[openssl-commits] [openssl] master update

Rich Salz rsalz at openssl.org
Sat Apr 25 19:41:48 UTC 2015


The branch master has been updated
       via  333b070ec06d7a67538ee9d5312656a19e802dc1 (commit)
      from  c54cc2b15d96944fcf13ccd24baca79f9593cbf0 (commit)


- Log -----------------------------------------------------------------
commit 333b070ec06d7a67538ee9d5312656a19e802dc1
Author: Rich Salz <rsalz at openssl.org>
Date:   Sat Apr 25 15:41:29 2015 -0400

    fewer NO_ENGINE #ifdef's
    
    Make setup_engine be a dummy if NO_ENGINE is enabled.
    The option is not enabled if NO_ENGINE is enabled, so the one "wasted"
    variable just sits there. Removes some variables and code.
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>

-----------------------------------------------------------------------

Summary of changes:
 apps/apps.h      |  4 +++-
 apps/ca.c        | 17 ++++++-----------
 apps/cms.c       |  7 ++-----
 apps/dgst.c      | 18 +++++-------------
 apps/dhparam.c   |  9 ++-------
 apps/dsa.c       | 11 +++--------
 apps/dsaparam.c  |  9 ++-------
 apps/ec.c        | 11 +++--------
 apps/ecparam.c   |  8 ++------
 apps/enc.c       |  8 ++------
 apps/gendsa.c    |  8 ++------
 apps/genpkey.c   |  2 --
 apps/genrsa.c    | 14 +++-----------
 apps/pkcs12.c    |  8 ++------
 apps/pkcs7.c     |  8 ++------
 apps/pkcs8.c     | 14 ++++----------
 apps/pkey.c      |  8 ++------
 apps/pkeyparam.c |  8 ++------
 apps/pkeyutl.c   |  2 --
 apps/rand.c      |  8 ++------
 apps/req.c       | 15 ++++++---------
 apps/rsa.c       |  8 ++------
 apps/rsautl.c    |  8 +++-----
 apps/s_client.c  | 27 +++++++++++----------------
 apps/s_server.c  |  6 +-----
 apps/smime.c     | 10 ++--------
 apps/speed.c     |  4 +---
 apps/spkac.c     |  9 ++-------
 apps/srp.c       |  7 ++-----
 apps/verify.c    |  7 ++-----
 apps/x509.c      | 23 +++++++----------------
 31 files changed, 88 insertions(+), 218 deletions(-)

diff --git a/apps/apps.h b/apps/apps.h
index ad17b1a..5d1b98f 100644
--- a/apps/apps.h
+++ b/apps/apps.h
@@ -431,7 +431,9 @@ STACK_OF(X509_CRL) *load_crls(const char *file, int format,
 X509_STORE *setup_verify(char *CAfile, char *CApath);
 int ctx_set_verify_locations(SSL_CTX *ctx,
                              const char *CAfile, const char *CApath);
-# ifndef OPENSSL_NO_ENGINE
+# ifdef OPENSSL_NO_ENGINE
+#  define setup_engine(engine, debug) NULL
+# else
 ENGINE *setup_engine(const char *engine, int debug);
 # endif
 # ifndef OPENSSL_NO_OCSP
diff --git a/apps/ca.c b/apps/ca.c
index af3afaa..38c96ae 100644
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -292,17 +292,15 @@ int ca_main(int argc, char **argv)
     X509_CRL *crl = NULL;
     const EVP_MD *dgst = NULL;
     char *configfile = NULL, *md = NULL, *policy = NULL, *keyfile = NULL;
-    char *certfile = NULL, *crl_ext = NULL, *crlnumberfile = NULL, *enddate =
-        NULL;
+    char *certfile = NULL, *crl_ext = NULL, *crlnumberfile = NULL;
     char *infile = NULL, *spkac_file = NULL, *ss_cert_file = NULL;
     char *extensions = NULL, *extfile = NULL, *key = NULL, *passinarg = NULL;
     char *outdir = NULL, *outfile = NULL, *rev_arg = NULL, *ser_status = NULL;
-    char *serialfile = NULL, *startdate = NULL, *subj = NULL, *tmp_email_dn =
-        NULL;
-    char *prog;
-    char *const *pp;
-    char *dbfile = NULL, *engine = NULL, *f, *randfile = NULL, *tofree = NULL;
+    char *serialfile = NULL, *startdate = NULL, *subj = NULL;
+    char *prog, *enddate = NULL, *tmp_email_dn = NULL;
+    char *dbfile = NULL, *f, *randfile = NULL, *tofree = NULL;
     char buf[3][BSIZE];
+    char *const *pp;
     const char *p;
     int create_ser = 0, free_key = 0, total = 0, total_done = 0;
     int batch = 0, default_op = 1, doupdatedb = 0, ext_copy = EXT_COPY_NONE;
@@ -488,7 +486,7 @@ opthelp:
             rev_type = REV_CA_COMPROMISE;
             break;
         case OPT_ENGINE:
-            engine = opt_arg();
+            e = setup_engine(opt_arg(), 0);
             break;
         }
     }
@@ -542,9 +540,6 @@ end_of_options:
         OPENSSL_free(tofree);
         tofree = NULL;
     }
-#ifndef OPENSSL_NO_ENGINE
-    e = setup_engine(engine, 0);
-#endif
 
     /* Lets get the config section we are using */
     if (section == NULL) {
diff --git a/apps/cms.c b/apps/cms.c
index 397071c..e3e8656 100644
--- a/apps/cms.c
+++ b/apps/cms.c
@@ -241,7 +241,7 @@ int cms_main(int argc, char **argv)
     X509_STORE *store = NULL;
     X509_VERIFY_PARAM *vpm = NULL;
     char *certfile = NULL, *keyfile = NULL, *contfile = NULL;
-    char *CAfile = NULL, *CApath = NULL, *certsoutfile = NULL, *engine = NULL;
+    char *CAfile = NULL, *CApath = NULL, *certsoutfile = NULL;
     char *infile = NULL, *outfile = NULL, *rctfile = NULL, *inrand = NULL;
     char *passinarg = NULL, *passin = NULL, *signerfile = NULL, *recipfile =
         NULL;
@@ -475,7 +475,7 @@ int cms_main(int argc, char **argv)
             need_rand = 1;
             break;
         case OPT_ENGINE:
-            engine = opt_arg();
+            e = setup_engine(opt_arg(), 0);
             break;
         case OPT_PASSIN:
             passinarg = opt_arg();
@@ -668,9 +668,6 @@ int cms_main(int argc, char **argv)
     } else if (!operation)
         goto opthelp;
 
