[openssl] master update
bernd.edlinger at hotmail.de
bernd.edlinger at hotmail.de
Fri Apr 10 13:27:39 UTC 2020
The branch master has been updated
via 1ae56f2f43d36618e54cbb8dd47a7107b74505b6 (commit)
from fa4d3fe46dfb4909c3c18c9d6141bb3b60a09eed (commit)
- Log -----------------------------------------------------------------
commit 1ae56f2f43d36618e54cbb8dd47a7107b74505b6
Author: Rich Salz <rsalz at akamai.com>
Date: Wed Mar 4 16:52:22 2020 -0500
Don't compile commands if disabled
Rather than wrapping whole files in "ifndef OPENSSL_NO_xxx" we handle
the changes in build.info
Reviewed-by: Paul Dale <paul.dale at oracle.com>
Reviewed-by: Bernd Edlinger <bernd.edlinger at hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/11250)
-----------------------------------------------------------------------
Summary of changes:
apps/build.info | 35 ++++++++++++--
apps/dhparam.c | 62 +++++++++++-------------
apps/dsa.c | 52 +++++++++-----------
apps/dsaparam.c | 32 ++++++------
apps/ec.c | 26 +++++-----
apps/ecparam.c | 35 ++++++--------
apps/engine.c | 24 ++++-----
apps/gendsa.c | 34 ++++++-------
apps/genrsa.c | 44 ++++++++---------
apps/ocsp.c | 147 +++++++++++++++++++++++++++-----------------------------
apps/pkcs12.c | 51 +++++++++-----------
apps/rsa.c | 56 ++++++++++-----------
apps/rsautl.c | 34 ++++++-------
apps/srp.c | 38 +++++++--------
apps/ts.c | 46 ++++++++----------
15 files changed, 341 insertions(+), 375 deletions(-)
diff --git a/apps/build.info b/apps/build.info
index 2186de3a27..06b5ca46d8 100644
--- a/apps/build.info
+++ b/apps/build.info
@@ -13,15 +13,40 @@ ENDIF
$OPENSSLSRC=\
openssl.c progs.c \
asn1pars.c ca.c ciphers.c cms.c crl.c crl2p7.c dgst.c \
- ec.c ecparam.c enc.c engine.c errstr.c \
- genpkey.c kdf.c mac.c nseq.c ocsp.c passwd.c pkcs12.c pkcs7.c \
+ enc.c errstr.c \
+ genpkey.c kdf.c mac.c nseq.c passwd.c pkcs7.c \
pkcs8.c pkey.c pkeyparam.c pkeyutl.c prime.c rand.c req.c \
s_client.c s_server.c s_time.c sess_id.c smime.c speed.c \
- spkac.c srp.c ts.c verify.c version.c x509.c rehash.c storeutl.c \
+ spkac.c verify.c version.c x509.c rehash.c storeutl.c \
list.c info.c provider.c fipsinstall.c
+IF[{- !$disabled{'des'} -}]
+ $OPENSSLSRC=$OPENSSLSRC pkcs12.c
+ENDIF
+IF[{- !$disabled{'ec'} -}]
+ $OPENSSLSRC=$OPENSSLSRC ec.c ecparam.c
+ENDIF
+IF[{- !$disabled{'ocsp'} -}]
+ $OPENSSLSRC=$OPENSSLSRC ocsp.c
+ENDIF
+IF[{- !$disabled{'srp'} -}]
+ $OPENSSLSRC=$OPENSSLSRC srp.c
+ENDIF
+IF[{- !$disabled{'ts'} -}]
+ $OPENSSLSRC=$OPENSSLSRC ts.c
+ENDIF
IF[{- !$disabled{'deprecated-3.0'} -}]
- $OPENSSLSRC=$OPENSSLSRC \
- dhparam.c dsa.c dsaparam.c gendsa.c rsa.c rsautl.c genrsa.c
+ IF[{- !$disabled{'dh'} -}]
+ $OPENSSLSRC=$OPENSSLSRC dhparam.c
+ ENDIF
+ IF[{- !$disabled{'dsa'} -}]
+ $OPENSSLSRC=$OPENSSLSRC dsa.c dsaparam.c gendsa.c
+ ENDIF
+ IF[{- !$disabled{'engine'} -}]
+ $OPENSSLSRC=$OPENSSLSRC engine.c
+ ENDIF
+ IF[{- !$disabled{'rsa'} -}]
+ $OPENSSLSRC=$OPENSSLSRC rsa.c rsautl.c genrsa.c
+ ENDIF
ENDIF
IF[{- !$disabled{'cmp'} -}]
$OPENSSLSRC=$OPENSSLSRC cmp_mock_srv.c
diff --git a/apps/dhparam.c b/apps/dhparam.c
index 3f694c5a35..019a7ce8ab 100644
--- a/apps/dhparam.c
+++ b/apps/dhparam.c
@@ -11,28 +11,25 @@
#define OPENSSL_SUPPRESS_DEPRECATED
#include <openssl/opensslconf.h>
-#ifdef OPENSSL_NO_DH
-NON_EMPTY_TRANSLATION_UNIT
-#else
-
-# include <stdio.h>
-# include <stdlib.h>
-# include <time.h>
-# include <string.h>
-# include "apps.h"
-# include "progs.h"
-# include <openssl/bio.h>
-# include <openssl/err.h>
-# include <openssl/bn.h>
-# include <openssl/dh.h>
-# include <openssl/x509.h>
-# include <openssl/pem.h>
-
-# ifndef OPENSSL_NO_DSA
-# include <openssl/dsa.h>
-# endif
-
-# define DEFBITS 2048
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include "apps.h"
+#include "progs.h"
+#include <openssl/bio.h>
+#include <openssl/err.h>
+#include <openssl/bn.h>
+#include <openssl/dh.h>
+#include <openssl/x509.h>
+#include <openssl/pem.h>
+
+#ifndef OPENSSL_NO_DSA
+# include <openssl/dsa.h>
+#endif
+
+#define DEFBITS 2048
static int dh_cb(int p, int n, BN_GENCB *cb);
@@ -50,13 +47,13 @@ const OPTIONS dhparam_options[] = {
OPT_SECTION("General"),
{"help", OPT_HELP, '-', "Display this summary"},
{"check", OPT_CHECK, '-', "Check the DH parameters"},
-# ifndef OPENSSL_NO_DSA
+#ifndef OPENSSL_NO_DSA
{"dsaparam", OPT_DSAPARAM, '-',
"Read or generate DSA parameters, convert to DH"},
-# endif
-# ifndef OPENSSL_NO_ENGINE
+#endif
+#ifndef OPENSSL_NO_ENGINE
