diff options
Diffstat (limited to 'crypto/openssl/apps')
30 files changed, 325 insertions, 28 deletions
diff --git a/crypto/openssl/apps/Makefile.ssl b/crypto/openssl/apps/Makefile.ssl index c75d0d2..ff433d6 100644 --- a/crypto/openssl/apps/Makefile.ssl +++ b/crypto/openssl/apps/Makefile.ssl @@ -18,6 +18,7 @@ PERL= perl RM= rm -f # KRB5 stuff KRB5_INCLUDES= +LIBKRB5= PEX_LIBS= EX_LIBS= @@ -150,8 +151,7 @@ $(PROGRAM): progs.h $(E_OBJ) $(PROGRAM).o $(DLIBCRYPTO) $(DLIBSSL) fi -(cd ..; OPENSSL="`pwd`/apps/openssl"; export OPENSSL; \ LIBPATH="`pwd`"; LD_LIBRARY_PATH="`pwd`"; DYLD_LIBRARY_PATH="`pwd`"; SHLIB_PATH="`pwd`"; \ - if [ "$(PLATFORM)" = "DJGPP" ]; then PATH="`pwd`\;$$PATH"; \ - elif [ "$(PLATFORM)" = "Cygwin" ]; then PATH="`pwd`:$$PATH"; fi; \ + if [ "$(PLATFORM)" = "Cygwin" ]; then PATH="`pwd`:$$PATH"; fi; \ export LD_LIBRARY_PATH DYLD_LIBRARY_PATH SHLIB_PATH LIBPATH PATH; \ $(PERL) tools/c_rehash certs) diff --git a/crypto/openssl/apps/apps.c b/crypto/openssl/apps/apps.c index 4a8c926..ec3e391 100644 --- a/crypto/openssl/apps/apps.c +++ b/crypto/openssl/apps/apps.c @@ -122,7 +122,9 @@ #include <openssl/pkcs12.h> #include <openssl/ui.h> #include <openssl/safestack.h> +#ifndef OPENSSL_NO_ENGINE #include <openssl/engine.h> +#endif #ifdef OPENSSL_SYS_WINDOWS #define strcasecmp _stricmp @@ -859,6 +861,7 @@ EVP_PKEY *load_key(BIO *err, const char *file, int format, int maybe_stdin, BIO_printf(err,"no keyfile specified\n"); goto end; } +#ifndef OPENSSL_NO_ENGINE if (format == FORMAT_ENGINE) { if (!e) @@ -868,6 +871,7 @@ EVP_PKEY *load_key(BIO *err, const char *file, int format, int maybe_stdin, ui_method, &cb_data); goto end; } +#endif key=BIO_new(BIO_s_file()); if (key == NULL) { @@ -935,6 +939,7 @@ EVP_PKEY *load_pubkey(BIO *err, const char *file, int format, int maybe_stdin, BIO_printf(err,"no keyfile specified\n"); goto end; } +#ifndef OPENSSL_NO_ENGINE if (format == FORMAT_ENGINE) { if (!e) @@ -944,6 +949,7 @@ EVP_PKEY *load_pubkey(BIO *err, const char *file, int format, int maybe_stdin, ui_method, &cb_data); goto end; } +#endif key=BIO_new(BIO_s_file()); if (key == NULL) { @@ -1329,6 +1335,7 @@ X509_STORE *setup_verify(BIO *bp, char *CAfile, char *CApath) return NULL; } +#ifndef OPENSSL_NO_ENGINE /* Try to load an engine in a shareable library */ static ENGINE *try_load_engine(BIO *err, const char *engine, int debug) { @@ -1385,6 +1392,7 @@ ENGINE *setup_engine(BIO *err, const char *engine, int debug) } return e; } +#endif int load_config(BIO *err, CONF *cnf) { diff --git a/crypto/openssl/apps/apps.h b/crypto/openssl/apps/apps.h index 7b1f8de..c36b9d2 100644 --- a/crypto/openssl/apps/apps.h +++ b/crypto/openssl/apps/apps.h @@ -121,7 +121,9 @@ #include <openssl/lhash.h> #include <openssl/conf.h> #include <openssl/txt_db.h> +#ifndef OPENSSL_NO_ENGINE #include <openssl/engine.h> +#endif #include <openssl/ossl_typ.h> int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn); @@ -179,30 +181,57 @@ extern BIO *bio_err; do_pipe_sig() # define apps_shutdown() #else -# if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WIN16) || \ - defined(OPENSSL_SYS_WIN32) -# ifdef _O_BINARY -# define apps_startup() \ - do { _fmode=_O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \ - ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \ - ENGINE_load_builtin_engines(); setup_ui_method(); } while(0) +# ifndef OPENSSL_NO_ENGINE +# if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WIN16) || \ + defined(OPENSSL_SYS_WIN32) +# ifdef _O_BINARY +# define apps_startup() \ + do { _fmode=_O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \ + ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \ + ENGINE_load_builtin_engines(); setup_ui_method(); } while(0) +# else +# define apps_startup() \ + do { _fmode=O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \ + ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \ + ENGINE_load_builtin_engines(); setup_ui_method(); } while(0) +# endif # else # define apps_startup() \ - do { _fmode=O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \ - ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \ - ENGINE_load_builtin_engines(); setup_ui_method(); } while(0) + do { do_pipe_sig(); OpenSSL_add_all_algorithms(); \ + ERR_load_crypto_strings(); ENGINE_load_builtin_engines(); \ + setup_ui_method(); } while(0) # endif +# define apps_shutdown() \ + do { CONF_modules_unload(1); destroy_ui_method(); \ + EVP_cleanup(); ENGINE_cleanup(); \ + CRYPTO_cleanup_all_ex_data(); ERR_remove_state(0); \ + ERR_free_strings(); } while(0) # else -# define apps_startup() \ - do { do_pipe_sig(); OpenSSL_add_all_algorithms(); \ - ERR_load_crypto_strings(); ENGINE_load_builtin_engines(); \ - setup_ui_method(); } while(0) +# if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WIN16) || \ + defined(OPENSSL_SYS_WIN32) +# ifdef _O_BINARY +# define apps_startup() \ + do { _fmode=_O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \ + ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \ + setup_ui_method(); } while(0) +# else +# define apps_startup() \ + do { _fmode=O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \ + ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \ + setup_ui_method(); } while(0) +# endif +# else +# define apps_startup() \ + do { do_pipe_sig(); OpenSSL_add_all_algorithms(); \ + ERR_load_crypto_strings(); \ + setup_ui_method(); } while(0) +# endif +# define apps_shutdown() \ + do { CONF_modules_unload(1); destroy_ui_method(); \ + EVP_cleanup(); \ + CRYPTO_cleanup_all_ex_data(); ERR_remove_state(0); \ + ERR_free_strings(); } while(0) # endif -# define apps_shutdown() \ - do { CONF_modules_unload(1); destroy_ui_method(); \ - EVP_cleanup(); ENGINE_cleanup(); \ - CRYPTO_cleanup_all_ex_data(); ERR_remove_state(0); \ - ERR_free_strings(); } while(0) #endif typedef struct args_st @@ -248,7 +277,9 @@ EVP_PKEY *load_pubkey(BIO *err, const char *file, int format, int maybe_stdin, STACK_OF(X509) *load_certs(BIO *err, const char *file, int format, const char *pass, ENGINE *e, const char *cert_descrip); X509_STORE *setup_verify(BIO *bp, char *CAfile, char *CApath); +#ifndef OPENSSL_NO_ENGINE ENGINE *setup_engine(BIO *err, const char *engine, int debug); +#endif int load_config(BIO *err, CONF *cnf); char *make_config_name(void); diff --git a/crypto/openssl/apps/ca.c b/crypto/openssl/apps/ca.c index 93e61f6..1d4e4aa 100644 --- a/crypto/openssl/apps/ca.c +++ b/crypto/openssl/apps/ca.c @@ -196,7 +196,9 @@ static char *ca_usage[]={ " -extensions .. - Extension section (override value in config file)\n", " -extfile file - Configuration file with X509v3 extentions to add\n", " -crlexts .. - CRL extension section (override value in config file)\n", +#ifndef OPENSSL_NO_ENGINE " -engine e - use engine e, possibly a hardware device.\n", +#endif " -status serial - Shows certificate status given the serial number\n", " -updatedb - Updates db for expired certificates\n", NULL @@ -333,7 +335,9 @@ int MAIN(int argc, char **argv) #define BSIZE 256 MS_STATIC char buf[3][BSIZE]; char *randfile=NULL; +#ifndef OPENSSL_NO_ENGINE char *engine = NULL; +#endif char *tofree=NULL; #ifdef EFENCE @@ -537,11 +541,13 @@ EF_ALIGNMENT=0; rev_arg = *(++argv); rev_type = REV_CA_COMPROMISE; } +#ifndef OPENSSL_NO_ENGINE else if (strcmp(*argv,"-engine") == 0) { if (--argc < 1) goto bad; engine= *(++argv); } +#endif else { bad: @@ -562,7 +568,9 @@ bad: ERR_load_crypto_strings(); +#ifndef OPENSSL_NO_ENGINE e = setup_engine(bio_err, engine, 0); +#endif /*****************************************************************/ tofree=NULL; @@ -597,7 +605,10 @@ bad: goto err; } if(tofree) + { OPENSSL_free(tofree); + tofree = NULL; + } if (!load_config(bio_err, conf)) goto err; @@ -1633,11 +1644,12 @@ err: BIO_free_all(out); BIO_free_all(in); - sk_X509_pop_free(cert_sk,X509_free); + if (cert_sk) + sk_X509_pop_free(cert_sk,X509_free); if (ret) ERR_print_errors(bio_err); app_RAND_write_file(randfile, bio_err); - if (free_key) + if (free_key && key) OPENSSL_free(key); BN_free(serial); TXT_DB_free(db); diff --git a/crypto/openssl/apps/dgst.c b/crypto/openssl/apps/dgst.c index 280f79b..47d1309 100644 --- a/crypto/openssl/apps/dgst.c +++ b/crypto/openssl/apps/dgst.c @@ -100,7 +100,9 @@ int MAIN(int argc, char **argv) EVP_PKEY *sigkey = NULL; unsigned char *sigbuf = NULL; int siglen = 0; +#ifndef OPENSSL_NO_ENGINE char *engine=NULL; +#endif apps_startup(); @@ -166,11 +168,13 @@ int MAIN(int argc, char **argv) if (--argc < 1) break; keyform=str2fmt(*(++argv)); } +#ifndef OPENSSL_NO_ENGINE else if (strcmp(*argv,"-engine") == 0) { if (--argc < 1) break; engine= *(++argv); } +#endif else if (strcmp(*argv,"-hex") == 0) out_bin = 0; else if (strcmp(*argv,"-binary") == 0) @@ -208,7 +212,9 @@ int MAIN(int argc, char **argv) BIO_printf(bio_err,"-keyform arg key file format (PEM or ENGINE)\n"); BIO_printf(bio_err,"-signature file signature to verify\n"); BIO_printf(bio_err,"-binary output in binary form\n"); +#ifndef OPENSSL_NO_ENGINE BIO_printf(bio_err,"-engine e use engine e, possibly a hardware device.\n"); +#endif BIO_printf(bio_err,"-%3s to use the %s message digest algorithm (default)\n", LN_md5,LN_md5); @@ -228,7 +234,9 @@ int MAIN(int argc, char **argv) goto end; } +#ifndef OPENSSL_NO_ENGINE e = setup_engine(bio_err, engine, 0); +#endif in=BIO_new(BIO_s_file()); bmd=BIO_new(BIO_f_md()); diff --git a/crypto/openssl/apps/dh.c b/crypto/openssl/apps/dh.c index c10ea96..cd01fed 100644 --- a/crypto/openssl/apps/dh.c +++ b/crypto/openssl/apps/dh.c @@ -87,12 +87,17 @@ int MAIN(int, char **); int MAIN(int argc, char **argv) { +#ifndef OPENSSL_NO_ENGINE ENGINE *e = NULL; +#endif DH *dh=NULL; int i,badops=0,text=0; BIO *in=NULL,*out=NULL; int informat,outformat,check=0,noout=0,C=0,ret=1; - char *infile,*outfile,*prog,*engine; + char *infile,*outfile,*prog; +#ifndef OPENSSL_NO_ENGINE + char *engine; +#endif apps_startup(); @@ -103,7 +108,9 @@ int MAIN(int argc, char **argv) if (!load_config(bio_err, NULL)) goto end; +#ifndef OPENSSL_NO_ENGINE engine=NULL; +#endif infile=NULL; outfile=NULL; informat=FORMAT_PEM; @@ -134,11 +141,13 @@ int MAIN(int argc, char **argv) if (--argc < 1) goto bad; outfile= *(++argv); } +#ifndef OPENSSL_NO_ENGINE else if (strcmp(*argv,"-engine") == 0) { if (--argc < 1) goto bad; engine= *(++argv); } +#endif else if (strcmp(*argv,"-check") == 0) check=1; else if (strcmp(*argv,"-text") == 0) @@ -170,13 +179,17 @@ bad: BIO_printf(bio_err," -text print a text form of the DH parameters\n"); BIO_printf(bio_err," -C Output C code\n"); BIO_printf(bio_err," -noout no output\n"); +#ifndef OPENSSL_NO_ENGINE BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n"); +#endif goto end; } ERR_load_crypto_strings(); +#ifndef OPENSSL_NO_ENGINE e = setup_engine(bio_err, engine, 0); +#endif in=BIO_new(BIO_s_file()); out=BIO_new(BIO_s_file()); diff --git a/crypto/openssl/apps/dhparam.c b/crypto/openssl/apps/dhparam.c index cbc65bc..dc00355 100644 --- a/crypto/openssl/apps/dhparam.c +++ b/crypto/openssl/apps/dhparam.c @@ -148,7 +148,9 @@ int MAIN(int, char **); int MAIN(int argc, char **argv) { +#ifndef OPENSSL_NO_ENGINE ENGINE *e = NULL; +#endif DH *dh=NULL; int i,badops=0,text=0; #ifndef OPENSSL_NO_DSA @@ -157,7 +159,10 @@ int MAIN(int argc, char **argv) BIO *in=NULL,*out=NULL; int informat,outformat,check=0,noout=0,C=0,ret=1; char *infile,*outfile,*prog; - char *inrand=NULL,*engine=NULL; + char *inrand=NULL; +#ifndef OPENSSL_NO_ENGINE + char *engine=NULL; +#endif int num = 0, g = 0; apps_startup(); @@ -199,11 +204,13 @@ int MAIN(int argc, char **argv) if (--argc < 1) goto bad; outfile= *(++argv); } +#ifndef OPENSSL_NO_ENGINE else if (strcmp(*argv,"-engine") == 0) { if (--argc < 1) goto bad; engine= *(++argv); } +#endif else if (strcmp(*argv,"-check") == 0) check=1; else if (strcmp(*argv,"-text") == 0) @@ -249,7 +256,9 @@ bad: BIO_printf(bio_err," -2 generate parameters using 2 as the generator value\n"); BIO_printf(bio_err," -5 generate parameters using 5 as the generator value\n"); BIO_printf(bio_err," numbits number of bits in to generate (default 512)\n"); +#ifndef OPENSSL_NO_ENGINE BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n"); +#endif BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); BIO_printf(bio_err," - load the file (or the files in the directory) into\n"); BIO_printf(bio_err," the random number generator\n"); @@ -259,7 +268,9 @@ bad: ERR_load_crypto_strings(); +#ifndef OPENSSL_NO_ENGINE e = setup_engine(bio_err, engine, 0); +#endif if (g && !num) num = DEFBITS; diff --git a/crypto/openssl/apps/dsa.c b/crypto/openssl/apps/dsa.c index 6598871..e9de3a3 100644 --- a/crypto/openssl/apps/dsa.c +++ b/crypto/openssl/apps/dsa.c @@ -90,7 +90,9 @@ int MAIN(int, char **); int MAIN(int argc, char **argv) { +#ifndef OPENSSL_NO_ENGINE ENGINE *e = NULL; +#endif int ret=1; DSA *dsa=NULL; int i,badops=0; @@ -98,7 +100,10 @@ int MAIN(int argc, char **argv) BIO *in=NULL,*out=NULL; int informat,outformat,text=0,noout=0; int pubin = 0, pubout = 0; - char *infile,*outfile,*prog,*engine; + char *infile,*outfile,*prog; +#ifndef OPENSSL_NO_ENGINE + char *engine; +#endif char *passargin = NULL, *passargout = NULL; char *passin = NULL, *passout = NULL; int modulus=0; @@ -112,7 +117,9 @@ int MAIN(int argc, char **argv) if (!load_config(bio_err, NULL)) goto end; +#ifndef OPENSSL_NO_ENGINE engine=NULL; +#endif infile=NULL; outfile=NULL; informat=FORMAT_PEM; @@ -153,11 +160,13 @@ int MAIN(int argc, char **argv) if (--argc < 1) goto bad; passargout= *(++argv); } +#ifndef OPENSSL_NO_ENGINE else if (strcmp(*argv,"-engine") == 0) { if (--argc < 1) goto bad; engine= *(++argv); } +#endif else if (strcmp(*argv,"-noout") == 0) noout=1; else if (strcmp(*argv,"-text") == 0) @@ -189,7 +198,9 @@ bad: BIO_printf(bio_err," -passin arg input file pass phrase source\n"); BIO_printf(bio_err," -out arg output file\n"); BIO_printf(bio_err," -passout arg output file pass phrase source\n"); +#ifndef OPENSSL_NO_ENGINE BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n"); +#endif BIO_printf(bio_err," -des encrypt PEM output with cbc des\n"); BIO_printf(bio_err," -des3 encrypt PEM output with ede cbc des using 168 bit key\n"); #ifndef OPENSSL_NO_IDEA @@ -207,7 +218,9 @@ bad: ERR_load_crypto_strings(); +#ifndef OPENSSL_NO_ENGINE e = setup_engine(bio_err, engine, 0); +#endif if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) { BIO_printf(bio_err, "Error getting passwords\n"); diff --git a/crypto/openssl/apps/dsaparam.c b/crypto/openssl/apps/dsaparam.c index 320d76f..04861e8 100644 --- a/crypto/openssl/apps/dsaparam.c +++ b/crypto/openssl/apps/dsaparam.c @@ -90,7 +90,9 @@ int MAIN(int, char **); int MAIN(int argc, char **argv) { +#ifndef OPENSSL_NO_ENGINE ENGINE *e = NULL; +#endif DSA *dsa=NULL; int i,badops=0,text=0; BIO *in=NULL,*out=NULL; @@ -98,7 +100,9 @@ int MAIN(int argc, char **argv) char *infile,*outfile,*prog,*inrand=NULL; int numbits= -1,num,genkey=0; int need_rand=0; +#ifndef OPENSSL_NO_ENGINE char *engine=NULL; +#endif apps_startup(); @@ -139,11 +143,13 @@ int MAIN(int argc, char **argv) if (--argc < 1) goto bad; outfile= *(++argv); } +#ifndef OPENSSL_NO_ENGINE else if(strcmp(*argv, "-engine") == 0) { if (--argc < 1) goto bad; engine = *(++argv); } +#endif else if (strcmp(*argv,"-text") == 0) text=1; else if (strcmp(*argv,"-C") == 0) @@ -191,7 +197,9 @@ bad: BIO_printf(bio_err," -noout no output\n"); BIO_printf(bio_err," -genkey generate a DSA key\n"); BIO_printf(bio_err," -rand files to use for random number input\n"); +#ifndef OPENSSL_NO_ENGINE BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n"); +#endif BIO_printf(bio_err," number number of bits to use for generating private key\n"); goto end; } @@ -235,7 +243,9 @@ bad: } } +#ifndef OPENSSL_NO_ENGINE e = setup_engine(bio_err, engine, 0); +#endif if (need_rand) { diff --git a/crypto/openssl/apps/enc.c b/crypto/openssl/apps/enc.c index 42ddfd2..0a9f731 100644 --- a/crypto/openssl/apps/enc.c +++ b/crypto/openssl/apps/enc.c @@ -100,7 +100,9 @@ int MAIN(int, char **); int MAIN(int argc, char **argv) { +#ifndef OPENSSL_NO_ENGINE ENGINE *e = NULL; +#endif static const char magic[]="Salted__"; char mbuf[sizeof magic-1]; char *strbuf=NULL; @@ -119,7 +121,9 @@ int MAIN(int argc, char **argv) BIO *in=NULL,*out=NULL,*b64=NULL,*benc=NULL,*rbio=NULL,*wbio=NULL; #define PROG_NAME_SIZE 39 char pname[PROG_NAME_SIZE+1]; +#ifndef OPENSSL_NO_ENGINE char *engine = NULL; +#endif apps_startup(); @@ -163,11 +167,13 @@ int MAIN(int argc, char **argv) if (--argc < 1) goto bad; passarg= *(++argv); } +#ifndef OPENSSL_NO_ENGINE else if (strcmp(*argv,"-engine") == 0) { if (--argc < 1) goto bad; engine= *(++argv); } +#endif else if (strcmp(*argv,"-d") == 0) enc=0; else if (strcmp(*argv,"-p") == 0) @@ -270,7 +276,9 @@ bad: BIO_printf(bio_err,"%-14s key/iv in hex is the next argument\n","-K/-iv"); BIO_printf(bio_err,"%-14s print the iv/key (then exit if -P)\n","-[pP]"); BIO_printf(bio_err,"%-14s buffer size\n","-bufsize <n>"); +#ifndef OPENSSL_NO_ENGINE BIO_printf(bio_err,"%-14s use engine e, possibly a hardware device.