[openssl-commits] [openssl] master update
Rich Salz
rsalz at openssl.org
Sat Apr 25 19:41:48 UTC 2015
The branch master has been updated
via 333b070ec06d7a67538ee9d5312656a19e802dc1 (commit)
from c54cc2b15d96944fcf13ccd24baca79f9593cbf0 (commit)
- Log -----------------------------------------------------------------
commit 333b070ec06d7a67538ee9d5312656a19e802dc1
Author: Rich Salz <rsalz at openssl.org>
Date: Sat Apr 25 15:41:29 2015 -0400
fewer NO_ENGINE #ifdef's
Make setup_engine be a dummy if NO_ENGINE is enabled.
The option is not enabled if NO_ENGINE is enabled, so the one "wasted"
variable just sits there. Removes some variables and code.
Reviewed-by: Richard Levitte <levitte at openssl.org>
-----------------------------------------------------------------------
Summary of changes:
apps/apps.h | 4 +++-
apps/ca.c | 17 ++++++-----------
apps/cms.c | 7 ++-----
apps/dgst.c | 18 +++++-------------
apps/dhparam.c | 9 ++-------
apps/dsa.c | 11 +++--------
apps/dsaparam.c | 9 ++-------
apps/ec.c | 11 +++--------
apps/ecparam.c | 8 ++------
apps/enc.c | 8 ++------
apps/gendsa.c | 8 ++------
apps/genpkey.c | 2 --
apps/genrsa.c | 14 +++-----------
apps/pkcs12.c | 8 ++------
apps/pkcs7.c | 8 ++------
apps/pkcs8.c | 14 ++++----------
apps/pkey.c | 8 ++------
apps/pkeyparam.c | 8 ++------
apps/pkeyutl.c | 2 --
apps/rand.c | 8 ++------
apps/req.c | 15 ++++++---------
apps/rsa.c | 8 ++------
apps/rsautl.c | 8 +++-----
apps/s_client.c | 27 +++++++++++----------------
apps/s_server.c | 6 +-----
apps/smime.c | 10 ++--------
apps/speed.c | 4 +---
apps/spkac.c | 9 ++-------
apps/srp.c | 7 ++-----
apps/verify.c | 7 ++-----
apps/x509.c | 23 +++++++----------------
31 files changed, 88 insertions(+), 218 deletions(-)
diff --git a/apps/apps.h b/apps/apps.h
index ad17b1a..5d1b98f 100644
--- a/apps/apps.h
+++ b/apps/apps.h
@@ -431,7 +431,9 @@ STACK_OF(X509_CRL) *load_crls(const char *file, int format,
X509_STORE *setup_verify(char *CAfile, char *CApath);
int ctx_set_verify_locations(SSL_CTX *ctx,
const char *CAfile, const char *CApath);
-# ifndef OPENSSL_NO_ENGINE
+# ifdef OPENSSL_NO_ENGINE
+# define setup_engine(engine, debug) NULL
+# else
ENGINE *setup_engine(const char *engine, int debug);
# endif
# ifndef OPENSSL_NO_OCSP
diff --git a/apps/ca.c b/apps/ca.c
index af3afaa..38c96ae 100644
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -292,17 +292,15 @@ int ca_main(int argc, char **argv)
X509_CRL *crl = NULL;
const EVP_MD *dgst = NULL;
char *configfile = NULL, *md = NULL, *policy = NULL, *keyfile = NULL;
- char *certfile = NULL, *crl_ext = NULL, *crlnumberfile = NULL, *enddate =
- NULL;
+ char *certfile = NULL, *crl_ext = NULL, *crlnumberfile = NULL;
char *infile = NULL, *spkac_file = NULL, *ss_cert_file = NULL;
char *extensions = NULL, *extfile = NULL, *key = NULL, *passinarg = NULL;
char *outdir = NULL, *outfile = NULL, *rev_arg = NULL, *ser_status = NULL;
- char *serialfile = NULL, *startdate = NULL, *subj = NULL, *tmp_email_dn =
- NULL;
- char *prog;
- char *const *pp;
- char *dbfile = NULL, *engine = NULL, *f, *randfile = NULL, *tofree = NULL;
+ char *serialfile = NULL, *startdate = NULL, *subj = NULL;
+ char *prog, *enddate = NULL, *tmp_email_dn = NULL;
+ char *dbfile = NULL, *f, *randfile = NULL, *tofree = NULL;
char buf[3][BSIZE];
+ char *const *pp;
const char *p;
int create_ser = 0, free_key = 0, total = 0, total_done = 0;
int batch = 0, default_op = 1, doupdatedb = 0, ext_copy = EXT_COPY_NONE;
@@ -488,7 +486,7 @@ opthelp:
rev_type = REV_CA_COMPROMISE;
break;
case OPT_ENGINE:
- engine = opt_arg();
+ e = setup_engine(opt_arg(), 0);
break;
}
}
@@ -542,9 +540,6 @@ end_of_options:
OPENSSL_free(tofree);
tofree = NULL;
}
-#ifndef OPENSSL_NO_ENGINE
- e = setup_engine(engine, 0);
-#endif
/* Lets get the config section we are using */
if (section == NULL) {
diff --git a/apps/cms.c b/apps/cms.c
index 397071c..e3e8656 100644
--- a/apps/cms.c
+++ b/apps/cms.c
@@ -241,7 +241,7 @@ int cms_main(int argc, char **argv)
X509_STORE *store = NULL;
X509_VERIFY_PARAM *vpm = NULL;
char *certfile = NULL, *keyfile = NULL, *contfile = NULL;
- char *CAfile = NULL, *CApath = NULL, *certsoutfile = NULL, *engine = NULL;
+ char *CAfile = NULL, *CApath = NULL, *certsoutfile = NULL;
char *infile = NULL, *outfile = NULL, *rctfile = NULL, *inrand = NULL;
char *passinarg = NULL, *passin = NULL, *signerfile = NULL, *recipfile =
NULL;
@@ -475,7 +475,7 @@ int cms_main(int argc, char **argv)