{"engine", OPT_ENGINE, 's', "Use engine e, possibly a hardware device"},
-# endif
+#endif
OPT_SECTION("Input"),
{"in", OPT_IN, '<', "Input file"},
@@ -167,13 +164,13 @@ int dhparam_main(int argc, char **argv)
if (g && !num)
num = DEFBITS;
-# ifndef OPENSSL_NO_DSA
+#ifndef OPENSSL_NO_DSA
if (dsaparam && g) {
BIO_printf(bio_err,
"generator may not be chosen for DSA parameters\n");
goto end;
}
-# endif
+#endif
out = bio_open_default(outfile, 'w', outformat);
if (out == NULL)
@@ -194,7 +191,7 @@ int dhparam_main(int argc, char **argv)
BN_GENCB_set(cb, dh_cb, bio_err);
-# ifndef OPENSSL_NO_DSA
+#ifndef OPENSSL_NO_DSA
if (dsaparam) {
DSA *dsa = DSA_new();
@@ -217,7 +214,7 @@ int dhparam_main(int argc, char **argv)
goto end;
}
} else
-# endif
+#endif
{
dh = DH_new();
BIO_printf(bio_err,
@@ -238,7 +235,7 @@ int dhparam_main(int argc, char **argv)
if (in == NULL)
goto end;
-# ifndef OPENSSL_NO_DSA
+#ifndef OPENSSL_NO_DSA
if (dsaparam) {
DSA *dsa;
@@ -260,7 +257,7 @@ int dhparam_main(int argc, char **argv)
goto end;
}
} else
-# endif
+#endif
{
if (informat == FORMAT_ASN1) {
/*
@@ -397,4 +394,3 @@ static int dh_cb(int p, int n, BN_GENCB *cb)
(void)BIO_flush(BN_GENCB_get_arg(cb));
return 1;
}
-#endif
diff --git a/apps/dsa.c b/apps/dsa.c
index 082aa96476..200e959fb0 100644
--- a/apps/dsa.c
+++ b/apps/dsa.c
@@ -11,23 +11,20 @@
#define OPENSSL_SUPPRESS_DEPRECATED
#include <openssl/opensslconf.h>
-#ifdef OPENSSL_NO_DSA
-NON_EMPTY_TRANSLATION_UNIT
-#else
-# include <stdio.h>
-# include <stdlib.h>
-# include <string.h>
-# include <time.h>
-# include "apps.h"
-# include "progs.h"
-# include <openssl/bio.h>
-# include <openssl/err.h>
-# include <openssl/dsa.h>
-# include <openssl/evp.h>
-# include <openssl/x509.h>
-# include <openssl/pem.h>
-# include <openssl/bn.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <time.h>
+#include "apps.h"
+#include "progs.h"
+#include <openssl/bio.h>
+#include <openssl/err.h>
+#include <openssl/dsa.h>
+#include <openssl/evp.h>
+#include <openssl/x509.h>
+#include <openssl/pem.h>
+#include <openssl/bn.h>
typedef enum OPTION_choice {
OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
@@ -43,14 +40,14 @@ const OPTIONS dsa_options[] = {
OPT_SECTION("General"),
{"help", OPT_HELP, '-', "Display this summary"},
{"", OPT_CIPHER, '-', "Any supported cipher"},
-# ifndef OPENSSL_NO_RC4
+#ifndef OPENSSL_NO_RC4
{"pvk-strong", OPT_PVK_STRONG, '-', "Enable 'Strong' PVK encoding level (default)"},
{"pvk-weak", OPT_PVK_WEAK, '-', "Enable 'Weak' PVK encoding level"},
{"pvk-none", OPT_PVK_NONE, '-', "Don't enforce PVK encoding"},
-# endif
-# ifndef OPENSSL_NO_ENGINE
+#endif
+#ifndef OPENSSL_NO_ENGINE
{"engine", OPT_ENGINE, 's', "Use engine e, possibly a hardware device"},
-# endif
+#endif
OPT_SECTION("Input"),
{"in", OPT_IN, 's', "Input key"},
@@ -82,9 +79,9 @@ int dsa_main(int argc, char **argv)
OPTION_CHOICE o;
int informat = FORMAT_PEM, outformat = FORMAT_PEM, text = 0, noout = 0;
int i, modulus = 0, pubin = 0, pubout = 0, ret = 1;
-# ifndef OPENSSL_NO_RC4
+#ifndef OPENSSL_NO_RC4
int pvk_encr = 2;
-# endif
+#endif
int private = 0;
prog = opt_init(argc, argv, dsa_options);
@@ -230,7 +227,7 @@ int dsa_main(int argc, char **argv)
i = PEM_write_bio_DSAPrivateKey(out, dsa, enc,
NULL, 0, NULL, passout);
}
-# ifndef OPENSSL_NO_RSA
+#ifndef OPENSSL_NO_RSA
} else if (outformat == FORMAT_MSBLOB || outformat == FORMAT_PVK) {
EVP_PKEY *pk;
pk = EVP_PKEY_new();
@@ -245,13 +242,13 @@ int dsa_main(int argc, char **argv)
goto end;
}
assert(private);
-# ifdef OPENSSL_NO_RC4
+# ifdef OPENSSL_NO_RC4
BIO_printf(bio_err, "PVK format not supported\n");
EVP_PKEY_free(pk);
goto end;
-# else
+# else
i = i2b_PVK_bio(out, pk, pvk_encr, 0, passout);
-# endif
+# endif
} else if (pubin || pubout) {
i = i2b_PublicKey_bio(out, pk);
} else {
@@ -259,7 +256,7 @@ int dsa_main(int argc, char **argv)
i = i2b_PrivateKey_bio(out, pk);
}
EVP_PKEY_free(pk);
-# endif
+#endif
} else {
BIO_printf(bio_err, "bad output format specified for outfile\n");
goto end;
@@ -278,4 +275,3 @@ int dsa_main(int argc, char **argv)
OPENSSL_free(passout);
return ret;
}
-#endif
diff --git a/apps/dsaparam.c b/apps/dsaparam.c
index 04e09e7950..11f47b44c4 100644
--- a/apps/dsaparam.c
+++ b/apps/dsaparam.c
@@ -11,22 +11,19 @@
#define OPENSSL_SUPPRESS_DEPRECATED
#include <openssl/opensslconf.h>
-#ifdef OPENSSL_NO_DSA
-NON_EMPTY_TRANSLATION_UNIT
-#else
-# include <stdio.h>
-# include <stdlib.h>
-# include <time.h>
-# include <string.h>
-# include "apps.h"
-# include "progs.h"