-# ifndef OPENSSL_NO_ENGINE
-    e = setup_engine(engine, 0);
-# endif
 
     if (!app_passwd(passinarg, NULL, &passin, NULL)) {
         BIO_printf(bio_err, "Error getting password\n");
diff --git a/apps/dgst.c b/apps/dgst.c
index 21b8c7f..adfa2a6 100644
--- a/apps/dgst.c
+++ b/apps/dgst.c
@@ -101,10 +101,6 @@ OPTIONS dgst_options[] = {
      "Verify a signature using private key in file"},
     {"signature", OPT_SIGNATURE, '<', "File with signature to verify"},
     {"keyform", OPT_KEYFORM, 'f', "Key file format (PEM or ENGINE)"},
-#ifndef OPENSSL_NO_ENGINE
-    {"engine", OPT_ENGINE, 's', "Use engine e, possibly a hardware device"},
-#endif
-    {"engine_impl", OPT_ENGINE_IMPL, '-'},
     {"hex", OPT_HEX, '-', "Print as hex dump"},
     {"binary", OPT_BINARY, '-', "Print in binary form"},
     {"d", OPT_DEBUG, '-', "Print debug info"},
@@ -115,6 +111,10 @@ OPTIONS dgst_options[] = {
     {"mac", OPT_MAC, 's', "Create MAC (not neccessarily HMAC)"},
     {"sigop", OPT_SIGOPT, 's', "Signature parameter in n:v form"},
     {"macop", OPT_MACOPT, 's', "MAC algorithm parameters in n:v form or key"},
+#ifndef OPENSSL_NO_ENGINE
+    {"engine", OPT_ENGINE, 's', "Use engine e, possibly a hardware device"},
+    {"engine_impl", OPT_ENGINE_IMPL, '-'},
+#endif
     {"", OPT_DIGEST, '-', "Any supported digest"},
     {NULL}
 };
@@ -136,10 +136,7 @@ int dgst_main(int argc, char **argv)
     int i, ret = 1, out_bin = -1, want_pub = 0, do_verify =
         0, non_fips_allow = 0;
     unsigned char *buf = NULL, *sigbuf = NULL;
-#ifndef OPENSSL_NO_ENGINE
-    char *engine = NULL;
     int engine_impl = 0;
-#endif
 
     prog = opt_progname(argv[0]);
     if ((buf = (unsigned char *)OPENSSL_malloc(BUFSIZE)) == NULL) {
@@ -193,15 +190,12 @@ int dgst_main(int argc, char **argv)
             if (!opt_format(opt_arg(), OPT_FMT_ANY, &keyform))
                 goto opthelp;
             break;
-#ifndef OPENSSL_NO_ENGINE
         case OPT_ENGINE:
-            engine = opt_arg();
-            e = setup_engine(engine, 0);
+            e = setup_engine(opt_arg(), 0);
             break;
         case OPT_ENGINE_IMPL:
             engine_impl = 1;
             break;
-#endif
         case OPT_HEX:
             out_bin = 0;
             break;
@@ -250,10 +244,8 @@ int dgst_main(int argc, char **argv)
                    "No signature to verify: use the -signature option\n");
         goto end;
     }
-#ifndef OPENSSL_NO_ENGINE
     if (engine_impl)
         impl = e;
-#endif
 
     in = BIO_new(BIO_s_file());
     bmd = BIO_new(BIO_f_md());
diff --git a/apps/dhparam.c b/apps/dhparam.c
index e842ca5..6e51c0b 100644
--- a/apps/dhparam.c
+++ b/apps/dhparam.c
@@ -167,8 +167,7 @@ int dhparam_main(int argc, char **argv)
 {
     BIO *in = NULL, *out = NULL;
     DH *dh = NULL;
-    char *engine = NULL, *infile = NULL, *outfile = NULL, *prog, *inrand =
-        NULL;
+    char *infile = NULL, *outfile = NULL, *prog, *inrand = NULL;
     int dsaparam = 0, i, text = 0, C = 0, ret = 1, num = 0, g = 0;
     int informat = FORMAT_PEM, outformat = FORMAT_PEM, check = 0, noout = 0;
     OPTION_CHOICE o;
@@ -200,7 +199,7 @@ int dhparam_main(int argc, char **argv)
             outfile = opt_arg();
             break;
         case OPT_ENGINE:
-            engine = opt_arg();
+            (void)setup_engine(opt_arg(), 0);
             break;
         case OPT_CHECK:
             check = 1;
@@ -234,10 +233,6 @@ int dhparam_main(int argc, char **argv)
     if (argv[0] && (!opt_int(argv[0], &num) || num <= 0))
         goto end;
 
-# ifndef OPENSSL_NO_ENGINE
-    setup_engine(engine, 0);
-# endif
-
     if (g && !num)
         num = DEFBITS;
 
diff --git a/apps/dsa.c b/apps/dsa.c
index 9d7c97f..c23ed5d 100644
--- a/apps/dsa.c
+++ b/apps/dsa.c
@@ -107,9 +107,8 @@ int dsa_main(int argc, char **argv)
     DSA *dsa = NULL;
     ENGINE *e = NULL;
     const EVP_CIPHER *enc = NULL;
-    char *engine = NULL, *infile = NULL, *outfile = NULL, *prog;
-    char *passin = NULL, *passout = NULL, *passinarg = NULL, *passoutarg =
-        NULL;
+    char *infile = NULL, *outfile = NULL, *prog;
+    char *passin = NULL, *passout = NULL, *passinarg = NULL, *passoutarg = NULL;
     OPTION_CHOICE o;
     int informat = FORMAT_PEM, outformat = FORMAT_PEM, text = 0, noout = 0;
     int i, modulus = 0, pubin = 0, pubout = 0, pvk_encr = 2, ret = 1;
@@ -149,7 +148,7 @@ int dsa_main(int argc, char **argv)
             outfile = opt_arg();
             break;
         case OPT_ENGINE:
-            engine = opt_arg();
+            e = setup_engine(opt_arg(), 0);
             break;
         case OPT_PASSIN:
             passinarg = opt_arg();
@@ -192,10 +191,6 @@ int dsa_main(int argc, char **argv)
     argc = opt_num_rest();
     argv = opt_rest();
 
