diff options
author | jkim <jkim@FreeBSD.org> | 2017-01-26 19:14:14 +0000 |
---|---|---|
committer | jkim <jkim@FreeBSD.org> | 2017-01-26 19:14:14 +0000 |
commit | 4aed7e4ccd53660aa6e7f0b024a4ce55a3227abc (patch) | |
tree | f87776322a432fb3baf9f4ce835356d8b54ff8a7 /crypto/openssl/apps | |
parent | 778f6f84c2d897983421773093f18137a785cb40 (diff) | |
download | FreeBSD-src-4aed7e4ccd53660aa6e7f0b024a4ce55a3227abc.zip FreeBSD-src-4aed7e4ccd53660aa6e7f0b024a4ce55a3227abc.tar.gz |
MFC: r312825
Merge OpenSSL 1.0.2k.
Diffstat (limited to 'crypto/openssl/apps')
36 files changed, 92 insertions, 146 deletions
diff --git a/crypto/openssl/apps/apps.c b/crypto/openssl/apps/apps.c index 9fdc3e0..c487bd9 100644 --- a/crypto/openssl/apps/apps.c +++ b/crypto/openssl/apps/apps.c @@ -972,7 +972,10 @@ EVP_PKEY *load_key(BIO *err, const char *file, int format, int maybe_stdin, if (!e) BIO_printf(err, "no engine specified\n"); else { - pkey = ENGINE_load_private_key(e, file, ui_method, &cb_data); + if (ENGINE_init(e)) { + pkey = ENGINE_load_private_key(e, file, ui_method, &cb_data); + ENGINE_finish(e); + } if (!pkey) { BIO_printf(err, "cannot load %s from engine\n", key_descrip); ERR_print_errors(err); @@ -1532,11 +1535,13 @@ static ENGINE *try_load_engine(BIO *err, const char *engine, int debug) } return e; } +#endif ENGINE *setup_engine(BIO *err, const char *engine, int debug) { ENGINE *e = NULL; +#ifndef OPENSSL_NO_ENGINE if (engine) { if (strcmp(engine, "auto") == 0) { BIO_printf(err, "enabling auto ENGINE support\n"); @@ -1561,13 +1566,19 @@ ENGINE *setup_engine(BIO *err, const char *engine, int debug) } BIO_printf(err, "engine \"%s\" set.\n", ENGINE_get_id(e)); - - /* Free our "structural" reference. */ - ENGINE_free(e); } +#endif return e; } + +void release_engine(ENGINE *e) +{ +#ifndef OPENSSL_NO_ENGINE + if (e != NULL) + /* Free our "structural" reference. */ + ENGINE_free(e); #endif +} int load_config(BIO *err, CONF *cnf) { diff --git a/crypto/openssl/apps/apps.h b/crypto/openssl/apps/apps.h index c6c3881..268863c 100644 --- a/crypto/openssl/apps/apps.h +++ b/crypto/openssl/apps/apps.h @@ -259,9 +259,9 @@ STACK_OF(X509_CRL) *load_crls(BIO *err, const char *file, int format, const char *pass, ENGINE *e, const char *cert_descrip); X509_STORE *setup_verify(BIO *bp, char *CAfile, char *CApath); -# ifndef OPENSSL_NO_ENGINE + ENGINE *setup_engine(BIO *err, const char *engine, int debug); -# endif +void release_engine(ENGINE *e); # ifndef OPENSSL_NO_OCSP OCSP_RESPONSE *process_responder(BIO *err, OCSP_REQUEST *req, diff --git a/crypto/openssl/apps/ca.c b/crypto/openssl/apps/ca.c index a0ec583..4cea3cb 100644 --- a/crypto/openssl/apps/ca.c +++ b/crypto/openssl/apps/ca.c @@ -319,9 +319,7 @@ int MAIN(int argc, char **argv) #define BSIZE 256 MS_STATIC char buf[3][BSIZE]; char *randfile = NULL; -#ifndef OPENSSL_NO_ENGINE char *engine = NULL; -#endif char *tofree = NULL; DB_ATTR db_attr; @@ -595,9 +593,7 @@ int MAIN(int argc, char **argv) if (!load_config(bio_err, conf)) goto err; -#ifndef OPENSSL_NO_ENGINE e = setup_engine(bio_err, engine, 0); -#endif /* Lets get the config section we are using */ if (section == NULL) { @@ -1485,6 +1481,7 @@ int MAIN(int argc, char **argv) X509_CRL_free(crl); NCONF_free(conf); NCONF_free(extconf); + release_engine(e); OBJ_cleanup(); apps_shutdown(); OPENSSL_EXIT(ret); @@ -2227,7 +2224,6 @@ static int certify_spkac(X509 **xret, char *infile, EVP_PKEY *pkey, sk = CONF_get_section(parms, "default"); if (sk_CONF_VALUE_num(sk) == 0) { BIO_printf(bio_err, "no name/value pairs found in %s\n", infile); - CONF_free(parms); goto err; } diff --git a/crypto/openssl/apps/cms.c b/crypto/openssl/apps/cms.c index 6047937..f9a63bc 100644 --- a/crypto/openssl/apps/cms.c +++ b/crypto/openssl/apps/cms.c @@ -143,9 +143,7 @@ int MAIN(int argc, char **argv) const EVP_MD *sign_md = NULL; int informat = FORMAT_SMIME, outformat = FORMAT_SMIME; int rctformat = FORMAT_SMIME, keyform = FORMAT_PEM; -# ifndef