-# include <openssl/bio.h>
-# include <openssl/err.h>
-# include <openssl/bn.h>
-# include <openssl/dsa.h>
-# include <openssl/x509.h>
-# include <openssl/pem.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include "apps.h"
+#include "progs.h"
+#include <openssl/bio.h>
+#include <openssl/err.h>
+#include <openssl/bn.h>
+#include <openssl/dsa.h>
+#include <openssl/x509.h>
+#include <openssl/pem.h>
static int verbose = 0;
@@ -44,9 +41,9 @@ const OPTIONS dsaparam_options[] = {
OPT_SECTION("General"),
{"help", OPT_HELP, '-', "Display this summary"},
-# ifndef OPENSSL_NO_ENGINE
+#ifndef OPENSSL_NO_ENGINE
{"engine", OPT_ENGINE, 's', "Use engine e, possibly a hardware device"},
-# endif
+#endif
OPT_SECTION("Input"),
{"in", OPT_IN, '<', "Input file"},
@@ -286,4 +283,3 @@ static int dsa_cb(int p, int n, BN_GENCB *cb)
(void)BIO_flush(BN_GENCB_get_arg(cb));
return 1;
}
-#endif
diff --git a/apps/ec.c b/apps/ec.c
index 6a3879922c..ba37d8067f 100644
--- a/apps/ec.c
+++ b/apps/ec.c
@@ -8,19 +8,16 @@
*/
#include <openssl/opensslconf.h>
-#ifdef OPENSSL_NO_EC
-NON_EMPTY_TRANSLATION_UNIT
-#else
-# include <stdio.h>
-# include <stdlib.h>
-# include <string.h>
-# include "apps.h"
-# include "progs.h"
-# include <openssl/bio.h>
-# include <openssl/err.h>
-# include <openssl/evp.h>
-# include <openssl/pem.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "apps.h"
+#include "progs.h"
+#include <openssl/bio.h>
+#include <openssl/err.h>
+#include <openssl/evp.h>
+#include <openssl/pem.h>
static OPT_PAIR conv_forms[] = {
{"compressed", POINT_CONVERSION_COMPRESSED},
@@ -46,9 +43,9 @@ typedef enum OPTION_choice {
const OPTIONS ec_options[] = {
OPT_SECTION("General"),
{"help", OPT_HELP, '-', "Display this summary"},
-# ifndef OPENSSL_NO_ENGINE
+#ifndef OPENSSL_NO_ENGINE
{"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
-# endif
+#endif
OPT_SECTION("Input"),
{"in", OPT_IN, 's', "Input file"},
@@ -291,4 +288,3 @@ int ec_main(int argc, char **argv)
OPENSSL_free(passout);
return ret;
}
-#endif
diff --git a/apps/ecparam.c b/apps/ecparam.c
index ed4f4f1fd8..b93c2fa086 100644
--- a/apps/ecparam.c
+++ b/apps/ecparam.c
@@ -9,22 +9,19 @@
*/
#include <openssl/opensslconf.h>
-#ifdef OPENSSL_NO_EC
-NON_EMPTY_TRANSLATION_UNIT
-#else
-
-# include <stdio.h>
-# include <stdlib.h>
-# include <time.h>
-# include <string.h>
-# include "apps.h"
-# include "progs.h"
-# include <openssl/bio.h>
-# include <openssl/err.h>
-# include <openssl/bn.h>
-# include <openssl/ec.h>
-# include <openssl/x509.h>
-# include <openssl/pem.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include "apps.h"
+#include "progs.h"
+#include <openssl/bio.h>
+#include <openssl/err.h>
+#include <openssl/bn.h>
+#include <openssl/ec.h>
+#include <openssl/x509.h>
+#include <openssl/pem.h>
typedef enum OPTION_choice {
OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
@@ -39,9 +36,9 @@ const OPTIONS ecparam_options[] = {
{"help", OPT_HELP, '-', "Display this summary"},
{"list_curves", OPT_LIST_CURVES, '-',
"Prints a list of all curve 'short names'"},
-# ifndef OPENSSL_NO_ENGINE
+#ifndef OPENSSL_NO_ENGINE
{"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
-# endif
+#endif
{"genkey", OPT_GENKEY, '-', "Generate ec key"},
{"in", OPT_IN, '<', "Input file - default stdin"},
@@ -473,5 +470,3 @@ int ecparam_main(int argc, char **argv)
BIO_free_all(out);
return ret;
}
-
-#endif
diff --git a/apps/engine.c b/apps/engine.c
index a71e111016..c070f1f8b2 100644
--- a/apps/engine.c
+++ b/apps/engine.c
@@ -8,19 +8,16 @@
*/
#include <openssl/opensslconf.h>
-#ifdef OPENSSL_NO_ENGINE
-NON_EMPTY_TRANSLATION_UNIT
-#else
-
-# include "apps.h"
-# include "progs.h"
-# include <stdio.h>
-# include <stdlib.h>
-# include <string.h>
-# include <openssl/err.h>
-# include <openssl/engine.h>
-# include <openssl/ssl.h>
-# include <openssl/store.h>
+
+#include "apps.h"
+#include "progs.h"
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <openssl/err.h>
+#include <openssl/engine.h>
+#include <openssl/ssl.h>
+#include <openssl/store.h>
typedef enum OPTION_choice {
OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
@@ -491,4 +488,3 @@ int engine_main(int argc, char **argv)
BIO_free_all(out);
return ret;
}
-#endif
diff --git a/apps/gendsa.c b/apps/gendsa.c
index cf24416bd7..56939c56d1 100644
--- a/apps/gendsa.c
+++ b/apps/gendsa.c
@@ -11,22 +11,19 @@
#define OPENSSL_SUPPRESS_DEPRECATED
#include <openssl/opensslconf.h>
-#ifdef OPENSSL_NO_DSA
-NON_EMPTY_TRANSLATION_UNIT
-#else
-
-# include <stdio.h>