-# ifndef OPENSSL_NO_ENGINE
-    e = setup_engine(engine, 0);
-# endif
-
     if (!app_passwd(passinarg, passoutarg, &passin, &passout)) {
         BIO_printf(bio_err, "Error getting passwords\n");
         goto end;
diff --git a/apps/dsaparam.c b/apps/dsaparam.c
index b314409..f7365b9 100644
--- a/apps/dsaparam.c
+++ b/apps/dsaparam.c
@@ -124,8 +124,7 @@ int dsaparam_main(int argc, char **argv)
 # ifdef GENCB_TEST
     int timebomb = 0;
 # endif
-    char *infile = NULL, *outfile = NULL, *prog, *inrand = NULL, *engine =
-        NULL;
+    char *infile = NULL, *outfile = NULL, *prog, *inrand = NULL;
     OPTION_CHOICE o;
 
     prog = opt_init(argc, argv, dsaparam_options);
@@ -155,7 +154,7 @@ int dsaparam_main(int argc, char **argv)
             outfile = opt_arg();
             break;
         case OPT_ENGINE:
-            engine = opt_arg();
+            (void)setup_engine(opt_arg(), 0);
             break;
         case OPT_TIMEBOMB:
 # ifdef GENCB_TEST
@@ -201,10 +200,6 @@ int dsaparam_main(int argc, char **argv)
     if (out == NULL)
         goto end;
 
-# ifndef OPENSSL_NO_ENGINE
-    setup_engine(engine, 0);
-# endif
-
     if (need_rand) {
         app_RAND_load_file(NULL, (inrand != NULL));
         if (inrand != NULL)
diff --git a/apps/ec.c b/apps/ec.c
index d6bce6d..471de47 100644
--- a/apps/ec.c
+++ b/apps/ec.c
@@ -116,9 +116,8 @@ int ec_main(int argc, char **argv)
     const EC_GROUP *group;
     const EVP_CIPHER *enc = NULL;
     point_conversion_form_t form = POINT_CONVERSION_UNCOMPRESSED;
-    char *infile = NULL, *outfile = NULL, *prog, *engine = NULL;
-    char *passin = NULL, *passout = NULL, *passinarg = NULL, *passoutarg =
-        NULL;
+    char *infile = NULL, *outfile = NULL, *prog;
+    char *passin = NULL, *passout = NULL, *passinarg = NULL, *passoutarg = NULL;
     OPTION_CHOICE o;
     int asn1_flag = OPENSSL_EC_NAMED_CURVE, new_form = 0, new_asn1_flag = 0;
     int informat = FORMAT_PEM, outformat = FORMAT_PEM, text = 0, noout = 0;
@@ -172,7 +171,7 @@ int ec_main(int argc, char **argv)
             passoutarg = opt_arg();
             break;
         case OPT_ENGINE:
-            engine = opt_arg();
+            (void)setup_engine(opt_arg(), 0);
             break;
         case OPT_CIPHER:
             if (!opt_cipher(opt_unknown(), &enc))
@@ -194,10 +193,6 @@ int ec_main(int argc, char **argv)
     argc = opt_num_rest();
     argv = opt_rest();
 
-# ifndef OPENSSL_NO_ENGINE
-    setup_engine(engine, 0);
-# endif
-
     if (!app_passwd(passinarg, passoutarg, &passin, &passout)) {
         BIO_printf(bio_err, "Error getting passwords\n");
         goto end;
diff --git a/apps/ecparam.c b/apps/ecparam.c
index 167ef39..049fc78 100644
--- a/apps/ecparam.c
+++ b/apps/ecparam.c
@@ -138,7 +138,7 @@ int ecparam_main(int argc, char **argv)
     EC_GROUP *group = NULL;
     point_conversion_form_t form = POINT_CONVERSION_UNCOMPRESSED;
     char *curve_name = NULL, *inrand = NULL;
-    char *engine = NULL, *infile = NULL, *outfile = NULL, *prog;
+    char *infile = NULL, *outfile = NULL, *prog;
     unsigned char *buffer = NULL;
     OPTION_CHOICE o;
     int asn1_flag = OPENSSL_EC_NAMED_CURVE, new_asn1_flag = 0;
@@ -213,7 +213,7 @@ int ecparam_main(int argc, char **argv)
             need_rand = 1;
             break;
         case OPT_ENGINE:
-            engine = opt_arg();
+            (void)setup_engine(opt_arg(), 0);
             break;
         }
     }
@@ -227,10 +227,6 @@ int ecparam_main(int argc, char **argv)
     if (out == NULL)
         goto end;
 
-# ifndef OPENSSL_NO_ENGINE
-    setup_engine(engine, 0);
-# endif
-
     if (list_curves) {
         EC_builtin_curve *curves = NULL;
         size_t crv_len = 0;
diff --git a/apps/enc.c b/apps/enc.c
index 06b056b..61a64d4 100644
--- a/apps/enc.c
+++ b/apps/enc.c
@@ -132,7 +132,7 @@ int enc_main(int argc, char **argv)
     EVP_CIPHER_CTX *ctx = NULL;
     const EVP_CIPHER *cipher = NULL, *c;
     const EVP_MD *dgst = NULL;
-    char *engine = NULL, *hkey = NULL, *hiv = NULL, *hsalt = NULL, *p;
+    char *hkey = NULL, *hiv = NULL, *hsalt = NULL, *p;
     char *infile = NULL, *outfile = NULL, *prog;
     char *str = NULL, *passarg = NULL, *pass = NULL, *strbuf = NULL;
     char mbuf[sizeof magic - 1];
@@ -193,7 +193,7 @@ int enc_main(int argc, char **argv)
             passarg = opt_arg();
             break;
         case OPT_ENGINE:
-            engine = opt_arg();
+            (void)setup_engine(opt_arg(), 0);
             break;
         case OPT_D:
             enc = 0;
@@ -294,10 +294,6 @@ int enc_main(int argc, char **argv)
     argc = opt_num_rest();
     argv = opt_rest();
 
-#ifndef OPENSSL_NO_ENGINE
-    setup_engine(engine, 0);
-#endif
-
     if (cipher && EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) {
         BIO_printf(bio_err, "%s: AEAD ciphers not supported\n", prog);
         goto end;
diff --git a/apps/gendsa.c b/apps/gendsa.c
index 1eaaa45..21988a0 100644
--- a/apps/gendsa.c
+++ b/apps/gendsa.c
@@ -96,7 +96,7 @@ int gendsa_main(int argc, char **argv)
     BIO *out = NULL, *in = NULL;
     DSA *dsa = NULL;
     const EVP_CIPHER *enc = NULL;
-    char *engine = NULL, *inrand = NULL, *dsaparams = NULL;
+    char *inrand = NULL, *dsaparams = NULL;
     char *outfile = NULL, *passoutarg = NULL, *passout = NULL, *prog;
     OPTION_CHOICE o;
     int ret = 1;
@@ -120,7 +120,7 @@ int gendsa_main(int argc, char **argv)
             passoutarg = opt_arg();
             break;
         case OPT_ENGINE:
-            engine = opt_arg();
+            (void)setup_engine(opt_arg(), 0);
             break;
         case OPT_RAND:
             inrand = opt_arg();
@@ -138,10 +138,6 @@ int gendsa_main(int argc, char **argv)
         goto opthelp;
     dsaparams = *argv;
 