OPENSSL_NO_ENGINE char *engine = NULL; -# endif unsigned char *secret_key = NULL, *secret_keyid = NULL; unsigned char *pwri_pass = NULL, *pwri_tmp = NULL; size_t secret_keylen = 0, secret_keyidlen = 0; @@ -665,9 +663,7 @@ int MAIN(int argc, char **argv) "cert.pem recipient certificate(s) for encryption\n"); goto end; } -# ifndef OPENSSL_NO_ENGINE e = setup_engine(bio_err, engine, 0); -# endif if (!app_passwd(bio_err, passargin, NULL, &passin, NULL)) { BIO_printf(bio_err, "Error getting password\n"); @@ -1170,6 +1166,7 @@ int MAIN(int argc, char **argv) EVP_PKEY_free(key); CMS_ContentInfo_free(cms); CMS_ContentInfo_free(rcms); + release_engine(e); BIO_free(rctin); BIO_free(in); BIO_free(indata); diff --git a/crypto/openssl/apps/dgst.c b/crypto/openssl/apps/dgst.c index 26afcd7..bc2601e 100644 --- a/crypto/openssl/apps/dgst.c +++ b/crypto/openssl/apps/dgst.c @@ -537,6 +537,7 @@ int MAIN(int argc, char **argv) OPENSSL_free(sigbuf); if (bmd != NULL) BIO_free(bmd); + release_engine(e); apps_shutdown(); OPENSSL_EXIT(err); } diff --git a/crypto/openssl/apps/dh.c b/crypto/openssl/apps/dh.c index 48fecc9..bb13fef 100644 --- a/crypto/openssl/apps/dh.c +++ b/crypto/openssl/apps/dh.c @@ -94,9 +94,7 @@ int MAIN(int argc, char **argv) BIO *in = NULL, *out = NULL; int informat, outformat, check = 0, noout = 0, C = 0, ret = 1; char *infile, *outfile, *prog; -# ifndef OPENSSL_NO_ENGINE char *engine; -# endif apps_startup(); @@ -107,9 +105,7 @@ int MAIN(int argc, char **argv) if (!load_config(bio_err, NULL)) goto end; -# ifndef OPENSSL_NO_ENGINE engine = NULL; -# endif infile = NULL; outfile = NULL; informat = FORMAT_PEM; @@ -183,9 +179,7 @@ int MAIN(int argc, char **argv) ERR_load_crypto_strings(); -# ifndef OPENSSL_NO_ENGINE setup_engine(bio_err, engine, 0); -# endif in = BIO_new(BIO_s_file()); out = BIO_new(BIO_s_file()); diff --git a/crypto/openssl/apps/dhparam.c b/crypto/openssl/apps/dhparam.c index 57199a8..1210adb 100644 --- a/crypto/openssl/apps/dhparam.c +++ b/crypto/openssl/apps/dhparam.c @@ -159,9 +159,8 @@ int MAIN(int argc, char **argv) int informat, outformat, check = 0, noout = 0, C = 0, ret = 1; char *infile, *outfile, *prog; char *inrand = NULL; -# ifndef OPENSSL_NO_ENGINE char *engine = NULL; -# endif + ENGINE *e = NULL; int num = 0, g = 0; apps_startup(); @@ -270,9 +269,7 @@ int MAIN(int argc, char **argv) ERR_load_crypto_strings(); -# ifndef OPENSSL_NO_ENGINE - setup_engine(bio_err, engine, 0); -# endif + e = setup_engine(bio_err, engine, 0); if (g && !num) num = DEFBITS; @@ -512,6 +509,7 @@ int MAIN(int argc, char **argv) BIO_free_all(out); if (dh != NULL) DH_free(dh); + release_engine(e); apps_shutdown(); OPENSSL_EXIT(ret); } diff --git a/crypto/openssl/apps/dsa.c b/crypto/openssl/apps/dsa.c index dedf8e1..4ed21d8 100644 --- a/crypto/openssl/apps/dsa.c +++ b/crypto/openssl/apps/dsa.c @@ -106,9 +106,7 @@ int MAIN(int argc, char **argv) int informat, outformat, text = 0, noout = 0; int pubin = 0, pubout = 0; char *infile, *outfile, *prog; -# ifndef OPENSSL_NO_ENGINE char *engine; -# endif char *passargin = NULL, *passargout = NULL; char *passin = NULL, *passout = NULL; int modulus = 0; @@ -124,9 +122,7 @@ int MAIN(int argc, char **argv) if (!load_config(bio_err, NULL)) goto end; -# ifndef OPENSSL_NO_ENGINE engine = NULL; -# endif infile = NULL; outfile = NULL; informat = FORMAT_PEM; @@ -239,9 +235,7 @@ int MAIN(int argc, char **argv) ERR_load_crypto_strings(); -# ifndef OPENSSL_NO_ENGINE e = setup_engine(bio_err, engine, 0); -# endif if (!app_passwd(bio_err, passargin, passargout, &passin, &passout)) { BIO_printf(bio_err, "Error getting passwords\n"); @@ -358,6 +352,7 @@ int MAIN(int argc, char **argv) BIO_free_all(out); if (dsa != NULL) DSA_free(dsa); + release_engine(e); if (passin) OPENSSL_free(passin); if (passout) diff --git a/crypto/openssl/apps/dsaparam.c b/crypto/openssl/apps/dsaparam.c index 824a595..f2cf553 100644 --- a/crypto/openssl/apps/dsaparam.c +++ b/crypto/openssl/apps/dsaparam.c @@ -121,9 +121,8 @@ int MAIN(int argc, char **argv) char *infile, *outfile, *prog, *inrand = NULL; int numbits = -1, num, genkey = 0; int need_rand = 0; -# ifndef OPENSSL_NO_ENGINE char *engine = NULL; -# endif + ENGINE *e = NULL; # ifdef GENCB_TEST int timebomb = 0; # endif @@ -263,9 +262,7 @@ int MAIN(int argc, char **argv) } } -# ifndef OPENSSL_NO_ENGINE - setup_engine(bio_err, engine, 0); -# endif + e = setup_engine(bio_err, engine, 0); if (need_rand) { app_RAND_load_file(NULL, bio_err, (inrand != NULL)); @@ -433,6 +430,7 @@ int MAIN(int argc, char **argv) BIO_free_all(out); if (dsa != NULL) DSA_free(dsa); + release_engine(e); apps_shutdown(); OPENSSL_EXIT(ret); } diff --git a/crypto/openssl/apps/ec.c b/crypto/openssl/apps/ec.c index b04dada..d2263c8 100644 --- a/crypto/openssl/apps/ec.c +++ b/crypto/openssl/apps/ec.c @@ -95,6 +95,7 @@ int MAIN(int argc, char **argv) int informat, outformat, text = 0, noout = 0; int pubin = 0, pubout = 0, param_out = 0; char *infile, *outfile, *prog, *engine; + ENGINE *e = NULL; char *passargin = NULL, *passargout = NULL; char *passin = NULL, *passout = NULL; point_conversion_form_t form = POINT_CONVERSION_UNCOMPRESSED; @@ -235,9 +236,7 @@ int MAIN(int argc, char **argv) ERR_load_crypto_strings(); -# ifndef OPENSSL_NO_ENGINE - setup_engine(bio_err, engine, 0); -# endif + e = setup_engine(bio_err, engine, 0); if (!app_passwd(bio_err, passargin, passargout, &passin, &passout)) { BIO_printf(bio_err, "Error getting passwords\n"); @@ -349,6 +348,7 @@ int MAIN(int argc, char **argv) BIO_free_all(out); if (eckey) EC_KEY_free(eckey); + release_engine(e); if (passin) OPENSSL_free(passin); if (passout) diff --git a/crypto/openssl/apps/ecparam.c b/crypto/openssl/apps/ecparam.c index 71b67f4..a9bf489 100644 --- a/crypto/openssl/apps/ecparam.c +++ b/crypto/openssl/apps/ecparam.c @@ -131,6 +131,7 @@ int MAIN(int argc, char **argv) BIO *in = NULL, *out = NULL; int informat, outformat, noout = 0, C = 0, ret = 1; char *engine = NULL; + ENGINE *e = NULL; BIGNUM *ec_p = NULL, *ec_a = NULL, *ec_b = NULL, *ec_gen = NULL, *ec_order = NULL, *ec_cofactor = NULL; @@ -311,9 +312,7 @@ int MAIN(int argc, char **argv) } } -# ifndef OPENSSL_NO_ENGINE - setup_engine(bio_err, engine, 0); -# endif + e = setup_engine(bio_err, engine, 0); if (list_curves) { EC_builtin_curve *curves = NULL; @@ -620,12 +619,13 @@ int MAIN(int argc, char **argv) BN_free(ec_cofactor); if (buffer) OPENSSL_free(buffer); + if (group != NULL) + EC_GROUP_free(group); + release_engine(e); if (in != NULL) BIO_free(in); if (out != NULL) BIO_free_all(out); - if (group != NULL) - EC_GROUP_free(group); apps_shutdown(); OPENSSL_EXIT(ret); } diff --git a/crypto/openssl/apps/enc.c b/crypto/openssl/apps/enc.c index 8e2ef27..8c8f1ef0 100644 --- a/crypto/openssl/apps/enc.c +++ b/crypto/openssl/apps/enc.c @@ -126,9 +126,8 @@ int MAIN(int argc, char **argv) NULL, *wbio = NULL; #define PROG_NAME_SIZE 39 char pname[PROG_NAME_SIZE + 1]; -#ifndef OPENSSL_NO_ENGINE char *engine = NULL; -#endif + ENGINE *e = NULL; const EVP_MD *dgst = NULL; int non_fips_allow = 0; @@ -322,9 +321,7 @@ int MAIN(int argc, char **argv) argv++; } -#ifndef OPENSSL_NO_ENGINE - setup_engine(bio_err, engine, 0); -#endif + e = setup_engine(bio_err, engine, 0); if (cipher && EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) { BIO_printf(bio_err, @@ -674,6 +671,7 @@ int MAIN(int argc, char **argv) if (bzl != NULL) BIO_free(bzl); #endif + release_engine(e); if (pass) OPENSSL_free(pass); apps_shutdown(); diff --git a/crypto/openssl/apps/gendh.c b/crypto/openssl/apps/gendh.c index fef6f1b..59484c2 100644 --- a/crypto/openssl/apps/gendh.c +++ b/crypto/openssl/apps/gendh.c @@ -96,9 +96,7 @@ int MAIN(int argc, char **argv) int g = 2; char *outfile = NULL; char *inrand = NULL; -# ifndef OPENSSL_NO_ENGINE char *engine = NULL; -# endif BIO *out = NULL; apps_startup(); @@ -162,9 +160,7 @@ int MAIN(int argc, char **argv) BIO_printf(bio_err, " the