-# include <string.h>
-# include <sys/types.h>
-# include <sys/stat.h>
-# include "apps.h"
-# include "progs.h"
-# include <openssl/bio.h>
-# include <openssl/err.h>
-# include <openssl/bn.h>
-# include <openssl/dsa.h>
-# include <openssl/x509.h>
-# include <openssl/pem.h>
+
+#include <stdio.h>
+#include <string.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include "apps.h"
+#include "progs.h"
+#include <openssl/bio.h>
+#include <openssl/err.h>
+#include <openssl/bn.h>
+#include <openssl/dsa.h>
+#include <openssl/x509.h>
+#include <openssl/pem.h>
typedef enum OPTION_choice {
OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
@@ -39,9 +36,9 @@ const OPTIONS gendsa_options[] = {
OPT_SECTION("General"),
{"help", OPT_HELP, '-', "Display this summary"},
-# ifndef OPENSSL_NO_ENGINE
+#ifndef OPENSSL_NO_ENGINE
{"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
-# endif
+#endif
OPT_SECTION("Output"),
{"out", OPT_OUT, '>', "Output the key to the specified file"},
@@ -162,4 +159,3 @@ int gendsa_main(int argc, char **argv)
OPENSSL_free(passout);
return ret;
}
-#endif
diff --git a/apps/genrsa.c b/apps/genrsa.c
index 3f76d9bada..deeac112b1 100644
--- a/apps/genrsa.c
+++ b/apps/genrsa.c
@@ -11,27 +11,24 @@
#define OPENSSL_SUPPRESS_DEPRECATED
#include <openssl/opensslconf.h>
-#ifdef OPENSSL_NO_RSA
-NON_EMPTY_TRANSLATION_UNIT
-#else
-
-# include <stdio.h>
-# include <string.h>
-# include <sys/types.h>
-# include <sys/stat.h>
-# include "apps.h"
-# include "progs.h"
-# include <openssl/bio.h>
-# include <openssl/err.h>
-# include <openssl/bn.h>
-# include <openssl/rsa.h>
-# include <openssl/evp.h>
-# include <openssl/x509.h>
-# include <openssl/pem.h>
-# include <openssl/rand.h>
-
-# define DEFBITS 2048
-# define DEFPRIMES 2
+
+#include <stdio.h>
+#include <string.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include "apps.h"
+#include "progs.h"
+#include <openssl/bio.h>
+#include <openssl/err.h>
+#include <openssl/bn.h>
+#include <openssl/rsa.h>
+#include <openssl/evp.h>
+#include <openssl/x509.h>
+#include <openssl/pem.h>
+#include <openssl/rand.h>
+
+#define DEFBITS 2048
+#define DEFPRIMES 2
static int verbose = 0;
@@ -49,9 +46,9 @@ const OPTIONS genrsa_options[] = {
OPT_SECTION("General"),
{"help", OPT_HELP, '-', "Display this summary"},
-# ifndef OPENSSL_NO_ENGINE
+#ifndef OPENSSL_NO_ENGINE
{"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
-# endif
+#endif
OPT_SECTION("Input"),
{"3", OPT_3, '-', "Use 3 for the E value"},
@@ -227,4 +224,3 @@ static int genrsa_cb(int p, int n, BN_GENCB *cb)
(void)BIO_flush(BN_GENCB_get_arg(cb));
return 1;
}
-#endif
diff --git a/apps/ocsp.c b/apps/ocsp.c
index 411f605814..3fa10797fc 100644
--- a/apps/ocsp.c
+++ b/apps/ocsp.c
@@ -9,32 +9,29 @@
#include <openssl/opensslconf.h>
-#ifdef OPENSSL_NO_OCSP
-NON_EMPTY_TRANSLATION_UNIT
-#else
-# ifdef OPENSSL_SYS_VMS
-# define _XOPEN_SOURCE_EXTENDED/* So fd_set and friends get properly defined
- * on OpenVMS */
-# endif
+#ifdef OPENSSL_SYS_VMS
+ /* So fd_set and friends get properly defined on OpenVMS */
+# define _XOPEN_SOURCE_EXTENDED
+#endif
-# include <stdio.h>
-# include <stdlib.h>
-# include <string.h>
-# include <time.h>
-# include <ctype.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <time.h>
+#include <ctype.h>
/* Needs to be included before the openssl headers */
-# include "apps.h"
-# include "progs.h"
-# include "internal/sockets.h"
-# include <openssl/e_os2.h>
-# include <openssl/crypto.h>
-# include <openssl/err.h>
-# include <openssl/ssl.h>
-# include <openssl/evp.h>
-# include <openssl/bn.h>
-# include <openssl/x509v3.h>
-# include <openssl/rand.h>
+#include "apps.h"
+#include "progs.h"
+#include "internal/sockets.h"
+#include <openssl/e_os2.h>
+#include <openssl/crypto.h>
+#include <openssl/err.h>
+#include <openssl/ssl.h>
+#include <openssl/evp.h>
+#include <openssl/bn.h>
+#include <openssl/x509v3.h>
+#include <openssl/rand.h>
#ifndef HAVE_FORK
# if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS)
@@ -50,24 +47,24 @@ NON_EMPTY_TRANSLATION_UNIT
# define NO_FORK
#endif
-# if !defined(NO_FORK) && !defined(OPENSSL_NO_SOCK) \
+#if !defined(NO_FORK) && !defined(OPENSSL_NO_SOCK) \
&& !defined(OPENSSL_NO_POSIX_IO)
-# define OCSP_DAEMON
-# include <sys/types.h>
-# include <sys/wait.h>
-# include <syslog.h>
-# include <signal.h>
-# define MAXERRLEN 1000 /* limit error text sent to syslog to 1000 bytes */
-# else
-# undef LOG_INFO
-# undef LOG_WARNING
-# undef LOG_ERR
-# define LOG_INFO 0
