendh.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h +gendh.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h +gendh.o: ../include/openssl/pem.h ../include/openssl/pem2.h +gendh.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h +gendh.o: ../include/openssl/rsa.h ../include/openssl/safestack.h gendh.o: ../include/openssl/sha.h ../include/openssl/stack.h gendh.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h -gendh.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -gendh.o: ../include/openssl/x509v3.h apps.h gendh.c +gendh.o: ../include/openssl/ui.h ../include/openssl/x509.h +gendh.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h +gendh.o: gendh.c progs.h gendsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h gendsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h gendsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h -gendsa.o: ../include/openssl/dh.h ../include/openssl/dsa.h -gendsa.o: ../include/openssl/e_os2.h ../include/openssl/ec.h -gendsa.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h -gendsa.o: ../include/openssl/engine.h ../include/openssl/err.h -gendsa.o: ../include/openssl/evp.h ../include/openssl/lhash.h -gendsa.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -gendsa.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h -gendsa.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -gendsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h -gendsa.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h -gendsa.o: ../include/openssl/sha.h ../include/openssl/stack.h -gendsa.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h -gendsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -gendsa.o: ../include/openssl/x509v3.h apps.h gendsa.c +gendsa.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h +gendsa.o: ../include/openssl/ec.h ../include/openssl/ecdh.h +gendsa.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h +gendsa.o: ../include/openssl/err.h ../include/openssl/evp.h +gendsa.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h +gendsa.o: ../include/openssl/objects.h ../include/openssl/ocsp.h +gendsa.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +gendsa.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +gendsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +gendsa.o: ../include/openssl/safestack.h ../include/openssl/sha.h +gendsa.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +gendsa.o: ../include/openssl/txt_db.h ../include/openssl/x509.h +gendsa.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h +gendsa.o: gendsa.c progs.h genpkey.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h genpkey.o: ../include/openssl/buffer.h ../include/openssl/conf.h genpkey.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h @@ -503,10 +513,11 @@ genpkey.o: ../include/openssl/safestack.h ../include/openssl/sha.h genpkey.o: ../include/openssl/stack.h ../include/openssl/symhacks.h genpkey.o: ../include/openssl/txt_db.h ../include/openssl/x509.h genpkey.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h -genpkey.o: genpkey.c +genpkey.o: genpkey.c progs.h genrsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h genrsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h genrsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h +genrsa.o: ../include/openssl/dh.h ../include/openssl/dsa.h genrsa.o: ../include/openssl/e_os2.h ../include/openssl/ec.h genrsa.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h genrsa.o: ../include/openssl/engine.h ../include/openssl/err.h @@ -519,8 +530,9 @@ genrsa.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h genrsa.o: ../include/openssl/rsa.h ../include/openssl/safestack.h genrsa.o: ../include/openssl/sha.h ../include/openssl/stack.h genrsa.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h -genrsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -genrsa.o: ../include/openssl/x509v3.h apps.h genrsa.c +genrsa.o: ../include/openssl/ui.h ../include/openssl/x509.h +genrsa.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h +genrsa.o: genrsa.c progs.h nseq.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h nseq.o: ../include/openssl/buffer.h ../include/openssl/conf.h nseq.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h @@ -536,6 +548,7 @@ nseq.o: ../include/openssl/safestack.h ../include/openssl/sha.h nseq.o: ../include/openssl/stack.h ../include/openssl/symhacks.h nseq.o: ../include/openssl/txt_db.h ../include/openssl/x509.h nseq.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h nseq.c +nseq.o: progs.h ocsp.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h ocsp.o: ../include/openssl/bn.h ../include/openssl/buffer.h ocsp.o: ../include/openssl/comp.h ../include/openssl/conf.h @@ -557,6 +570,7 @@ ocsp.o: ../include/openssl/ssl3.h ../include/openssl/stack.h ocsp.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h ocsp.o: ../include/openssl/txt_db.h ../include/openssl/x509.h ocsp.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h ocsp.c +ocsp.o: progs.h openssl.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h openssl.o: ../include/openssl/buffer.h ../include/openssl/comp.h openssl.o: ../include/openssl/conf.h ../include/openssl/crypto.h @@ -579,6 +593,20 @@ openssl.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h openssl.o: ../include/openssl/txt_db.h ../include/openssl/x509.h openssl.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h openssl.o: openssl.c progs.h s_apps.h +opt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h +opt.o: ../include/openssl/buffer.h ../include/openssl/conf.h +opt.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h +opt.o: ../include/openssl/ec.h ../include/openssl/ecdh.h +opt.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h +opt.o: ../include/openssl/evp.h ../include/openssl/lhash.h +opt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +opt.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h +opt.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h +opt.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h +opt.o: ../include/openssl/sha.h ../include/openssl/stack.h +opt.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h +opt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +opt.o: ../include/openssl/x509v3.h apps.h opt.c progs.h passwd.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h passwd.o: ../include/openssl/buffer.h ../include/openssl/conf.h passwd.o: ../include/openssl/crypto.h ../include/openssl/des.h @@ -596,7 +624,7 @@ passwd.o: ../include/openssl/stack.h ../include/openssl/symhacks.h passwd.o: ../include/openssl/txt_db.h ../include/openssl/ui.h passwd.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h passwd.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h -passwd.o: passwd.c +passwd.o: passwd.c progs.h pkcs12.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h pkcs12.o: ../include/openssl/buffer.h ../include/openssl/conf.h pkcs12.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h @@ -612,7 +640,7 @@ pkcs12.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h pkcs12.o: ../include/openssl/sha.h ../include/openssl/stack.h pkcs12.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h pkcs12.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -pkcs12.o: ../include/openssl/x509v3.h apps.h pkcs12.c +pkcs12.o: ../include/openssl/x509v3.h apps.h pkcs12.c progs.h pkcs7.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h pkcs7.o: ../include/openssl/buffer.h ../include/openssl/conf.h pkcs7.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h @@ -628,7 +656,7 @@ pkcs7.o: ../include/openssl/safestack.h ../include/openssl/sha.h pkcs7.o: ../include/openssl/stack.h ../include/openssl/symhacks.h pkcs7.o: ../include/openssl/txt_db.h ../include/openssl/x509.h pkcs7.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h -pkcs7.o: pkcs7.c +pkcs7.o: pkcs7.c progs.h pkcs8.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h pkcs8.o: ../include/openssl/buffer.h ../include/openssl/conf.h pkcs8.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h @@ -644,7 +672,7 @@ pkcs8.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h pkcs8.o: ../include/openssl/sha.h ../include/openssl/stack.h pkcs8.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h pkcs8.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -pkcs8.o: ../include/openssl/x509v3.h apps.h pkcs8.c +pkcs8.o: ../include/openssl/x509v3.h apps.h pkcs8.c progs.h pkey.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h pkey.o: ../include/openssl/buffer.h ../include/openssl/conf.h pkey.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h @@ -660,6 +688,7 @@ pkey.o: ../include/openssl/safestack.h ../include/openssl/sha.h pkey.o: ../include/openssl/stack.h ../include/openssl/symhacks.h pkey.o: ../include/openssl/txt_db.h ../include/openssl/x509.h pkey.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h pkey.c +pkey.o: progs.h pkeyparam.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h pkeyparam.o: ../include/openssl/buffer.h ../include/openssl/conf.h pkeyparam.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h @@ -675,7 +704,7 @@ pkeyparam.o: ../include/openssl/safestack.h ../include/openssl/sha.h pkeyparam.o: ../include/openssl/stack.h ../include/openssl/symhacks.h pkeyparam.o: ../include/openssl/txt_db.h ../include/openssl/x509.h pkeyparam.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h -pkeyparam.o: pkeyparam.c +pkeyparam.o: pkeyparam.c progs.h pkeyutl.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h pkeyutl.o: ../include/openssl/buffer.h ../include/openssl/conf.h pkeyutl.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h @@ -691,7 +720,7 @@ pkeyutl.o: ../include/openssl/safestack.h ../include/openssl/sha.h pkeyutl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h pkeyutl.o: ../include/openssl/txt_db.h ../include/openssl/x509.h pkeyutl.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h -pkeyutl.o: pkeyutl.c +pkeyutl.o: pkeyutl.c progs.h prime.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h prime.o: ../include/openssl/bn.h ../include/openssl/buffer.h prime.o: ../include/openssl/conf.h ../include/openssl/crypto.h @@ -706,7 +735,7 @@ prime.o: ../include/openssl/safestack.h ../include/openssl/sha.h prime.o: ../include/openssl/stack.h ../include/openssl/symhacks.h prime.o: ../include/openssl/txt_db.h ../include/openssl/x509.h prime.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h -prime.o: prime.c +prime.o: prime.c progs.h rand.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h rand.o: ../include/openssl/buffer.h ../include/openssl/conf.h rand.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h @@ -721,7 +750,7 @@ rand.o: ../include/openssl/rand.h ../include/openssl/safestack.h rand.o: ../include/openssl/sha.h ../include/openssl/stack.h rand.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h rand.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -rand.o: ../include/openssl/x509v3.h apps.h rand.c +rand.o: ../include/openssl/x509v3.h apps.h progs.h rand.c req.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h req.o: ../include/openssl/bn.h ../include/openssl/buffer.h req.o: ../include/openssl/conf.h ../include/openssl/crypto.h @@ -734,11 +763,13 @@ req.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h req.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h req.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h req.o: ../include/openssl/pem.h ../include/openssl/pem2.h -req.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h -req.o: ../include/openssl/safestack.h ../include/openssl/sha.h -req.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -req.o: ../include/openssl/txt_db.h ../include/openssl/x509.h -req.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h req.c +req.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h +req.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +req.o: ../include/openssl/sha.h ../include/openssl/stack.h +req.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h +req.o: ../include/openssl/ui.h ../include/openssl/x509.h +req.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h progs.h +req.o: req.c rsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h rsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h rsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h @@ -754,24 +785,24 @@ rsa.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h rsa.o: ../include/openssl/safestack.h ../include/openssl/sha.h rsa.o: ../include/openssl/stack.h ../include/openssl/symhacks.h rsa.o: ../include/openssl/txt_db.h ../include/openssl/x509.h -rsa.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h rsa.c +rsa.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h progs.h +rsa.o: rsa.c rsautl.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -rsautl.o: ../include/openssl/bn.h ../include/openssl/buffer.h -rsautl.o: ../include/openssl/conf.h ../include/openssl/crypto.h -rsautl.o: ../include/openssl/e_os2.h ../include/openssl/ec.h -rsautl.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h -rsautl.o: ../include/openssl/engine.h ../include/openssl/err.h -rsautl.o: ../include/openssl/evp.h ../include/openssl/lhash.h -rsautl.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -rsautl.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h -rsautl.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -rsautl.o: ../include/openssl/pem.h ../include/openssl/pem2.h -rsautl.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h -rsautl.o: ../include/openssl/safestack.h ../include/openssl/sha.h -rsautl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -rsautl.o: ../include/openssl/txt_db.h ../include/openssl/x509.h -rsautl.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h -rsautl.o: rsautl.c +rsautl.o: ../include/openssl/buffer.h ../include/openssl/conf.h +rsautl.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h +rsautl.o: ../include/openssl/ec.h ../include/openssl/ecdh.h +rsautl.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h +rsautl.o: ../include/openssl/err.h ../include/openssl/evp.h +rsautl.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h +rsautl.o: ../include/openssl/objects.h ../include/openssl/ocsp.h +rsautl.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +rsautl.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +rsautl.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +rsautl.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +rsautl.o: ../include/openssl/sha.h ../include/openssl/stack.h +rsautl.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h +rsautl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +rsautl.o: ../include/openssl/x509v3.h apps.h progs.h rsautl.c s_cb.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h s_cb.o: ../include/openssl/bn.h ../include/openssl/buffer.h s_cb.o: ../include/openssl/comp.h ../include/openssl/conf.h @@ -794,7 +825,7 @@ s_cb.o: ../include/openssl/ssl3.h ../include/openssl/stack.h s_cb.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h s_cb.o: ../include/openssl/txt_db.h ../include/openssl/x509.h s_cb.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h -s_cb.o: s_apps.h s_cb.c +s_cb.o: progs.h s_apps.h s_cb.c s_client.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h s_client.o: ../include/openssl/bn.h ../include/openssl/buffer.h s_client.o: ../include/openssl/comp.h ../include/openssl/conf.h @@ -817,31 +848,32 @@ s_client.o: ../include/openssl/ssl3.h ../include/openssl/stack.h s_client.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h s_client.o: ../include/openssl/txt_db.h ../include/openssl/x509.h s_client.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h -s_client.o: s_apps.h s_client.c timeouts.h +s_client.o: progs.h s_apps.h s_client.c timeouts.h s_server.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h s_server.o: ../include/openssl/bn.h ../include/openssl/buffer.h s_server.o: ../include/openssl/comp.h ../include/openssl/conf.h s_server.o: ../include/openssl/crypto.h ../include/openssl/dh.h -s_server.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h -s_server.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -s_server.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h -s_server.o: ../include/openssl/err.h ../include/openssl/evp.h -s_server.o: ../include/openssl/hmac.h ../include/openssl/kssl.h -s_server.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h -s_server.o: ../include/openssl/objects.h ../include/openssl/ocsp.h -s_server.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -s_server.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h -s_server.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h -s_server.o: ../include/openssl/pqueue.h ../include/openssl/rand.h -s_server.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -s_server.o: ../include/openssl/sha.h ../include/openssl/srp.h -s_server.o: ../include/openssl/srtp.h ../include/openssl/ssl.h -s_server.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -s_server.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -s_server.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -s_server.o: ../include/openssl/txt_db.h ../include/openssl/x509.h +s_server.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h +s_server.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +s_server.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +s_server.o: ../include/openssl/engine.h ../include/openssl/err.h +s_server.o: ../include/openssl/evp.h ../include/openssl/hmac.h +s_server.o: ../include/openssl/kssl.h ../include/openssl/lhash.h +s_server.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +s_server.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h +s_server.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h +s_server.o: ../include/openssl/pem.h ../include/openssl/pem2.h +s_server.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h +s_server.o: ../include/openssl/rand.h ../include/openssl/rsa.h +s_server.o: ../include/openssl/safestack.h ../include/openssl/sha.h +s_server.o: ../include/openssl/srp.h ../include/openssl/srtp.h +s_server.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +s_server.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +s_server.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +s_server.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h +s_server.o: ../include/openssl/ui.h ../include/openssl/x509.h s_server.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h -s_server.o: s_apps.h s_server.c timeouts.h +s_server.o: progs.h s_apps.h s_server.c timeouts.h s_socket.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h s_socket.o: ../include/openssl/buffer.h ../include/openssl/comp.h s_socket.o: ../include/openssl/conf.h ../include/openssl/crypto.h @@ -862,7 +894,7 @@ s_socket.o: ../include/openssl/ssl3.h ../include/openssl/stack.h s_socket.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h s_socket.o: ../include/openssl/txt_db.h ../include/openssl/x509.h s_socket.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h -s_socket.o: s_apps.h s_socket.c +s_socket.o: progs.h s_apps.h s_socket.c s_time.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h s_time.o: ../include/openssl/buffer.h ../include/openssl/comp.h s_time.o: ../include/openssl/conf.h ../include/openssl/crypto.h @@ -883,7 +915,7 @@ s_time.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h s_time.o: ../include/openssl/stack.h ../include/openssl/symhacks.h s_time.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h s_time.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -s_time.o: ../include/openssl/x509v3.h apps.h s_apps.h s_time.c +s_time.o: ../include/openssl/x509v3.h apps.h progs.h s_apps.h s_time.c sess_id.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h sess_id.o: ../include/openssl/buffer.h ../include/openssl/comp.h sess_id.o: ../include/openssl/conf.h ../include/openssl/crypto.h @@ -904,7 +936,7 @@ sess_id.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h sess_id.o: ../include/openssl/stack.h ../include/openssl/symhacks.h sess_id.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h sess_id.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -sess_id.o: ../include/openssl/x509v3.h apps.h sess_id.c +sess_id.o: ../include/openssl/x509v3.h apps.h progs.h sess_id.c smime.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h smime.o: ../include/openssl/buffer.h ../include/openssl/conf.h smime.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h @@ -920,34 +952,34 @@ smime.o: ../include/openssl/safestack.h ../include/openssl/sha.h smime.o: ../include/openssl/stack.h ../include/openssl/symhacks.h smime.o: ../include/openssl/txt_db.h ../include/openssl/x509.h smime.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h -smime.o: smime.c +smime.o: progs.h smime.c speed.o: ../crypto/bn/bn_lcl.h ../e_os.h ../include/openssl/aes.h speed.o: ../include/openssl/asn1.h ../include/openssl/bio.h speed.o: ../include/openssl/blowfish.h ../include/openssl/bn.h speed.o: ../include/openssl/buffer.h ../include/openssl/camellia.h speed.o: ../include/openssl/cast.h ../include/openssl/conf.h speed.o: ../include/openssl/crypto.h ../include/openssl/des.h -speed.o: ../include/openssl/des_old.h ../include/openssl/dh.h -speed.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h -speed.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -speed.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h -speed.o: ../include/openssl/err.h ../include/openssl/evp.h -speed.o: ../include/openssl/hmac.h ../include/openssl/idea.h -speed.o: ../include/openssl/lhash.h ../include/openssl/md4.h -speed.o: ../include/openssl/md5.h ../include/openssl/mdc2.h -speed.o: ../include/openssl/modes.h ../include/openssl/obj_mac.h -speed.o: ../include/openssl/objects.h ../include/openssl/ocsp.h -speed.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -speed.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h -speed.o: ../include/openssl/rand.h ../include/openssl/rc2.h -speed.o: ../include/openssl/rc4.h ../include/openssl/ripemd.h -speed.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -speed.o: ../include/openssl/seed.h ../include/openssl/sha.h -speed.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -speed.o: ../include/openssl/txt_db.h ../include/openssl/ui.h -speed.o: ../include/openssl/ui_compat.h ../include/openssl/whrlpool.h -speed.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -speed.o: ../include/openssl/x509v3.h apps.h speed.c testdsa.h testrsa.h +speed.o: ../include/openssl/des_old.h ../include/openssl/dsa.h +speed.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +speed.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +speed.o: ../include/openssl/engine.h ../include/openssl/err.h +speed.o: ../include/openssl/evp.h ../include/openssl/hmac.h +speed.o: ../include/openssl/idea.h ../include/openssl/lhash.h +speed.o: ../include/openssl/md4.h ../include/openssl/md5.h +speed.o: ../include/openssl/mdc2.h ../include/openssl/modes.h +speed.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +speed.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h +speed.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h +speed.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h +speed.o: ../include/openssl/rc2.h ../include/openssl/rc4.h +speed.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h +speed.o: ../include/openssl/safestack.h ../include/openssl/seed.h +speed.o: ../include/openssl/sha.h ../include/openssl/stack.h +speed.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h +speed.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h +speed.o: ../include/openssl/whrlpool.h ../include/openssl/x509.h +speed.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h +speed.o: progs.h speed.c testdsa.h testrsa.h spkac.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h spkac.o: ../include/openssl/buffer.h ../include/openssl/conf.h spkac.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h @@ -963,7 +995,7 @@ spkac.o: ../include/openssl/safestack.h ../include/openssl/sha.h spkac.o: ../include/openssl/stack.h ../include/openssl/symhacks.h spkac.o: ../include/openssl/txt_db.h ../include/openssl/x509.h spkac.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h -spkac.o: spkac.c +spkac.o: progs.h spkac.c srp.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h srp.o: ../include/openssl/bn.h ../include/openssl/buffer.h srp.o: ../include/openssl/conf.h ../include/openssl/crypto.h @@ -978,7 +1010,8 @@ srp.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h srp.o: ../include/openssl/sha.h ../include/openssl/srp.h srp.o: ../include/openssl/stack.h ../include/openssl/symhacks.h srp.o: ../include/openssl/txt_db.h ../include/openssl/x509.h -srp.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h srp.c +srp.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h progs.h +srp.o: srp.c ts.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h ts.o: ../include/openssl/bn.h ../include/openssl/buffer.h ts.o: ../include/openssl/conf.h ../include/openssl/crypto.h @@ -996,7 +1029,8 @@ ts.o: ../include/openssl/rsa.h ../include/openssl/safestack.h ts.o: ../include/openssl/sha.h ../include/openssl/stack.h ts.o: ../include/openssl/symhacks.h ../include/openssl/ts.h ts.o: ../include/openssl/txt_db.h ../include/openssl/x509.h -ts.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h ts.c +ts.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h progs.h +ts.o: ts.c verify.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h verify.o: ../include/openssl/buffer.h ../include/openssl/conf.h verify.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h @@ -1012,7 +1046,7 @@ verify.o: ../include/openssl/safestack.h ../include/openssl/sha.h verify.o: ../include/openssl/stack.h ../include/openssl/symhacks.h verify.o: ../include/openssl/txt_db.h ../include/openssl/x509.h verify.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h -verify.o: verify.c +verify.o: progs.h verify.c version.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h version.o: ../include/openssl/blowfish.h ../include/openssl/bn.h version.o: ../include/openssl/buffer.h ../include/openssl/conf.h @@ -1030,21 +1064,21 @@ version.o: ../include/openssl/sha.h ../include/openssl/stack.h version.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h version.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h version.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -version.o: ../include/openssl/x509v3.h apps.h version.c +version.o: ../include/openssl/x509v3.h apps.h progs.h version.c x509.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h x509.o: ../include/openssl/bn.h ../include/openssl/buffer.h x509.o: ../include/openssl/conf.h ../include/openssl/crypto.h -x509.o: ../include/openssl/dh.h ../include/openssl/dsa.h -x509.o: ../include/openssl/e_os2.h ../include/openssl/ec.h -x509.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h -x509.o: ../include/openssl/engine.h ../include/openssl/err.h -x509.o: ../include/openssl/evp.h ../include/openssl/lhash.h -x509.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -x509.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h -x509.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -x509.o: ../include/openssl/pem.h ../include/openssl/pem2.h -x509.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h -x509.o: ../include/openssl/safestack.h ../include/openssl/sha.h -x509.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -x509.o: ../include/openssl/txt_db.h ../include/openssl/x509.h -x509.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h x509.c +x509.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h +x509.o: ../include/openssl/ec.h ../include/openssl/ecdh.h +x509.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h +x509.o: ../include/openssl/err.h ../include/openssl/evp.h +x509.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h +x509.o: ../include/openssl/objects.h ../include/openssl/ocsp.h +x509.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +x509.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +x509.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +x509.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +x509.o: ../include/openssl/sha.h ../include/openssl/stack.h +x509.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h +x509.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +x509.o: ../include/openssl/x509v3.h apps.h progs.h x509.c diff --git a/apps/app_rand.c b/apps/app_rand.c index b7b6128c1e..e8e0717e44 100644 --- a/apps/app_rand.c +++ b/apps/app_rand.c @@ -109,9 +109,7 @@ * */ -#define NON_MAIN #include "apps.h" -#undef NON_MAIN #include <openssl/bio.h> #include <openssl/rand.h> diff --git a/apps/apps.c b/apps/apps.c index 4eb322afbb..0cbf7956fe 100644 --- a/apps/apps.c +++ b/apps/apps.c @@ -143,9 +143,7 @@ #include <openssl/jpake.h> #endif -#define NON_MAIN #include "apps.h" -#undef NON_MAIN #ifdef _WIN32 static int WIN32_rename(const char *from, const char *to); @@ -171,89 +169,6 @@ load_netscape_key(BIO *err, BIO *key, const char *file, #endif int app_init(long mesgwin); -#ifdef undef /* never finished - probably never will be :-) */ -int args_from_file(char *file, int *argc, char **argv[]) - { - FILE *fp; - int num,i; - unsigned int len; - static char *buf=NULL; - static char **arg=NULL; - char *p; - - fp=fopen(file,"r"); - if (fp == NULL) - return(0); - - if (fseek(fp,0,SEEK_END)==0) - len=ftell(fp), rewind(fp); - else len=-1; - if (len<=0) - { - fclose(fp); - return(0); - } - - *argc=0; - *argv=NULL; - - if (buf != NULL) OPENSSL_free(buf); - buf=(char *)OPENSSL_malloc(len+1); - if (buf == NULL) return(0); - - len=fread(buf,1,len,fp); - if (len <= 1) return(0); - buf[len]='\0'; - - i=0; - for (p=buf; *p; p++) - if (*p == '\n') i++; - if (arg != NULL) OPENSSL_free(arg); - arg=(char **)OPENSSL_malloc(sizeof(char *)*(i*2)); - - *argv=arg; - num=0; - p=buf; - for (;;) - { - if (!*p) break; - if (*p == '#') /* comment line */ - { - while (*p && (*p != '\n')) p++; - continue; - } - /* else we have a line */ - *(arg++)=p; - num++; - while (*p && ((*p != ' ') && (*p != '\t') && (*p != '\n'))) - p++; - if (!*p) break; - if (*p == '\n') - { - *(p++)='\0'; - continue; - } - /* else it is a tab or space */ - p++; - while (*p && ((*p == ' ') || (*p == '\t') || (*p == '\n'))) - p++; - if (!*p) break; - if (*p == '\n') - { - p++; - continue; - } - *(arg++)=p++; - num++; - while (*p && (*p != '\n')) p++; - if (!*p) break; - /* else *p == '\n' */ - *(p++)='\0'; - } - *argc=num; - return(1); - } -#endif int str2fmt(char *s) { @@ -290,96 +205,6 @@ int str2fmt(char *s) return(FORMAT_UNDEF); } -#if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN16) || defined(OPENSSL_SYS_NETWARE) -void program_name(char *in, char *out, int size) - { - int i,n; - char *p=NULL; - - n=strlen(in); - /* find the last '/', '\' or ':' */ - for (i=n-1; i>0; i--) - { - if ((in[i] == '/') || (in[i] == '\\') || (in[i] == ':')) - { - p= &(in[i+1]); - break; - } - } - if (p == NULL) - p=in; - n=strlen(p); - -#if defined(OPENSSL_SYS_NETWARE) - /* strip off trailing .nlm if present. */ - if ((n > 4) && (p[n-4] == '.') && - ((p[n-3] == 'n') || (p[n-3] == 'N')) && - ((p[n-2] == 'l') || (p[n-2] == 'L')) && - ((p[n-1] == 'm') || (p[n-1] == 'M'))) - n-=4; -#else - /* strip off trailing .exe if present. */ - if ((n > 4) && (p[n-4] == '.') && - ((p[n-3] == 'e') || (p[n-3] == 'E')) && - ((p[n-2] == 'x') || (p[n-2] == 'X')) && - ((p[n-1] == 'e') || (p[n-1] == 'E'))) - n-=4; -#endif - - if (n > size-1) - n=size-1; - - for (i=0; i<n; i++) - { - if ((p[i] >= 'A') && (p[i] <= 'Z')) - out[i]=p[i]-'A'+'a'; - else - out[i]=p[i]; - } - out[n]='\0'; - } -#else -#ifdef OPENSSL_SYS_VMS -void program_name(char *in, char *out, int size) - { - char *p=in, *q; - char *chars=":]>"; - - while(*chars != '\0') - { - q=strrchr(p,*chars); - if (q > p) - p = q + 1; - chars++; - } - - q=strrchr(p,'.'); - if (q == NULL) - q = p + strlen(p); - strncpy(out,p,size-1); - if (q-p >= size) - { - out[size-1]='\0'; - } - else - { - out[q-p]='\0'; - } - } -#else -void program_name(char *in, char *out, int size) - { - char *p; - - p=strrchr(in,'/'); - if (p != NULL) - p++; - else - p=in; - BUF_strlcpy(out,p,size); - } -#endif -#endif int chopup_args(ARGS *arg, char *buf, int *argc, char **argv[]) { @@ -863,12 +688,6 @@ X509 *load_cert(BIO *err, const char *file, int format, return x; } - if ((cert=BIO_new(BIO_s_file())) == NULL) - { - ERR_print_errors(err); - goto end; - } - if (file == NULL) { #ifdef _IONBF @@ -876,17 +695,14 @@ X509 *load_cert(BIO *err, const char *file, int format, setvbuf(stdin, NULL, _IONBF, 0); # endif /* ndef OPENSSL_NO_SETVBUF_IONBF */ #endif - BIO_set_fp(cert,stdin,BIO_NOCLOSE); + cert = BIO_new_fp(stdin,BIO_NOCLOSE); } else + cert = BIO_new_file(file, RB(format)); + if (cert == NULL) { - if (BIO_read_filename(cert,file) <= 0) - { - BIO_printf(err, "Error opening %s %s\n", - cert_descrip, file); - ERR_print_errors(err); - goto end; - } + ERR_print_errors(err); + goto end; } if (format == FORMAT_ASN1) @@ -944,23 +760,15 @@ X509_CRL *load_crl(const char *infile, int format) return x; } - in=BIO_new(BIO_s_file()); + if (infile == NULL) + in = BIO_new_fp(stdin,BIO_NOCLOSE); + else + in = BIO_new_file(infile, RB(format)); if (in == NULL) { ERR_print_errors(bio_err); goto end; } - - if (infile == NULL) - BIO_set_fp(in,stdin,BIO_NOCLOSE); - else - { - if (BIO_read_filename(in,infile) <= 0) - { - perror(infile); - goto end; - } - } if (format == FORMAT_ASN1) x=d2i_X509_CRL_bio(in,NULL); else if (format == FORMAT_PEM) @@ -1015,12 +823,6 @@ EVP_PKEY *load_key(BIO *err, const char *file, int format, int maybe_stdin, goto end; } #endif - key=BIO_new(BIO_s_file()); - if (key == NULL) - { - ERR_print_errors(err); - goto end; - } if (file == NULL && maybe_stdin) { #ifdef _IONBF @@ -1028,16 +830,15 @@ EVP_PKEY *load_key(BIO *err, const char *file, int format, int maybe_stdin, setvbuf(stdin, NULL, _IONBF, 0); # endif /* ndef OPENSSL_NO_SETVBUF_IONBF */ #endif - BIO_set_fp(key,stdin,BIO_NOCLOSE); + key = BIO_new_fp(stdin,BIO_NOCLOSE); } else - if (BIO_read_filename(key,file) <= 0) - { - BIO_printf(err, "Error opening %s %s\n", - key_descrip, file); - ERR_print_errors(err); - goto end; - } + key = BIO_new_file(file, RB(format)); + if (key == NULL) + { + ERR_print_errors(err); + goto end; + } if (format == FORMAT_ASN1) { pkey=d2i_PrivateKey_bio(key, NULL); @@ -1106,12 +907,6 @@ EVP_PKEY *load_pubkey(BIO *err, const char *file, int format, int maybe_stdin, goto end; } #endif - key=BIO_new(BIO_s_file()); - if (key == NULL) - { - ERR_print_errors(err); - goto end; - } if (file == NULL && maybe_stdin) { #ifdef _IONBF @@ -1119,15 +914,16 @@ EVP_PKEY *load_pubkey(BIO *err, const char *file, int format, int maybe_stdin, setvbuf(stdin, NULL, _IONBF, 0); # endif /* ndef OPENSSL_NO_SETVBUF_IONBF */ #endif - BIO_set_fp(key,stdin,BIO_NOCLOSE); + key = BIO_new_fp(stdin,BIO_NOCLOSE); } else - if (BIO_read_filename(key,file) <= 0) - { - BIO_printf(err, "Error opening %s %s\n", - key_descrip, file); - ERR_print_errors(err); - goto end; + /* XXX rsalz look at all the format types below; RB() is + * too simple. */ + key = BIO_new_file(file, RB(format)); + if (key == NULL) + { + ERR_print_errors(err); + goto end; } if (format == FORMAT_ASN1) { @@ -1177,11 +973,6 @@ EVP_PKEY *load_pubkey(BIO *err, const char *file, int format, int maybe_stdin, else if (format == FORMAT_MSBLOB) pkey = b2i_PublicKey_bio(key); #endif - else - { - BIO_printf(err,"bad input format specified for key file\n"); - goto end; - } end: if (key != NULL) BIO_free(key); if (pkey == NULL) @@ -1635,47 +1426,6 @@ ENGINE *setup_engine(BIO *err, const char *engine, int debug) } #endif -int load_config(BIO *err, CONF *cnf) - { - static int load_config_called = 0; - if (load_config_called) - return 1; - load_config_called = 1; - if (!cnf) - cnf = config; - if (!cnf) - return 1; - - OPENSSL_load_builtin_modules(); - - if (CONF_modules_load(cnf, NULL, 0) <= 0) - { - BIO_printf(err, "Error configuring OpenSSL\n"); - ERR_print_errors(err); - return 0; - } - return 1; - } - -char *make_config_name() - { - const char *t=X509_get_default_cert_area(); - size_t len; - char *p; - - len=strlen(t)+strlen(OPENSSL_CONF)+2; - p=OPENSSL_malloc(len); - if (p == NULL) - return NULL; - BUF_strlcpy(p,t,len); -#ifndef OPENSSL_SYS_VMS - BUF_strlcat(p,"/",len); -#endif - BUF_strlcat(p,OPENSSL_CONF,len); - - return p; - } - static unsigned long index_serial_hash(const OPENSSL_CSTRING *a) { const char *n; @@ -1713,7 +1463,7 @@ static IMPLEMENT_LHASH_COMP_FN(index_name, OPENSSL_CSTRING) BIGNUM *load_serial(char *serialfile, int create, ASN1_INTEGER **retai) { - BIO *in=NULL; + BIO *in; BIGNUM *ret=NULL; MS_STATIC char buf[1024]; ASN1_INTEGER *ai=NULL; @@ -1721,25 +1471,17 @@ BIGNUM *load_serial(char *serialfile, int create, ASN1_INTEGER **retai) ai=ASN1_INTEGER_new(); if (ai == NULL) goto err; - if ((in=BIO_new(BIO_s_file())) == NULL) - { - ERR_print_errors(bio_err); - goto err; - } - - if (BIO_read_filename(in,serialfile) <= 0) + in = BIO_new_file(serialfile, "r"); + if (in == NULL) { if (!create) { perror(serialfile); goto err; } - else - { - ret=BN_new(); - if (ret == NULL || !rand_serial(ret, ai)) - BIO_printf(bio_err, "Out of memory\n"); - } + ret=BN_new(); + if (ret == NULL || !rand_serial(ret, ai)) + BIO_printf(bio_err, "Out of memory\n"); } else { @@ -1799,17 +1541,12 @@ int save_serial(char *serialfile, char *suffix, BIGNUM *serial, ASN1_INTEGER **r #ifdef RL_DEBUG BIO_printf(bio_err, "DEBUG: writing \"%s\"\n", buf[0]); #endif - out=BIO_new(BIO_s_file()); + out=BIO_new_file(buf[0], "w"); if (out == NULL) { ERR_print_errors(bio_err); goto err; } - if (BIO_write_filename(out,buf[0]) <= 0) - { - perror(serialfile); - goto err; - } if ((ai=BN_to_ASN1_INTEGER(serial,NULL)) == NULL) { @@ -1922,22 +1659,17 @@ CA_DB *load_index(char *dbfile, DB_ATTR *db_attr) { CA_DB *retdb = NULL; TXT_DB *tmpdb = NULL; - BIO *in = BIO_new(BIO_s_file()); + BIO *in; CONF *dbattr_conf = NULL; char buf[1][BSIZE]; long errorline= -1; + in = BIO_new_file(dbfile, "r"); if (in == NULL) { ERR_print_errors(bio_err); goto err; } - if (BIO_read_filename(in,dbfile) <= 0) - { - perror(dbfile); - BIO_printf(bio_err,"unable to open '%s'\n",dbfile); - goto err; - } if ((tmpdb = TXT_DB_read(in,DB_NUMBER)) == NULL) goto err; @@ -2024,15 +1756,9 @@ int index_index(CA_DB *db) int save_index(const char *dbfile, const char *suffix, CA_DB *db) { char buf[3][BSIZE]; - BIO *out = BIO_new(BIO_s_file()); + BIO *out; int j; - if (out == NULL) - { - ERR_print_errors(bio_err); - goto err; - } - j = strlen(dbfile) + strlen(suffix); if (j + 6 >= BSIZE) { @@ -2058,22 +1784,22 @@ int save_index(const char *dbfile, const char *suffix, CA_DB *db) #ifdef RL_DEBUG BIO_printf(bio_err, "DEBUG: writing \"%s\"\n", buf[0]); #endif - if (BIO_write_filename(out,buf[0]) <= 0) + out = BIO_new_file(buf[0], "w"); + if (out == NULL) { perror(dbfile); BIO_printf(bio_err,"unable to open '%s'\n", dbfile); goto err; } j=TXT_DB_write(out,db->db); - if (j <= 0) goto err; - BIO_free(out); + if (j <= 0) goto err; - out = BIO_new(BIO_s_file()); + out = BIO_new_file(buf[1], "w"); #ifdef RL_DEBUG BIO_printf(bio_err, "DEBUG: writing \"%s\"\n", buf[1]); #endif - if (BIO_write_filename(out,buf[1]) <= 0) + if (out == NULL) { perror(buf[2]); BIO_printf(bio_err,"unable to open '%s'\n", buf[2]); diff --git a/apps/apps.h b/apps/apps.h index bb076996bf..d0025a2304 100644 --- a/apps/apps.h +++ b/apps/apps.h @@ -126,6 +126,7 @@ #include <openssl/ocsp.h> #endif #include <openssl/ossl_typ.h> +#include "progs.h" int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn); int app_RAND_write_file(const char *file, BIO *bio_e); @@ -137,27 +138,12 @@ long app_RAND_load_files(char *file); /* `file' is a list of files to read, * (see e_os.h). The string is * destroyed! */ -#ifndef MONOLITH - -#define MAIN(a,v) main(a,v) - -#ifndef NON_MAIN -CONF *config=NULL; -BIO *bio_err=NULL; -#else -extern CONF *config; -extern BIO *bio_err; -#endif - -#else - -#define MAIN(a,v) PROG(a,v) extern CONF *config; extern char *default_config_file; +extern BIO *bio_in; +extern BIO *bio_out; extern BIO *bio_err; -#endif - #ifndef OPENSSL_SYS_NETWARE #include <signal.h> #endif @@ -174,35 +160,6 @@ extern BIO *bio_err; #define zlib_cleanup() COMP_zlib_cleanup() #endif -#if defined(MONOLITH) && !defined(OPENSSL_C) -# define apps_startup() \ - do_pipe_sig() -# define apps_shutdown() -#else -# ifndef OPENSSL_NO_ENGINE -# define apps_startup() \ - do { do_pipe_sig(); CRYPTO_malloc_init(); \ - ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \ - ENGINE_load_builtin_engines(); setup_ui_method(); } while(0) -# define apps_shutdown() \ - do { CONF_modules_unload(1); destroy_ui_method(); \ - OBJ_cleanup(); EVP_cleanup(); ENGINE_cleanup(); \ - CRYPTO_cleanup_all_ex_data(); ERR_remove_thread_state(NULL); \ - RAND_cleanup(); \ - ERR_free_strings(); zlib_cleanup();} while(0) -# else -# define apps_startup() \ - do { do_pipe_sig(); CRYPTO_malloc_init(); \ - ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \ - setup_ui_method(); } while(0) -# define apps_shutdown() \ - do { CONF_modules_unload(1); destroy_ui_method(); \ - OBJ_cleanup(); EVP_cleanup(); \ - CRYPTO_cleanup_all_ex_data(); ERR_remove_thread_state(NULL); \ - RAND_cleanup(); \ - ERR_free_strings(); zlib_cleanup(); } while(0) -# endif -#endif #if defined(OPENSSL_SYSNAME_WIN32) || defined(OPENSSL_SYSNAME_WINCE) # define openssl_fdset(a,b) FD_SET((unsigned int)a, b) @@ -210,6 +167,33 @@ extern BIO *bio_err; # define openssl_fdset(a,b) FD_SET(a, b) #endif +/* + * Option parsing. + */ +typedef struct options_st { + const char* name; + int retval; + /* value type: + * - no value, (also the value zero) + * n number, p positive number, u unsigned, + * s string, < input file, > output file, + * f der/pem format, F any format identifier */ + int valtype; +} OPTIONS; + +extern char* opt_progname(const char *argv0); +extern void opt_init(int ac, char** av, const OPTIONS* o); +extern int opt_next(); +extern int opt_format(const char *s, int onlyderpem, int* result); +extern char* opt_arg(void); +extern char* opt_unknown(void); +extern char* opt_reset(void); +extern char** opt_rest(void); +extern int opt_num_rest(void); +extern int str2fmt(char* s); /* XXX rsalz remove */ + +#define RB(xformat) ((xformat) == FORMAT_ASN1 ? "rb" : "r") +#define WB(xformat) ((xformat) == FORMAT_ASN1 ? "wb" : "w") typedef struct args_st { @@ -230,10 +214,6 @@ int password_callback(char *buf, int bufsiz, int verify, int setup_ui_method(void); void destroy_ui_method(void); -int should_retry(int i); -int args_from_file(char *file, int *argc, char **argv[]); -int str2fmt(char *s); -void program_name(char *in,char *out,int size); int chopup_args(ARGS *arg,char *buf, int *argc, char **argv[]); #ifdef HEADER_X509_H int dump_cert_text(BIO *out, X509 *x); @@ -271,9 +251,6 @@ OCSP_RESPONSE *process_responder(BIO *err, OCSP_REQUEST *req, int req_timeout); #endif -int load_config(BIO *err, CONF *cnf); -char *make_config_name(void); - /* Functions defined in ca.c and also used in ocsp.c */ int unpack_revinfo(ASN1_TIME **prevtm, int *preason, ASN1_OBJECT **phold, ASN1_GENERALIZEDTIME **pinvtm, const char *str); @@ -379,6 +356,7 @@ int app_isdir(const char *); int raw_read_stdin(void *,int); int raw_write_stdout(const void *,int); +void printhelp(const char**); #define TM_START 0 #define TM_STOP 1 double app_tminterval (int stop,int usertime); diff --git a/apps/asn1pars.c b/apps/asn1pars.c index 42f37d7819..b50594197c 100644 --- a/apps/asn1pars.c +++ b/apps/asn1pars.c @@ -69,30 +69,63 @@ #include <openssl/x509.h> #include <openssl/pem.h> -/* -inform arg - input format - default PEM (DER or PEM) - * -in arg - input file - default stdin - * -i - indent the details by depth - * -offset - where in the file to start - * -length - how many bytes to use - * -oid file - extra oid description file - */ - -#undef PROG -#define PROG asn1parse_main +const char *asn1parse_help[] = { + "-inform arg input format - one of DER PEM", + "-in arg input file", + "-out arg output file (output format is always DER", + "-noout arg don't produce any output", + "-offset arg offset into file", + "-length arg length of section in file", + "-i indent entries", + "-dump dump unknown data in hex form", + "-dlimit arg dump the first arg bytes of unknown data in hex form", + "-oid file file of extra oid definitions", + "-strparse offset", + " a series of these can be used to 'dig' into multiple", + " ASN1 blob wrappings", + "-genstr str string to generate ASN1 structure from", + "-genconf file file to generate ASN1 structure from", + "-strictpem do not attempt base64 decode outside PEM markers", + " (-inform will be ignored)", + NULL +}; + +enum options { + OPT_ERR = -1, OPT_EOF = 0, + OPT_INFORM, OPT_IN, OPT_OUT, OPT_INDENT, OPT_NOOUT, + OPT_OID, OPT_OFFSET, OPT_LENGTH, OPT_DUMP, OPT_DLIMIT, + OPT_STRPARSE, OPT_GENSTR, OPT_GENCONF, OPT_STRICTPEM +}; +static OPTIONS options[] = { + { "inform", OPT_INFORM, 'F' }, + { "in", OPT_IN, '<' }, + { "out", OPT_OUT, '>' }, + { "i", OPT_INDENT, 0 }, + { "noout", OPT_NOOUT, 0 }, + { "oid", OPT_OID, '<' }, + { "offset", OPT_OFFSET, 'p' }, + { "length", OPT_LENGTH, 'p' }, + { "dump", OPT_DUMP, 0 }, + { "dlimit", OPT_DLIMIT, 'p' }, + { "strparse", OPT_STRPARSE, 's' }, + { "genstr", OPT_GENSTR, 's' }, + { "genconf", OPT_GENCONF, 's' }, + { "strictpem", OPT_STRICTPEM, 0 }, + { NULL } +}; -int MAIN(int, char **); static int do_generate(BIO *bio, char *genstr, char *genconf, BUF_MEM *buf); -int MAIN(int argc, char **argv) +int asn1parse_main(int argc, char **argv) { - int i,badops=0,offset=0,ret=1,j; + int i,offset=0,ret=1,j; unsigned int length=0; long num,tmplen; - BIO *in=NULL,*out=NULL,*b64=NULL, *derout = NULL; + BIO *in=NULL,*b64=NULL, *derout = NULL; int informat,indent=0, noout = 0, dump = 0, strictpem = 0; - char *infile=NULL,*str=NULL,*prog,*oidfile=NULL, *derfile=NULL, *name=NULL, *header=NULL; + char *infile=NULL,*str=NULL,*oidfile=NULL, *derfile=NULL, *name=NULL, *header=NULL; char *genstr=NULL, *genconf=NULL; unsigned char *tmpbuf; const unsigned char *ctmpbuf; @@ -102,161 +135,88 @@ int MAIN(int argc, char **argv) informat=FORMAT_PEM; - apps_startup(); - - if (bio_err == NULL) - if ((bio_err=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); - - if (!load_config(bio_err, NULL)) - goto end; - - prog=argv[0]; - argc--; - argv++; if ((osk=sk_OPENSSL_STRING_new_null()) == NULL) { BIO_printf(bio_err,"Memory allocation failure\n"); goto end; } - while (argc >= 1) - { - if (strcmp(*argv,"-inform") == 0) - { - if (--argc < 1) goto bad; - informat=str2fmt(*(++argv)); - } - else if (strcmp(*argv,"-in") == 0) - { - if (--argc < 1) goto bad; - infile= *(++argv); - } - else if (strcmp(*argv,"-out") == 0) - { - if (--argc < 1) goto bad; - derfile= *(++argv); - } - else if (strcmp(*argv,"-i") == 0) - { + + opt_init(argc, argv, options); + while ((i = opt_next()) != 0) { + switch (i) { + default: + BIO_printf(bio_err,"Unhandled flag %d\n", i); + case OPT_ERR: + BIO_printf(bio_err,"Valid options are:\n"); + printhelp(asn1parse_help); + goto end; + case OPT_INFORM: + opt_format(opt_arg(), 1, &informat); + break; + case OPT_IN: + infile= opt_arg(); + break; + case OPT_OUT: + derfile= opt_arg(); + break; + case OPT_INDENT: indent=1; - } - else if (strcmp(*argv,"-noout") == 0) noout = 1; - else if (strcmp(*argv,"-oid") == 0) - { - if (--argc < 1) goto bad; - oidfile= *(++argv); - } - else if (strcmp(*argv,"-offset") == 0) - { - if (--argc < 1) goto bad; - offset= atoi(*(++argv)); - } - else if (strcmp(*argv,"-length") == 0) - { - if (--argc < 1) goto bad; - length= atoi(*(++argv)); - if (length == 0) goto bad; - } - else if (strcmp(*argv,"-dump") == 0) - { + break; + case OPT_NOOUT: + noout = 1; + break; + case OPT_OID: + oidfile = opt_arg(); + break; + case OPT_OFFSET: + offset = strtol(opt_arg(), NULL, 0); + break; + case OPT_LENGTH: + length = atoi(opt_arg()); + break; + case OPT_DUMP: dump= -1; - } - else if (strcmp(*argv,"-dlimit") == 0) - { - if (--argc < 1) goto bad; - dump= atoi(*(++argv)); - if (dump <= 0) goto bad; - } - else if (strcmp(*argv,"-strparse") == 0) - { - if (--argc < 1) goto bad; - sk_OPENSSL_STRING_push(osk,*(++argv)); - } - else if (strcmp(*argv,"-genstr") == 0) - { - if (--argc < 1) goto bad; - genstr= *(++argv); - } - else if (strcmp(*argv,"-genconf") == 0) - { - if (--argc < 1) goto bad; - genconf= *(++argv); - } - else if (strcmp(*argv,"-strictpem") == 0) - { + break; + case OPT_DLIMIT: + dump= atoi(opt_arg()); + break; + case OPT_STRPARSE: + sk_OPENSSL_STRING_push(osk,opt_arg()); + break; + case OPT_GENSTR: + genstr= opt_arg(); + break; + case OPT_GENCONF: + genconf= opt_arg(); + break; + case OPT_STRICTPEM: strictpem = 1; informat = FORMAT_PEM; - } - else - { - BIO_printf(bio_err,"unknown option %s\n",*argv); - badops=1; break; - } - argc--; - argv++; - } - - if (badops) - { -bad: - BIO_printf(bio_err,"%s [options] <infile\n",prog); - BIO_printf(bio_err,"where options are\n"); - BIO_printf(bio_err," -inform arg input format - one of DER PEM\n"); - BIO_printf(bio_err," -in arg input file\n"); - BIO_printf(bio_err," -out arg output file (output format is always DER\n"); - BIO_printf(bio_err," -noout arg don't produce any output\n"); - BIO_printf(bio_err," -offset arg offset into file\n"); - BIO_printf(bio_err," -length arg length of section in file\n"); - BIO_printf(bio_err," -i indent entries\n"); - BIO_printf(bio_err," -dump dump unknown data in hex form\n"); - BIO_printf(bio_err," -dlimit arg dump the first arg bytes of unknown data in hex form\n"); - BIO_printf(bio_err," -oid file file of extra oid definitions\n"); - BIO_printf(bio_err," -strparse offset\n"); - BIO_printf(bio_err," a series of these can be used to 'dig' into multiple\n"); - BIO_printf(bio_err," ASN1 blob wrappings\n"); - BIO_printf(bio_err," -genstr str string to generate ASN1 structure from\n"); - BIO_printf(bio_err," -genconf file file to generate ASN1 structure from\n"); - BIO_printf(bio_err," -strictpem do not attempt base64 decode outside PEM markers (-inform \n"); - BIO_printf(bio_err," will be ignored)\n"); - goto end; - } - - ERR_load_crypto_strings(); - - in=BIO_new(BIO_s_file()); - out=BIO_new(BIO_s_file()); - if ((in == NULL) || (out == NULL)) - { - ERR_print_errors(bio_err); - goto end; } - BIO_set_fp(out,stdout,BIO_NOCLOSE|BIO_FP_TEXT); -#ifdef OPENSSL_SYS_VMS - { - BIO *tmpbio = BIO_new(BIO_f_linebuffer()); - out = BIO_push(tmpbio, out); } -#endif + if (oidfile != NULL) { - if (BIO_read_filename(in,oidfile) <= 0) + in = BIO_new_file(oidfile, "r"); + if (in == NULL) { - BIO_printf(bio_err,"problems opening %s\n",oidfile); ERR_print_errors(bio_err); goto end; } OBJ_create_objects(in); + BIO_free(in); } if (infile == NULL) - BIO_set_fp(in,stdin,BIO_NOCLOSE); + in = BIO_new_fp(stdin, BIO_NOCLOSE); else { - if (BIO_read_filename(in,infile) <= 0) + in = BIO_new_file(infile, "r"); + if (in == NULL) { - perror(infile); + ERR_print_errors(bio_err); goto end; } } @@ -384,7 +344,7 @@ bad: } } if (!noout && - !ASN1_parse_dump(out,(unsigned char *)&(str[offset]),length, + !ASN1_parse_dump(bio_out,(unsigned char *)&(str[offset]),length, indent,dump)) { ERR_print_errors(bio_err); @@ -394,7 +354,6 @@ bad: end: BIO_free(derout); if (in != NULL) BIO_free(in); - if (out != NULL) BIO_free_all(out); if (b64 != NULL) BIO_free(b64); if (ret != 0) ERR_print_errors(bio_err); @@ -405,8 +364,7 @@ end: if (at != NULL) ASN1_TYPE_free(at); if (osk != NULL) sk_OPENSSL_STRING_free(osk); OBJ_cleanup(); - apps_shutdown(); - OPENSSL_EXIT(ret); + return(ret); } static int do_generate(BIO *bio, char *genstr, char *genconf, BUF_MEM *buf) @@ -96,8 +96,6 @@ # define R_OK 4 #endif -#undef PROG -#define PROG ca_main #define BASE_SECTION "ca" #define CONFIG_FILE "openssl.cnf" @@ -145,48 +143,46 @@ #define REV_KEY_COMPROMISE 3 /* Value is cert key compromise time */ #define REV_CA_COMPROMISE 4 /* Value is CA key compromise time */ -static const char *ca_usage[]={ -"usage: ca args\n", -"\n", -" -verbose - Talk a lot while doing things\n", -" -config file - A config file\n", -" -name arg - The particular CA definition to use\n", -" -gencrl - Generate a new CRL\n", -" -crldays days - Days is when the next CRL is due\n", -" -crlhours hours - Hours is when the next CRL is due\n", -" -startdate YYMMDDHHMMSSZ - certificate validity notBefore\n", -" -enddate YYMMDDHHMMSSZ - certificate validity notAfter (overrides -days)\n", -" -days arg - number of days to certify the certificate for\n", -" -md arg - md to use, one of md2, md5, sha or sha1\n", -" -policy arg - The CA 'policy' to support\n", -" -keyfile arg - private key file\n", -" -keyform arg - private key file format (PEM or ENGINE)\n", -" -key arg - key to decode the private key if it is encrypted\n", -" -cert file - The CA certificate\n", -" -selfsign - sign a certificate with the key associated with it\n", -" -in file - The input PEM encoded certificate request(s)\n", -" -out file - Where to put the output file(s)\n", -" -outdir dir - Where to put output certificates\n", -" -infiles .... - The last argument, requests to process\n", -" -spkac file - File contains DN and signed public key and challenge\n", -" -ss_cert file - File contains a self signed cert to sign\n", -" -preserveDN - Don't re-order the DN\n", -" -noemailDN - Don't add the EMAIL field into certificate' subject\n", -" -batch - Don't ask questions\n", -" -msie_hack - msie modifications to handle all those universal strings\n", -" -revoke file - Revoke a certificate (given in file)\n", -" -subj arg - Use arg instead of request's subject\n", -" -utf8 - input characters are UTF8 (default ASCII)\n", -" -multivalue-rdn - enable support for multivalued RDNs\n", -" -extensions .. - Extension section (override value in config file)\n", -" -extfile file - Configuration file with X509v3 extensions to add\n", -" -crlexts .. - CRL extension section (override value in config file)\n", +const char *ca_help[] = { + "-verbose - Talk a lot while doing things", + "-config file - A config file", + "-name arg - The particular CA definition to use", + "-gencrl - Generate a new CRL", + "-crldays days - Days is when the next CRL is due", + "-crlhours hours - Hours is when the next CRL is due", + "-startdate YYMMDDHHMMSSZ - certificate validity notBefore", + "-enddate YYMMDDHHMMSSZ - certificate validity notAfter (overrides -days)", + "-days arg - number of days to certify the certificate for", + "-md arg - md to use, one of md2, md5, sha or sha1", + "-policy arg - The CA 'policy' to support", + "-keyfile arg - private key file", + "-keyform arg - private key file format (PEM or ENGINE)", + "-key arg - key to decode the private key if it is encrypted", + "-cert file - The CA certificate", + "-selfsign - sign a certificate with the key associated with it", + "-in file - The input PEM encoded certificate request(s)", + "-out file - Where to put the output file(s)", + "-outdir dir - Where to put output certificates", + "-infiles .... - The last argument, requests to process", + "-spkac file - File contains DN and signed public key and challenge", + "-ss_cert file - File contains a self signed cert to sign", + "-preserveDN - Don't re-order the DN", + "-noemailDN - Don't add the EMAIL field into certificate' subject", + "-batch - Don't ask questions", + "-msie_hack - msie modifications to handle all those universal strings", + "-revoke file - Revoke a certificate (given in file)", + "-subj arg - Use arg instead of request's subject", + "-utf8 - input characters are UTF8 (default ASCII)", + "-multivalue-rdn - enable support for multivalued RDNs", + "-extensions .. - Extension section (override value in config file)", + "-extfile file - Configuration file with X509v3 extensions to add", + "-crlexts .. - CRL extension section (override value in config file)", #ifndef OPENSSL_NO_ENGINE -" -engine e - use engine e, possibly a hardware device.\n", + "-engine e - use engine e, possibly a hardware device.", #endif -" -status serial - Shows certificate status given the serial number\n", -" -updatedb - Updates db for expired certificates\n", -NULL + "-status serial - Shows certificate status given the serial number", + "-updatedb - Updates db for expired certificates", + NULL }; #ifdef EFENCE @@ -197,30 +193,30 @@ extern int EF_ALIGNMENT; static void lookup_fail(const char *name, const char *tag); static int certify(X509 **xret, char *infile,EVP_PKEY *pkey,X509 *x509, - const EVP_MD *dgst,STACK_OF(OPENSSL_STRING) *sigopts, - STACK_OF(CONF_VALUE) *policy,CA_DB *db, - BIGNUM *serial, char *subj,unsigned long chtype, int multirdn, int email_dn, char *startdate, - char *enddate, long days, int batch, char *ext_sect, CONF *conf, - int verbose, unsigned long certopt, unsigned long nameopt, - int default_op, int ext_copy, int selfsign); + const EVP_MD *dgst,STACK_OF(OPENSSL_STRING) *sigopts, + STACK_OF(CONF_VALUE) *policy,CA_DB *db, + BIGNUM *serial, char *subj,unsigned long chtype, int multirdn, int email_dn, char *startdate, + char *enddate, long days, int batch, char *ext_sect, CONF *conf, + int verbose, unsigned long certopt, unsigned long nameopt, + int default_op, int ext_copy, int selfsign); static int certify_cert(X509 **xret, char *infile,EVP_PKEY *pkey,X509 *x509, - const EVP_MD *dgst,STACK_OF(OPENSSL_STRING) *sigopts, - STACK_OF(CONF_VALUE) *policy, - CA_DB *db, BIGNUM *serial, char *subj,unsigned long chtype, int multirdn, int email_dn, - char *startdate, char *enddate, long days, int batch, - char *ext_sect, CONF *conf,int verbose, unsigned long certopt, - unsigned long nameopt, int default_op, int ext_copy, - ENGINE *e); + const EVP_MD *dgst,STACK_OF(OPENSSL_STRING) *sigopts, + STACK_OF(CONF_VALUE) *policy, + CA_DB *db, BIGNUM *serial, char *subj,unsigned long chtype, int multirdn, int email_dn, + char *startdate, char *enddate, long days, int batch, + char *ext_sect, CONF *conf,int verbose, unsigned long certopt, + unsigned long nameopt, int default_op, int ext_copy, + ENGINE *e); static int certify_spkac(X509 **xret, char *infile,EVP_PKEY *pkey,X509 *x509, - const EVP_MD *dgst,STACK_OF(OPENSSL_STRING) *sigopts, - STACK_OF(CONF_VALUE) *policy, - CA_DB *db, BIGNUM *serial,char *subj,unsigned long chtype, int multirdn, int email_dn, - char *startdate, char *enddate, long days, char *ext_sect, - CONF *conf, int verbose, unsigned long certopt, - unsigned long nameopt, int default_op, int ext_copy); + const EVP_MD *dgst,STACK_OF(OPENSSL_STRING) *sigopts, + STACK_OF(CONF_VALUE) *policy, + CA_DB *db, BIGNUM *serial,char *subj,unsigned long chtype, int multirdn, int email_dn, + char *startdate, char *enddate, long days, char *ext_sect, + CONF *conf, int verbose, unsigned long certopt, + unsigned long nameopt, int default_op, int ext_copy); static void write_new_certificate(BIO *bp, X509 *x, int output_der, int notext); static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, const EVP_MD *dgst, - STACK_OF(OPENSSL_STRING) *sigopts, + STACK_OF(OPENSSL_STRING) *sigopts, STACK_OF(CONF_VALUE) *policy, CA_DB *db, BIGNUM *serial,char *subj,unsigned long chtype, int multirdn, int email_dn, char *startdate, char *enddate, long days, int batch, int verbose, X509_REQ *req, char *ext_sect, CONF *conf, @@ -241,9 +237,7 @@ static int preserve=0; static int msie_hack=0; -int MAIN(int, char **); - -int MAIN(int argc, char **argv) +int ca_main(int argc, char **argv) { ENGINE *e = NULL; char *key=NULL,*passargin=NULL; @@ -332,18 +326,12 @@ EF_PROTECT_BELOW=1; EF_ALIGNMENT=0; #endif - apps_startup(); - conf = NULL; key = NULL; section = NULL; preserve=0; msie_hack=0; - if (bio_err == NULL) - if ((bio_err=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); - argc--; argv++; while (argc >= 1) @@ -575,15 +563,11 @@ bad: if (badops) { - const char **pp2; - - for (pp2=ca_usage; (*pp2 != NULL); pp2++) - BIO_printf(bio_err,"%s",*pp2); + BIO_printf(bio_err, "usage: ca args\n"); + printhelp(ca_help); goto err; } - ERR_load_crypto_strings(); - /*****************************************************************/ tofree=NULL; if (configfile == NULL) configfile = getenv("OPENSSL_CONF"); @@ -625,9 +609,6 @@ bad: tofree = NULL; } - if (!load_config(bio_err, conf)) - goto err; - #ifndef OPENSSL_NO_ENGINE e = setup_engine(bio_err, engine, 0); #endif @@ -716,16 +697,6 @@ bad: db_attr.unique_subject); #endif - in=BIO_new(BIO_s_file()); - out=BIO_new(BIO_s_file()); - Sout=BIO_new(BIO_s_file()); - Cout=BIO_new(BIO_s_file()); - if ((in == NULL) || (out == NULL) || (Sout == NULL) || (Cout == NULL)) - { - ERR_print_errors(bio_err); - goto err; - } - /*****************************************************************/ /* report status of cert with serial number given on command line */ if (ser_status) @@ -948,14 +919,7 @@ bad: } if (verbose) { - BIO_set_fp(out,stdout,BIO_NOCLOSE|BIO_FP_TEXT); /* cannot fail */ -#ifdef OPENSSL_SYS_VMS - { - BIO *tmpbio = BIO_new(BIO_f_linebuffer()); - out = BIO_push(tmpbio, out); - } -#endif - TXT_DB_write(out,db->db); + TXT_DB_write(bio_out,db->db); BIO_printf(bio_err,"%d entries loaded from the database\n", sk_OPENSSL_PSTRING_num(db->db->data)); BIO_printf(bio_err,"generating index\n"); @@ -1023,7 +987,8 @@ bad: { if (outfile != NULL) { - if (BIO_write_filename(Sout,outfile) <= 0) + Sout = BIO_new_file(outfile, "w"); + if (Sout == NULL) { perror(outfile); goto err; @@ -1031,13 +996,7 @@ bad: } else { - BIO_set_fp(Sout,stdout,BIO_NOCLOSE|BIO_FP_TEXT); -#ifdef OPENSSL_SYS_VMS - { - BIO *tmpbio = BIO_new(BIO_f_linebuffer()); - Sout = BIO_push(tmpbio, Sout); - } -#endif + Sout = BIO_dup_chain(bio_out); } } @@ -1352,7 +1311,8 @@ bad: if (verbose) BIO_printf(bio_err,"writing %s\n",buf[2]); - if (BIO_write_filename(Cout,buf[2]) <= 0) + Cout = BIO_new_file(buf[2], "w"); + if (Cout == NULL) { perror(buf[2]); goto err; @@ -1570,8 +1530,7 @@ err: NCONF_free(conf); NCONF_free(extconf); OBJ_cleanup(); - apps_shutdown(); - OPENSSL_EXIT(ret); + return(ret); } static void lookup_fail(const char *name, const char *tag) @@ -1593,11 +1552,10 @@ static int certify(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509, EVP_PKEY *pktmp=NULL; int ok= -1,i; - in=BIO_new(BIO_s_file()); - - if (BIO_read_filename(in,infile) <= 0) + in = BIO_new_file(infile, "r"); + if (in == NULL) { - perror(infile); + ERR_print_errors(bio_err); goto err; } if ((req=PEM_read_bio_X509_REQ(in,NULL,NULL,NULL)) == NULL) diff --git a/apps/ciphers.c b/apps/ciphers.c index 85760cd42d..b9f5123428 100644 --- a/apps/ciphers.c +++ b/apps/ciphers.c @@ -66,22 +66,17 @@ #include <openssl/err.h> #include <openssl/ssl.h> -#undef PROG -#define PROG ciphers_main -static const char *ciphers_usage[]={ -"usage: ciphers args\n", -" -v - verbose mode, a textual listing of the SSL/TLS ciphers in OpenSSL\n", -" -V - even more verbose\n", -" -ssl2 - SSL2 mode\n", -" -ssl3 - SSL3 mode\n", -" -tls1 - TLS1 mode\n", -NULL +const char *ciphers_help[]={ + "-v verbose textual listing of the SSL/TLS ciphers in OpenSSL", + "-V even more verbose", + "-ssl2 SSL2 mode", + "-ssl3 SSL3 mode", + "-tls1 TLS1 mode", + NULL }; -int MAIN(int, char **); - -int MAIN(int argc, char **argv) +int ciphers_main(int argc, char **argv) { int ret=1,i; int verbose=0,Verbose=0; @@ -89,7 +84,6 @@ int MAIN(int argc, char **argv) #ifndef OPENSSL_NO_SSL_TRACE int stdname = 0; #endif - const char **pp; const char *p; int badops=0; SSL_CTX *ctx=NULL; @@ -98,24 +92,9 @@ int MAIN(int argc, char **argv) const SSL_METHOD *meth=NULL; STACK_OF(SSL_CIPHER) *sk=NULL; char buf[512]; - BIO *STDout=NULL; meth=SSLv23_server_method(); - apps_startup(); - - if (bio_err == NULL) - bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); - STDout=BIO_new_fp(stdout,BIO_NOCLOSE); -#ifdef OPENSSL_SYS_VMS - { - BIO *tmpbio = BIO_new(BIO_f_linebuffer()); - STDout = BIO_push(tmpbio, STDout); - } -#endif - if (!load_config(bio_err, NULL)) - goto end; - argc--; argv++; while (argc >= 1) @@ -158,8 +137,8 @@ int MAIN(int argc, char **argv) if (badops) { - for (pp=ciphers_usage; (*pp != NULL); pp++) - BIO_printf(bio_err,"%s",*pp); + BIO_printf(bio_err, "usage: ciphers args\n"); + printhelp(ciphers_help); goto end; } @@ -188,10 +167,10 @@ int MAIN(int argc, char **argv) SSL_CIPHER *c = sk_SSL_CIPHER_value(sk,i); p = SSL_CIPHER_get_name(c); if (p == NULL) break; - if (i != 0) BIO_printf(STDout,":"); - BIO_printf(STDout,"%s",p); + if (i != 0) BIO_printf(bio_out,":"); + BIO_printf(bio_out,"%s",p); } - BIO_printf(STDout,"\n"); + BIO_printf(bio_out,"\n"); } else /* verbose */ { @@ -211,11 +190,11 @@ int MAIN(int argc, char **argv) int id3 = (int)(id & 0xffL); if ((id & 0xff000000L) == 0x02000000L) - BIO_printf(STDout, " 0x%02X,0x%02X,0x%02X - ", id1, id2, id3); /* SSL2 cipher */ + BIO_printf(bio_out, " 0x%02X,0x%02X,0x%02X - ", id1, id2, id3); /* SSL2 cipher */ else if ((id & 0xff000000L) == 0x03000000L) - BIO_printf(STDout, " 0x%02X,0x%02X - ", id2, id3); /* SSL3 cipher */ + BIO_printf(bio_out, " 0x%02X,0x%02X - ", id2, id3); /* SSL3 cipher */ else - BIO_printf(STDout, "0x%02X,0x%02X,0x%02X,0x%02X - ", id0, id1, id2, id3); /* whatever */ + BIO_printf(bio_out, "0x%02X,0x%02X,0x%02X,0x%02X - ", id0, id1, id2, id3); /* whatever */ } #ifndef OPENSSL_NO_SSL_TRACE if (stdname) @@ -223,10 +202,10 @@ int MAIN(int argc, char **argv) const char *nm = SSL_CIPHER_standard_name(c); if (nm == NULL) nm = "UNKNOWN"; - BIO_printf(STDout, "%s - ", nm); + BIO_printf(bio_out, "%s - ", nm); } #endif - BIO_puts(STDout,SSL_CIPHER_description(c,buf,sizeof buf)); + BIO_puts(bio_out,SSL_CIPHER_description(c,buf,sizeof buf)); } } @@ -242,8 +221,6 @@ end: sk_SSL_CIPHER_free(sk); if (ctx != NULL) SSL_CTX_free(ctx); if (ssl != NULL) SSL_free(ssl); - if (STDout != NULL) BIO_free_all(STDout); - apps_shutdown(); - OPENSSL_EXIT(ret); + return(ret); } diff --git a/apps/cms.c b/apps/cms.c index bb85a200ed..5032866847 100644 --- a/apps/cms.c +++ b/apps/cms.c @@ -66,8 +66,6 @@ #include <openssl/x509v3.h> #include <openssl/cms.h> -#undef PROG -#define PROG cms_main static int save_certs(char *signerfile, STACK_OF(X509) *signers); static int cms_cb(int ok, X509_STORE_CTX *ctx); static void receipt_request_print(BIO *out, CMS_ContentInfo *cms); @@ -108,9 +106,70 @@ struct cms_key_param_st cms_key_param *next; }; -int MAIN(int, char **); +const char* cms_help[] = { + "-encrypt encrypt message", + "-decrypt decrypt encrypted message", + "-sign sign message", + "-verify verify signed message", + "-cmsout output CMS structure", +#ifndef OPENSSL_NO_DES + "-des3 encrypt with triple DES", + "-des encrypt with DES", +#endif +#ifndef OPENSSL_NO_SEED + "-seed encrypt with SEED", +#endif +#ifndef OPENSSL_NO_RC2 + "-rc2-40 encrypt with RC2-40 (default)", + "-rc2-64 encrypt with RC2-64", + "-rc2-128 encrypt with RC2-128", +#endif +#ifndef OPENSSL_NO_AES + "-aes128, -aes192, -aes256", + " encrypt PEM output with cbc aes", +#endif +#ifndef OPENSSL_NO_CAMELLIA + "-camellia128, -camellia192, -camellia256", + " encrypt PEM output with cbc camellia", +#endif + "-nointern don't search certificates in message for signer", + "-nosigs don't verify message signature", + "-noverify don't verify signers certificate", + "-nocerts don't include signers certificate when signing", + "-nodetach use opaque signing", + "-noattr don't include any signed attributes", + "-binary don't translate message to text", + "-certfile file other certificates file", + "-certsout file certificate output file", + "-signer file signer certificate file", + "-recip file recipient certificate file for decryption", + "-keyid use subject key identifier", + "-in file input file", + "-inform arg input format SMIME (default), PEM or DER", + "-inkey file input private key (if not signer or recipient)", + "-keyform arg input private key format (PEM or ENGINE)", + "-keyopt nm:v set public key parameters", + "-out file output file", + "-outform arg output format SMIME (default), PEM or DER", + "-content file supply or override content for detached signature", + "-to addr to address", + "-from ad from address", + "-subject s subject", + "-text include or delete text MIME headers", + "-CApath dir trusted certificates directory", + "-CAfile file trusted certificates file", + "-trusted_first use locally trusted certificates first when building trust chain", + "-crl_check check revocation status of signer's certificate using CRLs", + "-crl_check_all check revocation status of signer's certificate chain using CRLs", +#ifndef OPENSSL_NO_ENGINE + "-engine e use engine e, possibly a hardware device.", +#endif + "-passin arg input file pass phrase source", + "-rand file... load the file(s) into the random number generator", + NULL +}; -int MAIN(int argc, char **argv) +int cms_main(int argc, char **argv) { ENGINE *e = NULL; int operation = 0; @@ -149,27 +208,12 @@ int MAIN(int argc, char **argv) unsigned char *secret_key = NULL, *secret_keyid = NULL; unsigned char *pwri_pass = NULL, *pwri_tmp = NULL; size_t secret_keylen = 0, secret_keyidlen = 0; - cms_key_param *key_first = NULL, *key_param = NULL; - ASN1_OBJECT *econtent_type = NULL; - X509_VERIFY_PARAM *vpm = NULL; args = argv + 1; ret = 1; - - apps_startup(); - - if (bio_err == NULL) - { - if ((bio_err = BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err, stderr, BIO_NOCLOSE|BIO_FP_TEXT); - } - - if (!load_config(bio_err, NULL)) - goto end; - while (!badarg && *args && *args[0] == '-') { if (!strcmp (*args, "-encrypt")) @@ -665,67 +709,7 @@ int MAIN(int argc, char **argv) argerr: BIO_printf (bio_err, "Usage cms [options] cert.pem ...\n"); BIO_printf (bio_err, "where options are\n"); - BIO_printf (bio_err, "-encrypt encrypt message\n"); - BIO_printf (bio_err, "-decrypt decrypt encrypted message\n"); - BIO_printf (bio_err, "-sign sign message\n"); - BIO_printf (bio_err, "-verify verify signed message\n"); - BIO_printf (bio_err, "-cmsout output CMS structure\n"); -#ifndef OPENSSL_NO_DES - BIO_printf (bio_err, "-des3 encrypt with triple DES\n"); - BIO_printf (bio_err, "-des encrypt with DES\n"); -#endif -#ifndef OPENSSL_NO_SEED - BIO_printf (bio_err, "-seed encrypt with SEED\n"); -#endif -#ifndef OPENSSL_NO_RC2 - BIO_printf (bio_err, "-rc2-40 encrypt with RC2-40 (default)\n"); - BIO_printf (bio_err, "-rc2-64 encrypt with RC2-64\n"); - BIO_printf (bio_err, "-rc2-128 encrypt with RC2-128\n"); -#endif -#ifndef OPENSSL_NO_AES - BIO_printf (bio_err, "-aes128, -aes192, -aes256\n"); - BIO_printf (bio_err, " encrypt PEM output with cbc aes\n"); -#endif -#ifndef OPENSSL_NO_CAMELLIA - BIO_printf (bio_err, "-camellia128, -camellia192, -camellia256\n"); - BIO_printf (bio_err, " encrypt PEM output with cbc camellia\n"); -#endif - BIO_printf (bio_err, "-nointern don't search certificates in message for signer\n"); - BIO_printf (bio_err, "-nosigs don't verify message signature\n"); - BIO_printf (bio_err, "-noverify don't verify signers certificate\n"); - BIO_printf (bio_err, "-nocerts don't include signers certificate when signing\n"); - BIO_printf (bio_err, "-nodetach use opaque signing\n"); - BIO_printf (bio_err, "-noattr don't include any signed attributes\n"); - BIO_printf (bio_err, "-binary don't translate message to text\n"); - BIO_printf (bio_err, "-certfile file other certificates file\n"); - BIO_printf (bio_err, "-certsout file certificate output file\n"); - BIO_printf (bio_err, "-signer file signer certificate file\n"); - BIO_printf (bio_err, "-recip file recipient certificate file for decryption\n"); - BIO_printf (bio_err, "-keyid use subject key identifier\n"); - BIO_printf (bio_err, "-in file input file\n"); - BIO_printf (bio_err, "-inform arg input format SMIME (default), PEM or DER\n"); - BIO_printf (bio_err, "-inkey file input private key (if not signer or recipient)\n"); - BIO_printf (bio_err, "-keyform arg input private key format (PEM or ENGINE)\n"); - BIO_printf (bio_err, "-keyopt nm:v set public key parameters\n"); - BIO_printf (bio_err, "-out file output file\n"); - BIO_printf (bio_err, "-outform arg output format SMIME (default), PEM or DER\n"); - BIO_printf (bio_err, "-content file supply or override content for detached signature\n"); - BIO_printf (bio_err, "-to addr to address\n"); - BIO_printf (bio_err, "-from ad from address\n"); - BIO_printf (bio_err, "-subject s subject\n"); - BIO_printf (bio_err, "-text include or delete text MIME headers\n"); - BIO_printf (bio_err, "-CApath dir trusted certificates directory\n"); - BIO_printf (bio_err, "-CAfile file trusted certificates file\n"); - BIO_printf (bio_err, "-trusted_first use locally trusted certificates first when building trust chain\n"); - BIO_printf (bio_err, "-crl_check check revocation status of signer's certificate using CRLs\n"); - BIO_printf (bio_err, "-crl_check_all check revocation status of signer's certificate chain using CRLs\n"); -#ifndef OPENSSL_NO_ENGINE - BIO_printf (bio_err, "-engine e use engine e, possibly a hardware device.\n"); -#endif - BIO_printf (bio_err, "-passin arg input file pass phrase source\n"); - BIO_printf(bio_err, "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); - BIO_printf(bio_err, " load the file (or the files in the directory) into\n"); - BIO_printf(bio_err, " the random number generator\n"); + printhelp(cms_help); BIO_printf (bio_err, "cert.pem recipient certificate(s) for encryption\n"); goto end; } @@ -952,13 +936,7 @@ int MAIN(int argc, char **argv) } else { - out = BIO_new_fp(stdout, BIO_NOCLOSE); -#ifdef OPENSSL_SYS_VMS - { - BIO *tmpbio = BIO_new(BIO_f_linebuffer()); - out = BIO_push(tmpbio, out); - } -#endif + out = BIO_dup_chain(bio_out); } if ((operation == SMIME_VERIFY) || (operation == SMIME_VERIFY_RECEIPT)) diff --git a/apps/crl.c b/apps/crl.c index f1c49f3d64..4d2e25184c 100644 --- a/apps/crl.c +++ b/apps/crl.c @@ -66,41 +66,33 @@ #include <openssl/x509v3.h> #include <openssl/pem.h> -#undef PROG -#define PROG crl_main #undef POSTFIX #define POSTFIX ".rvk" -static const char *crl_usage[]={ -"usage: crl args\n", -"\n", -" -inform arg - input format - default PEM (DER or PEM)\n", -" -outform arg - output format - default PEM\n", -" -text - print out a text format version\n", -" -in arg - input file - default stdin\n", -" -out arg - output file - default stdout\n", -" -hash - print hash value\n", +const char *crl_help[]={ + "-inform arg input format - default PEM (DER or PEM)", + "-outform arg output format - default PEM", + "-text print out a text format version", + "-in arg input file - default stdin", + "-out arg output file - default stdout", + "-hash print hash value", #ifndef OPENSSL_NO_MD5 -" -hash_old - print old-style (MD5) hash value\n", + "-hash_old print old-style (MD5) hash value", #endif -" -fingerprint - print the crl fingerprint\n", -" -issuer - print issuer DN\n", -" -lastupdate - lastUpdate field\n", -" -nextupdate - nextUpdate field\n", -" -crlnumber - print CRL number\n", -" -noout - no CRL output\n", -" -CAfile name - verify CRL using certificates in file \"name\"\n", -" -CApath dir - verify CRL using certificates in \"dir\"\n", -" -nameopt arg - various certificate name options\n", + "-fingerprint print the crl fingerprint", + "-issuer print issuer DN", + "-lastupdate lastUpdate field", + "-nextupdate nextUpdate field", + "-crlnumber print CRL number", + "-noout no CRL output", + "-CAfile name verify CRL using certificates in file name", + "-CApath dir verify CRL using certificates in dir", + "-nameopt arg various certificate name options", NULL }; -static BIO *bio_out=NULL; - -int MAIN(int, char **); - -int MAIN(int argc, char **argv) +int crl_main(int argc, char **argv) { unsigned long nmflag = 0; X509_CRL *x=NULL; @@ -114,7 +106,6 @@ int MAIN(int argc, char **argv) int hash_old=0; #endif int fingerprint = 0, crlnumber = 0; - const char **pp; X509_STORE *store = NULL; X509_STORE_CTX ctx; X509_LOOKUP *lookup = NULL; @@ -123,27 +114,6 @@ int MAIN(int argc, char **argv) int do_ver = 0; const EVP_MD *md_alg,*digest=EVP_sha1(); - apps_startup(); - - if (bio_err == NULL) - if ((bio_err=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); - - if (!load_config(bio_err, NULL)) - goto end; - - if (bio_out == NULL) - if ((bio_out=BIO_new(BIO_s_file())) != NULL) - { - BIO_set_fp(bio_out,stdout,BIO_NOCLOSE); -#ifdef OPENSSL_SYS_VMS - { - BIO *tmpbio = BIO_new(BIO_f_linebuffer()); - bio_out = BIO_push(tmpbio, bio_out); - } -#endif - } - informat=FORMAT_PEM; outformat=FORMAT_PEM; keyformat=FORMAT_PEM; @@ -254,12 +224,12 @@ int MAIN(int argc, char **argv) if (badops) { bad: - for (pp=crl_usage; (*pp != NULL); pp++) - BIO_printf(bio_err,"%s",*pp); + BIO_printf(bio_err,"crl [options]\n"); + BIO_printf(bio_err,"where options are\n"); + printhelp(crl_help); goto end; } - ERR_load_crypto_strings(); x=load_crl(infile,informat); if (x == NULL) { goto end; } @@ -411,29 +381,16 @@ bad: } } } - - out=BIO_new(BIO_s_file()); - if (out == NULL) - { - ERR_print_errors(bio_err); - goto end; - } - if (outfile == NULL) { - BIO_set_fp(out,stdout,BIO_NOCLOSE); -#ifdef OPENSSL_SYS_VMS - { - BIO *tmpbio = BIO_new(BIO_f_linebuffer()); - out = BIO_push(tmpbio, out); - } -#endif + out = BIO_dup_chain(bio_out); } else { - if (BIO_write_filename(out,outfile) <= 0) + out=BIO_new_file(outfile, "w"); + if (out == NULL) { - perror(outfile); + ERR_print_errors(bio_err); goto end; } } @@ -464,13 +421,10 @@ end: if (ret != 0) ERR_print_errors(bio_err); BIO_free_all(out); - BIO_free_all(bio_out); - bio_out=NULL; X509_CRL_free(x); if(store) { X509_STORE_CTX_cleanup(&ctx); X509_STORE_free(store); } - apps_shutdown(); - OPENSSL_EXIT(ret); + return(ret); } diff --git a/apps/crl2p7.c b/apps/crl2p7.c index 42c6886b83..7b3edcf7ce 100644 --- a/apps/crl2p7.c +++ b/apps/crl2p7.c @@ -72,18 +72,19 @@ #include <openssl/objects.h> static int add_certs_from_file(STACK_OF(X509) *stack, char *certfile); -#undef PROG -#define PROG crl2pkcs7_main -/* -inform arg - input format - default PEM (DER or PEM) - * -outform arg - output format - default PEM - * -in arg - input file - default stdin - * -out arg - output file - default stdout - */ - -int MAIN(int, char **); +const char* crl2pkcs7_help[] = { + "-inform arg input format - DER or PEM", + "-outform arg output format - DER or PEM", + "-in arg input file", + "-out arg output file", + "-certfile arg certificates file of chain to a trusted CA", + " (can be used more than once)", + "-nocrl no crl to load, just certs from '-certfile'", + NULL +}; -int MAIN(int argc, char **argv) +int crl2pkcs7_main(int argc, char **argv) { int i,badops=0; BIO *in=NULL,*out=NULL; @@ -97,12 +98,6 @@ int MAIN(int argc, char **argv) STACK_OF(X509) *cert_stack=NULL; int ret=1,nocrl=0; - apps_startup(); - - if (bio_err == NULL) - if ((bio_err=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); - infile=NULL; outfile=NULL; informat=FORMAT_PEM; @@ -164,38 +159,21 @@ int MAIN(int argc, char **argv) bad: BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog); BIO_printf(bio_err,"where options are\n"); - BIO_printf(bio_err," -inform arg input format - DER or PEM\n"); - BIO_printf(bio_err," -outform arg output format - DER or PEM\n"); - BIO_printf(bio_err," -in arg input file\n"); - BIO_printf(bio_err," -out arg output file\n"); - BIO_printf(bio_err," -certfile arg certificates file of chain to a trusted CA\n"); - BIO_printf(bio_err," (can be used more than once)\n"); - BIO_printf(bio_err," -nocrl no crl to load, just certs from '-certfile'\n"); + printhelp(crl2pkcs7_help); ret = 1; goto end; } - ERR_load_crypto_strings(); - - in=BIO_new(BIO_s_file()); - out=BIO_new(BIO_s_file()); - if ((in == NULL) || (out == NULL)) - { - ERR_print_errors(bio_err); - goto end; - } - if (!nocrl) { if (infile == NULL) - BIO_set_fp(in,stdin,BIO_NOCLOSE); + in = BIO_new_fp(stdin, BIO_NOCLOSE); else + in = BIO_new_file(infile, RB(informat)); + if (in==NULL) { - if (BIO_read_filename(in,infile) <= 0) - { - perror(infile); - goto end; - } + perror(infile); + goto end; } if (informat == FORMAT_ASN1) @@ -245,22 +223,13 @@ bad: sk_OPENSSL_STRING_free(certflst); if (outfile == NULL) - { - BIO_set_fp(out,stdout,BIO_NOCLOSE); -#ifdef OPENSSL_SYS_VMS - { - BIO *tmpbio = BIO_new(BIO_f_linebuffer()); - out = BIO_push(tmpbio, out); - } -#endif - } + out = BIO_dup_chain(bio_out); else + out=BIO_new_file(outfile, WB(outformat)); + if (out==NULL) { - if (BIO_write_filename(out,outfile) <= 0) - { - perror(outfile); - goto end; - } + ERR_print_errors(bio_err); + goto end; } if (outformat == FORMAT_ASN1) @@ -280,12 +249,11 @@ bad: ret=0; end: if (in != NULL) BIO_free(in); - if (out != NULL) BIO_free_all(out); + BIO_free_all(out); if (p7 != NULL) PKCS7_free(p7); if (crl != NULL) X509_CRL_free(crl); - apps_shutdown(); - OPENSSL_EXIT(ret); + return(ret); } /* @@ -306,8 +274,8 @@ static int add_certs_from_file(STACK_OF(X509) *stack, char *certfile) STACK_OF(X509_INFO) *sk=NULL; X509_INFO *xi; - in=BIO_new(BIO_s_file()); - if ((in == NULL) || (BIO_read_filename(in,certfile) <= 0)) + in=BIO_new_file(certfile, "r"); + if (in == NULL) { BIO_printf(bio_err,"error opening the file, %s\n",certfile); goto end; diff --git a/apps/dgst.c b/apps/dgst.c index 19c9424be2..8e005d3f27 100644 --- a/apps/dgst.c +++ b/apps/dgst.c @@ -71,8 +71,27 @@ #undef BUFSIZE #define BUFSIZE 1024*8 -#undef PROG -#define PROG dgst_main +const char *dgst_help[] = { + "-c to output the digest with separating colons", + "-r to output the digest in coreutils format", + "-d to output debug info", + "-hex output as hex dump", + "-binary output in binary form", + "-sign file sign digest using private key in file", + "-verify file verify a signature using public key in file", + "-prverify file verify a signature using private key in file", + "-keyform arg key file format (PEM or ENGINE)", + "-out filename output to filename rather than stdout", + "-signature file signature to verify", + "-sigopt nm:v signature parameter", + "-hmac key create hashed MAC with key", + "-mac algorithm create MAC (not neccessarily HMAC)", + "-macopt nm:v MAC algorithm parameters or key", +#ifndef OPENSSL_NO_ENGINE + "-engine e use engine e, possibly a hardware device.", +#endif + NULL +}; int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout, EVP_PKEY *key, unsigned char *sigin, int siglen, @@ -99,9 +118,7 @@ static void list_md_fn(const EVP_MD *m, mname, mname); } -int MAIN(int, char **); - -int MAIN(int argc, char **argv) +int dgst_main(int argc, char **argv) { ENGINE *e = NULL, *impl = NULL; unsigned char *buf=NULL; @@ -110,8 +127,6 @@ int MAIN(int argc, char **argv) BIO *in=NULL,*inp; BIO *bmd=NULL; BIO *out = NULL; -#define PROG_NAME_SIZE 39 - char pname[PROG_NAME_SIZE+1]; int separator=0; int debug=0; int keyform=FORMAT_PEM; @@ -131,24 +146,13 @@ int MAIN(int argc, char **argv) int non_fips_allow = 0; STACK_OF(OPENSSL_STRING) *sigopts = NULL, *macopts = NULL; - apps_startup(); - if ((buf=(unsigned char *)OPENSSL_malloc(BUFSIZE)) == NULL) { BIO_printf(bio_err,"out of memory\n"); goto end; } - if (bio_err == NULL) - if ((bio_err=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); - - if (!load_config(bio_err, NULL)) - goto end; - /* first check the program name */ - program_name(argv[0],pname,sizeof pname); - - md=EVP_get_digestbyname(pname); + md=EVP_get_digestbyname(opt_progname(argv[0])); argc--; argv++; @@ -161,52 +165,42 @@ int MAIN(int argc, char **argv) separator=2; else if (strcmp(*argv,"-rand") == 0) { - if (--argc < 1) break; randfile=*(++argv); } else if (strcmp(*argv,"-out") == 0) { - if (--argc < 1) break; outfile=*(++argv); } else if (strcmp(*argv,"-sign") == 0) { - if (--argc < 1) break; keyfile=*(++argv); } else if (!strcmp(*argv,"-passin")) { - if (--argc < 1) - break; passargin=*++argv; } else if (strcmp(*argv,"-verify") == 0) { - if (--argc < 1) break; keyfile=*(++argv); want_pub = 1; do_verify = 1; } else if (strcmp(*argv,"-prverify") == 0) { - if (--argc < 1) break; keyfile=*(++argv); do_verify = 1; } else if (strcmp(*argv,"-signature") == 0) { - if (--argc < 1) break; sigfile=*(++argv); } else if (strcmp(*argv,"-keyform") == 0) { - if (--argc < 1) break; keyform=str2fmt(*(++argv)); } #ifndef OPENSSL_NO_ENGINE else if (strcmp(*argv,"-engine") == 0) { - if (--argc < 1) break; engine= *(++argv); e = setup_engine(bio_err, engine, 0); } @@ -225,20 +219,14 @@ int MAIN(int argc, char **argv) non_fips_allow=1; else if (!strcmp(*argv,"-hmac")) { - if (--argc < 1) - break; hmac_key=*++argv; } else if (!strcmp(*argv,"-mac")) { - if (--argc < 1) - break; mac_name=*++argv; } else if (strcmp(*argv,"-sigopt") == 0) { - if (--argc < 1) - break; if (!sigopts) sigopts = sk_OPENSSL_STRING_new_null(); if (!sigopts || !sk_OPENSSL_STRING_push(sigopts, *(++argv))) @@ -246,8 +234,6 @@ int MAIN(int argc, char **argv) } else if (strcmp(*argv,"-macopt") == 0) { - if (--argc < 1) - break; if (!macopts) macopts = sk_OPENSSL_STRING_new_null(); if (!macopts || !sk_OPENSSL_STRING_push(macopts, *(++argv))) @@ -271,25 +257,7 @@ int MAIN(int argc, char **argv) { BIO_printf(bio_err,"unknown option '%s'\n",*argv); BIO_printf(bio_err,"options are\n"); - BIO_printf(bio_err,"-c to output the digest with separating colons\n"); - BIO_printf(bio_err,"-r to output the digest in coreutils format\n"); - BIO_printf(bio_err,"-d to output debug info\n"); - BIO_printf(bio_err,"-hex output as hex dump\n"); - BIO_printf(bio_err,"-binary output in binary form\n"); - BIO_printf(bio_err,"-sign file sign digest using private key in file\n"); - BIO_printf(bio_err,"-verify file verify a signature using public key in file\n"); - BIO_printf(bio_err,"-prverify file verify a signature using private key in file\n"); - BIO_printf(bio_err,"-keyform arg key file format (PEM or ENGINE)\n"); - BIO_printf(bio_err,"-out filename output to filename rather than stdout\n"); - BIO_printf(bio_err,"-signature file signature to verify\n"); - BIO_printf(bio_err,"-sigopt nm:v signature parameter\n"); - BIO_printf(bio_err,"-hmac key create hashed MAC with key\n"); - BIO_printf(bio_err,"-mac algorithm create MAC (not neccessarily HMAC)\n"); - BIO_printf(bio_err,"-macopt nm:v MAC algorithm parameters or key\n"); -#ifndef OPENSSL_NO_ENGINE - BIO_printf(bio_err,"-engine e use engine e, possibly a hardware device.