random number generator\n"); goto end; } -# ifndef OPENSSL_NO_ENGINE setup_engine(bio_err, engine, 0); -# endif out = BIO_new(BIO_s_file()); if (out == NULL) { diff --git a/crypto/openssl/apps/gendsa.c b/crypto/openssl/apps/gendsa.c index fd1360a..31510e6 100644 --- a/crypto/openssl/apps/gendsa.c +++ b/crypto/openssl/apps/gendsa.c @@ -85,9 +85,8 @@ int MAIN(int argc, char **argv) char *passargout = NULL, *passout = NULL; BIO *out = NULL, *in = NULL; const EVP_CIPHER *enc = NULL; -# ifndef OPENSSL_NO_ENGINE char *engine = NULL; -# endif + ENGINE *e = NULL; apps_startup(); @@ -206,9 +205,7 @@ int MAIN(int argc, char **argv) " - a DSA parameter file as generated by the dsaparam command\n"); goto end; } -# ifndef OPENSSL_NO_ENGINE - setup_engine(bio_err, engine, 0); -# endif + e = setup_engine(bio_err, engine, 0); if (!app_passwd(bio_err, NULL, passargout, NULL, &passout)) { BIO_printf(bio_err, "Error getting password\n"); @@ -273,6 +270,7 @@ int MAIN(int argc, char **argv) BIO_free_all(out); if (dsa != NULL) DSA_free(dsa); + release_engine(e); if (passout) OPENSSL_free(passout); apps_shutdown(); diff --git a/crypto/openssl/apps/genpkey.c b/crypto/openssl/apps/genpkey.c index fef21dc..39dcef9 100644 --- a/crypto/openssl/apps/genpkey.c +++ b/crypto/openssl/apps/genpkey.c @@ -275,9 +275,9 @@ int MAIN(int argc, char **argv) if (out) BIO_free_all(out); BIO_free(in); + release_engine(e); if (pass) OPENSSL_free(pass); - return ret; } diff --git a/crypto/openssl/apps/genrsa.c b/crypto/openssl/apps/genrsa.c index 91e6550..51dcfca 100644 --- a/crypto/openssl/apps/genrsa.c +++ b/crypto/openssl/apps/genrsa.c @@ -91,9 +91,7 @@ int MAIN(int, char **); int MAIN(int argc, char **argv) { BN_GENCB cb; -# ifndef OPENSSL_NO_ENGINE ENGINE *e = NULL; -# endif int ret = 1; int i, num = DEFBITS; long l; @@ -101,9 +99,7 @@ int MAIN(int argc, char **argv) unsigned long f4 = RSA_F4; char *outfile = NULL; char *passargout = NULL, *passout = NULL; -# ifndef OPENSSL_NO_ENGINE char *engine = NULL; -# endif char *inrand = NULL; BIO *out = NULL; BIGNUM *bn = BN_new(); @@ -240,9 +236,7 @@ int MAIN(int argc, char **argv) BIO_printf(bio_err, "Error getting password\n"); goto err; } -# ifndef OPENSSL_NO_ENGINE e = setup_engine(bio_err, engine, 0); -# endif if (outfile == NULL) { BIO_set_fp(out, stdout, BIO_NOCLOSE); @@ -314,6 +308,7 @@ int MAIN(int argc, char **argv) RSA_free(rsa); if (out) BIO_free_all(out); + release_engine(e); if (passout) OPENSSL_free(passout); if (ret != 0) diff --git a/crypto/openssl/apps/pkcs12.c b/crypto/openssl/apps/pkcs12.c index 82182c2..d0bd97a 100644 --- a/crypto/openssl/apps/pkcs12.c +++ b/crypto/openssl/apps/pkcs12.c @@ -129,9 +129,7 @@ int MAIN(int argc, char **argv) char *inrand = NULL; char *macalg = NULL; char *CApath = NULL, *CAfile = NULL; -# ifndef OPENSSL_NO_ENGINE char *engine = NULL; -# endif apps_startup(); @@ -406,9 +404,7 @@ int MAIN(int argc, char **argv) "-LMK Add local machine keyset attribute to private key\n"); goto end; } -# ifndef OPENSSL_NO_ENGINE e = setup_engine(bio_err, engine, 0); -# endif if (passarg) { if (export_cert) @@ -756,6 +752,7 @@ int MAIN(int argc, char **argv) # ifdef CRYPTO_MDEBUG CRYPTO_remove_all_info(); # endif + release_engine(e); BIO_free(in); BIO_free_all(out); if (canames) @@ -1110,4 +1107,6 @@ static int set_pbe(BIO *err, int *ppbe, const char *str) return 1; } +#else +static void *dummy = &dummy; #endif diff --git a/crypto/openssl/apps/pkcs7.c b/crypto/openssl/apps/pkcs7.c index b677633..c5d51d2 100644 --- a/crypto/openssl/apps/pkcs7.c +++ b/crypto/openssl/apps/pkcs7.c @@ -90,9 +90,8 @@ int MAIN(int argc, char **argv) char *infile, *outfile, *prog; int print_certs = 0, text = 0, noout = 0, p7_print = 0; int ret = 1; -#ifndef OPENSSL_NO_ENGINE char *engine = NULL; -#endif + ENGINE *e = NULL; apps_startup(); @@ -175,9 +174,7 @@ int MAIN(int argc, char **argv) ERR_load_crypto_strings(); -#ifndef OPENSSL_NO_ENGINE - setup_engine(bio_err, engine, 0); -#endif + e = setup_engine(bio_err, engine, 0); in = BIO_new(BIO_s_file()); out = BIO_new(BIO_s_file()); @@ -303,6 +300,7 @@ int MAIN(int argc, char **argv) end: if (p7 != NULL) PKCS7_free(p7); + release_engine(e); if (in != NULL) BIO_free(in); if (out != NULL) diff --git a/crypto/openssl/apps/pkcs8.c b/crypto/openssl/apps/pkcs8.c index 5099e18..71e31689 100644 --- a/crypto/openssl/apps/pkcs8.c +++ b/crypto/openssl/apps/pkcs8.c @@ -87,9 +87,7 @@ int MAIN(int argc, char **argv) char pass[50], *passin = NULL, *passout = NULL, *p8pass = NULL; int badarg = 0; int ret = 1; -#ifndef OPENSSL_NO_ENGINE char *engine = NULL; -#endif if (bio_err == NULL) bio_err = BIO_new_fp(stderr, BIO_NOCLOSE); @@ -223,9 +221,7 @@ int MAIN(int argc, char **argv) #endif goto end; } -#ifndef OPENSSL_NO_ENGINE e = setup_engine(bio_err, engine, 0); -#endif if (!app_passwd(bio_err, passargin, passargout, &passin, &passout)) { BIO_printf(bio_err, "Error getting passwords\n"); @@ -391,6 +387,7 @@ int MAIN(int argc, char **argv) X509_SIG_free(p8); PKCS8_PRIV_KEY_INFO_free(p8inf); EVP_PKEY_free(pkey); + release_engine(e); BIO_free_all(out); BIO_free(in); if (passin) diff --git a/crypto/openssl/apps/pkey.c b/crypto/openssl/apps/pkey.c index e848049..63d878a 100644 --- a/crypto/openssl/apps/pkey.c +++ b/crypto/openssl/apps/pkey.c @@ -79,9 +79,7 @@ int MAIN(int argc, char **argv) EVP_PKEY *pkey = NULL; char *passin = NULL, *passout = NULL; int badarg = 0; -#ifndef OPENSSL_NO_ENGINE char *engine = NULL; -#endif int ret = 1; if (bio_err == NULL) @@ -178,9 +176,7 @@ int MAIN(int argc, char **argv) #endif return 1; } -#ifndef OPENSSL_NO_ENGINE e = setup_engine(bio_err, engine, 0); -#endif if (!app_passwd(bio_err, passargin, passargout, &passin, &passout)) { BIO_printf(bio_err, "Error getting passwords\n"); @@ -240,6 +236,7 @@ int MAIN(int argc, char **argv) end: EVP_PKEY_free(pkey); + release_engine(e); BIO_free_all(out); BIO_free(in); if (passin) diff --git a/crypto/openssl/apps/pkeyparam.c b/crypto/openssl/apps/pkeyparam.c index a148a66..1437f03 100644 --- a/crypto/openssl/apps/pkeyparam.c +++ b/crypto/openssl/apps/pkeyparam.c @@ -74,9 +74,8 @@ int MAIN(int argc, char **argv) int text = 0, noout = 0; EVP_PKEY *pkey = NULL; int badarg = 0; -#ifndef OPENSSL_NO_ENGINE char *engine = NULL; -#endif + ENGINE *e = NULL; int ret = 1; if (bio_err == NULL) @@ -134,9 +133,7 @@ int MAIN(int argc, char **argv) #endif return 1; } -#ifndef OPENSSL_NO_ENGINE - setup_engine(bio_err, engine, 0); -#endif + e = setup_engine(bio_err, engine, 0); if (infile) { if (!(in = BIO_new_file(infile, "r"))) { @@ -178,6 +175,7 @@ int MAIN(int argc, char **argv) end: EVP_PKEY_free(pkey); + release_engine(e); BIO_free_all(out); BIO_free(in); diff --git a/crypto/openssl/apps/pkeyutl.c b/crypto/openssl/apps/pkeyutl.c index e47206c..7c62d1c 100644 --- a/crypto/openssl/apps/pkeyutl.c +++ b/crypto/openssl/apps/pkeyutl.c @@ -357,6 +357,7 @@ int MAIN(int argc, char **argv) end: if (ctx) EVP_PKEY_CTX_free(ctx); + release_engine(e); BIO_free(in); BIO_free_all(out); if (buf_in != NULL) diff --git a/crypto/openssl/apps/prime.c b/crypto/openssl/apps/prime.c index 1fb1c8d..133167f 100644 --- a/crypto/openssl/apps/prime.c +++ b/crypto/openssl/apps/prime.c @@ -128,16 +128,24 @@ int MAIN(int argc, char **argv) BIO_printf(bio_out, "%s\n", s); OPENSSL_free(s); } else { + int r; + if (hex) - BN_hex2bn(&bn, argv[0]); + r = BN_hex2bn(&bn, argv[0]); else - BN_dec2bn(&bn, argv[0]); + r = BN_dec2bn(&bn, argv[0]); + + if(!r) { + BIO_printf(bio_err, "Failed to process value (%s)\n", argv[0]); + goto end; + } BN_print(bio_out, bn); BIO_printf(bio_out, " is %sprime\n", BN_is_prime_ex(bn, checks, NULL, NULL) ? "" : "not "); } + end: BN_free(bn); BIO_free_all(bio_out); diff --git a/crypto/openssl/apps/rand.c b/crypto/openssl/apps/rand.c index e159da3..96dcb72 100644 --- a/crypto/openssl/apps/rand.c +++ b/crypto/openssl/apps/rand.c @@ -86,9 +86,8 @@ int MAIN(int argc, char **argv) int hex = 