-# ifndef OPENSSL_NO_ENGINE
-    setup_engine(engine, 0);
-# endif
-
     if (!app_passwd(NULL, passoutarg, NULL, &passout)) {
         BIO_printf(bio_err, "Error getting password\n");
         goto end;
diff --git a/apps/genpkey.c b/apps/genpkey.c
index 5130b40..ae68e7a 100644
--- a/apps/genpkey.c
+++ b/apps/genpkey.c
@@ -128,11 +128,9 @@ int genpkey_main(int argc, char **argv)
         case OPT_PASS:
             passarg = opt_arg();
             break;
-#ifndef OPENSSL_NO_ENGINE
         case OPT_ENGINE:
             e = setup_engine(opt_arg(), 0);
             break;
-#endif
         case OPT_PARAMFILE:
             if (do_param == 1)
                 goto opthelp;
diff --git a/apps/genrsa.c b/apps/genrsa.c
index b7275ae..7d0466a 100644
--- a/apps/genrsa.c
+++ b/apps/genrsa.c
@@ -110,8 +110,7 @@ int genrsa_main(int argc, char **argv)
     int ret = 1, non_fips_allow = 0, num = DEFBITS;
     unsigned long f4 = RSA_F4;
     char *outfile = NULL, *passoutarg = NULL, *passout = NULL;
-    char *engine = NULL, *inrand = NULL, *prog;
-    char *hexe, *dece;
+    char *inrand = NULL, *prog, *hexe, *dece;
     OPTION_CHOICE o;
 
     if (!bn || !cb)
@@ -142,7 +141,7 @@ int genrsa_main(int argc, char **argv)
         case OPT_OUT:
             outfile = opt_arg();
         case OPT_ENGINE:
-            engine = opt_arg();
+            e = setup_engine(opt_arg(), 0);
             break;
         case OPT_RAND:
             inrand = opt_arg();
@@ -166,9 +165,6 @@ int genrsa_main(int argc, char **argv)
         BIO_printf(bio_err, "Error getting password\n");
         goto end;
     }
-# ifndef OPENSSL_NO_ENGINE
-    e = setup_engine(engine, 0);
-# endif
 
     out = bio_open_default(outfile, "w");
     if (out == NULL)
@@ -185,11 +181,7 @@ int genrsa_main(int argc, char **argv)
 
     BIO_printf(bio_err, "Generating RSA private key, %d bit long modulus\n",
                num);
-# ifdef OPENSSL_NO_ENGINE
-    rsa = RSA_new();
-# else
-    rsa = RSA_new_method(e);
-# endif
+    rsa = e ? RSA_new_method(e) : RSA_new();
     if (!rsa)
         goto end;
 
diff --git a/apps/pkcs12.c b/apps/pkcs12.c
index a031c1b..5cdd71b 100644
--- a/apps/pkcs12.c
+++ b/apps/pkcs12.c
@@ -173,7 +173,7 @@ int pkcs12_main(int argc, char **argv)
     char *passinarg = NULL, *passoutarg = NULL, *passarg = NULL;
     char *passin = NULL, *passout = NULL, *inrand = NULL, *macalg = NULL;
     char *cpass = NULL, *mpass = NULL, *CApath = NULL, *CAfile = NULL;
-    char *engine = NULL, *prog;
+    char *prog;
     ENGINE *e = NULL;
     BIO *in = NULL, *out = NULL;
     PKCS12 *p12 = NULL;
@@ -308,17 +308,13 @@ int pkcs12_main(int argc, char **argv)
             CAfile = opt_arg();
             break;
         case OPT_ENGINE:
-            engine = opt_arg();
+            e = setup_engine(opt_arg(), 0);
             break;
         }
     }
     argc = opt_num_rest();
     argv = opt_rest();
 
-# ifndef OPENSSL_NO_ENGINE
-    e = setup_engine(engine, 0);
-# endif
-
     if (passarg) {
         if (export_cert)
             passoutarg = passarg;
diff --git a/apps/pkcs7.c b/apps/pkcs7.c
index ca05273..7c62a86 100644
--- a/apps/pkcs7.c
+++ b/apps/pkcs7.c
@@ -143,7 +143,7 @@ int pkcs7_main(int argc, char **argv)
     PKCS7 *p7 = NULL;
     BIO *in = NULL, *out = NULL;
     int informat = FORMAT_PEM, outformat = FORMAT_PEM;
-    char *engine = NULL, *infile = NULL, *outfile = NULL, *prog;
+    char *infile = NULL, *outfile = NULL, *prog;
     int i, print_certs = 0, text = 0, noout = 0, p7_print = 0, ret = 1;
     OPTION_CHOICE o;
 
@@ -186,17 +186,13 @@ int pkcs7_main(int argc, char **argv)
             print_certs = 1;
             break;
         case OPT_ENGINE:
-            engine = opt_arg();
+            (void)setup_engine(opt_arg(), 0);
             break;
         }
     }
     argc = opt_num_rest();
     argv = opt_rest();
 
-#ifndef OPENSSL_NO_ENGINE
-    setup_engine(engine, 0);
-#endif
-
     in = bio_open_default(infile, RB(informat));
     if (in == NULL)
         goto end;
diff --git a/apps/pkcs8.c b/apps/pkcs8.c
index 7b361cf..105c1cb 100644
--- a/apps/pkcs8.c
+++ b/apps/pkcs8.c
@@ -104,14 +104,12 @@ int pkcs8_main(int argc, char **argv)
     PKCS8_PRIV_KEY_INFO *p8inf = NULL;
     X509_SIG *p8 = NULL;
     const EVP_CIPHER *cipher = NULL;
-    char *engine = NULL, *infile = NULL, *outfile = NULL;
+    char *infile = NULL, *outfile = NULL;
     char *passinarg = NULL, *passoutarg = NULL, *prog;
     char pass[50], *passin = NULL, *passout = NULL, *p8pass = NULL;
     OPTION_CHOICE o;
-    int nocrypt = 0, ret = 1, iter = PKCS12_DEFAULT_ITER, p8_broken =
-        PKCS8_OK;
-    int informat = FORMAT_PEM, outformat = FORMAT_PEM, topk8 = 0, pbe_nid =
-        -1;
+    int nocrypt = 0, ret = 1, iter = PKCS12_DEFAULT_ITER, p8_broken = PKCS8_OK;
+    int informat = FORMAT_PEM, outformat = FORMAT_PEM, topk8 = 0, pbe_nid = -1;
 
     prog = opt_init(argc, argv, pkcs8_options);
     while ((o = opt_next()) != OPT_EOF) {
@@ -188,17 +186,13 @@ int pkcs8_main(int argc, char **argv)
             passoutarg = opt_arg();
             break;
         case OPT_ENGINE:
-            engine = opt_arg();
+            e = setup_engine(opt_arg(), 0);
             break;
         }
     }
     argc = opt_num_rest();
     argv = opt_rest();
 