need_rand = 1;
break;
case OPT_ENGINE:
- engine = opt_arg();
+ e = setup_engine(opt_arg(), 0);
break;
case OPT_PASSIN:
passinarg = opt_arg();
@@ -668,9 +668,6 @@ int cms_main(int argc, char **argv)
} else if (!operation)
goto opthelp;
-# ifndef OPENSSL_NO_ENGINE
- e = setup_engine(engine, 0);
-# endif
if (!app_passwd(passinarg, NULL, &passin, NULL)) {
BIO_printf(bio_err, "Error getting password\n");
diff --git a/apps/dgst.c b/apps/dgst.c
index 21b8c7f..adfa2a6 100644
--- a/apps/dgst.c
+++ b/apps/dgst.c
@@ -101,10 +101,6 @@ OPTIONS dgst_options[] = {
"Verify a signature using private key in file"},
{"signature", OPT_SIGNATURE, '<', "File with signature to verify"},
{"keyform", OPT_KEYFORM, 'f', "Key file format (PEM or ENGINE)"},
-#ifndef OPENSSL_NO_ENGINE
- {"engine", OPT_ENGINE, 's', "Use engine e, possibly a hardware device"},
-#endif
- {"engine_impl", OPT_ENGINE_IMPL, '-'},
{"hex", OPT_HEX, '-', "Print as hex dump"},
{"binary", OPT_BINARY, '-', "Print in binary form"},
{"d", OPT_DEBUG, '-', "Print debug info"},
@@ -115,6 +111,10 @@ OPTIONS dgst_options[] = {
{"mac", OPT_MAC, 's', "Create MAC (not neccessarily HMAC)"},
{"sigop", OPT_SIGOPT, 's', "Signature parameter in n:v form"},
{"macop", OPT_MACOPT, 's', "MAC algorithm parameters in n:v form or key"},
+#ifndef OPENSSL_NO_ENGINE
+ {"engine", OPT_ENGINE, 's', "Use engine e, possibly a hardware device"},
+ {"engine_impl", OPT_ENGINE_IMPL, '-'},
+#endif
{"", OPT_DIGEST, '-', "Any supported digest"},
{NULL}
};
@@ -136,10 +136,7 @@ int dgst_main(int argc, char **argv)
int i, ret = 1, out_bin = -1, want_pub = 0, do_verify =
0, non_fips_allow = 0;
unsigned char *buf = NULL, *sigbuf = NULL;
-#ifndef OPENSSL_NO_ENGINE
- char *engine = NULL;
int engine_impl = 0;
-#endif
prog = opt_progname(argv[0]);
if ((buf = (unsigned char *)OPENSSL_malloc(BUFSIZE)) == NULL) {
@@ -193,15 +190,12 @@ int dgst_main(int argc, char **argv)
if (!opt_format(opt_arg(), OPT_FMT_ANY, &keyform))
goto opthelp;
break;
-#ifndef OPENSSL_NO_ENGINE
case OPT_ENGINE:
- engine = opt_arg();
- e = setup_engine(engine, 0);
+ e = setup_engine(opt_arg(), 0);
break;
case OPT_ENGINE_IMPL:
engine_impl = 1;
break;
-#endif
case OPT_HEX:
out_bin = 0;
break;
@@ -250,10 +244,8 @@ int dgst_main(int argc, char **argv)
"No signature to verify: use the -signature option\n");
goto end;
}
-#ifndef OPENSSL_NO_ENGINE
if (engine_impl)
impl = e;
-#endif
in = BIO_new(BIO_s_file());
bmd = BIO_new(BIO_f_md());
diff --git a/apps/dhparam.c b/apps/dhparam.c
index e842ca5..6e51c0b 100644
--- a/apps/dhparam.c
+++ b/apps/dhparam.c
@@ -167,8 +167,7 @@ int dhparam_main(int argc, char **argv)
{
BIO *in = NULL, *out = NULL;
DH *dh = NULL;
- char *engine = NULL, *infile = NULL, *outfile = NULL, *prog, *inrand =
- NULL;
+ char *infile = NULL, *outfile = NULL, *prog, *inrand = NULL;
int dsaparam = 0, i, text = 0, C = 0, ret = 1, num = 0, g = 0;
int informat = FORMAT_PEM, outformat = FORMAT_PEM, check = 0, noout = 0;
OPTION_CHOICE o;
@@ -200,7 +199,7 @@ int dhparam_main(int argc, char **argv)
outfile = opt_arg();
break;
case OPT_ENGINE:
- engine = opt_arg();
+ (void)setup_engine(opt_arg(), 0);
break;
case OPT_CHECK:
check = 1;
@@ -234,10 +233,6 @@ int dhparam_main(int argc, char **argv)
if (argv[0] && (!opt_int(argv[0], &num) || num <= 0))
goto end;
-# ifndef OPENSSL_NO_ENGINE
- setup_engine(engine, 0);
-# endif
-
if (g && !num)
num = DEFBITS;
diff --git a/apps/dsa.c b/apps/dsa.c
index 9d7c97f..c23ed5d 100644
--- a/apps/dsa.c
+++ b/apps/dsa.c
@@ -107,9 +107,8 @@ int dsa_main(int argc, char **argv)
DSA *dsa = NULL;
ENGINE *e = NULL;
const EVP_CIPHER *enc = NULL;
- char *engine = NULL, *infile = NULL, *outfile = NULL, *prog;
- char *passin = NULL, *passout = NULL, *passinarg = NULL, *passoutarg =
- NULL;
+ char *infile = NULL, *outfile = NULL, *prog;
+ char *passin = NULL, *passout = NULL, *passinarg = NULL, *passoutarg = NULL;
OPTION_CHOICE o;
int informat = FORMAT_PEM, outformat = FORMAT_PEM, text = 0, noout = 0;
int i, modulus = 0, pubin = 0, pubout = 0, pvk_encr = 2, ret = 1;
@@ -149,7 +148,7 @@ int dsa_main(int argc, char **argv)
outfile = opt_arg();
break;
case OPT_ENGINE:
- engine = opt_arg();
+ e = setup_engine(opt_arg(), 0);
break;
case OPT_PASSIN:
passinarg = opt_arg();
@@ -192,10 +191,6 @@ int dsa_main(int argc, char **argv)
argc = opt_num_rest();
argv = opt_rest();
-# ifndef OPENSSL_NO_ENGINE
- e = setup_engine(engine, 0);
