[openssl] master update
Richard Levitte
levitte at openssl.org
Fri Jun 5 08:01:40 UTC 2020
The branch master has been updated
via eca471391378139f76a7d1229b6a5a1dcc4b5603 (commit)
from 987e3a0eed18a857062df6ae28671feb8929b560 (commit)
- Log -----------------------------------------------------------------
commit eca471391378139f76a7d1229b6a5a1dcc4b5603
Author: Richard Levitte <levitte at openssl.org>
Date: Wed Jun 3 10:49:50 2020 +0200
APPS: Drop interactive mode in the 'openssl' program
This mode is severely untested and unmaintained, is seems not to be
used very much.
Closes #4679
Closes #6292
Reviewed-by: Paul Dale <paul.dale at oracle.com>
Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12023)
-----------------------------------------------------------------------
Summary of changes:
CHANGES.md | 6 ++++
NEWS.md | 1 +
apps/openssl.c | 97 +++++-----------------------------------------------
doc/man1/openssl.pod | 6 +++-
4 files changed, 20 insertions(+), 90 deletions(-)
diff --git a/CHANGES.md b/CHANGES.md
index acb4c904bb..39088d1bc7 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -23,6 +23,12 @@ OpenSSL 3.0
### Changes between 1.1.1 and 3.0 [xx XXX xxxx]
+ * Dropped interactive mode from the 'openssl' program. From now on,
+ the `openssl` command without arguments is equivalent to `openssl
+ help`.
+
+ *Richard Levitte*
+
* Renamed EVP_PKEY_cmp() to EVP_PKEY_eq() and
EVP_PKEY_cmp_parameters() to EVP_PKEY_parameters_eq().
While the old function names have been retained for backward compatibility
diff --git a/NEWS.md b/NEWS.md
index c09e9599a4..29fb641d26 100644
--- a/NEWS.md
+++ b/NEWS.md
@@ -20,6 +20,7 @@ OpenSSL 3.0
### Major changes between OpenSSL 1.1.1 and OpenSSL 3.0 [under development]
+ * Interactive mode is removed from the 'openssl' program.
* The X25519, X448, Ed25519, Ed448 and SHAKE256 algorithms are included in
the FIPS provider. None have the "fips=yes" property set and, as such,
will not be accidentially used.
diff --git a/apps/openssl.c b/apps/openssl.c
index 6265bffa67..7b0ccbcc09 100644
--- a/apps/openssl.c
+++ b/apps/openssl.c
@@ -30,9 +30,6 @@
#include "apps.h"
#include "progs.h"
-/* Special sentinel to exit the program. */
-#define EXIT_THE_PROGRAM (-1)
-
/*
* The LHASH callbacks ("hash" & "cmp") have been replaced by functions with
* the base prototypes (we cast each variable inside the function to the
@@ -212,11 +209,9 @@ int main(int argc, char *argv[])
{
FUNCTION f, *fp;
LHASH_OF(FUNCTION) *prog = NULL;
- char *p, *pname;
- char buf[1024];
- const char *prompt;
+ char *pname;
ARGS arg;
- int first, n, i, ret = 0;
+ int ret = 0;
arg.argv = NULL;
arg.size = 0;
@@ -264,89 +259,17 @@ int main(int argc, char *argv[])
/* first check the program name */
f.name = pname;
fp = lh_FUNCTION_retrieve(prog, &f);
- if (fp != NULL) {
- argv[0] = pname;
- if (fp->deprecated_alternative != NULL)
- warn_deprecated(fp);
- ret = fp->func(argc, argv);
- goto end;
- }
-
- /* If there is stuff on the command line, run with that. */
- if (argc != 1) {
+ if (fp == NULL) {
+ /* We assume we've been called as 'openssl cmd' */
argc--;
argv++;
- ret = do_cmd(prog, argc, argv);
- if (ret < 0)
- ret = 0;
- goto end;
}
- /* ok, lets enter interactive mode */
- for (;;) {
- ret = 0;
- /* Read a line, continue reading if line ends with \ */
- for (p = buf, n = sizeof(buf), i = 0, first = 1; n > 0; first = 0) {
- prompt = first ? "OpenSSL> " : "> ";
- p[0] = '\0';
-#ifndef READLINE
- fputs(prompt, stdout);
- fflush(stdout);
- if (!fgets(p, n, stdin))
- goto end;
- if (p[0] == '\0')
- goto end;
- i = strlen(p);
- if (i <= 1)
- break;
- if (p[i - 2] != '\\')
- break;
- i -= 2;
- p += i;
- n -= i;
-#else
- {
- extern char *readline(const char *);
- extern void add_history(const char *cp);
- char *text;
-
- text = readline(prompt);
- if (text == NULL)
- goto end;
- i = strlen(text);
- if (i == 0 || i > n)
- break;
- if (text[i - 1] != '\\') {
- p += strlen(strcpy(p, text));
- free(text);
- add_history(buf);
- break;
- }
-
- text[i - 1] = '\0';
- p += strlen(strcpy(p, text));
- free(text);
- n -= i;
- }
-#endif
- }
+ /* If there's a command, run with that, otherwise "help". */
+ ret = argc > 0
+ ? do_cmd(prog, argc, argv)
+ : help_main(argc, argv);
- if (!chopup_args(&arg, buf)) {
- BIO_printf(bio_err, "Can't parse (no memory?)\n");
- break;
- }
-
- ret = do_cmd(prog, arg.argc, arg.argv);
- if (ret == EXIT_THE_PROGRAM) {
- ret = 0;
- goto end;
- }
- if (ret != 0)
- BIO_printf(bio_err, "error in %s\n", arg.argv[0]);
- (void)BIO_flush(bio_out);
- (void)BIO_flush(bio_err);
- }
- ret = 1;
end:
app_providers_cleanup();
OPENSSL_free(default_config_file);
@@ -479,10 +402,6 @@ static int do_cmd(LHASH_OF(FUNCTION) *prog, int argc, char *argv[])
BIO_printf(bio_out, "%s\n", argv[0] + 3);
return 1;
}
- if (strcmp(argv[0], "quit") == 0 || strcmp(argv[0], "q") == 0 ||
- strcmp(argv[0], "exit") == 0 || strcmp(argv[0], "bye") == 0)
- /* Special value to mean "exit the program. */
- return EXIT_THE_PROGRAM;
BIO_printf(bio_err, "Invalid command '%s'; type \"help\" for a list.\n",
argv[0]);
diff --git a/doc/man1/openssl.pod b/doc/man1/openssl.pod
index 4bf1a00b0e..c9e75eb526 100644
--- a/doc/man1/openssl.pod
+++ b/doc/man1/openssl.pod
@@ -1405,7 +1405,11 @@ The B<-issuer_checks> option is deprecated as of OpenSSL 1.1.0 and
is silently ignored.
The B<-xcertform> and B<-xkeyform> options
-are obsolete since OpenSSL 3.0.0 and have no effect.
+are obsolete since OpenSSL 3.0 and have no effect.
+
+The interactive mode, which could be invoked by running C<openssl>
+with no further arguments, was removed in OpenSSL 3.0, and running
+that program with no arguments is now equivalent to C<openssl help>.
=head1 COPYRIGHT
More information about the openssl-commits
mailing list