diff options
| author | simon <simon@FreeBSD.org> | 2010-11-22 18:23:44 +0000 |
|---|---|---|
| committer | simon <simon@FreeBSD.org> | 2010-11-22 18:23:44 +0000 |
| commit | 7a23485c98b888d229c5e0762dbcfcec293fcef6 (patch) | |
| tree | 5691801dabb6a06320a55f5ce8ed927af41514f3 /crypto/openssl/apps | |
| parent | 9c043d590896a77d5d66b978a963573a41d66ad3 (diff) | |
| download | FreeBSD-src-7a23485c98b888d229c5e0762dbcfcec293fcef6.zip FreeBSD-src-7a23485c98b888d229c5e0762dbcfcec293fcef6.tar.gz | |
Merge OpenSSL 0.9.8p into head.
Security: CVE-2010-3864
Security: http://www.openssl.org/news/secadv_20101116.txt
Diffstat (limited to 'crypto/openssl/apps')
| -rw-r--r-- | crypto/openssl/apps/apps.c | 17 | ||||
| -rw-r--r-- | crypto/openssl/apps/dh.c | 5 | ||||
| -rw-r--r-- | crypto/openssl/apps/dhparam.c | 5 | ||||
| -rw-r--r-- | crypto/openssl/apps/dsaparam.c | 9 | ||||
| -rw-r--r-- | crypto/openssl/apps/ec.c | 5 | ||||
| -rw-r--r-- | crypto/openssl/apps/ecparam.c | 5 | ||||
| -rw-r--r-- | crypto/openssl/apps/enc.c | 5 | ||||
| -rw-r--r-- | crypto/openssl/apps/gendh.c | 5 | ||||
| -rw-r--r-- | crypto/openssl/apps/gendsa.c | 5 | ||||
| -rw-r--r-- | crypto/openssl/apps/genrsa.c | 5 | ||||
| -rw-r--r-- | crypto/openssl/apps/pkcs7.c | 5 | ||||
| -rw-r--r-- | crypto/openssl/apps/rand.c | 5 | ||||
| -rw-r--r-- | crypto/openssl/apps/s_server.c | 7 | ||||
| -rw-r--r-- | crypto/openssl/apps/s_socket.c | 7 | ||||
| -rw-r--r-- | crypto/openssl/apps/speed.c | 12 | ||||
| -rw-r--r-- | crypto/openssl/apps/x509.c | 2 |
16 files changed, 36 insertions, 68 deletions
diff --git a/crypto/openssl/apps/apps.c b/crypto/openssl/apps/apps.c index 35b62b8..a4b77e1 100644 --- a/crypto/openssl/apps/apps.c +++ b/crypto/openssl/apps/apps.c @@ -351,13 +351,12 @@ void program_name(char *in, char *out, int size) int chopup_args(ARGS *arg, char *buf, int *argc, char **argv[]) { - int num,len,i; + int num,i; char *p; *argc=0; *argv=NULL; - len=strlen(buf); i=0; if (arg->count == 0) { @@ -866,10 +865,17 @@ EVP_PKEY *load_key(BIO *err, const char *file, int format, int maybe_stdin, if (format == FORMAT_ENGINE) { if (!e) - BIO_printf(bio_err,"no engine specified\n"); + BIO_printf(err,"no engine specified\n"); else + { pkey = ENGINE_load_private_key(e, file, ui_method, &cb_data); + if (!pkey) + { + BIO_printf(err,"cannot load %s from engine\n",key_descrip); + ERR_print_errors(err); + } + } goto end; } #endif @@ -919,8 +925,11 @@ EVP_PKEY *load_key(BIO *err, const char *file, int format, int maybe_stdin, } end: if (key != NULL) BIO_free(key); - if (pkey == NULL) + if (pkey == NULL) + { BIO_printf(err,"unable to load %s\n", key_descrip); + ERR_print_errors(err); + } return(pkey); } diff --git a/crypto/openssl/apps/dh.c b/crypto/openssl/apps/dh.c index c4d891e..7e45bd3 100644 --- a/crypto/openssl/apps/dh.c +++ b/crypto/openssl/apps/dh.c @@ -88,9 +88,6 @@ int MAIN(int, char **); int MAIN(int argc, char **argv) { -#ifndef OPENSSL_NO_ENGINE - ENGINE *e = NULL; -#endif DH *dh=NULL; int i,badops=0,text=0; BIO *in=NULL,*out=NULL; @@ -189,7 +186,7 @@ bad: ERR_load_crypto_strings(); #ifndef OPENSSL_NO_ENGINE - e = setup_engine(bio_err, engine, 0); + setup_engine(bio_err, engine, 0); #endif in=BIO_new(BIO_s_file()); diff --git a/crypto/openssl/apps/dhparam.c b/crypto/openssl/apps/dhparam.c index 04bd57c..465cdfe 100644 --- a/crypto/openssl/apps/dhparam.c +++ b/crypto/openssl/apps/dhparam.c @@ -149,9 +149,6 @@ int MAIN(int, char **); int MAIN(int argc, char **argv) { -#ifndef OPENSSL_NO_ENGINE - ENGINE *e = NULL; -#endif DH *dh=NULL; int i,badops=0,text=0; #ifndef OPENSSL_NO_DSA @@ -270,7 +267,7 @@ bad: ERR_load_crypto_strings(); #ifndef OPENSSL_NO_ENGINE - e = setup_engine(bio_err, engine, 0); + setup_engine(bio_err, engine, 0); #endif if (g && !num) diff --git a/crypto/openssl/apps/dsaparam.c b/crypto/openssl/apps/dsaparam.c index 4305a73..fe72c1d 100644 --- a/crypto/openssl/apps/dsaparam.c +++ b/crypto/openssl/apps/dsaparam.c @@ -111,9 +111,6 @@ int MAIN(int, char **); int MAIN(int argc, char **argv) { -#ifndef OPENSSL_NO_ENGINE - ENGINE *e = NULL; -#endif DSA *dsa=NULL; int i,badops=0,text=0; BIO *in=NULL,*out=NULL; @@ -278,7 +275,7 @@ bad: } #ifndef OPENSSL_NO_ENGINE - e = setup_engine(bio_err, engine, 0); + setup_engine(bio_err, engine, 0); #endif if (need_rand) @@ -357,12 +354,10 @@ bad: if (C) { unsigned char *data; - int l,len,bits_p,bits_q,bits_g; + int l,len,bits_p; len=BN_num_bytes(dsa->p); bits_p=BN_num_bits(dsa->p); - bits_q=BN_num_bits(dsa->q); - bits_g=BN_num_bits(dsa->g); data=(unsigned char *)OPENSSL_malloc(len+20); if (data == NULL) { diff --git a/crypto/openssl/apps/ec.c b/crypto/openssl/apps/ec.c index 771e15f..6b3d3ad 100644 --- a/crypto/openssl/apps/ec.c +++ b/crypto/openssl/apps/ec.c @@ -85,9 +85,6 @@ int MAIN(int, char **); int MAIN(int argc, char **argv) { -#ifndef OPENSSL_NO_ENGINE - ENGINE *e = NULL; -#endif int ret = 1; EC_KEY *eckey = NULL; const EC_GROUP *group; @@ -254,7 +251,7 @@ bad: ERR_load_crypto_strings(); #ifndef OPENSSL_NO_ENGINE - e = setup_engine(bio_err, engine, 0); + setup_engine(bio_err, engine, 0); #endif if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) diff --git a/crypto/openssl/apps/ecparam.c b/crypto/openssl/apps/ecparam.c index 4e1fc83..2d3fd30 100644 --- a/crypto/openssl/apps/ecparam.c +++ b/crypto/openssl/apps/ecparam.c @@ -129,9 +129,6 @@ int MAIN(int argc, char **argv) char *infile = NULL, *outfile = NULL, *prog; BIO *in = NULL, *out = NULL; int informat, outformat, noout = 0, C = 0, ret = 1; -#ifndef OPENSSL_NO_ENGINE - ENGINE *e = NULL; -#endif char *engine = NULL; BIGNUM *ec_p = NULL, *ec_a = NULL, *ec_b = NULL, @@ -340,7 +337,7 @@ bad: } #ifndef OPENSSL_NO_ENGINE - e = setup_engine(bio_err, engine, 0); + setup_engine(bio_err, engine, 0); #endif if (list_curves) diff --git a/crypto/openssl/apps/enc.c b/crypto/openssl/apps/enc.c index 8f5e5b8..8beb2df 100644 --- a/crypto/openssl/apps/enc.c +++ b/crypto/openssl/apps/enc.c @@ -100,9 +100,6 @@ int MAIN(int, char **); int MAIN(int argc, char **argv) { -#ifndef OPENSSL_NO_ENGINE - ENGINE *e = NULL; -#endif static const char magic[]="Salted__"; char mbuf[sizeof magic-1]; char *strbuf=NULL; @@ -311,7 +308,7 @@ bad: } #ifndef OPENSSL_NO_ENGINE - e = setup_engine(bio_err, engine, 0); + setup_engine(bio_err, engine, 0); #endif if (md && (dgst=EVP_get_digestbyname(md)) == NULL) diff --git a/crypto/openssl/apps/gendh.c b/crypto/openssl/apps/gendh.c index 4749786..346ea4a 100644 --- a/crypto/openssl/apps/gendh.c +++ b/crypto/openssl/apps/gendh.c @@ -89,9 +89,6 @@ int MAIN(int, char **); int MAIN(int argc, char **argv) { BN_GENCB cb; -#ifndef OPENSSL_NO_ENGINE - ENGINE *e = NULL; -#endif