\n"); -#endif - + printhelp(dgst_help); EVP_MD_do_all_sorted(list_md_fn, bio_err); goto end; } @@ -299,7 +267,6 @@ int MAIN(int argc, char **argv) impl = e; #endif - in=BIO_new(BIO_s_file()); bmd=BIO_new(BIO_f_md()); if (debug) { @@ -330,21 +297,13 @@ int MAIN(int argc, char **argv) if(randfile) app_RAND_load_file(randfile, bio_err, 0); - if(outfile) { - if(out_bin) - out = BIO_new_file(outfile, "wb"); - else out = BIO_new_file(outfile, "w"); - } else { - out = BIO_new_fp(stdout, BIO_NOCLOSE); -#ifdef OPENSSL_SYS_VMS - { - BIO *tmpbio = BIO_new(BIO_f_linebuffer()); - out = BIO_push(tmpbio, out); - } -#endif - } + if(outfile) + out = BIO_new_file(outfile, out_bin ? "wb" :"w"); + else + out = BIO_dup_chain(bio_out); - if(!out) { + if (out == NULL) + { BIO_printf(bio_err, "Error opening output file %s\n", outfile ? outfile : "(stdout)"); ERR_print_errors(bio_err); @@ -475,7 +434,7 @@ int MAIN(int argc, char **argv) md = EVP_md5(); if (!EVP_DigestInit_ex(mctx, md, impl)) { - BIO_printf(bio_err, "Error setting digest %s\n", pname); + BIO_printf(bio_err, "Error setting digest\n"); ERR_print_errors(bio_err); goto end; } @@ -557,8 +516,7 @@ end: OPENSSL_free(buf); } if (in != NULL) BIO_free(in); - if (passin) - OPENSSL_free(passin); + if (passin) OPENSSL_free(passin); BIO_free_all(out); EVP_PKEY_free(sigkey); if (sigopts) @@ -567,8 +525,7 @@ end: sk_OPENSSL_STRING_free(macopts); if(sigbuf) OPENSSL_free(sigbuf); if (bmd != NULL) BIO_free(bmd); - apps_shutdown(); - OPENSSL_EXIT(err); + return(err); } int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout, @@ -71,22 +71,22 @@ #include <openssl/x509.h> #include <openssl/pem.h> -#undef PROG -#define PROG dh_main - -/* -inform arg - input format - default PEM (DER or PEM) - * -outform arg - output format - default PEM - * -in arg - input file - default stdin - * -out arg - output file - default stdout - * -check - check the parameters are ok - * -noout - * -text - * -C - */ - -int MAIN(int, char **); +const char* dh_help[] = { + " -inform arg input format - one of DER PEM", + " -outform arg output format - one of DER PEM", + " -in arg input file", + " -out arg output file", + " -check check the DH parameters", + " -text print a text form of the DH parameters", + " -C Output C code", + " -noout no output", +#ifndef OPENSSL_NO_ENGINE + " -engine e use engine e, possibly a hardware device.", +#endif + NULL +}; -int MAIN(int argc, char **argv) +int dh_main(int argc, char **argv) { DH *dh=NULL; int i,badops=0,text=0; @@ -97,15 +97,6 @@ int MAIN(int argc, char **argv) char *engine; #endif - apps_startup(); - - if (bio_err == NULL) - if ((bio_err=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); - - if (!load_config(bio_err, NULL)) - goto end; - #ifndef OPENSSL_NO_ENGINE engine=NULL; #endif @@ -169,61 +160,31 @@ int MAIN(int argc, char **argv) bad: BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog); BIO_printf(bio_err,"where options are\n"); - BIO_printf(bio_err," -inform arg input format - one of DER PEM\n"); - BIO_printf(bio_err," -outform arg output format - one of DER PEM\n"); - BIO_printf(bio_err," -in arg input file\n"); - BIO_printf(bio_err," -out arg output file\n"); - BIO_printf(bio_err," -check check the DH parameters\n"); - BIO_printf(bio_err," -text print a text form of the DH parameters\n"); - BIO_printf(bio_err," -C Output C code\n"); - BIO_printf(bio_err," -noout no output\n"); -#ifndef OPENSSL_NO_ENGINE - BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n"); -#endif + printhelp(dh_help); goto end; } - ERR_load_crypto_strings(); - #ifndef OPENSSL_NO_ENGINE setup_engine(bio_err, engine, 0); #endif - in=BIO_new(BIO_s_file()); - out=BIO_new(BIO_s_file()); - if ((in == NULL) || (out == NULL)) - { - ERR_print_errors(bio_err); - goto end; - } - if (infile == NULL) - BIO_set_fp(in,stdin,BIO_NOCLOSE); + in = BIO_dup_chain(bio_in); else + in = BIO_new_file(infile, informat == FORMAT_ASN1 ? "rb":"r"); + if (in == NULL) { - if (BIO_read_filename(in,infile) <= 0) - { - perror(infile); - goto end; - } + ERR_print_errors(bio_err); + goto end; } if (outfile == NULL) - { - BIO_set_fp(out,stdout,BIO_NOCLOSE); -#ifdef OPENSSL_SYS_VMS - { - BIO *tmpbio = BIO_new(BIO_f_linebuffer()); - out = BIO_push(tmpbio, out); - } -#endif - } + out = BIO_dup_chain(bio_out); else + out = BIO_new_file(outfile, outformat == FORMAT_ASN1 ? "wb":"w"); + if (out == NULL) { - if (BIO_write_filename(out,outfile) <= 0) - { - perror(outfile); - goto end; - } + perror(outfile); + goto end; } if (informat == FORMAT_ASN1) @@ -242,12 +203,10 @@ bad: goto end; } - - if (text) { DHparams_print(out,dh); -#ifdef undef +#if 0 printf("p="); BN_print(stdout,dh->p); printf("\ng="); @@ -340,11 +299,10 @@ bad: } ret=0; end: - if (in != NULL) BIO_free(in); + if (in != NULL) BIO_free_all(in); if (out != NULL) BIO_free_all(out); if (dh != NULL) DH_free(dh); - apps_shutdown(); - OPENSSL_EXIT(ret); + return(ret); } #else /* !OPENSSL_NO_DH */ diff --git a/apps/dhparam.c b/apps/dhparam.c index f5d7126af7..87bab58ccc 100644 --- a/apps/dhparam.c +++ b/apps/dhparam.c @@ -127,27 +127,32 @@ #include <openssl/dsa.h> #endif -#undef PROG -#define PROG dhparam_main #define DEFBITS 512 -/* -inform arg - input format - default PEM (DER or PEM) - * -outform arg - output format - default PEM - * -in arg - input file - default stdin - * -out arg - output file - default stdout - * -dsaparam - read or generate DSA parameters, convert to DH - * -check - check the parameters are ok - * -noout - * -text - * -C - */ - -static int MS_CALLBACK dh_cb(int p, int n, BN_GENCB *cb); +static int dh_cb(int p, int n, BN_GENCB *cb); -int MAIN(int, char **); +const char* dhparam_help[] = { + "-inform arg input format, DER or PEM", + "-outform arg output format, DER or PEM", + "-in arg input file", + "-out arg output file", +#ifndef OPENSSL_NO_DSA + "-dsaparam read or generate DSA parameters, convert to DH", +#endif + "-check check the DH parameters", + "-text print a text form of the DH parameters", + "-C Output C code", + "-2 generate parameters using 2 as the generator value", + "-5 generate parameters using 5 as the generator value", + "-rand file... load the file(s) into the random number generator", +#ifndef OPENSSL_NO_ENGINE + " -engine e use engine e, possibly a hardware device.", +#endif + NULL +}; -int MAIN(int argc, char **argv) +int dhparam_main(int argc, char **argv) { DH *dh=NULL; int i,badops=0,text=0; @@ -163,15 +168,6 @@ int MAIN(int argc, char **argv) #endif int num = 0, g = 0; - apps_startup(); - - if (bio_err == NULL) - if ((bio_err=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); - - if (!load_config(bio_err, NULL)) - goto end; - infile=NULL; outfile=NULL; informat=FORMAT_PEM; @@ -241,31 +237,10 @@ int MAIN(int argc, char **argv) bad: BIO_printf(bio_err,"%s [options] [numbits]\n",prog); BIO_printf(bio_err,"where options are\n"); - BIO_printf(bio_err," -inform arg input format - one of DER PEM\n"); - BIO_printf(bio_err," -outform arg output format - one of DER PEM\n"); - BIO_printf(bio_err," -in arg input file\n"); - BIO_printf(bio_err," -out arg output file\n"); -#ifndef OPENSSL_NO_DSA - BIO_printf(bio_err," -dsaparam read or generate DSA parameters, convert to DH\n"); -#endif - BIO_printf(bio_err," -check check the DH parameters\n"); - BIO_printf(bio_err," -text print a text form of the DH parameters\n"); - BIO_printf(bio_err," -C Output C code\n"); - BIO_printf(bio_err," -2 generate parameters using 2 as the generator value\n"); - BIO_printf(bio_err," -5 generate parameters using 5 as the generator value\n"); - BIO_printf(bio_err," numbits number of bits in to generate (default 512)\n"); -#ifndef OPENSSL_NO_ENGINE - BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n"); -#endif - BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); - BIO_printf(bio_err," - load the file (or the files in the directory) into\n"); - BIO_printf(bio_err," the random number generator\n"); - BIO_printf(bio_err," -noout no output\n"); + printhelp(dhparam_help); goto end; } - ERR_load_crypto_strings(); - #ifndef OPENSSL_NO_ENGINE setup_engine(bio_err, engine, 0); #endif @@ -340,26 +315,13 @@ bad: app_RAND_write_file(NULL, bio_err); } else { - in=BIO_new(BIO_s_file()); - if (in == NULL) - { - ERR_print_errors(bio_err); - goto end; - } if (infile == NULL) - BIO_set_fp(in,stdin,BIO_NOCLOSE); + in = BIO_new_fp(stdin,BIO_NOCLOSE); else + in = BIO_new_file(infile, RB(informat)); + if (in == NULL) { - if (BIO_read_filename(in,infile) <= 0) - { - perror(infile); - goto end; - } - } - - if (informat != FORMAT_ASN1 && informat != FORMAT_PEM) - { - BIO_printf(bio_err,"bad input format specified\n"); + perror(infile); goto end; } @@ -407,29 +369,14 @@ bad: /* dh != NULL */ } - out=BIO_new(BIO_s_file()); - if (out == NULL) - { - ERR_print_errors(bio_err); - goto end; - } if (outfile == NULL) - { - BIO_set_fp(out,stdout,BIO_NOCLOSE); -#ifdef OPENSSL_SYS_VMS - { - BIO *tmpbio = BIO_new(BIO_f_linebuffer()); - out = BIO_push(tmpbio, out); - } -#endif - } + out = BIO_dup_chain(bio_out); else + out = BIO_new_file(outfile, "w"); + if (out == NULL) { - if (BIO_write_filename(out,outfile) <= 0) - { - perror(outfile); - goto end; - } + perror(outfile); + goto end; } @@ -534,12 +481,11 @@ end: if (in != NULL) BIO_free(in); if (out != NULL) BIO_free_all(out); if (dh != NULL) DH_free(dh); - apps_shutdown(); - OPENSSL_EXIT(ret); + return(ret); } /* dh_cb is identical to dsa_cb in apps/dsaparam.c */ -static int MS_CALLBACK dh_cb(int p, int n, BN_GENCB *cb) +static int dh_cb(int p, int n, BN_GENCB *cb) { char c='*'; diff --git a/apps/dsa.c b/apps/dsa.c index 5222487ab9..e69b150993 100644 --- a/apps/dsa.c +++ b/apps/dsa.c @@ -71,30 +71,40 @@ #include <openssl/pem.h> #include <openssl/bn.h> -#undef PROG -#define PROG dsa_main -/* -inform arg - input format - default PEM (one of DER, NET or PEM) - * -outform arg - output format - default PEM - * -in arg - input file - default stdin - * -out arg - output file - default stdout - * -des - encrypt output if PEM format with DES in cbc mode - * -des3 - encrypt output if PEM format - * -idea - encrypt output if PEM format - * -aes128 - encrypt output if PEM format - * -aes192 - encrypt output if PEM format - * -aes256 - encrypt output if PEM format - * -camellia128 - encrypt output if PEM format - * -camellia192 - encrypt output if PEM format - * -camellia256 - encrypt output if PEM format - * -seed - encrypt output if PEM format - * -text - print a text version - * -modulus - print the DSA public key - */ - -int MAIN(int, char **); +const char* dsa_help[] = { + "-inform arg input format - DER or PEM", + "-outform arg output format - DER or PEM", + "-in arg input file", + "-passin arg input file pass phrase source", + "-out arg output file", + "-passout arg output file pass phrase source", +#ifndef OPENSSL_NO_ENGINE + "-engine e use engine e, possibly a hardware device.", +#endif + "-des encrypt PEM output with cbc des", + "-des3 encrypt PEM output with ede cbc des using 168 bit key", +#ifndef OPENSSL_NO_IDEA + "-idea encrypt PEM output with cbc idea", +#endif +#ifndef OPENSSL_NO_AES + "-aes128, -aes192, -aes256", + " encrypt PEM output with cbc aes", +#endif +#ifndef OPENSSL_NO_CAMELLIA + "-camellia128, -camellia192, -camellia256", + " encrypt PEM output with cbc camellia", +#endif +#ifndef OPENSSL_NO_SEED + "-seed encrypt PEM output with cbc seed", +#endif + "-text print the key in text", + "-noout don't print key out", + "-modulus print the DSA public value", + NULL +}; -int MAIN(int argc, char **argv) +int dsa_main(int argc, char **argv) { ENGINE *e = NULL; int ret=1; @@ -114,15 +124,6 @@ int MAIN(int argc, char **argv) int pvk_encr = 2; - apps_startup(); - - if (bio_err == NULL) - if ((bio_err=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); - - if (!load_config(bio_err, NULL)) - goto end; - #ifndef OPENSSL_NO_ENGINE engine=NULL; #endif @@ -204,39 +205,10 @@ int MAIN(int argc, char **argv) bad: BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog); BIO_printf(bio_err,"where options are\n"); - BIO_printf(bio_err," -inform arg input format - DER or PEM\n"); - BIO_printf(bio_err," -outform arg output format - DER or PEM\n"); - BIO_printf(bio_err," -in arg input file\n"); - BIO_printf(bio_err," -passin arg input file pass phrase source\n"); - BIO_printf(bio_err," -out arg output file\n"); - BIO_printf(bio_err," -passout arg output file pass phrase source\n"); -#ifndef OPENSSL_NO_ENGINE - BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n"); -#endif - BIO_printf(bio_err," -des encrypt PEM output with cbc des\n"); - BIO_printf(bio_err," -des3 encrypt PEM output with ede cbc des using 168 bit key\n"); -#ifndef OPENSSL_NO_IDEA - BIO_printf(bio_err," -idea encrypt PEM output with cbc idea\n"); -#endif -#ifndef OPENSSL_NO_AES - BIO_printf(bio_err," -aes128, -aes192, -aes256\n"); - BIO_printf(bio_err," encrypt PEM output with cbc aes\n"); -#endif -#ifndef OPENSSL_NO_CAMELLIA - BIO_printf(bio_err," -camellia128, -camellia192, -camellia256\n"); - BIO_printf(bio_err," encrypt PEM output with cbc camellia\n"); -#endif -#ifndef OPENSSL_NO_SEED - BIO_printf(bio_err," -seed encrypt PEM output with cbc seed\n"); -#endif - BIO_printf(bio_err," -text print the key in text\n"); - BIO_printf(bio_err," -noout don't print key out\n"); - BIO_printf(bio_err," -modulus print the DSA public value\n"); + printhelp(dsa_help); goto end; } - ERR_load_crypto_strings(); - #ifndef OPENSSL_NO_ENGINE e = setup_engine(bio_err, engine, 0); #endif @@ -246,23 +218,14 @@ bad: goto end; } - in=BIO_new(BIO_s_file()); - out=BIO_new(BIO_s_file()); - if ((in == NULL) || (out == NULL)) - { - ERR_print_errors(bio_err); - goto end; - } - if (infile == NULL) - BIO_set_fp(in,stdin,BIO_NOCLOSE); + in = BIO_new_fp(stdin,BIO_NOCLOSE); else + in = BIO_new_file(infile, "r"); + if (in == NULL) { - if (BIO_read_filename(in,infile) <= 0) - { - perror(infile); - goto end; - } + perror(infile); + goto end; } BIO_printf(bio_err,"read DSA key\n"); @@ -291,22 +254,13 @@ bad: } if (outfile == NULL) - { - BIO_set_fp(out,stdout,BIO_NOCLOSE); -#ifdef OPENSSL_SYS_VMS - { - BIO *tmpbio = BIO_new(BIO_f_linebuffer()); - out = BIO_push(tmpbio, out); - } -#endif - } + out = BIO_dup_chain(bio_out); else + out = BIO_new_file(outfile, "w"); + if (out == NULL) { - if (BIO_write_filename(out,outfile) <= 0) - { - perror(outfile); - goto end; - } + ERR_print_errors(bio_err); + goto end; } if (text) @@ -364,8 +318,7 @@ end: if(dsa != NULL) DSA_free(dsa); if(passin) OPENSSL_free(passin); if(passout) OPENSSL_free(passout); - apps_shutdown(); - OPENSSL_EXIT(ret); + return(ret); } #else /* !OPENSSL_NO_DSA */ diff --git a/apps/dsaparam.c b/apps/dsaparam.c index 03e33f9f7e..98f3e86e83 100644 --- a/apps/dsaparam.c +++ b/apps/dsaparam.c @@ -77,22 +77,6 @@ #include <openssl/x509.h> #include <openssl/pem.h> -#undef PROG -#define PROG dsaparam_main - -/* -inform arg - input format - default PEM (DER or PEM) - * -outform arg - output format - default PEM - * -in arg - input file - default stdin - * -out arg - output file - default stdout - * -noout - * -text - * -C - * -noout - * -genkey - * #ifdef GENCB_TEST - * -timebomb n - interrupt keygen after <n> seconds - * #endif - */ #ifdef GENCB_TEST @@ -105,11 +89,28 @@ static void timebomb_sigalarm(int foo) #endif -static int MS_CALLBACK dsa_cb(int p, int n, BN_GENCB *cb); - -int MAIN(int, char **); +static int dsa_cb(int p, int n, BN_GENCB *cb); + +const char* dsaparam_help[] = { + "-inform arg input format - DER or PEM", + "-outform arg output format - DER or PEM", + "-in arg input file", + "-out arg output file", + "-text print as text", + "-C Output C code", + "-noout no output", + "-genkey generate a DSA key", + "-rand files to use for random number input", +#ifndef OPENSSL_NO_ENGINE + "-engine e use engine e, possibly a hardware device.", +#endif +#ifdef GENCB_TEST + "-timebomb n interrupt keygen after <n> seconds", +#endif + NULL +}; -int MAIN(int argc, char **argv) +int dsaparam_main(int argc, char **argv) { DSA *dsa=NULL; int i,badops=0,text=0; @@ -126,15 +127,6 @@ int MAIN(int argc, char **argv) int timebomb=0; #endif - apps_startup(); - - if (bio_err == NULL) - if ((bio_err=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); - - if (!load_config(bio_err, NULL)) - goto end; - infile=NULL; outfile=NULL; informat=FORMAT_PEM; @@ -219,62 +211,27 @@ int MAIN(int argc, char **argv) bad: BIO_printf(bio_err,"%s [options] [bits] <infile >outfile\n",prog); BIO_printf(bio_err,"where options are\n"); - BIO_printf(bio_err," -inform arg input format - DER or PEM\n"); - BIO_printf(bio_err," -outform arg output format - DER or PEM\n"); - BIO_printf(bio_err," -in arg input file\n"); - BIO_printf(bio_err," -out arg output file\n"); - BIO_printf(bio_err," -text print as text\n"); - BIO_printf(bio_err," -C Output C code\n"); - BIO_printf(bio_err," -noout no output\n"); - BIO_printf(bio_err," -genkey generate a DSA key\n"); - BIO_printf(bio_err," -rand files to use for random number input\n"); -#ifndef OPENSSL_NO_ENGINE - BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n"); -#endif -#ifdef GENCB_TEST - BIO_printf(bio_err," -timebomb n interrupt keygen after <n> seconds\n"); -#endif - BIO_printf(bio_err," number number of bits to use for generating private key\n"); - goto end; - } - - ERR_load_crypto_strings(); - - in=BIO_new(BIO_s_file()); - out=BIO_new(BIO_s_file()); - if ((in == NULL) || (out == NULL)) - { - ERR_print_errors(bio_err); + printhelp(dsaparam_help); goto end; } if (infile == NULL) - BIO_set_fp(in,stdin,BIO_NOCLOSE); + in = BIO_new_fp(stdin,BIO_NOCLOSE); else + in = BIO_new_file(infile, "r"); + if (in == NULL) { - if (BIO_read_filename(in,infile) <= 0) - { - perror(infile); - goto end; - } + ERR_print_errors(bio_err); + goto end; } if (outfile == NULL) - { - BIO_set_fp(out,stdout,BIO_NOCLOSE); -#ifdef OPENSSL_SYS_VMS - { - BIO *tmpbio = BIO_new(BIO_f_linebuffer()); - out = BIO_push(tmpbio, out); - } -#endif - } + out = BIO_dup_chain(bio_out); else + out = BIO_new_file(outfile, "w"); + if (out == NULL) { - if (BIO_write_filename(out,outfile) <= 0) - { - perror(outfile); - goto end; - } + ERR_print_errors(bio_err); + goto end; } #ifndef OPENSSL_NO_ENGINE @@ -461,11 +418,10 @@ end: if (in != NULL) BIO_free(in); if (out != NULL) BIO_free_all(out); if (dsa != NULL) DSA_free(dsa); - apps_shutdown(); - OPENSSL_EXIT(ret); + return(ret); } -static int MS_CALLBACK dsa_cb(int p, int n, BN_GENCB *cb) +static int dsa_cb(int p, int n, BN_GENCB *cb) { char c='*'; @@ -67,23 +67,29 @@ #include <openssl/evp.h> #include <openssl/pem.h> -#undef PROG -#define PROG ec_main +const char* ec_help[] = { + "-inform arg input format - DER or PEM", + "-outform arg output format - DER or PEM", + "-in arg input file", + "-passin arg input file pass phrase source", + "-out arg output file", + "-passout arg output file pass phrase source", + "-engine e use engine e, possibly a hardware device.", + "-des encrypt PEM output, instead of 'des' every other ", + " cipher supported by OpenSSL can be used", + "-text print the key", + "-noout don't print key out", + "-param_out print the elliptic curve parameters", + "-conv_form arg specifies the point conversion form ", + " possible values: compressed", + " uncompressed (default) or hybrid", + "-param_enc arg specifies the way the ec parameters are encoded", + " in the asn1 der encoding", + " possible values: named_curve (default) or explicit", + NULL +}; -/* -inform arg - input format - default PEM (one of DER, NET or PEM) - * -outform arg - output format - default PEM - * -in arg - input file - default stdin - * -out arg - output file - default stdout - * -des - encrypt output if PEM format with DES in cbc mode - * -text - print a text version - * -param_out - print the elliptic curve parameters - * -conv_form arg - specifies the point encoding form - * -param_enc arg - specifies the parameter encoding - */ - -int MAIN(int, char **); - -int MAIN(int argc, char **argv) +int ec_main(int argc, char **argv) { int ret = 1; EC_KEY *eckey = NULL; @@ -101,15 +107,6 @@ int MAIN(int argc, char **argv) int asn1_flag = OPENSSL_EC_NAMED_CURVE; int new_asn1_flag = 0; - apps_startup(); - - if (bio_err == NULL) - if ((bio_err=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err, stderr, BIO_NOCLOSE|BIO_FP_TEXT); - - if (!load_config(bio_err, NULL)) - goto end; - engine = NULL; infile = NULL; outfile = NULL; @@ -209,47 +206,10 @@ int MAIN(int argc, char **argv) bad: BIO_printf(bio_err, "%s [options] <infile >outfile\n", prog); BIO_printf(bio_err, "where options are\n"); - BIO_printf(bio_err, " -inform arg input format - " - "DER or PEM\n"); - BIO_printf(bio_err, " -outform arg output format - " - "DER or PEM\n"); - BIO_printf(bio_err, " -in arg input file\n"); - BIO_printf(bio_err, " -passin arg input file pass " - "phrase source\n"); - BIO_printf(bio_err, " -out arg output file\n"); - BIO_printf(bio_err, " -passout arg output file pass " - "phrase source\n"); - BIO_printf(bio_err, " -engine e use engine e, " - "possibly a hardware device.\n"); - BIO_printf(bio_err, " -des encrypt PEM output, " - "instead of 'des' every other \n" - " cipher " - "supported by OpenSSL can be used\n"); - BIO_printf(bio_err, " -text print the key\n"); - BIO_printf(bio_err, " -noout don't print key out\n"); - BIO_printf(bio_err, " -param_out print the elliptic " - "curve parameters\n"); - BIO_printf(bio_err, " -conv_form arg specifies the " - "point conversion form \n"); - BIO_printf(bio_err, " possible values:" - " compressed\n"); - BIO_printf(bio_err, " " - " uncompressed (default)\n"); - BIO_printf(bio_err, " " - " hybrid\n"); - BIO_printf(bio_err, " -param_enc arg specifies the way" - " the ec parameters are encoded\n"); - BIO_printf(bio_err, " in the asn1 der " - "encoding\n"); - BIO_printf(bio_err, " possible values:" - " named_curve (default)\n"); - BIO_printf(bio_err," " - "explicit\n"); + printhelp(ec_help); goto end; } - ERR_load_crypto_strings(); - #ifndef OPENSSL_NO_ENGINE setup_engine(bio_err, engine, 0); #endif @@ -260,23 +220,14 @@ bad: goto end; } - in = BIO_new(BIO_s_file()); - out = BIO_new(BIO_s_file()); - if ((in == NULL) || (out == NULL)) - { - ERR_print_errors(bio_err); - goto end; - } - if (infile == NULL) - BIO_set_fp(in, stdin, BIO_NOCLOSE); + in = BIO_new_fp(stdin, BIO_NOCLOSE); else + in = BIO_new_file(infile, RB(informat)); + if (in == NULL) { - if (BIO_read_filename(in, infile) <= 0) - { - perror(infile); - goto end; - } + ERR_print_errors(bio_err); + goto end; } BIO_printf(bio_err, "read EC key\n"); @@ -309,22 +260,13 @@ bad: } if (outfile == NULL) - { - BIO_set_fp(out, stdout, BIO_NOCLOSE); -#ifdef OPENSSL_SYS_VMS - { - BIO *tmpbio = BIO_new(BIO_f_linebuffer()); - out = BIO_push(tmpbio, out); - } -#endif - } + out = BIO_new_fp(stdout, BIO_NOCLOSE); else + out = BIO_new_file(outfile, WB(outformat)); + if (out == NULL) { - if (BIO_write_filename(out, outfile) <= 0) - { - perror(outfile); - goto end; - } + ERR_print_errors(bio_err); + goto end; } group = EC_KEY_get0_group(eckey); @@ -359,7 +301,7 @@ bad: else i = i2d_ECPrivateKey_bio(out, eckey); } - else if (outformat == FORMAT_PEM) + else { if (param_out) i = PEM_write_bio_ECPKParameters(out, group); @@ -369,12 +311,6 @@ bad: i = PEM_write_bio_ECPrivateKey(out, eckey, enc, NULL, 0, NULL, passout); } - else - { - BIO_printf(bio_err, "bad output format specified for " - "outfile\n"); - goto end; - } if (!i) { @@ -394,8 +330,7 @@ end: OPENSSL_free(passin); if (passout) OPENSSL_free(passout); - apps_shutdown(); - OPENSSL_EXIT(ret); + return(ret); } #else /* !OPENSSL_NO_EC */ diff --git a/apps/ecparam.c b/apps/ecparam.c index de4e46f5a8..48b9f64d81 100644 --- a/apps/ecparam.c +++ b/apps/ecparam.c @@ -84,39 +84,34 @@ #include <openssl/x509.h> #include <openssl/pem.h> -#undef PROG -#define PROG ecparam_main - -/* -inform arg - input format - default PEM (DER or PEM) - * -outform arg - output format - default PEM - * -in arg - input file - default stdin - * -out arg - output file - default stdout - * -noout - do not print the ec parameter - * -text - print the ec parameters in text form - * -check - validate the ec parameters - * -C - print a 'C' function creating the parameters - * -name arg - use the ec parameters with 'short name' name - * -list_curves - prints a list of all currently available curve 'short names' - * -conv_form arg - specifies the point conversion form - * - possible values: compressed - * uncompressed (default) - * hybrid - * -param_enc arg - specifies the way the ec parameters are encoded - * in the asn1 der encoding - * possible values: named_curve (default) - * explicit - * -no_seed - if 'explicit' parameters are chosen do not use the seed - * -genkey - generate ec key - * -rand file - files to use for random number input - * -engine e - use engine e, possibly a hardware device - */ +const char* ecparam_help[] = { + "-inform arg input format - default PEM (DER or PEM)", + "-outform arg output format - default PEM", + "-in arg input file - default stdin", + "-out arg output file - default stdout", + "-noout do not print the ec parameter", + "-text print the ec parameters in text form", + "-check validate the ec parameters", + "-C print a 'C' function creating the parameters", + "-name arg use the ec parameters with 'short name' name", + "-list_curves prints a list of all currently available curve 'short names'", + "-conv_form arg specifies the point conversion form ", + " possible values: compressed", + " uncompressed (default) or hybrid", + "-param_enc arg specifies the way the ec parameters are encoded", + " in the asn1 der encoding", + " possible values: named_curve (default) or explicit", + "-no_seed if 'explicit' parameters are chosen do not use the seed", + "-genkey generate ec key", + "-rand file files to use for random number input", + "-engine e use engine e, possibly a hardware device", + NULL +}; static int ecparam_print_var(BIO *,BIGNUM *,const char *,int,unsigned char *); -int MAIN(int, char **); - -int MAIN(int argc, char **argv) +int ecparam_main(int argc, char **argv) { EC_GROUP *group = NULL; point_conversion_form_t form = POINT_CONVERSION_UNCOMPRESSED; @@ -135,15 +130,6 @@ int MAIN(int argc, char **argv) *ec_gen = NULL, *ec_order = NULL, *ec_cofactor = NULL; unsigned char *buffer = NULL; - apps_startup(); - - if (bio_err == NULL) - if ((bio_err=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); - - if (!load_config(bio_err, NULL)) - goto end; - informat=FORMAT_PEM; outformat=FORMAT_PEM; @@ -249,91 +235,27 @@ int MAIN(int argc, char **argv) bad: BIO_printf(bio_err, "%s [options] <infile >outfile\n",prog); BIO_printf(bio_err, "where options are\n"); - BIO_printf(bio_err, " -inform arg input format - " - "default PEM (DER or PEM)\n"); - BIO_printf(bio_err, " -outform arg output format - " - "default PEM\n"); - BIO_printf(bio_err, " -in arg input file - " - "default stdin\n"); - BIO_printf(bio_err, " -out arg output file - " - "default stdout\n"); - BIO_printf(bio_err, " -noout do not print the " - "ec parameter\n"); - BIO_printf(bio_err, " -text print the ec " - "parameters in text form\n"); - BIO_printf(bio_err, " -check validate the ec " - "parameters\n"); - BIO_printf(bio_err, " -C print a 'C' " - "function creating the parameters\n"); - BIO_printf(bio_err, " -name arg use the " - "ec parameters with 'short name' name\n"); - BIO_printf(bio_err, " -list_curves prints a list of " - "all currently available curve 'short names'\n"); - BIO_printf(bio_err, " -conv_form arg specifies the " - "point conversion form \n"); - BIO_printf(bio_err, " possible values:" - " compressed\n"); - BIO_printf(bio_err, " " - " uncompressed (default)\n"); - BIO_printf(bio_err, " " - " hybrid\n"); - BIO_printf(bio_err, " -param_enc arg specifies the way" - " the ec parameters are encoded\n"); - BIO_printf(bio_err, " in the asn1 der " - "encoding\n"); - BIO_printf(bio_err, " possible values:" - " named_curve (default)\n"); - BIO_printf(bio_err, " " - " explicit\n"); - BIO_printf(bio_err, " -no_seed if 'explicit'" - " parameters are chosen do not" - " use the seed\n"); - BIO_printf(bio_err, " -genkey generate ec" - " key\n"); - BIO_printf(bio_err, " -rand file files to use for" - " random number input\n"); - BIO_printf(bio_err, " -engine e use engine e, " - "possibly a hardware device\n"); - goto end; - } - - ERR_load_crypto_strings(); - - in=BIO_new(BIO_s_file()); - out=BIO_new(BIO_s_file()); - if ((in == NULL) || (out == NULL)) - { - ERR_print_errors(bio_err); + printhelp(ecparam_help); goto end; } if (infile == NULL) - BIO_set_fp(in,stdin,BIO_NOCLOSE); + in = BIO_new_fp(stdin,BIO_NOCLOSE); else + in = BIO_new_file(infile, RB(informat)); + if (in == NULL) { - if (BIO_read_filename(in,infile) <= 0) - { - perror(infile); - goto end; - } + ERR_print_errors(bio_err); + goto end; } if (outfile == NULL) - { - BIO_set_fp(out,stdout,BIO_NOCLOSE); -#ifdef OPENSSL_SYS_VMS - { - BIO *tmpbio = BIO_new(BIO_f_linebuffer()); - out = BIO_push(tmpbio, out); - } -#endif - } + out = BIO_dup_chain(bio_out); else + out = BIO_new_file(outfile, WB(outformat)); + if (out == NULL) { - if (BIO_write_filename(out,outfile) <= 0) - { - perror(outfile); - goto end; - } + ERR_print_errors(bio_err); + goto end; } #ifndef OPENSSL_NO_ENGINE @@ -615,14 +537,8 @@ bad: { if (outformat == FORMAT_ASN1) i = i2d_ECPKParameters_bio(out, group); - else if (outformat == FORMAT_PEM) + else i = PEM_write_bio_ECPKParameters(out, group); - else - { - BIO_printf(bio_err,"bad output format specified for" - " outfile\n"); - goto end; - } if (!i) { BIO_printf(bio_err, "unable to write elliptic " @@ -659,16 +575,9 @@ bad: } if (outformat == FORMAT_ASN1) i = i2d_ECPrivateKey_bio(out, eckey); - else if (outformat == FORMAT_PEM) + else i = PEM_write_bio_ECPrivateKey(out, eckey, NULL, NULL, 0, NULL, NULL); - else - { - BIO_printf(bio_err, "bad output format specified " - "for outfile\n"); - EC_KEY_free(eckey); - goto end; - } EC_KEY_free(eckey); } @@ -697,8 +606,7 @@ end: BIO_free_all(out); if (group != NULL) EC_GROUP_free(group); - apps_shutdown(); - OPENSSL_EXIT(ret); + return(ret); } static int ecparam_print_var(BIO *out, BIGNUM *in, const char *var, diff --git a/apps/enc.c b/apps/enc.c index 928d16bccc..9f8d7f1f52 100644 --- a/apps/enc.c +++ b/apps/enc.c @@ -72,14 +72,37 @@ #endif #include <ctype.h> +const char* enc_help[] = { + "-in file input file", + "-out <file> output file" + "-pass arg phrase source", + "-e encrypt", + "-d decrypt", + "-a base64 encode/decode, depending on encryption flag", + "-base64 same as -a", + "-k pass passphrase", + "-kfile name read passphrase from file", + "-md digest use specified digest to create key from passphrase", + "-S salt salt, in hex", + "-iv iv IV in hex", + "-K iv same as -iv", + "-p print the iv/key", + "-P print the iv/key and exit", + "-bufsize n buffer size", + "-nopad disable standard block padding", +#ifndef OPENSSL_NO_ENGINE + "-engine e use engine e, possibly a hardware device", +#endif + NULL +}; + + int set_hex(char *in,unsigned char *out,int size); + #undef SIZE #undef BSIZE -#undef PROG - #define SIZE (512) #define BSIZE (8*1024) -#define PROG enc_main static void show_ciphers(const OBJ_NAME *name,void *bio_) { @@ -99,9 +122,7 @@ static void show_ciphers(const OBJ_NAME *name,void *bio_) BIO_printf(bio," "); } -int MAIN(int, char **); - -int MAIN(int argc, char **argv) +int enc_main(int argc, char **argv) { static const char magic[]="Salted__"; char mbuf[sizeof magic-1]; @@ -116,48 +137,33 @@ int MAIN(int argc, char **argv) char *hkey=NULL,*hiv=NULL,*hsalt = NULL; char *md=NULL; int enc=1,printkey=0,i,base64=0; -#ifdef ZLIB int do_zlib=0; +#ifdef ZLIB BIO *bzl = NULL; #endif int debug=0,olb64=0,nosalt=0; const EVP_CIPHER *cipher=NULL,*c; EVP_CIPHER_CTX *ctx = NULL; - char *inf=NULL,*outf=NULL; + char *inf=NULL,*outf=NULL, *pname; BIO *in=NULL,*out=NULL,*b64=NULL,*benc=NULL,*rbio=NULL,*wbio=NULL; -#define PROG_NAME_SIZE 39 - char pname[PROG_NAME_SIZE+1]; #ifndef OPENSSL_NO_ENGINE char *engine = NULL; #endif const EVP_MD *dgst=NULL; int non_fips_allow = 0; - apps_startup(); - - if (bio_err == NULL) - if ((bio_err=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); - - if (!load_config(bio_err, NULL)) - goto end; - /* first check the program name */ - program_name(argv[0],pname,sizeof pname); - if (strcmp(pname,"base64") == 0) + pname = opt_progname(argv[0]); + if (strcmp(pname, "base64") == 0) base64=1; #ifdef ZLIB - if (strcmp(pname,"zlib") == 0) + else if (strcmp(pname, "zlib") == 0) do_zlib=1; #endif - - cipher=EVP_get_cipherbyname(pname); -#ifdef ZLIB + else + cipher=EVP_get_cipherbyname(pname); if (!do_zlib && !base64 && (cipher == NULL) && (strcmp(pname,"enc") != 0)) -#else - if (!base64 && (cipher == NULL) && (strcmp(pname,"enc") != 0)) -#endif { BIO_printf(bio_err,"%s is an unknown cipher\n",pname); goto bad; @@ -296,27 +302,9 @@ int MAIN(int argc, char **argv) else { BIO_printf(bio_err,"unknown option '%s'\n",*argv); + BIO_printf(bio_err,"options are:\n"); bad: - BIO_printf(bio_err,"options are\n"); - BIO_printf(bio_err,"%-14s input file\n","-in <file>"); - BIO_printf(bio_err,"%-14s output file\n","-out <file>"); - BIO_printf(bio_err,"%-14s pass phrase source\n","-pass <arg>"); - BIO_printf(bio_err,"%-14s encrypt\n","-e"); - BIO_printf(bio_err,"%-14s decrypt\n","-d"); - BIO_printf(bio_err,"%-14s base64 encode/decode, depending on encryption flag\n","-a/-base64"); - BIO_printf(bio_err,"%-14s passphrase is the next argument\n","-k"); - BIO_printf(bio_err,"%-14s passphrase is the first line of the file argument\n","-kfile"); - BIO_printf(bio_err,"%-14s the next argument is the md to use to create a key\n","-md"); - BIO_printf(bio_err,"%-14s from a passphrase. One of md2, md5, sha or sha1\n",""); - BIO_printf(bio_err,"%-14s salt in hex is the next argument\n","-S"); - BIO_printf(bio_err,"%-14s key/iv in hex is the next argument\n","-K/-iv"); - BIO_printf(bio_err,"%-14s print the iv/key (then exit if -P)\n","-[pP]"); - BIO_printf(bio_err,"%-14s buffer size\n","-bufsize <n>"); - BIO_printf(bio_err,"%-14s disable standard block padding\n","-nopad"); -#ifndef OPENSSL_NO_ENGINE - BIO_printf(bio_err,"%-14s use engine e, possibly a hardware device.\n","-engine e"); -#endif - + printhelp(enc_help); BIO_printf(bio_err,"Cipher Types\n"); OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_CIPHER_METH, show_ciphers, @@ -387,13 +375,6 @@ bad: goto end; } - in=BIO_new(BIO_s_file()); - out=BIO_new(BIO_s_file()); - if ((in == NULL) || (out == NULL)) - { - ERR_print_errors(bio_err); - goto end; - } if (debug) { BIO_set_callback(in,BIO_debug_callback); @@ -408,15 +389,14 @@ bad: if (bufsize != NULL) setvbuf(stdin, (char *)NULL, _IONBF, 0); #endif /* ndef OPENSSL_NO_SETVBUF_IONBF */ - BIO_set_fp(in,stdin,BIO_NOCLOSE); + in = BIO_new_fp(stdin, BIO_NOCLOSE); } else + in = BIO_new_file(inf, "r"); + if (in == NULL) { - if (BIO_read_filename(in,inf) <= 0) - { - perror(inf); - goto end; - } + ERR_print_errors(bio_err); + goto end; } if(!str && passarg) { @@ -458,33 +438,19 @@ bad: if (outf == NULL) - { - BIO_set_fp(out,stdout,BIO_NOCLOSE); -#ifndef OPENSSL_NO_SETVBUF_IONBF - if (bufsize != NULL) - setvbuf(stdout, (char *)NULL, _IONBF, 0); -#endif /* ndef OPENSSL_NO_SETVBUF_IONBF */ -#ifdef OPENSSL_SYS_VMS - { - BIO *tmpbio = BIO_new(BIO_f_linebuffer()); - out = BIO_push(tmpbio, out); - } -#endif - } + out = BIO_dup_chain(bio_out); else + out = BIO_new_file(outf, "w"); + if (out == NULL) { - if (BIO_write_filename(out,outf) <= 0) - { - perror(outf); - goto end; - } + ERR_print_errors(bio_err); + goto end; } rbio=in; wbio=out; #ifdef ZLIB - if (do_zlib) { if ((bzl=BIO_new(BIO_f_zlib())) == NULL) @@ -703,8 +669,7 @@ end: if (bzl != NULL) BIO_free(bzl); #endif if(pass) OPENSSL_free(pass); - apps_shutdown(); - OPENSSL_EXIT(ret); + return(ret); } int set_hex(char *in, unsigned char *out, int size) diff --git a/apps/engine.c b/apps/engine.c index 9a0294398e..2b2f20d695 100644 --- a/apps/engine.c +++ b/apps/engine.c @@ -69,26 +69,23 @@ #include <openssl/engine.h> #include <openssl/ssl.h> -#undef PROG -#define PROG engine_main - -static const char *engine_usage[]={ -"usage: engine opts [engine ...]\n", -" -v[v[v[v]]] - verbose mode, for each engine, list its 'control commands'\n", -" -vv will additionally display each command's description\n", -" -vvv will also add the input flags for each command\n", -" -vvvv will also show internal input flags\n", -" -c - for each engine, also list the capabilities\n", -" -t[t] - for each engine, check that they are really available\n", -" -tt will display error trace for unavailable engines\n", -" -pre <cmd> - runs command 'cmd' against the ENGINE before any attempts\n", -" to load it (if -t is used)\n", -" -post <cmd> - runs command 'cmd' against the ENGINE after loading it\n", -" (only used if -t is also provided)\n", -" NB: -pre and -post will be applied to all ENGINEs supplied on the command\n", -" line, or all supported ENGINEs if none are specified.\n", -" Eg. '-pre \"SO_PATH:/lib/libdriver.so\"' calls command \"SO_PATH\" with\n", -" argument \"/lib/libdriver.so\".\n", + +const char *engine_help[] = { + "-v verbose mode; for each engine, list its 'control commands'", + "-vv also display each command's description", + "-vvv also add the input flags for each command", + "-vvvv also show internal input flags", + "-c for each engine, also list the capabilities", + "-t check that each engine is available", + "-tt display error trace for unavailable engines", + "-pre cmd runs command 'cmd' against the ENGINE before any attempts", + " to load it (if -t is used)", + "-post cmd runs command 'cmd' against the ENGINE after loading it", + " (only used if -t is also provided)", + "NB: -pre and -post will be applied to all ENGINEs supplied on the command", + "line, or all supported ENGINEs if none are specified.\n", + "Eg. '-pre \"SO_PATH:/lib/libdriver.so\"' calls command \"SO_PATH\" with", + "argument \"/lib/libdriver.so\".", NULL }; @@ -336,12 +333,9 @@ static void util_do_cmds(ENGINE *e, STACK_OF(OPENSSL_STRING) *cmds, } } -int MAIN(int, char **); - -int MAIN(int argc, char **argv) +int engine_main(int argc, char **argv) { int ret=1,i; - const char **pp; int verbose=0, list_cap=0, test_avail=0, test_avail_noise = 0; ENGINE *e; STACK_OF(OPENSSL_STRING) *engines = sk_OPENSSL_STRING_new_null(); @@ -351,14 +345,8 @@ int MAIN(int argc, char **argv) BIO *bio_out=NULL; const char *indent = " "; - apps_startup(); SSL_load_error_strings(); - if (bio_err == NULL) - bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); - - if (!load_config(bio_err, NULL)) - goto end; bio_out=BIO_new_fp(stdout,BIO_NOCLOSE); #ifdef OPENSSL_SYS_VMS { @@ -416,8 +404,8 @@ skip_arg_loop: if (badops) { - for (pp=engine_usage; (*pp != NULL); pp++) - BIO_printf(bio_err,"%s",*pp); + BIO_printf(bio_err, "usage: engine opts [engine ...]\n"); + printhelp(engine_help); goto end; } @@ -537,8 +525,7 @@ end: sk_OPENSSL_STRING_pop_free(pre_cmds, identity); sk_OPENSSL_STRING_pop_free(post_cmds, identity); if (bio_out != NULL) BIO_free_all(bio_out); - apps_shutdown(); - OPENSSL_EXIT(ret); + return(ret); } #else diff --git a/apps/errstr.c b/apps/errstr.c index fe3b98077e..15ff9f6331 100644 --- a/apps/errstr.c +++ b/apps/errstr.c @@ -65,48 +65,43 @@ #include <openssl/err.h> #include <openssl/ssl.h> -#undef PROG -#define PROG errstr_main -int MAIN(int, char **); +const char* errstr_help[] = { + "-stats print internal hashtable statistics (long!)", + NULL +}; -int MAIN(int argc, char **argv) +int errstr_main(int argc, char **argv) { int i,ret=0; char buf[256]; unsigned long l; - apps_startup(); - - if (bio_err == NULL) - if ((bio_err=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); - SSL_load_error_strings(); if ((argc > 1) && (strcmp(argv[1],"-stats") == 0)) { - BIO *out=NULL; - - out=BIO_new(BIO_s_file()); - if ((out != NULL) && BIO_set_fp(out,stdout,BIO_NOCLOSE)) - { -#ifdef OPENSSL_SYS_VMS + BIO *out = BIO_dup_chain(bio_out); + if (out==NULL) { - BIO *tmpbio = BIO_new(BIO_f_linebuffer()); - out = BIO_push(tmpbio, out); + ERR_print_errors(bio_err); + return 1; } -#endif - lh_ERR_STRING_DATA_node_stats_bio( - ERR_get_string_table(), out); - lh_ERR_STRING_DATA_stats_bio(ERR_get_string_table(), - out); - lh_ERR_STRING_DATA_node_usage_stats_bio( - ERR_get_string_table(),out); - } - if (out != NULL) BIO_free_all(out); - argc--; - argv++; + lh_ERR_STRING_DATA_node_stats_bio( + ERR_get_string_table(), out); + lh_ERR_STRING_DATA_stats_bio(ERR_get_string_table(), + out); + lh_ERR_STRING_DATA_node_usage_stats_bio( + ERR_get_string_table(),out); + BIO_free_all(out); + return 0; + } + if ((argc > 1) && argv[1][0] == '-') + { + BIO_printf(bio_err, "errstr [options] num...\n"); + BIO_printf(bio_err,"where options are\n"); + printhelp(errstr_help); + ret++; } for (i=1; i<argc; i++) @@ -119,10 +114,8 @@ int MAIN(int argc, char **argv) else { printf("%s: bad error code\n",argv[i]); - printf("usage: errstr [-stats] <errno> ...\n"); ret++; } } - apps_shutdown(); - OPENSSL_EXIT(ret); + return(ret); } diff --git a/apps/gendh.c b/apps/gendh.c index 4ec776ba93..eb9335c753 100644 --- a/apps/gendh.c +++ b/apps/gendh.c @@ -79,14 +79,21 @@ #include <openssl/pem.h> #define DEFBITS 512 -#undef PROG -#define PROG gendh_main -static int MS_CALLBACK dh_cb(int p, int n, BN_GENCB *cb); +static int dh_cb(int p, int n, BN_GENCB *cb); -int MAIN(int, char **); +const char* gendh_help[] = { + "-out file output the key to 'file", + "-2 use 2 as the generator value", + "-5 use 5 as the generator value", + "-rand file... load the file(s) into the random number generator", +#ifndef OPENSSL_NO_ENGINE + "-engine e use engine e, possibly a hardware device.", +#endif + NULL +}; -int MAIN(int argc, char **argv) +int gendh_main(int argc, char **argv) { BN_GENCB cb; DH *dh=NULL; @@ -99,16 +106,7 @@ int MAIN(int argc, char **argv) #endif BIO *out=NULL; - apps_startup(); - BN_GENCB_set(&cb, dh_cb, bio_err); - if (bio_err == NULL) - if ((bio_err=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); - - if (!load_config(bio_err, NULL)) - goto end; - argv++; argc--; for (;;) @@ -121,8 +119,6 @@ int MAIN(int argc, char **argv) } else if (strcmp(*argv,"-2") == 0) g=2; - /* else if (strcmp(*argv,"-3") == 0) - g=3; */ else if (strcmp(*argv,"-5") == 0) g=5; #ifndef OPENSSL_NO_ENGINE @@ -146,16 +142,7 @@ int MAIN(int argc, char **argv) { bad: BIO_printf(bio_err,"usage: gendh [args] [numbits]\n"); - BIO_printf(bio_err," -out file - output the key to 'file\n"); - BIO_printf(bio_err," -2 - use 2 as the generator value\n"); - /* BIO_printf(bio_err," -3 - use 3 as the generator value\n"); */ - BIO_printf(bio_err," -5 - use 5 as the generator value\n"); -#ifndef OPENSSL_NO_ENGINE - BIO_printf(bio_err," -engine e - use engine e, possibly a hardware device.\n"); -#endif - BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); - BIO_printf(bio_err," - load the file (or the files in the directory) into\n"); - BIO_printf(bio_err," the random number generator\n"); + printhelp(gendh_help); goto end; } @@ -163,32 +150,16 @@ bad: setup_engine(bio_err, engine, 0); #endif - out=BIO_new(BIO_s_file()); + if (outfile == NULL) + out = BIO_dup_chain(bio_out); + else + out = BIO_new_file(outfile, "w"); if (out == NULL) { ERR_print_errors(bio_err); goto end; } - if (outfile == NULL) - { - BIO_set_fp(out,stdout,BIO_NOCLOSE); -#ifdef OPENSSL_SYS_VMS - { - BIO *tmpbio = BIO_new(BIO_f_linebuffer()); - out = BIO_push(tmpbio, out); - } -#endif - } - else - { - if (BIO_write_filename(out,outfile) <= 0) - { - perror(outfile); - goto end; - } - } - if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL) { BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n"); @@ -213,11 +184,10 @@ end: ERR_print_errors(bio_err); if (out != NULL) BIO_free_all(out); if (dh != NULL) DH_free(dh); - apps_shutdown(); - OPENSSL_EXIT(ret); + return(ret); } -static int MS_CALLBACK dh_cb(int p, int n, BN_GENCB *cb) +static int dh_cb(int p, int n, BN_GENCB *cb) { char c='*'; diff --git a/apps/gendsa.c b/apps/gendsa.c index 62ea977905..a176856d58 100644 --- a/apps/gendsa.c +++ b/apps/gendsa.c @@ -71,12 +71,35 @@ #include <openssl/pem.h> #define DEFBITS 512 -#undef PROG -#define PROG gendsa_main -int MAIN(int, char **); +const char* gendsa_help[] = { + "-out file - output the key to 'file'", +#ifndef OPENSSL_NO_DES + "-des - encrypt the generated key with DES in cbc mode", + "-des3 - encrypt the generated key with DES in ede cbc mode (168 bit key)", +#endif +#ifndef OPENSSL_NO_SEED + "-seed encrypt PEM output with cbc seed", +#endif +#ifndef OPENSSL_NO_AES + "-aes128, -aes192, -aes256", + " encrypt PEM output with cbc aes", +#endif +#ifndef OPENSSL_NO_CAMELLIA + "-camellia128, -camellia192, -camellia256", + " encrypt PEM output with cbc camellia", +#endif +#ifndef OPENSSL_NO_IDEA + "-idea - encrypt the generated key with IDEA in cbc mode", +#endif +#ifndef OPENSSL_NO_ENGINE + "-engine e - use engine e, possibly a hardware device.", +#endif + "-rand file... load the file(s) into the random number generator", -int MAIN(int argc, char **argv) + NULL +}; +int gendsa_main(int argc, char **argv) { DSA *dsa=NULL; int ret=1; @@ -89,15 +112,6 @@ int MAIN(int argc, char **argv) char *engine=NULL; #endif - apps_startup(); - - if (bio_err == NULL) - if ((bio_err=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); - - if (!load_config(bio_err, NULL)) - goto end; - argv++; argc--; for (;;) @@ -171,32 +185,7 @@ int MAIN(int argc, char **argv) { bad: BIO_printf(bio_err,"usage: gendsa [args] dsaparam-file\n"); - BIO_printf(bio_err," -out file - output the key to 'file'\n"); -#ifndef OPENSSL_NO_DES - BIO_printf(bio_err," -des - encrypt the generated key with DES in cbc mode\n"); - BIO_printf(bio_err," -des3 - encrypt the generated key with DES in ede cbc mode (168 bit key)\n"); -#endif -#ifndef OPENSSL_NO_IDEA - BIO_printf(bio_err," -idea - encrypt the generated key with IDEA in cbc mode\n"); -#endif -#ifndef OPENSSL_NO_SEED - BIO_printf(bio_err," -seed\n"); - BIO_printf(bio_err," encrypt PEM output with cbc seed\n"); -#endif -#ifndef OPENSSL_NO_AES - BIO_printf(bio_err," -aes128, -aes192, -aes256\n"); - BIO_printf(bio_err," encrypt PEM output with cbc aes\n"); -#endif -#ifndef OPENSSL_NO_CAMELLIA - BIO_printf(bio_err," -camellia128, -camellia192, -camellia256\n"); - BIO_printf(bio_err," encrypt PEM output with cbc camellia\n"); -#endif -#ifndef OPENSSL_NO_ENGINE - BIO_printf(bio_err," -engine e - use engine e, possibly a hardware device.