0; BIO *out = NULL; int num = -1; -#ifndef OPENSSL_NO_ENGINE + ENGINE *e = NULL; char *engine = NULL; -#endif apps_startup(); @@ -162,9 +161,7 @@ int MAIN(int argc, char **argv) BIO_printf(bio_err, "-hex - hex encode output\n"); goto err; } -#ifndef OPENSSL_NO_ENGINE - setup_engine(bio_err, engine, 0); -#endif + e = setup_engine(bio_err, engine, 0); app_RAND_load_file(NULL, bio_err, (inrand != NULL)); if (inrand != NULL) @@ -222,6 +219,7 @@ int MAIN(int argc, char **argv) err: ERR_print_errors(bio_err); + release_engine(e); if (out) BIO_free_all(out); apps_shutdown(); diff --git a/crypto/openssl/apps/req.c b/crypto/openssl/apps/req.c index d1411c9..cdea1f6 100644 --- a/crypto/openssl/apps/req.c +++ b/crypto/openssl/apps/req.c @@ -179,9 +179,7 @@ int MAIN(int argc, char **argv) int nodes = 0, kludge = 0, newhdr = 0, subject = 0, pubkey = 0; char *infile, *outfile, *prog, *keyfile = NULL, *template = NULL, *keyout = NULL; -#ifndef OPENSSL_NO_ENGINE char *engine = NULL; -#endif char *extensions = NULL; char *req_exts = NULL; const EVP_CIPHER *cipher = NULL; @@ -595,9 +593,7 @@ int MAIN(int argc, char **argv) if ((in == NULL) || (out == NULL)) goto end; -#ifndef OPENSSL_NO_ENGINE e = setup_engine(bio_err, engine, 0); -#endif if (keyfile != NULL) { pkey = load_key(bio_err, keyfile, keyform, 0, passin, e, @@ -1040,6 +1036,7 @@ int MAIN(int argc, char **argv) X509_REQ_free(req); X509_free(x509ss); ASN1_INTEGER_free(serial); + release_engine(e); if (passargin && passin) OPENSSL_free(passin); if (passargout && passout) diff --git a/crypto/openssl/apps/rsa.c b/crypto/openssl/apps/rsa.c index e13c14f..ad3af39 100644 --- a/crypto/openssl/apps/rsa.c +++ b/crypto/openssl/apps/rsa.c @@ -111,9 +111,7 @@ int MAIN(int argc, char **argv) char *infile, *outfile, *prog; char *passargin = NULL, *passargout = NULL; char *passin = NULL, *passout = NULL; -# ifndef OPENSSL_NO_ENGINE char *engine = NULL; -# endif int modulus = 0; int pvk_encr = 2; @@ -254,9 +252,7 @@ int MAIN(int argc, char **argv) ERR_load_crypto_strings(); -# ifndef OPENSSL_NO_ENGINE e = setup_engine(bio_err, engine, 0); -# endif if (!app_passwd(bio_err, passargin, passargout, &passin, &passout)) { BIO_printf(bio_err, "Error getting passwords\n"); @@ -419,6 +415,7 @@ int MAIN(int argc, char **argv) } else ret = 0; end: + release_engine(e); if (out != NULL) BIO_free_all(out); if (rsa != NULL) diff --git a/crypto/openssl/apps/rsautl.c b/crypto/openssl/apps/rsautl.c index 5b6f849..87d1806 100644 --- a/crypto/openssl/apps/rsautl.c +++ b/crypto/openssl/apps/rsautl.c @@ -88,9 +88,7 @@ int MAIN(int argc, char **argv) ENGINE *e = NULL; BIO *in = NULL, *out = NULL; char *infile = NULL, *outfile = NULL; -# ifndef OPENSSL_NO_ENGINE char *engine = NULL; -# endif char *keyfile = NULL; char rsa_mode = RSA_VERIFY, key_type = KEY_PRIVKEY; int keyform = FORMAT_PEM; @@ -195,9 +193,7 @@ int MAIN(int argc, char **argv) BIO_printf(bio_err, "A private key is needed for this operation\n"); goto end; } -# ifndef OPENSSL_NO_ENGINE e = setup_engine(bio_err, engine, 0); -# endif if (!app_passwd(bio_err, passargin, NULL, &passin, NULL)) { BIO_printf(bio_err, "Error getting password\n"); goto end; @@ -327,6 +323,7 @@ int MAIN(int argc, char **argv) BIO_write(out, rsa_out, rsa_outlen); end: RSA_free(rsa); + release_engine(e); BIO_free(in); BIO_free_all(out); if (rsa_in) diff --git a/crypto/openssl/apps/s_cb.c b/crypto/openssl/apps/s_cb.c index d1a99a7..7d71954 100644 --- a/crypto/openssl/apps/s_cb.c +++ b/crypto/openssl/apps/s_cb.c @@ -548,12 +548,12 @@ long MS_CALLBACK bio_dump_callback(BIO *bio, int cmd, const char *argp, if (cmd == (BIO_CB_READ | BIO_CB_RETURN)) { BIO_printf(out, "read from %p [%p] (%lu bytes => %ld (0x%lX))\n", - (void *)bio, argp, (unsigned long)argi, ret, ret); + (void *)bio, (void *)argp, (unsigned long)argi, ret, ret); BIO_dump(out, argp, (int)ret); return (ret); } else if (cmd == (BIO_CB_WRITE | BIO_CB_RETURN)) { BIO_printf(out, "write to %p [%p] (%lu