-# endif
-
if (!app_passwd(passinarg, passoutarg, &passin, &passout)) {
BIO_printf(bio_err, "Error getting passwords\n");
goto end;
diff --git a/apps/dsaparam.c b/apps/dsaparam.c
index b314409..f7365b9 100644
--- a/apps/dsaparam.c
+++ b/apps/dsaparam.c
@@ -124,8 +124,7 @@ int dsaparam_main(int argc, char **argv)
# ifdef GENCB_TEST
int timebomb = 0;
# endif
- char *infile = NULL, *outfile = NULL, *prog, *inrand = NULL, *engine =
- NULL;
+ char *infile = NULL, *outfile = NULL, *prog, *inrand = NULL;
OPTION_CHOICE o;
prog = opt_init(argc, argv, dsaparam_options);
@@ -155,7 +154,7 @@ int dsaparam_main(int argc, char **argv)
outfile = opt_arg();
break;
case OPT_ENGINE:
- engine = opt_arg();
+ (void)setup_engine(opt_arg(), 0);
break;
case OPT_TIMEBOMB:
# ifdef GENCB_TEST
@@ -201,10 +200,6 @@ int dsaparam_main(int argc, char **argv)
if (out == NULL)
goto end;
-# ifndef OPENSSL_NO_ENGINE
- setup_engine(engine, 0);
-# endif
-
if (need_rand) {
app_RAND_load_file(NULL, (inrand != NULL));
if (inrand != NULL)
diff --git a/apps/ec.c b/apps/ec.c
index d6bce6d..471de47 100644
--- a/apps/ec.c
+++ b/apps/ec.c
@@ -116,9 +116,8 @@ int ec_main(int argc, char **argv)
const EC_GROUP *group;
const EVP_CIPHER *enc = NULL;
point_conversion_form_t form = POINT_CONVERSION_UNCOMPRESSED;
- char *infile = NULL, *outfile = NULL, *prog, *engine = NULL;
- char *passin = NULL, *passout = NULL, *passinarg = NULL, *passoutarg =
- NULL;
+ char *infile = NULL, *outfile = NULL, *prog;
+ char *passin = NULL, *passout = NULL, *passinarg = NULL, *passoutarg = NULL;
OPTION_CHOICE o;
int asn1_flag = OPENSSL_EC_NAMED_CURVE, new_form = 0, new_asn1_flag = 0;
int informat = FORMAT_PEM, outformat = FORMAT_PEM, text = 0, noout = 0;
@@ -172,7 +171,7 @@ int ec_main(int argc, char **argv)
passoutarg = opt_arg();
break;
case OPT_ENGINE:
- engine = opt_arg();
+ (void)setup_engine(opt_arg(), 0);
break;
case OPT_CIPHER:
if (!opt_cipher(opt_unknown(), &enc))
@@ -194,10 +193,6 @@ int ec_main(int argc, char **argv)
argc = opt_num_rest();
argv = opt_rest();
-# ifndef OPENSSL_NO_ENGINE
- setup_engine(engine, 0);
-# endif
-
if (!app_passwd(passinarg, passoutarg, &passin, &passout)) {
BIO_printf(bio_err, "Error getting passwords\n");
goto end;
diff --git a/apps/ecparam.c b/apps/ecparam.c
index 167ef39..049fc78 100644
--- a/apps/ecparam.c
+++ b/apps/ecparam.c
@@ -138,7 +138,7 @@ int ecparam_main(int argc, char **argv)
EC_GROUP *group = NULL;
point_conversion_form_t form = POINT_CONVERSION_UNCOMPRESSED;
char *curve_name = NULL, *inrand = NULL;
- char *engine = NULL, *infile = NULL, *outfile = NULL, *prog;
+ char *infile = NULL, *outfile = NULL, *prog;
unsigned char *buffer = NULL;
OPTION_CHOICE o;
int asn1_flag = OPENSSL_EC_NAMED_CURVE, new_asn1_flag = 0;
@@ -213,7 +213,7 @@ int ecparam_main(int argc, char **argv)
need_rand = 1;
break;
case OPT_ENGINE:
- engine = opt_arg();
+ (void)setup_engine(opt_arg(), 0);
break;
}
}
@@ -227,10 +227,6 @@ int ecparam_main(int argc, char **argv)
if (out == NULL)
goto end;
-# ifndef OPENSSL_NO_ENGINE
- setup_engine(engine, 0);
-# endif
-
if (list_curves) {
EC_builtin_curve *curves = NULL;
size_t crv_len = 0;
diff --git a/apps/enc.c b/apps/enc.c
index 06b056b..61a64d4 100644
--- a/apps/enc.c
+++ b/apps/enc.c
@@ -132,7 +132,7 @@ int enc_main(int argc, char **argv)
EVP_CIPHER_CTX *ctx = NULL;
const EVP_CIPHER *cipher = NULL, *c;
const EVP_MD *dgst = NULL;
- char *engine = NULL, *hkey = NULL, *hiv = NULL, *hsalt = NULL, *p;
+ char *hkey = NULL, *hiv = NULL, *hsalt = NULL, *p;
char *infile = NULL, *outfile = NULL, *prog;
char *str = NULL, *passarg = NULL, *pass = NULL, *strbuf = NULL;
char mbuf[sizeof magic - 1];
@@ -193,7 +193,7 @@ int enc_main(int argc, char **argv)
passarg = opt_arg();
break;
case OPT_ENGINE:
- engine = opt_arg();
+ (void)setup_engine(opt_arg(), 0);
break;
case OPT_D:
enc = 0;
@@ -294,10 +294,6 @@ int enc_main(int argc, char **argv)
argc = opt_num_rest();
argv = opt_rest();
-#ifndef OPENSSL_NO_ENGINE
- setup_engine(engine, 0);
-#endif
-
if (cipher && EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) {
BIO_printf(bio_err, "%s: AEAD ciphers not supported\n", prog);
goto end;
diff --git a/apps/gendsa.c b/apps/gendsa.c
index 1eaaa45..21988a0 100644
--- a/apps/gendsa.c
+++ b/apps/gendsa.c
@@ -96,7 +96,7 @@ int gendsa_main(int argc, char **argv)
BIO *out = NULL, *in = NULL;
DSA *dsa = NULL;
const EVP_CIPHER *enc = NULL;