\n"); -#endif - BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); - BIO_printf(bio_err," - load the file (or the files in the directory) into\n"); - BIO_printf(bio_err," the random number generator\n"); + printhelp(gendsa_help); BIO_printf(bio_err," dsaparam-file\n"); BIO_printf(bio_err," - a DSA parameter file as generated by the dsaparam command\n"); goto end; @@ -212,10 +201,10 @@ bad: } - in=BIO_new(BIO_s_file()); - if (!(BIO_read_filename(in,dsaparams))) + in = BIO_new_file(dsaparams, "r"); + if (in == NULL) { - perror(dsaparams); + ERR_print_errors(bio_err); goto end; } @@ -227,26 +216,14 @@ bad: BIO_free(in); in = NULL; - out=BIO_new(BIO_s_file()); - if (out == NULL) goto end; - if (outfile == NULL) - { - BIO_set_fp(out,stdout,BIO_NOCLOSE); -#ifdef OPENSSL_SYS_VMS - { - BIO *tmpbio = BIO_new(BIO_f_linebuffer()); - out = BIO_push(tmpbio, out); - } -#endif - } + out = BIO_dup_chain(bio_out); else + out = BIO_new_file(outfile, "w"); + if (out == NULL) { - if (BIO_write_filename(out,outfile) <= 0) - { - perror(outfile); - goto end; - } + ERR_print_errors(bio_err); + goto end; } if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL) @@ -273,8 +250,7 @@ end: if (out != NULL) BIO_free_all(out); if (dsa != NULL) DSA_free(dsa); if(passout) OPENSSL_free(passout); - apps_shutdown(); - OPENSSL_EXIT(ret); + return(ret); } #else /* !OPENSSL_NO_DSA */ diff --git a/apps/genpkey.c b/apps/genpkey.c index 6dfda08b9e..06db6ca27c 100644 --- a/apps/genpkey.c +++ b/apps/genpkey.c @@ -69,11 +69,23 @@ static int init_keygen_file(BIO *err, EVP_PKEY_CTX **pctx, const char *file, ENGINE *e); static int genpkey_cb(EVP_PKEY_CTX *ctx); -#define PROG genpkey_main - -int MAIN(int, char **); - -int MAIN(int argc, char **argv) +const char* genpkey_help[] = { + "-out file output file", + "-outform X output format (DER or PEM)", + "-pass arg output file pass phrase source", + "-<cipher> use cipher <cipher> to encrypt the key", +#ifndef OPENSSL_NO_ENGINE + "-engine e use engine e, possibly a hardware device.", +#endif + "-paramfile file parameters file", + "-algorithm alg the public key algorithm", + "-pkeyopt opt:value set the public key algorithm option <opt>", + " to value <value>", + "-genparam generate parameters, not key", + "-text print the in text", + NULL +}; +int genpkey_main(int argc, char **argv) { ENGINE *e = NULL; char **args, *outfile = NULL; @@ -90,16 +102,8 @@ int MAIN(int argc, char **argv) int do_param = 0; - if (bio_err == NULL) - bio_err = BIO_new_fp (stderr, BIO_NOCLOSE); - - if (!load_config(bio_err, NULL)) - goto end; - outformat=FORMAT_PEM; - ERR_load_crypto_strings(); - OpenSSL_add_all_algorithms(); args = argv + 1; while (!badarg && *args && *args[0] == '-') { @@ -198,19 +202,7 @@ int MAIN(int argc, char **argv) bad: BIO_printf(bio_err, "Usage: genpkey [options]\n"); BIO_printf(bio_err, "where options may be\n"); - BIO_printf(bio_err, "-out file output file\n"); - BIO_printf(bio_err, "-outform X output format (DER or PEM)\n"); - BIO_printf(bio_err, "-pass arg output file pass phrase source\n"); - BIO_printf(bio_err, "-<cipher> use cipher <cipher> to encrypt the key\n"); -#ifndef OPENSSL_NO_ENGINE - BIO_printf(bio_err, "-engine e use engine e, possibly a hardware device.\n"); -#endif - BIO_printf(bio_err, "-paramfile file parameters file\n"); - BIO_printf(bio_err, "-algorithm alg the public key algorithm\n"); - BIO_printf(bio_err, "-pkeyopt opt:value set the public key algorithm option <opt>\n" - " to value <value>\n"); - BIO_printf(bio_err, "-genparam generate parameters, not key\n"); - BIO_printf(bio_err, "-text print the in text\n"); + printhelp(genpkey_help); BIO_printf(bio_err, "NB: options order may be important! See the manual page.\n"); goto end; } diff --git a/apps/genrsa.c b/apps/genrsa.c index 94cb613ccb..c8d83fa07a 100644 --- a/apps/genrsa.c +++ b/apps/genrsa.c @@ -79,14 +79,38 @@ #include <openssl/rand.h> #define DEFBITS 1024 -#undef PROG -#define PROG genrsa_main -static int MS_CALLBACK genrsa_cb(int p, int n, BN_GENCB *cb); +static int genrsa_cb(int p, int n, BN_GENCB *cb); -int MAIN(int, char **); +const char* genrsa_help[] = { + "-des encrypt the generated key with DES in cbc mode", + "-des3 encrypt the generated key with DES in ede cbc mode (168 bit key)", +#ifndef OPENSSL_NO_IDEA + "-idea encrypt the generated key with IDEA in cbc mode", +#endif +#ifndef OPENSSL_NO_SEED + "-seed encrypt PEM output with cbc seed", +#endif +#ifndef OPENSSL_NO_AES + "-aes128, -aes192, -aes256", + " encrypt PEM output with cbc aes", +#endif +#ifndef OPENSSL_NO_CAMELLIA + "-camellia128, -camellia192, -camellia256", + " encrypt PEM output with cbc camellia", +#endif + "-out file output the key to 'file", + "-passout arg output file pass phrase source", + "-f4 use F4 (0x10001) for the E value", + "-3 use 3 for the E value", +#ifndef OPENSSL_NO_ENGINE + "-engine e use engine e, possibly a hardware device.", +#endif + "-rand file... load the file(s) into the random number generator", + NULL +}; -int MAIN(int argc, char **argv) +int genrsa_main(int argc, char **argv) { BN_GENCB cb; #ifndef OPENSSL_NO_ENGINE @@ -110,21 +134,8 @@ int MAIN(int argc, char **argv) if(!bn) goto err; - apps_startup(); BN_GENCB_set(&cb, genrsa_cb, bio_err); - if (bio_err == NULL) - if ((bio_err=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); - - if (!load_config(bio_err, NULL)) - goto err; - if ((out=BIO_new(BIO_s_file())) == NULL) - { - BIO_printf(bio_err,"unable to create BIO for output\n"); - goto err; - } - argv++; argc--; for (;;) @@ -197,38 +208,10 @@ int MAIN(int argc, char **argv) { bad: BIO_printf(bio_err,"usage: genrsa [args] [numbits]\n"); - BIO_printf(bio_err," -des encrypt the generated key with DES in cbc mode\n"); - BIO_printf(bio_err," -des3 encrypt the generated key with DES in ede cbc mode (168 bit key)\n"); -#ifndef OPENSSL_NO_IDEA - BIO_printf(bio_err," -idea encrypt the generated key with IDEA in cbc mode\n"); -#endif -#ifndef OPENSSL_NO_SEED - BIO_printf(bio_err," -seed\n"); - BIO_printf(bio_err," encrypt PEM output with cbc seed\n"); -#endif -#ifndef OPENSSL_NO_AES - BIO_printf(bio_err," -aes128, -aes192, -aes256\n"); - BIO_printf(bio_err," encrypt PEM output with cbc aes\n"); -#endif -#ifndef OPENSSL_NO_CAMELLIA - BIO_printf(bio_err," -camellia128, -camellia192, -camellia256\n"); - BIO_printf(bio_err," encrypt PEM output with cbc camellia\n"); -#endif - BIO_printf(bio_err," -out file output the key to 'file\n"); - BIO_printf(bio_err," -passout arg output file pass phrase source\n"); - BIO_printf(bio_err," -f4 use F4 (0x10001) for the E value\n"); - BIO_printf(bio_err," -3 use 3 for the E value\n"); -#ifndef OPENSSL_NO_ENGINE - BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n"); -#endif - BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); - BIO_printf(bio_err," load the file (or the files in the directory) into\n"); - BIO_printf(bio_err," the random number generator\n"); + printhelp(genrsa_help); goto err; } - ERR_load_crypto_strings(); - if(!app_passwd(bio_err, NULL, passargout, NULL, &passout)) { BIO_printf(bio_err, "Error getting password\n"); goto err; @@ -239,22 +222,13 @@ bad: #endif if (outfile == NULL) - { - BIO_set_fp(out,stdout,BIO_NOCLOSE); -#ifdef OPENSSL_SYS_VMS - { - BIO *tmpbio = BIO_new(BIO_f_linebuffer()); - out = BIO_push(tmpbio, out); - } -#endif - } + out = BIO_dup_chain(bio_out); else + out = BIO_new_file(outfile, "w"); + if (out == NULL) { - if (BIO_write_filename(out,outfile) <= 0) - { - perror(outfile); - goto err; - } + ERR_print_errors(bio_err); + goto err; } if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL @@ -313,11 +287,10 @@ err: if(passout) OPENSSL_free(passout); if (ret != 0) ERR_print_errors(bio_err); - apps_shutdown(); - OPENSSL_EXIT(ret); + return(ret); } -static int MS_CALLBACK genrsa_cb(int p, int n, BN_GENCB *cb) +static int genrsa_cb(int p, int n, BN_GENCB *cb) { char c='*'; diff --git a/apps/nseq.c b/apps/nseq.c index e3c4dba547..bcc6ea092d 100644 --- a/apps/nseq.c +++ b/apps/nseq.c @@ -62,12 +62,15 @@ #include <openssl/pem.h> #include <openssl/err.h> -#undef PROG -#define PROG nseq_main +const char* nseq_help[] = { + "-in file input file", + "-out file output file", + "-toseq output NS Sequence file", + NULL +}; -int MAIN(int, char **); -int MAIN(int argc, char **argv) +int nseq_main(int argc, char **argv) { char **args, *infile = NULL, *outfile = NULL; BIO *in = NULL, *out = NULL; @@ -76,8 +79,7 @@ int MAIN(int argc, char **argv) NETSCAPE_CERT_SEQUENCE *seq = NULL; int i, ret = 1; int badarg = 0; - if (bio_err == NULL) bio_err = BIO_new_fp (stderr, BIO_NOCLOSE); - ERR_load_crypto_strings(); + args = argv + 1; while (!badarg && *args && *args[0] == '-') { if (!strcmp (*args, "-toseq")) toseq = 1; @@ -99,10 +101,8 @@ int MAIN(int argc, char **argv) BIO_printf (bio_err, "Netscape certificate sequence utility\n"); BIO_printf (bio_err, "Usage nseq [options]\n"); BIO_printf (bio_err, "where options are\n"); - BIO_printf (bio_err, "-in file input file\n"); - BIO_printf (bio_err, "-out file output file\n"); - BIO_printf (bio_err, "-toseq output NS Sequence file\n"); - OPENSSL_EXIT(1); + printhelp(nseq_help); + return(1); } if (infile) { @@ -162,6 +162,6 @@ end: BIO_free_all(out); NETSCAPE_CERT_SEQUENCE_free(seq); - OPENSSL_EXIT(ret); + return(ret); } diff --git a/apps/ocsp.c b/apps/ocsp.c index 902546ff61..b1270a1b2b 100644 --- a/apps/ocsp.c +++ b/apps/ocsp.c @@ -117,12 +117,56 @@ static OCSP_RESPONSE *query_responder(BIO *err, BIO *cbio, const char *path, const STACK_OF(CONF_VALUE) *headers, OCSP_REQUEST *req, int req_timeout); -#undef PROG -#define PROG ocsp_main - -int MAIN(int, char **); - -int MAIN(int argc, char **argv) +const char* ocsp_help[] = { + "-out file output filename", + "-issuer file issuer certificate", + "-cert file certificate to check", + "-serial n serial number to check", + "-signer file certificate to sign OCSP request with", + "-signkey file private key to sign OCSP request with", + "-sign_other file additional certificates to include in signed request", + "-no_certs don't include any certificates in signed request", + "-req_text print text form of request", + "-resp_text print text form of response", + "-text print text form of request and response", + "-reqout file write DER encoded OCSP request to ", + "-respout file write DER encoded OCSP reponse to ", + "-reqin file read DER encoded OCSP request from ", + "-respin file read DER encoded OCSP reponse from ", + "-nonce add OCSP nonce to request", + "-no_nonce don't add OCSP nonce to request", + "-url URL OCSP responder URL", + "-host host:n send OCSP request to host on port n", + "-path path to use in OCSP request", + "-CApath dir trusted certificates directory", + "-CAfile file trusted certificates file", + "-trusted_first use locally trusted CA's first when building trust chain", + "-VAfile file validator certificates file", + "-validity_period n maximum validity discrepancy in seconds", + "-status_age n maximum status age in seconds", + "-noverify don't verify response at all", + "-verify_other file additional certificates to search for signer", + "-trust_other don't verify additional certificates", + "-no_intern don't search certificates contained in response for signer", + "-no_signature_verify don't check signature on response", + "-no_cert_verify don't check signing certificate", + "-no_chain don't chain verify response", + "-no_cert_checks don't do additional checks on signing certificate", + "-port num port to run responder on", + "-index file certificate status index file", + "-CA file CA certificate", + "-rsigner file responder certificate to sign responses with", + "-rkey file responder key to sign responses with", + "-rother file other certificates to include in response", + "-resp_no_certs don't include any certificates in response", + "-nmin n number of minutes before next update", + "-ndays n number of days before next update", + "-resp_key_id identify reponse by signing certificate key ID", + "-nrequest n number of requests to accept (default unlimited)", + "-<dgst alg> use specified digest in the request", + NULL +}; +int ocsp_main(int argc, char **argv) { ENGINE *e = NULL; char **args; @@ -169,12 +213,7 @@ int MAIN(int argc, char **argv) int nmin = 0, ndays = -1; const EVP_MD *cert_id_md = NULL, *rsign_md = NULL; - if (bio_err == NULL) bio_err = BIO_new_fp(stderr, BIO_NOCLOSE); - - if (!load_config(bio_err, NULL)) - goto end; SSL_load_error_strings(); - OpenSSL_add_ssl_algorithms(); args = argv + 1; reqnames = sk_OPENSSL_STRING_new_null(); ids = sk_OCSP_CERTID_new_null(); @@ -601,55 +640,9 @@ int MAIN(int argc, char **argv) if (badarg) { - BIO_printf (bio_err, "OCSP utility\n"); - BIO_printf (bio_err, "Usage ocsp [options]\n"); + BIO_printf (bio_err, "Usage: ocsp [options]\n"); BIO_printf (bio_err, "where options are\n"); - BIO_printf (bio_err, "-out file output filename\n"); - BIO_printf (bio_err, "-issuer file issuer certificate\n"); - BIO_printf (bio_err, "-cert file certificate to check\n"); - BIO_printf (bio_err, "-serial n serial number to check\n"); - BIO_printf (bio_err, "-signer file certificate to sign OCSP request with\n"); - BIO_printf (bio_err, "-signkey file private key to sign OCSP request with\n"); - BIO_printf (bio_err, "-sign_other file additional certificates to include in signed request\n"); - BIO_printf (bio_err, "-no_certs don't include any certificates in signed request\n"); - BIO_printf (bio_err, "-req_text print text form of request\n"); - BIO_printf (bio_err, "-resp_text print text form of response\n"); - BIO_printf (bio_err, "-text print text form of request and response\n"); - BIO_printf (bio_err, "-reqout file write DER encoded OCSP request to \"file\"\n"); - BIO_printf (bio_err, "-respout file write DER encoded OCSP reponse to \"file\"\n"); - BIO_printf (bio_err, "-reqin file read DER encoded OCSP request from \"file\"\n"); - BIO_printf (bio_err, "-respin file read DER encoded OCSP reponse from \"file\"\n"); - BIO_printf (bio_err, "-nonce add OCSP nonce to request\n"); - BIO_printf (bio_err, "-no_nonce don't add OCSP nonce to request\n"); - BIO_printf (bio_err, "-url URL OCSP responder URL\n"); - BIO_printf (bio_err, "-host host:n send OCSP request to host on port n\n"); - BIO_printf (bio_err, "-path path to use in OCSP request\n"); - BIO_printf (bio_err, "-CApath dir trusted certificates directory\n"); - BIO_printf (bio_err, "-CAfile file trusted certificates file\n"); - BIO_printf (bio_err, "-trusted_first use locally trusted CA's first when building trust chain\n"); - BIO_printf (bio_err, "-VAfile file validator certificates file\n"); - BIO_printf (bio_err, "-validity_period n maximum validity discrepancy in seconds\n"); - BIO_printf (bio_err, "-status_age n maximum status age in seconds\n"); - BIO_printf (bio_err, "-noverify don't verify response at all\n"); - BIO_printf (bio_err, "-verify_other file additional certificates to search for signer\n"); - BIO_printf (bio_err, "-trust_other don't verify additional certificates\n"); - BIO_printf (bio_err, "-no_intern don't search certificates contained in response for signer\n"); - BIO_printf (bio_err, "-no_signature_verify don't check signature on response\n"); - BIO_printf (bio_err, "-no_cert_verify don't check signing certificate\n"); - BIO_printf (bio_err, "-no_chain don't chain verify response\n"); - BIO_printf (bio_err, "-no_cert_checks don't do additional checks on signing certificate\n"); - BIO_printf (bio_err, "-port num port to run responder on\n"); - BIO_printf (bio_err, "-index file certificate status index file\n"); - BIO_printf (bio_err, "-CA file CA certificate\n"); - BIO_printf (bio_err, "-rsigner file responder certificate to sign responses with\n"); - BIO_printf (bio_err, "-rkey file responder key to sign responses with\n"); - BIO_printf (bio_err, "-rother file other certificates to include in response\n"); - BIO_printf (bio_err, "-resp_no_certs don't include any certificates in response\n"); - BIO_printf (bio_err, "-nmin n number of minutes before next update\n"); - BIO_printf (bio_err, "-ndays n number of days before next update\n"); - BIO_printf (bio_err, "-resp_key_id identify reponse by signing certificate key ID\n"); - BIO_printf (bio_err, "-nrequest n number of requests to accept (default unlimited)\n"); - BIO_printf (bio_err, "-<dgst alg> use specified digest in the request\n"); + printhelp(ocsp_help); goto end; } @@ -981,7 +974,7 @@ end: if (tpath) OPENSSL_free(tpath); - OPENSSL_EXIT(ret); + return(ret); } static int add_ocsp_cert(OCSP_REQUEST **req, X509 *cert, const EVP_MD *cert_id_md,X509 *issuer, diff --git a/apps/openssl.c b/apps/openssl.c index 71e1e48ece..1921c503f6 100644 --- a/apps/openssl.c +++ b/apps/openssl.c @@ -113,7 +113,7 @@ #include <stdio.h> #include <string.h> #include <stdlib.h> -#define OPENSSL_C /* tells apps.h to use complete apps_startup() */ +#define APP_MAIN #include "apps.h" #include <openssl/bio.h> #include <openssl/crypto.h> @@ -127,13 +127,14 @@ #include <openssl/engine.h> #endif #define USE_SOCKETS /* needed for the _O_BINARY defs in the MS world */ -#include "progs.h" #include "s_apps.h" #include <openssl/err.h> #ifdef OPENSSL_FIPS #include <openssl/fips.h> #endif +DECLARE_LHASH_OF(FUNCTION); + /* The LHASH callbacks ("hash" & "cmp") have been replaced by functions with the * base prototypes (we cast each variable inside the function to the required * type of "FUNCTION*"). This removes the necessity for macro-generated wrapper @@ -146,11 +147,87 @@ static void list_cipher(BIO *out); static void list_md(BIO *out); char *default_config_file=NULL; -/* Make sure there is only one when MONOLITH is defined */ -#ifdef MONOLITH CONF *config=NULL; +BIO *bio_in=NULL; +BIO *bio_out=NULL; BIO *bio_err=NULL; + +void printhelp(const char** cpp) + { + for ( ; *cpp; cpp++) + BIO_printf(bio_err, "%s\n", *cpp); + } + +static void apps_startup() + { + do_pipe_sig(); + CRYPTO_malloc_init(); + ERR_load_crypto_strings(); + OpenSSL_add_all_algorithms(); +#ifndef OPENSSL_NO_ENGINE + /*ENGINE_load_builtin_engines(); + */ #endif + setup_ui_method(); + } + +static void apps_shutdown() + { + CONF_modules_unload(1); + destroy_ui_method(); + OBJ_cleanup(); + EVP_cleanup(); +#ifndef OPENSSL_NO_ENGINE + /*ENGINE_cleanup(); + */ +#endif + CRYPTO_cleanup_all_ex_data(); + ERR_remove_thread_state(NULL); + RAND_cleanup(); + ERR_free_strings(); + zlib_cleanup(); + } + +static char *make_config_name() + { + const char *t=X509_get_default_cert_area(); + size_t len; + char *p; + + len=strlen(t)+strlen(OPENSSL_CONF)+2; + p=OPENSSL_malloc(len); + if (p == NULL) + return NULL; + BUF_strlcpy(p,t,len); +#ifndef OPENSSL_SYS_VMS + BUF_strlcat(p,"/",len); +#endif + BUF_strlcat(p,OPENSSL_CONF,len); + + return p; + } + +static int load_config(BIO *err, CONF *cnf) + { + static int load_config_called = 0; + if (load_config_called) + return 1; + load_config_called = 1; + if (!cnf) + cnf = config; + if (!cnf) + return 1; + + OPENSSL_load_builtin_modules(); + + if (CONF_modules_load(cnf, NULL, 0) <= 0) + { + BIO_printf(err, "Error configuring OpenSSL\n"); + ERR_print_errors(err); + return 0; + } + return 1; + } static void lock_dbg_cb(int mode, int type, const char *file, int line) @@ -226,7 +303,7 @@ int main(int Argc, char *ARGV[]) { ARGS arg; #define PROG_NAME_SIZE 39 - char pname[PROG_NAME_SIZE+1]; + char *pname; FUNCTION f,*fp; MS_STATIC const char *prompt; MS_STATIC char buf[1024]; @@ -237,61 +314,9 @@ int main(int Argc, char *ARGV[]) LHASH_OF(FUNCTION) *prog=NULL; long errline; -#if defined( OPENSSL_SYS_VMS) && (__INITIAL_POINTER_SIZE == 64) - /* 2011-03-22 SMS. - * If we have 32-bit pointers everywhere, then we're safe, and - * we bypass this mess, as on non-VMS systems. (See ARGV, - * above.) - * Problem 1: Compaq/HP C before V7.3 always used 32-bit - * pointers for argv[]. - * Fix 1: For a 32-bit argv[], when we're using 64-bit pointers - * everywhere else, we always allocate and use a 64-bit - * duplicate of argv[]. - * Problem 2: Compaq/HP C V7.3 (Alpha, IA64) before ECO1 failed - * to NULL-terminate a 64-bit argv[]. (As this was written, the - * compiler ECO was available only on IA64.) - * Fix 2: Unless advised not to (VMS_TRUST_ARGV), we test a - * 64-bit argv[argc] for NULL, and, if necessary, use a - * (properly) NULL-terminated (64-bit) duplicate of argv[]. - * The same code is used in either case to duplicate argv[]. - * Some of these decisions could be handled in preprocessing, - * but the code tends to get even uglier, and the penalty for - * deciding at compile- or run-time is tiny. - */ - char **Argv = NULL; - int free_Argv = 0; - - if ((sizeof( _Argv) < 8) /* 32-bit argv[]. */ -# if !defined( VMS_TRUST_ARGV) - || (_Argv[ Argc] != NULL) /* Untrusted argv[argc] not NULL. */ -# endif - ) - { - int i; - Argv = OPENSSL_malloc( (Argc+ 1)* sizeof( char *)); - if (Argv == NULL) - { ret = -1; goto end; } - for(i = 0; i < Argc; i++) - Argv[i] = _Argv[i]; - Argv[ Argc] = NULL; /* Certain NULL termination. */ - free_Argv = 1; - } - else - { - /* Use the known-good 32-bit argv[] (which needs the - * type cast to satisfy the compiler), or the trusted or - * tested-good 64-bit argv[] as-is. */ - Argv = (char **)_Argv; - } -#endif /* defined( OPENSSL_SYS_VMS) && (__INITIAL_POINTER_SIZE == 64) */ - arg.data=NULL; arg.count=0; - if (bio_err == NULL) - if ((bio_err=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); - if (getenv("OPENSSL_DEBUG_MEMORY") != NULL) /* if not defined, use compiled-in library defaults */ { if (!(0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off"))) @@ -330,12 +355,22 @@ int main(int Argc, char *ARGV[]) apps_startup(); /* Lets load up our environment a little */ + bio_in = BIO_new_fp(stdin, BIO_NOCLOSE|BIO_FP_TEXT); + bio_out = BIO_new_fp(stdout, BIO_NOCLOSE|BIO_FP_TEXT); +#ifdef OPENSSL_SYS_VMS + bio_out = BIO_push(BIO_new(BIO_f_linebuffer()), out); +#endif + bio_err = BIO_new_fp(stderr, BIO_NOCLOSE|BIO_FP_TEXT); + p=getenv("OPENSSL_CONF"); if (p == NULL) p=getenv("SSLEAY_CONF"); if (p == NULL) p=to_free=make_config_name(); + if (!load_config(bio_err, NULL)) + goto end; + default_config_file=p; config=NCONF_new(NULL); @@ -360,10 +395,9 @@ int main(int Argc, char *ARGV[]) } prog=prog_init(); + pname = opt_progname(Argv[0]); /* first check the program name */ - program_name(Argv[0],pname,sizeof pname); - f.name=pname; fp=lh_FUNCTION_retrieve(prog,&f); if (fp != NULL) @@ -420,6 +454,7 @@ int main(int Argc, char *ARGV[]) } if (ret != 0) BIO_printf(bio_err,"error in %s\n",argv[0]); + (void)BIO_flush(bio_out); (void)BIO_flush(bio_err); } BIO_printf(bio_err,"bad exit\n"); @@ -437,20 +472,11 @@ end: apps_shutdown(); + BIO_free_all(bio_in); + BIO_free_all(bio_out); CRYPTO_mem_leaks(bio_err); - if (bio_err != NULL) - { - BIO_free(bio_err); - bio_err=NULL; - } -#if defined( OPENSSL_SYS_VMS) && (__INITIAL_POINTER_SIZE == 64) - /* Free any duplicate Argv[] storage. */ - if (free_Argv) - { - OPENSSL_free(Argv); - } -#endif - OPENSSL_EXIT(ret); + BIO_free(bio_err); + return(ret); } #define LIST_STANDARD_COMMANDS "list-standard-commands" @@ -464,7 +490,8 @@ end: static int do_cmd(LHASH_OF(FUNCTION) *prog, int argc, char *argv[]) { FUNCTION f,*fp; - int i,ret=1,tp,nl; + int i,ret=1,nl; + int tp; if ((argc <= 0) || (argv[0] == NULL)) { ret=0; goto end; } @@ -522,7 +549,7 @@ static int do_cmd(LHASH_OF(FUNCTION) *prog, int argc, char *argv[]) (strcmp(argv[0],LIST_CIPHER_ALGORITHMS) == 0) || (strcmp(argv[0],LIST_PUBLIC_KEY_ALGORITHMS) == 0)) { - int list_type; + int list_type = FUNC_TYPE_CIPHER; BIO *bio_stdout; if (strcmp(argv[0],LIST_STANDARD_COMMANDS) == 0) @@ -535,8 +562,6 @@ static int do_cmd(LHASH_OF(FUNCTION) *prog, int argc, char *argv[]) list_type = FUNC_TYPE_PKEY; else if (strcmp(argv[0],LIST_CIPHER_ALGORITHMS) == 0) list_type = FUNC_TYPE_CIPHER_ALG; - else /* strcmp(argv[0],LIST_CIPHER_COMMANDS) == 0 */ - list_type = FUNC_TYPE_CIPHER; bio_stdout = BIO_new_fp(stdout,BIO_NOCLOSE); #ifdef OPENSSL_SYS_VMS { @@ -571,7 +596,7 @@ static int do_cmd(LHASH_OF(FUNCTION) *prog, int argc, char *argv[]) argv[0]); BIO_printf(bio_err, "\nStandard commands"); i=0; - tp=0; + tp=FUNC_TYPE_NONE; for (fp=functions; fp->name != NULL; fp++) { nl=0; @@ -696,13 +721,13 @@ static void list_md(BIO *out) EVP_MD_do_all_sorted(list_md_fn, out); } -static int MS_CALLBACK function_cmp(const FUNCTION *a, const FUNCTION *b) +static int function_cmp(const FUNCTION *a, const FUNCTION *b) { return strncmp(a->name,b->name,8); } static IMPLEMENT_LHASH_COMP_FN(function, FUNCTION) -static unsigned long MS_CALLBACK function_hash(const FUNCTION *a) +static unsigned long function_hash(const FUNCTION *a) { return lh_strhash(a->name); } diff --git a/apps/passwd.c b/apps/passwd.c index 9ca25dd1da..7f7e4d1a7c 100644 --- a/apps/passwd.c +++ b/apps/passwd.c @@ -23,9 +23,6 @@ #endif -#undef PROG -#define PROG passwd_main - static unsigned const char cov_2char[64]={ /* from crypto/des/fcrypt.c */ @@ -43,21 +40,26 @@ static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p, char *passwd, BIO *out, int quiet, int table, int reverse, size_t pw_maxlen, int usecrypt, int use1, int useapr1); -/* -crypt - standard Unix password algorithm (default) - * -1 - MD5-based password algorithm - * -apr1 - MD5-based password algorithm, Apache variant - * -salt string - salt - * -in file - read passwords from file - * -stdin - read passwords from stdin - * -noverify - never verify when reading password from terminal - * -quiet - no warnings - * -table - format output as table - * -reverse - switch table columns - */ - -int MAIN(int, char **); +const char* passwd_help[] = { +#ifndef OPENSSL_NO_DES + "-crypt standard Unix password algorithm (default)", +#endif +#ifndef NO_MD5CRYPT_1 + "-1 MD5-based password algorithm", + "-apr1 MD5-based password algorithm, Apache variant", +#endif + "-salt string use provided salt", + "-in file read passwords from file", + "-stdin read passwords from stdin", + "-noverify never verify when reading password from terminal", + "-quiet no warnings", + "-table format output as table", + "-reverse switch table columns", + NULL -int MAIN(int argc, char **argv) +}; + +int passwd_main(int argc, char **argv) { int ret = 1; char *infile = NULL; @@ -73,24 +75,7 @@ int MAIN(int argc, char **argv) int usecrypt = 0, use1 = 0, useapr1 = 0; size_t pw_maxlen = 0; - apps_startup(); - - if (bio_err == NULL) - if ((bio_err=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); - - if (!load_config(bio_err, NULL)) - goto err; - out = BIO_new(BIO_s_file()); - if (out == NULL) - goto err; - BIO_set_fp(out, stdout, BIO_NOCLOSE | BIO_FP_TEXT); -#ifdef OPENSSL_SYS_VMS - { - BIO *tmpbio = BIO_new(BIO_f_linebuffer()); - out = BIO_push(tmpbio, out); - } -#endif + out = BIO_dup_chain(bio_out); badopt = 0, opt_done = 0; i = 0; @@ -166,44 +151,27 @@ int MAIN(int argc, char **argv) if (use1 || useapr1) badopt = 1; #endif + if (infile && in_stdin) + { + BIO_printf(bio_err, "Can't combine -in and -stdin\n"); + goto err; + } if (badopt) { BIO_printf(bio_err, "Usage: passwd [options] [passwords]\n"); BIO_printf(bio_err, "where options are\n"); -#ifndef OPENSSL_NO_DES - BIO_printf(bio_err, "-crypt standard Unix password algorithm (default)\n"); -#endif -#ifndef NO_MD5CRYPT_1 - BIO_printf(bio_err, "-1 MD5-based password algorithm\n"); - BIO_printf(bio_err, "-apr1 MD5-based password algorithm, Apache variant\n"); -#endif - BIO_printf(bio_err, "-salt string use provided salt\n"); - BIO_printf(bio_err, "-in file read passwords from file\n"); - BIO_printf(bio_err, "-stdin read passwords from stdin\n"); - BIO_printf(bio_err, "-noverify never verify when reading password from terminal\n"); - BIO_printf(bio_err, "-quiet no warnings\n"); - BIO_printf(bio_err, "-table format output as table\n"); - BIO_printf(bio_err, "-reverse switch table columns\n"); - + printhelp(passwd_help); goto err; } - if ((infile != NULL) || in_stdin) + if (infile == NULL) + in = BIO_new_fp(stdin, BIO_NOCLOSE); + else + in = BIO_new_file(infile, "r"); + if (in == NULL) { - in = BIO_new(BIO_s_file()); - if (in == NULL) - goto err; - if (infile != NULL) - { - assert(in_stdin == 0); - if (BIO_read_filename(in, infile) <= 0) - goto err; - } - else - { - assert(in_stdin); - BIO_set_fp(in, stdin, BIO_NOCLOSE); - } + ERR_print_errors(bio_err); + goto err; } if (usecrypt) @@ -291,8 +259,7 @@ err: BIO_free(in); if (out) BIO_free_all(out); - apps_shutdown(); - OPENSSL_EXIT(ret); + return(ret); } @@ -504,9 +471,9 @@ err: } #else -int MAIN(int argc, char **argv) +int passwd_main(int argc, char **argv) { fputs("Program not available.\n", stderr) - OPENSSL_EXIT(1); + return(1); } #endif diff --git a/apps/pkcs12.c b/apps/pkcs12.c index b54c6f84a4..f7e57fc13e 100644 --- a/apps/pkcs12.c +++ b/apps/pkcs12.c @@ -68,8 +68,6 @@ #include <openssl/pem.h> #include <openssl/pkcs12.h> -#define PROG pkcs12_main - const EVP_CIPHER *enc; @@ -90,9 +88,65 @@ int alg_print(BIO *x, X509_ALGOR *alg); int cert_load(BIO *in, STACK_OF(X509) *sk); static int set_pbe(BIO *err, int *ppbe, const char *str); -int MAIN(int, char **); +const char* pkcs12_help[] = { + "-export output PKCS12 file", + "-chain add certificate chain", + "-inkey file private key if not infile", + "-certfile f add all certs in f", + "-CApath arg PEM format directory of CA's", + "-CAfile arg PEM format file of CA's", + "-name name use name as friendly name", + "-caname name use name as CA friendly name (can be repeated)", + "-in infile input filename", + "-out outfile output filename", + "-noout don't output anything, just verify.", + "-nomacver don't verify MAC.", + "-nocerts don't output certificates.", + "-clcerts only output client certificates.", + "-cacerts only output CA certificates.", + "-nokeys don't output private keys.", + "-info give info about PKCS#12 structure.", + "-des encrypt private keys with DES", + "-des3 encrypt private keys with triple DES (default)", +#ifndef OPENSSL_NO_IDEA + "-idea encrypt private keys with idea", +#endif +#ifndef OPENSSL_NO_SEED + "-seed encrypt private keys with seed", +#endif +#ifndef OPENSSL_NO_AES + "-aes128, -aes192, -aes256", + " encrypt PEM output with cbc aes", +#endif +#ifndef OPENSSL_NO_CAMELLIA + "-camellia128, -camellia192, -camellia256", + " encrypt PEM output with cbc camellia", +#endif + "-nodes don't encrypt private keys", + "-noiter don't use encryption iteration", + "-nomaciter don't use MAC iteration", + "-maciter use MAC iteration", + "-nomac don't generate MAC", + "-twopass separate MAC, encryption passwords", + "-descert encrypt PKCS#12 certificates with 3DES (default RC2-40)", + "-certpbe alg specify certificate PBE algorithm (default RC2-40)", + "-keypbe alg specify private key PBE algorithm (default 3DES)", + "-macalg alg digest algorithm used in MAC (default SHA1)", + "-keyex set MS key exchange type", + "-keysig set MS key signature type", + "-password p set import/export password source", + "-passin p input file pass phrase source", + "-passout p output file pass phrase source", +#ifndef OPENSSL_NO_ENGINE + "-engine e use engine e, possibly a hardware device.", +#endif + "-rand file... load the file(s) into the random number generator", + "-CSP name Microsoft CSP name", + "-LMK Add local machine keyset attribute to private key", + NULL +}; -int MAIN(int argc, char **argv) +int pkcs12_main(int argc, char **argv) { ENGINE *e = NULL; char *infile=NULL, *outfile=NULL, *keyname = NULL; @@ -128,14 +182,8 @@ int MAIN(int argc, char **argv) char *engine=NULL; #endif - apps_startup(); enc = EVP_des_ede3_cbc(); - if (bio_err == NULL ) bio_err = BIO_new_fp (stderr, BIO_NOCLOSE); - - if (!load_config(bio_err, NULL)) - goto end; - args = argv + 1; @@ -277,62 +325,7 @@ int MAIN(int argc, char **argv) if (badarg) { BIO_printf (bio_err, "Usage: pkcs12 [options]\n"); BIO_printf (bio_err, "where options are\n"); - BIO_printf (bio_err, "-export output PKCS12 file\n"); - BIO_printf (bio_err, "-chain add certificate chain\n"); - BIO_printf (bio_err, "-inkey file private key if not infile\n"); - BIO_printf (bio_err, "-certfile f add all certs in f\n"); - BIO_printf (bio_err, "-CApath arg - PEM format directory of CA's\n"); - BIO_printf (bio_err, "-CAfile arg - PEM format file of CA's\n"); - BIO_printf (bio_err, "-name \"name\" use name as friendly name\n"); - BIO_printf (bio_err, "-caname \"nm\" use nm as CA friendly name (can be used more than once).\n"); - BIO_printf (bio_err, "-in infile input filename\n"); - BIO_printf (bio_err, "-out outfile output filename\n"); - BIO_printf (bio_err, "-noout don't output anything, just verify.\n"); - BIO_printf (bio_err, "-nomacver don't verify MAC.\n"); - BIO_printf (bio_err, "-nocerts don't output certificates.\n"); - BIO_printf (bio_err, "-clcerts only output client certificates.\n"); - BIO_printf (bio_err, "-cacerts only output CA certificates.\n"); - BIO_printf (bio_err, "-nokeys don't output private keys.\n"); - BIO_printf (bio_err, "-info give info about PKCS#12 structure.\n"); - BIO_printf (bio_err, "-des encrypt private keys with DES\n"); - BIO_printf (bio_err, "-des3 encrypt private keys with triple DES (default)\n"); -#ifndef OPENSSL_NO_IDEA - BIO_printf (bio_err, "-idea encrypt private keys with idea\n"); -#endif -#ifndef OPENSSL_NO_SEED - BIO_printf (bio_err, "-seed encrypt private keys with seed\n"); -#endif -#ifndef OPENSSL_NO_AES - BIO_printf (bio_err, "-aes128, -aes192, -aes256\n"); - BIO_printf (bio_err, " encrypt PEM output with cbc aes\n"); -#endif -#ifndef OPENSSL_NO_CAMELLIA - BIO_printf (bio_err, "-camellia128, -camellia192, -camellia256\n"); - BIO_printf (bio_err, " encrypt PEM output with cbc camellia\n"); -#endif - BIO_printf (bio_err, "-nodes don't encrypt private keys\n"); - BIO_printf (bio_err, "-noiter don't use encryption iteration\n"); - BIO_printf (bio_err, "-nomaciter don't use MAC iteration\n"); - BIO_printf (bio_err, "-maciter use MAC iteration\n"); - BIO_printf (bio_err, "-nomac don't generate MAC\n"); - BIO_printf (bio_err, "-twopass separate MAC, encryption passwords\n"); - BIO_printf (bio_err, "-descert encrypt PKCS#12 certificates with triple DES (default RC2-40)\n"); - BIO_printf (bio_err, "-certpbe alg specify certificate PBE algorithm (default RC2-40)\n"); - BIO_printf (bio_err, "-keypbe alg specify private key PBE algorithm (default 3DES)\n"); - BIO_printf (bio_err, "-macalg alg digest algorithm used in MAC (default SHA1)\n"); - BIO_printf (bio_err, "-keyex set MS key exchange type\n"); - BIO_printf (bio_err, "-keysig set MS key signature type\n"); - BIO_printf (bio_err, "-password p set import/export password source\n"); - BIO_printf (bio_err, "-passin p input file pass phrase source\n"); - BIO_printf (bio_err, "-passout p output file pass phrase source\n"); -#ifndef OPENSSL_NO_ENGINE - BIO_printf (bio_err, "-engine e use engine e, possibly a hardware device.\n"); -#endif - BIO_printf(bio_err, "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); - BIO_printf(bio_err, " load the file (or the files in the directory) into\n"); - BIO_printf(bio_err, " the random number generator\n"); - BIO_printf(bio_err, "-CSP name Microsoft CSP name\n"); - BIO_printf(bio_err, "-LMK Add local machine keyset attribute to private key\n"); + printhelp(pkcs12_help); goto end; } @@ -369,7 +362,6 @@ int MAIN(int argc, char **argv) BIO_printf(bio_err,"%ld semi-random bytes loaded\n", app_RAND_load_files(inrand)); } - ERR_load_crypto_strings(); #ifdef CRYPTO_MDEBUG CRYPTO_push_info("read files"); @@ -690,8 +682,7 @@ int MAIN(int argc, char **argv) if (canames) sk_OPENSSL_STRING_free(canames); if(passin) OPENSSL_free(passin); if(passout) OPENSSL_free(passout); - apps_shutdown(); - OPENSSL_EXIT(ret); + return(ret); } int dump_certs_keys_p12 (BIO *out, PKCS12 *p12, char *pass, diff --git a/apps/pkcs7.c b/apps/pkcs7.c index ae6cd33f73..ccaa9851fd 100644 --- a/apps/pkcs7.c +++ b/apps/pkcs7.c @@ -68,19 +68,22 @@ #include <openssl/pkcs7.h> #include <openssl/pem.h> -#undef PROG -#define PROG pkcs7_main -/* -inform arg - input format - default PEM (DER or PEM) - * -outform arg - output format - default PEM - * -in arg - input file - default stdin - * -out arg - output file - default stdout - * -print_certs - */ - -int MAIN(int, char **); +const char* pkcs7_help[] = { + "-inform arg input format - DER or PEM", + "-outform arg output format - DER or PEM", + "-in arg input file", + "-out arg output file", + "-print_certs print any certs or crl in the input", + "-text print full details of certificates", + "-noout don't output encoded data", +#ifndef OPENSSL_NO_ENGINE + "-engine e use engine e, possibly a hardware device", +#endif + NULL +}; -int MAIN(int argc, char **argv) +int pkcs7_main(int argc, char **argv) { PKCS7 *p7=NULL; int i,badops=0; @@ -93,15 +96,6 @@ int MAIN(int argc, char **argv) char *engine=NULL; #endif - apps_startup(); - - if (bio_err == NULL) - if ((bio_err=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); - - if (!load_config(bio_err, NULL)) - goto end; - infile=NULL; outfile=NULL; informat=FORMAT_PEM; @@ -162,55 +156,29 @@ int MAIN(int argc, char **argv) bad: BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog); BIO_printf(bio_err,"where options are\n"); - BIO_printf(bio_err," -inform arg input format - DER or PEM\n"); - BIO_printf(bio_err," -outform arg output format - DER or PEM\n"); - BIO_printf(bio_err," -in arg input file\n"); - BIO_printf(bio_err," -out arg output file\n"); - BIO_printf(bio_err," -print_certs print any certs or crl in the input\n"); - BIO_printf(bio_err," -text print full details of certificates\n"); - BIO_printf(bio_err," -noout don't output encoded data\n"); -#ifndef OPENSSL_NO_ENGINE - BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n"); -#endif + printhelp(pkcs7_help); ret = 1; goto end; } - ERR_load_crypto_strings(); - #ifndef OPENSSL_NO_ENGINE setup_engine(bio_err, engine, 0); #endif - in=BIO_new(BIO_s_file()); - out=BIO_new(BIO_s_file()); - if ((in == NULL) || (out == NULL)) - { - ERR_print_errors(bio_err); - goto end; - } - if (infile == NULL) - BIO_set_fp(in,stdin,BIO_NOCLOSE); + in = BIO_new_fp(stdin, BIO_NOCLOSE); else + in = BIO_new_file(infile, RB(informat)); + if (in == NULL) { - if (BIO_read_filename(in,infile) <= 0) - if (in == NULL) - { - perror(infile); - goto end; - } + ERR_print_errors(bio_err); + goto end; } if (informat == FORMAT_ASN1) p7=d2i_PKCS7_bio(in,NULL); - else if (informat == FORMAT_PEM) - p7=PEM_read_bio_PKCS7(in,NULL,NULL,NULL); else - { - BIO_printf(bio_err,"bad input format specified for pkcs7 object\n"); - goto end; - } + p7=PEM_read_bio_PKCS7(in,NULL,NULL,NULL); if (p7 == NULL) { BIO_printf(bio_err,"unable to load PKCS7 object\n"); @@ -219,22 +187,13 @@ bad: } if (outfile == NULL) - { - BIO_set_fp(out,stdout,BIO_NOCLOSE); -#ifdef OPENSSL_SYS_VMS - { - BIO *tmpbio = BIO_new(BIO_f_linebuffer()); - out = BIO_push(tmpbio, out); - } -#endif - } + out = BIO_dup_chain(bio_out); else + out = BIO_new_file(outfile, WB(outformat)); + if (out == NULL) { - if (BIO_write_filename(out,outfile) <= 0) - { - perror(outfile); - goto end; - } + ERR_print_errors(bio_err); + goto end; } if (p7_print) @@ -296,12 +255,8 @@ bad: if(!noout) { if (outformat == FORMAT_ASN1) i=i2d_PKCS7_bio(out,p7); - else if (outformat == FORMAT_PEM) + else i=PEM_write_bio_PKCS7(out,p7); - else { - BIO_printf(bio_err,"bad output format specified for outfile\n"); - goto end; - } if (!i) { @@ -315,6 +270,5 @@ end: if (p7 != NULL) PKCS7_free(p7); if (in != NULL) BIO_free(in); if (out != NULL) BIO_free_all(out); - apps_shutdown(); - OPENSSL_EXIT(ret); + return(ret); } diff --git a/apps/pkcs8.c b/apps/pkcs8.c index 73873d2c9d..6ab9cada94 100644 --- a/apps/pkcs8.c +++ b/apps/pkcs8.c @@ -64,11 +64,30 @@ #include <openssl/evp.h> #include <openssl/pkcs12.h> -#define PROG pkcs8_main +const char* pkcs8_help[] = { + "-in file input file", + "-inform X input format (DER or PEM)", + "-passin arg input file pass phrase source", + "-outform X output format (DER or PEM)", + "-out file output file", + "-passout arg output file pass phrase source", + "-topk8 output PKCS8 file", + "-nooct use (nonstandard) no octet format", + "-embed use (nonstandard) embedded DSA parameters format", + "-nsdb use (nonstandard) DSA Netscape DB format", + "-iter count use count as iteration count", + "-noiter use 1 as iteration count", + "-nocrypt use or expect unencrypted private key", + "-v2 alg use PKCS#5 v2.0 and cipher ", + "-v1 obj use PKCS#5 v1.5 and cipher ", +#ifndef OPENSSL_NO_ENGINE + " -engine e use engine e, possibly a hardware device.", +#endif + NULL +}; -int MAIN(int, char **); -int MAIN(int argc, char **argv) +int pkcs8_main(int argc, char **argv) { ENGINE *e = NULL; char **args, *infile = NULL, *outfile = NULL; @@ -91,16 +110,9 @@ int MAIN(int argc, char **argv) char *engine=NULL; #endif - if (bio_err == NULL) bio_err = BIO_new_fp (stderr, BIO_NOCLOSE); - - if (!load_config(bio_err, NULL)) - goto end; - informat=FORMAT_PEM; outformat=FORMAT_PEM; - ERR_load_crypto_strings(); - OpenSSL_add_all_algorithms(); args = argv + 1; while (!badarg && *args && *args[0] == '-') { @@ -237,24 +249,7 @@ int MAIN(int argc, char **argv) { BIO_printf(bio_err, "Usage pkcs8 [options]\n"); BIO_printf(bio_err, "where options are\n"); - BIO_printf(bio_err, "-in file input file\n"); - BIO_printf(bio_err, "-inform X input format (DER or PEM)\n"); - BIO_printf(bio_err, "-passin arg input file pass phrase source\n"); - BIO_printf(bio_err, "-outform X output format (DER or PEM)\n"); - BIO_printf(bio_err, "-out file output file\n"); - BIO_printf(bio_err, "-passout arg output file pass phrase source\n"); - BIO_printf(bio_err, "-topk8 output PKCS8 file\n"); - BIO_printf(bio_err, "-nooct use (nonstandard) no octet format\n"); - BIO_printf(bio_err, "-embed use (nonstandard) embedded DSA parameters format\n"); - BIO_printf(bio_err, "-nsdb use (nonstandard) DSA Netscape DB format\n"); - BIO_printf(bio_err, "-iter count use count as iteration count\n"); - BIO_printf(bio_err, "-noiter use 1 as iteration count\n"); - BIO_printf(bio_err, "-nocrypt use or expect unencrypted private key\n"); - BIO_printf(bio_err, "-v2 alg use PKCS#5 v2.0 and cipher \"alg\"\n"); - BIO_printf(bio_err, "-v1 obj use PKCS#5 v1.5 and cipher \"alg\"\n"); -#ifndef OPENSSL_NO_ENGINE - BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n"); -#endif + printhelp(pkcs8_help); goto end; } diff --git a/apps/pkey.c b/apps/pkey.c index 17e6702fb1..10715906bf 100644 --- a/apps/pkey.c +++ b/apps/pkey.c @@ -62,11 +62,21 @@ #include <openssl/err.h> #include <openssl/evp.h> -#define PROG pkey_main +const char* pkey_help[] = { + "-in file input file", + "-inform X input format (DER or PEM)", + "-passin arg input file pass phrase source", + "-outform X output format (DER or PEM)", + "-out file output file", + "-passout arg output file pass phrase source", +#ifndef OPENSSL_NO_ENGINE + "-engine e use engine e, possibly a hardware device.", +#endif + NULL +}; -int MAIN(int, char **); -int MAIN(int argc, char **argv) +int pkey_main(int argc, char **argv) { ENGINE *e = NULL; char **args, *infile = NULL, *outfile = NULL; @@ -83,17 +93,9 @@ int MAIN(int argc, char **argv) #endif int ret = 1; - if (bio_err == NULL) - bio_err = BIO_new_fp (stderr, BIO_NOCLOSE); - - if (!load_config(bio_err, NULL)) - goto end; - informat=FORMAT_PEM; outformat=FORMAT_PEM; - ERR_load_crypto_strings(); - OpenSSL_add_all_algorithms(); args = argv + 1; while (!badarg && *args && *args[0] == '-') { @@ -185,15 +187,7 @@ int MAIN(int argc, char **argv) bad: BIO_printf(bio_err, "Usage pkey [options]\n"); BIO_printf(bio_err, "where options are\n"); - BIO_printf(bio_err, "-in file input file\n"); - BIO_printf(bio_err, "-inform X input format (DER or PEM)\n"); - BIO_printf(bio_err, "-passin arg input file pass phrase source\n"); - BIO_printf(bio_err, "-outform X output format (DER or PEM)\n"); - BIO_printf(bio_err, "-out file output file\n"); - BIO_printf(bio_err, "-passout arg output file pass phrase source\n"); -#ifndef OPENSSL_NO_ENGINE - BIO_printf(bio_err, "-engine e use engine e, possibly a hardware device.