diff options
Diffstat (limited to 'crypto/openssl/apps')
| -rw-r--r-- | crypto/openssl/apps/apps.c | 2 | ||||
| -rw-r--r-- | crypto/openssl/apps/enc.c | 2 | ||||
| -rw-r--r-- | crypto/openssl/apps/passwd.c | 4 | ||||
| -rw-r--r-- | crypto/openssl/apps/s_server.c | 2 | ||||
| -rw-r--r-- | crypto/openssl/apps/x509.c | 6 |
5 files changed, 12 insertions, 4 deletions
diff --git a/crypto/openssl/apps/apps.c b/crypto/openssl/apps/apps.c index 8ab4833..ca9179e 100644 --- a/crypto/openssl/apps/apps.c +++ b/crypto/openssl/apps/apps.c @@ -2241,6 +2241,8 @@ int args_verify(char ***pargs, int *pargc, flags |= X509_V_FLAG_CHECK_SS_SIGNATURE; else if (!strcmp(arg, "-no_alt_chains")) flags |= X509_V_FLAG_NO_ALT_CHAINS; + else if (!strcmp(arg, "-allow_proxy_certs")) + flags |= X509_V_FLAG_ALLOW_PROXY_CERTS; else return 0; diff --git a/crypto/openssl/apps/enc.c b/crypto/openssl/apps/enc.c index 7b7c70b..8e2ef27 100644 --- a/crypto/openssl/apps/enc.c +++ b/crypto/openssl/apps/enc.c @@ -509,7 +509,7 @@ int MAIN(int argc, char **argv) BIO_printf(bio_err, "invalid hex salt value\n"); goto end; } - } else if (RAND_pseudo_bytes(salt, sizeof salt) < 0) + } else if (RAND_bytes(salt, sizeof salt) <= 0) goto end; /* * If -P option then don't bother writing diff --git a/crypto/openssl/apps/passwd.c b/crypto/openssl/apps/passwd.c index 5ff53b5..798a6d5 100644 --- a/crypto/openssl/apps/passwd.c +++ b/crypto/openssl/apps/passwd.c @@ -416,7 +416,7 @@ static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p, if (*salt_malloc_p == NULL) goto err; } - if (RAND_pseudo_bytes((unsigned char *)*salt_p, 2) < 0) + if (RAND_bytes((unsigned char *)*salt_p, 2) <= 0) goto err; (*salt_p)[0] = cov_2char[(*salt_p)[0] & 0x3f]; /* 6 bits */ (*salt_p)[1] = cov_2char[(*salt_p)[1] & 0x3f]; /* 6 bits */ @@ -437,7 +437,7 @@ static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p, if (*salt_malloc_p == NULL) goto err; } - if (RAND_pseudo_bytes((unsigned char *)*salt_p, 8) < 0) + if (RAND_bytes((unsigned char *)*salt_p, 8) <= 0) goto err; for (i = 0; i < 8; i++) diff --git a/crypto/openssl/apps/s_server.c b/crypto/openssl/apps/s_server.c index a53cadd..40782bb 100644 --- a/crypto/openssl/apps/s_server.c +++ b/crypto/openssl/apps/s_server.c @@ -2968,7 +2968,7 @@ static int generate_session_id(const SSL *ssl, unsigned char *id, { unsigned int count = 0; do { - if (RAND_pseudo_bytes(id, *id_len) < 0) + if (RAND_bytes(id, *id_len) <= 0) return 0; /* * Prefix the session_id with the required prefix. NB: If our prefix diff --git a/crypto/openssl/apps/x509.c b/crypto/openssl/apps/x509.c index e5fe610..0199c55 100644 --- a/crypto/openssl/apps/x509.c +++ b/crypto/openssl/apps/x509.c @@ -1053,6 +1053,10 @@ static int x509_certify(X509_STORE *ctx, char *CAfile, const EVP_MD *digest, EVP_PKEY *upkey; upkey = X509_get_pubkey(xca); + if (upkey == NULL) { + BIO_printf(bio_err, "Error obtaining CA X509 public key\n"); + goto end; + } EVP_PKEY_copy_parameters(upkey, pkey); EVP_PKEY_free(upkey); @@ -1161,6 +1165,8 @@ static int sign(X509 *x, EVP_PKEY *pkey, int days, int clrext, EVP_PKEY *pktmp; pktmp = X509_get_pubkey(x); + if (pktmp == NULL) + goto err; EVP_PKEY_copy_parameters(pktmp, pkey); EVP_PKEY_save_parameters(pktmp, 1); EVP_PKEY_free(pktmp); |