\n","-engine e"); +#endif BIO_printf(bio_err,"Cipher Types\n"); OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_CIPHER_METH, @@ -284,7 +292,9 @@ bad: argv++; } +#ifndef OPENSSL_NO_ENGINE e = setup_engine(bio_err, engine, 0); +#endif if (bufsize != NULL) { diff --git a/crypto/openssl/apps/engine.c b/crypto/openssl/apps/engine.c index b718ae1..456f80a 100644 --- a/crypto/openssl/apps/engine.c +++ b/crypto/openssl/apps/engine.c @@ -56,6 +56,8 @@ * */ +#ifndef OPENSSL_NO_ENGINE + #include <stdio.h> #include <stdlib.h> #include <string.h> @@ -518,3 +520,4 @@ end: apps_shutdown(); OPENSSL_EXIT(ret); } +#endif diff --git a/crypto/openssl/apps/gendh.c b/crypto/openssl/apps/gendh.c index 98ee413..a34a862 100644 --- a/crypto/openssl/apps/gendh.c +++ b/crypto/openssl/apps/gendh.c @@ -81,13 +81,17 @@ int MAIN(int, char **); int MAIN(int argc, char **argv) { +#ifndef OPENSSL_NO_ENGINE ENGINE *e = NULL; +#endif DH *dh=NULL; int ret=1,num=DEFBITS; int g=2; char *outfile=NULL; char *inrand=NULL; +#ifndef OPENSSL_NO_ENGINE char *engine=NULL; +#endif BIO *out=NULL; apps_startup(); @@ -115,11 +119,13 @@ int MAIN(int argc, char **argv) g=3; */ else if (strcmp(*argv,"-5") == 0) g=5; +#ifndef OPENSSL_NO_ENGINE else if (strcmp(*argv,"-engine") == 0) { if (--argc < 1) goto bad; engine= *(++argv); } +#endif else if (strcmp(*argv,"-rand") == 0) { if (--argc < 1) goto bad; @@ -138,14 +144,18 @@ bad: BIO_printf(bio_err," -2 - use 2 as the generator value\n"); /* BIO_printf(bio_err," -3 - use 3 as the generator value\n"); */ BIO_printf(bio_err," -5 - use 5 as the generator value\n"); +#ifndef OPENSSL_NO_ENGINE BIO_printf(bio_err," -engine e - use engine e, possibly a hardware device.\n"); +#endif BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); BIO_printf(bio_err," - load the file (or the files in the directory) into\n"); BIO_printf(bio_err," the random number generator\n"); goto end; } +#ifndef OPENSSL_NO_ENGINE e = setup_engine(bio_err, engine, 0); +#endif out=BIO_new(BIO_s_file()); if (out == NULL) diff --git a/crypto/openssl/apps/gendsa.c b/crypto/openssl/apps/gendsa.c index 4600711..6d2ed06 100644 --- a/crypto/openssl/apps/gendsa.c +++ b/crypto/openssl/apps/gendsa.c @@ -77,7 +77,9 @@ int MAIN(int, char **); int MAIN(int argc, char **argv) { +#ifndef OPENSSL_NO_ENGINE ENGINE *e = NULL; +#endif DSA *dsa=NULL; int ret=1; char *outfile=NULL; @@ -85,7 +87,9 @@ int MAIN(int argc, char **argv) char *passargout = NULL, *passout = NULL; BIO *out=NULL,*in=NULL; const EVP_CIPHER *enc=NULL; +#ifndef OPENSSL_NO_ENGINE char *engine=NULL; +#endif apps_startup(); @@ -111,11 +115,13 @@ int MAIN(int argc, char **argv) if (--argc < 1) goto bad; passargout= *(++argv); } +#ifndef OPENSSL_NO_ENGINE else if (strcmp(*argv,"-engine") == 0) { if (--argc < 1) goto bad; engine= *(++argv); } +#endif else if (strcmp(*argv,"-rand") == 0) { if (--argc < 1) goto bad; @@ -167,7 +173,9 @@ bad: BIO_printf(bio_err," -aes128, -aes192, -aes256\n"); BIO_printf(bio_err," encrypt PEM output with cbc aes\n"); #endif +#ifndef OPENSSL_NO_ENGINE BIO_printf(bio_err," -engine e - use engine e, possibly a hardware device.\n"); +#endif BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); BIO_printf(bio_err," - load the file (or the files in the directory) into\n"); BIO_printf(bio_err," the random number generator\n"); @@ -176,7 +184,9 @@ bad: goto end; } +#ifndef OPENSSL_NO_ENGINE e = setup_engine(bio_err, engine, 0); +#endif if(!app_passwd(bio_err, NULL, passargout, NULL, &passout)) { BIO_printf(bio_err, "Error getting password\n"); diff --git a/crypto/openssl/apps/genrsa.c b/crypto/openssl/apps/genrsa.c index dbc23e4..63be873 100644 --- a/crypto/openssl/apps/genrsa.c +++ b/crypto/openssl/apps/genrsa.c @@ -81,7 +81,9 @@ int MAIN(int, char **); int MAIN(int argc, char **argv) { +#ifndef OPENSSL_NO_ENGINE ENGINE *e = NULL; +#endif int ret=1; RSA *rsa=NULL; int i,num=DEFBITS; @@ -90,7 +92,9 @@ int MAIN(int argc, char **argv) unsigned long f4=RSA_F4; char *outfile=NULL; char *passargout = NULL, *passout = NULL; +#ifndef OPENSSL_NO_ENGINE char *engine=NULL; +#endif char *inrand=NULL; BIO *out=NULL; @@ -122,11 +126,13 @@ int MAIN(int argc, char **argv) f4=3; else if (strcmp(*argv,"-F4") == 0 || strcmp(*argv,"-f4") == 0) f4=RSA_F4; +#ifndef OPENSSL_NO_ENGINE else if (strcmp(*argv,"-engine") == 0) { if (--argc < 1) goto bad; engine= *(++argv); } +#endif else if (strcmp(*argv,"-rand") == 0) { if (--argc < 1) goto bad; @@ -177,7 +183,9 @@ bad: BIO_printf(bio_err," -passout arg output file pass phrase source\n"); BIO_printf(bio_err," -f4 use F4 (0x10001) for the E value\n"); BIO_printf(bio_err," -3 use 3 for the E value\n"); +#ifndef OPENSSL_NO_ENGINE BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n"); +#endif BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); BIO_printf(bio_err," load the file (or the files in the directory) into\n"); BIO_printf(bio_err," the random number generator\n"); @@ -191,7 +199,9 @@ bad: goto err; } +#ifndef OPENSSL_NO_ENGINE e = setup_engine(bio_err, engine, 0); +#endif if (outfile == NULL) { diff --git a/crypto/openssl/apps/ocsp.c b/crypto/openssl/apps/ocsp.c index 92922bc..f05ec0e 100644 --- a/crypto/openssl/apps/ocsp.c +++ b/crypto/openssl/apps/ocsp.c @@ -55,6 +55,7 @@ * Hudson (tjh@cryptsoft.com). * */ +#ifndef OPENSSL_NO_OCSP #include <stdio.h> #include <string.h> @@ -722,7 +723,12 @@ int MAIN(int argc, char **argv) } else if (host) { +#ifndef OPENSSL_NO_SOCK cbio = BIO_new_connect(host); +#else + BIO_printf(bio_err, "Error creating connect BIO - sockets not supported.