-#ifndef OPENSSL_NO_ENGINE
-    e = setup_engine(engine, 0);
-#endif
-
     if (!app_passwd(passinarg, passoutarg, &passin, &passout)) {
         BIO_printf(bio_err, "Error getting passwords\n");
         goto end;
diff --git a/apps/pkey.c b/apps/pkey.c
index 3597be0..716d6d0 100644
--- a/apps/pkey.c
+++ b/apps/pkey.c
@@ -97,7 +97,7 @@ int pkey_main(int argc, char **argv)
     EVP_PKEY *pkey = NULL;
     const EVP_CIPHER *cipher = NULL;
     char *infile = NULL, *outfile = NULL, *passin = NULL, *passout = NULL;
-    char *passinarg = NULL, *passoutarg = NULL, *prog, *engine = NULL;
+    char *passinarg = NULL, *passoutarg = NULL, *prog;
     OPTION_CHOICE o;
     int informat = FORMAT_PEM, outformat = FORMAT_PEM;
     int pubin = 0, pubout = 0, pubtext = 0, text = 0, noout = 0, ret = 1;
@@ -129,7 +129,7 @@ int pkey_main(int argc, char **argv)
             passoutarg = opt_arg();
             break;
         case OPT_ENGINE:
-            engine = opt_arg();
+            e = setup_engine(opt_arg(), 0);
             break;
         case OPT_IN:
             infile = opt_arg();
@@ -160,10 +160,6 @@ int pkey_main(int argc, char **argv)
     argc = opt_num_rest();
     argv = opt_rest();
 
-#ifndef OPENSSL_NO_ENGINE
-    e = setup_engine(engine, 0);
-#endif
-
     if (!app_passwd(passinarg, passoutarg, &passin, &passout)) {
         BIO_printf(bio_err, "Error getting passwords\n");
         goto end;
diff --git a/apps/pkeyparam.c b/apps/pkeyparam.c
index 5a5caf5..fbd19a7 100644
--- a/apps/pkeyparam.c
+++ b/apps/pkeyparam.c
@@ -85,7 +85,7 @@ int pkeyparam_main(int argc, char **argv)
     EVP_PKEY *pkey = NULL;
     int text = 0, noout = 0, ret = 1;
     OPTION_CHOICE o;
-    char *infile = NULL, *outfile = NULL, *prog, *engine = NULL;
+    char *infile = NULL, *outfile = NULL, *prog;
 
     prog = opt_init(argc, argv, pkeyparam_options);
     while ((o = opt_next()) != OPT_EOF) {
@@ -105,7 +105,7 @@ int pkeyparam_main(int argc, char **argv)
             outfile = opt_arg();
             break;
         case OPT_ENGINE:
-            engine = opt_arg();
+            (void)setup_engine(opt_arg(), 0);
             break;
         case OPT_TEXT:
             text = 1;
@@ -118,10 +118,6 @@ int pkeyparam_main(int argc, char **argv)
     argc = opt_num_rest();
     argv = opt_rest();
 
-#ifndef OPENSSL_NO_ENGINE
-    setup_engine(engine, 0);
-#endif
-
     in = bio_open_default(infile, "r");
     if (in == NULL)
         goto end;
diff --git a/apps/pkeyutl.c b/apps/pkeyutl.c
index 942ba05..da7dc2e 100644
--- a/apps/pkeyutl.c
+++ b/apps/pkeyutl.c
@@ -174,11 +174,9 @@ int pkeyutl_main(int argc, char **argv)
             if (!opt_format(opt_arg(), OPT_FMT_PEMDER, &keyform))
                 goto opthelp;
             break;
-#ifndef OPENSSL_NO_ENGINE
         case OPT_ENGINE:
             e = setup_engine(opt_arg(), 0);
             break;
-#endif
         case OPT_PUBIN:
             key_type = KEY_PUBKEY;
             break;
diff --git a/apps/rand.c b/apps/rand.c
index 9a73935..498e7da 100644
--- a/apps/rand.c
+++ b/apps/rand.c
@@ -85,7 +85,7 @@ OPTIONS rand_options[] = {
 int rand_main(int argc, char **argv)
 {
     BIO *out = NULL;
-    char *engine = NULL, *inrand = NULL, *outfile = NULL, *prog;
+    char *inrand = NULL, *outfile = NULL, *prog;
     OPTION_CHOICE o;
     int base64 = 0, hex = 0, i, num = -1, r, ret = 1;
 
@@ -105,7 +105,7 @@ int rand_main(int argc, char **argv)
             outfile = opt_arg();
             break;
         case OPT_ENGINE:
-            engine = opt_arg();
+            (void)setup_engine(opt_arg(), 0);
             break;
         case OPT_RAND:
             inrand = opt_arg();
@@ -126,10 +126,6 @@ int rand_main(int argc, char **argv)
     if (sscanf(argv[0], "%d", &num) != 1 || num < 0)
         goto opthelp;
 