-# define LOG_WARNING 1
-# define LOG_ERR 2
-# endif
+# define OCSP_DAEMON
+# include <sys/types.h>
+# include <sys/wait.h>
+# include <syslog.h>
+# include <signal.h>
+# define MAXERRLEN 1000 /* limit error text sent to syslog to 1000 bytes */
+#else
+# undef LOG_INFO
+# undef LOG_WARNING
+# undef LOG_ERR
+# define LOG_INFO 0
+# define LOG_WARNING 1
+# define LOG_ERR 2
+#endif
-# if defined(OPENSSL_SYS_VXWORKS)
+#if defined(OPENSSL_SYS_VXWORKS)
/* not supported */
int setpgid(pid_t pid, pid_t pgid)
{
@@ -80,9 +77,9 @@ pid_t fork(void)
errno = ENOSYS;
return (pid_t) -1;
}
-# endif
+#endif
/* Maximum leeway in validity period: default 5 minutes */
-# define MAX_VALIDITY_PERIOD (5 * 60)
+#define MAX_VALIDITY_PERIOD (5 * 60)
static int add_ocsp_cert(OCSP_REQUEST **req, X509 *cert,
const EVP_MD *cert_id_md, X509 *issuer,
@@ -110,13 +107,13 @@ static void log_message(int level, const char *fmt, ...);
static char *prog;
static int multi = 0;
-# ifdef OCSP_DAEMON
+#ifdef OCSP_DAEMON
static int acfd = (int) INVALID_SOCKET;
static int index_changed(CA_DB *);
static void spawn_loop(void);
static int print_syslog(const char *str, size_t len, void *levPtr);
static void socket_timeout(int signum);
-# endif
+#endif
typedef enum OPTION_choice {
OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
@@ -160,9 +157,9 @@ const OPTIONS ocsp_options[] = {
"Connection timeout (in seconds) to the OCSP responder"},
{"resp_no_certs", OPT_RESP_NO_CERTS, '-',
"Don't include any certificates in response"},
-# ifdef OCSP_DAEMON
+#ifdef OCSP_DAEMON
{"multi", OPT_MULTI, 'p', "run multiple responder processes"},
-# endif
+#endif
{"no_certs", OPT_NO_CERTS, '-',
"Don't include any certificates in signed request"},
{"badsig", OPT_BADSIG, '-',
@@ -538,9 +535,9 @@ int ocsp_main(int argc, char **argv)
trailing_md = 1;
break;
case OPT_MULTI:
-# ifdef OCSP_DAEMON
+#ifdef OCSP_DAEMON
multi = atoi(opt_arg());
-# endif
+#endif
break;
case OPT_PROV_CASES:
if (!opt_provider(o))
@@ -628,7 +625,7 @@ int ocsp_main(int argc, char **argv)
}
}
-# ifdef OCSP_DAEMON
+#ifdef OCSP_DAEMON
if (multi && acbio != NULL)
spawn_loop();
if (acbio != NULL && req_timeout > 0)
@@ -641,7 +638,7 @@ int ocsp_main(int argc, char **argv)
redo_accept:
if (acbio != NULL) {
-# ifdef OCSP_DAEMON
+#ifdef OCSP_DAEMON
if (index_changed(rdb)) {
CA_DB *newrdb = load_index(ridx_filename, NULL);
@@ -654,7 +651,7 @@ redo_accept:
ridx_filename);
}
}
-# endif
+#endif
req = NULL;
if (!do_responder(&req, &cbio, acbio, req_timeout))
@@ -724,16 +721,16 @@ redo_accept:
if (cbio != NULL)
send_ocsp_response(cbio, resp);
} else if (host != NULL) {
-# ifndef OPENSSL_NO_SOCK
+#ifndef OPENSSL_NO_SOCK
resp = process_responder(req, host, path,
port, use_ssl, headers, req_timeout);
if (resp == NULL)
goto end;
-# else
+#else
BIO_printf(bio_err,
"Error creating connect BIO - sockets not supported.\n");
goto end;
-# endif
+#endif
} else if (respin != NULL) {
derbio = bio_open_default(respin, 'r', FORMAT_ASN1);
if (derbio == NULL)
@@ -877,7 +874,7 @@ log_message(int level, const char *fmt, ...)
va_list ap;
va_start(ap, fmt);
-# ifdef OCSP_DAEMON
+#ifdef OCSP_DAEMON
if (multi) {
char buf[1024];
if (vsnprintf(buf, sizeof(buf), fmt, ap) > 0) {
@@ -886,7 +883,7 @@ log_message(int level, const char *fmt, ...)
if (level >= LOG_ERR)
ERR_print_errors_cb(print_syslog, &level);
}
-# endif
+#endif
if (!multi) {
BIO_printf(bio_err, "%s: ", prog);
BIO_vprintf(bio_err, fmt, ap);
@@ -895,7 +892,7 @@ log_message(int level, const char *fmt, ...)
va_end(ap);
}
-# ifdef OCSP_DAEMON
+#ifdef OCSP_DAEMON
static int print_syslog(const char *str, size_t len, void *levPtr)
{
@@ -1048,7 +1045,7 @@ static void spawn_loop(void)
syslog(LOG_INFO, "terminating on signal: %d", termsig);
killall(0, kidpids);
}
-# endif
+#endif
static int add_ocsp_cert(OCSP_REQUEST **req, X509 *cert,
const EVP_MD *cert_id_md, X509 *issuer,
@@ -1338,11 +1335,11 @@ static char **lookup_serial(CA_DB *db, ASN1_INTEGER *ser)
static BIO *init_responder(const char *port)
{
-# ifdef OPENSSL_NO_SOCK
+#ifdef OPENSSL_NO_SOCK
BIO_printf(bio_err,
"Error setting up accept BIO - sockets not supported.\n");
return NULL;
-# else
+#else
BIO *acbio = NULL, *bufbio = NULL;
bufbio = BIO_new(BIO_f_buffer());
@@ -1369,10 +1366,10 @@ static BIO *init_responder(const char *port)
BIO_free_all(acbio);
BIO_free(bufbio);
return NULL;
-# endif
+#endif
}
-# ifndef OPENSSL_NO_SOCK
+#ifndef OPENSSL_NO_SOCK
/*
* Decode %xx URL-decoding in-place. Ignores mal-formed sequences.