\n"); -#endif + printhelp(pkey_help); return 1; } diff --git a/apps/pkeyparam.c b/apps/pkeyparam.c index 6f7a357a36..10cbbc7ec0 100644 --- a/apps/pkeyparam.c +++ b/apps/pkeyparam.c @@ -62,11 +62,18 @@ #include <openssl/err.h> #include <openssl/evp.h> -#define PROG pkeyparam_main - -int MAIN(int, char **); +const char* pkeyparam_help[] = { + "-in file input file", + "-out file output file", + "-text print parameters as text", + "-noout don't output encoded parameters", +#ifndef OPENSSL_NO_ENGINE + "-engine e use engine e, possibly a hardware device.", +#endif + NULL +}; -int MAIN(int argc, char **argv) +int pkeyparam_main(int argc, char **argv) { char **args, *infile = NULL, *outfile = NULL; BIO *in = NULL, *out = NULL; @@ -78,14 +85,6 @@ int MAIN(int argc, char **argv) #endif int ret = 1; - if (bio_err == NULL) - bio_err = BIO_new_fp (stderr, BIO_NOCLOSE); - - if (!load_config(bio_err, NULL)) - goto end; - - ERR_load_crypto_strings(); - OpenSSL_add_all_algorithms(); args = argv + 1; while (!badarg && *args && *args[0] == '-') { @@ -110,8 +109,12 @@ int MAIN(int argc, char **argv) #ifndef OPENSSL_NO_ENGINE else if (strcmp(*args,"-engine") == 0) { - if (!args[1]) goto bad; - engine= *(++args); + if (args[1]) + { + args++; + engine = *args; + } + else badarg = 1; } #endif @@ -124,18 +127,9 @@ int MAIN(int argc, char **argv) if (badarg) { -#ifndef OPENSSL_NO_ENGINE - bad: -#endif BIO_printf(bio_err, "Usage pkeyparam [options]\n"); BIO_printf(bio_err, "where options are\n"); - BIO_printf(bio_err, "-in file input file\n"); - BIO_printf(bio_err, "-out file output file\n"); - BIO_printf(bio_err, "-text print parameters as text\n"); - BIO_printf(bio_err, "-noout don't output encoded parameters\n"); -#ifndef OPENSSL_NO_ENGINE - BIO_printf(bio_err, "-engine e use engine e, possibly a hardware device.\n"); -#endif + printhelp(pkeyparam_help); return 1; } diff --git a/apps/pkeyutl.c b/apps/pkeyutl.c index 7eb3f5c544..bffbfa208d 100644 --- a/apps/pkeyutl.c +++ b/apps/pkeyutl.c @@ -68,9 +68,6 @@ static void usage(void); -#undef PROG - -#define PROG pkeyutl_main static EVP_PKEY_CTX *init_ctx(int *pkeysize, char *keyfile, int keyform, int key_type, @@ -83,9 +80,30 @@ static int do_keyop(EVP_PKEY_CTX *ctx, int pkey_op, unsigned char *out, size_t *poutlen, unsigned char *in, size_t inlen); -int MAIN(int argc, char **); +const char* pkeyutl_help[] = { + "-in file input file", + "-out file output file", + "-sigfile file signature file (verify operation only)", + "-inkey file input key", + "-keyform arg private key format - default PEM", + "-pubin input is a public key", + "-certin input is a certificate carrying a public key", + "-pkeyopt X:Y public key options", + "-sign sign with private key", + "-verify verify with public key", + "-verifyrecover verify with public key, recover original data", + "-encrypt encrypt with public key", + "-decrypt decrypt with private key", + "-derive derive shared secret", + "-hexdump hex dump output", +#ifndef OPENSSL_NO_ENGINE + "-engine e use engine e, possibly a hardware device.", +#endif + "-passin arg pass phrase source", + NULL +}; -int MAIN(int argc, char **argv) +int pkeyutl_main(int argc, char **argv) { BIO *in = NULL, *out = NULL; char *infile = NULL, *outfile = NULL, *sigfile = NULL; @@ -107,13 +125,6 @@ int MAIN(int argc, char **argv) argc--; argv++; - if(!bio_err) bio_err = BIO_new_fp(stderr, BIO_NOCLOSE); - - if (!load_config(bio_err, NULL)) - goto end; - ERR_load_crypto_strings(); - OpenSSL_add_all_algorithms(); - while(argc >= 1) { if (!strcmp(*argv,"-in")) @@ -388,26 +399,7 @@ int MAIN(int argc, char **argv) static void usage() { BIO_printf(bio_err, "Usage: pkeyutl [options]\n"); - BIO_printf(bio_err, "-in file input file\n"); - BIO_printf(bio_err, "-out file output file\n"); - BIO_printf(bio_err, "-sigfile file signature file (verify operation only)\n"); - BIO_printf(bio_err, "-inkey file input key\n"); - BIO_printf(bio_err, "-keyform arg private key format - default PEM\n"); - BIO_printf(bio_err, "-pubin input is a public key\n"); - BIO_printf(bio_err, "-certin input is a certificate carrying a public key\n"); - BIO_printf(bio_err, "-pkeyopt X:Y public key options\n"); - BIO_printf(bio_err, "-sign sign with private key\n"); - BIO_printf(bio_err, "-verify verify with public key\n"); - BIO_printf(bio_err, "-verifyrecover verify with public key, recover original data\n"); - BIO_printf(bio_err, "-encrypt encrypt with public key\n"); - BIO_printf(bio_err, "-decrypt decrypt with private key\n"); - BIO_printf(bio_err, "-derive derive shared secret\n"); - BIO_printf(bio_err, "-hexdump hex dump output\n"); -#ifndef OPENSSL_NO_ENGINE - BIO_printf(bio_err, "-engine e use engine e, possibly a hardware device.\n"); -#endif - BIO_printf(bio_err, "-passin arg pass phrase source\n"); - + printhelp(pkeyutl_help); } static EVP_PKEY_CTX *init_ctx(int *pkeysize, diff --git a/apps/prime.c b/apps/prime.c index f1aaef8725..40ed944635 100644 --- a/apps/prime.c +++ b/apps/prime.c @@ -52,13 +52,17 @@ #include "apps.h" #include <openssl/bn.h> +const char* prime_help[] = { + "-bits n size of number in bits", + "-hex hex", + "-checks n number of checks", + "-generate generate a prime", + "-safe when used with -generate, generate a safe prime", + NULL +}; -#undef PROG -#define PROG prime_main -int MAIN(int, char **); - -int MAIN(int argc, char **argv) +int prime_main(int argc, char **argv) { int hex=0; int checks=20; @@ -66,13 +70,8 @@ int MAIN(int argc, char **argv) int bits=0; int safe=0; BIGNUM *bn=NULL; - BIO *bio_out; - - apps_startup(); + BIO *out; - if (bio_err == NULL) - if ((bio_err=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); --argc; ++argv; @@ -109,16 +108,7 @@ int MAIN(int argc, char **argv) goto bad; } - if ((bio_out=BIO_new(BIO_s_file())) != NULL) - { - BIO_set_fp(bio_out,stdout,BIO_NOCLOSE); -#ifdef OPENSSL_SYS_VMS - { - BIO *tmpbio = BIO_new(BIO_f_linebuffer()); - bio_out = BIO_push(tmpbio, bio_out); - } -#endif - } + out = BIO_dup_chain(bio_out); if(generate) { @@ -132,7 +122,7 @@ int MAIN(int argc, char **argv) bn=BN_new(); BN_generate_prime_ex(bn,bits,safe,NULL,NULL,NULL); s=hex ? BN_bn2hex(bn) : BN_bn2dec(bn); - BIO_printf(bio_out,"%s\n",s); + BIO_printf(out,"%s\n",s); OPENSSL_free(s); } else @@ -142,19 +132,18 @@ int MAIN(int argc, char **argv) else BN_dec2bn(&bn,argv[0]); - BN_print(bio_out,bn); - BIO_printf(bio_out," is %sprime\n", + BN_print(out,bn); + BIO_printf(out," is %sprime\n", BN_is_prime_ex(bn,checks,NULL,NULL) ? "" : "not "); } BN_free(bn); - BIO_free_all(bio_out); + BIO_free_all(out); return 0; bad: BIO_printf(bio_err,"options are\n"); - BIO_printf(bio_err,"%-14s hex\n","-hex"); - BIO_printf(bio_err,"%-14s number of checks\n","-checks <n>"); + printhelp(prime_help); return 1; } diff --git a/apps/progs.h b/apps/progs.h index d79b974ad1..6dedd3574d 100644 --- a/apps/progs.h +++ b/apps/progs.h @@ -1,366 +1,433 @@ /* apps/progs.h */ /* automatically generated by progs.pl for openssl.c */ +#define FUNC_TYPE_NONE 0 +#define FUNC_TYPE_GENERAL 1 +#define FUNC_TYPE_MD 2 +#define FUNC_TYPE_CIPHER 3 +#define FUNC_TYPE_PKEY 4 +#define FUNC_TYPE_MD_ALG 5 +#define FUNC_TYPE_CIPHER_ALG 6 + +typedef struct { + int type; + const char *name; + int (*func)(int argc,char *argv[]); + const char **help; + } FUNCTION; + +#ifndef APP_MAIN +extern FUNCTION functions[]; +#endif extern int verify_main(int argc,char *argv[]); +extern const char *verify_help[]; extern int asn1parse_main(int argc,char *argv[]); +extern const char *asn1parse_help[]; extern int req_main(int argc,char *argv[]); +extern const char *req_help[]; extern int dgst_main(int argc,char *argv[]); +extern const char *dgst_help[]; extern int dh_main(int argc,char *argv[]); +extern const char *dh_help[]; extern int dhparam_main(int argc,char *argv[]); +extern const char *dhparam_help[]; extern int enc_main(int argc,char *argv[]); +extern const char *enc_help[]; extern int passwd_main(int argc,char *argv[]); +extern const char *passwd_help[]; extern int gendh_main(int argc,char *argv[]); +extern const char *gendh_help[]; extern int errstr_main(int argc,char *argv[]); +extern const char *errstr_help[]; extern int ca_main(int argc,char *argv[]); +extern const char *ca_help[]; extern int crl_main(int argc,char *argv[]); +extern const char *crl_help[]; extern int rsa_main(int argc,char *argv[]); +extern const char *rsa_help[]; extern int rsautl_main(int argc,char *argv[]); +extern const char *rsautl_help[]; extern int dsa_main(int argc,char *argv[]); +extern const char *dsa_help[]; extern int dsaparam_main(int argc,char *argv[]); +extern const char *dsaparam_help[]; extern int ec_main(int argc,char *argv[]); +extern const char *ec_help[]; extern int ecparam_main(int argc,char *argv[]); +extern const char *ecparam_help[]; extern int x509_main(int argc,char *argv[]); +extern const char *x509_help[]; extern int genrsa_main(int argc,char *argv[]); +extern const char *genrsa_help[]; extern int gendsa_main(int argc,char *argv[]); +extern const char *gendsa_help[]; extern int genpkey_main(int argc,char *argv[]); +extern const char *genpkey_help[]; extern int s_server_main(int argc,char *argv[]); +extern const char *s_server_help[]; extern int s_client_main(int argc,char *argv[]); +extern const char *s_client_help[]; extern int speed_main(int argc,char *argv[]); +extern const char *speed_help[]; extern int s_time_main(int argc,char *argv[]); +extern const char *s_time_help[]; extern int version_main(int argc,char *argv[]); +extern const char *version_help[]; extern int pkcs7_main(int argc,char *argv[]); +extern const char *pkcs7_help[]; extern int cms_main(int argc,char *argv[]); +extern const char *cms_help[]; extern int crl2pkcs7_main(int argc,char *argv[]); +extern const char *crl2pkcs7_help[]; extern int sess_id_main(int argc,char *argv[]); +extern const char *sess_id_help[]; extern int ciphers_main(int argc,char *argv[]); +extern const char *ciphers_help[]; extern int nseq_main(int argc,char *argv[]); +extern const char *nseq_help[]; extern int pkcs12_main(int argc,char *argv[]); +extern const char *pkcs12_help[]; extern int pkcs8_main(int argc,char *argv[]); +extern const char *pkcs8_help[]; extern int pkey_main(int argc,char *argv[]); +extern const char *pkey_help[]; extern int pkeyparam_main(int argc,char *argv[]); +extern const char *pkeyparam_help[]; extern int pkeyutl_main(int argc,char *argv[]); +extern const char *pkeyutl_help[]; extern int spkac_main(int argc,char *argv[]); +extern const char *spkac_help[]; extern int smime_main(int argc,char *argv[]); +extern const char *smime_help[]; extern int rand_main(int argc,char *argv[]); +extern const char *rand_help[]; extern int engine_main(int argc,char *argv[]); +extern const char *engine_help[]; extern int ocsp_main(int argc,char *argv[]); +extern const char *ocsp_help[]; extern int prime_main(int argc,char *argv[]); +extern const char *prime_help[]; extern int ts_main(int argc,char *argv[]); +extern const char *ts_help[]; extern int srp_main(int argc,char *argv[]); +extern const char *srp_help[]; -#define FUNC_TYPE_GENERAL 1 -#define FUNC_TYPE_MD 2 -#define FUNC_TYPE_CIPHER 3 -#define FUNC_TYPE_PKEY 4 -#define FUNC_TYPE_MD_ALG 5 -#define FUNC_TYPE_CIPHER_ALG 6 - -typedef struct { - int type; - const char *name; - int (*func)(int argc,char *argv[]); - } FUNCTION; -DECLARE_LHASH_OF(FUNCTION); - +#ifdef APP_MAIN FUNCTION functions[] = { - {FUNC_TYPE_GENERAL,"verify",verify_main}, - {FUNC_TYPE_GENERAL,"asn1parse",asn1parse_main}, - {FUNC_TYPE_GENERAL,"req",req_main}, - {FUNC_TYPE_GENERAL,"dgst",dgst_main}, + { FUNC_TYPE_GENERAL, "verify", verify_main, verify_help }, + { FUNC_TYPE_GENERAL, "asn1parse", asn1parse_main, asn1parse_help }, + { FUNC_TYPE_GENERAL, "req", req_main, req_help }, + { FUNC_TYPE_GENERAL, "dgst", dgst_main, dgst_help }, #ifndef OPENSSL_NO_DH - {FUNC_TYPE_GENERAL,"dh",dh_main}, + { FUNC_TYPE_GENERAL, "dh", dh_main, dh_help }, #endif #ifndef OPENSSL_NO_DH - {FUNC_TYPE_GENERAL,"dhparam",dhparam_main}, + { FUNC_TYPE_GENERAL, "dhparam", dhparam_main, dhparam_help }, #endif - {FUNC_TYPE_GENERAL,"enc",enc_main}, - {FUNC_TYPE_GENERAL,"passwd",passwd_main}, + { FUNC_TYPE_GENERAL, "enc", enc_main, enc_help }, + { FUNC_TYPE_GENERAL, "passwd", passwd_main, passwd_help }, #ifndef OPENSSL_NO_DH - {FUNC_TYPE_GENERAL,"gendh",gendh_main}, + { FUNC_TYPE_GENERAL, "gendh", gendh_main, gendh_help }, #endif - {FUNC_TYPE_GENERAL,"errstr",errstr_main}, - {FUNC_TYPE_GENERAL,"ca",ca_main}, - {FUNC_TYPE_GENERAL,"crl",crl_main}, + { FUNC_TYPE_GENERAL, "errstr", errstr_main, errstr_help }, + { FUNC_TYPE_GENERAL, "ca", ca_main, ca_help }, + { FUNC_TYPE_GENERAL, "crl", crl_main, crl_help }, #ifndef OPENSSL_NO_RSA - {FUNC_TYPE_GENERAL,"rsa",rsa_main}, + { FUNC_TYPE_GENERAL, "rsa", rsa_main, rsa_help }, #endif #ifndef OPENSSL_NO_RSA - {FUNC_TYPE_GENERAL,"rsautl",rsautl_main}, + { FUNC_TYPE_GENERAL, "rsautl", rsautl_main, rsautl_help }, #endif #ifndef OPENSSL_NO_DSA - {FUNC_TYPE_GENERAL,"dsa",dsa_main}, + { FUNC_TYPE_GENERAL, "dsa", dsa_main, dsa_help }, #endif #ifndef OPENSSL_NO_DSA - {FUNC_TYPE_GENERAL,"dsaparam",dsaparam_main}, + { FUNC_TYPE_GENERAL, "dsaparam", dsaparam_main, dsaparam_help }, #endif #ifndef OPENSSL_NO_EC - {FUNC_TYPE_GENERAL,"ec",ec_main}, + { FUNC_TYPE_GENERAL, "ec", ec_main, ec_help }, #endif #ifndef OPENSSL_NO_EC - {FUNC_TYPE_GENERAL,"ecparam",ecparam_main}, + { FUNC_TYPE_GENERAL, "ecparam", ecparam_main, ecparam_help }, #endif - {FUNC_TYPE_GENERAL,"x509",x509_main}, + { FUNC_TYPE_GENERAL, "x509", x509_main, x509_help }, #ifndef OPENSSL_NO_RSA - {FUNC_TYPE_GENERAL,"genrsa",genrsa_main}, + { FUNC_TYPE_GENERAL, "genrsa", genrsa_main, genrsa_help }, #endif #ifndef OPENSSL_NO_DSA - {FUNC_TYPE_GENERAL,"gendsa",gendsa_main}, + { FUNC_TYPE_GENERAL, "gendsa", gendsa_main, gendsa_help }, #endif - {FUNC_TYPE_GENERAL,"genpkey",genpkey_main}, + { FUNC_TYPE_GENERAL, "genpkey", genpkey_main, genpkey_help }, #if !defined(OPENSSL_NO_SOCK) - {FUNC_TYPE_GENERAL,"s_server",s_server_main}, + { FUNC_TYPE_GENERAL, "s_server", s_server_main, s_server_help }, #endif #if !defined(OPENSSL_NO_SOCK) - {FUNC_TYPE_GENERAL,"s_client",s_client_main}, + { FUNC_TYPE_GENERAL, "s_client", s_client_main, s_client_help }, #endif #ifndef OPENSSL_NO_SPEED - {FUNC_TYPE_GENERAL,"speed",speed_main}, + { FUNC_TYPE_GENERAL, "speed", speed_main, speed_help }, #endif #if !defined(OPENSSL_NO_SOCK) - {FUNC_TYPE_GENERAL,"s_time",s_time_main}, + { FUNC_TYPE_GENERAL, "s_time", s_time_main, s_time_help }, #endif - {FUNC_TYPE_GENERAL,"version",version_main}, - {FUNC_TYPE_GENERAL,"pkcs7",pkcs7_main}, + { FUNC_TYPE_GENERAL, "version", version_main, version_help }, + { FUNC_TYPE_GENERAL, "pkcs7", pkcs7_main, pkcs7_help }, #ifndef OPENSSL_NO_CMS - {FUNC_TYPE_GENERAL,"cms",cms_main}, + { FUNC_TYPE_GENERAL, "cms", cms_main, cms_help }, #endif - {FUNC_TYPE_GENERAL,"crl2pkcs7",crl2pkcs7_main}, - {FUNC_TYPE_GENERAL,"sess_id",sess_id_main}, + { FUNC_TYPE_GENERAL, "crl2pkcs7", crl2pkcs7_main, crl2pkcs7_help }, + { FUNC_TYPE_GENERAL, "sess_id", sess_id_main, sess_id_help }, #if !defined(OPENSSL_NO_SOCK) - {FUNC_TYPE_GENERAL,"ciphers",ciphers_main}, + { FUNC_TYPE_GENERAL, "ciphers", ciphers_main, ciphers_help }, #endif - {FUNC_TYPE_GENERAL,"nseq",nseq_main}, + { FUNC_TYPE_GENERAL, "nseq", nseq_main, nseq_help }, #if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_SHA1) - {FUNC_TYPE_GENERAL,"pkcs12",pkcs12_main}, -#endif - {FUNC_TYPE_GENERAL,"pkcs8",pkcs8_main}, - {FUNC_TYPE_GENERAL,"pkey",pkey_main}, - {FUNC_TYPE_GENERAL,"pkeyparam",pkeyparam_main}, - {FUNC_TYPE_GENERAL,"pkeyutl",pkeyutl_main}, - {FUNC_TYPE_GENERAL,"spkac",spkac_main}, - {FUNC_TYPE_GENERAL,"smime",smime_main}, - {FUNC_TYPE_GENERAL,"rand",rand_main}, + { FUNC_TYPE_GENERAL, "pkcs12", pkcs12_main, pkcs12_help }, +#endif + { FUNC_TYPE_GENERAL, "pkcs8", pkcs8_main, pkcs8_help }, + { FUNC_TYPE_GENERAL, "pkey", pkey_main, pkey_help }, + { FUNC_TYPE_GENERAL, "pkeyparam", pkeyparam_main, pkeyparam_help }, + { FUNC_TYPE_GENERAL, "pkeyutl", pkeyutl_main, pkeyutl_help }, + { FUNC_TYPE_GENERAL, "spkac", spkac_main, spkac_help }, + { FUNC_TYPE_GENERAL, "smime", smime_main, smime_help }, + { FUNC_TYPE_GENERAL, "rand", rand_main, rand_help }, #ifndef OPENSSL_NO_ENGINE - {FUNC_TYPE_GENERAL,"engine",engine_main}, + { FUNC_TYPE_GENERAL, "engine", engine_main, engine_help }, #endif #ifndef OPENSSL_NO_OCSP - {FUNC_TYPE_GENERAL,"ocsp",ocsp_main}, + { FUNC_TYPE_GENERAL, "ocsp", ocsp_main, ocsp_help }, #endif - {FUNC_TYPE_GENERAL,"prime",prime_main}, - {FUNC_TYPE_GENERAL,"ts",ts_main}, + { FUNC_TYPE_GENERAL, "prime", prime_main, prime_help }, + { FUNC_TYPE_GENERAL, "ts", ts_main, ts_help }, #ifndef OPENSSL_NO_SRP - {FUNC_TYPE_GENERAL,"srp",srp_main}, + { FUNC_TYPE_GENERAL, "srp", srp_main, srp_help }, #endif #ifndef OPENSSL_NO_MD2 - {FUNC_TYPE_MD,"md2",dgst_main}, + { FUNC_TYPE_MD, "md2", dgst_main, dgst_help }, #endif #ifndef OPENSSL_NO_MD4 - {FUNC_TYPE_MD,"md4",dgst_main}, + { FUNC_TYPE_MD, "md4", dgst_main, dgst_help }, #endif #ifndef OPENSSL_NO_MD5 - {FUNC_TYPE_MD,"md5",dgst_main}, + { FUNC_TYPE_MD, "md5", dgst_main, dgst_help }, +#endif +#ifndef OPENSSL_NO_MD_GHOST94 + { FUNC_TYPE_MD, "md_ghost94", dgst_main, dgst_help }, #endif #ifndef OPENSSL_NO_SHA - {FUNC_TYPE_MD,"sha",dgst_main}, + { FUNC_TYPE_MD, "sha", dgst_main, dgst_help }, #endif #ifndef OPENSSL_NO_SHA1 - {FUNC_TYPE_MD,"sha1",dgst_main}, + { FUNC_TYPE_MD, "sha1", dgst_main, dgst_help }, +#endif +#ifndef OPENSSL_NO_SHA224 + { FUNC_TYPE_MD, "sha224", dgst_main, dgst_help }, +#endif +#ifndef OPENSSL_NO_SHA256 + { FUNC_TYPE_MD, "sha256", dgst_main, dgst_help }, +#endif +#ifndef OPENSSL_NO_SHA384 + { FUNC_TYPE_MD, "sha384", dgst_main, dgst_help }, +#endif +#ifndef OPENSSL_NO_SHA512 + { FUNC_TYPE_MD, "sha512", dgst_main, dgst_help }, #endif #ifndef OPENSSL_NO_MDC2 - {FUNC_TYPE_MD,"mdc2",dgst_main}, + { FUNC_TYPE_MD, "mdc2", dgst_main, dgst_help }, #endif #ifndef OPENSSL_NO_RMD160 - {FUNC_TYPE_MD,"rmd160",dgst_main}, + { FUNC_TYPE_MD, "rmd160", dgst_main, dgst_help }, #endif #ifndef OPENSSL_NO_AES - {FUNC_TYPE_CIPHER,"aes-128-cbc",enc_main}, + { FUNC_TYPE_CIPHER, "aes-128-cbc", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_AES - {FUNC_TYPE_CIPHER,"aes-128-ecb",enc_main}, + { FUNC_TYPE_CIPHER, "aes-128-ecb", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_AES - {FUNC_TYPE_CIPHER,"aes-192-cbc",enc_main}, + { FUNC_TYPE_CIPHER, "aes-192-cbc", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_AES - {FUNC_TYPE_CIPHER,"aes-192-ecb",enc_main}, + { FUNC_TYPE_CIPHER, "aes-192-ecb", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_AES - {FUNC_TYPE_CIPHER,"aes-256-cbc",enc_main}, + { FUNC_TYPE_CIPHER, "aes-256-cbc", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_AES - {FUNC_TYPE_CIPHER,"aes-256-ecb",enc_main}, + { FUNC_TYPE_CIPHER, "aes-256-ecb", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_CAMELLIA - {FUNC_TYPE_CIPHER,"camellia-128-cbc",enc_main}, + { FUNC_TYPE_CIPHER, "camellia-128-cbc", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_CAMELLIA - {FUNC_TYPE_CIPHER,"camellia-128-ecb",enc_main}, + { FUNC_TYPE_CIPHER, "camellia-128-ecb", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_CAMELLIA - {FUNC_TYPE_CIPHER,"camellia-192-cbc",enc_main}, + { FUNC_TYPE_CIPHER, "camellia-192-cbc", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_CAMELLIA - {FUNC_TYPE_CIPHER,"camellia-192-ecb",enc_main}, + { FUNC_TYPE_CIPHER, "camellia-192-ecb", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_CAMELLIA - {FUNC_TYPE_CIPHER,"camellia-256-cbc",enc_main}, + { FUNC_TYPE_CIPHER, "camellia-256-cbc", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_CAMELLIA - {FUNC_TYPE_CIPHER,"camellia-256-ecb",enc_main}, + { FUNC_TYPE_CIPHER, "camellia-256-ecb", enc_main, enc_help }, #endif - {FUNC_TYPE_CIPHER,"base64",enc_main}, + { FUNC_TYPE_CIPHER, "base64", enc_main, enc_help }, #ifdef ZLIB - {FUNC_TYPE_CIPHER,"zlib",enc_main}, + { FUNC_TYPE_CIPHER, "zlib", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_DES - {FUNC_TYPE_CIPHER,"des",enc_main}, + { FUNC_TYPE_CIPHER, "des", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_DES - {FUNC_TYPE_CIPHER,"des3",enc_main}, + { FUNC_TYPE_CIPHER, "des3", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_DES - {FUNC_TYPE_CIPHER,"desx",enc_main}, + { FUNC_TYPE_CIPHER, "desx", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_IDEA - {FUNC_TYPE_CIPHER,"idea",enc_main}, + { FUNC_TYPE_CIPHER, "idea", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_SEED - {FUNC_TYPE_CIPHER,"seed",enc_main}, + { FUNC_TYPE_CIPHER, "seed", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_RC4 - {FUNC_TYPE_CIPHER,"rc4",enc_main}, + { FUNC_TYPE_CIPHER, "rc4", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_RC4 - {FUNC_TYPE_CIPHER,"rc4-40",enc_main}, + { FUNC_TYPE_CIPHER, "rc4-40", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_RC2 - {FUNC_TYPE_CIPHER,"rc2",enc_main}, + { FUNC_TYPE_CIPHER, "rc2", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_BF - {FUNC_TYPE_CIPHER,"bf",enc_main}, + { FUNC_TYPE_CIPHER, "bf", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_CAST - {FUNC_TYPE_CIPHER,"cast",enc_main}, + { FUNC_TYPE_CIPHER, "cast", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_RC5 - {FUNC_TYPE_CIPHER,"rc5",enc_main}, + { FUNC_TYPE_CIPHER, "rc5", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_DES - {FUNC_TYPE_CIPHER,"des-ecb",enc_main}, + { FUNC_TYPE_CIPHER, "des-ecb", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_DES - {FUNC_TYPE_CIPHER,"des-ede",enc_main}, + { FUNC_TYPE_CIPHER, "des-ede", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_DES - {FUNC_TYPE_CIPHER,"des-ede3",enc_main}, + { FUNC_TYPE_CIPHER, "des-ede3", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_DES - {FUNC_TYPE_CIPHER,"des-cbc",enc_main}, + { FUNC_TYPE_CIPHER, "des-cbc", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_DES - {FUNC_TYPE_CIPHER,"des-ede-cbc",enc_main}, + { FUNC_TYPE_CIPHER, "des-ede-cbc", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_DES - {FUNC_TYPE_CIPHER,"des-ede3-cbc",enc_main}, + { FUNC_TYPE_CIPHER, "des-ede3-cbc", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_DES - {FUNC_TYPE_CIPHER,"des-cfb",enc_main}, + { FUNC_TYPE_CIPHER, "des-cfb", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_DES - {FUNC_TYPE_CIPHER,"des-ede-cfb",enc_main}, + { FUNC_TYPE_CIPHER, "des-ede-cfb", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_DES - {FUNC_TYPE_CIPHER,"des-ede3-cfb",enc_main}, + { FUNC_TYPE_CIPHER, "des-ede3-cfb", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_DES - {FUNC_TYPE_CIPHER,"des-ofb",enc_main}, + { FUNC_TYPE_CIPHER, "des-ofb", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_DES - {FUNC_TYPE_CIPHER,"des-ede-ofb",enc_main}, + { FUNC_TYPE_CIPHER, "des-ede-ofb", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_DES - {FUNC_TYPE_CIPHER,"des-ede3-ofb",enc_main}, + { FUNC_TYPE_CIPHER, "des-ede3-ofb", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_IDEA - {FUNC_TYPE_CIPHER,"idea-cbc",enc_main}, + { FUNC_TYPE_CIPHER, "idea-cbc", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_IDEA - {FUNC_TYPE_CIPHER,"idea-ecb",enc_main}, + { FUNC_TYPE_CIPHER, "idea-ecb", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_IDEA - {FUNC_TYPE_CIPHER,"idea-cfb",enc_main}, + { FUNC_TYPE_CIPHER, "idea-cfb", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_IDEA - {FUNC_TYPE_CIPHER,"idea-ofb",enc_main}, + { FUNC_TYPE_CIPHER, "idea-ofb", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_SEED - {FUNC_TYPE_CIPHER,"seed-cbc",enc_main}, + { FUNC_TYPE_CIPHER, "seed-cbc", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_SEED - {FUNC_TYPE_CIPHER,"seed-ecb",enc_main}, + { FUNC_TYPE_CIPHER, "seed-ecb", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_SEED - {FUNC_TYPE_CIPHER,"seed-cfb",enc_main}, + { FUNC_TYPE_CIPHER, "seed-cfb", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_SEED - {FUNC_TYPE_CIPHER,"seed-ofb",enc_main}, + { FUNC_TYPE_CIPHER, "seed-ofb", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_RC2 - {FUNC_TYPE_CIPHER,"rc2-cbc",enc_main}, + { FUNC_TYPE_CIPHER, "rc2-cbc", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_RC2 - {FUNC_TYPE_CIPHER,"rc2-ecb",enc_main}, + { FUNC_TYPE_CIPHER, "rc2-ecb", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_RC2 - {FUNC_TYPE_CIPHER,"rc2-cfb",enc_main}, + { FUNC_TYPE_CIPHER, "rc2-cfb", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_RC2 - {FUNC_TYPE_CIPHER,"rc2-ofb",enc_main}, + { FUNC_TYPE_CIPHER, "rc2-ofb", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_RC2 - {FUNC_TYPE_CIPHER,"rc2-64-cbc",enc_main}, + { FUNC_TYPE_CIPHER, "rc2-64-cbc", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_RC2 - {FUNC_TYPE_CIPHER,"rc2-40-cbc",enc_main}, + { FUNC_TYPE_CIPHER, "rc2-40-cbc", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_BF - {FUNC_TYPE_CIPHER,"bf-cbc",enc_main}, + { FUNC_TYPE_CIPHER, "bf-cbc", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_BF - {FUNC_TYPE_CIPHER,"bf-ecb",enc_main}, + { FUNC_TYPE_CIPHER, "bf-ecb", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_BF - {FUNC_TYPE_CIPHER,"bf-cfb",enc_main}, + { FUNC_TYPE_CIPHER, "bf-cfb", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_BF - {FUNC_TYPE_CIPHER,"bf-ofb",enc_main}, + { FUNC_TYPE_CIPHER, "bf-ofb", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_CAST - {FUNC_TYPE_CIPHER,"cast5-cbc",enc_main}, + { FUNC_TYPE_CIPHER, "cast5-cbc", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_CAST - {FUNC_TYPE_CIPHER,"cast5-ecb",enc_main}, + { FUNC_TYPE_CIPHER, "cast5-ecb", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_CAST - {FUNC_TYPE_CIPHER,"cast5-cfb",enc_main}, + { FUNC_TYPE_CIPHER, "cast5-cfb", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_CAST - {FUNC_TYPE_CIPHER,"cast5-ofb",enc_main}, + { FUNC_TYPE_CIPHER, "cast5-ofb", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_CAST - {FUNC_TYPE_CIPHER,"cast-cbc",enc_main}, + { FUNC_TYPE_CIPHER, "cast-cbc", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_RC5 - {FUNC_TYPE_CIPHER,"rc5-cbc",enc_main}, + { FUNC_TYPE_CIPHER, "rc5-cbc", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_RC5 - {FUNC_TYPE_CIPHER,"rc5-ecb",enc_main}, + { FUNC_TYPE_CIPHER, "rc5-ecb", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_RC5 - {FUNC_TYPE_CIPHER,"rc5-cfb",enc_main}, + { FUNC_TYPE_CIPHER, "rc5-cfb", enc_main, enc_help }, #endif #ifndef OPENSSL_NO_RC5 - {FUNC_TYPE_CIPHER,"rc5-ofb",enc_main}, + { FUNC_TYPE_CIPHER, "rc5-ofb", enc_main, enc_help }, #endif - {0,NULL,NULL} + {0,NULL} }; +#endif diff --git a/apps/progs.pl b/apps/progs.pl index fa6258cf5e..501316a9a9 100644 --- a/apps/progs.pl +++ b/apps/progs.pl @@ -1,15 +1,11 @@ #!/usr/local/bin/perl - -print "/* apps/progs.h */\n"; -print "/* automatically generated by progs.pl for openssl.c */\n\n"; - -grep(s/^asn1pars$/asn1parse/,@ARGV); - -foreach (@ARGV) - { printf "extern int %s_main(int argc,char *argv[]);\n",$_; } +# Generate progs.h file from list of "programs" passed on the command line. print <<'EOF'; +/* apps/progs.h */ +/* automatically generated by progs.pl for openssl.c */ +#define FUNC_TYPE_NONE 0 #define FUNC_TYPE_GENERAL 1 #define FUNC_TYPE_MD 2 #define FUNC_TYPE_CIPHER 3 @@ -21,47 +17,60 @@ typedef struct { int type; const char *name; int (*func)(int argc,char *argv[]); + const char **help; } FUNCTION; -DECLARE_LHASH_OF(FUNCTION); -FUNCTION functions[] = { +#ifndef APP_MAIN +extern FUNCTION functions[]; +#endif EOF -foreach (@ARGV) - { - push(@files,$_); - $str="\t{FUNC_TYPE_GENERAL,\"$_\",${_}_main},\n"; - if (($_ =~ /^s_/) || ($_ =~ /^ciphers$/)) - { print "#if !defined(OPENSSL_NO_SOCK)\n${str}#endif\n"; } - elsif ( ($_ =~ /^speed$/)) - { print "#ifndef OPENSSL_NO_SPEED\n${str}#endif\n"; } - elsif ( ($_ =~ /^engine$/)) - { print "#ifndef OPENSSL_NO_ENGINE\n${str}#endif\n"; } - elsif ( ($_ =~ /^rsa$/) || ($_ =~ /^genrsa$/) || ($_ =~ /^rsautl$/)) - { print "#ifndef OPENSSL_NO_RSA\n${str}#endif\n"; } - elsif ( ($_ =~ /^dsa$/) || ($_ =~ /^gendsa$/) || ($_ =~ /^dsaparam$/)) - { print "#ifndef OPENSSL_NO_DSA\n${str}#endif\n"; } - elsif ( ($_ =~ /^ec$/) || ($_ =~ /^ecparam$/)) - { print "#ifndef OPENSSL_NO_EC\n${str}#endif\n";} - elsif ( ($_ =~ /^dh$/) || ($_ =~ /^gendh$/) || ($_ =~ /^dhparam$/)) - { print "#ifndef OPENSSL_NO_DH\n${str}#endif\n"; } - elsif ( ($_ =~ /^pkcs12$/)) - { print "#if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_SHA1)\n${str}#endif\n"; } - elsif ( ($_ =~ /^cms$/)) - { print "#ifndef OPENSSL_NO_CMS\n${str}#endif\n"; } - elsif ( ($_ =~ /^ocsp$/)) - { print "#ifndef OPENSSL_NO_OCSP\n${str}#endif\n"; } - elsif ( ($_ =~ /^srp$/)) - { print "#ifndef OPENSSL_NO_SRP\n${str}#endif\n"; } - else - { print $str; } - } +grep(s/^asn1pars$/asn1parse/, @ARGV); +foreach (@ARGV) { + printf "extern int %s_main(int argc,char *argv[]);\n", $_; + printf "extern const char *%s_help[];\n", $_; +} -foreach ("md2","md4","md5","sha","sha1","mdc2","rmd160") - { - push(@files,$_); - printf "#ifndef OPENSSL_NO_".uc($_)."\n\t{FUNC_TYPE_MD,\"".$_."\",dgst_main},\n#endif\n"; +printf "\n#ifdef APP_MAIN\n"; +printf "FUNCTION functions[] = {\n"; +foreach (@ARGV) { + $str="\t{ FUNC_TYPE_GENERAL, \"$_\", ${_}_main, ${_}_help },\n"; + if (/^s_/ || /^ciphers$/) { + print "#if !defined(OPENSSL_NO_SOCK)\n${str}#endif\n"; + } elsif (/^speed$/) { + print "#ifndef OPENSSL_NO_SPEED\n${str}#endif\n"; + } elsif (/^engine$/) { + print "#ifndef OPENSSL_NO_ENGINE\n${str}#endif\n"; + } elsif (/^rsa$/ || /^genrsa$/ || /^rsautl$/) { + print "#ifndef OPENSSL_NO_RSA\n${str}#endif\n"; + } elsif (/^dsa$/ || /^gendsa$/ || /^dsaparam$/) { + print "#ifndef OPENSSL_NO_DSA\n${str}#endif\n"; + } elsif (/^ec$/ || /^ecparam$/) { + print "#ifndef OPENSSL_NO_EC\n${str}#endif\n"; + } elsif (/^dh$/ || /^gendh$/ || /^dhparam$/) { + print "#ifndef OPENSSL_NO_DH\n${str}#endif\n"; + } elsif (/^pkcs12$/) { + print "#if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_SHA1)\n${str}#endif\n"; + } elsif (/^cms$/) { + print "#ifndef OPENSSL_NO_CMS\n${str}#endif\n"; + } elsif (/^ocsp$/) { + print "#ifndef OPENSSL_NO_OCSP\n${str}#endif\n"; + } elsif (/^srp$/) { + print "#ifndef OPENSSL_NO_SRP\n${str}#endif\n"; + } else { + print $str; } +} + +foreach ( + "md2", "md4", "md5", + "md_ghost94", + "sha", "sha1", "sha224", "sha256", "sha384", "sha512", + "mdc2", "rmd160" +) { + $str="\t{ FUNC_TYPE_MD, \"$_\", dgst_main, dgst_help },\n"; + printf "#ifndef OPENSSL_NO_".uc($_)."\n${str}#endif\n"; +} foreach ( "aes-128-cbc", "aes-128-ecb", @@ -82,23 +91,35 @@ foreach ( "rc2-cbc", "rc2-ecb", "rc2-cfb","rc2-ofb", "rc2-64-cbc", "rc2-40-cbc", "bf-cbc", "bf-ecb", "bf-cfb", "bf-ofb", "cast5-cbc","cast5-ecb", "cast5-cfb","cast5-ofb", - "cast-cbc", "rc5-cbc", "rc5-ecb", "rc5-cfb", "rc5-ofb") - { - push(@files,$_); - - $t=sprintf("\t{FUNC_TYPE_CIPHER,\"%s\",enc_main},\n",$_); - if ($_ =~ /des/) { $t="#ifndef OPENSSL_NO_DES\n${t}#endif\n"; } - elsif ($_ =~ /aes/) { $t="#ifndef OPENSSL_NO_AES\n${t}#endif\n"; } - elsif ($_ =~ /camellia/) { $t="#ifndef OPENSSL_NO_CAMELLIA\n${t}#endif\n"; } - elsif ($_ =~ /idea/) { $t="#ifndef OPENSSL_NO_IDEA\n${t}#endif\n"; } - elsif ($_ =~ /seed/) { $t="#ifndef OPENSSL_NO_SEED\n${t}#endif\n"; } - elsif ($_ =~ /rc4/) { $t="#ifndef OPENSSL_NO_RC4\n${t}#endif\n"; } - elsif ($_ =~ /rc2/) { $t="#ifndef OPENSSL_NO_RC2\n${t}#endif\n"; } - elsif ($_ =~ /bf/) { $t="#ifndef OPENSSL_NO_BF\n${t}#endif\n"; } - elsif ($_ =~ /cast/) { $t="#ifndef OPENSSL_NO_CAST\n${t}#endif\n"; } - elsif ($_ =~ /rc5/) { $t="#ifndef OPENSSL_NO_RC5\n${t}#endif\n"; } - elsif ($_ =~ /zlib/) { $t="#ifdef ZLIB\n${t}#endif\n"; } - print $t; + "cast-cbc", "rc5-cbc", "rc5-ecb", "rc5-cfb", "rc5-ofb" +) { + $str="\t{ FUNC_TYPE_CIPHER, \"$_\", enc_main, enc_help },\n"; + if (/des/) { + printf "#ifndef OPENSSL_NO_DES\n${str}#endif\n"; + } elsif (/aes/) { + printf "#ifndef OPENSSL_NO_AES\n${str}#endif\n"; + } elsif (/camellia/) { + printf "#ifndef OPENSSL_NO_CAMELLIA\n${str}#endif\n"; + } elsif (/idea/) { + printf "#ifndef OPENSSL_NO_IDEA\n${str}#endif\n"; + } elsif (/seed/) { + printf "#ifndef OPENSSL_NO_SEED\n${str}#endif\n"; + } elsif (/rc4/) { + printf "#ifndef OPENSSL_NO_RC4\n${str}#endif\n"; + } elsif (/rc2/) { + printf "#ifndef OPENSSL_NO_RC2\n${str}#endif\n"; + } elsif (/bf/) { + printf "#ifndef OPENSSL_NO_BF\n${str}#endif\n"; + } elsif (/cast/) { + printf "#ifndef OPENSSL_NO_CAST\n${str}#endif\n"; + } elsif (/rc5/) { + printf "#ifndef OPENSSL_NO_RC5\n${str}#endif\n"; + } elsif (/zlib/) { + printf "#ifdef ZLIB\n${str}#endif\n"; + } else { + print $str; } +} -print "\t{0,NULL,NULL}\n\t};\n"; +print "\t{0,NULL}\n\t};\n"; +printf "#endif\n"; diff --git a/apps/rand.c b/apps/rand.c index 790e79592c..ad8381ad14 100644 --- a/apps/rand.c +++ b/apps/rand.c @@ -63,19 +63,20 @@ #include <openssl/err.h> #include <openssl/rand.h> -#undef PROG -#define PROG rand_main - -/* -out file - write to file - * -rand file:file - PRNG seed files - * -base64 - base64 encode output - * -hex - hex encode output - * num - write 'num' bytes - */ -int MAIN(int, char **); +const char *rand_help[] = { + "-out file write to file", + "-rand file... seed PRNG from files", + "-base64 base64 encode output", + "-hex hex encode output", +#ifndef OPENSSL_NO_ENGINE + "-engine e use engine e, possibly a hardware device.", +#endif + NULL +}; -int MAIN(int argc, char **argv) + +int rand_main(int argc, char **argv) { int i, r, ret = 1; int badopt; @@ -89,14 +90,6 @@ int MAIN(int argc, char **argv) char *engine=NULL; #endif - apps_startup(); - - if (bio_err == NULL) - if ((bio_err = BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err, stderr, BIO_NOCLOSE|BIO_FP_TEXT); - - if (!load_config(bio_err, NULL)) - goto err; badopt = 0; i = 0; @@ -164,13 +157,7 @@ int MAIN(int argc, char **argv) { BIO_printf(bio_err, "Usage: rand [options] num\n"); BIO_printf(bio_err, "where options are\n"); - BIO_printf(bio_err, "-out file - write to file\n"); -#ifndef OPENSSL_NO_ENGINE - BIO_printf(bio_err, "-engine e - use engine e, possibly a hardware device.\n"); -#endif - BIO_printf(bio_err, "-rand file%cfile%c... - seed PRNG from files\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); - BIO_printf(bio_err, "-base64 - base64 encode output\n"); - BIO_printf(bio_err, "-hex - hex encode output\n"); + printhelp(rand_help); goto err; } @@ -183,23 +170,15 @@ int MAIN(int argc, char **argv) BIO_printf(bio_err,"%ld semi-random bytes loaded\n", app_RAND_load_files(inrand)); - out = BIO_new(BIO_s_file()); - if (out == NULL) - goto err; - if (outfile != NULL) - r = BIO_write_filename(out, outfile); + if (outfile == NULL) + out = BIO_dup_chain(bio_out); else + out = BIO_new_file(outfile, "w"); + if (out == NULL) { - r = BIO_set_fp(out, stdout, BIO_NOCLOSE | BIO_FP_TEXT); -#ifdef OPENSSL_SYS_VMS - { - BIO *tmpbio = BIO_new(BIO_f_linebuffer()); - out = BIO_push(tmpbio, out); - } -#endif - } - if (r <= 0) + ERR_print_errors(bio_err); goto err; + } if (base64) { @@ -237,9 +216,7 @@ int MAIN(int argc, char **argv) ret = 0; err: - ERR_print_errors(bio_err); if (out) BIO_free_all(out); - apps_shutdown(); - OPENSSL_EXIT(ret); + return(ret); } diff --git a/apps/req.c b/apps/req.c index 6a19144931..1824abbe12 100644 --- a/apps/req.c +++ b/apps/req.c @@ -102,28 +102,105 @@ #define DEFAULT_KEY_LENGTH 512 #define MIN_KEY_LENGTH 384 -#undef PROG -#define PROG req_main - -/* -inform arg - input format - default PEM (DER or PEM) - * -outform arg - output format - default PEM - * -in arg - input file - default stdin - * -out arg - output file - default stdout - * -verify - check request signature - * -noout - don't print stuff out. - * -text - print out human readable text. - * -nodes - no des encryption - * -config file - Load configuration file. - * -key file - make a request using key in file (or use it for verification). - * -keyform arg - key file format. - * -rand file(s) - load the file(s) into the PRNG. - * -newkey - make a key and a request. - * -modulus - print RSA modulus. - * -pubkey - output Public Key. - * -x509 - output a self signed X509 structure instead. - * -asn1-kludge - output new certificate request in a format that some CA's - * require. This format is wrong - */ +const char *req_help[] = { + "-inform arg input format - DER or PEM", + "-outform arg output format - DER or PEM", + "-in arg input file", + "-out arg output file", + "-text text form of request", + "-pubkey output public key", + "-noout do not output REQ", + "-verify verify signature on REQ", + "-modulus RSA modulus", + "-nodes don't encrypt the output key", +#ifndef OPENSSL_NO_ENGINE + "-engine e use engine e, possibly a hardware device", +#endif + "-subject output the request's subject", + "-passin private key password source", + "-key file use the private key contained in file", + "-keyform arg key file format", + "-keyout arg file to send the key to", + /* XXX rsalz; has LIST_SEP_CHAR */ + "-rand file... load the file(s) into the random number generator", + "-newkey rsa:bits generate a new RSA key of 'bits' in size", + "-newkey dsa:file generate a new DSA key, parameters taken from CA in 'file'", +#ifndef OPENSSL_NO_ECDSA + "-newkey ec:file generate a new EC key, parameters taken from CA in 'file'", +#endif + "-[digest] Digest to sign with (md5, sha1, md2, mdc2, md4)", + "-config file request template file.", + "-subj arg set or modify request subject", + "-multivalue-rdn enable support for multivalued RDNs", + "-new new request.", + "-batch do not ask anything during request generation", + "-x509 output a x509 structure instead of a cert. req.", + "-days number of days a certificate generated by -x509 is valid for.", + "-set_serial serial number to use for a certificate generated by -x509.", + "-newhdr output \"NEW\" in the header lines", + "-asn1-kludge Output the 'request' in a format that is wrong but some CA's", + " have been reported as requiring", + "-extensions .. specify certificate extension section (override value in config file)", + "-reqexts .. specify request extension section (override value in config file)", + "-utf8 input characters are UTF8 (default ASCII)", + "-nameopt arg - various certificate name options", + "-reqopt arg - various request text options", + NULL +}; +enum options { + OPT_ERR = -1, OPT_EOF = 0, + OPT_INFORM, OPT_OUTFORM, OPT_ENGINE, OPT_KEYGEN_ENGINE, OPT_KEY, + OPT_PUBKEY, OPT_NEW, OPT_CONFIG, OPT_KEYFORM, OPT_IN, OPT_OUT, + OPT_KEYOUT, OPT_PASSIN, OPT_PASSOUT, OPT_RAND, OPT_NEWKEY, + OPT_PKEYOPT, OPT_SIGOPT, OPT_BATCH, OPT_NEWHDR, OPT_MODULUS, + OPT_VERIFY, OPT_NODES, OPT_NOOUT, OPT_VERBOSE, OPT_UTF8, + OPT_NAMEOPT, OPT_REQOPT, OPT_SUBJECT, OPT_TEXT, OPT_X509, + OPT_ASN1_KLUDGE, OPT_NO_ASN1_KLUDGE, OPT_MULTIVALUE_RDN, + OPT_DAYS, OPT_SET_SERIAL, OPT_EXTENSIONS, OPT_REQEXTS, OPT_MD +}; + +static OPTIONS options[] = { + { "inform", OPT_INFORM, 'F' }, + { "outform", OPT_OUTFORM, 'F' }, + { "engine", OPT_ENGINE, 's' }, + { "keygen_engine", OPT_KEYGEN_ENGINE, 's' }, + { "key", OPT_KEY, '<' }, + { "pubkey", OPT_PUBKEY, '-' }, + { "new", OPT_NEW, '-' }, + { "config", OPT_CONFIG, '<' }, + { "keyform", OPT_KEYFORM, 'F' }, + { "in", OPT_IN, '<' }, + { "out", OPT_OUT, '>' }, + { "keyout", OPT_KEYOUT, '>' }, + { "passin", OPT_PASSIN, 's' }, + { "passout", OPT_PASSOUT, 's' }, + { "rand", OPT_RAND, 's' }, + { "newkey", OPT_NEWKEY, 's' }, + { "pkeyopt", OPT_PKEYOPT, 's' }, + { "sigopt", OPT_SIGOPT, 's' }, + { "batch", OPT_BATCH, '-' }, + { "newhdr", OPT_NEWHDR, '-' }, + { "modulus", OPT_MODULUS, '-' }, + { "verify", OPT_VERIFY, '-' }, + { "nodes", OPT_NODES, '-' }, + { "noout", OPT_NOOUT, '-' }, + { "verbose", OPT_VERBOSE, '-' }, + { "utf8", OPT_UTF8, '-' }, + { "nameopt", OPT_NAMEOPT, 's' }, + { "reqopt", OPT_REQOPT, 's' }, + { "text", OPT_TEXT, '-' }, + { "x509", OPT_X509, '-' }, + { "asn1-kludge", OPT_ASN1_KLUDGE, '-' }, + { "no-asn1-kludge", OPT_NO_ASN1_KLUDGE, '-' }, + { "subject", OPT_SUBJECT, 's' }, + { "multivalue-rdn", OPT_MULTIVALUE_RDN, '-' }, + { "days", OPT_DAYS, 'p' }, + { "set-serial", OPT_SET_SERIAL, 'p' }, + { "extensions", OPT_EXTENSIONS, 's' }, + { "reqexts", OPT_REQEXTS, 's' }, + { "", OPT_MD, '-' }, + { NULL } +}; static int make_REQ(X509_REQ *req,EVP_PKEY *pkey,char *dn,int mutlirdn, int attribs,unsigned long chtype); @@ -147,15 +224,10 @@ static int check_end(const char *str, const char *end); static EVP_PKEY_CTX *set_keygen_ctx(BIO *err, const char *gstr, int *pkey_type, long *pkeylen, char **palgnam, ENGINE *keygen_engine); -#ifndef MONOLITH -static char *default_config_file=NULL; -#endif static CONF *req_conf=NULL; static int batch=0; -int MAIN(int, char **); - -int MAIN(int argc, char **argv) +int req_main(int argc, char **argv) { ENGINE *e = NULL, *gen_eng = NULL; unsigned long nmflag = 0, reqflag = 0; @@ -172,7 +244,7 @@ int MAIN(int argc, char **argv) BIO *in=NULL,*out=NULL; int informat,outformat,verify=0,noout=0,text=0,keyform=FORMAT_PEM; int nodes=0,kludge=0,newhdr=0,subject=0,pubkey=0; - char *infile,*outfile,*prog,*keyfile=NULL,*template=NULL,*keyout=NULL; + char *infile,*outfile,*keyfile=NULL,*template=NULL,*keyout=NULL; #ifndef OPENSSL_NO_ENGINE char *engine=NULL; #endif @@ -189,285 +261,182 @@ int MAIN(int argc, char **argv) int multirdn = 0; const EVP_MD *md_alg=NULL,*digest=NULL; unsigned long chtype = MBSTRING_ASC; -#ifndef MONOLITH - char *to_free; - long errline; -#endif req_conf = NULL; #ifndef OPENSSL_NO_DES cipher=EVP_des_ede3_cbc(); #endif - apps_startup(); - - if (bio_err == NULL) - if ((bio_err=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); infile=NULL; outfile=NULL; informat=FORMAT_PEM; outformat=FORMAT_PEM; - prog=argv[0]; - argc--; - argv++; - while (argc >= 1) - { - if (strcmp(*argv,"-inform") == 0) - { - if (--argc < 1) goto bad; - informat=str2fmt(*(++argv)); - } - else if (strcmp(*argv,"-outform") == 0) - { - if (--argc < 1) goto bad; - outformat=str2fmt(*(++argv)); - } + opt_init(argc, argv, options); + while ((i = opt_next()) != 0) { + switch (i) { + default: + BIO_printf(bio_err,"Unhandled flag %d\n", i); + case OPT_ERR: + BIO_printf(bio_err,"Valid options are:\n"); + printhelp(req_help); + goto end; + case OPT_INFORM: + opt_format(opt_arg(), 1, &informat); + break; + case OPT_OUTFORM: + opt_format(opt_arg(), 1, &outformat); + break; #ifndef OPENSSL_NO_ENGINE - else if (strcmp(*argv,"-engine") == 0) - { - if (--argc < 1) goto bad; - engine= *(++argv); - } - else if (strcmp(*argv,"-keygen_engine") == 