\n"); + goto end; +#endif if (!cbio) { BIO_printf(bio_err, "Error creating connect BIO\n"); @@ -732,7 +738,16 @@ int MAIN(int argc, char **argv) if (use_ssl == 1) { BIO *sbio; +#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3) ctx = SSL_CTX_new(SSLv23_client_method()); +#elif !defined(OPENSSL_NO_SSL3) + ctx = SSL_CTX_new(SSLv3_client_method()); +#elif !defined(OPENSSL_NO_SSL2) + ctx = SSL_CTX_new(SSLv2_client_method()); +#else + BIO_printf(bio_err, "SSL is disabled\n"); + goto end; +#endif SSL_CTX_set_mode(ctx, SSL_MODE_AUTO_RETRY); sbio = BIO_new_ssl(ctx, 1); cbio = BIO_push(sbio, cbio); @@ -1139,7 +1154,11 @@ static BIO *init_responder(char *port) bufbio = BIO_new(BIO_f_buffer()); if (!bufbio) goto err; +#ifndef OPENSSL_NO_SOCK acbio = BIO_new_accept(port); +#else + BIO_printf(bio_err, "Error setting up accept BIO - sockets not supported.\n"); +#endif if (!acbio) goto err; BIO_set_accept_bios(acbio, bufbio); @@ -1226,3 +1245,4 @@ static int send_ocsp_response(BIO *cbio, OCSP_RESPONSE *resp) return 1; } +#endif diff --git a/crypto/openssl/apps/openssl.c b/crypto/openssl/apps/openssl.c index 4789647..45af2ba 100644 --- a/crypto/openssl/apps/openssl.c +++ b/crypto/openssl/apps/openssl.c @@ -122,7 +122,9 @@ #include <openssl/x509.h> #include <openssl/pem.h> #include <openssl/ssl.h> +#ifndef OPENSSL_NO_ENGINE #include <openssl/engine.h> +#endif #define USE_SOCKETS /* needed for the _O_BINARY defs in the MS world */ #include "progs.h" #include "s_apps.h" diff --git a/crypto/openssl/apps/pkcs12.c b/crypto/openssl/apps/pkcs12.c index 8d1babe..5136acd 100644 --- a/crypto/openssl/apps/pkcs12.c +++ b/crypto/openssl/apps/pkcs12.c @@ -120,7 +120,9 @@ int MAIN(int argc, char **argv) char *passin = NULL, *passout = NULL; char *inrand = NULL; char *CApath = NULL, *CAfile = NULL; +#ifndef OPENSSL_NO_ENGINE char *engine=NULL; +#endif apps_startup(); @@ -252,11 +254,13 @@ int MAIN(int argc, char **argv) args++; CAfile = *args; } else badarg = 1; +#ifndef OPENSSL_NO_ENGINE } else if (!strcmp(*args,"-engine")) { if (args[1]) { args++; engine = *args; } else badarg = 1; +#endif } else badarg = 1; } else badarg = 1; @@ -304,14 +308,18 @@ int MAIN(int argc, char **argv) BIO_printf (bio_err, "-password p set import/export password source\n"); BIO_printf (bio_err, "-passin p input file pass phrase source\n"); BIO_printf (bio_err, "-passout p output file pass phrase source\n"); +#ifndef OPENSSL_NO_ENGINE BIO_printf (bio_err, "-engine e use engine e, possibly a hardware device.\n"); +#endif BIO_printf(bio_err, "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); BIO_printf(bio_err, " load the file (or the files in the directory) into\n"); BIO_printf(bio_err, " the random number generator\n"); goto end; } +#ifndef OPENSSL_NO_ENGINE e = setup_engine(bio_err, engine, 0); +#endif if(passarg) { if(export_cert) passargout = passarg; diff --git a/crypto/openssl/apps/pkcs7.c b/crypto/openssl/apps/pkcs7.c index 738dd85..6c58c67 100644 --- a/crypto/openssl/apps/pkcs7.c +++ b/crypto/openssl/apps/pkcs7.c @@ -82,7 +82,9 @@ int MAIN(int, char **); int MAIN(int argc, char **argv) { +#ifndef OPENSSL_NO_ENGINE ENGINE *e = NULL; +#endif PKCS7 *p7=NULL; int i,badops=0; BIO *in=NULL,*out=NULL; @@ -90,7 +92,9 @@ int MAIN(int argc, char **argv) char *infile,*outfile,*prog; int print_certs=0,text=0,noout=0; int ret=1; +#ifndef OPENSSL_NO_ENGINE char *engine=NULL; +#endif apps_startup(); @@ -134,11 +138,13 @@ int MAIN(int argc, char **argv) text=1; else if (strcmp(*argv,"-print_certs") == 0) print_certs=1; +#ifndef OPENSSL_NO_ENGINE else if (strcmp(*argv,"-engine") == 0) { if (--argc < 1) goto bad; engine= *(++argv); } +#endif else { BIO_printf(bio_err,"unknown option %s\n",*argv); @@ -161,14 +167,18 @@ bad: BIO_printf(bio_err," -print_certs print any certs or crl in the input\n"); BIO_printf(bio_err," -text print full details of certificates\n"); BIO_printf(bio_err," -noout don't output encoded data\n"); +#ifndef OPENSSL_NO_ENGINE BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n"); +#endif ret = 1; goto end; } ERR_load_crypto_strings(); +#ifndef OPENSSL_NO_ENGINE e = setup_engine(bio_err, engine, 0); +#endif in=BIO_new(BIO_s_file()); out=BIO_new(BIO_s_file()); diff --git a/crypto/openssl/apps/pkcs8.c b/crypto/openssl/apps/pkcs8.c index 1debccb..6be27e7 100644 --- a/crypto/openssl/apps/pkcs8.c +++ b/crypto/openssl/apps/pkcs8.c @@ -85,7 +85,9 @@ int MAIN(int argc, char **argv) EVP_PKEY *pkey=NULL; char pass[50], *passin = NULL, *passout = NULL, *p8pass = NULL; int badarg = 0; +#ifndef OPENSSL_NO_ENGINE char *engine=NULL; +#endif if (bio_err == NULL) bio_err = BIO_new_fp (stderr, BIO_NOCLOSE); @@ -145,11 +147,13 @@ int MAIN(int argc, char **argv) if (!args[1]) goto bad; passargout= *(++args); } +#ifndef OPENSSL_NO_ENGINE else if (strcmp(*args,"-engine") == 0) { if (!args[1]) goto bad; engine= *(++args); } +#endif else if (!strcmp (*args, "-in")) { if (args[1]) { args++; @@ -182,11 +186,15 @@ int MAIN(int argc, char **argv) BIO_printf(bio_err, "-nocrypt use or expect unencrypted private key\n"); BIO_printf(bio_err, "-v2 alg use PKCS#5 v2.0 and cipher \"alg\"\n"); BIO_printf(bio_err, "-v1 obj use PKCS#5 v1.5 and cipher \"alg\"\n"); +#ifndef OPENSSL_NO_ENGINE BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n"); +#endif return (1); } +#ifndef OPENSSL_NO_ENGINE e = setup_engine(bio_err, engine, 0); +#endif if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) { BIO_printf(bio_err, "Error getting passwords\n"); diff --git a/crypto/openssl/apps/progs.h b/crypto/openssl/apps/progs.h index 752385d..70e4dba 100644 --- a/crypto/openssl/apps/progs.h +++ b/crypto/openssl/apps/progs.h @@ -35,7 +35,9 @@ extern int pkcs8_main(int argc,char *argv[]); extern int spkac_main(int argc,char *argv[]); extern int smime_main(int argc,char *argv[]); extern int rand_main(int argc,char *argv[]); +#ifndef OPENSSL_NO_ENGINE extern int engine_main(int argc,char *argv[]); +#endif extern int ocsp_main(int argc,char *argv[]); #define FUNC_TYPE_GENERAL 1 @@ -92,7 +94,9 @@ FUNCTION functions[] = { #if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3)) {FUNC_TYPE_GENERAL,"s_client",s_client_main}, #endif +#ifndef OPENSSL_NO_SPEED {FUNC_TYPE_GENERAL,"speed",speed_main}, +#endif #if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3)) {FUNC_TYPE_GENERAL,"s_time",s_time_main}, #endif @@ -111,7 +115,9 @@ FUNCTION functions[] = { {FUNC_TYPE_GENERAL,"spkac",spkac_main}, {FUNC_TYPE_GENERAL,"smime",smime_main}, {FUNC_TYPE_GENERAL,"rand",rand_main}, +#ifndef OPENSSL_NO_ENGINE {FUNC_TYPE_GENERAL,"engine",engine_main}, +#endif {FUNC_TYPE_GENERAL,"ocsp",ocsp_main}, #ifndef OPENSSL_NO_MD2 {FUNC_TYPE_MD,"md2",dgst_main}, diff --git a/crypto/openssl/apps/rand.c b/crypto/openssl/apps/rand.c index eaaa6e3..63724bc 100644 --- a/crypto/openssl/apps/rand.c +++ b/crypto/openssl/apps/rand.c @@ -76,7 +76,9 @@ int MAIN(int, char **); int MAIN(int argc, char **argv) { +#ifndef OPENSSL_NO_ENGINE ENGINE *e = NULL; +#endif int i, r, ret = 1; int badopt; char *outfile = NULL; @@ -84,7 +86,9 @@ int MAIN(int argc, char **argv) int base64 = 0; BIO *out = NULL; int num = -1; +#ifndef OPENSSL_NO_ENGINE char *engine=NULL; +#endif apps_startup(); @@ -106,6 +110,7 @@ int MAIN(int argc, char **argv) else badopt = 1; } +#ifndef OPENSSL_NO_ENGINE else if (strcmp(argv[i], "-engine") == 0) { if ((argv[i+1] != NULL) && (engine == NULL)) @@ -113,6 +118,7 @@ int MAIN(int argc, char **argv) else badopt = 1; } +#endif else if (strcmp(argv[i], "-rand") == 0) { if ((argv[i+1] != NULL) && (inrand == NULL)) @@ -150,13 +156,17 @@ int MAIN(int argc, char **argv) BIO_printf(bio_err, "Usage: rand [options] num\n"); BIO_printf(bio_err, "where options are\n"); BIO_printf(bio_err, "-out file - write to file\n"); +#ifndef OPENSSL_NO_ENGINE BIO_printf(bio_err, "-engine e - use engine e, possibly a hardware device.\n"); +#endif BIO_printf(bio_err, "-rand file%cfile%c... - seed PRNG from files\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); BIO_printf(bio_err, "-base64 - encode output\n"); goto err; } +#ifndef OPENSSL_NO_ENGINE e = setup_engine(bio_err, engine, 0); +#endif app_RAND_load_file(NULL, bio_err, (inrand != NULL)); if (inrand != NULL) diff --git a/crypto/openssl/apps/req.c b/crypto/openssl/apps/req.c index cffdcd1..5f6ec3d 100644 --- a/crypto/openssl/apps/req.c +++ b/crypto/openssl/apps/req.c @@ -162,7 +162,9 @@ int MAIN(int argc, char **argv) int informat,outformat,verify=0,noout=0,text=0,keyform=FORMAT_PEM; int nodes=0,kludge=0,newhdr=0,subject=0,pubkey=0; char *infile,*outfile,*prog,*keyfile=NULL,*template=NULL,*keyout=NULL; +#ifndef OPENSSL_NO_ENGINE char *engine=NULL; +#endif char *extensions = NULL; char *req_exts = NULL; const EVP_CIPHER *cipher=NULL; @@ -210,11 +212,13 @@ int MAIN(int argc, char **argv) if (--argc < 1) goto bad; outformat=str2fmt(*(++argv)); } +#ifndef OPENSSL_NO_ENGINE else if (strcmp(*argv,"-engine") == 0) { if (--argc < 1) goto bad; engine= *(++argv); } +#endif else if (strcmp(*argv,"-key") == 0) { if (--argc < 1) goto bad; @@ -428,7 +432,9 @@ bad: BIO_printf(bio_err," -verify verify signature on REQ\n"); BIO_printf(bio_err," -modulus RSA modulus\n"); BIO_printf(bio_err," -nodes don't encrypt the output key\n"); +#ifndef OPENSSL_NO_ENGINE BIO_printf(bio_err," -engine e use engine e, possibly a hardware device\n"); +#endif BIO_printf(bio_err," -subject output the request's subject\n"); BIO_printf(bio_err," -passin private key password source\n"); BIO_printf(bio_err," -key file use the private key contained in file\n"); @@ -453,7 +459,7 @@ bad: BIO_printf(bio_err," -extensions .. specify certificate extension section (override value in config file)\n"); BIO_printf(bio_err," -reqexts .. specify request extension section (override value in config file)\n"); BIO_printf(bio_err," -utf8 input characters are UTF8 (default ASCII)\n"); - BIO_printf(bio_err," -nameopt arg - various certificate name options\n"); + BIO_printf(bio_err," -nameopt arg - various certificate name options\n"); BIO_printf(bio_err," -reqopt arg - various request text options\n\n"); goto end; } @@ -617,7 +623,9 @@ bad: if ((in == NULL) || (out == NULL)) goto end; +#ifndef OPENSSL_NO_ENGINE e = setup_engine(bio_err, engine, 0); +#endif if (keyfile != NULL) { @@ -1237,11 +1245,17 @@ start: for (;;) sprintf(buf,"%s_min",v->name); if (!NCONF_get_number(req_conf,dn_sect,buf, &n_min)) + { + ERR_clear_error(); n_min = -1; + } sprintf(buf,"%s_max",v->name); if (!NCONF_get_number(req_conf,dn_sect,buf, &n_max)) + { + ERR_clear_error(); n_max = -1; + } if (!add_DN_object(subj,v->value,def,value,nid, n_min,n_max, chtype)) diff --git a/crypto/openssl/apps/rsa.c b/crypto/openssl/apps/rsa.c index aebec74..0acdb08 100644 --- a/crypto/openssl/apps/rsa.c +++ b/crypto/openssl/apps/rsa.c @@ -104,7 +104,9 @@ int MAIN(int