*/
@@ -1396,22 +1393,22 @@ static int urldecode(char *p)
*out = '\0';
return (int)(out - save);
}
-# endif
+#endif
-# ifdef OCSP_DAEMON
+#ifdef OCSP_DAEMON
static void socket_timeout(int signum)
{
if (acfd != (int)INVALID_SOCKET)
(void)shutdown(acfd, SHUT_RD);
}
-# endif
+#endif
static int do_responder(OCSP_REQUEST **preq, BIO **pcbio, BIO *acbio,
int timeout)
{
-# ifdef OPENSSL_NO_SOCK
+#ifdef OPENSSL_NO_SOCK
return 0;
-# else
+#else
int len;
OCSP_REQUEST *req = NULL;
char inbuf[2048], reqbuf[2048];
@@ -1429,12 +1426,12 @@ static int do_responder(OCSP_REQUEST **preq, BIO **pcbio, BIO *acbio,
*pcbio = cbio;
client = BIO_get_peer_name(cbio);
-# ifdef OCSP_DAEMON
+# ifdef OCSP_DAEMON
if (timeout > 0) {
(void) BIO_get_fd(cbio, &acfd);
alarm(timeout);
}
-# endif
+# endif
/* Read the request line. */
len = BIO_gets(cbio, reqbuf, sizeof(reqbuf));
@@ -1497,11 +1494,11 @@ static int do_responder(OCSP_REQUEST **preq, BIO **pcbio, BIO *acbio,
break;
}
-# ifdef OCSP_DAEMON
+# ifdef OCSP_DAEMON
/* Clear alarm before we close the client socket */
alarm(0);
timeout = 0;
-# endif
+# endif
/* Try to read OCSP request */
if (getbio != NULL) {
@@ -1517,13 +1514,13 @@ static int do_responder(OCSP_REQUEST **preq, BIO **pcbio, BIO *acbio,
*preq = req;
out:
-# ifdef OCSP_DAEMON
+# ifdef OCSP_DAEMON
if (timeout > 0)
alarm(0);
acfd = (int)INVALID_SOCKET;
-# endif
- return 1;
# endif
+ return 1;
+#endif
}
static int send_ocsp_response(BIO *cbio, OCSP_RESPONSE *resp)
@@ -1539,7 +1536,7 @@ static int send_ocsp_response(BIO *cbio, OCSP_RESPONSE *resp)
return 1;
}
-# ifndef OPENSSL_NO_SOCK
+#ifndef OPENSSL_NO_SOCK
OCSP_RESPONSE *process_responder(OCSP_REQUEST *req,
const char *host, const char *path,
const char *port, int use_ssl,
@@ -1571,6 +1568,4 @@ OCSP_RESPONSE *process_responder(OCSP_REQUEST *req,
SSL_CTX_free(ctx);
return resp;
}
-# endif
-
#endif
diff --git a/apps/pkcs12.c b/apps/pkcs12.c
index c2448a74f5..f5ad949872 100644
--- a/apps/pkcs12.c
+++ b/apps/pkcs12.c
@@ -8,25 +8,22 @@
*/
#include <openssl/opensslconf.h>
-#if defined(OPENSSL_NO_DES)
-NON_EMPTY_TRANSLATION_UNIT
-#else
-# include <stdio.h>
-# include <stdlib.h>
-# include <string.h>
-# include "apps.h"
-# include "progs.h"
-# include <openssl/crypto.h>
-# include <openssl/err.h>
-# include <openssl/pem.h>
-# include <openssl/pkcs12.h>
-
-# define NOKEYS 0x1
-# define NOCERTS 0x2
-# define INFO 0x4
-# define CLCERTS 0x8
-# define CACERTS 0x10
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "apps.h"
+#include "progs.h"
+#include <openssl/crypto.h>
+#include <openssl/err.h>
+#include <openssl/pem.h>
+#include <openssl/pkcs12.h>
+
+#define NOKEYS 0x1
+#define NOCERTS 0x2
+#define INFO 0x4
+#define CLCERTS 0x8
+#define CACERTS 0x10
#define PASSWD_BUF_SIZE 2048
@@ -64,9 +61,9 @@ typedef enum OPTION_choice {
const OPTIONS pkcs12_options[] = {
OPT_SECTION("General"),
{"help", OPT_HELP, '-', "Display this summary"},
-# ifndef OPENSSL_NO_ENGINE
+#ifndef OPENSSL_NO_ENGINE
{"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
-# endif
+#endif
OPT_SECTION("CA"),
{"CApath", OPT_CAPATH, '/', "PEM-format directory of CA's"},
@@ -112,15 +109,15 @@ const OPTIONS pkcs12_options[] = {
{"keysig", OPT_KEYSIG, '-', "Set MS key signature type"},
OPT_SECTION("Encryption"),
-# ifndef OPENSSL_NO_RC2
+#ifndef OPENSSL_NO_RC2
{"descert", OPT_DESCERT, '-',
"Encrypt output with 3DES (default RC2-40)"},
{"certpbe", OPT_CERTPBE, 's',
"Certificate PBE algorithm (default RC2-40)"},
-# else
+#else
{"descert", OPT_DESCERT, '-', "Encrypt output with 3DES (the default)"},
{"certpbe", OPT_CERTPBE, 's', "Certificate PBE algorithm (default 3DES)"},
-# endif
+#endif
{"iter", OPT_ITER, 'p', "Specify the iteration count for encryption key and MAC"},
{"noiter", OPT_NOITER, '-', "Don't use encryption key iteration"},
{"maciter", OPT_MACITER, '-', "Unused, kept for backwards compatibility"},
@@ -141,11 +138,11 @@ int pkcs12_main(int argc, char **argv)
char pass[PASSWD_BUF_SIZE] = "", macpass[PASSWD_BUF_SIZE] = "";
int export_cert = 0, options = 0, chain = 0, twopass = 0, keytype = 0;
int iter = PKCS12_DEFAULT_ITER, maciter = PKCS12_DEFAULT_ITER;
-# ifndef OPENSSL_NO_RC2
+#ifndef OPENSSL_NO_RC2
int cert_pbe = NID_pbe_WithSHA1And40BitRC2_CBC;
-# else
+#else
int cert_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
-# endif
+#endif
int key_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
int ret = 1, macver = 1, add_lmk = 0, private = 0;
int noprompt = 0;
@@ -1008,5 +1005,3 @@ static int set_pbe(int *ppbe, const char *str)
}
return 1;
}
-
-#endif
diff --git a/apps/rsa.c b/apps/rsa.c
index d626bbb31a..25cc6266f8 100644
--- a/apps/rsa.c
+++ b/apps/rsa.c
@@ -11,23 +11,20 @@