0) - { - if (--argc < 1) goto bad; - gen_eng = ENGINE_by_id(*(++argv)); + case OPT_ENGINE: + engine = optarg; + break; + case OPT_KEYGEN_ENGINE: + gen_eng = ENGINE_by_id(opt_arg()); if (gen_eng == NULL) { BIO_printf(bio_err, "Can't find keygen engine %s\n", *argv); goto end; } - } + break; #endif - else if (strcmp(*argv,"-key") == 0) - { - if (--argc < 1) goto bad; - keyfile= *(++argv); - } - else if (strcmp(*argv,"-pubkey") == 0) - { + case OPT_KEY: + keyfile = opt_arg(); + break; + case OPT_PUBKEY: pubkey=1; - } - else if (strcmp(*argv,"-new") == 0) - { + break; + case OPT_NEW: newreq=1; - } - else if (strcmp(*argv,"-config") == 0) - { - if (--argc < 1) goto bad; - template= *(++argv); - } - else if (strcmp(*argv,"-keyform") == 0) - { - if (--argc < 1) goto bad; - keyform=str2fmt(*(++argv)); - } - else if (strcmp(*argv,"-in") == 0) - { - if (--argc < 1) goto bad; - infile= *(++argv); - } - else if (strcmp(*argv,"-out") == 0) - { - if (--argc < 1) goto bad; - outfile= *(++argv); - } - else if (strcmp(*argv,"-keyout") == 0) - { - if (--argc < 1) goto bad; - keyout= *(++argv); - } - else if (strcmp(*argv,"-passin") == 0) - { - if (--argc < 1) goto bad; - passargin= *(++argv); - } - else if (strcmp(*argv,"-passout") == 0) - { - if (--argc < 1) goto bad; - passargout= *(++argv); - } - else if (strcmp(*argv,"-rand") == 0) - { - if (--argc < 1) goto bad; - inrand= *(++argv); - } - else if (strcmp(*argv,"-newkey") == 0) - { - if (--argc < 1) - goto bad; - keyalg = *(++argv); + break; + case OPT_CONFIG: + template= opt_arg(); + break; + case OPT_KEYFORM: + opt_format(opt_arg(), 1, &keyform); + break; + case OPT_IN: + infile = opt_arg(); + break; + case OPT_OUT: + outfile= opt_arg(); + break; + case OPT_KEYOUT: + keyout= opt_arg(); + break; + case OPT_PASSIN: + passargin= opt_arg(); + break; + case OPT_PASSOUT: + passargout= opt_arg(); + break; + case OPT_RAND: + inrand= opt_arg(); + break; + case OPT_NEWKEY: + keyalg = opt_arg(); newreq=1; - } - else if (strcmp(*argv,"-pkeyopt") == 0) - { - if (--argc < 1) - goto bad; + break; + case OPT_PKEYOPT: if (!pkeyopts) pkeyopts = sk_OPENSSL_STRING_new_null(); - if (!pkeyopts || !sk_OPENSSL_STRING_push(pkeyopts, *(++argv))) - goto bad; - } - else if (strcmp(*argv,"-sigopt") == 0) - { - if (--argc < 1) + if (!pkeyopts || !sk_OPENSSL_STRING_push(pkeyopts, opt_arg())) goto bad; + break; + case OPT_SIGOPT: if (!sigopts) sigopts = sk_OPENSSL_STRING_new_null(); - if (!sigopts || !sk_OPENSSL_STRING_push(sigopts, *(++argv))) + if (!sigopts || !sk_OPENSSL_STRING_push(sigopts, opt_arg())) goto bad; - } - else if (strcmp(*argv,"-batch") == 0) + break; + case OPT_BATCH: batch=1; - else if (strcmp(*argv,"-newhdr") == 0) + break; + case OPT_NEWHDR: newhdr=1; - else if (strcmp(*argv,"-modulus") == 0) + break; + case OPT_MODULUS: modulus=1; - else if (strcmp(*argv,"-verify") == 0) + break; + case OPT_VERIFY: verify=1; - else if (strcmp(*argv,"-nodes") == 0) + break; + case OPT_NODES: nodes=1; - else if (strcmp(*argv,"-noout") == 0) + break; + case OPT_NOOUT: noout=1; - else if (strcmp(*argv,"-verbose") == 0) + break; + case OPT_VERBOSE: verbose=1; - else if (strcmp(*argv,"-utf8") == 0) + break; + case OPT_UTF8: chtype = MBSTRING_UTF8; - else if (strcmp(*argv,"-nameopt") == 0) - { - if (--argc < 1) goto bad; - if (!set_name_ex(&nmflag, *(++argv))) goto bad; - } - else if (strcmp(*argv,"-reqopt") == 0) - { - if (--argc < 1) goto bad; - if (!set_cert_ex(&reqflag, *(++argv))) goto bad; - } - else if (strcmp(*argv,"-subject") == 0) - subject=1; - else if (strcmp(*argv,"-text") == 0) + break; + case OPT_NAMEOPT: + if (!set_name_ex(&nmflag, opt_arg())) goto bad; + break; + case OPT_REQOPT: + if (!set_cert_ex(&reqflag, opt_arg())) goto bad; + break; + case OPT_TEXT: text=1; - else if (strcmp(*argv,"-x509") == 0) + break; + case OPT_X509: x509=1; - else if (strcmp(*argv,"-asn1-kludge") == 0) + break; + case OPT_ASN1_KLUDGE: kludge=1; - else if (strcmp(*argv,"-no-asn1-kludge") == 0) + break; + case OPT_NO_ASN1_KLUDGE: kludge=0; - else if (strcmp(*argv,"-subj") == 0) - { - if (--argc < 1) goto bad; - subj= *(++argv); - } - else if (strcmp(*argv,"-multivalue-rdn") == 0) + break; multirdn=1; - else if (strcmp(*argv,"-days") == 0) - { - if (--argc < 1) goto bad; - days= atoi(*(++argv)); - if (days == 0) days=30; - } - else if (strcmp(*argv,"-set_serial") == 0) - { - if (--argc < 1) goto bad; - serial = s2i_ASN1_INTEGER(NULL, *(++argv)); + case OPT_DAYS: + days= atoi(opt_arg()); + break; + case OPT_SET_SERIAL: + serial = s2i_ASN1_INTEGER(NULL, opt_arg()); if (!serial) goto bad; - } - else if (strcmp(*argv,"-extensions") == 0) - { - if (--argc < 1) goto bad; - extensions = *(++argv); - } - else if (strcmp(*argv,"-reqexts") == 0) - { - if (--argc < 1) goto bad; - req_exts = *(++argv); - } - else if ((md_alg=EVP_get_digestbyname(&((*argv)[1]))) != NULL) + break; + case OPT_SUBJECT: + subj= opt_arg(); + break; + case OPT_MULTIVALUE_RDN: + multirdn=1; + break; + case OPT_EXTENSIONS: + extensions = opt_arg(); + break; + case OPT_REQEXTS: + req_exts = opt_arg(); + break; + case OPT_MD: + if ((md_alg=EVP_get_digestbyname(opt_unknown())) != NULL) + digest=md_alg; + else { - /* ok */ - digest=md_alg; + BIO_printf(bio_err, "unknown option -%s\n", + opt_unknown()); + badops=1; } - else - { - BIO_printf(bio_err,"unknown option %s\n",*argv); - badops=1; break; - } - argc--; - argv++; } + } if (badops) { bad: - BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog); - BIO_printf(bio_err,"where options are\n"); - BIO_printf(bio_err," -inform arg input format - DER or PEM\n"); - BIO_printf(bio_err," -outform arg output format - DER or PEM\n"); - BIO_printf(bio_err," -in arg input file\n"); - BIO_printf(bio_err," -out arg output file\n"); - BIO_printf(bio_err," -text text form of request\n"); - BIO_printf(bio_err," -pubkey output public key\n"); - BIO_printf(bio_err," -noout do not output REQ\n"); - BIO_printf(bio_err," -verify verify signature on REQ\n"); - BIO_printf(bio_err," -modulus RSA modulus\n"); - BIO_printf(bio_err," -nodes don't encrypt the output key\n"); -#ifndef OPENSSL_NO_ENGINE - BIO_printf(bio_err," -engine e use engine e, possibly a hardware device\n"); -#endif - BIO_printf(bio_err," -subject output the request's subject\n"); - BIO_printf(bio_err," -passin private key password source\n"); - BIO_printf(bio_err," -key file use the private key contained in file\n"); - BIO_printf(bio_err," -keyform arg key file format\n"); - BIO_printf(bio_err," -keyout arg file to send the key to\n"); - BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); - BIO_printf(bio_err," load the file (or the files in the directory) into\n"); - BIO_printf(bio_err," the random number generator\n"); - BIO_printf(bio_err," -newkey rsa:bits generate a new RSA key of 'bits' in size\n"); - BIO_printf(bio_err," -newkey dsa:file generate a new DSA key, parameters taken from CA in 'file'\n"); -#ifndef OPENSSL_NO_ECDSA - BIO_printf(bio_err," -newkey ec:file generate a new EC key, parameters taken from CA in 'file'\n"); -#endif - BIO_printf(bio_err," -[digest] Digest to sign with (md5, sha1, md2, mdc2, md4)\n"); - BIO_printf(bio_err," -config file request template file.\n"); - BIO_printf(bio_err," -subj arg set or modify request subject\n"); - BIO_printf(bio_err," -multivalue-rdn enable support for multivalued RDNs\n"); - BIO_printf(bio_err," -new new request.\n"); - BIO_printf(bio_err," -batch do not ask anything during request generation\n"); - BIO_printf(bio_err," -x509 output a x509 structure instead of a cert. req.\n"); - BIO_printf(bio_err," -days number of days a certificate generated by -x509 is valid for.\n"); - BIO_printf(bio_err," -set_serial serial number to use for a certificate generated by -x509.\n"); - BIO_printf(bio_err," -newhdr output \"NEW\" in the header lines\n"); - BIO_printf(bio_err," -asn1-kludge Output the 'request' in a format that is wrong but some CA's\n"); - BIO_printf(bio_err," have been reported as requiring\n"); - BIO_printf(bio_err," -extensions .. specify certificate extension section (override value in config file)\n"); - BIO_printf(bio_err," -reqexts .. specify request extension section (override value in config file)\n"); - BIO_printf(bio_err," -utf8 input characters are UTF8 (default ASCII)\n"); - BIO_printf(bio_err," -nameopt arg - various certificate name options\n"); - BIO_printf(bio_err," -reqopt arg - various request text options\n\n"); + BIO_printf(bio_err,"Where options are\n"); + printhelp(req_help); goto end; } - ERR_load_crypto_strings(); if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) { BIO_printf(bio_err, "Error getting passwords\n"); goto end; } -#ifndef MONOLITH /* else this has happened in openssl.c (global `config') */ - /* Lets load up our environment a little */ - p=getenv("OPENSSL_CONF"); - if (p == NULL) - p=getenv("SSLEAY_CONF"); - if (p == NULL) - p=to_free=make_config_name(); - default_config_file=p; - config=NCONF_new(NULL); - i=NCONF_load(config, p, &errline); -#endif - if (template != NULL) { long errline = -1; @@ -499,8 +468,6 @@ bad: if (req_conf != NULL) { - if (!load_config(bio_err, req_conf)) - goto end; p=NCONF_get_string(req_conf,NULL,"oid_file"); if (p == NULL) ERR_clear_error(); @@ -607,11 +574,6 @@ bad: } } - in=BIO_new(BIO_s_file()); - out=BIO_new(BIO_s_file()); - if ((in == NULL) || (out == NULL)) - goto end; - #ifndef OPENSSL_NO_ENGINE e = setup_engine(bio_err, engine, 0); #endif @@ -716,22 +678,17 @@ bad: if (keyout == NULL) { BIO_printf(bio_err,"writing new private key to stdout\n"); - BIO_set_fp(out,stdout,BIO_NOCLOSE); -#ifdef OPENSSL_SYS_VMS - { - BIO *tmpbio = BIO_new(BIO_f_linebuffer()); - out = BIO_push(tmpbio, out); - } -#endif + out = BIO_dup_chain(bio_out); } else { BIO_printf(bio_err,"writing new private key to '%s'\n",keyout); - if (BIO_write_filename(out,keyout) <= 0) - { - perror(keyout); - goto end; - } + out = BIO_new_file(keyout, "w"); + } + if (out == NULL) + { + ERR_print_errors(bio_err); + goto end; } p=NCONF_get_string(req_conf,SECTION,"encrypt_rsa_key"); @@ -770,25 +727,19 @@ loop: * changed. */ kludge= -1; if (infile == NULL) - BIO_set_fp(in,stdin,BIO_NOCLOSE); + in = BIO_new_fp(stdin,BIO_NOCLOSE); else + in = BIO_new_file(infile, RB(informat)); + if (in == NULL) { - if (BIO_read_filename(in,infile) <= 0) - { - perror(infile); - goto end; - } + ERR_print_errors(bio_err); + goto end; } if (informat == FORMAT_ASN1) req=d2i_X509_REQ_bio(in,NULL); - else if (informat == FORMAT_PEM) - req=PEM_read_bio_X509_REQ(in,NULL,NULL,NULL); else - { - BIO_printf(bio_err,"bad input format specified for X509 request\n"); - goto end; - } + req=PEM_read_bio_X509_REQ(in,NULL,NULL,NULL); if (req == NULL) { BIO_printf(bio_err,"unable to load X509 request\n"); @@ -967,26 +918,15 @@ loop: } if (outfile == NULL) - { - BIO_set_fp(out,stdout,BIO_NOCLOSE); -#ifdef OPENSSL_SYS_VMS - { - BIO *tmpbio = BIO_new(BIO_f_linebuffer()); - out = BIO_push(tmpbio, out); - } -#endif - } + out = BIO_dup_chain(bio_out); + else if (keyout == NULL || strcmp(outfile, keyout) != 0) + out = BIO_new_file(outfile, "w"); else + out = BIO_new_file(outfile, "a"); + if (out == NULL) { - if ((keyout != NULL) && (strcmp(outfile,keyout) == 0)) - i=(int)BIO_append_filename(out,outfile); - else - i=(int)BIO_write_filename(out,outfile); - if (!i) - { - perror(outfile); - goto end; - } + ERR_print_errors(bio_err); + goto end; } if (pubkey) @@ -1078,10 +1018,6 @@ loop: } ex=0; end: -#ifndef MONOLITH - if(to_free) - OPENSSL_free(to_free); -#endif if (ex) { ERR_print_errors(bio_err); @@ -1108,8 +1044,7 @@ end: if(passargin && passin) OPENSSL_free(passin); if(passargout && passout) OPENSSL_free(passout); OBJ_cleanup(); - apps_shutdown(); - OPENSSL_EXIT(ex); + return(ex); } static int make_REQ(X509_REQ *req, EVP_PKEY *pkey, char *subj, int multirdn, diff --git a/apps/rsa.c b/apps/rsa.c index a17708fe9c..c3d820f59b 100644 --- a/apps/rsa.c +++ b/apps/rsa.c @@ -71,40 +71,51 @@ #include <openssl/pem.h> #include <openssl/bn.h> -#undef PROG -#define PROG rsa_main -/* -inform arg - input format - default PEM (one of DER, NET or PEM) - * -outform arg - output format - default PEM - * -in arg - input file - default stdin - * -out arg - output file - default stdout - * -des - encrypt output if PEM format with DES in cbc mode - * -des3 - encrypt output if PEM format - * -idea - encrypt output if PEM format - * -seed - encrypt output if PEM format - * -aes128 - encrypt output if PEM format - * -aes192 - encrypt output if PEM format - * -aes256 - encrypt output if PEM format - * -camellia128 - encrypt output if PEM format - * -camellia192 - encrypt output if PEM format - * -camellia256 - encrypt output if PEM format - * -text - print a text version - * -modulus - print the RSA key modulus - * -check - verify key consistency - * -pubin - Expect a public key in input file. - * -pubout - Output a public key. - */ - -int MAIN(int, char **); +const char* rsa_help[] = { + "-inform arg input format - one of DER NET PEM", + "-outform arg output format - one of DER NET PEM", + "-in arg input file", + "-sgckey Use IIS SGC key format", + "-passin arg input file pass phrase source", + "-out arg output file", + "-passout arg output file pass phrase source", + "-des encrypt PEM output with cbc des", + "-des3 encrypt PEM output with ede cbc des using 168 bit key", +#ifndef OPENSSL_NO_IDEA + "-idea encrypt PEM output with cbc idea", +#endif +#ifndef OPENSSL_NO_SEED + "-seed encrypt PEM output with cbc seed", +#endif +#ifndef OPENSSL_NO_AES + "-aes128, -aes192, -aes256", + " encrypt PEM output with cbc aes", +#endif +#ifndef OPENSSL_NO_CAMELLIA + "-camellia128, -camellia192, -camellia256", + " encrypt PEM output with cbc camellia", +#endif + "-text print the key in text", + "-noout don't print key out", + "-modulus print the RSA key modulus", + "-check verify key consistency", + "-pubin expect a public key in input file", + "-pubout output a public key", +#ifndef OPENSSL_NO_ENGINE + "-engine e use engine e, possibly a hardware device.", +#endif + NULL +}; -int MAIN(int argc, char **argv) +int rsa_main(int argc, char **argv) { ENGINE *e = NULL; int ret=1; RSA *rsa=NULL; int i,badops=0, sgckey=0; const EVP_CIPHER *enc=NULL; - BIO *out=NULL; + BIO *out; int informat,outformat,text=0,check=0,noout=0; int pubin = 0, pubout = 0; char *infile,*outfile,*prog; @@ -114,18 +125,8 @@ int MAIN(int argc, char **argv) char *engine=NULL; #endif int modulus=0; - int pvk_encr = 2; - apps_startup(); - - if (bio_err == NULL) - if ((bio_err=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); - - if (!load_config(bio_err, NULL)) - goto end; - infile=NULL; outfile=NULL; informat=FORMAT_PEM; @@ -210,45 +211,12 @@ int MAIN(int argc, char **argv) if (badops) { bad: - BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog); + BIO_printf(bio_err,"rsa [options] <infile >outfile\n"); BIO_printf(bio_err,"where options are\n"); - BIO_printf(bio_err," -inform arg input format - one of DER NET PEM\n"); - BIO_printf(bio_err," -outform arg output format - one of DER NET PEM\n"); - BIO_printf(bio_err," -in arg input file\n"); - BIO_printf(bio_err," -sgckey Use IIS SGC key format\n"); - BIO_printf(bio_err," -passin arg input file pass phrase source\n"); - BIO_printf(bio_err," -out arg output file\n"); - BIO_printf(bio_err," -passout arg output file pass phrase source\n"); - BIO_printf(bio_err," -des encrypt PEM output with cbc des\n"); - BIO_printf(bio_err," -des3 encrypt PEM output with ede cbc des using 168 bit key\n"); -#ifndef OPENSSL_NO_IDEA - BIO_printf(bio_err," -idea encrypt PEM output with cbc idea\n"); -#endif -#ifndef OPENSSL_NO_SEED - BIO_printf(bio_err," -seed encrypt PEM output with cbc seed\n"); -#endif -#ifndef OPENSSL_NO_AES - BIO_printf(bio_err," -aes128, -aes192, -aes256\n"); - BIO_printf(bio_err," encrypt PEM output with cbc aes\n"); -#endif -#ifndef OPENSSL_NO_CAMELLIA - BIO_printf(bio_err," -camellia128, -camellia192, -camellia256\n"); - BIO_printf(bio_err," encrypt PEM output with cbc camellia\n"); -#endif - BIO_printf(bio_err," -text print the key in text\n"); - BIO_printf(bio_err," -noout don't print key out\n"); - BIO_printf(bio_err," -modulus print the RSA key modulus\n"); - BIO_printf(bio_err," -check verify key consistency\n"); - BIO_printf(bio_err," -pubin expect a public key in input file\n"); - BIO_printf(bio_err," -pubout output a public key\n"); -#ifndef OPENSSL_NO_ENGINE - BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n"); -#endif + printhelp(rsa_help); goto end; } - ERR_load_crypto_strings(); - #ifndef OPENSSL_NO_ENGINE e = setup_engine(bio_err, engine, 0); #endif @@ -263,8 +231,6 @@ bad: goto end; } - out=BIO_new(BIO_s_file()); - { EVP_PKEY *pkey; @@ -304,22 +270,13 @@ bad: } if (outfile == NULL) - { - BIO_set_fp(out,stdout,BIO_NOCLOSE); -#ifdef OPENSSL_SYS_VMS - { - BIO *tmpbio = BIO_new(BIO_f_linebuffer()); - out = BIO_push(tmpbio, out); - } -#endif - } + out = BIO_dup_chain(bio_out); else + out = BIO_new_file(outfile, "w"); + if (out == NULL) { - if (BIO_write_filename(out,outfile) <= 0) - { - perror(outfile); - goto end; - } + ERR_print_errors(bio_err); + goto end; } if (text) @@ -438,8 +395,7 @@ end: if(rsa != NULL) RSA_free(rsa); if(passin) OPENSSL_free(passin); if(passout) OPENSSL_free(passout); - apps_shutdown(); - OPENSSL_EXIT(ret); + return(ret); } #else /* !OPENSSL_NO_RSA */ diff --git a/apps/rsautl.c b/apps/rsautl.c index b01f004eb3..6a94302807 100644 --- a/apps/rsautl.c +++ b/apps/rsautl.c @@ -76,13 +76,30 @@ static void usage(void); -#undef PROG - -#define PROG rsautl_main - -int MAIN(int argc, char **); +const char* rsautl_help[] = { + "-in file input file", + "-out file output file", + "-inkey file input key", + "-keyform arg private key format - default PEM", + "-pubin input is an RSA public", + "-certin input is a certificate carrying an RSA public key", + "-ssl use SSL v2 padding", + "-raw use no padding", + "-pkcs use PKCS#1 v1.5 padding (default)", + "-oaep use PKCS#1 OAEP", + "-sign sign with private key", + "-verify verify with public key", + "-encrypt encrypt with public key", + "-decrypt decrypt with private key", + "-hexdump hex dump output", +#ifndef OPENSSL_NO_ENGINE + "-engine e use engine e, possibly a hardware device.", +#endif + "-passin arg pass phrase source", + NULL +}; -int MAIN(int argc, char **argv) +int rsautl_main(int argc, char **argv) { ENGINE *e = NULL; BIO *in = NULL, *out = NULL; @@ -102,18 +119,10 @@ int MAIN(int argc, char **argv) char *passargin = NULL, *passin = NULL; int rsa_inlen, rsa_outlen = 0; int keysize; - int ret = 1; argc--; argv++; - - if(!bio_err) bio_err = BIO_new_fp(stderr, BIO_NOCLOSE); - - if (!load_config(bio_err, NULL)) - goto end; - ERR_load_crypto_strings(); - OpenSSL_add_all_algorithms(); pad = RSA_PKCS1_PADDING; while(argc >= 1) @@ -320,26 +329,7 @@ int MAIN(int argc, char **argv) static void usage() { BIO_printf(bio_err, "Usage: rsautl [options]\n"); - BIO_printf(bio_err, "-in file input file\n"); - BIO_printf(bio_err, "-out file output file\n"); - BIO_printf(bio_err, "-inkey file input key\n"); - BIO_printf(bio_err, "-keyform arg private key format - default PEM\n"); - BIO_printf(bio_err, "-pubin input is an RSA public\n"); - BIO_printf(bio_err, "-certin input is a certificate carrying an RSA public key\n"); - BIO_printf(bio_err, "-ssl use SSL v2 padding\n"); - BIO_printf(bio_err, "-raw use no padding\n"); - BIO_printf(bio_err, "-pkcs use PKCS#1 v1.5 padding (default)\n"); - BIO_printf(bio_err, "-oaep use PKCS#1 OAEP\n"); - BIO_printf(bio_err, "-sign sign with private key\n"); - BIO_printf(bio_err, "-verify verify with public key\n"); - BIO_printf(bio_err, "-encrypt encrypt with public key\n"); - BIO_printf(bio_err, "-decrypt decrypt with private key\n"); - BIO_printf(bio_err, "-hexdump hex dump output\n"); -#ifndef OPENSSL_NO_ENGINE - BIO_printf(bio_err, "-engine e use engine e, possibly a hardware device.\n"); - BIO_printf (bio_err, "-passin arg pass phrase source\n"); -#endif - + printhelp(rsautl_help); } #else /* !OPENSSL_NO_RSA */ diff --git a/apps/s_apps.h b/apps/s_apps.h index 9d16e45978..625e1eb266 100644 --- a/apps/s_apps.h +++ b/apps/s_apps.h @@ -157,7 +157,7 @@ int do_server_unix(const char *path, int *ret, unsigned char *context, int naccept); #endif #ifdef HEADER_X509_H -int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx); +int verify_callback(int ok, X509_STORE_CTX *ctx); #endif #ifdef HEADER_SSL_H int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file); @@ -176,19 +176,19 @@ int should_retry(int i); int extract_port(const char *str, short *port_ptr); int extract_host_port(char *str,char **host_ptr,unsigned char *ip,short *p); -long MS_CALLBACK bio_dump_callback(BIO *bio, int cmd, const char *argp, +long bio_dump_callback(BIO *bio, int cmd, const char *argp, int argi, long argl, long ret); #ifdef HEADER_SSL_H -void MS_CALLBACK apps_ssl_info_callback(const SSL *s, int where, int ret); -void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg); -void MS_CALLBACK tlsext_cb(SSL *s, int client_server, int type, +void apps_ssl_info_callback(const SSL *s, int where, int ret); +void msg_cb(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg); +void tlsext_cb(SSL *s, int client_server, int type, unsigned char *data, int len, void *arg); #endif -int MS_CALLBACK generate_cookie_callback(SSL *ssl, unsigned char *cookie, unsigned int *cookie_len); -int MS_CALLBACK verify_cookie_callback(SSL *ssl, unsigned char *cookie, unsigned int cookie_len); +int generate_cookie_callback(SSL *ssl, unsigned char *cookie, unsigned int *cookie_len); +int verify_cookie_callback(SSL *ssl, unsigned char *cookie, unsigned int cookie_len); typedef struct ssl_excert_st SSL_EXCERT; diff --git a/apps/s_cb.c b/apps/s_cb.c index cf34e00a4c..3d41fbb547 100644 --- a/apps/s_cb.c +++ b/apps/s_cb.c @@ -112,9 +112,7 @@ #include <stdio.h> #include <stdlib.h> #define USE_SOCKETS -#define NON_MAIN #include "apps.h" -#undef NON_MAIN #undef USE_SOCKETS #include <openssl/err.h> #include <openssl/rand.h> @@ -135,7 +133,7 @@ int verify_return_error=0; unsigned char cookie_secret[COOKIE_SECRET_LENGTH]; int cookie_initialized=0; -int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx) +int verify_callback(int ok, X509_STORE_CTX *ctx) { X509 *err_cert; int err,depth; @@ -557,7 +555,7 @@ int ssl_print_tmp_key(BIO *out, SSL *s) } -long MS_CALLBACK bio_dump_callback(BIO *bio, int cmd, const char *argp, +long bio_dump_callback(BIO *bio, int cmd, const char *argp, int argi, long argl, long ret) { BIO *out; @@ -581,7 +579,7 @@ long MS_CALLBACK bio_dump_callback(BIO *bio, int cmd, const char *argp, return(ret); } -void MS_CALLBACK apps_ssl_info_callback(const SSL *s, int where, int ret) +void apps_ssl_info_callback(const SSL *s, int where, int ret) { const char *str; int w; @@ -640,7 +638,7 @@ static const char *ssl_version_str(int version) } } -void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg) +void msg_cb(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg) { BIO *bio = arg; const char *str_write_p, *str_version, *str_content_type = "", *str_details1 = "", *str_details2= ""; @@ -931,7 +929,7 @@ void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void * (void)BIO_flush(bio); } -void MS_CALLBACK tlsext_cb(SSL *s, int client_server, int type, +void tlsext_cb(SSL *s, int client_server, int type, unsigned char *data, int len, void *arg) { @@ -1044,7 +1042,7 @@ void MS_CALLBACK tlsext_cb(SSL *s, int client_server, int type, (void)BIO_flush(bio); } -int MS_CALLBACK generate_cookie_callback(SSL *ssl, unsigned char *cookie, unsigned int *cookie_len) +int generate_cookie_callback(SSL *ssl, unsigned char *cookie, unsigned int *cookie_len) { unsigned char *buffer, result[EVP_MAX_MD_SIZE]; unsigned int length, resultlength; @@ -1132,7 +1130,7 @@ int MS_CALLBACK generate_cookie_callback(SSL *ssl, unsigned char *cookie, unsign return 1; } -int MS_CALLBACK verify_cookie_callback(SSL *ssl, unsigned char *cookie, unsigned int cookie_len) +int verify_cookie_callback(SSL *ssl, unsigned char *cookie, unsigned int cookie_len) { unsigned char *buffer, result[EVP_MAX_MD_SIZE]; unsigned int length, resultlength; diff --git a/apps/s_client.c b/apps/s_client.c index e1be6a908b..4e9b673cd3 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -178,9 +178,6 @@ typedef unsigned int u_int; #include <fcntl.h> #endif -#undef PROG -#define PROG s_client_main - /*#define SSL_HOST_NAME "www.netscape.com" */ /*#define SSL_HOST_NAME "193.118.187.102" */ #define SSL_HOST_NAME "localhost" @@ -221,6 +218,124 @@ static int c_quiet=0; static int c_ign_eof=0; static int c_brief=0; +#ifndef OPENSSL_NO_TLSEXT + +static unsigned char *generated_supp_data = NULL; + +static const unsigned char *most_recent_supplemental_data = NULL; +static size_t most_recent_supplemental_data_length = 0; + +static int server_provided_server_authz = 0; +static int server_provided_client_authz = 0; + +static const unsigned char auth_ext_data[]={TLSEXT_AUTHZDATAFORMAT_dtcp}; + +static int suppdata_cb(SSL *s, unsigned short supp_data_type, + const unsigned char *in, + unsigned short inlen, int *al, + void *arg); + +static int auth_suppdata_generate_cb(SSL *s, unsigned short supp_data_type, + const unsigned char **out, + unsigned short *outlen, int *al, void *arg); + +static int authz_tlsext_generate_cb(SSL *s, unsigned short ext_type, + const unsigned char **out, unsigned short *outlen, + int *al, void *arg); + +static int authz_tlsext_cb(SSL *s, unsigned short ext_type, + const unsigned char *in, + unsigned short inlen, int *al, + void *arg); +#endif + +const char* s_client_help[] = { + "-host host use -connect instead", + "-port port use -connect instead", + "-connect host:port connect over TCP/IP (default is " SSL_HOST_NAME ":" PORT_STR ")", + "-unix path connect over unix domain sockets", + "-verify arg turn on peer certificate verification", + "-cert arg certificate file to use, PEM format assumed", + "-certform arg certificate format (PEM or DER) PEM default", + "-key arg private key file to use, in cert file if", + " not specified but cert file is", + "-keyform arg key format (PEM or DER) PEM default", + "-pass arg private key file pass phrase source", + "-CApath arg PEM format directory of CA's", + "-CAfile arg PEM format file of CA's", + "-trusted_first use local CA's first when building trust chain", + "-reconnect drop and re-make the connection with the same Session-ID", + "-pause sleep(1) after each read(2) and write(2) system call", + "-showcerts show all certificates in the chain", + "-debug extra output", +#ifdef WATT32 + "-wdebug WATT-32 tcp debugging", +#endif + "-msg show protocol messages", + "-nbio_test more ssl protocol testing", + "-state print the 'ssl' states", +#ifdef FIONBIO + "-nbio use non-blocking IO", +#endif + "-crlf convert LF from terminal into CRLF", + "-quiet no s_client output", + "-ign_eof ignore input eof (default when -quiet)", + "-no_ign_eof don't ignore input eof", +#ifndef OPENSSL_NO_PSK + "-psk_identity arg PSK identity", + "-psk arg PSK in hex (without 0x)", +# ifndef OPENSSL_NO_JPAKE + "-jpake arg JPAKE secret to use", +# endif +#endif +#ifndef OPENSSL_NO_SRP + "-srpuser user SRP authentification for 'user'", + "-srppass arg password for 'user'", + "-srp_lateuser SRP username into second ClientHello message", + "-srp_moregroups tolerate other than the known g N values.", + "-srp_strength int minimal mength in bits for N (default %d).", +#endif + "-ssl2 just use SSLv2", + "-ssl3 just use SSLv3", + "-tls1_2 just use TLSv1.2", + "-tls1_1 just use TLSv1.1", + "-tls1 just use TLSv1", + "-dtls1 just use DTLSv1", + "-mtu set the link layer MTU", + "-no_tls1_2/-no_tls1_1/-no_tls1/-no_ssl3/-no_ssl2 turn off that protocol", + "-bugs switch on all SSL implementation bug workarounds", + "-serverpref use server's cipher preferences (only SSLv2)", + "-cipher preferred cipher to use; see 'openssl ciphers'", + "-starttls prot use the STARTTLS command before starting TLS", + " prot must be: smtp pop3 imap ftp or xmpp", + "-xmpphost host when used with \"-starttls xmpp\" specifies the virtual host", +#ifndef OPENSSL_NO_ENGINE + "-engine id initialise and use the specified engine", +#endif + "-rand file... load the file(s) into the random number generator", + "-sess_out arg file to write SSL session to", + "-sess_in arg file to read SSL session from", +#ifndef OPENSSL_NO_TLSEXT + "-servername host set TLS extension servername in ClientHello", + "-tlsextdebug hex dump of all TLS extensions received", + "-status request certificate status from server", + "-no_ticket disable use of RFC4507bis session tickets", + "-serverinfo types send empty ClientHello extensions (comma-separated numbers)", + "-auth send and receive RFC 5878 TLS auth extensions and supplemental data", + "-auth_require_reneg do not send TLS auth extensions until renegotiation", +# ifndef OPENSSL_NO_NEXTPROTONEG + "-nextprotoneg arg enable NPN extension, considering named protocols supported (comma-separated list)", +# endif + "-alpn arg enable ALPN extension, considering named protocols supported (comma-separated list)", +#endif + "-legacy_renegotiation enable use of legacy renegotiation (dangerous)", + "-use_srtp profiles offer SRTP key management with a colon-separated profile list", + "-keymatexport label export keying material using label", + "-keymatexportlen len export len bytes of keying material (default 20)", + + NULL +}; + #ifndef OPENSSL_NO_PSK /* Default PSK identity and key */ static char *psk_identity="Client_identity"; @@ -287,93 +402,7 @@ static unsigned int psk_client_cb(SSL *ssl, const char *hint, char *identity, static void sc_usage(void) { BIO_printf(bio_err,"usage: s_client args\n"); - BIO_printf(bio_err,"\n"); - BIO_printf(bio_err," -host host - use -connect instead\n"); - BIO_printf(bio_err," -port port - use -connect instead\n"); - BIO_printf(bio_err," -connect host:port - connect over TCP/IP (default is %s:%s)\n",SSL_HOST_NAME,PORT_STR); - BIO_printf(bio_err," -unix path - connect over unix domain sockets\n"); - BIO_printf(bio_err," -verify arg - turn on peer certificate verification\n"); - BIO_printf(bio_err," -verify_return_error - return verification errors\n"); - BIO_printf(bio_err," -cert arg - certificate file to use, PEM format assumed\n"); - BIO_printf(bio_err," -certform arg - certificate format (PEM or DER) PEM default\n"); - BIO_printf(bio_err," -key arg - Private key file to use, in cert file if\n"); - BIO_printf(bio_err," not specified but cert file is.\n"); - BIO_printf(bio_err," -keyform arg - key format (PEM or DER) PEM default\n"); - BIO_printf(bio_err," -pass arg - private key file pass phrase source\n"); - BIO_printf(bio_err," -CApath arg - PEM format directory of CA's\n"); - BIO_printf(bio_err," -CAfile arg - PEM format file of CA's\n"); - BIO_printf(bio_err," -trusted_first - Use local CA's first when building trust chain\n"); - BIO_printf(bio_err," -reconnect - Drop and re-make the connection with the same Session-ID\n"); - BIO_printf(bio_err," -pause - sleep(1) after each read(2) and write(2) system call\n"); - BIO_printf(bio_err," -prexit - print session information even on connection failure\n"); - BIO_printf(bio_err," -showcerts - show all certificates in the chain\n"); - BIO_printf(bio_err," -debug - extra output\n"); -#ifdef WATT32 - BIO_printf(bio_err," -wdebug - WATT-32 tcp debugging\n"); -#endif - BIO_printf(bio_err," -msg - Show protocol messages\n"); - BIO_printf(bio_err," -nbio_test - more ssl protocol testing\n"); - BIO_printf(bio_err," -state - print the 'ssl' states\n"); -#ifdef FIONBIO - BIO_printf(bio_err," -nbio - Run with non-blocking IO\n"); -#endif - BIO_printf(bio_err," -crlf - convert LF from terminal into CRLF\n"); - BIO_printf(bio_err," -quiet - no s_client output\n"); - BIO_printf(bio_err," -ign_eof - ignore input eof (default when -quiet)\n"); - BIO_printf(bio_err," -no_ign_eof - don't ignore input eof\n"); -#ifndef OPENSSL_NO_PSK - BIO_printf(bio_err," -psk_identity arg - PSK identity\n"); - BIO_printf(bio_err," -psk arg - PSK in hex (without 0x)\n"); -# ifndef OPENSSL_NO_JPAKE - BIO_printf(bio_err," -jpake arg - JPAKE secret to use\n"); -# endif -#endif -#ifndef OPENSSL_NO_SRP - BIO_printf(bio_err," -srpuser user - SRP authentification for 'user'\n"); - BIO_printf(bio_err," -srppass arg - password for 'user'\n"); - BIO_printf(bio_err," -srp_lateuser - SRP username into second ClientHello message\n"); - BIO_printf(bio_err," -srp_moregroups - Tolerate other than the known g N values.\n"); - BIO_printf(bio_err," -srp_strength int - minimal mength in bits for N (default %d).\n",SRP_MINIMAL_N); -#endif - BIO_printf(bio_err," -ssl2 - just use SSLv2\n"); - BIO_printf(bio_err," -ssl3 - just use SSLv3\n"); - BIO_printf(bio_err," -tls1_2 - just use TLSv1.2\n"); - BIO_printf(bio_err," -tls1_1 - just use TLSv1.1\n"); - BIO_printf(bio_err," -tls1 - just use TLSv1\n"); - BIO_printf(bio_err," -dtls1 - just use DTLSv1\n"); - BIO_printf(bio_err," -mtu - set the link layer MTU\n"); - BIO_printf(bio_err," -no_tls1_2/-no_tls1_1/-no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol\n"); - BIO_printf(bio_err," -bugs - Switch on all SSL implementation bug workarounds\n"); - BIO_printf(bio_err," -serverpref - Use server's cipher preferences (only SSLv2)\n"); - BIO_printf(bio_err," -cipher - preferred cipher to use, use the 'openssl ciphers'\n"); - BIO_printf(bio_err," command to see what is available\n"); - BIO_printf(bio_err," -starttls prot - use the STARTTLS command before starting TLS\n"); - BIO_printf(bio_err," for those protocols that support it, where\n"); - BIO_printf(bio_err," 'prot' defines which one to assume. Currently,\n"); - BIO_printf(bio_err," only \"smtp\", \"pop3\", \"imap\", \"ftp\" and \"xmpp\"\n"); - BIO_printf(bio_err," are supported.\n"); - BIO_printf(bio_err," -xmpphost host - When used with \"-starttls xmpp\" specifies the virtual host.\n"); -#ifndef OPENSSL_NO_ENGINE - BIO_printf(bio_err," -engine id - Initialise and use the specified engine\n"); -#endif - BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); - BIO_printf(bio_err," -sess_out arg - file to write SSL session to\n"); - BIO_printf(bio_err," -sess_in arg - file to read SSL session from\n"); -#ifndef OPENSSL_NO_TLSEXT - BIO_printf(bio_err," -servername host - Set TLS extension servername in ClientHello\n"); - BIO_printf(bio_err," -tlsextdebug - hex dump of all TLS extensions received\n"); - BIO_printf(bio_err," -status - request certificate status from server\n"); - BIO_printf(bio_err," -no_ticket - disable use of RFC4507bis session tickets\n"); - BIO_printf(bio_err," -serverinfo types - send empty ClientHello extensions (comma-separated numbers)\n"); -# ifndef OPENSSL_NO_NEXTPROTONEG - BIO_printf(bio_err," -nextprotoneg arg - enable NPN extension, considering named protocols supported (comma-separated list)\n"); -# endif - BIO_printf(bio_err," -alpn arg - enable ALPN extension, considering named protocols supported (comma-separated list)\n"); -#endif - BIO_printf(bio_err," -legacy_renegotiation - enable use of legacy renegotiation (dangerous)\n"); - BIO_printf(bio_err," -use_srtp profiles - Offer SRTP key management with a colon-separated profile list\n"); - BIO_printf(bio_err," -keymatexport label - Export keying material using label\n"); - BIO_printf(bio_err," -keymatexportlen len - Export len bytes of keying material (default 20)\n"); + printhelp(s_client_help); } #ifndef OPENSSL_NO_TLSEXT @@ -385,7 +414,7 @@ typedef struct tlsextctx_st { } tlsextctx; -static int MS_CALLBACK ssl_servername_cb(SSL *s, int *ad, void *arg) +static int ssl_servername_cb(SSL *s, int *ad, void *arg) { tlsextctx * p = (tlsextctx *) arg; const char * hn= SSL_get_servername(s, TLSEXT_NAMETYPE_host_name); @@ -455,7 +484,7 @@ static int srp_Verify_N_and_g(const BIGNUM *N, const BIGNUM *g) primality tests are rather cpu consuming. */ -static int MS_CALLBACK ssl_srp_verify_param_cb(SSL *s, void *arg) +static int ssl_srp_verify_param_cb(SSL *s, void *arg) { SRP_ARG *srp_arg = (SRP_ARG *)arg; BIGNUM *N = NULL, *g = NULL; @@ -490,7 +519,7 @@ static int MS_CALLBACK ssl_srp_verify_param_cb(SSL *s, void *arg) #define PWD_STRLEN 1024 -static char * MS_CALLBACK ssl_give_srp_client_pwd_cb(SSL *s, void *arg) +static char * ssl_give_srp_client_pwd_cb(SSL *s, void *arg) { SRP_ARG *srp_arg = (SRP_ARG *)arg; char *pass = (char *)OPENSSL_malloc(PWD_STRLEN+1); @@ -579,9 +608,7 @@ enum PROTO_XMPP }; -int MAIN(int, char **); - -int MAIN(int argc, char **argv) +int s_client_main(int argc, char **argv) { int build_chain = 0; SSL *con=NULL; @@ -676,7 +703,6 @@ static char *jpake_secret = NULL; meth=SSLv23_client_method(); - apps_startup(); c_Pause=0; c_quiet=0; c_ign_eof=0; @@ -684,11 +710,6 @@ static char *jpake_secret = NULL; c_msg=0; c_showcerts=0; - if (bio_err == NULL) - bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); - - if (!load_config(bio_err, NULL)) - goto end; cctx = SSL_CONF_CTX_new(); if (!cctx) goto end; @@ -2169,8 +2190,7 @@ end: BIO_free(bio_c_msg); bio_c_msg=NULL; } - apps_shutdown(); - OPENSSL_EXIT(ret); + return(ret); } diff --git a/apps/s_server.c b/apps/s_server.c index 239597e2a5..734bcac5b8 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -202,7 +202,7 @@ typedef unsigned int u_int; #endif #ifndef OPENSSL_NO_RSA -static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength); +static RSA *tmp_rsa_cb(SSL *s, int is_export, int keylength); #endif static int not_resumable_sess_cb(SSL *s, int is_forward_secure); static int sv_body(char *hostname, int s, int stype, unsigned char *context); @@ -220,9 +220,7 @@ static void free_sessions(void); static DH *load_dh_param(const char *dhfile); #endif -#ifdef MONOLITH static void s_server_init(void); -#endif /* static int load_CA(SSL_CTX *ctx, char *file);*/ @@ -235,8 +233,6 @@ static int accept_socket= -1; #ifndef OPENSSL_NO_TLSEXT #define TEST_CERT2 "server2.pem" #endif -#undef PROG -#define PROG s_server_main extern int verify_depth, verify_return_error, verify_quiet; @@ -293,6 +289,123 @@ static const char *s_serverinfo_file = NULL; #endif +const char* s_server_help[]={ + "-accept port TCP/IP port to accept on (default is " PORT_STR ")", + "-unix path unix domain socket to accept on", + "-unlink for -unix, unlink existing socket first", + "-context arg set session ID context", + "-verify arg turn on peer certificate verification", + "-Verify arg turn on peer certificate verification, must have a cert.", + "-cert arg certificate file to use (default is ", TEST_CERT ")", + "-naccept arg terminate after 'arg' connections", +#ifndef OPENSSL_NO_TLSEXT + "-serverinfo arg PEM serverinfo file for certificate", + "-auth send and receive RFC 5878 TLS auth extensions and supplemental data", + "-auth_require_reneg do not send TLS auth extensions until renegotiation", +#endif + "-no_resumption_on_reneg set SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION flag", + "-crl_check check the peer certificate has not been revoked by its CA.", + " the CRL(s) are appended to the certificate file", + "-crl_check_all check the peer certificate has not been revoked by its CA", + " or any other CRL in the CA chain. CRL(s) are appened to the", + " the certificate file.", + "-certform arg certificate format (PEM or DER) PEM default", + "-key arg private Key file to use, in cert file if", + " not specified (default is " TEST_CERT ")", + "-keyform arg key format (PEM, DER or ENGINE) PEM default", + "-pass arg private key file pass phrase source", + "-dcert arg second certificate file to use (usually for DSA)", + "-dcertform x second certificate format (PEM or DER) PEM default", + "-dkey arg second private key file to use (usually for DSA)", + "-dkeyform arg second key format (PEM, DER or ENGINE) PEM default", + "-dpass arg second private key file pass phrase source", + "-dhparam arg DH parameter file to use, in cert file if not specified", + " or a default set of parameters is used", +#ifndef OPENSSL_NO_ECDH + "-named_curve arg elliptic curve name to use for ephemeral ECDH keys", + " use \"openssl ecparam -list_curves\" for all names" \ + " (default is nistp256).", +#endif +#ifdef FIONBIO + "-nbio use non-blocking IO", +#endif + "-nbio_test test with the non-blocking test bio", + "-crlf convert LF from terminal into CRLF", + "-debug print more output", + "-msg show protocol messages", + "-state print the SSL states", + "-CApath arg PEM format directory of CA's", + "-CAfile arg PEM format file of CA's", + "-trusted_first use locally trusted CA's first when building trust chain", + "-nocert don't use any certificates (Anon-DH)", + "-cipher arg play with 'openssl ciphers' to see what goes here", + "-serverpref use server's cipher preferences", + "-quiet no server output", + "-no_tmp_rsa do not generate a tmp RSA key", +#ifndef OPENSSL_NO_PSK + "-psk_hint arg PSK identity hint to use", + "-psk arg PSK in hex (without 0x)", +# ifndef OPENSSL_NO_JPAKE + "-jpake arg JPAKE secret to use", +# endif +#endif +#ifndef OPENSSL_NO_SRP + "-srpvfile file the verifier file for SRP", + "-srpuserseed string a seed string for a default user salt", +#endif + "-ssl2 just talk SSLv2", + "-ssl3 just talk SSLv3", + "-tls1_2 just talk TLSv1.2", + "-tls1_1 just talk TLSv1.1", + "-tls1 just talk TLSv1", + "-dtls1 just talk DTLSv1", + "-dtls1_2 just talk DTLSv1.2", + "-timeout enable timeouts", + "-mtu set link layer MTU", + "-chain read a certificate chain", + "-no_ssl2 just disable SSLv2", + "-no_ssl3 just disable SSLv3", + "-no_tls1 just disable TLSv1", + "-no_tls1_1 just disable TLSv1.1", + "-no_tls1_2 just disable TLSv1.2", +#ifndef OPENSSL_NO_DH + "-no_dhe disable ephemeral DH", +#endif +#ifndef OPENSSL_NO_ECDH + "-no_ecdhe disable ephemeral ECDH", +#endif + "-no_resume_ephemeral disable caching and tickets if ephemeral (EC)DH is used", + "-bugs turn on SSL bug compatibility", + "-www respond to a 'GET /' with a status page", + "-WWW respond to a 'GET /<path> HTTP/1.0' with file ./<path>", + "-HTTP respond to a 'GET /<path> HTTP/1.0' with file ./<path>", + " with the assumption it contains a complete HTTP response", +#ifndef OPENSSL_NO_ENGINE + "-engine id initialise and use the specified engine", +#endif + "-id_prefix arg generate SSL/TLS session IDs prefixed by arg", + "-rand file... load the file(s) into the random number generator", +#ifndef OPENSSL_NO_TLSEXT + "-servername host servername for HostName TLS extension", + "-servername_fatal on mismatch send fatal alert (default warning alert)", + "-cert2 arg certificate file to use for servername", + " (default is ", TEST_CERT2 ")", + "-key2 arg private Key file to use for servername, in cert file if", + " not specified (default is " TEST_CERT2 ")", + "-tlsextdebug hex dump of all TLS extensions received", + "-no_ticket disable use of RFC4507bis session tickets", + "-legacy_renegotiation enable use of legacy renegotiation (dangerous)", +#ifndef OPENSSL_NO_NEXTPROTONEG + "-nextprotoneg arg set the advertised protocols for the NPN extension (comma-separated list)", +#endif + "-use_srtp profiles offer SRTP key management with a colon-separated profile list", + "-alpn arg set the advertised protocols for the ALPN extension (comma-separated list)", +#endif + "-keymatexport label export keying material using label", + "-keymatexportlen len export len bytes of keying material (default 20)", + NULL +}; + #ifndef OPENSSL_NO_PSK static char *psk_identity="Client_identity"; char *psk_key=NULL; /* by default PSK is not used */ @@ -376,7 +489,7 @@ typedef struct srpsrvparm_st (which would normally occur after a worker has finished) and we set the user parameters. */ -static int MS_CALLBACK ssl_srp_server_param_cb(SSL *s, int *ad, void *arg) +static int ssl_srp_server_param_cb(SSL *s, int *ad, void *arg) { srpsrvparm *p = (srpsrvparm *)arg; if (p->login == NULL && p->user == NULL ) @@ -406,7 +519,6 @@ static int MS_CALLBACK ssl_srp_server_param_cb(SSL *s, int *ad, void *arg) #endif -#ifdef MONOLITH static void s_server_init(void) { accept_socket=-1; @@ -439,130 +551,12 @@ static void s_server_init(void) engine_id=NULL; #endif } -#endif static void sv_usage(void) { BIO_printf(bio_err,"usage: s_server [args ...]