bytes => %ld (0x%lX))\n", - (void *)bio, argp, (unsigned long)argi, ret, ret); + (void *)bio, (void *)argp, (unsigned long)argi, ret, ret); BIO_dump(out, argp, (int)ret); } return (ret); diff --git a/crypto/openssl/apps/s_client.c b/crypto/openssl/apps/s_client.c index 41a326f..3cabfb5 100644 --- a/crypto/openssl/apps/s_client.c +++ b/crypto/openssl/apps/s_client.c @@ -694,12 +694,12 @@ int MAIN(int argc, char **argv) char *inrand = NULL; int mbuf_len = 0; struct timeval timeout, *timeoutp; -#ifndef OPENSSL_NO_ENGINE char *engine_id = NULL; + ENGINE *e = NULL; +#ifndef OPENSSL_NO_ENGINE char *ssl_client_engine_id = NULL; ENGINE *ssl_client_engine = NULL; #endif - ENGINE *e = NULL; #if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_BEOS_R5) struct timeval tv; # if defined(OPENSSL_SYS_BEOS_R5) @@ -1186,8 +1186,8 @@ int MAIN(int argc, char **argv) next_proto.data = NULL; #endif -#ifndef OPENSSL_NO_ENGINE e = setup_engine(bio_err, engine_id, 1); +#ifndef OPENSSL_NO_ENGINE if (ssl_client_engine_id) { ssl_client_engine = ENGINE_by_id(ssl_client_engine_id); if (!ssl_client_engine) { @@ -2123,6 +2123,7 @@ int MAIN(int argc, char **argv) OPENSSL_cleanse(mbuf, BUFSIZZ); OPENSSL_free(mbuf); } + release_engine(e); if (bio_c_out != NULL) { BIO_free(bio_c_out); bio_c_out = NULL; diff --git a/crypto/openssl/apps/s_server.c b/crypto/openssl/apps/s_server.c index 857a70e..b561cf3 100644 --- a/crypto/openssl/apps/s_server.c +++ b/crypto/openssl/apps/s_server.c @@ -328,9 +328,7 @@ static char *keymatexportlabel = NULL; static int keymatexportlen = 20; static int hack = 0; -#ifndef OPENSSL_NO_ENGINE static char *engine_id = NULL; -#endif static const char *session_id_prefix = NULL; static int enable_timeouts = 0; @@ -484,9 +482,7 @@ static void s_server_init(void) s_quiet = 0; s_brief = 0; hack = 0; -# ifndef OPENSSL_NO_ENGINE engine_id = NULL; -# endif } #endif @@ -1603,9 +1599,7 @@ int MAIN(int argc, char *argv[]) SSL_load_error_strings(); OpenSSL_add_ssl_algorithms(); -#ifndef OPENSSL_NO_ENGINE e = setup_engine(bio_err, engine_id, 1); -#endif if (!app_passwd(bio_err, passarg, dpassarg, &pass, &dpass)) { BIO_printf(bio_err, "Error getting password\n"); @@ -2129,6 +2123,7 @@ int MAIN(int argc, char *argv[]) if (jpake_secret && psk_key) OPENSSL_free(psk_key); #endif + release_engine(e); if (bio_s_out != NULL) { BIO_free(bio_s_out); bio_s_out = NULL; diff --git a/crypto/openssl/apps/smime.c b/crypto/openssl/apps/smime.c index 6044ccf..1758330 100644 --- a/crypto/openssl/apps/smime.c +++ b/crypto/openssl/apps/smime.c @@ -114,9 +114,7 @@ int MAIN(int argc, char **argv) const EVP_MD *sign_md = NULL; int informat = FORMAT_SMIME, outformat = FORMAT_SMIME; int keyform = FORMAT_PEM; -#ifndef OPENSSL_NO_ENGINE char *engine = NULL; -#endif X509_VERIFY_PARAM *vpm = NULL; @@ -461,9 +459,7 @@ int MAIN(int argc, char **argv) "cert.pem recipient certificate(s) for encryption\n"); goto end; } -#ifndef OPENSSL_NO_ENGINE e = setup_engine(bio_err, engine, 0); -#endif if (!app_passwd(bio_err, passargin, NULL, &passin, NULL)) { BIO_printf(bio_err, "Error getting password\n"); @@ -736,6 +732,7 @@ int MAIN(int argc, char **argv) X509_free(signer); EVP_PKEY_free(key); PKCS7_free(p7); + release_engine(e); BIO_free(in); BIO_free(indata); BIO_free_all(out); diff --git a/crypto/openssl/apps/speed.c b/crypto/openssl/apps/speed.c index b862868..6cd1021 100644 --- a/crypto/openssl/apps/speed.c +++ b/crypto/openssl/apps/speed.c @@ -372,6 +372,7 @@ int MAIN(int, char **); int MAIN(int argc, char **argv) { + ENGINE *e = NULL; unsigned char *buf = NULL, *buf2 = NULL; int mret = 1; long count = 0, save_count = 0; @@ -669,6 +670,10 @@ int MAIN(int argc, char **argv) ecdh_b[i] = NULL; } # endif +# ifndef OPENSSL_NO_RSA + for (i = 0; i < RSA_NUM; i++) + rsa_key[i] = NULL; +# endif if (bio_err == NULL) if ((bio_err = BIO_new(BIO_s_file())) != NULL) @@ -677,12 +682,6 @@ int MAIN(int argc, char **argv) if (!load_config(bio_err, NULL)) goto