DH *dh=NULL; int ret=1,num=DEFBITS; int g=2; @@ -163,7 +160,7 @@ bad: } #ifndef OPENSSL_NO_ENGINE - e = setup_engine(bio_err, engine, 0); + setup_engine(bio_err, engine, 0); #endif out=BIO_new(BIO_s_file()); diff --git a/crypto/openssl/apps/gendsa.c b/crypto/openssl/apps/gendsa.c index 22c3962..62ea977 100644 --- a/crypto/openssl/apps/gendsa.c +++ b/crypto/openssl/apps/gendsa.c @@ -78,9 +78,6 @@ int MAIN(int, char **); int MAIN(int argc, char **argv) { -#ifndef OPENSSL_NO_ENGINE - ENGINE *e = NULL; -#endif DSA *dsa=NULL; int ret=1; char *outfile=NULL; @@ -206,7 +203,7 @@ bad: } #ifndef OPENSSL_NO_ENGINE - e = setup_engine(bio_err, engine, 0); + setup_engine(bio_err, engine, 0); #endif if(!app_passwd(bio_err, NULL, passargout, NULL, &passout)) { diff --git a/crypto/openssl/apps/genrsa.c b/crypto/openssl/apps/genrsa.c index 5759acb..dfb0139 100644 --- a/crypto/openssl/apps/genrsa.c +++ b/crypto/openssl/apps/genrsa.c @@ -89,9 +89,6 @@ int MAIN(int, char **); int MAIN(int argc, char **argv) { BN_GENCB cb; -#ifndef OPENSSL_NO_ENGINE - ENGINE *e = NULL; -#endif int ret=1; int i,num=DEFBITS; long l; @@ -235,7 +232,7 @@ bad: } #ifndef OPENSSL_NO_ENGINE - e = setup_engine(bio_err, engine, 0); + setup_engine(bio_err, engine, 0); #endif if (outfile == NULL) diff --git a/crypto/openssl/apps/pkcs7.c b/crypto/openssl/apps/pkcs7.c index da4dbe7..bdbb102 100644 --- a/crypto/openssl/apps/pkcs7.c +++ b/crypto/openssl/apps/pkcs7.c @@ -82,9 +82,6 @@ int MAIN(int, char **); int MAIN(int argc, char **argv) { -#ifndef OPENSSL_NO_ENGINE - ENGINE *e = NULL; -#endif PKCS7 *p7=NULL; int i,badops=0; BIO *in=NULL,*out=NULL; @@ -180,7 +177,7 @@ bad: ERR_load_crypto_strings(); #ifndef OPENSSL_NO_ENGINE - e = setup_engine(bio_err, engine, 0); + setup_engine(bio_err, engine, 0); #endif in=BIO_new(BIO_s_file()); diff --git a/crypto/openssl/apps/rand.c b/crypto/openssl/apps/rand.c index 44a1d46..790e795 100644 --- a/crypto/openssl/apps/rand.c +++ b/crypto/openssl/apps/rand.c @@ -77,9 +77,6 @@ int MAIN(int, char **); int MAIN(int argc, char **argv) { -#ifndef OPENSSL_NO_ENGINE - ENGINE *e = NULL; -#endif int i, r, ret = 1; int badopt; char *outfile = NULL; @@ -178,7 +175,7 @@ int MAIN(int argc, char **argv) } #ifndef OPENSSL_NO_ENGINE - e = setup_engine(bio_err, engine, 0); + setup_engine(bio_err, engine, 0); #endif app_RAND_load_file(NULL, bio_err, (inrand != NULL)); diff --git a/crypto/openssl/apps/s_server.c b/crypto/openssl/apps/s_server.c index 88b308c..9ef643e 100644 --- a/crypto/openssl/apps/s_server.c +++ b/crypto/openssl/apps/s_server.c @@ -2075,12 +2075,14 @@ static int www_body(char *hostname, int s, unsigned char *context) { char *buf=NULL; int ret=1; - int i,j,k,blank,dot; + int i,j,k,dot; struct stat st_buf; SSL *con; SSL_CIPHER *c; BIO *io,*ssl_bio,*sbio; +#ifdef RENEG long total_bytes; +#endif buf=OPENSSL_malloc(bufsize); if (buf == NULL) return(0); @@ -2151,7 +2153,6 @@ static int www_body(char *hostname, int s, unsigned char *context) SSL_set_msg_callback_arg(con, bio_s_out); } - blank=0; for (;;) { if (hack) @@ -2388,7 +2389,9 @@ static int www_body(char *hostname, int s, unsigned char *context) BIO_puts(io,"HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n"); } /* send the file */ +#ifdef RENEG total_bytes=0; +#endif for (;;) { i=BIO_read(file,buf,bufsize); diff --git