- char *engine = NULL, *inrand = NULL, *dsaparams = NULL;
+ char *inrand = NULL, *dsaparams = NULL;
char *outfile = NULL, *passoutarg = NULL, *passout = NULL, *prog;
OPTION_CHOICE o;
int ret = 1;
@@ -120,7 +120,7 @@ int gendsa_main(int argc, char **argv)
passoutarg = opt_arg();
break;
case OPT_ENGINE:
- engine = opt_arg();
+ (void)setup_engine(opt_arg(), 0);
break;
case OPT_RAND:
inrand = opt_arg();
@@ -138,10 +138,6 @@ int gendsa_main(int argc, char **argv)
goto opthelp;
dsaparams = *argv;
-# ifndef OPENSSL_NO_ENGINE
- setup_engine(engine, 0);
-# endif
-
if (!app_passwd(NULL, passoutarg, NULL, &passout)) {
BIO_printf(bio_err, "Error getting password\n");
goto end;
diff --git a/apps/genpkey.c b/apps/genpkey.c
index 5130b40..ae68e7a 100644
--- a/apps/genpkey.c
+++ b/apps/genpkey.c
@@ -128,11 +128,9 @@ int genpkey_main(int argc, char **argv)
case OPT_PASS:
passarg = opt_arg();
break;
-#ifndef OPENSSL_NO_ENGINE
case OPT_ENGINE:
e = setup_engine(opt_arg(), 0);
break;
-#endif
case OPT_PARAMFILE:
if (do_param == 1)
goto opthelp;
diff --git a/apps/genrsa.c b/apps/genrsa.c
index b7275ae..7d0466a 100644
--- a/apps/genrsa.c
+++ b/apps/genrsa.c
@@ -110,8 +110,7 @@ int genrsa_main(int argc, char **argv)
int ret = 1, non_fips_allow = 0, num = DEFBITS;
unsigned long f4 = RSA_F4;
char *outfile = NULL, *passoutarg = NULL, *passout = NULL;
- char *engine = NULL, *inrand = NULL, *prog;
- char *hexe, *dece;
+ char *inrand = NULL, *prog, *hexe, *dece;
OPTION_CHOICE o;
if (!bn || !cb)
@@ -142,7 +141,7 @@ int genrsa_main(int argc, char **argv)
case OPT_OUT:
outfile = opt_arg();
case OPT_ENGINE:
- engine = opt_arg();
+ e = setup_engine(opt_arg(), 0);
break;
case OPT_RAND:
inrand = opt_arg();
@@ -166,9 +165,6 @@ int genrsa_main(int argc, char **argv)
BIO_printf(bio_err, "Error getting password\n");
goto end;
}
-# ifndef OPENSSL_NO_ENGINE
- e = setup_engine(engine, 0);
-# endif
out = bio_open_default(outfile, "w");
if (out == NULL)
@@ -185,11 +181,7 @@ int genrsa_main(int argc, char **argv)
BIO_printf(bio_err, "Generating RSA private key, %d bit long modulus\n",
num);
-# ifdef OPENSSL_NO_ENGINE
- rsa = RSA_new();
-# else
- rsa = RSA_new_method(e);
-# endif
+ rsa = e ? RSA_new_method(e) : RSA_new();
if (!rsa)
goto end;
diff --git a/apps/pkcs12.c b/apps/pkcs12.c
index a031c1b..5cdd71b 100644
--- a/apps/pkcs12.c
+++ b/apps/pkcs12.c
@@ -173,7 +173,7 @@ int pkcs12_main(int argc, char **argv)
char *passinarg = NULL, *passoutarg = NULL, *passarg = NULL;
char *passin = NULL, *passout = NULL, *inrand = NULL, *macalg = NULL;
char *cpass = NULL, *mpass = NULL, *CApath = NULL, *CAfile = NULL;
- char *engine = NULL, *prog;
+ char *prog;
ENGINE *e = NULL;
BIO *in = NULL, *out = NULL;
PKCS12 *p12 = NULL;
@@ -308,17 +308,13 @@ int pkcs12_main(int argc, char **argv)
CAfile = opt_arg();
break;
case OPT_ENGINE:
- engine = opt_arg();
+ e = setup_engine(opt_arg(), 0);
break;
}
}
argc = opt_num_rest();
argv = opt_rest();
-# ifndef OPENSSL_NO_ENGINE
- e = setup_engine(engine, 0);
-# endif
-
if (passarg) {
if (export_cert)
passoutarg = passarg;
diff --git a/apps/pkcs7.c b/apps/pkcs7.c
index ca05273..7c62a86 100644
--- a/apps/pkcs7.c
+++ b/apps/pkcs7.c
@@ -143,7 +143,7 @@ int pkcs7_main(int argc, char **argv)
PKCS7 *p7 = NULL;
BIO *in = NULL, *out = NULL;
int informat = FORMAT_PEM, outformat = FORMAT_PEM;
- char *engine = NULL, *infile = NULL, *outfile = NULL, *prog;
+ char *infile = NULL, *outfile = NULL, *prog;
int i, print_certs = 0, text = 0, noout = 0, p7_print = 0, ret = 1;
OPTION_CHOICE o;
@@ -186,17 +186,13 @@ int pkcs7_main(int argc, char **argv)
print_certs = 1;
break;
case OPT_ENGINE:
- engine = opt_arg();
+ (void)setup_engine(opt_arg(), 0);
break;
}
}
argc = opt_num_rest();
argv = opt_rest();
-#ifndef OPENSSL_NO_ENGINE
- setup_engine(engine, 0);
-#endif
-
in = bio_open_default(infile, RB(informat));
if (in == NULL)
goto end;
diff --git a/apps/pkcs8.c b/apps/pkcs8.c
index 7b361cf..105c1cb 100644
--- a/apps/pkcs8.c
+++ b/apps/pkcs8.c
@@ -104,14 +104,12 @@ int pkcs8_main(int argc, char **argv)
PKCS8_PRIV_KEY_INFO *p8inf = NULL;
X509_SIG *p8 = NULL;
const EVP_CIPHER *cipher = NULL;
- char *engine = NULL, *infile = NULL, *outfile = NULL;
+ char *infile = NULL, *outfile = NULL;
char *passinarg = NULL, *passoutarg = NULL, *prog;
char pass[50], *passin = NULL, *passout = NULL, *p8pass = NULL;
OPTION_CHOICE o;
- int nocrypt = 0, ret = 1, iter = PKCS12_DEFAULT_ITER, p8_broken =
- PKCS8_OK;