\n"); BIO_printf(bio_err,"\n"); - BIO_printf(bio_err," -accept port - TCP/IP port to accept on (default is %d)\n",PORT); - BIO_printf(bio_err," -unix path - unix domain socket to accept on\n"); - BIO_printf(bio_err," -unlink - for -unix, unlink existing socket first\n"); - BIO_printf(bio_err," -context arg - set session ID context\n"); - BIO_printf(bio_err," -verify arg - turn on peer certificate verification\n"); - BIO_printf(bio_err," -Verify arg - turn on peer certificate verification, must have a cert.\n"); - BIO_printf(bio_err," -verify_return_error - return verification errors\n"); - BIO_printf(bio_err," -cert arg - certificate file to use\n"); - BIO_printf(bio_err," (default is %s)\n",TEST_CERT); - BIO_printf(bio_err," -naccept arg - terminate after 'arg' connections\n"); -#ifndef OPENSSL_NO_TLSEXT - BIO_printf(bio_err," -serverinfo arg - PEM serverinfo file for certificate\n"); -#endif - BIO_printf(bio_err," -no_resumption_on_reneg - set SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION flag\n"); - BIO_printf(bio_err," -crl_check - check the peer certificate has not been revoked by its CA.\n" \ - " The CRL(s) are appended to the certificate file\n"); - BIO_printf(bio_err," -crl_check_all - check the peer certificate has not been revoked by its CA\n" \ - " or any other CRL in the CA chain. CRL(s) are appened to the\n" \ - " the certificate file.\n"); - BIO_printf(bio_err," -certform arg - certificate format (PEM or DER) PEM default\n"); - BIO_printf(bio_err," -key arg - Private Key file to use, in cert file if\n"); - BIO_printf(bio_err," not specified (default is %s)\n",TEST_CERT); - BIO_printf(bio_err," -keyform arg - key format (PEM, DER or ENGINE) PEM default\n"); - BIO_printf(bio_err," -pass arg - private key file pass phrase source\n"); - BIO_printf(bio_err," -dcert arg - second certificate file to use (usually for DSA)\n"); - BIO_printf(bio_err," -dcertform x - second certificate format (PEM or DER) PEM default\n"); - BIO_printf(bio_err," -dkey arg - second private key file to use (usually for DSA)\n"); - BIO_printf(bio_err," -dkeyform arg - second key format (PEM, DER or ENGINE) PEM default\n"); - BIO_printf(bio_err," -dpass arg - second private key file pass phrase source\n"); - BIO_printf(bio_err," -dhparam arg - DH parameter file to use, in cert file if not specified\n"); - BIO_printf(bio_err," or a default set of parameters is used\n"); -#ifndef OPENSSL_NO_ECDH - BIO_printf(bio_err," -named_curve arg - Elliptic curve name to use for ephemeral ECDH keys.\n" \ - " Use \"openssl ecparam -list_curves\" for all names\n" \ - " (default is nistp256).\n"); -#endif -#ifdef FIONBIO - BIO_printf(bio_err," -nbio - Run with non-blocking IO\n"); -#endif - BIO_printf(bio_err," -nbio_test - test with the non-blocking test bio\n"); - BIO_printf(bio_err," -crlf - convert LF from terminal into CRLF\n"); - BIO_printf(bio_err," -debug - Print more output\n"); - BIO_printf(bio_err," -msg - Show protocol messages\n"); - BIO_printf(bio_err," -state - Print the SSL states\n"); - BIO_printf(bio_err," -CApath arg - PEM format directory of CA's\n"); - BIO_printf(bio_err," -CAfile arg - PEM format file of CA's\n"); - BIO_printf(bio_err," -trusted_first - Use locally trusted CA's first when building trust chain\n"); - BIO_printf(bio_err," -nocert - Don't use any certificates (Anon-DH)\n"); - BIO_printf(bio_err," -cipher arg - play with 'openssl ciphers' to see what goes here\n"); - BIO_printf(bio_err," -serverpref - Use server's cipher preferences\n"); - BIO_printf(bio_err," -quiet - No server output\n"); - BIO_printf(bio_err," -no_tmp_rsa - Do not generate a tmp RSA key\n"); -#ifndef OPENSSL_NO_PSK - BIO_printf(bio_err," -psk_hint arg - PSK identity hint to use\n"); - BIO_printf(bio_err," -psk arg - PSK in hex (without 0x)\n"); -# ifndef OPENSSL_NO_JPAKE - BIO_printf(bio_err," -jpake arg - JPAKE secret to use\n"); -# endif -#endif -#ifndef OPENSSL_NO_SRP - BIO_printf(bio_err," -srpvfile file - The verifier file for SRP\n"); - BIO_printf(bio_err," -srpuserseed string - A seed string for a default user salt.\n"); -#endif - BIO_printf(bio_err," -ssl2 - Just talk SSLv2\n"); - BIO_printf(bio_err," -ssl3 - Just talk SSLv3\n"); - BIO_printf(bio_err," -tls1_2 - Just talk TLSv1.2\n"); - BIO_printf(bio_err," -tls1_1 - Just talk TLSv1.1\n"); - BIO_printf(bio_err," -tls1 - Just talk TLSv1\n"); - BIO_printf(bio_err," -dtls1 - Just talk DTLSv1\n"); - BIO_printf(bio_err," -dtls1_2 - Just talk DTLSv1.2\n"); - BIO_printf(bio_err," -timeout - Enable timeouts\n"); - BIO_printf(bio_err," -mtu - Set link layer MTU\n"); - BIO_printf(bio_err," -chain - Read a certificate chain\n"); - BIO_printf(bio_err," -no_ssl2 - Just disable SSLv2\n"); - BIO_printf(bio_err," -no_ssl3 - Just disable SSLv3\n"); - BIO_printf(bio_err," -no_tls1 - Just disable TLSv1\n"); - BIO_printf(bio_err," -no_tls1_1 - Just disable TLSv1.1\n"); - BIO_printf(bio_err," -no_tls1_2 - Just disable TLSv1.2\n"); -#ifndef OPENSSL_NO_DH - BIO_printf(bio_err," -no_dhe - Disable ephemeral DH\n"); -#endif -#ifndef OPENSSL_NO_ECDH - BIO_printf(bio_err," -no_ecdhe - Disable ephemeral ECDH\n"); -#endif - BIO_printf(bio_err, "-no_resume_ephemeral - Disable caching and tickets if ephemeral (EC)DH is used\n"); - BIO_printf(bio_err," -bugs - Turn on SSL bug compatibility\n"); - BIO_printf(bio_err," -hack - workaround for early Netscape code\n"); - BIO_printf(bio_err," -www - Respond to a 'GET /' with a status page\n"); - BIO_printf(bio_err," -WWW - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n"); - BIO_printf(bio_err," -HTTP - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n"); - BIO_printf(bio_err," with the assumption it contains a complete HTTP response.\n"); -#ifndef OPENSSL_NO_ENGINE - BIO_printf(bio_err," -engine id - Initialise and use the specified engine\n"); -#endif - BIO_printf(bio_err," -id_prefix arg - Generate SSL/TLS session IDs prefixed by 'arg'\n"); - BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); -#ifndef OPENSSL_NO_TLSEXT - BIO_printf(bio_err," -servername host - servername for HostName TLS extension\n"); - BIO_printf(bio_err," -servername_fatal - on mismatch send fatal alert (default warning alert)\n"); - BIO_printf(bio_err," -cert2 arg - certificate file to use for servername\n"); - BIO_printf(bio_err," (default is %s)\n",TEST_CERT2); - BIO_printf(bio_err," -key2 arg - Private Key file to use for servername, in cert file if\n"); - BIO_printf(bio_err," not specified (default is %s)\n",TEST_CERT2); - BIO_printf(bio_err," -tlsextdebug - hex dump of all TLS extensions received\n"); - BIO_printf(bio_err," -no_ticket - disable use of RFC4507bis session tickets\n"); - BIO_printf(bio_err," -legacy_renegotiation - enable use of legacy renegotiation (dangerous)\n"); -# ifndef OPENSSL_NO_NEXTPROTONEG - BIO_printf(bio_err," -nextprotoneg arg - set the advertised protocols for the NPN extension (comma-separated list)\n"); -# endif - BIO_printf(bio_err," -use_srtp profiles - Offer SRTP key management with a colon-separated profile list\n"); - BIO_printf(bio_err," -alpn arg - set the advertised protocols for the ALPN extension (comma-separated list)\n"); -#endif - BIO_printf(bio_err," -keymatexport label - Export keying material using label\n"); - BIO_printf(bio_err," -keymatexportlen len - Export len bytes of keying material (default 20)\n"); - BIO_printf(bio_err," -status - respond to certificate status requests\n"); - BIO_printf(bio_err," -status_verbose - enable status request verbose printout\n"); - BIO_printf(bio_err," -status_timeout n - status request responder timeout\n"); - BIO_printf(bio_err," -status_url URL - status request fallback URL\n"); + printhelp(s_server_help); } static int local_argc=0; @@ -728,7 +722,7 @@ typedef struct tlsextctx_st { } tlsextctx; -static int MS_CALLBACK ssl_servername_cb(SSL *s, int *ad, void *arg) +static int ssl_servername_cb(SSL *s, int *ad, void *arg) { tlsextctx * p = (tlsextctx *) arg; const char * servername = SSL_get_servername(s, TLSEXT_NAMETYPE_host_name); @@ -963,8 +957,6 @@ static int not_resumable_sess_cb(SSL *s, int is_forward_secure) return is_forward_secure; } -int MAIN(int, char **); - #ifndef OPENSSL_NO_JPAKE static char *jpake_secret = NULL; #define no_jpake !jpake_secret @@ -972,11 +964,11 @@ static char *jpake_secret = NULL; #define no_jpake 1 #endif #ifndef OPENSSL_NO_SRP - static srpsrvparm srp_callback_parm; +static srpsrvparm srp_callback_parm; #endif static char *srtp_profiles = NULL; -int MAIN(int argc, char *argv[]) +int s_server_main(int argc, char *argv[]) { X509_VERIFY_PARAM *vpm = NULL; int badarg = 0; @@ -1043,16 +1035,7 @@ int MAIN(int argc, char *argv[]) local_argc=argc; local_argv=argv; - apps_startup(); -#ifdef MONOLITH s_server_init(); -#endif - - if (bio_err == NULL) - bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); - - if (!load_config(bio_err, NULL)) - goto end; cctx = SSL_CONF_CTX_new(); if (!cctx) @@ -2174,8 +2157,7 @@ end: BIO_free(bio_s_msg); bio_s_msg = NULL; } - apps_shutdown(); - OPENSSL_EXIT(ret); + return(ret); } static void print_stats(BIO *bio, SSL_CTX *ssl_ctx) @@ -3409,7 +3391,7 @@ err: } #ifndef OPENSSL_NO_RSA -static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength) +static RSA *tmp_rsa_cb(SSL *s, int is_export, int keylength) { BIGNUM *bn = NULL; static RSA *rsa_tmp=NULL; diff --git a/apps/s_socket.c b/apps/s_socket.c index e83baf4e70..180c7fe2b8 100644 --- a/apps/s_socket.c +++ b/apps/s_socket.c @@ -72,10 +72,8 @@ typedef unsigned int u_int; #endif #define USE_SOCKETS -#define NON_MAIN #include "apps.h" #undef USE_SOCKETS -#undef NON_MAIN #include "s_apps.h" #include <openssl/ssl.h> diff --git a/apps/s_time.c b/apps/s_time.c index b823c33c58..6402187759 100644 --- a/apps/s_time.c +++ b/apps/s_time.c @@ -85,8 +85,6 @@ #include OPENSSL_UNISTD #endif -#undef PROG -#define PROG s_time_main #undef ioctl #define ioctl ioctlsocket @@ -107,6 +105,7 @@ #undef SECONDS #define SECONDS 30 +#define SECONDSSTR "30" extern int verify_depth; extern int verify_error; @@ -166,34 +165,33 @@ static void s_time_init(void) #endif } -/*********************************************************************** - * usage - display usage message - */ -static void s_time_usage(void) -{ - static char umsg[] = "\ --time arg - max number of seconds to collect data, default %d\n\ --verify arg - turn on peer certificate verification, arg == depth\n\ --cert arg - certificate file to use, PEM format assumed\n\ --key arg - RSA file to use, PEM format assumed, key is in cert file\n\ - file if not specified by this option\n\ --CApath arg - PEM format directory of CA's\n\ --CAfile arg - PEM format file of CA's\n\ --cipher - preferred cipher to use, play with 'openssl ciphers'\n\n"; - - printf( "usage: s_time <args>\n\n" ); - - printf("-connect host:port - host:port to connect to (default is %s)\n",SSL_CONNECT_NAME); +const char* s_time_help[] = { + "-time arg max number of seconds to collect data, default" SECONDSSTR, + "-verify arg turn on peer certificate verification, arg == depth", + "-cert arg certificate file to use, PEM format assumed", + "-key arg RSA file to use, PEM format assumed, key is in cert file", + " file if not specified by this option", + "-CApath arg PEM format directory of CA's", + "-CAfile arg PEM format file of CA's", + "-cipher preferred cipher to use, play with 'openssl ciphers'", + + "-connect host:port where to connect to (default is "SSL_CONNECT_NAME ")", + "-ssl2 just use SSLv2", + "-ssl3 just use SSLv3", + "-bugs turn on SSL bug compatibility", + "-new just time new connections", + "-reuse just time connection reuse", + "-www page retrieve 'page' from the site", #ifdef FIONBIO - printf("-nbio - Run with non-blocking IO\n"); - printf("-ssl2 - Just use SSLv2\n"); - printf("-ssl3 - Just use SSLv3\n"); - printf("-bugs - Turn on SSL bug compatibility\n"); - printf("-new - Just time new connections\n"); - printf("-reuse - Just time connection reuse\n"); - printf("-www page - Retrieve 'page' from the site\n"); + "-nbio use non-blocking IO", #endif - printf( umsg,SECONDS ); + NULL +}; + +static void s_time_usage(void) +{ + BIO_printf(bio_err,"usage: s_time <args>\n\n" ); + printhelp(s_time_help); } /*********************************************************************** @@ -217,18 +215,6 @@ static int parseArgs(int argc, char **argv) if (--argc < 1) goto bad; host= *(++argv); } -#if 0 - else if( strcmp(*argv,"-host") == 0) - { - if (--argc < 1) goto bad; - host= *(++argv); - } - else if( strcmp(*argv,"-port") == 0) - { - if (--argc < 1) goto bad; - port= *(++argv); - } -#endif else if (strcmp(*argv,"-reuse") == 0) perform=2; else if (strcmp(*argv,"-new") == 0) @@ -327,13 +313,7 @@ static double tm_Time_F(int s) return app_tminterval(s,1); } -/*********************************************************************** - * MAIN - main processing area for client - * real name depends on MONOLITH - */ -int MAIN(int, char **); - -int MAIN(int argc, char **argv) +int s_time_main(int argc, char **argv) { double totalTime = 0.0; int nConn = 0; @@ -343,12 +323,8 @@ int MAIN(int argc, char **argv) MS_STATIC char buf[1024*8]; int ver; - apps_startup(); s_time_init(); - if (bio_err == NULL) - bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); - #if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3) s_time_meth=SSLv23_client_method(); #elif !defined(OPENSSL_NO_SSL3) @@ -552,8 +528,7 @@ end: SSL_CTX_free(tm_ctx); tm_ctx=NULL; } - apps_shutdown(); - OPENSSL_EXIT(ret); + return(ret); } /*********************************************************************** diff --git a/apps/sess_id.c b/apps/sess_id.c index a31d22754c..9e4eeeef54 100644 --- a/apps/sess_id.c +++ b/apps/sess_id.c @@ -66,28 +66,21 @@ #include <openssl/pem.h> #include <openssl/ssl.h> -#undef PROG -#define PROG sess_id_main - -static const char *sess_id_usage[]={ -"usage: sess_id args\n", -"\n", -" -inform arg - input format - default PEM (DER or PEM)\n", -" -outform arg - output format - default PEM (PEM, DER or NSS)\n", -" -in arg - input file - default stdin\n", -" -out arg - output file - default stdout\n", -" -text - print ssl session id details\n", -" -cert - output certificate \n", -" -noout - no output of encoded session info\n", -" -context arg - set the session ID context\n", -NULL +const char *sess_id_help[]={ + "-inform arg input format - default PEM (DER or PEM)", + "-outform arg output format - default PEM (PEM, DER or NSS)", + "-in arg input file - default stdin", + "-out arg output file - default stdout", + "-text print ssl session id details", + "-cert output certificate ", + "-noout no output of encoded session info", + "-context arg set the session ID context", + NULL }; static SSL_SESSION *load_sess_id(char *file, int format); -int MAIN(int, char **); - -int MAIN(int argc, char **argv) +int sess_id_main(int argc, char **argv) { SSL_SESSION *x=NULL; X509 *peer = NULL; @@ -96,13 +89,6 @@ int MAIN(int argc, char **argv) int informat,outformat; char *infile=NULL,*outfile=NULL,*context=NULL; int cert=0,noout=0,text=0; - const char **pp; - - apps_startup(); - - if (bio_err == NULL) - if ((bio_err=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); informat=FORMAT_PEM; outformat=FORMAT_PEM; @@ -156,12 +142,11 @@ int MAIN(int argc, char **argv) if (badops) { bad: - for (pp=sess_id_usage; (*pp != NULL); pp++) - BIO_printf(bio_err,"%s",*pp); + BIO_printf(bio_err, "usage: sess_id args\n"); + printhelp(sess_id_help); goto end; } - ERR_load_crypto_strings(); x=load_sess_id(infile,informat); if (x == NULL) { goto end; } peer = SSL_SESSION_get0_peer(x); @@ -200,31 +185,16 @@ bad: if (!noout || text) { - out=BIO_new(BIO_s_file()); + if (outfile == NULL) + out = BIO_dup_chain(bio_out); + else + /* XXX rsalz see switch below; WB() wrong */ + out = BIO_new_file(outfile, WB(outformat)); if (out == NULL) { ERR_print_errors(bio_err); goto end; } - - if (outfile == NULL) - { - BIO_set_fp(out,stdout,BIO_NOCLOSE); -#ifdef OPENSSL_SYS_VMS - { - BIO *tmpbio = BIO_new(BIO_f_linebuffer()); - out = BIO_push(tmpbio, out); - } -#endif - } - else - { - if (BIO_write_filename(out,outfile) <= 0) - { - perror(outfile); - goto end; - } - } } if (text) @@ -276,40 +246,22 @@ bad: end: if (out != NULL) BIO_free_all(out); if (x != NULL) SSL_SESSION_free(x); - apps_shutdown(); - OPENSSL_EXIT(ret); + return(ret); } static SSL_SESSION *load_sess_id(char *infile, int format) { SSL_SESSION *x=NULL; - BIO *in=NULL; - - in=BIO_new(BIO_s_file()); - if (in == NULL) - { - ERR_print_errors(bio_err); - goto end; - } + BIO *in; if (infile == NULL) - BIO_set_fp(in,stdin,BIO_NOCLOSE); + in = BIO_new_fp(stdin,BIO_NOCLOSE); else - { - if (BIO_read_filename(in,infile) <= 0) - { - perror(infile); - goto end; - } - } + in = BIO_new_file(infile, RB(format)); if (format == FORMAT_ASN1) x=d2i_SSL_SESSION_bio(in,NULL); - else if (format == FORMAT_PEM) + else x=PEM_read_bio_SSL_SESSION(in,NULL,NULL,NULL); - else { - BIO_printf(bio_err,"bad input format specified for input crl\n"); - goto end; - } if (x == NULL) { BIO_printf(bio_err,"unable to load SSL_SESSION\n"); diff --git a/apps/smime.c b/apps/smime.c index 94c2884fed..16ce27c3de 100644 --- a/apps/smime.c +++ b/apps/smime.c @@ -67,8 +67,6 @@ #include <openssl/x509_vfy.h> #include <openssl/x509v3.h> -#undef PROG -#define PROG smime_main static int save_certs(char *signerfile, STACK_OF(X509) *signers); static int smime_cb(int ok, X509_STORE_CTX *ctx); @@ -82,9 +80,68 @@ static int smime_cb(int ok, X509_STORE_CTX *ctx); #define SMIME_PK7OUT (5 | SMIME_IP | SMIME_OP) #define SMIME_RESIGN (6 | SMIME_IP | SMIME_OP | SMIME_SIGNERS) -int MAIN(int, char **); +const char* smime_help[] = { + "-encrypt encrypt message", + "-decrypt decrypt encrypted message", + "-sign sign message", + "-verify verify signed message", + "-pk7out output PKCS#7 structure", +#ifndef OPENSSL_NO_DES + "-des3 encrypt with triple DES", + "-des encrypt with DES", +#endif +#ifndef OPENSSL_NO_SEED + "-seed encrypt with SEED", +#endif +#ifndef OPENSSL_NO_RC2 + "-rc2-40 encrypt with RC2-40 (default)", + "-rc2-64 encrypt with RC2-64", + "-rc2-128 encrypt with RC2-128", +#endif +#ifndef OPENSSL_NO_AES + "-aes128, -aes192, -aes256", + " encrypt PEM output with cbc aes", +#endif +#ifndef OPENSSL_NO_CAMELLIA + "-camellia128, -camellia192, -camellia256", + " encrypt PEM output with cbc camellia", +#endif + "-nointern don't search certificates in message for signer", + "-nosigs don't verify message signature", + "-noverify don't verify signers certificate", + "-nocerts don't include signers certificate when signing", + "-nodetach use opaque signing", + "-noattr don't include any signed attributes", + "-binary don't translate message to text", + "-certfile file other certificates file", + "-signer file signer certificate file", + "-recip file recipient certificate file for decryption", + "-in file input file", + "-inform arg input format SMIME (default), PEM or DER", + "-inkey file input private key (if not signer or recipient)", + "-keyform arg input private key format (PEM or ENGINE)", + "-out file output file", + "-outform arg output format SMIME (default), PEM or DER", + "-content file supply or override content for detached signature", + "-to addr to address", + "-from addr from address", + "-subject s subject", + "-text include or delete text MIME headers", + "-CApath dir trusted certificates directory", + "-CAfile file trusted certificates file", + "-trusted_first use locally trusted CA's first when building trust chain", + "-crl_check check revocation status of signer's certificate using CRLs", + "-crl_check_all check revocation status of signer's certificate chain using CRLs", +#ifndef OPENSSL_NO_ENGINE + "-engine e use engine e, possibly a hardware device.", +#endif + "-passin arg input file pass phrase source", + "-rand file... load the file(s) into the random number generator", + "cert.pem recipient certificate(s) for encryption", + NULL, +}; -int MAIN(int argc, char **argv) +int smime_main(int argc, char **argv) { ENGINE *e = NULL; int operation = 0; @@ -116,23 +173,11 @@ int MAIN(int argc, char **argv) #ifndef OPENSSL_NO_ENGINE char *engine=NULL; #endif - X509_VERIFY_PARAM *vpm = NULL; args = argv + 1; ret = 1; - apps_startup(); - - if (bio_err == NULL) - { - if ((bio_err = BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err, stderr, BIO_NOCLOSE|BIO_FP_TEXT); - } - - if (!load_config(bio_err, NULL)) - goto end; - while (!badarg && *args && *args[0] == '-') { if (!strcmp (*args, "-encrypt")) @@ -431,65 +476,7 @@ int MAIN(int argc, char **argv) argerr: BIO_printf (bio_err, "Usage smime [options] cert.pem ...\n"); BIO_printf (bio_err, "where options are\n"); - BIO_printf (bio_err, "-encrypt encrypt message\n"); - BIO_printf (bio_err, "-decrypt decrypt encrypted message\n"); - BIO_printf (bio_err, "-sign sign message\n"); - BIO_printf (bio_err, "-verify verify signed message\n"); - BIO_printf (bio_err, "-pk7out output PKCS#7 structure\n"); -#ifndef OPENSSL_NO_DES - BIO_printf (bio_err, "-des3 encrypt with triple DES\n"); - BIO_printf (bio_err, "-des encrypt with DES\n"); -#endif -#ifndef OPENSSL_NO_SEED - BIO_printf (bio_err, "-seed encrypt with SEED\n"); -#endif -#ifndef OPENSSL_NO_RC2 - BIO_printf (bio_err, "-rc2-40 encrypt with RC2-40 (default)\n"); - BIO_printf (bio_err, "-rc2-64 encrypt with RC2-64\n"); - BIO_printf (bio_err, "-rc2-128 encrypt with RC2-128\n"); -#endif -#ifndef OPENSSL_NO_AES - BIO_printf (bio_err, "-aes128, -aes192, -aes256\n"); - BIO_printf (bio_err, " encrypt PEM output with cbc aes\n"); -#endif -#ifndef OPENSSL_NO_CAMELLIA - BIO_printf (bio_err, "-camellia128, -camellia192, -camellia256\n"); - BIO_printf (bio_err, " encrypt PEM output with cbc camellia\n"); -#endif - BIO_printf (bio_err, "-nointern don't search certificates in message for signer\n"); - BIO_printf (bio_err, "-nosigs don't verify message signature\n"); - BIO_printf (bio_err, "-noverify don't verify signers certificate\n"); - BIO_printf (bio_err, "-nocerts don't include signers certificate when signing\n"); - BIO_printf (bio_err, "-nodetach use opaque signing\n"); - BIO_printf (bio_err, "-noattr don't include any signed attributes\n"); - BIO_printf (bio_err, "-binary don't translate message to text\n"); - BIO_printf (bio_err, "-certfile file other certificates file\n"); - BIO_printf (bio_err, "-signer file signer certificate file\n"); - BIO_printf (bio_err, "-recip file recipient certificate file for decryption\n"); - BIO_printf (bio_err, "-in file input file\n"); - BIO_printf (bio_err, "-inform arg input format SMIME (default), PEM or DER\n"); - BIO_printf (bio_err, "-inkey file input private key (if not signer or recipient)\n"); - BIO_printf (bio_err, "-keyform arg input private key format (PEM or ENGINE)\n"); - BIO_printf (bio_err, "-out file output file\n"); - BIO_printf (bio_err, "-outform arg output format SMIME (default), PEM or DER\n"); - BIO_printf (bio_err, "-content file supply or override content for detached signature\n"); - BIO_printf (bio_err, "-to addr to address\n"); - BIO_printf (bio_err, "-from ad from address\n"); - BIO_printf (bio_err, "-subject s subject\n"); - BIO_printf (bio_err, "-text include or delete text MIME headers\n"); - BIO_printf (bio_err, "-CApath dir trusted certificates directory\n"); - BIO_printf (bio_err, "-CAfile file trusted certificates file\n"); - BIO_printf (bio_err, "-trusted_first use locally trusted CA's first when building trust chain\n"); - BIO_printf (bio_err, "-crl_check check revocation status of signer's certificate using CRLs\n"); - BIO_printf (bio_err, "-crl_check_all check revocation status of signer's certificate chain using CRLs\n"); -#ifndef OPENSSL_NO_ENGINE - BIO_printf (bio_err, "-engine e use engine e, possibly a hardware device.\n"); -#endif - BIO_printf (bio_err, "-passin arg input file pass phrase source\n"); - BIO_printf(bio_err, "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); - BIO_printf(bio_err, " load the file (or the files in the directory) into\n"); - BIO_printf(bio_err, " the random number generator\n"); - BIO_printf (bio_err, "cert.pem recipient certificate(s) for encryption\n"); + printhelp(smime_help); goto end; } diff --git a/apps/speed.c b/apps/speed.c index ac320eadee..e7df080f1b 100644 --- a/apps/speed.c +++ b/apps/speed.c @@ -84,9 +84,6 @@ /* 11-Sep-92 Andrew Daviel Support for Silicon Graphics IRIX added */ /* 06-Apr-92 Luke Brennan Support for VMS and add extra signal calls */ -#undef PROG -#define PROG speed_main - #include <stdio.h> #include <stdlib.h> @@ -235,6 +232,132 @@ static int do_multi(int multi); #define EC_NUM 16 #define MAX_ECDH_SIZE 256 +const char* speed_help[] = { +#if defined(TIMES) || defined(USE_TOD) + "-elapsed measure time in real time instead of CPU user time", +#endif +#ifndef OPENSSL_NO_ENGINE + "-engine e use engine e, possibly a hardware device", +#endif + "-evp e use EVP e", + "-decrypt time decryption instead of encryption (only EVP)", + "-mr produce machine readable output", +#ifndef NO_FORK + "-multi n run n benchmarks in parallel.", +#endif +#ifndef OPENSSL_NO_MD2 + "md2 " +#endif +#ifndef OPENSSL_NO_MDC2 + "mdc2 " +#endif +#ifndef OPENSSL_NO_MD4 + "md4 " +#endif +#ifndef OPENSSL_NO_MD5 + "md5 " +#ifndef OPENSSL_NO_HMAC + "hmac " +#endif +#endif +#ifndef OPENSSL_NO_SHA1 + "sha1 " +#endif +#ifndef OPENSSL_NO_SHA256 + "sha256 " +#endif +#ifndef OPENSSL_NO_SHA512 + "sha512 " +#endif +#ifndef OPENSSL_NO_WHIRLPOOL + "whirlpool " +#endif +#ifndef OPENSSL_NO_RIPEMD160 + "rmd160" +#endif + , + +#ifndef OPENSSL_NO_IDEA + "idea-cbc " +#endif +#ifndef OPENSSL_NO_SEED + "seed-cbc " +#endif +#ifndef OPENSSL_NO_RC2 + "rc2-cbc " +#endif +#ifndef OPENSSL_NO_RC5 + "rc5-cbc " +#endif +#ifndef OPENSSL_NO_BF + "bf-cbc" +#endif + , + +#ifndef OPENSSL_NO_DES + "des-cbc des-ede3 ", +#endif +#ifndef OPENSSL_NO_AES + "aes-128-cbc aes-192-cbc aes-256-cbc ", + "aes-128-ige aes-192-ige aes-256-ige ", +#endif +#ifndef OPENSSL_NO_CAMELLIA + "camellia-128-cbc camellia-192-cbc camellia-256-cbc ", +#endif +#ifndef OPENSSL_NO_RC4 + "rc4", +#endif + +#ifndef OPENSSL_NO_RSA + "rsa512 rsa1024 rsa2048 rsa3072 rsa4096", + "rsa7680 rsa15360", +#endif + +#ifndef OPENSSL_NO_DSA + "dsa512 dsa1024 dsa2048", +#endif +#ifndef OPENSSL_NO_ECDSA + "ecdsap160 ecdsap192 ecdsap224 ecdsap256 ecdsap384 ecdsap521", + "ecdsak163 ecdsak233 ecdsak283 ecdsak409 ecdsak571", + "ecdsab163 ecdsab233 ecdsab283 ecdsab409 ecdsab571", + "ecdsa", +#endif +#ifndef OPENSSL_NO_ECDH + "ecdhp160 ecdhp192 ecdhp224 ecdhp256 ecdhp384 ecdhp521", + "ecdhk163 ecdhk233 ecdhk283 ecdhk409 ecdhk571", + "ecdhb163 ecdhb233 ecdhb283 ecdhb409 ecdhb571", + "ecdh\n" +#endif + +#ifndef OPENSSL_NO_IDEA + "idea " +#endif +#ifndef OPENSSL_NO_SEED + "seed " +#endif +#ifndef OPENSSL_NO_RC2 + "rc2 " +#endif +#ifndef OPENSSL_NO_DES + "des " +#endif +#ifndef OPENSSL_NO_AES + "aes " +#endif +#ifndef OPENSSL_NO_CAMELLIA + "camellia " +#endif +#ifndef OPENSSL_NO_RSA + "rsa " +#endif +#ifndef OPENSSL_NO_BF + "blowfish " +#endif + , + "prime-trial-division prime-coprime", + NULL +}; + static const char *names[ALGOR_NUM]={ "md2","mdc2","md4","md5","hmac(md5)","sha1","rmd160","rc4", "des cbc","des ede3","idea cbc","seed cbc", @@ -359,9 +482,7 @@ static void *KDF1_SHA1(const void *in, size_t inlen, void *out, size_t *outlen) static void multiblock_speed(const EVP_CIPHER *evp_cipher); -int MAIN(int, char **); - -int MAIN(int argc, char **argv) +int speed_main(int argc, char **argv) { unsigned char *buf=NULL,*buf2=NULL; int mret=1; @@ -505,7 +626,7 @@ int MAIN(int argc, char **argv) #define D_PRIME_TRIAL_DIVISION 0 #define D_PRIME_TRIAL_DIVISION_RETRY 1 #define D_PRIME_COPRIME 2 - long prime_c[PRIME_NUM]; + long prime_c[PRIME_NUM] = {0, 0, 0}; #define R_DSA_512 0 #define R_DSA_1024 1 @@ -648,7 +769,7 @@ int MAIN(int argc, char **argv) usertime=-1; #endif - apps_startup(); + for (i=0; i<PRIME_NUM; i++) prime_c[i] = 0; memset(results, 0, sizeof(results)); #ifndef OPENSSL_NO_DSA memset(dsa_key,0,sizeof(dsa_key)); @@ -664,14 +785,6 @@ int MAIN(int argc, char **argv) } #endif - - if (bio_err == NULL) - if ((bio_err=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); - - if (!load_config(bio_err, NULL)) - goto end; - #ifndef OPENSSL_NO_RSA memset(rsa_key,0,sizeof(rsa_key)); for (i=0; i<RSA_NUM; i++) @@ -1046,147 +1159,7 @@ int MAIN(int argc, char **argv) else { BIO_printf(bio_err,"Error: bad option or value\n"); - BIO_printf(bio_err,"\n"); - BIO_printf(bio_err,"Available values:\n"); -#ifndef OPENSSL_NO_MD2 - BIO_printf(bio_err,"md2 "); -#endif -#ifndef OPENSSL_NO_MDC2 - BIO_printf(bio_err,"mdc2 "); -#endif -#ifndef OPENSSL_NO_MD4 - BIO_printf(bio_err,"md4 "); -#endif -#ifndef OPENSSL_NO_MD5 - BIO_printf(bio_err,"md5 "); -#ifndef OPENSSL_NO_HMAC - BIO_printf(bio_err,"hmac "); -#endif -#endif -#ifndef OPENSSL_NO_SHA1 - BIO_printf(bio_err,"sha1 "); -#endif -#ifndef OPENSSL_NO_SHA256 - BIO_printf(bio_err,"sha256 "); -#endif -#ifndef OPENSSL_NO_SHA512 - BIO_printf(bio_err,"sha512 "); -#endif -#ifndef OPENSSL_NO_WHIRLPOOL - BIO_printf(bio_err,"whirlpool"); -#endif -#ifndef OPENSSL_NO_RIPEMD160 - BIO_printf(bio_err,"rmd160"); -#endif -#if !defined(OPENSSL_NO_MD2) || !defined(OPENSSL_NO_MDC2) || \ - !defined(OPENSSL_NO_MD4) || !defined(OPENSSL_NO_MD5) || \ - !defined(OPENSSL_NO_SHA1) || !defined(OPENSSL_NO_RIPEMD160) || \ - !defined(OPENSSL_NO_WHIRLPOOL) - BIO_printf(bio_err,"\n"); -#endif - -#ifndef OPENSSL_NO_IDEA - BIO_printf(bio_err,"idea-cbc "); -#endif -#ifndef OPENSSL_NO_SEED - BIO_printf(bio_err,"seed-cbc "); -#endif -#ifndef OPENSSL_NO_RC2 - BIO_printf(bio_err,"rc2-cbc "); -#endif -#ifndef OPENSSL_NO_RC5 - BIO_printf(bio_err,"rc5-cbc "); -#endif -#ifndef OPENSSL_NO_BF - BIO_printf(bio_err,"bf-cbc"); -#endif -#if !defined(OPENSSL_NO_IDEA) || !defined(OPENSSL_NO_SEED) || !defined(OPENSSL_NO_RC2) || \ - !defined(OPENSSL_NO_BF) || !defined(OPENSSL_NO_RC5) - BIO_printf(bio_err,"\n"); -#endif -#ifndef OPENSSL_NO_DES - BIO_printf(bio_err,"des-cbc des-ede3 "); -#endif -#ifndef OPENSSL_NO_AES - BIO_printf(bio_err,"aes-128-cbc aes-192-cbc aes-256-cbc "); - BIO_printf(bio_err,"aes-128-ige aes-192-ige aes-256-ige "); -#endif -#ifndef OPENSSL_NO_CAMELLIA - BIO_printf(bio_err,"\n"); - BIO_printf(bio_err,"camellia-128-cbc camellia-192-cbc camellia-256-cbc "); -#endif -#ifndef OPENSSL_NO_RC4 - BIO_printf(bio_err,"rc4"); -#endif - BIO_printf(bio_err,"\n"); - -#ifndef OPENSSL_NO_RSA - BIO_printf(bio_err,"rsa512 rsa1024 rsa2048 rsa3072 rsa4096\n"); - BIO_printf(bio_err,"rsa7680 rsa15360\n"); -#endif - -#ifndef OPENSSL_NO_DSA - BIO_printf(bio_err,"dsa512 dsa1024 dsa2048\n"); -#endif -#ifndef OPENSSL_NO_ECDSA - BIO_printf(bio_err,"ecdsap160 ecdsap192 ecdsap224 ecdsap256 ecdsap384 ecdsap521\n"); - BIO_printf(bio_err,"ecdsak163 ecdsak233 ecdsak283 ecdsak409 ecdsak571\n"); - BIO_printf(bio_err,"ecdsab163 ecdsab233 ecdsab283 ecdsab409 ecdsab571\n"); - BIO_printf(bio_err,"ecdsa\n"); -#endif -#ifndef OPENSSL_NO_ECDH - BIO_printf(bio_err,"ecdhp160 ecdhp192 ecdhp224 ecdhp256 ecdhp384 ecdhp521\n"); - BIO_printf(bio_err,"ecdhk163 ecdhk233 ecdhk283 ecdhk409 ecdhk571\n"); - BIO_printf(bio_err,"ecdhb163 ecdhb233 ecdhb283 ecdhb409 ecdhb571\n"); - BIO_printf(bio_err,"ecdh\n"); -#endif - -#ifndef OPENSSL_NO_IDEA - BIO_printf(bio_err,"idea "); -#endif -#ifndef OPENSSL_NO_SEED - BIO_printf(bio_err,"seed "); -#endif -#ifndef OPENSSL_NO_RC2 - BIO_printf(bio_err,"rc2 "); -#endif -#ifndef OPENSSL_NO_DES - BIO_printf(bio_err,"des "); -#endif -#ifndef OPENSSL_NO_AES - BIO_printf(bio_err,"aes "); -#endif -#ifndef OPENSSL_NO_CAMELLIA - BIO_printf(bio_err,"camellia "); -#endif -#ifndef OPENSSL_NO_RSA - BIO_printf(bio_err,"rsa "); -#endif -#ifndef OPENSSL_NO_BF - BIO_printf(bio_err,"blowfish"); -#endif -#if !defined(OPENSSL_NO_IDEA) || !defined(OPENSSL_NO_SEED) || \ - !defined(OPENSSL_NO_RC2) || !defined(OPENSSL_NO_DES) || \ - !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_BF) || \ - !defined(OPENSSL_NO_AES) || !defined(OPENSSL_NO_CAMELLIA) - BIO_printf(bio_err,"\n"); -#endif - BIO_printf(bio_err,"prime-trial-division prime-coprime\n"); - - BIO_printf(bio_err,"\n"); - BIO_printf(bio_err,"Available options:\n"); -#if defined(TIMES) || defined(USE_TOD) - BIO_printf(bio_err,"-elapsed measure time in real time instead of CPU user time.\n"); -#endif -#ifndef OPENSSL_NO_ENGINE - BIO_printf(bio_err,"-engine e use engine e, possibly a hardware device.\n"); -#endif - BIO_printf(bio_err,"-evp e use EVP e.\n"); - BIO_printf(bio_err,"-decrypt time decryption instead of encryption (only EVP).\n"); - BIO_printf(bio_err,"-mr produce machine readable output.\n"); -#ifndef NO_FORK - BIO_printf(bio_err,"-multi n run n benchmarks in parallel.\n"); -#endif + printhelp(speed_help); goto end; } argc--; @@ -2518,8 +2491,8 @@ show_res: #endif if(!mr) { - fprintf(stdout,"%s\n",SSLeay_version(SSLEAY_VERSION)); - fprintf(stdout,"%s\n",SSLeay_version(SSLEAY_BUILT_ON)); + printf("%s\n",SSLeay_version(SSLEAY_VERSION)); + printf("%s\n",SSLeay_version(SSLEAY_BUILT_ON)); printf("options:"); printf("%s ",BN_options()); #ifndef OPENSSL_NO_MD2 @@ -2540,38 +2513,38 @@ show_res: #ifndef OPENSSL_NO_BF printf("%s ",BF_options()); #endif - fprintf(stdout,"\n%s\n",SSLeay_version(SSLEAY_CFLAGS)); + printf("\n%s\n",SSLeay_version(SSLEAY_CFLAGS)); } if (pr_header) { if(mr) - fprintf(stdout,"+H"); + printf("+H"); else { - fprintf(stdout,"The 'numbers' are in 1000s of bytes per second processed.\n"); - fprintf(stdout,"type "); + printf("The 'numbers' are in 1000s of bytes per second processed.\n"); + printf("type "); } for (j=0; j<SIZE_NUM; j++) - fprintf(stdout,mr ? ":%d" : "%7d bytes",lengths[j]); - fprintf(stdout,"\n"); + printf(mr ? ":%d" : "%7d bytes",lengths[j]); + printf("\n"); } for (k=0; k<ALGOR_NUM; k++) { if (!doit[k]) continue; if(mr) - fprintf(stdout,"+F:%d:%s",k,names[k]); + printf("+F:%d:%s",k,names[k]); else - fprintf(stdout,"%-13s",names[k]); + printf("%-13s",names[k]); for (j=0; j<SIZE_NUM; j++) { if (results[k][j] > 10000 && !mr) - fprintf(stdout," %11.2fk",results[k][j]/1e3); + printf(" %11.2fk",results[k][j]/1e3); else - fprintf(stdout,mr ? ":%.2f" : " %11.2f ",results[k][j]); + printf(mr ? ":%.2f" : " %11.2f ",results[k][j]); } - fprintf(stdout,"\n"); + printf("\n"); } #ifndef OPENSSL_NO_RSA j=1; @@ -2584,11 +2557,11 @@ show_res: j=0; } if(mr) - fprintf(stdout,"+F2:%u:%u:%f:%f\n", + printf("+F2:%u:%u:%f:%f\n", k,rsa_bits[k],rsa_results[k][0], rsa_results[k][1]); else - fprintf(stdout,"rsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n", + printf("rsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n", rsa_bits[k],rsa_results[k][0],rsa_results[k][1], 1.0/rsa_results[k][0],1.0/rsa_results[k][1]); } @@ -2604,10 +2577,10 @@ show_res: j=0; } if(mr) - fprintf(stdout,"+F3:%u:%u:%f:%f\n", + printf("+F3:%u:%u:%f:%f\n", k,dsa_bits[k],dsa_results[k][0],dsa_results[k][1]); else - fprintf(stdout,"dsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n", + printf("dsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n", dsa_bits[k],dsa_results[k][0],dsa_results[k][1], 1.0/dsa_results[k][0],1.0/dsa_results[k][1]); } @@ -2624,12 +2597,11 @@ show_res: } if (mr) - fprintf(stdout,"+F4:%u:%u:%f:%f\n", + printf("+F4:%u:%u:%f:%f\n", k, test_curves_bits[k], ecdsa_results[k][0],ecdsa_results[k][1]); else - fprintf(stdout, - "%4u bit ecdsa (%s) %8.4fs %8.4fs %8.1f %8.1f\n", + printf("%4u bit ecdsa (%s) %8.4fs %8.4fs %8.1f %8.1f\n", test_curves_bits[k], test_curves_names[k], ecdsa_results[k][0],ecdsa_results[k][1], @@ -2649,12 +2621,12 @@ show_res: j=0; } if (mr) - fprintf(stdout,"+F5:%u:%u:%f:%f\n", + printf("+F5:%u:%u:%f:%f\n", k, test_curves_bits[k], ecdh_results[k][0], 1.0/ecdh_results[k][0]); else - fprintf(stdout,"%4u bit ecdh (%s) %8.4fs %8.1f\n", + printf("%4u bit ecdh (%s) %8.4fs %8.1f\n", test_curves_bits[k], test_curves_names[k], ecdh_results[k][0], 1.0/ecdh_results[k][0]); @@ -2693,8 +2665,7 @@ end: } #endif - apps_shutdown(); - OPENSSL_EXIT(mret); + return(mret); } static void print_message(const char *s, long num, int length) diff --git a/apps/spkac.c b/apps/spkac.c index 0e01ea9947..6e83918d5b 100644 --- a/apps/spkac.c +++ b/apps/spkac.c @@ -70,16 +70,24 @@ #include <openssl/x509.h> #include <openssl/pem.h> -#undef PROG -#define PROG spkac_main -/* -in arg - input file - default stdin - * -out arg - output file - default stdout - */ - -int MAIN(int, char **); +const char* spkac_help[] = { + " -in arg input file", + " -out arg output file", + " -key arg create SPKAC using private key", + " -passin arg input file pass phrase source", + " -challenge arg challenge string", + " -spkac arg alternative SPKAC name", + " -noout don't print SPKAC", + " -pubkey output public key", + " -verify verify SPKAC signature", +#ifndef OPENSSL_NO_ENGINE + " -engine e use engine e, possibly a hardware device.", +#endif + NULL +}; -int MAIN(int argc, char **argv) +int spkac_main(int argc, char **argv) { ENGINE *e = NULL; int i,badops=0, ret = 1; @@ -97,13 +105,6 @@ int MAIN(int argc, char **argv) char *engine=NULL; #endif - apps_startup(); - - if (!bio_err) bio_err = BIO_new_fp(stderr, BIO_NOCLOSE); - - if (!load_config(bio_err, NULL)) - goto end; - prog=argv[0]; argc--; argv++; @@ -165,24 +166,12 @@ int MAIN(int argc, char **argv) if (badops) { bad: - BIO_printf(bio_err,"%s [options]\n",prog); + BIO_printf(bio_err,"spkac [options]\n"); BIO_printf(bio_err,"where options are\n"); - BIO_printf(bio_err," -in arg input file\n"); - BIO_printf(bio_err," -out arg output file\n"); - BIO_printf(bio_err," -key arg create SPKAC using private key\n"); - BIO_printf(bio_err," -passin arg input file pass phrase source\n"); - BIO_printf(bio_err," -challenge arg challenge string\n"); - BIO_printf(bio_err," -spkac arg alternative SPKAC name\n"); - BIO_printf(bio_err," -noout don't print SPKAC\n"); - BIO_printf(bio_err," -pubkey output public key\n"); - BIO_printf(bio_err," -verify verify SPKAC signature\n"); -#ifndef OPENSSL_NO_ENGINE - BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n"); -#endif + printhelp(spkac_help); goto end; } - ERR_load_crypto_strings(); if(!app_passwd(bio_err, passargin, NULL, &passin, NULL)) { BIO_printf(bio_err, "Error getting password\n"); goto end; @@ -303,6 +292,5 @@ end: BIO_free_all(out); EVP_PKEY_free(pkey); if(passin) OPENSSL_free(passin); - apps_shutdown(); - OPENSSL_EXIT(ret); + return(ret); } diff --git a/apps/srp.c b/apps/srp.c index 749bc64c17..406206be5e 100644 --- a/apps/srp.c +++ b/apps/srp.c @@ -70,9 +70,6 @@ #include "apps.h" -#undef PROG -#define PROG srp_main - #define BASE_SECTION "srp" #define CONFIG_FILE "openssl.cnf" @@ -81,23 +78,23 @@ #define ENV_DATABASE "srpvfile" #define ENV_DEFAULT_SRP "default_srp" -static char *srp_usage[]={ -"usage: srp [args] [user] \n", -"\n", -" -verbose Talk a lot while doing things\n", -" -config file A config file\n", -" -name arg The particular srp definition to use\n", -" -srpvfile arg The srp verifier file name\n", -" -add add an user and srp verifier\n", -" -modify modify the srp verifier of an existing user\n", -" -delete delete user from verifier file\n", -" -list list user\n", -" -gn arg g and N values to be used for new verifier\n", -" -userinfo arg additional info to be set for user\n", -" -passin arg input file pass phrase source\n", -" -passout arg output file pass phrase source\n", +const char *srp_help[]={ + "-verbose Talk a lot while doing things", + "-config file A config file", + "-name arg The particular srp definition to use", + "-srpvfile arg The srp verifier file name", + "-add add an user and srp verifier", + "-modify modify the srp verifier of an existing user", + "-delete delete user from verifier file", + "-list list user", + "-gn arg g and N values to be used for new verifier", + "-userinfo arg additional info to be set for user", + "-passin arg input file pass phrase source", + "-passout arg output file pass phrase source", + /* XXX rsalz; has LIST_SEP_CHAR */ + "-rand file... load the file(s) into the random number generator", #ifndef OPENSSL_NO_ENGINE -" -engine e - use engine e, possibly a hardware device.