#define OPENSSL_SUPPRESS_DEPRECATED
#include <openssl/opensslconf.h>
-#ifdef OPENSSL_NO_RSA
-NON_EMPTY_TRANSLATION_UNIT
-#else
-# include <stdio.h>
-# include <stdlib.h>
-# include <string.h>
-# include <time.h>
-# include "apps.h"
-# include "progs.h"
-# include <openssl/bio.h>
-# include <openssl/err.h>
-# include <openssl/rsa.h>
-# include <openssl/evp.h>
-# include <openssl/x509.h>
-# include <openssl/pem.h>
-# include <openssl/bn.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <time.h>
+#include "apps.h"
+#include "progs.h"
+#include <openssl/bio.h>
+#include <openssl/err.h>
+#include <openssl/rsa.h>
+#include <openssl/evp.h>
+#include <openssl/x509.h>
+#include <openssl/pem.h>
+#include <openssl/bn.h>
typedef enum OPTION_choice {
OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
@@ -45,9 +42,9 @@ const OPTIONS rsa_options[] = {
{"help", OPT_HELP, '-', "Display this summary"},
{"check", OPT_CHECK, '-', "Verify key consistency"},
{"", OPT_CIPHER, '-', "Any supported cipher"},
-# ifndef OPENSSL_NO_ENGINE
+#ifndef OPENSSL_NO_ENGINE
{"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
-# endif
+#endif
OPT_SECTION("Input"),
{"in", OPT_IN, 's', "Input file"},
@@ -66,14 +63,14 @@ const OPTIONS rsa_options[] = {
{"text", OPT_TEXT, '-', "Print the key in text"},
{"modulus", OPT_MODULUS, '-', "Print the RSA key modulus"},
-# if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_RC4)
+#if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_RC4)
OPT_SECTION("PVK"),
{"pvk-strong", OPT_PVK_STRONG, '-', "Enable 'Strong' PVK encoding level (default)"},
{"pvk-weak", OPT_PVK_WEAK, '-', "Enable 'Weak' PVK encoding level"},
{"pvk-none", OPT_PVK_NONE, '-', "Don't enforce PVK encoding"},
-# endif
OPT_PROV_OPTIONS,
+#endif
{NULL}
};
@@ -88,9 +85,9 @@ int rsa_main(int argc, char **argv)
int i, private = 0;
int informat = FORMAT_PEM, outformat = FORMAT_PEM, text = 0, check = 0;
int noout = 0, modulus = 0, pubin = 0, pubout = 0, ret = 1;
-# if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_RC4)
+#if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_RC4)
int pvk_encr = 2;
-# endif
+#endif
OPTION_CHOICE o;
prog = opt_init(argc, argv, rsa_options);
@@ -143,9 +140,9 @@ int rsa_main(int argc, char **argv)
case OPT_PVK_STRONG: /* pvk_encr:= 2 */
case OPT_PVK_WEAK: /* pvk_encr:= 1 */
case OPT_PVK_NONE: /* pvk_encr:= 0 */
-# if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_RC4)
+#if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_RC4)
pvk_encr = (o - OPT_PVK_NONE);
-# endif
+#endif
break;
case OPT_NOOUT:
noout = 1;
@@ -281,7 +278,7 @@ int rsa_main(int argc, char **argv)
i = PEM_write_bio_RSAPrivateKey(out, rsa,
enc, NULL, 0, NULL, passout);
}
-# ifndef OPENSSL_NO_DSA
+#ifndef OPENSSL_NO_DSA
} else if (outformat == FORMAT_MSBLOB || outformat == FORMAT_PVK) {
EVP_PKEY *pk;
pk = EVP_PKEY_new();
@@ -296,13 +293,13 @@ int rsa_main(int argc, char **argv)
goto end;
}
assert(private);
-# ifdef OPENSSL_NO_RC4
+# ifdef OPENSSL_NO_RC4
BIO_printf(bio_err, "PVK format not supported\n");
EVP_PKEY_free(pk);
goto end;
-# else
+# else
i = i2b_PVK_bio(out, pk, pvk_encr, 0, passout);
-# endif
+# endif
} else if (pubin || pubout) {
i = i2b_PublicKey_bio(out, pk);
} else {
@@ -310,7 +307,7 @@ int rsa_main(int argc, char **argv)
i = i2b_PrivateKey_bio(out, pk);
}
EVP_PKEY_free(pk);
-# endif
+#endif
} else {
BIO_printf(bio_err, "bad output format specified for outfile\n");
goto end;
@@ -329,4 +326,3 @@ int rsa_main(int argc, char **argv)
OPENSSL_free(passout);
return ret;
}
-#endif
diff --git a/apps/rsautl.c b/apps/rsautl.c
index b72f527ce4..48d8296c01 100644
--- a/apps/rsautl.c
+++ b/apps/rsautl.c
@@ -11,25 +11,22 @@
#define OPENSSL_SUPPRESS_DEPRECATED
#include <openssl/opensslconf.h>
-#ifdef OPENSSL_NO_RSA
-NON_EMPTY_TRANSLATION_UNIT
-#else
-# include "apps.h"
-# include "progs.h"
-# include <string.h>
-# include <openssl/err.h>
-# include <openssl/pem.h>
-# include <openssl/rsa.h>
+#include "apps.h"
+#include "progs.h"
+#include <string.h>
+#include <openssl/err.h>
+#include <openssl/pem.h>
+#include <openssl/rsa.h>
-# define RSA_SIGN 1
-# define RSA_VERIFY 2
-# define RSA_ENCRYPT 3
-# define RSA_DECRYPT 4
+#define RSA_SIGN 1
+#define RSA_VERIFY 2
+#define RSA_ENCRYPT 3
+#define RSA_DECRYPT 4
-# define KEY_PRIVKEY 1
-# define KEY_PUBKEY 2
-# define KEY_CERT 3
+#define KEY_PRIVKEY 1
+#define KEY_PUBKEY 2
+#define KEY_CERT 3
typedef enum OPTION_choice {
OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
@@ -47,9 +44,9 @@ const OPTIONS rsautl_options[] = {
{"verify", OPT_VERIFY, '-', "Verify with public key"},
{"encrypt", OPT_ENCRYPT, '-', "Encrypt with public key"},