argc, char **argv) char *infile,*outfile,*prog; char *passargin = NULL, *passargout = NULL; char *passin = NULL, *passout = NULL; +#ifndef OPENSSL_NO_ENGINE char *engine=NULL; +#endif int modulus=0; apps_startup(); @@ -156,11 +158,13 @@ int MAIN(int argc, char **argv) if (--argc < 1) goto bad; passargout= *(++argv); } +#ifndef OPENSSL_NO_ENGINE else if (strcmp(*argv,"-engine") == 0) { if (--argc < 1) goto bad; engine= *(++argv); } +#endif else if (strcmp(*argv,"-sgckey") == 0) sgckey=1; else if (strcmp(*argv,"-pubin") == 0) @@ -212,13 +216,17 @@ bad: BIO_printf(bio_err," -check verify key consistency\n"); BIO_printf(bio_err," -pubin expect a public key in input file\n"); BIO_printf(bio_err," -pubout output a public key\n"); +#ifndef OPENSSL_NO_ENGINE BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n"); +#endif goto end; } ERR_load_crypto_strings(); +#ifndef OPENSSL_NO_ENGINE e = setup_engine(bio_err, engine, 0); +#endif if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) { BIO_printf(bio_err, "Error getting passwords\n"); diff --git a/crypto/openssl/apps/rsautl.c b/crypto/openssl/apps/rsautl.c index 36957e5..5a6fd11 100644 --- a/crypto/openssl/apps/rsautl.c +++ b/crypto/openssl/apps/rsautl.c @@ -85,7 +85,9 @@ int MAIN(int argc, char **argv) ENGINE *e = NULL; BIO *in = NULL, *out = NULL; char *infile = NULL, *outfile = NULL; +#ifndef OPENSSL_NO_ENGINE char *engine = NULL; +#endif char *keyfile = NULL; char rsa_mode = RSA_VERIFY, key_type = KEY_PRIVKEY; int keyform = FORMAT_PEM; @@ -125,9 +127,11 @@ int MAIN(int argc, char **argv) } else if (strcmp(*argv,"-keyform") == 0) { if (--argc < 1) badarg = 1; keyform=str2fmt(*(++argv)); +#ifndef OPENSSL_NO_ENGINE } else if(!strcmp(*argv, "-engine")) { if (--argc < 1) badarg = 1; engine = *(++argv); +#endif } else if(!strcmp(*argv, "-pubin")) { key_type = KEY_PUBKEY; } else if(!strcmp(*argv, "-certin")) { @@ -162,7 +166,9 @@ int MAIN(int argc, char **argv) goto end; } +#ifndef OPENSSL_NO_ENGINE e = setup_engine(bio_err, engine, 0); +#endif /* FIXME: seed PRNG only if needed */ app_RAND_load_file(NULL, bio_err, 0); @@ -305,7 +311,9 @@ static void usage() BIO_printf(bio_err, "-encrypt encrypt with public key\n"); BIO_printf(bio_err, "-decrypt decrypt with private key\n"); BIO_printf(bio_err, "-hexdump hex dump output\n"); +#ifndef OPENSSL_NO_ENGINE BIO_printf(bio_err, "-engine e use engine e, possibly a hardware device.\n"); +#endif } diff --git a/crypto/openssl/apps/s_client.c b/crypto/openssl/apps/s_client.c index 738588c..2e73f34 100644 --- a/crypto/openssl/apps/s_client.c +++ b/crypto/openssl/apps/s_client.c @@ -222,7 +222,9 @@ static void sc_usage(void) BIO_printf(bio_err," for those protocols that support it, where\n"); BIO_printf(bio_err," 'prot' defines which one to assume. Currently,\n"); BIO_printf(bio_err," only \"smtp\" is supported.\n"); +#ifndef OPENSSL_NO_ENGINE BIO_printf(bio_err," -engine id - Initialise and use the specified engine\n"); +#endif BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); } @@ -254,8 +256,10 @@ int MAIN(int argc, char **argv) SSL_METHOD *meth=NULL; BIO *sbio; char *inrand=NULL; +#ifndef OPENSSL_NO_ENGINE char *engine_id=NULL; ENGINE *e=NULL; +#endif #ifdef OPENSSL_SYS_WINDOWS struct timeval tv; #endif @@ -415,11 +419,13 @@ int MAIN(int argc, char **argv) else goto bad; } +#ifndef OPENSSL_NO_ENGINE else if (strcmp(*argv,"-engine") == 0) { if (--argc < 1) goto bad; engine_id = *(++argv); } +#endif else if (strcmp(*argv,"-rand") == 0) { if (--argc < 1) goto bad; @@ -444,7 +450,9 @@ bad: OpenSSL_add_ssl_algorithms(); SSL_load_error_strings(); +#ifndef OPENSSL_NO_ENGINE e = setup_engine(bio_err, engine_id, 1); +#endif if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL && !RAND_status()) diff --git a/crypto/openssl/apps/s_server.c b/crypto/openssl/apps/s_server.c index 44886c5..5157aae 100644 --- a/crypto/openssl/apps/s_server.c +++ b/crypto/openssl/apps/s_server.c @@ -242,7 +242,9 @@ static int s_msg=0; static int s_quiet=0; static int hack=0; +#ifndef OPENSSL_NO_ENGINE static char *engine_id=NULL; +#endif static const char *session_id_prefix=NULL; #ifdef MONOLITH @@ -267,7 +269,9 @@ static void s_server_init(void) s_msg=0; s_quiet=0; hack=0; +#ifndef OPENSSL_NO_ENGINE engine_id=NULL; +#endif } #endif @@ -316,7 +320,9 @@ static void sv_usage(void) BIO_printf(bio_err," -WWW - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n"); BIO_printf(bio_err," -HTTP - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n"); BIO_printf(bio_err," with the assumption it contains a complete HTTP response.\n"); +#ifndef OPENSSL_NO_ENGINE BIO_printf(bio_err," -engine id - Initialise and use the specified engine\n"); +#endif BIO_printf(bio_err," -id_prefix arg - Generate SSL/TLS session IDs prefixed by 'arg'\n"); BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); } @@ -490,7 +496,9 @@ int MAIN(int argc, char *argv[]) int no_tmp_rsa=0,no_dhe=0,nocert=0; int state=0; SSL_METHOD *meth=NULL; +#ifndef OPENSSL_NO_ENGINE ENGINE *e=NULL; +#endif char *inrand=NULL; #if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3) @@ -665,11 +673,13 @@ int MAIN(int argc, char *argv[]) if (--argc < 1) goto bad; session_id_prefix = *(++argv); } +#ifndef OPENSSL_NO_ENGINE else if (strcmp(*argv,"-engine") == 0) { if (--argc < 1) goto bad; engine_id= *(++argv); } +#endif else if (strcmp(*argv,"-rand") == 0) { if (--argc < 1) goto bad; @@ -694,7 +704,9 @@ bad: SSL_load_error_strings(); OpenSSL_add_ssl_algorithms(); +#ifndef OPENSSL_NO_ENGINE e = setup_engine(bio_err, engine_id, 1); +#endif