- int informat = FORMAT_PEM, outformat = FORMAT_PEM, topk8 = 0, pbe_nid =
- -1;
+ int nocrypt = 0, ret = 1, iter = PKCS12_DEFAULT_ITER, p8_broken = PKCS8_OK;
+ int informat = FORMAT_PEM, outformat = FORMAT_PEM, topk8 = 0, pbe_nid = -1;
prog = opt_init(argc, argv, pkcs8_options);
while ((o = opt_next()) != OPT_EOF) {
@@ -188,17 +186,13 @@ int pkcs8_main(int argc, char **argv)
passoutarg = opt_arg();
break;
case OPT_ENGINE:
- engine = opt_arg();
+ e = setup_engine(opt_arg(), 0);
break;
}
}
argc = opt_num_rest();
argv = opt_rest();
-#ifndef OPENSSL_NO_ENGINE
- e = setup_engine(engine, 0);
-#endif
-
if (!app_passwd(passinarg, passoutarg, &passin, &passout)) {
BIO_printf(bio_err, "Error getting passwords\n");
goto end;
diff --git a/apps/pkey.c b/apps/pkey.c
index 3597be0..716d6d0 100644
--- a/apps/pkey.c
+++ b/apps/pkey.c
@@ -97,7 +97,7 @@ int pkey_main(int argc, char **argv)
EVP_PKEY *pkey = NULL;
const EVP_CIPHER *cipher = NULL;
char *infile = NULL, *outfile = NULL, *passin = NULL, *passout = NULL;
- char *passinarg = NULL, *passoutarg = NULL, *prog, *engine = NULL;
+ char *passinarg = NULL, *passoutarg = NULL, *prog;
OPTION_CHOICE o;
int informat = FORMAT_PEM, outformat = FORMAT_PEM;
int pubin = 0, pubout = 0, pubtext = 0, text = 0, noout = 0, ret = 1;
@@ -129,7 +129,7 @@ int pkey_main(int argc, char **argv)
passoutarg = opt_arg();
break;
case OPT_ENGINE:
- engine = opt_arg();
+ e = setup_engine(opt_arg(), 0);
break;
case OPT_IN:
infile = opt_arg();
@@ -160,10 +160,6 @@ int pkey_main(int argc, char **argv)
argc = opt_num_rest();
argv = opt_rest();
-#ifndef OPENSSL_NO_ENGINE
- e = setup_engine(engine, 0);
-#endif
-
if (!app_passwd(passinarg, passoutarg, &passin, &passout)) {
BIO_printf(bio_err, "Error getting passwords\n");
goto end;
diff --git a/apps/pkeyparam.c b/apps/pkeyparam.c
index 5a5caf5..fbd19a7 100644
--- a/apps/pkeyparam.c
+++ b/apps/pkeyparam.c
@@ -85,7 +85,7 @@ int pkeyparam_main(int argc, char **argv)
EVP_PKEY *pkey = NULL;
int text = 0, noout = 0, ret = 1;
OPTION_CHOICE o;
- char *infile = NULL, *outfile = NULL, *prog, *engine = NULL;
+ char *infile = NULL, *outfile = NULL, *prog;
prog = opt_init(argc, argv, pkeyparam_options);
while ((o = opt_next()) != OPT_EOF) {
@@ -105,7 +105,7 @@ int pkeyparam_main(int argc, char **argv)
outfile = opt_arg();
break;
case OPT_ENGINE:
- engine = opt_arg();
+ (void)setup_engine(opt_arg(), 0);
break;
case OPT_TEXT:
text = 1;
@@ -118,10 +118,6 @@ int pkeyparam_main(int argc, char **argv)
argc = opt_num_rest();
argv = opt_rest();
-#ifndef OPENSSL_NO_ENGINE
- setup_engine(engine, 0);
-#endif
-
in = bio_open_default(infile, "r");
if (in == NULL)
goto end;
diff --git a/apps/pkeyutl.c b/apps/pkeyutl.c
index 942ba05..da7dc2e 100644
--- a/apps/pkeyutl.c
+++ b/apps/pkeyutl.c
@@ -174,11 +174,9 @@ int pkeyutl_main(int argc, char **argv)
if (!opt_format(opt_arg(), OPT_FMT_PEMDER, &keyform))
goto opthelp;
break;
-#ifndef OPENSSL_NO_ENGINE
case OPT_ENGINE:
e = setup_engine(opt_arg(), 0);
break;
-#endif
case OPT_PUBIN:
key_type = KEY_PUBKEY;
break;
diff --git a/apps/rand.c b/apps/rand.c
index 9a73935..498e7da 100644
--- a/apps/rand.c
+++ b/apps/rand.c
@@ -85,7 +85,7 @@ OPTIONS rand_options[] = {
int rand_main(int argc, char **argv)
{
BIO *out = NULL;
- char *engine = NULL, *inrand = NULL, *outfile = NULL, *prog;
+ char *inrand = NULL, *outfile = NULL, *prog;
OPTION_CHOICE o;
int base64 = 0, hex = 0, i, num = -1, r, ret = 1;
@@ -105,7 +105,7 @@ int rand_main(int argc, char **argv)
outfile = opt_arg();
break;
case OPT_ENGINE:
- engine = opt_arg();
+ (void)setup_engine(opt_arg(), 0);
break;
case OPT_RAND:
inrand = opt_arg();
@@ -126,10 +126,6 @@ int rand_main(int argc, char **argv)
if (sscanf(argv[0], "%d", &num) != 1 || num < 0)
goto opthelp;
-#ifndef OPENSSL_NO_ENGINE
- setup_engine(engine, 0);
-#endif
-
app_RAND_load_file(NULL, (inrand != NULL));
if (inrand != NULL)
BIO_printf(bio_err, "%ld semi-random bytes loaded\n",
diff --git a/apps/req.c b/apps/req.c
index 1237c33..0502a64 100644
--- a/apps/req.c
+++ b/apps/req.c
@@ -136,7 +136,6 @@ OPTIONS req_options[] = {
{"outform", OPT_OUTFORM, 'F', "Output format - DER or PEM"},
{"in", OPT_IN, '<', "Input file"},
{"out", OPT_OUT, '>', "Output file"},
- {"keygen_engine", OPT_KEYGEN_ENGINE, 's'},
{"key", OPT_KEY, '<', "Use the private key contained in file"},
{"keyform", OPT_KEYFORM, 'F', "Key file format"},
{"pubkey", OPT_PUBKEY, '-', "Output public key"},