-#ifndef OPENSSL_NO_ENGINE
-    setup_engine(engine, 0);
-#endif
-
     app_RAND_load_file(NULL, (inrand != NULL));
     if (inrand != NULL)
         BIO_printf(bio_err, "%ld semi-random bytes loaded\n",
diff --git a/apps/req.c b/apps/req.c
index 1237c33..0502a64 100644
--- a/apps/req.c
+++ b/apps/req.c
@@ -136,7 +136,6 @@ OPTIONS req_options[] = {
     {"outform", OPT_OUTFORM, 'F', "Output format - DER or PEM"},
     {"in", OPT_IN, '<', "Input file"},
     {"out", OPT_OUT, '>', "Output file"},
-    {"keygen_engine", OPT_KEYGEN_ENGINE, 's'},
     {"key", OPT_KEY, '<', "Use the private key contained in file"},
     {"keyform", OPT_KEYFORM, 'F', "Key file format"},
     {"pubkey", OPT_PUBKEY, '-', "Output public key"},
@@ -179,6 +178,7 @@ OPTIONS req_options[] = {
      "Request extension section (override value in config file)"},
 #ifndef OPENSSL_NO_ENGINE
     {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
+    {"keygen_engine", OPT_KEYGEN_ENGINE, 's'},
 #endif
     {"", OPT_MD, '-', "Any supported digest"},
     {NULL}
@@ -196,7 +196,7 @@ int req_main(int argc, char **argv)
     X509_REQ *req = NULL;
     const EVP_CIPHER *cipher = NULL;
     const EVP_MD *md_alg = NULL, *digest = NULL;
-    char *engine = NULL, *extensions = NULL, *infile = NULL;
+    char *extensions = NULL, *infile = NULL;
     char *outfile = NULL, *keyfile = NULL, *inrand = NULL;
     char *keyalgstr = NULL, *p, *prog, *passargin = NULL, *passargout = NULL;
     char *passin = NULL, *passout = NULL, *req_exts = NULL, *subj = NULL;
@@ -235,18 +235,18 @@ int req_main(int argc, char **argv)
             if (!opt_format(opt_arg(), OPT_FMT_PEMDER, &outformat))
                 goto opthelp;
             break;
-#ifndef OPENSSL_NO_ENGINE
         case OPT_ENGINE:
-            engine = optarg;
+            (void)setup_engine(opt_arg(), 0);
             break;
         case OPT_KEYGEN_ENGINE:
+#ifndef OPENSSL_NO_ENGINE
             gen_eng = ENGINE_by_id(opt_arg());
             if (gen_eng == NULL) {
                 BIO_printf(bio_err, "Can't find keygen engine %s\n", *argv);
-                goto end;
+                goto opthelp;
             }
-            break;
 #endif
+            break;
         case OPT_KEY:
             keyfile = opt_arg();
             break;
@@ -498,9 +498,6 @@ int req_main(int argc, char **argv)
             goto end;
         }
     }
-#ifndef OPENSSL_NO_ENGINE
-    e = setup_engine(engine, 0);
-#endif
 
     if (keyfile != NULL) {
         pkey = load_key(keyfile, keyform, 0, passin, e, "Private Key");
diff --git a/apps/rsa.c b/apps/rsa.c
index 7f7069c..07cc5fb 100644
--- a/apps/rsa.c
+++ b/apps/rsa.c
@@ -158,7 +158,7 @@ int rsa_main(int argc, char **argv)
     BIO *out = NULL;
     RSA *rsa = NULL;
     const EVP_CIPHER *enc = NULL;
-    char *engine = NULL, *infile = NULL, *outfile = NULL, *prog;
+    char *infile = NULL, *outfile = NULL, *prog;
     char *passin = NULL, *passout = NULL, *passinarg = NULL, *passoutarg = NULL;
     int i;
     int informat = FORMAT_PEM, outformat = FORMAT_PEM, text = 0, check = 0;
@@ -203,7 +203,7 @@ int rsa_main(int argc, char **argv)
             passoutarg = opt_arg();
             break;
         case OPT_ENGINE:
-            engine = opt_arg();
+            e = setup_engine(opt_arg(), 0);
             break;
         case OPT_PUBIN:
             pubin = 1;
@@ -249,10 +249,6 @@ int rsa_main(int argc, char **argv)
     argc = opt_num_rest();
     argv = opt_rest();
 
-# ifndef OPENSSL_NO_ENGINE
-    e = setup_engine(engine, 0);
-# endif
-
     if (!app_passwd(passinarg, passoutarg, &passin, &passout)) {
         BIO_printf(bio_err, "Error getting passwords\n");
         goto end;
diff --git a/apps/rsautl.c b/apps/rsautl.c
index 0466746..67cb76e 100644
--- a/apps/rsautl.c
+++ b/apps/rsautl.c
@@ -116,7 +116,7 @@ int rsautl_main(int argc, char **argv)
     EVP_PKEY *pkey = NULL;
     RSA *rsa = NULL;
     X509 *x;
-    char *engine = NULL, *infile = NULL, *outfile = NULL, *keyfile = NULL;
+    char *infile = NULL, *outfile = NULL, *keyfile = NULL;
     char *passinarg = NULL, *passin = NULL, *prog;
     char rsa_mode = RSA_VERIFY, key_type = KEY_PRIVKEY;
     unsigned char *rsa_in = NULL, *rsa_out = NULL, pad = RSA_PKCS1_PADDING;
@@ -147,7 +147,7 @@ int rsautl_main(int argc, char **argv)
             outfile = opt_arg();
             break;
         case OPT_ENGINE:
-            engine = opt_arg();
+            e = setup_engine(opt_arg(), 0);
             break;
         case OPT_ASN1PARSE:
             asn1parse = 1;
@@ -208,9 +208,7 @@ int rsautl_main(int argc, char **argv)
         BIO_printf(bio_err, "A private key is needed for this operation\n");
         goto end;
     }
-# ifndef OPENSSL_NO_ENGINE
-    e = setup_engine(engine, 0);
-# endif
+
     if (!app_passwd(passinarg, NULL, &passin, NULL)) {
         BIO_printf(bio_err, "Error getting password\n");
         goto end;
diff --git a/apps/s_client.c b/apps/s_client.c
index 900efe7..0d03005 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -591,7 +591,6 @@ OPTIONS s_client_options[] = {
     {"verify_quiet", OPT_VERIFY_QUIET, '-'},
     {"brief", OPT_BRIEF, '-'},
     {"prexit", OPT_PREXIT, '-'},
-    {"ssl_client_engine", OPT_SSL_CLIENT_ENGINE, 's'},
     {"trace", OPT_TRACE, '-'},
     {"security_debug", OPT_SECURITY_DEBUG, '-'},
     {"security_debug_verbose", OPT_SECURITY_DEBUG_VERBOSE, '-'},
@@ -603,6 +602,7 @@ OPTIONS s_client_options[] = {
     {"verifyCAfile", OPT_VERIFYCAFILE, '<'},
 #ifndef OPENSSL_NO_ENGINE
     {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
+    {"ssl_client_engine", OPT_SSL_CLIENT_ENGINE, 's'},
 #endif
     OPT_S_OPTIONS,
     OPT_V_OPTIONS,
@@ -649,7 +649,6 @@ int s_client_main(int argc, char **argv)
         NULL;
     char *passarg = NULL, *pass = NULL, *vfyCApath = NULL, *vfyCAfile = NULL;
     char *sess_in = NULL, *sess_out = NULL, *crl_file = NULL, *p;
-    char *engine_id = NULL, *ssl_client_engine_id = NULL;
     char *jpake_secret = NULL;
     const char *unix_path = NULL;
     struct sockaddr peer;
@@ -674,8 +673,8 @@ int s_client_main(int argc, char **argv)
 #endif
 #ifndef OPENSSL_NO_ENGINE
     ENGINE *ssl_client_engine = NULL;
-    ENGINE *e = NULL;
 #endif
+    ENGINE *e = NULL;
 #if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE)
     struct timeval tv;
 #endif
@@ -829,10 +828,17 @@ int s_client_main(int argc, char **argv)
 #endif
             break;
         case OPT_ENGINE:
-            engine_id = opt_arg();
+            e = setup_engine(opt_arg(), 1);
             break;
         case OPT_SSL_CLIENT_ENGINE:
-            ssl_client_engine_id = opt_arg();
+#ifndef OPENSSL_NO_ENGINE
+            ssl_client_engine = ENGINE_by_id(opt_arg());
+            if (ssl_client_engine == NULL) {
+                BIO_printf(bio_err, "Error getting client auth engine\n");
+                goto opthelp;
+            }
+            break;
+#endif
             break;
         case OPT_RAND:
             inrand = opt_arg();
@@ -1075,17 +1081,6 @@ int s_client_main(int argc, char **argv)
         next_proto.data = NULL;
 #endif
 