\n", + "-engine e use engine e, possibly a hardware device.", #endif NULL }; @@ -115,8 +112,6 @@ static char *section=NULL; #define VVERBOSE if (verbose>1) -int MAIN(int, char **); - static int get_index(CA_DB *db, char* id, char type) { char ** pp; @@ -267,7 +262,7 @@ static char *srp_create_user(char *user, char **srp_verifier, return gNid; } -int MAIN(int argc, char **argv) +int srp_main(int argc, char **argv) { int add_user = 0; int list_user= 0; @@ -308,15 +303,10 @@ EF_PROTECT_BELOW=1; EF_ALIGNMENT=0; #endif - apps_startup(); conf = NULL; section = NULL; - if (bio_err == NULL) - if ((bio_err=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); - argc--; argv++; while (argc >= 1 && badops == 0) @@ -411,17 +401,11 @@ bad: if (badops) { - for (pp=srp_usage; (*pp != NULL); pp++) - BIO_printf(bio_err,"%s",*pp); - - BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); - BIO_printf(bio_err," load the file (or the files in the directory) into\n"); - BIO_printf(bio_err," the random number generator\n"); + BIO_printf(bio_err, "usage: srp [args] [user] \n"); + printhelp(srp_help); goto err; } - ERR_load_crypto_strings(); - #ifndef OPENSSL_NO_ENGINE setup_engine(bio_err, engine, 0); #endif @@ -477,9 +461,6 @@ bad: tofree = NULL; } - if (!load_config(bio_err, conf)) - goto err; - /* Lets get the config section we are using */ if (section == NULL) { @@ -748,8 +729,7 @@ err: if (db) free_index(db); OBJ_cleanup(); - apps_shutdown(); - OPENSSL_EXIT(ret); + return(ret); } @@ -67,8 +67,26 @@ #include <openssl/ts.h> #include <openssl/bn.h> -#undef PROG -#define PROG ts_main +const char* ts_help[] = { + "ts -query [-rand filefile%c...] [-config configfile] " + "[-data file_to_hash] [-digest digest_bytes]" + "[-md2|-md4|-md5|-sha|-sha1|-mdc2|-ripemd160] " + "[-policy object_id] [-no_nonce] [-cert] " + "[-in request.tsq] [-out request.tsq] [-text]", + "ts -reply [-config configfile] [-section tsa_section] " + "[-queryfile request.tsq] [-passin password] " + "[-signer tsa_cert.pem] [-inkey private_key.pem] " + "[-chain certs_file.pem] [-policy object_id] " + "[-in response.tsr] [-token_in] " + "[-out response.tsr] [-token_out] [-text] [-engine id]", + "ts -verify [-data file_to_hash] [-digest digest_bytes] " + "[-queryfile request.tsq] " + "-in response.tsr [-token_in] " + "-CApath ca_path -CAfile ca_file.pem " + "-untrusted cert_file.pem", + NULL +}; + /* Length of the nonce of the request in bits (must be a multiple of 8). */ #define NONCE_LENGTH 64 @@ -103,7 +121,7 @@ static TS_RESP *read_PKCS7(BIO *in_bio); static TS_RESP *create_response(CONF *conf, const char *section, char *engine, char *queryfile, char *passin, char *inkey, char *signer, char *chain, const char *policy); -static ASN1_INTEGER * MS_CALLBACK serial_cb(TS_RESP_CTX *ctx, void *data); +static ASN1_INTEGER * serial_cb(TS_RESP_CTX *ctx, void *data); static ASN1_INTEGER *next_serial(const char *serialfile); static int save_ts_serial(const char *serialfile, ASN1_INTEGER *serial); @@ -116,12 +134,10 @@ static TS_VERIFY_CTX *create_verify_ctx(char *data, char *digest, char *ca_path, char *ca_file, char *untrusted); static X509_STORE *create_cert_store(char *ca_path, char *ca_file); -static int MS_CALLBACK verify_cb(int ok, X509_STORE_CTX *ctx); +static int verify_cb(int ok, X509_STORE_CTX *ctx); /* Main function definition. */ -int MAIN(int, char **); - -int MAIN(int argc, char **argv) +int ts_main(int argc, char **argv) { int ret = 1; char *configfile = NULL; @@ -154,19 +170,6 @@ int MAIN(int argc, char **argv) int token_in = 0; /* Output is ContentInfo instead of TimeStampResp. */ int token_out = 0; - int free_bio_err = 0; - - ERR_load_crypto_strings(); - apps_startup(); - - if (bio_err == NULL && (bio_err = BIO_new(BIO_s_file())) != NULL) - { - free_bio_err = 1; - BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT); - } - - if (!load_config(bio_err, NULL)) - goto cleanup; for (argc--, argv++; argc > 0; argc--, argv++) { @@ -365,39 +368,16 @@ int MAIN(int argc, char **argv) goto cleanup; usage: - BIO_printf(bio_err, "usage:\n" - "ts -query [-rand file%cfile%c...] [-config configfile] " - "[-data file_to_hash] [-digest digest_bytes]" - "[-md2|-md4|-md5|-sha|-sha1|-mdc2|-ripemd160] " - "[-policy object_id] [-no_nonce] [-cert] " - "[-in request.tsq] [-out request.tsq] [-text]\n", - LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); - BIO_printf(bio_err, "or\n" - "ts -reply [-config configfile] [-section tsa_section] " - "[-queryfile request.tsq] [-passin password] " - "[-signer tsa_cert.pem] [-inkey private_key.pem] " - "[-chain certs_file.pem] [-policy object_id] " - "[-in response.tsr] [-token_in] " - "[-out response.tsr] [-token_out] [-text] [-engine id]\n"); - BIO_printf(bio_err, "or\n" - "ts -verify [-data file_to_hash] [-digest digest_bytes] " - "[-queryfile request.tsq] " - "-in response.tsr [-token_in] " - "-CApath ca_path -CAfile ca_file.pem " - "-untrusted cert_file.pem\n"); + BIO_printf(bio_err, "usage:\n"); + printhelp(ts_help); cleanup: /* Clean up. */ app_RAND_write_file(NULL, bio_err); NCONF_free(conf); OPENSSL_free(password); OBJ_cleanup(); - if (free_bio_err) - { - BIO_free_all(bio_err); - bio_err = NULL; - } - OPENSSL_EXIT(ret); + return(ret); } /* @@ -876,7 +856,7 @@ static TS_RESP *create_response(CONF *conf, const char *section, char *engine, return response; } -static ASN1_INTEGER * MS_CALLBACK serial_cb(TS_RESP_CTX *ctx, void *data) +static ASN1_INTEGER * serial_cb(TS_RESP_CTX *ctx, void *data) { const char *serial_file = (const char *) data; ASN1_INTEGER *serial = next_serial(serial_file); @@ -1128,7 +1108,7 @@ static X509_STORE *create_cert_store(char *ca_path, char *ca_file) return NULL; } -static int MS_CALLBACK verify_cb(int ok, X509_STORE_CTX *ctx) +static int verify_cb(int ok, X509_STORE_CTX *ctx) { /* char buf[256]; diff --git a/apps/verify.c b/apps/verify.c index b9480bd812..32f8c44606 100644 --- a/apps/verify.c +++ b/apps/verify.c @@ -66,18 +66,26 @@ #include <openssl/x509v3.h> #include <openssl/pem.h> -#undef PROG -#define PROG verify_main +const char* verify_help[] = { + "-verbose", + "-CApath path", + "-CAfile file", + "-trusted_first", + "-purpose purpose", + "-crl_check", +#ifndef OPENSSL_NO_ENGINE + "-engine e", +#endif + NULL +}; -static int MS_CALLBACK cb(int ok, X509_STORE_CTX *ctx); +static int cb(int ok, X509_STORE_CTX *ctx); static int check(X509_STORE *ctx, char *file, STACK_OF(X509) *uchain, STACK_OF(X509) *tchain, STACK_OF(X509_CRL) *crls, ENGINE *e, int show_chain); static int v_verbose=0, vflags = 0; -int MAIN(int, char **); - -int MAIN(int argc, char **argv) +int verify_main(int argc, char **argv) { ENGINE *e = NULL; int i,ret=1, badarg = 0; @@ -97,17 +105,6 @@ int MAIN(int argc, char **argv) if (cert_ctx == NULL) goto end; X509_STORE_set_verify_cb(cert_ctx,cb); - ERR_load_crypto_strings(); - - apps_startup(); - - if (bio_err == NULL) - if ((bio_err=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); - - if (!load_config(bio_err, NULL)) - goto end; - argc--; argv++; for (;;) @@ -245,12 +242,10 @@ int MAIN(int argc, char **argv) end: if (ret == 1) { - BIO_printf(bio_err,"usage: verify [-verbose] [-CApath path] [-CAfile file] [-trusted_first] [-purpose purpose] [-crl_check]"); -#ifndef OPENSSL_NO_ENGINE - BIO_printf(bio_err," [-engine e]"); -#endif - BIO_printf(bio_err," cert1 cert2 ...\n"); - + BIO_printf(bio_err,"usage: verify [options] cert...\n"); + BIO_printf(bio_err,"where options are:\n"); + printhelp(verify_help); + /* rsalz XXX */ BIO_printf(bio_err,"recognized usages:\n"); for(i = 0; i < X509_PURPOSE_get_count(); i++) { @@ -276,8 +271,7 @@ end: sk_X509_pop_free(untrusted, X509_free); sk_X509_pop_free(trusted, X509_free); sk_X509_CRL_pop_free(crls, X509_CRL_free); - apps_shutdown(); - OPENSSL_EXIT(ret < 0 ? 2 : ret); + return(ret < 0 ? 2 : ret); } static int check(X509_STORE *ctx, char *file, @@ -292,7 +286,7 @@ static int check(X509_STORE *ctx, char *file, x = load_cert(bio_err, file, FORMAT_PEM, NULL, e, "certificate file"); if (x == NULL) goto end; - fprintf(stdout,"%s: ",(file == NULL)?"stdin":file); + printf("%s: ",(file == NULL)?"stdin":file); csc = X509_STORE_CTX_new(); if (csc == NULL) @@ -318,7 +312,7 @@ static int check(X509_STORE *ctx, char *file, end: if (i > 0) { - fprintf(stdout,"OK\n"); + printf("OK\n"); ret=1; } else @@ -342,7 +336,7 @@ end: return(ret); } -static int MS_CALLBACK cb(int ok, X509_STORE_CTX *ctx) +static int cb(int ok, X509_STORE_CTX *ctx) { int cert_error = X509_STORE_CTX_get_error(ctx); X509 *current_cert = X509_STORE_CTX_get_current_cert(ctx); diff --git a/apps/version.c b/apps/version.c index e9555cbde2..36736e069d 100644 --- a/apps/version.c +++ b/apps/version.c @@ -132,21 +132,23 @@ # include <openssl/blowfish.h> #endif -#undef PROG -#define PROG version_main -int MAIN(int, char **); +const char* version_help[] = { + "-a show all data", + "-b show build date", + "-v show library version", + "-o show some internal datatype options", + "-f show compiler flags used", + "-p show target build platform", + "-d show configuration directory", + NULL +}; -int MAIN(int argc, char **argv) +int version_main(int argc, char **argv) { int i,ret=0; int cflags=0,version=0,date=0,options=0,platform=0,dir=0; - apps_startup(); - - if (bio_err == NULL) - if ((bio_err=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); if (argc == 1) version=1; for (i=1; i<argc; i++) @@ -167,7 +169,8 @@ int MAIN(int argc, char **argv) date=version=cflags=options=platform=dir=1; else { - BIO_printf(bio_err,"usage:version -[avbofpd]\n"); + printhelp(version_help); + BIO_printf(bio_err,"usage version [options]\n"); ret=1; goto end; } @@ -212,6 +215,5 @@ int MAIN(int argc, char **argv) if (cflags) printf("%s\n",SSLeay_version(SSLEAY_CFLAGS)); if (dir) printf("%s\n",SSLeay_version(SSLEAY_DIR)); end: - apps_shutdown(); - OPENSSL_EXIT(ret); + return(ret); } diff --git a/apps/x509.c b/apps/x509.c index 3bb261010f..1f6f3f435c 100644 --- a/apps/x509.c +++ b/apps/x509.c @@ -80,83 +80,79 @@ #include <openssl/dsa.h> #endif -#undef PROG -#define PROG x509_main - #undef POSTFIX #define POSTFIX ".srl" #define DEF_DAYS 30 -static const char *x509_usage[]={ -"usage: x509 args\n", -" -inform arg - input format - default PEM (one of DER, NET or PEM)\n", -" -outform arg - output format - default PEM (one of DER, NET or PEM)\n", -" -keyform arg - private key format - default PEM\n", -" -CAform arg - CA format - default PEM\n", -" -CAkeyform arg - CA key format - default PEM\n", -" -in arg - input file - default stdin\n", -" -out arg - output file - default stdout\n", -" -passin arg - private key password source\n", -" -serial - print serial number value\n", -" -subject_hash - print subject hash value\n", +const char *x509_help[]={ + "-inform arg input format - default PEM (one of DER, NET or PEM)", + "-outform arg output format - default PEM (one of DER, NET or PEM)", + "-keyform arg private key format - default PEM", + "-CAform arg CA format - default PEM", + "-CAkeyform arg CA key format - default PEM", + "-in arg input file - default stdin", + "-out arg output file - default stdout", + "-passin arg private key password source", + "-serial print serial number value", + "-subject_hash print subject hash value", #ifndef OPENSSL_NO_MD5 -" -subject_hash_old - print old-style (MD5) subject hash value\n", + "-subject_hash_old print old-style (MD5) subject hash value", #endif -" -issuer_hash - print issuer hash value\n", + "-issuer_hash print issuer hash value", #ifndef OPENSSL_NO_MD5 -" -issuer_hash_old - print old-style (MD5) issuer hash value\n", + "-issuer_hash_old print old-style (MD5) issuer hash value", #endif -" -hash - synonym for -subject_hash\n", -" -subject - print subject DN\n", -" -issuer - print issuer DN\n", -" -email - print email address(es)\n", -" -startdate - notBefore field\n", -" -enddate - notAfter field\n", -" -purpose - print out certificate purposes\n", -" -dates - both Before and After dates\n", -" -modulus - print the RSA key modulus\n", -" -pubkey - output the public key\n", -" -fingerprint - print the certificate fingerprint\n", -" -alias - output certificate alias\n", -" -noout - no certificate output\n", -" -ocspid - print OCSP hash values for the subject name and public key\n", -" -ocsp_uri - print OCSP Responder URL(s)\n", -" -trustout - output a \"trusted\" certificate\n", -" -clrtrust - clear all trusted purposes\n", -" -clrreject - clear all rejected purposes\n", -" -addtrust arg - trust certificate for a given purpose\n", -" -addreject arg - reject certificate for a given purpose\n", -" -setalias arg - set certificate alias\n", -" -days arg - How long till expiry of a signed certificate - def 30 days\n", -" -checkend arg - check whether the cert expires in the next arg seconds\n", -" exit 1 if so, 0 if not\n", -" -signkey arg - self sign cert with arg\n", -" -x509toreq - output a certification request object\n", -" -req - input is a certificate request, sign and output.\n", -" -CA arg - set the CA certificate, must be PEM format.\n", -" -CAkey arg - set the CA key, must be PEM format\n", -" missing, it is assumed to be in the CA file.\n", -" -CAcreateserial - create serial number file if it does not exist\n", -" -CAserial arg - serial file\n", -" -set_serial - serial number to use\n", -" -text - print the certificate in text form\n", -" -C - print out C code forms\n", -" -md2/-md5/-sha1/-mdc2 - digest to use\n", -" -extfile - configuration file with X509V3 extensions to add\n", -" -extensions - section from config file with X509V3 extensions to add\n", -" -clrext - delete extensions before signing and input certificate\n", -" -nameopt arg - various certificate name options\n", + "-hash synonym for -subject_hash", + "-subject print subject DN", + "-issuer print issuer DN", + "-email print email address(es)", + "-startdate notBefore field", + "-enddate notAfter field", + "-purpose print out certificate purposes", + "-dates both Before and After dates", + "-modulus print the RSA key modulus", + "-pubkey output the public key", + "-fingerprint print the certificate fingerprint", + "-alias output certificate alias", + "-noout no certificate output", + "-ocspid print OCSP hash values for the subject name and public key", + "-ocsp_uri print OCSP Responder URL(s)", + "-trustout output a trusted certificate", + "-clrtrust clear all trusted purposes", + "-clrreject clear all rejected purposes", + "-addtrust arg trust certificate for a given purpose", + "-addreject arg reject certificate for a given purpose", + "-setalias arg set certificate alias", + "-days arg how long till expiry of a signed certificate - def 30 days", + "-checkend arg check whether the cert expires in the next arg seconds", + " exit 1 if so, 0 if not", + "-signkey arg self sign cert with arg", + "-x509toreq output a certification request object", + "-req input is a certificate request, sign and output.", + "-CA arg set the CA certificate, must be PEM format.", + "-CAkey arg set the CA key, must be PEM format", + " if missing, it is assumed to be in the CA file.", + "-CAcreateserial create serial number file if it does not exist", + "-CAserial arg serial file", + "-set_serial serial number to use", + "-text print the certificate in text form", + "-C print out C code forms", + "-{digest} digest to use", + "-extfile configuration file with X509V3 extensions to add", + "-extensions section from config file with X509V3 extensions to add", + "-clrext delete extensions before signing and input certificate", + "-nameopt arg various certificate name options", #ifndef OPENSSL_NO_ENGINE -" -engine e - use engine e, possibly a hardware device.\n", + "-engine e use engine e, possibly a hardware device.", #endif -" -certopt arg - various certificate text options\n", -" -checkhost host - check certificate matches \"host\"\n", -" -checkemail email - check certificate matches \"email\"\n", -" -checkip ipaddr - check certificate matches \"ipaddr\"\n", -NULL + "-certopt arg various certificate text options", + "-checkhost host check certificate matches host", + "-checkemail email check certificate matches email", + "-checkip ipaddr check certificate matches ipaddr", + NULL }; -static int MS_CALLBACK callb(int ok, X509_STORE_CTX *ctx); +static int callb(int ok, X509_STORE_CTX *ctx); static int sign (X509 *x, EVP_PKEY *pkey,int days,int clrext, const EVP_MD *digest, CONF *conf, char *section); static int x509_certify (X509_STORE *ctx,char *CAfile,const EVP_MD *digest, @@ -170,9 +166,7 @@ static int reqfile=0; static int force_version=2; #endif -int MAIN(int, char **); - -int MAIN(int argc, char **argv) +int x509_main(int argc, char **argv) { ENGINE *e = NULL; int ret=1; @@ -203,7 +197,6 @@ int MAIN(int argc, char **argv) int C=0; int x509req=0,days=DEF_DAYS,modulus=0,pubkey=0; int pprint = 0; - const char **pp; X509_STORE *ctx=NULL; X509_REQ *rq=NULL; int fingerprint=0; @@ -223,13 +216,6 @@ int MAIN(int argc, char **argv) reqfile=0; - apps_startup(); - - if (bio_err == NULL) - bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); - - if (!load_config(bio_err, NULL)) - goto end; STDout=BIO_new_fp(stdout,BIO_NOCLOSE); #ifdef OPENSSL_SYS_VMS { @@ -530,8 +516,8 @@ int MAIN(int argc, char **argv) if (badops) { bad: - for (pp=x509_usage; (*pp != NULL); pp++) - BIO_printf(bio_err,"%s",*pp); + BIO_printf(bio_err, "x509 [args]\n"); + printhelp(x509_help); goto end; } @@ -542,8 +528,6 @@ bad: if (need_rand) app_RAND_load_file(NULL, bio_err, 0); - ERR_load_crypto_strings(); - if (!app_passwd(bio_err, passargin, NULL, &passin, NULL)) { BIO_printf(bio_err, "Error getting password\n"); @@ -620,24 +604,15 @@ bad: BIO_printf(bio_err,"We need a private key to sign with\n"); goto end; } - in=BIO_new(BIO_s_file()); + if (infile == NULL) + in = BIO_new_fp(stdin,BIO_NOCLOSE|BIO_FP_TEXT); + else + in = BIO_new_file(infile, "r"); if (in == NULL) { ERR_print_errors(bio_err); goto end; } - - if (infile == NULL) - BIO_set_fp(in,stdin,BIO_NOCLOSE|BIO_FP_TEXT); - else - { - if (BIO_read_filename(in,infile) <= 0) - { - perror(infile); - BIO_free(in); - goto end; - } - } req=PEM_read_bio_X509_REQ(in,NULL,NULL,NULL); BIO_free(in); @@ -723,30 +698,15 @@ bad: OBJ_create("2.99999.3", "SET.ex3","SET x509v3 extension 3"); - out=BIO_new(BIO_s_file()); + if (outfile == NULL) + out = BIO_dup_chain(bio_out); + else + out = BIO_new_file(outfile, "w"); if (out == NULL) { ERR_print_errors(bio_err); goto end; } - if (outfile == NULL) - { - BIO_set_fp(out,stdout,BIO_NOCLOSE); -#ifdef OPENSSL_SYS_VMS - { - BIO *tmpbio = BIO_new(BIO_f_linebuffer()); - out = BIO_push(tmpbio, out); - } -#endif - } - else - { - if (BIO_write_filename(out,outfile) <= 0) - { - perror(outfile); - goto end; - } - } } if (alias) X509_alias_set1(x, (unsigned char *)alias, -1); @@ -1156,8 +1116,7 @@ end: sk_ASN1_OBJECT_pop_free(trust, ASN1_OBJECT_free); sk_ASN1_OBJECT_pop_free(reject, ASN1_OBJECT_free); if (passin) OPENSSL_free(passin); - apps_shutdown(); - OPENSSL_EXIT(ret); + return(ret); } static ASN1_INTEGER *x509_load_serial(char *CAfile, char *serialfile, int create) @@ -1279,7 +1238,7 @@ end: return ret; } -static int MS_CALLBACK callb(int ok, X509_STORE_CTX *ctx) +static int callb(int ok, X509_STORE_CTX *ctx) { int err; X509 *err_cert; diff --git a/crypto/engine/Makefile b/crypto/engine/Makefile index 8cd001f389..136df3ae02 100644 --- a/crypto/engine/Makefile +++ b/crypto/engine/Makefile @@ -113,20 +113,19 @@ eng_cnf.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h eng_cnf.o: ../cryptlib.h eng_cnf.c eng_int.h eng_cryptodev.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h eng_cryptodev.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -eng_cryptodev.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h -eng_cryptodev.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h +eng_cryptodev.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h eng_cryptodev.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h eng_cryptodev.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h -eng_cryptodev.o: ../../include/openssl/err.h ../../include/openssl/evp.h -eng_cryptodev.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +eng_cryptodev.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h +eng_cryptodev.o: ../../include/openssl/obj_mac.h eng_cryptodev.o: ../../include/openssl/objects.h eng_cryptodev.o: ../../include/openssl/opensslconf.h eng_cryptodev.o: ../../include/openssl/opensslv.h eng_cryptodev.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -eng_cryptodev.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -eng_cryptodev.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -eng_cryptodev.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -eng_cryptodev.o: ../../include/openssl/x509_vfy.h eng_cryptodev.c +eng_cryptodev.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +eng_cryptodev.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +eng_cryptodev.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +eng_cryptodev.o: eng_cryptodev.c eng_ctrl.o: ../../e_os.h ../../include/openssl/asn1.h eng_ctrl.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h eng_ctrl.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h diff --git a/crypto/evp/Makefile b/crypto/evp/Makefile index d3818e464a..2302eb1fae 100644 --- a/crypto/evp/Makefile +++ b/crypto/evp/Makefile @@ -302,6 +302,7 @@ e_null.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h e_null.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h e_null.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h e_null.o: ../cryptlib.h e_null.c +e_old.o: e_old.c e_rc2.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h e_rc2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h e_rc2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h @@ -669,14 +669,6 @@ extern char *sys_errlist[]; extern int sys_nerr; # define memcmp OPENSSL_memcmp #endif -#ifndef OPENSSL_EXIT -# if defined(MONOLITH) && !defined(OPENSSL_C) -# define OPENSSL_EXIT(n) return(n) -# else -# define OPENSSL_EXIT(n) do { EXIT(n); return(n); } while(0) -# endif -#endif - /***********************************************/ #define DG_GCC_BUG /* gcc < 2.6.3 on DGUX */ diff --git a/ssl/Makefile b/ssl/Makefile index 9b7e174da1..1d74e9accd 100644 --- a/ssl/Makefile +++ b/ssl/Makefile @@ -164,7 +164,7 @@ d1_clnt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h d1_clnt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h d1_clnt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h d1_clnt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_clnt.c -d1_clnt.o: ssl_locl.h +d1_clnt.o: kssl_lcl.h ssl_locl.h d1_enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h d1_enc.o: ../include/openssl/buffer.h ../include/openssl/comp.h d1_enc.o: ../include/openssl/crypto.h ../include/openssl/dsa.h @@ -678,20 +678,20 @@ s3_srvr.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h s3_srvr.o: ../include/openssl/ec.h ../include/openssl/ecdh.h s3_srvr.o: ../include/openssl/ecdsa.h ../include/openssl/err.h s3_srvr.o: ../include/openssl/evp.h ../include/openssl/hmac.h -s3_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h -s3_srvr.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h -s3_srvr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -s3_srvr.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -s3_srvr.o: ../include/openssl/pem.h ../include/openssl/pem2.h -s3_srvr.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h -s3_srvr.o: ../include/openssl/rand.h ../include/openssl/rsa.h -s3_srvr.o: ../include/openssl/safestack.h ../include/openssl/sha.h -s3_srvr.o: ../include/openssl/srtp.h ../include/openssl/ssl.h -s3_srvr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h -s3_srvr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h -s3_srvr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -s3_srvr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h kssl_lcl.h -s3_srvr.o: s3_srvr.c ssl_locl.h +s3_srvr.o: ../include/openssl/krb5_asn.h ../include/openssl/kssl.h +s3_srvr.o: ../include/openssl/lhash.h ../include/openssl/md5.h +s3_srvr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +s3_srvr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +s3_srvr.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h +s3_srvr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h +s3_srvr.o: ../include/openssl/pqueue.h ../include/openssl/rand.h +s3_srvr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +s3_srvr.o: ../include/openssl/sha.h ../include/openssl/srtp.h +s3_srvr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h +s3_srvr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h +s3_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +s3_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h +s3_srvr.o: ../include/openssl/x509_vfy.h kssl_lcl.h s3_srvr.c ssl_locl.h ssl_algs.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h ssl_algs.o: ../include/openssl/buffer.h ../include/openssl/comp.h ssl_algs.o: ../include/openssl/crypto.h ../include/openssl/dsa.h diff --git a/test/Makefile b/test/Makefile index 2b00ba2b0d..c956f11acc 100644 --- a/test/Makefile +++ b/test/Makefile @@ -661,9 +661,8 @@ bntest.o: ../include/openssl/symhacks.h ../include/openssl/x509.h bntest.o: ../include/openssl/x509_vfy.h bntest.c casttest.o: ../e_os.h ../include/openssl/cast.h ../include/openssl/e_os2.h casttest.o: ../include/openssl/opensslconf.h casttest.c -destest.o: ../include/openssl/crypto.h ../include/openssl/des.h -destest.o: ../include/openssl/des_old.h ../include/openssl/e_os2.h -destest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +destest.o: ../include/openssl/des.h ../include/openssl/des_old.h +destest.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h destest.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h destest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h destest.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h destest.c @@ -694,8 +693,7 @@ ecdhtest.o: ../include/openssl/sha.h ../include/openssl/stack.h ecdhtest.o: ../include/openssl/symhacks.h ecdhtest.c ecdsatest.o: ../include/openssl/asn1.h ../include/openssl/bio.h ecdsatest.o: ../include/openssl/bn.h ../include/openssl/buffer.h -ecdsatest.o: ../include/openssl/crypto.h ../include/openssl/dh.h -ecdsatest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h +ecdsatest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h ecdsatest.o: ../include/openssl/ec.h ../include/openssl/ecdh.h ecdsatest.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h ecdsatest.o: ../include/openssl/err.h ../include/openssl/evp.h @@ -703,15 +701,13 @@ ecdsatest.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h ecdsatest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h ecdsatest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h ecdsatest.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h -ecdsatest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -ecdsatest.o: ../include/openssl/sha.h ../include/openssl/stack.h -ecdsatest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h +ecdsatest.o: ../include/openssl/safestack.h ../include/openssl/sha.h +ecdsatest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h ecdsatest.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ecdsatest.o: ecdsatest.c ectest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h ectest.o: ../include/openssl/bn.h ../include/openssl/buffer.h -ectest.o: ../include/openssl/crypto.h ../include/openssl/dh.h -ectest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h +ectest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h ectest.o: ../include/openssl/ec.h ../include/openssl/ecdh.h ectest.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h ectest.o: ../include/openssl/err.h ../include/openssl/evp.h @@ -719,41 +715,34 @@ ectest.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h ectest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h ectest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h ectest.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h -ectest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -ectest.o: ../include/openssl/sha.h ../include/openssl/stack.h -ectest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h +ectest.o: ../include/openssl/safestack.h ../include/openssl/sha.h +ectest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h ectest.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ectest.c enginetest.o: ../include/openssl/asn1.h ../include/openssl/bio.h -enginetest.o: ../include/openssl/bn.h ../include/openssl/buffer.h -enginetest.o: ../include/openssl/crypto.h ../include/openssl/dh.h -enginetest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h -enginetest.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -enginetest.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h -enginetest.o: ../include/openssl/err.h ../include/openssl/evp.h -enginetest.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h -enginetest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -enginetest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -enginetest.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h -enginetest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h -enginetest.o: ../include/openssl/sha.h ../include/openssl/stack.h -enginetest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h +enginetest.o: ../include/openssl/buffer.h ../include/openssl/crypto.h +enginetest.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +enginetest.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +enginetest.o: ../include/openssl/engine.h ../include/openssl/err.h +enginetest.o: ../include/openssl/evp.h ../include/openssl/lhash.h +enginetest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +enginetest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +enginetest.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h +enginetest.o: ../include/openssl/safestack.h ../include/openssl/sha.h +enginetest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h enginetest.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h enginetest.o: enginetest.c evp_test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -evp_test.o: ../include/openssl/bn.h ../include/openssl/buffer.h -evp_test.o: ../include/openssl/conf.h ../include/openssl/crypto.h -evp_test.o: ../include/openssl/dh.h ../include/openssl/dsa.h -evp_test.o: ../include/openssl/e_os2.h ../include/openssl/ec.h -evp_test.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h -evp_test.o: ../include/openssl/engine.h ../include/openssl/err.h -evp_test.o: ../include/openssl/evp.h ../include/openssl/lhash.h -evp_test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -evp_test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -evp_test.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h -evp_test.o: ../include/openssl/rand.h ../include/openssl/rsa.h -evp_test.o: ../include/openssl/safestack.h ../include/openssl/sha.h -evp_test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -evp_test.o: ../include/openssl/ui.h ../include/openssl/x509.h +evp_test.o: ../include/openssl/buffer.h ../include/openssl/conf.h +evp_test.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h +evp_test.o: ../include/openssl/ec.h ../include/openssl/ecdh.h +evp_test.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h +evp_test.o: ../include/openssl/err.h ../include/openssl/evp.h +evp_test.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h +evp_test.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +evp_test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h +evp_test.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h +evp_test.o: ../include/openssl/sha.h ../include/openssl/stack.h +evp_test.o: ../include/openssl/symhacks.h ../include/openssl/x509.h evp_test.o: ../include/openssl/x509_vfy.h evp_test.c exptest.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/bn.h exptest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h @@ -876,26 +865,22 @@ fips_test_suite.o: ../include/openssl/rand.h ../include/openssl/safestack.h fips_test_suite.o: ../include/openssl/sha.h ../include/openssl/stack.h fips_test_suite.o: ../include/openssl/symhacks.h fips_test_suite.c gost2814789t.o: ../engines/ccgost/gost89.h ../include/openssl/asn1.h -gost2814789t.o: ../include/openssl/bio.h ../include/openssl/bn.h -gost2814789t.o: ../include/openssl/buffer.h ../include/openssl/conf.h -gost2814789t.o: ../include/openssl/crypto.h ../include/openssl/dh.h -gost2814789t.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h -gost2814789t.o: ../include/openssl/ec.h ../include/openssl/ecdh.h -gost2814789t.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h -gost2814789t.o: ../include/openssl/err.h ../include/openssl/evp.h -gost2814789t.o: ../include/openssl/hmac.h ../include/openssl/lhash.h -gost2814789t.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -gost2814789t.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -gost2814789t.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h -gost2814789t.o: ../include/openssl/rand.h ../include/openssl/rsa.h -gost2814789t.o: ../include/openssl/safestack.h ../include/openssl/sha.h -gost2814789t.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -gost2814789t.o: ../include/openssl/ui.h ../include/openssl/x509.h +gost2814789t.o: ../include/openssl/bio.h ../include/openssl/buffer.h +gost2814789t.o: ../include/openssl/conf.h ../include/openssl/crypto.h +gost2814789t.o: ../include/openssl/e_os2.h ../include/openssl/ec.h +gost2814789t.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h +gost2814789t.o: ../include/openssl/engine.h ../include/openssl/err.h +gost2814789t.o: ../include/openssl/evp.h ../include/openssl/hmac.h +gost2814789t.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h +gost2814789t.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +gost2814789t.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h +gost2814789t.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h +gost2814789t.o: ../include/openssl/sha.h ../include/openssl/stack.h +gost2814789t.o: ../include/openssl/symhacks.h ../include/openssl/x509.h gost2814789t.o: ../include/openssl/x509_vfy.h gost2814789t.c heartbeat_test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -heartbeat_test.o: ../include/openssl/bn.h ../include/openssl/buffer.h -heartbeat_test.o: ../include/openssl/comp.h ../include/openssl/crypto.h -heartbeat_test.o: ../include/openssl/dh.h ../include/openssl/dsa.h +heartbeat_test.o: ../include/openssl/buffer.h ../include/openssl/comp.h +heartbeat_test.o: ../include/openssl/crypto.h ../include/openssl/dsa.h heartbeat_test.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h heartbeat_test.o: ../include/openssl/ec.h ../include/openssl/ecdh.h heartbeat_test.o: ../include/openssl/ecdsa.h ../include/openssl/err.h @@ -915,13 +900,13 @@ heartbeat_test.o: ../include/openssl/tls1.h ../include/openssl/x509.h heartbeat_test.o: ../include/openssl/x509_vfy.h ../ssl/ssl_locl.h heartbeat_test.o: ../test/testutil.h heartbeat_test.c hmactest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -hmactest.o: ../include/openssl/bn.h ../include/openssl/crypto.h -hmactest.o: ../include/openssl/e_os2.h ../include/openssl/evp.h -hmactest.o: ../include/openssl/hmac.h ../include/openssl/md5.h -hmactest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -hmactest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -hmactest.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h -hmactest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h hmactest.c +hmactest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h +hmactest.o: ../include/openssl/evp.h ../include/openssl/hmac.h +hmactest.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h +hmactest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +hmactest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h +hmactest.o: ../include/openssl/safestack.h ../include/openssl/stack.h +hmactest.o: ../include/openssl/symhacks.h hmactest.c ideatest.o: ../e_os.h ../include/openssl/e_os2.h ../include/openssl/idea.h ideatest.o: ../include/openssl/opensslconf.h ideatest.c igetest.o: ../include/openssl/aes.h ../include/openssl/crypto.h @@ -934,49 +919,46 @@ jpaketest.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h jpaketest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h jpaketest.o: ../include/openssl/safestack.h ../include/openssl/stack.h jpaketest.o: ../include/openssl/symhacks.h jpaketest.c -md2test.o: ../e_os.h ../include/openssl/e_os2.h -md2test.o: ../include/openssl/opensslconf.h md2test.c +md2test.o: ../include/openssl/buffer.h ../include/openssl/crypto.h +md2test.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h +md2test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h +md2test.o: ../include/openssl/safestack.h ../include/openssl/stack.h +md2test.o: ../include/openssl/symhacks.h md2test.c md4test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -md4test.o: ../include/openssl/bn.h ../include/openssl/crypto.h -md4test.o: ../include/openssl/e_os2.h ../include/openssl/evp.h -md4test.o: ../include/openssl/md4.h ../include/openssl/obj_mac.h -md4test.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -md4test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -md4test.o: ../include/openssl/safestack.h ../include/openssl/stack.h -md4test.o: ../include/openssl/symhacks.h md4test.c +md4test.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h +md4test.o: ../include/openssl/evp.h ../include/openssl/md4.h +md4test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +md4test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +md4test.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h +md4test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h md4test.c md5test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -md5test.o: ../include/openssl/bn.h ../include/openssl/crypto.h -md5test.o: ../include/openssl/e_os2.h ../include/openssl/evp.h -md5test.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h -md5test.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -md5test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -md5test.o: ../include/openssl/safestack.h ../include/openssl/stack.h -md5test.o: ../include/openssl/symhacks.h md5test.c +md5test.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h +md5test.o: ../include/openssl/evp.h ../include/openssl/md5.h +md5test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +md5test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +md5test.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h +md5test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h md5test.c mdc2test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -mdc2test.o: ../include/openssl/bn.h ../include/openssl/crypto.h -mdc2test.o: ../include/openssl/des.h ../include/openssl/des_old.h -mdc2test.o: ../include/openssl/e_os2.h ../include/openssl/evp.h -mdc2test.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -mdc2test.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -mdc2test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -mdc2test.o: ../include/openssl/safestack.h ../include/openssl/stack.h -mdc2test.o: ../include/openssl/symhacks.h ../include/openssl/ui.h -mdc2test.o: ../include/openssl/ui_compat.h mdc2test.c +mdc2test.o: ../include/openssl/crypto.h ../include/openssl/des.h +mdc2test.o: ../include/openssl/des_old.h ../include/openssl/e_os2.h +mdc2test.o: ../include/openssl/evp.h ../include/openssl/mdc2.h +mdc2test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h +mdc2test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h +mdc2test.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h +mdc2test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +mdc2test.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h mdc2test.c p5_crpt2_test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -p5_crpt2_test.o: ../include/openssl/bn.h ../include/openssl/buffer.h -p5_crpt2_test.o: ../include/openssl/conf.h ../include/openssl/crypto.h -p5_crpt2_test.o: ../include/openssl/dh.h ../include/openssl/dsa.h -p5_crpt2_test.o: ../include/openssl/e_os2.h ../include/openssl/ec.h -p5_crpt2_test.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h -p5_crpt2_test.o: ../include/openssl/engine.h ../include/openssl/err.h -p5_crpt2_test.o: ../include/openssl/evp.h ../include/openssl/lhash.h -p5_crpt2_test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -p5_crpt2_test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -p5_crpt2_test.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h -p5_crpt2_test.o: ../include/openssl/rand.h ../include/openssl/rsa.h -p5_crpt2_test.o: ../include/openssl/safestack.h ../include/openssl/sha.h -p5_crpt2_test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -p5_crpt2_test.o: ../include/openssl/ui.h ../include/openssl/x509.h +p5_crpt2_test.o: ../include/openssl/buffer.h ../include/openssl/conf.h +p5_crpt2_test.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h +p5_crpt2_test.o: ../include/openssl/ec.h ../include/openssl/ecdh.h +p5_crpt2_test.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h +p5_crpt2_test.o: ../include/openssl/err.h ../include/openssl/evp.h +p5_crpt2_test.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h +p5_crpt2_test.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +p5_crpt2_test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h +p5_crpt2_test.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h +p5_crpt2_test.o: ../include/openssl/sha.h ../include/openssl/stack.h +p5_crpt2_test.o: ../include/openssl/symhacks.h ../include/openssl/x509.h p5_crpt2_test.o: ../include/openssl/x509_vfy.h p5_crpt2_test.c randtest.o: ../e_os.h ../include/openssl/e_os2.h randtest.o: ../include/openssl/opensslconf.h ../include/openssl/ossl_typ.h @@ -992,13 +974,12 @@ rc5test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h rc5test.o: ../include/openssl/safestack.h ../include/openssl/stack.h rc5test.o: ../include/openssl/symhacks.h rc5test.c rmdtest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -rmdtest.o: ../include/openssl/bn.h ../include/openssl/crypto.h -rmdtest.o: ../include/openssl/e_os2.h ../include/openssl/evp.h -rmdtest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -rmdtest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -rmdtest.o: ../include/openssl/ossl_typ.h ../include/openssl/ripemd.h -rmdtest.o: ../include/openssl/safestack.h ../include/openssl/stack.h -rmdtest.o: ../include/openssl/symhacks.h rmdtest.c +rmdtest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h +rmdtest.o: ../include/openssl/evp.h ../include/openssl/obj_mac.h +rmdtest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +rmdtest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h +rmdtest.o: ../include/openssl/ripemd.h ../include/openssl/safestack.h +rmdtest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h rmdtest.c rsa_test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h rsa_test.o: ../include/openssl/bn.h ../include/openssl/crypto.h rsa_test.o: ../include/openssl/e_os2.h ../include/openssl/err.h @@ -1008,21 +989,19 @@ rsa_test.o: ../include/openssl/rand.h ../include/openssl/rsa.h rsa_test.o: ../include/openssl/safestack.h ../include/openssl/stack.h rsa_test.o: ../include/openssl/symhacks.h rsa_test.c sha1test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -sha1test.o: ../include/openssl/bn.h ../include/openssl/crypto.h -sha1test.o: ../include/openssl/e_os2.h ../include/openssl/evp.h -sha1test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -sha1test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -sha1test.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h -sha1test.o: ../include/openssl/sha.h ../include/openssl/stack.h -sha1test.o: ../include/openssl/symhacks.h sha1test.c +sha1test.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h +sha1test.o: ../include/openssl/evp.h ../include/openssl/obj_mac.h +sha1test.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +sha1test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h +sha1test.o: ../include/openssl/safestack.h ../include/openssl/sha.h +sha1test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h sha1test.c shatest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -shatest.o: ../include/openssl/bn.h ../include/openssl/crypto.h -shatest.o: ../include/openssl/e_os2.h ../include/openssl/evp.h -shatest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -shatest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -shatest.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h -shatest.o: ../include/openssl/sha.h ../include/openssl/stack.h -shatest.o: ../include/openssl/symhacks.h shatest.c +shatest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h +shatest.o: ../include/openssl/evp.h ../include/openssl/obj_mac.h +shatest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +shatest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h +shatest.o: ../include/openssl/safestack.h ../include/openssl/sha.h +shatest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h shatest.c ssltest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h ssltest.o: ../include/openssl/bn.h ../include/openssl/buffer.h ssltest.o: ../include/openssl/comp.h ../include/openssl/conf.h @@ -1044,19 +1023,17 @@ ssltest.o: ../include/openssl/srtp.h ../include/openssl/ssl.h ssltest.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h ssltest.o: ../include/openssl/ssl3.h ../include/openssl/stack.h ssltest.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -ssltest.o: ../include/openssl/ui.h ../include/openssl/x509.h -ssltest.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h ssltest.c +ssltest.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h +ssltest.o: ../include/openssl/x509v3.h ssltest.c v3nametest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h -v3nametest.o: ../include/openssl/bn.h ../include/openssl/buffer.h -v3nametest.o: ../include/openssl/conf.h ../include/openssl/crypto.h -v3nametest.o: ../include/openssl/dh.h ../include/openssl/dsa.h -v3nametest.o: ../include/openssl/e_os2.h ../include/openssl/ec.h -v3nametest.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h -v3nametest.o: ../include/openssl/evp.h ../include/openssl/lhash.h -v3nametest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h -v3nametest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h -v3nametest.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h -v3nametest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h +v3nametest.o: ../include/openssl/buffer.h ../include/openssl/conf.h +v3nametest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h +v3nametest.o: ../include/openssl/ec.h ../include/openssl/ecdh.h +v3nametest.o: ../include/openssl/ecdsa.h ../include/openssl/evp.h +v3nametest.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h +v3nametest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h +v3nametest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h +v3nametest.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h v3nametest.o: ../include/openssl/sha.h ../include/openssl/stack.h v3nametest.o: ../include/openssl/symhacks.h ../include/openssl/x509.h v3nametest.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h |