@@ -179,6 +178,7 @@ OPTIONS req_options[] = {
"Request extension section (override value in config file)"},
#ifndef OPENSSL_NO_ENGINE
{"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
+ {"keygen_engine", OPT_KEYGEN_ENGINE, 's'},
#endif
{"", OPT_MD, '-', "Any supported digest"},
{NULL}
@@ -196,7 +196,7 @@ int req_main(int argc, char **argv)
X509_REQ *req = NULL;
const EVP_CIPHER *cipher = NULL;
const EVP_MD *md_alg = NULL, *digest = NULL;
- char *engine = NULL, *extensions = NULL, *infile = NULL;
+ char *extensions = NULL, *infile = NULL;
char *outfile = NULL, *keyfile = NULL, *inrand = NULL;
char *keyalgstr = NULL, *p, *prog, *passargin = NULL, *passargout = NULL;
char *passin = NULL, *passout = NULL, *req_exts = NULL, *subj = NULL;
@@ -235,18 +235,18 @@ int req_main(int argc, char **argv)
if (!opt_format(opt_arg(), OPT_FMT_PEMDER, &outformat))
goto opthelp;
break;
-#ifndef OPENSSL_NO_ENGINE
case OPT_ENGINE:
- engine = optarg;
+ (void)setup_engine(opt_arg(), 0);
break;
case OPT_KEYGEN_ENGINE:
+#ifndef OPENSSL_NO_ENGINE
gen_eng = ENGINE_by_id(opt_arg());
if (gen_eng == NULL) {
BIO_printf(bio_err, "Can't find keygen engine %s\n", *argv);
- goto end;
+ goto opthelp;
}
- break;
#endif
+ break;
case OPT_KEY:
keyfile = opt_arg();
break;
@@ -498,9 +498,6 @@ int req_main(int argc, char **argv)
goto end;
}
}
-#ifndef OPENSSL_NO_ENGINE
- e = setup_engine(engine, 0);
-#endif
if (keyfile != NULL) {
pkey = load_key(keyfile, keyform, 0, passin, e, "Private Key");
diff --git a/apps/rsa.c b/apps/rsa.c
index 7f7069c..07cc5fb 100644
--- a/apps/rsa.c
+++ b/apps/rsa.c
@@ -158,7 +158,7 @@ int rsa_main(int argc, char **argv)
BIO *out = NULL;
RSA *rsa = NULL;
const EVP_CIPHER *enc = NULL;
- char *engine = NULL, *infile = NULL, *outfile = NULL, *prog;
+ char *infile = NULL, *outfile = NULL, *prog;
char *passin = NULL, *passout = NULL, *passinarg = NULL, *passoutarg = NULL;
int i;
int informat = FORMAT_PEM, outformat = FORMAT_PEM, text = 0, check = 0;
@@ -203,7 +203,7 @@ int rsa_main(int argc, char **argv)
passoutarg = opt_arg();
break;
case OPT_ENGINE:
- engine = opt_arg();
+ e = setup_engine(opt_arg(), 0);
break;
case OPT_PUBIN:
pubin = 1;
@@ -249,10 +249,6 @@ int rsa_main(int argc, char **argv)
argc = opt_num_rest();
argv = opt_rest();
-# ifndef OPENSSL_NO_ENGINE
- e = setup_engine(engine, 0);
-# endif
-
if (!app_passwd(passinarg, passoutarg, &passin, &passout)) {
BIO_printf(bio_err, "Error getting passwords\n");
goto end;
diff --git a/apps/rsautl.c b/apps/rsautl.c
index 0466746..67cb76e 100644
--- a/apps/rsautl.c
+++ b/apps/rsautl.c
@@ -116,7 +116,7 @@ int rsautl_main(int argc, char **argv)
EVP_PKEY *pkey = NULL;
RSA *rsa = NULL;
X509 *x;
- char *engine = NULL, *infile = NULL, *outfile = NULL, *keyfile = NULL;
+ char *infile = NULL, *outfile = NULL, *keyfile = NULL;
char *passinarg = NULL, *passin = NULL, *prog;
char rsa_mode = RSA_VERIFY, key_type = KEY_PRIVKEY;
unsigned char *rsa_in = NULL, *rsa_out = NULL, pad = RSA_PKCS1_PADDING;
@@ -147,7 +147,7 @@ int rsautl_main(int argc, char **argv)
outfile = opt_arg();
break;
case OPT_ENGINE:
- engine = opt_arg();
+ e = setup_engine(opt_arg(), 0);
break;
case OPT_ASN1PARSE:
asn1parse = 1;
@@ -208,9 +208,7 @@ int rsautl_main(int argc, char **argv)
BIO_printf(bio_err, "A private key is needed for this operation\n");
goto end;
}
-# ifndef OPENSSL_NO_ENGINE
- e = setup_engine(engine, 0);
-# endif
+
if (!app_passwd(passinarg, NULL, &passin, NULL)) {
BIO_printf(bio_err, "Error getting password\n");
goto end;
diff --git a/apps/s_client.c b/apps/s_client.c
index 900efe7..0d03005 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -591,7 +591,6 @@ OPTIONS s_client_options[] = {
{"verify_quiet", OPT_VERIFY_QUIET, '-'},
{"brief", OPT_BRIEF, '-'},
{"prexit", OPT_PREXIT, '-'},
- {"ssl_client_engine", OPT_SSL_CLIENT_ENGINE, 's'},
{"trace", OPT_TRACE, '-'},
{"security_debug", OPT_SECURITY_DEBUG, '-'},
{"security_debug_verbose", OPT_SECURITY_DEBUG_VERBOSE, '-'},
@@ -603,6 +602,7 @@ OPTIONS s_client_options[] = {
{"verifyCAfile", OPT_VERIFYCAFILE, '<'},
#ifndef OPENSSL_NO_ENGINE
{"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
+ {"ssl_client_engine", OPT_SSL_CLIENT_ENGINE, 's'},
#endif
OPT_S_OPTIONS,
OPT_V_OPTIONS,
@@ -649,7 +649,6 @@ int s_client_main(int argc, char **argv)
NULL;
char *passarg = NULL, *pass = NULL, *vfyCApath = NULL, *vfyCAfile = NULL;
char *sess_in = NULL, *sess_out = NULL, *crl_file = NULL, *p;