-#ifndef OPENSSL_NO_ENGINE
-    e = setup_engine(engine_id, 1);
-    if (ssl_client_engine_id) {
-        ssl_client_engine = ENGINE_by_id(ssl_client_engine_id);
-        if (ssl_client_engine == NULL) {
-            BIO_printf(bio_err, "Error getting client auth engine\n");
-            goto end;
-        }
-    }
-#endif
-
     if (!app_passwd(passarg, NULL, &pass, NULL)) {
         BIO_printf(bio_err, "Error getting password\n");
         goto end;
diff --git a/apps/s_server.c b/apps/s_server.c
index 8199b88..3644381 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -1378,7 +1378,7 @@ int s_server_main(int argc, char *argv[])
             session_id_prefix = opt_arg();
             break;
         case OPT_ENGINE:
-            engine_id = opt_arg();
+            e = setup_engine(opt_arg(), 1);
             break;
         case OPT_RAND:
             inrand = opt_arg();
@@ -1449,10 +1449,6 @@ int s_server_main(int argc, char *argv[])
     }
 #endif
 
-#ifndef OPENSSL_NO_ENGINE
-    e = setup_engine(engine_id, 1);
-#endif
-
     if (!app_passwd(passarg, dpassarg, &pass, &dpass)) {
         BIO_printf(bio_err, "Error getting password\n");
         goto end;
diff --git a/apps/smime.c b/apps/smime.c
index 532446f..0c683f5 100644
--- a/apps/smime.c
+++ b/apps/smime.c
@@ -164,7 +164,7 @@ int smime_main(int argc, char **argv)
     X509_VERIFY_PARAM *vpm = NULL;
     const EVP_CIPHER *cipher = NULL;
     const EVP_MD *sign_md = NULL;
-    char *CAfile = NULL, *CApath = NULL, *inrand = NULL, *engine = NULL;
+    char *CAfile = NULL, *CApath = NULL, *inrand = NULL;
     char *certfile = NULL, *keyfile = NULL, *contfile = NULL, *prog;
     char *infile = NULL, *outfile = NULL, *signerfile = NULL, *recipfile =
         NULL;
@@ -177,9 +177,7 @@ int smime_main(int argc, char **argv)
     int informat = FORMAT_SMIME, outformat = FORMAT_SMIME, keyform =
         FORMAT_PEM;
     int vpmtouched = 0, rv = 0;
-#ifndef OPENSSL_NO_ENGINE
     ENGINE *e = NULL;
-#endif
 
     if ((vpm = X509_VERIFY_PARAM_new()) == NULL)
         return 1;
@@ -276,7 +274,7 @@ int smime_main(int argc, char **argv)
             need_rand = 1;
             break;
         case OPT_ENGINE:
-            engine = opt_arg();
+            e = setup_engine(opt_arg(), 0);
             break;
         case OPT_PASSIN:
             passinarg = opt_arg();
@@ -408,10 +406,6 @@ int smime_main(int argc, char **argv)
     } else if (!operation)
         goto opthelp;
 
-#ifndef OPENSSL_NO_ENGINE
-    e = setup_engine(engine, 0);
-#endif
-
     if (!app_passwd(passinarg, NULL, &passin, NULL)) {
         BIO_printf(bio_err, "Error getting password\n");
         goto end;
diff --git a/apps/speed.c b/apps/speed.c
index 1a01d33..5758705 100644
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -835,11 +835,9 @@ int speed_main(int argc, char **argv)
         case OPT_DECRYPT:
             decrypt = 1;
             break;
-#ifndef OPENSSL_NO_ENGINE
         case OPT_ENGINE:
-            setup_engine(opt_arg(), 0);
+            (void)setup_engine(opt_arg(), 0);
             break;
-#endif
 #ifndef NO_FORK
         case OPT_MULTI:
             multi = atoi(opt_arg());
diff --git a/apps/spkac.c b/apps/spkac.c
index ee2e596..7ceff9f 100644
--- a/apps/spkac.c
+++ b/apps/spkac.c
@@ -100,7 +100,7 @@ int spkac_main(int argc, char **argv)
     ENGINE *e = NULL;
     EVP_PKEY *pkey = NULL;
     NETSCAPE_SPKI *spki = NULL;
-    char *challenge = NULL, *keyfile = NULL, *engine = NULL;
+    char *challenge = NULL, *keyfile = NULL;
     char *infile = NULL, *outfile = NULL, *passinarg = NULL, *passin = NULL;
     char *spkstr = NULL, *prog;
     const char *spkac = "SPKAC", *spksect = "default";
@@ -149,9 +149,8 @@ int spkac_main(int argc, char **argv)
             spksect = opt_arg();
             break;
         case OPT_ENGINE:
-            engine = opt_arg();
+            e = setup_engine(opt_arg(), 0);
             break;
-
         }
     }
     argc = opt_num_rest();
@@ -161,9 +160,6 @@ int spkac_main(int argc, char **argv)
         BIO_printf(bio_err, "Error getting password\n");
         goto end;
     }
-#ifndef OPENSSL_NO_ENGINE
-    e = setup_engine(engine, 0);
-#endif
 