if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL && !RAND_status()) diff --git a/crypto/openssl/apps/smime.c b/crypto/openssl/apps/smime.c index ef0e477..cc248d3 100644 --- a/crypto/openssl/apps/smime.c +++ b/crypto/openssl/apps/smime.c @@ -104,7 +104,9 @@ int MAIN(int argc, char **argv) int need_rand = 0; int informat = FORMAT_SMIME, outformat = FORMAT_SMIME; int keyform = FORMAT_PEM; +#ifndef OPENSSL_NO_ENGINE char *engine=NULL; +#endif args = argv + 1; ret = 1; @@ -176,11 +178,13 @@ int MAIN(int argc, char **argv) inrand = *args; } else badarg = 1; need_rand = 1; +#ifndef OPENSSL_NO_ENGINE } else if (!strcmp(*args,"-engine")) { if (args[1]) { args++; engine = *args; } else badarg = 1; +#endif } else if (!strcmp(*args,"-passin")) { if (args[1]) { args++; @@ -330,7 +334,9 @@ int MAIN(int argc, char **argv) BIO_printf (bio_err, "-CAfile file trusted certificates file\n"); BIO_printf (bio_err, "-crl_check check revocation status of signer's certificate using CRLs\n"); BIO_printf (bio_err, "-crl_check_all check revocation status of signer's certificate chain using CRLs\n"); +#ifndef OPENSSL_NO_ENGINE BIO_printf (bio_err, "-engine e use engine e, possibly a hardware device.\n"); +#endif BIO_printf (bio_err, "-passin arg input file pass phrase source\n"); BIO_printf(bio_err, "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); BIO_printf(bio_err, " load the file (or the files in the directory) into\n"); @@ -339,7 +345,9 @@ int MAIN(int argc, char **argv) goto end; } +#ifndef OPENSSL_NO_ENGINE e = setup_engine(bio_err, engine, 0); +#endif if(!app_passwd(bio_err, passargin, NULL, &passin, NULL)) { BIO_printf(bio_err, "Error getting password\n"); diff --git a/crypto/openssl/apps/spkac.c b/crypto/openssl/apps/spkac.c index ed370c5..47ee53f 100644 --- a/crypto/openssl/apps/spkac.c +++ b/crypto/openssl/apps/spkac.c @@ -92,7 +92,9 @@ int MAIN(int argc, char **argv) CONF *conf = NULL; NETSCAPE_SPKI *spki = NULL; EVP_PKEY *pkey = NULL; +#ifndef OPENSSL_NO_ENGINE char *engine=NULL; +#endif apps_startup(); @@ -141,11 +143,13 @@ int MAIN(int argc, char **argv) if (--argc < 1) goto bad; spksect= *(++argv); } +#ifndef OPENSSL_NO_ENGINE else if (strcmp(*argv,"-engine") == 0) { if (--argc < 1) goto bad; engine= *(++argv); } +#endif else if (strcmp(*argv,"-noout") == 0) noout=1; else if (strcmp(*argv,"-pubkey") == 0) @@ -171,7 +175,9 @@ bad: BIO_printf(bio_err," -noout don't print SPKAC\n"); BIO_printf(bio_err," -pubkey output public key\n"); BIO_printf(bio_err," -verify verify SPKAC signature\n"); +#ifndef OPENSSL_NO_ENGINE BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n"); +#endif goto end; } @@ -181,7 +187,9 @@ bad: goto end; } +#ifndef OPENSSL_NO_ENGINE e = setup_engine(bio_err, engine, 0); +#endif if(keyfile) { pkey = load_key(bio_err, diff --git a/crypto/openssl/apps/verify.c b/crypto/openssl/apps/verify.c index 9a18213..6a93c01 100644 --- a/crypto/openssl/apps/verify.c +++ b/crypto/openssl/apps/verify.c @@ -86,7 +86,9 @@ int MAIN(int argc, char **argv) STACK_OF(X509) *untrusted = NULL, *trusted = NULL; X509_STORE *cert_ctx=NULL; X509_LOOKUP *lookup=NULL; +#ifndef OPENSSL_NO_ENGINE char *engine=NULL; +#endif cert_ctx=X509_STORE_new(); if (cert_ctx == NULL) goto end; @@ -142,11 +144,13 @@ int MAIN(int argc, char **argv) if (argc-- < 1) goto end; trustfile= *(++argv); } +#ifndef OPENSSL_NO_ENGINE else if (strcmp(*argv,"-engine") == 0) { if (--argc < 1) goto end; engine= *(++argv); } +#endif else if (strcmp(*argv,"-help") == 0) goto end; else if (strcmp(*argv,"-ignore_critical") == 0) @@ -170,7 +174,9 @@ int MAIN(int argc, char **argv) break; } +#ifndef OPENSSL_NO_ENGINE e = setup_engine(bio_err, engine, 0); +#endif lookup=X509_STORE_add_lookup(cert_ctx,X509_LOOKUP_file()); if (lookup == NULL) abort(); @@ -219,7 +225,11 @@ int MAIN(int argc, char **argv) ret=0; end: if (ret == 1) { - BIO_printf(bio_err,"usage: verify [-verbose] [-CApath path] [-CAfile file] [-purpose purpose] [-crl_check] [-engine e] cert1 cert2 ...\n"); + BIO_printf(bio_err,"usage: verify [-verbose] [-CApath path] [-CAfile file] [-purpose purpose] [-crl_check]"); +#ifndef OPENSSL_NO_ENGINE + BIO_printf(bio_err," [-engine e]"); +#endif + BIO_printf(bio_err," cert1 cert2 ...\n"); BIO_printf(bio_err,"recognized usages:\n"); for(i = 0; i < X509_PURPOSE_get_count(); i++) { X509_PURPOSE *ptmp; diff --git a/crypto/openssl/apps/x509.c b/crypto/openssl/apps/x509.c index 7915eca..1ac6452 100644 --- a/crypto/openssl/apps/x509.c +++ b/crypto/openssl/apps/x509.c @@ -131,7 +131,9 @@ static char *x509_usage[]={ " -extensions - section from config file with X509V3 extensions to add\n", " -clrext - delete extensions before signing and input certificate\n", " -nameopt arg - various certificate name options\n", +#ifndef OPENSSL_NO_ENGINE " -engine e - use engine e, possibly a hardware device.\n", +#endif " -certopt arg - various certificate text options\n", NULL }; @@ -183,7 +185,9 @@ int MAIN(int argc, char **argv) int need_rand = 0; int checkend=0,checkoffset=0; unsigned long nmflag = 0, certflag = 0; +#ifndef OPENSSL_NO_ENGINE char *engine=NULL; +#endif reqfile=0; @@ -360,11 +364,13 @@ int MAIN(int argc, char **argv) alias= *(++argv); trustout = 1; } +#ifndef OPENSSL_NO_ENGINE else if (strcmp(*argv,"-engine") == 0) { if (--argc < 1) goto bad; engine= *(++argv); } +#endif else if (strcmp(*argv,"-C") == 0) C= ++num; else if (strcmp(*argv,"-email") == 0) @@ -450,7 +456,9 @@ bad: goto end; } +#ifndef OPENSSL_NO_ENGINE e = setup_engine(bio_err, engine, 0); +#endif if (need_rand) app_RAND_load_file(NULL, bio_err, 0); |