a/crypto/openssl/apps/s_socket.c b/crypto/openssl/apps/s_socket.c index cf82358..6d1d7d7 100644 --- a/crypto/openssl/apps/s_socket.c +++ b/crypto/openssl/apps/s_socket.c @@ -329,7 +329,7 @@ static int init_server_long(int *sock, int port, char *ip, int type) { int ret=0; struct sockaddr_in server; - int s= -1,i; + int s= -1; if (!ssl_sock_init()) return(0); @@ -368,7 +368,6 @@ static int init_server_long(int *sock, int port, char *ip, int type) } /* Make it 128 for linux */ if (type==SOCK_STREAM && listen(s,128) == -1) goto err; - i=0; *sock=s; ret=1; err: @@ -386,7 +385,7 @@ static int init_server(int *sock, int port, int type) static int do_accept(int acc_sock, int *sock, char **host) { - int ret,i; + int ret; struct hostent *h1,*h2; static struct sockaddr_in from; int len; @@ -409,6 +408,7 @@ redoit: if (ret == INVALID_SOCKET) { #if defined(OPENSSL_SYS_WINDOWS) || (defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK)) + int i; i=WSAGetLastError(); BIO_printf(bio_err,"accept error %d\n",i); #else @@ -463,7 +463,6 @@ redoit: BIO_printf(bio_err,"gethostbyname failure\n"); return(0); } - i=0; if (h2->h_addrtype != AF_INET) { BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n"); diff --git a/crypto/openssl/apps/speed.c b/crypto/openssl/apps/speed.c index 393a7ba..84ce35d 100644 --- a/crypto/openssl/apps/speed.c +++ b/crypto/openssl/apps/speed.c @@ -500,9 +500,6 @@ int MAIN(int, char **); int MAIN(int argc, char **argv) { -#ifndef OPENSSL_NO_ENGINE - ENGINE *e = NULL; -#endif unsigned char *buf=NULL,*buf2=NULL; int mret=1; long count=0,save_count=0; @@ -593,7 +590,6 @@ int MAIN(int argc, char **argv) unsigned char DES_iv[8]; unsigned char iv[2*MAX_BLOCK_SIZE/8]; #ifndef OPENSSL_NO_DES - DES_cblock *buf_as_des_cblock = NULL; static DES_cblock key ={0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0}; static DES_cblock key2={0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12}; static DES_cblock key3={0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34}; @@ -806,9 +802,6 @@ int MAIN(int argc, char **argv) BIO_printf(bio_err,"out of memory\n"); goto end; } -#ifndef OPENSSL_NO_DES - buf_as_des_cblock = (DES_cblock *)buf; -#endif if ((buf2=(unsigned char *)OPENSSL_malloc((int)BUFSIZE)) == NULL) { BIO_printf(bio_err,"out of memory\n"); @@ -883,7 +876,7 @@ int MAIN(int argc, char **argv) BIO_printf(bio_err,"no engine given\n"); goto end; } - e = setup_engine(bio_err, *argv, 0); + setup_engine(bio_err, *argv, 0); /* j will be increased again further down. We just don't want speed to confuse an engine with an algorithm, especially when none is given (which @@ -1388,7 +1381,8 @@ int MAIN(int argc, char **argv) count*=2; Time_F(START); for (it=count; it; it--) - DES_ecb_encrypt(buf_as_des_cblock,buf_as_des_cblock, + DES_ecb_encrypt((DES_cblock *)buf, + (DES_cblock *)buf, &sch,DES_ENCRYPT); d=Time_F(STOP); } while (d <3); diff --git a/crypto/openssl/apps/x509.c b/crypto/openssl/apps/x509.c index b25508a..151d3a91 100644 --- a/crypto/openssl/apps/x509.c +++ b/crypto/openssl/apps/x509.c @@ -539,7 +539,6 @@ bad: if (reqfile) { EVP_PKEY *pkey; - X509_CINF *ci; BIO *in; if (!sign_flag && !CA_flag) @@ -607,7 +606,6 @@ bad: print_name(bio_err, "subject=", X509_REQ_get_subject_name(req), nmflag); if ((x=X509_new()) == NULL) goto end; - ci=x->cert_info; if (sno == NULL) { |