{"decrypt", OPT_DECRYPT, '-', "Decrypt with private key"},
-# ifndef OPENSSL_NO_ENGINE
+#ifndef OPENSSL_NO_ENGINE
{"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
-# endif
+#endif
OPT_SECTION("Input"),
{"in", OPT_IN, '<', "Input file"},
@@ -293,4 +290,3 @@ int rsautl_main(int argc, char **argv)
OPENSSL_free(passin);
return ret;
}
-#endif
diff --git a/apps/srp.c b/apps/srp.c
index 646e86f11a..8fb325feab 100644
--- a/apps/srp.c
+++ b/apps/srp.c
@@ -12,28 +12,25 @@
*/
#include <openssl/opensslconf.h>
-#ifdef OPENSSL_NO_SRP
-NON_EMPTY_TRANSLATION_UNIT
-#else
-# include <stdio.h>
-# include <stdlib.h>
-# include <string.h>
-# include <openssl/conf.h>
-# include <openssl/bio.h>
-# include <openssl/err.h>
-# include <openssl/txt_db.h>
-# include <openssl/buffer.h>
-# include <openssl/srp.h>
-# include "apps.h"
-# include "progs.h"
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <openssl/conf.h>
+#include <openssl/bio.h>
+#include <openssl/err.h>
+#include <openssl/txt_db.h>
+#include <openssl/buffer.h>
+#include <openssl/srp.h>
+#include "apps.h"
+#include "progs.h"
-# define BASE_SECTION "srp"
-# define CONFIG_FILE "openssl.cnf"
+#define BASE_SECTION "srp"
+#define CONFIG_FILE "openssl.cnf"
-# define ENV_DATABASE "srpvfile"
-# define ENV_DEFAULT_SRP "default_srp"
+#define ENV_DATABASE "srpvfile"
+#define ENV_DEFAULT_SRP "default_srp"
static int get_index(CA_DB *db, char *id, char type)
{
@@ -204,9 +201,9 @@ const OPTIONS srp_options[] = {
{"verbose", OPT_VERBOSE, '-', "Talk a lot while doing things"},
{"config", OPT_CONFIG, '<', "A config file"},
{"name", OPT_NAME, 's', "The particular srp definition to use"},
-# ifndef OPENSSL_NO_ENGINE
+#ifndef OPENSSL_NO_ENGINE
{"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
-# endif
+#endif
OPT_SECTION("Action"),
{"add", OPT_ADD, '-', "Add a user and srp verifier"},
@@ -625,4 +622,3 @@ int srp_main(int argc, char **argv)
release_engine(e);
return ret;
}
-#endif
diff --git a/apps/ts.c b/apps/ts.c
index 3d380bebf0..2f21433a6b 100644
--- a/apps/ts.c
+++ b/apps/ts.c
@@ -8,29 +8,26 @@
*/
#include <openssl/opensslconf.h>
-#ifdef OPENSSL_NO_TS
-NON_EMPTY_TRANSLATION_UNIT
-#else
-# include <stdio.h>
-# include <stdlib.h>
-# include <string.h>
-# include "apps.h"
-# include "progs.h"
-# include <openssl/bio.h>
-# include <openssl/err.h>
-# include <openssl/pem.h>
-# include <openssl/rand.h>
-# include <openssl/ts.h>
-# include <openssl/bn.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "apps.h"
+#include "progs.h"
+#include <openssl/bio.h>
+#include <openssl/err.h>
+#include <openssl/pem.h>
+#include <openssl/rand.h>
+#include <openssl/ts.h>
+#include <openssl/bn.h>
/* Request nonce length, in bits (must be a multiple of 8). */
-# define NONCE_LENGTH 64
+#define NONCE_LENGTH 64
/* Name of config entry that defines the OID file. */
-# define ENV_OID_FILE "oid_file"
+#define ENV_OID_FILE "oid_file"
/* Is |EXACTLY_ONE| of three pointers set? */
-# define EXACTLY_ONE(a, b, c) \
+#define EXACTLY_ONE(a, b, c) \
(( a && !b && !c) || \
( b && !a && !c) || \
( c && !a && !b))
@@ -94,9 +91,9 @@ const OPTIONS ts_options[] = {
{"help", OPT_HELP, '-', "Display this summary"},
{"config", OPT_CONFIG, '<', "Configuration file"},
{"section", OPT_SECTION, 's', "Section to use within config file"},
-# ifndef OPENSSL_NO_ENGINE
+#ifndef OPENSSL_NO_ENGINE
{"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
-# endif
+#endif
{"inkey", OPT_INKEY, 's', "File with private key for reply"},
{"signer", OPT_SIGNER, 's', "Signer certificate file"},
{"chain", OPT_CHAIN, '<', "File with signer CA chain"},
@@ -146,11 +143,11 @@ static char* opt_helplist[] = {
" [-signer tsa_cert.pem] [-inkey private_key.pem]",
" [-chain certs_file.pem] [-tspolicy oid]",
" [-in file] [-token_in] [-out file] [-token_out]",
-# ifndef OPENSSL_NO_ENGINE
+#ifndef OPENSSL_NO_ENGINE
" [-text] [-engine id]",
-# else
+#else
" [-text]",
-# endif
+#endif
"",
" openssl ts -verify -CApath dir -CAfile file.pem -CAstore uri",
" -untrusted file.pem [-data file] [-digest hexstring]",
@@ -699,10 +696,10 @@ static TS_RESP *create_response(CONF *conf, const char *section, const char *eng
goto end;
if (!TS_CONF_set_serial(conf, section, serial_cb, resp_ctx))
goto end;
-# ifndef OPENSSL_NO_ENGINE
+#ifndef OPENSSL_NO_ENGINE
if (!TS_CONF_set_crypto_device(conf, section, engine))
goto end;
-# endif
+#endif
if (!TS_CONF_set_signer_cert(conf, section, signer, resp_ctx))
goto end;
if (!TS_CONF_set_certs(conf, section, chain, resp_ctx))
@@ -1013,4 +1010,3 @@ static int verify_cb(int ok, X509_STORE_CTX *ctx)
{
return ok;
}
-#endif /* ndef OPENSSL_NO_TS */
More information about the openssl-commits
mailing list