     if (keyfile) {
         pkey = load_key(strcmp(keyfile, "-") ? keyfile : NULL,
@@ -194,7 +190,6 @@ int spkac_main(int argc, char **argv)
 
     conf = NCONF_new(NULL);
     i = NCONF_load_bio(conf, in, NULL);
-
     if (!i) {
         BIO_printf(bio_err, "Error parsing config file\n");
         ERR_print_errors(bio_err);
diff --git a/apps/srp.c b/apps/srp.c
index bacd670..0585952 100644
--- a/apps/srp.c
+++ b/apps/srp.c
@@ -272,7 +272,7 @@ int srp_main(int argc, char **argv)
     int mode = OPT_ERR;
     char *user = NULL, *passinarg = NULL, *passoutarg = NULL;
     char *passin = NULL, *passout = NULL, *gN = NULL, *userinfo = NULL;
-    char *randfile = NULL, *engine = NULL, *tofree = NULL, *section = NULL;
+    char *randfile = NULL, *tofree = NULL, *section = NULL;
     char **gNrow = NULL, *configfile = NULL, *dbfile = NULL, **pp, *prog;
     long errorline = -1;
     OPTION_CHOICE o;
@@ -332,7 +332,7 @@ int srp_main(int argc, char **argv)
             passoutarg = opt_arg();
             break;
         case OPT_ENGINE:
-            engine = opt_arg();
+            (void)setup_engine(opt_arg(), 0);
             break;
         }
     }
@@ -359,9 +359,6 @@ int srp_main(int argc, char **argv)
                    "-passin, -passout arguments only valid with one user.\n");
         goto opthelp;
     }
-# ifndef OPENSSL_NO_ENGINE
-    setup_engine(engine, 0);
-# endif
 
     if (!app_passwd(passinarg, passoutarg, &passin, &passout)) {
         BIO_printf(bio_err, "Error getting passwords\n");
diff --git a/apps/verify.c b/apps/verify.c
index 61e85ce..35085e7 100644
--- a/apps/verify.c
+++ b/apps/verify.c
@@ -105,7 +105,7 @@ int verify_main(int argc, char **argv)
     STACK_OF(X509_CRL) *crls = NULL;
     X509_STORE *store = NULL;
     X509_VERIFY_PARAM *vpm = NULL;
-    char *prog, *CApath = NULL, *CAfile = NULL, *engine = NULL;
+    char *prog, *CApath = NULL, *CAfile = NULL;
     char *untfile = NULL, *trustfile = NULL, *crlfile = NULL;
     int vpmtouched = 0, crl_download = 0, show_chain = 0, i = 0, ret = 1;
     OPTION_CHOICE o;
@@ -167,7 +167,7 @@ int verify_main(int argc, char **argv)
             show_chain = 1;
             break;
         case OPT_ENGINE:
-            engine = opt_arg();
+            e = setup_engine(opt_arg(), 0);
             break;
         case OPT_VERBOSE:
             v_verbose = 1;
@@ -177,9 +177,6 @@ int verify_main(int argc, char **argv)
     argc = opt_num_rest();
     argv = opt_rest();
 
-#ifndef OPENSSL_NO_ENGINE
-    e = setup_engine(engine, 0);
-#endif
     if (!(store = setup_verify(CAfile, CApath)))
         goto end;
     X509_STORE_set_verify_cb(store, cb);
diff --git a/apps/x509.c b/apps/x509.c
index 903e6b9..e1cc3cd 100644
--- a/apps/x509.c
+++ b/apps/x509.c
@@ -220,25 +220,20 @@ int x509_main(int argc, char **argv)
     char *checkhost = NULL, *checkemail = NULL, *checkip = NULL;
     char *extsect = NULL, *extfile = NULL, *passin = NULL, *passinarg = NULL;
     char *infile = NULL, *outfile = NULL, *keyfile = NULL, *CAfile = NULL;
-    char buf[256];
-    char *engine = NULL, *prog;
-    int C = 0, x509req = 0, days = DEF_DAYS, modulus = 0, pubkey = 0, pprint =
-        0;
-    int CAformat = FORMAT_PEM, CAkeyformat = FORMAT_PEM;
-    int fingerprint = 0, reqfile = 0, need_rand = 0, checkend =
-        0, checkoffset = 0;
+    char buf[256], *prog;
+    int x509req = 0, days = DEF_DAYS, modulus = 0, pubkey = 0, pprint = 0;
+    int C = 0, CAformat = FORMAT_PEM, CAkeyformat = FORMAT_PEM;
+    int fingerprint = 0, reqfile = 0, need_rand = 0, checkend = 0;
     int informat = FORMAT_PEM, outformat = FORMAT_PEM, keyformat = FORMAT_PEM;
     int next_serial = 0, subject_hash = 0, issuer_hash = 0, ocspid = 0;
     int noout = 0, sign_flag = 0, CA_flag = 0, CA_createserial = 0, email = 0;
     int ocsp_uri = 0, trustout = 0, clrtrust = 0, clrreject = 0, aliasout = 0;
     int ret = 1, i, num = 0, badsig = 0, clrext = 0, nocert = 0;
-    int text = 0, serial = 0, subject = 0, issuer = 0, startdate =
-        0, enddate = 0;
+    int text = 0, serial = 0, subject = 0, issuer = 0, startdate = 0;
+    int checkoffset = 0, enddate = 0;
     unsigned long nmflag = 0, certflag = 0;
     OPTION_CHOICE o;
-#ifndef OPENSSL_NO_ENGINE
     ENGINE *e = NULL;
-#endif
 #ifndef OPENSSL_NO_MD5
     int subject_hash_old = 0, issuer_hash_old = 0;
 #endif
@@ -374,7 +369,7 @@ int x509_main(int argc, char **argv)
                 goto opthelp;
             break;
         case OPT_ENGINE:
-            engine = opt_arg();
+            e = setup_engine(opt_arg(), 0);
             break;
         case OPT_C:
             C = ++num;
@@ -498,10 +493,6 @@ int x509_main(int argc, char **argv)
     if (out == NULL)
         goto end;
 
-#ifndef OPENSSL_NO_ENGINE
-    e = setup_engine(engine, 0);
-#endif
-
     if (need_rand)
         app_RAND_load_file(NULL, 0);
 


More information about the openssl-commits mailing list