end; -# ifndef OPENSSL_NO_RSA - memset(rsa_key, 0, sizeof(rsa_key)); - for (i = 0; i < RSA_NUM; i++) - rsa_key[i] = NULL; -# endif - if ((buf = (unsigned char *)OPENSSL_malloc((int)BUFSIZE)) == NULL) { BIO_printf(bio_err, "out of memory\n"); goto end; @@ -749,7 +748,7 @@ int MAIN(int argc, char **argv) BIO_printf(bio_err, "no engine given\n"); goto end; } - setup_engine(bio_err, *argv, 0); + e = setup_engine(bio_err, *argv, 0); /* * j will be increased again further down. We just don't want * speed to confuse an engine with an algorithm, especially when @@ -2526,6 +2525,7 @@ int MAIN(int argc, char **argv) } # endif + release_engine(e); apps_shutdown(); OPENSSL_EXIT(mret); } diff --git a/crypto/openssl/apps/spkac.c b/crypto/openssl/apps/spkac.c index 8b06ec4..7f5333f 100644 --- a/crypto/openssl/apps/spkac.c +++ b/crypto/openssl/apps/spkac.c @@ -94,9 +94,7 @@ int MAIN(int argc, char **argv) CONF *conf = NULL; NETSCAPE_SPKI *spki = NULL; EVP_PKEY *pkey = NULL; -#ifndef OPENSSL_NO_ENGINE char *engine = NULL; -#endif apps_startup(); @@ -185,9 +183,7 @@ int MAIN(int argc, char **argv) BIO_printf(bio_err, "Error getting password\n"); goto end; } -#ifndef OPENSSL_NO_ENGINE e = setup_engine(bio_err, engine, 0); -#endif if (keyfile) { pkey = load_key(bio_err, @@ -305,6 +301,7 @@ int MAIN(int argc, char **argv) BIO_free(in); BIO_free_all(out); EVP_PKEY_free(pkey); + release_engine(e); if (passin) OPENSSL_free(passin); apps_shutdown(); diff --git a/crypto/openssl/apps/srp.c b/crypto/openssl/apps/srp.c index c75052f..37341a5 100644 --- a/crypto/openssl/apps/srp.c +++ b/crypto/openssl/apps/srp.c @@ -293,9 +293,8 @@ int MAIN(int argc, char **argv) int i; long errorline = -1; char *randfile = NULL; -# ifndef OPENSSL_NO_ENGINE + ENGINE *e = NULL; char *engine = NULL; -# endif char *tofree = NULL; DB_ATTR db_attr; @@ -411,9 +410,7 @@ int MAIN(int argc, char **argv) ERR_load_crypto_strings(); -# ifndef OPENSSL_NO_ENGINE - setup_engine(bio_err, engine, 0); -# endif + e = setup_engine(bio_err, engine, 0); if (!app_passwd(bio_err, passargin, passargout, &passin, &passout)) { BIO_printf(bio_err, "Error getting passwords\n"); @@ -760,6 +757,7 @@ int MAIN(int argc, char **argv) if (db) free_index(db); + release_engine(e); OBJ_cleanup(); apps_shutdown(); OPENSSL_EXIT(ret); diff --git a/crypto/openssl/apps/verify.c b/crypto/openssl/apps/verify.c index b5ae6b3..c4bd197 100644 --- a/crypto/openssl/apps/verify.c +++ b/crypto/openssl/apps/verify.c @@ -89,9 +89,7 @@ int MAIN(int argc, char **argv) X509_LOOKUP *lookup = NULL; X509_VERIFY_PARAM *vpm = NULL; int crl_download = 0; -#ifndef OPENSSL_NO_ENGINE char *engine = NULL; -#endif cert_ctx = X509_STORE_new(); if (cert_ctx == NULL) @@ -160,9 +158,7 @@ int MAIN(int argc, char **argv) break; } -#ifndef OPENSSL_NO_ENGINE e = setup_engine(bio_err, engine, 0); -#endif if (vpm) X509_STORE_set1_param(cert_ctx, vpm); @@ -255,6 +251,7 @@ int MAIN(int argc, char **argv) sk_X509_pop_free(untrusted, X509_free); sk_X509_pop_free(trusted, X509_free); sk_X509_CRL_pop_free(crls, X509_CRL_free); + release_engine(e); apps_shutdown(); OPENSSL_EXIT(ret < 0 ? 2 : ret); } diff --git a/crypto/openssl/apps/x509.c b/crypto/openssl/apps/x509.c index 17cb62d..ad9fc98 100644 --- a/crypto/openssl/apps/x509.c +++ b/crypto/openssl/apps/x509.c @@ -218,9 +218,7 @@ int MAIN(int argc, char **argv) char *checkhost = NULL; char *checkemail = NULL; char *checkip = NULL; -#ifndef OPENSSL_NO_ENGINE char *engine = NULL; -#endif reqfile = 0; @@ -501,9 +499,7 @@ int MAIN(int argc, char **argv) BIO_printf(bio_err, "%s", *pp); goto end; } -#ifndef OPENSSL_NO_ENGINE e = setup_engine(bio_err, engine, 0); -#endif if (need_rand) app_RAND_load_file(NULL, bio_err, 0); @@ -1040,6 +1036,7 @@ int MAIN(int argc, char **argv) ASN1_INTEGER_free(sno); sk_ASN1_OBJECT_pop_free(trust, ASN1_OBJECT_free); sk_ASN1_OBJECT_pop_free(reject, ASN1_OBJECT_free); + release_engine(e); if (passin) OPENSSL_free(passin); apps_shutdown(); |