- char *engine_id = NULL, *ssl_client_engine_id = NULL;
char *jpake_secret = NULL;
const char *unix_path = NULL;
struct sockaddr peer;
@@ -674,8 +673,8 @@ int s_client_main(int argc, char **argv)
#endif
#ifndef OPENSSL_NO_ENGINE
ENGINE *ssl_client_engine = NULL;
- ENGINE *e = NULL;
#endif
+ ENGINE *e = NULL;
#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE)
struct timeval tv;
#endif
@@ -829,10 +828,17 @@ int s_client_main(int argc, char **argv)
#endif
break;
case OPT_ENGINE:
- engine_id = opt_arg();
+ e = setup_engine(opt_arg(), 1);
break;
case OPT_SSL_CLIENT_ENGINE:
- ssl_client_engine_id = opt_arg();
+#ifndef OPENSSL_NO_ENGINE
+ ssl_client_engine = ENGINE_by_id(opt_arg());
+ if (ssl_client_engine == NULL) {
+ BIO_printf(bio_err, "Error getting client auth engine\n");
+ goto opthelp;
+ }
+ break;
+#endif
break;
case OPT_RAND:
inrand = opt_arg();
@@ -1075,17 +1081,6 @@ int s_client_main(int argc, char **argv)
next_proto.data = NULL;
#endif
-#ifndef OPENSSL_NO_ENGINE
- e = setup_engine(engine_id, 1);
- if (ssl_client_engine_id) {
- ssl_client_engine = ENGINE_by_id(ssl_client_engine_id);
- if (ssl_client_engine == NULL) {
- BIO_printf(bio_err, "Error getting client auth engine\n");
- goto end;
- }
- }
-#endif
-
if (!app_passwd(passarg, NULL, &pass, NULL)) {
BIO_printf(bio_err, "Error getting password\n");
goto end;
diff --git a/apps/s_server.c b/apps/s_server.c
index 8199b88..3644381 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -1378,7 +1378,7 @@ int s_server_main(int argc, char *argv[])
session_id_prefix = opt_arg();
break;
case OPT_ENGINE:
- engine_id = opt_arg();
+ e = setup_engine(opt_arg(), 1);
break;
case OPT_RAND:
inrand = opt_arg();
@@ -1449,10 +1449,6 @@ int s_server_main(int argc, char *argv[])
}
#endif
-#ifndef OPENSSL_NO_ENGINE
- e = setup_engine(engine_id, 1);
-#endif
-
if (!app_passwd(passarg, dpassarg, &pass, &dpass)) {
BIO_printf(bio_err, "Error getting password\n");
goto end;
diff --git a/apps/smime.c b/apps/smime.c
index 532446f..0c683f5 100644
--- a/apps/smime.c
+++ b/apps/smime.c
@@ -164,7 +164,7 @@ int smime_main(int argc, char **argv)
X509_VERIFY_PARAM *vpm = NULL;
const EVP_CIPHER *cipher = NULL;
const EVP_MD *sign_md = NULL;
- char *CAfile = NULL, *CApath = NULL, *inrand = NULL, *engine = NULL;
+ char *CAfile = NULL, *CApath = NULL, *inrand = NULL;
char *certfile = NULL, *keyfile = NULL, *contfile = NULL, *prog;
char *infile = NULL, *outfile = NULL, *signerfile = NULL, *recipfile =
NULL;
@@ -177,9 +177,7 @@ int smime_main(int argc, char **argv)
int informat = FORMAT_SMIME, outformat = FORMAT_SMIME, keyform =
FORMAT_PEM;
int vpmtouched = 0, rv = 0;
-#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
-#endif
if ((vpm = X509_VERIFY_PARAM_new()) == NULL)
return 1;
@@ -276,7 +274,7 @@ int smime_main(int argc, char **argv)
need_rand = 1;
break;
case OPT_ENGINE:
- engine = opt_arg();
+ e = setup_engine(opt_arg(), 0);
break;
case OPT_PASSIN:
passinarg = opt_arg();
@@ -408,10 +406,6 @@ int smime_main(int argc, char **argv)
} else if (!operation)
goto opthelp;
-#ifndef OPENSSL_NO_ENGINE
- e = setup_engine(engine, 0);
-#endif
-
if (!app_passwd(passinarg, NULL, &passin, NULL)) {
BIO_printf(bio_err, "Error getting password\n");
goto end;
diff --git a/apps/speed.c b/apps/speed.c
index 1a01d33..5758705 100644
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -835,11 +835,9 @@ int speed_main(int argc, char **argv)
case OPT_DECRYPT:
decrypt = 1;
break;
-#ifndef OPENSSL_NO_ENGINE
case OPT_ENGINE:
- setup_engine(opt_arg(), 0);
+ (void)setup_engine(opt_arg(), 0);
break;
-#endif
#ifndef NO_FORK
case OPT_MULTI:
multi = atoi(opt_arg());
diff --git a/apps/spkac.c b/apps/spkac.c
index ee2e596..7ceff9f 100644
--- a/apps/spkac.c
+++ b/apps/spkac.c
@@ -100,7 +100,7 @@ int spkac_main(int argc, char **argv)
ENGINE *e = NULL;
EVP_PKEY *pkey = NULL;
NETSCAPE_SPKI *spki = NULL;
- char *challenge = NULL, *keyfile = NULL, *engine = NULL;
+ char *challenge = NULL, *keyfile = NULL;
char *infile = NULL, *outfile = NULL, *passinarg = NULL, *passin = NULL;
char *spkstr = NULL, *prog;
const char *spkac = "SPKAC", *spksect = "default";
@@ -149,9 +149,8 @@ int spkac_main(int argc, char **argv)
spksect = opt_arg();
break;
case OPT_ENGINE:
- engine = opt_arg();
+ e = setup_engine(opt_arg(), 0);
break;
-
}
}
argc = opt_num_rest();
@@ -161,9 +160,6 @@ int spkac_main(int argc, char **argv)
BIO_printf(bio_err, "Error getting password\n");
goto end;
}
-#ifndef OPENSSL_NO_ENGINE
- e = setup_engine(engine, 0);
-#endif
if (keyfile) {
pkey = load_key(strcmp(keyfile, "-") ? keyfile : NULL,
@@ -194,7 +190,6 @@ int spkac_main(int argc, char **argv)
conf = NCONF_new(NULL);
i = NCONF_load_bio(conf, in, NULL);
-
if (!i) {
BIO_printf(bio_err, "Error parsing config file\n");
ERR_print_errors(bio_err);
diff --git a/apps/srp.c b/apps/srp.c
index bacd670..0585952 100644
--- a/apps/srp.c
+++ b/apps/srp.c
@@ -272,7 +272,7 @@ int srp_main(int argc, char **argv)
int mode = OPT_ERR;
char *user = NULL, *passinarg = NULL, *passoutarg = NULL;
char *passin = NULL, *passout = NULL, *gN = NULL, *userinfo = NULL;
- char *randfile = NULL, *engine = NULL, *tofree = NULL, *section = NULL;
+ char *randfile = NULL, *tofree = NULL, *section = NULL;
char **gNrow = NULL, *configfile = NULL, *dbfile = NULL, **pp, *prog;
long errorline = -1;
OPTION_CHOICE o;
@@ -332,7 +332,7 @@ int srp_main(int argc, char **argv)
passoutarg = opt_arg();
break;
case OPT_ENGINE:
- engine = opt_arg();
+ (void)setup_engine(opt_arg(), 0);
break;
}
}
@@ -359,9 +359,6 @@ int srp_main(int argc, char **argv)
"-passin, -passout arguments only valid with one user.\n");
goto opthelp;
}
-# ifndef OPENSSL_NO_ENGINE
- setup_engine(engine, 0);
-# endif
if (!app_passwd(passinarg, passoutarg, &passin, &passout)) {
BIO_printf(bio_err, "Error getting passwords\n");
diff --git a/apps/verify.c b/apps/verify.c
index 61e85ce..35085e7 100644
--- a/apps/verify.c
+++ b/apps/verify.c
@@ -105,7 +105,7 @@ int verify_main(int argc, char **argv)
STACK_OF(X509_CRL) *crls = NULL;
X509_STORE *store = NULL;
X509_VERIFY_PARAM *vpm = NULL;
- char *prog, *CApath = NULL, *CAfile = NULL, *engine = NULL;
+ char *prog, *CApath = NULL, *CAfile = NULL;
char *untfile = NULL, *trustfile = NULL, *crlfile = NULL;
int vpmtouched = 0, crl_download = 0, show_chain = 0, i = 0, ret = 1;
OPTION_CHOICE o;
@@ -167,7 +167,7 @@ int verify_main(int argc, char **argv)
show_chain = 1;
break;
case OPT_ENGINE:
- engine = opt_arg();
+ e = setup_engine(opt_arg(), 0);
break;
case OPT_VERBOSE:
v_verbose = 1;
@@ -177,9 +177,6 @@ int verify_main(int argc, char **argv)
argc = opt_num_rest();
argv = opt_rest();
-#ifndef OPENSSL_NO_ENGINE
- e = setup_engine(engine, 0);
-#endif
if (!(store = setup_verify(CAfile, CApath)))
goto end;
X509_STORE_set_verify_cb(store, cb);
diff --git a/apps/x509.c b/apps/x509.c
index 903e6b9..e1cc3cd 100644
--- a/apps/x509.c
+++ b/apps/x509.c
@@ -220,25 +220,20 @@ int x509_main(int argc, char **argv)
char *checkhost = NULL, *checkemail = NULL, *checkip = NULL;
char *extsect = NULL, *extfile = NULL, *passin = NULL, *passinarg = NULL;
char *infile = NULL, *outfile = NULL, *keyfile = NULL, *CAfile = NULL;
- char buf[256];
- char *engine = NULL, *prog;
- int C = 0, x509req = 0, days = DEF_DAYS, modulus = 0, pubkey = 0, pprint =
- 0;
- int CAformat = FORMAT_PEM, CAkeyformat = FORMAT_PEM;
- int fingerprint = 0, reqfile = 0, need_rand = 0, checkend =
- 0, checkoffset = 0;
+ char buf[256], *prog;
+ int x509req = 0, days = DEF_DAYS, modulus = 0, pubkey = 0, pprint = 0;
+ int C = 0, CAformat = FORMAT_PEM, CAkeyformat = FORMAT_PEM;
+ int fingerprint = 0, reqfile = 0, need_rand = 0, checkend = 0;
int informat = FORMAT_PEM, outformat = FORMAT_PEM, keyformat = FORMAT_PEM;
int next_serial = 0, subject_hash = 0, issuer_hash = 0, ocspid = 0;
int noout = 0, sign_flag = 0, CA_flag = 0, CA_createserial = 0, email = 0;
int ocsp_uri = 0, trustout = 0, clrtrust = 0, clrreject = 0, aliasout = 0;
int ret = 1, i, num = 0, badsig = 0, clrext = 0, nocert = 0;
- int text = 0, serial = 0, subject = 0, issuer = 0, startdate =
- 0, enddate = 0;
+ int text = 0, serial = 0, subject = 0, issuer = 0, startdate = 0;
+ int checkoffset = 0, enddate = 0;
unsigned long nmflag = 0, certflag = 0;
OPTION_CHOICE o;
-#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
-#endif
#ifndef OPENSSL_NO_MD5
int subject_hash_old = 0, issuer_hash_old = 0;
#endif
@@ -374,7 +369,7 @@ int x509_main(int argc, char **argv)
goto opthelp;
break;
case OPT_ENGINE:
- engine = opt_arg();
+ e = setup_engine(opt_arg(), 0);
break;
case OPT_C:
C = ++num;
@@ -498,10 +493,6 @@ int x509_main(int argc, char **argv)
if (out == NULL)
goto end;
-#ifndef OPENSSL_NO_ENGINE
- e = setup_engine(engine, 0);
-#endif
-
if (need_rand)
app_RAND_load_file(NULL, 0);
More information about the openssl-commits
mailing list