[openssl] master update
beldmit at gmail.com
beldmit at gmail.com
Tue Apr 20 08:13:48 UTC 2021
The branch master has been updated
via a78c7c0bfe56d67022ca18cfabefc73926dde0ae (commit)
via 99adfa455ccd1abb73e264224c33c09e586776d2 (commit)
via 606a417fb2b6ce5d1d112f2f3f710c8085744627 (commit)
from c39352e4e4952a9f4b2171134af0e015a4d40768 (commit)
- Log -----------------------------------------------------------------
commit a78c7c0bfe56d67022ca18cfabefc73926dde0ae
Author: Rich Salz <rsalz at akamai.com>
Date: Fri Apr 16 11:29:35 2021 -0400
Flip ordering back
Reviewed-by: Richard Levitte <levitte at openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit at gmail.com>
(Merged from https://github.com/openssl/openssl/pull/14219)
commit 99adfa455ccd1abb73e264224c33c09e586776d2
Author: Rich Salz <rsalz at akamai.com>
Date: Thu Apr 15 17:00:57 2021 -0400
Fetch before get-by-name
This causes tests to break. Pushing it to help others debug.
Reviewed-by: Richard Levitte <levitte at openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit at gmail.com>
(Merged from https://github.com/openssl/openssl/pull/14219)
commit 606a417fb2b6ce5d1d112f2f3f710c8085744627
Author: Rich Salz <rsalz at akamai.com>
Date: Wed Feb 17 16:15:27 2021 -0500
Fetch and free cipher and md's
Reviewed-by: Richard Levitte <levitte at openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit at gmail.com>
(Merged from https://github.com/openssl/openssl/pull/14219)
-----------------------------------------------------------------------
Summary of changes:
apps/ca.c | 5 +++--
apps/cms.c | 17 ++++++++++-------
apps/crl.c | 3 ++-
apps/dgst.c | 10 ++++++----
apps/dsa.c | 3 ++-
apps/ec.c | 3 ++-
apps/enc.c | 8 +++++---
apps/gendsa.c | 3 ++-
apps/genpkey.c | 3 ++-
apps/genrsa.c | 3 ++-
apps/include/opt.h | 4 ++--
apps/lib/opt.c | 14 ++++++++++----
apps/ocsp.c | 14 ++++++++------
apps/pkcs12.c | 9 +++++----
apps/pkcs8.c | 9 +++++----
apps/pkey.c | 3 ++-
apps/pkeyutl.c | 2 ++
apps/req.c | 8 +++++---
apps/rsa.c | 3 ++-
apps/smime.c | 8 +++++---
apps/storeutl.c | 3 ++-
apps/ts.c | 3 ++-
apps/x509.c | 3 ++-
23 files changed, 88 insertions(+), 53 deletions(-)
diff --git a/apps/ca.c b/apps/ca.c
index cec5c8f1ac..6c1df8d2e3 100755
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -270,7 +270,7 @@ int ca_main(int argc, char **argv)
STACK_OF(OPENSSL_STRING) *sigopts = NULL, *vfyopts = NULL;
STACK_OF(X509) *cert_sk = NULL;
X509_CRL *crl = NULL;
- const EVP_MD *dgst = NULL;
+ EVP_MD *dgst = NULL;
char *configfile = default_config_file, *section = NULL;
char *md = NULL, *policy = NULL, *keyfile = NULL;
char *certfile = NULL, *crl_ext = NULL, *crlnumberfile = NULL;
@@ -795,7 +795,7 @@ end_of_options:
*/
if (def_ret == 2 && def_nid == NID_undef) {
/* The signing algorithm requires there to be no digest */
- dgst = EVP_md_null();
+ dgst = (EVP_MD *)EVP_md_null();
} else if (md == NULL
&& (md = lookup_conf(conf, section, ENV_DEFAULT_MD)) == NULL) {
goto end;
@@ -1330,6 +1330,7 @@ end_of_options:
sk_OPENSSL_STRING_free(sigopts);
sk_OPENSSL_STRING_free(vfyopts);
EVP_PKEY_free(pkey);
+ EVP_MD_free(dgst);
X509_free(x509);
X509_CRL_free(crl);
NCONF_free(conf);
diff --git a/apps/cms.c b/apps/cms.c
index 56f0b37bbf..b55e0063dd 100644
--- a/apps/cms.c
+++ b/apps/cms.c
@@ -276,8 +276,8 @@ int cms_main(int argc, char **argv)
CMS_ReceiptRequest *rr = NULL;
ENGINE *e = NULL;
EVP_PKEY *key = NULL;
- const EVP_CIPHER *cipher = NULL, *wrap_cipher = NULL;
- const EVP_MD *sign_md = NULL;
+ EVP_CIPHER *cipher = NULL, *wrap_cipher = NULL;
+ EVP_MD *sign_md = NULL;
STACK_OF(OPENSSL_STRING) *rr_to = NULL, *rr_from = NULL;
STACK_OF(OPENSSL_STRING) *sksigners = NULL, *skkeys = NULL;
STACK_OF(X509) *encerts = NULL, *other = NULL;
@@ -679,17 +679,17 @@ int cms_main(int argc, char **argv)
break;
case OPT_3DES_WRAP:
# ifndef OPENSSL_NO_DES
- wrap_cipher = EVP_des_ede3_wrap();
+ wrap_cipher = (EVP_CIPHER *)EVP_des_ede3_wrap();
# endif
break;
case OPT_AES128_WRAP:
- wrap_cipher = EVP_aes_128_wrap();
+ wrap_cipher = (EVP_CIPHER *)EVP_aes_128_wrap();
break;
case OPT_AES192_WRAP:
- wrap_cipher = EVP_aes_192_wrap();
+ wrap_cipher = (EVP_CIPHER *)EVP_aes_192_wrap();
break;
case OPT_AES256_WRAP:
- wrap_cipher = EVP_aes_256_wrap();
+ wrap_cipher = (EVP_CIPHER *)EVP_aes_256_wrap();
break;
case OPT_WRAP:
if (!opt_cipher(opt_unknown(), &wrap_cipher))
@@ -803,7 +803,7 @@ int cms_main(int argc, char **argv)
if (operation == SMIME_ENCRYPT) {
if (!cipher) {
# ifndef OPENSSL_NO_DES
- cipher = EVP_des_ede3_cbc();
+ cipher = (EVP_CIPHER *)EVP_des_ede3_cbc();
# else
BIO_printf(bio_err, "No cipher selected\n");
goto end;
@@ -1249,6 +1249,9 @@ int cms_main(int argc, char **argv)
X509_free(recip);
X509_free(signer);
EVP_PKEY_free(key);
+ EVP_CIPHER_free(cipher);
+ EVP_CIPHER_free(wrap_cipher);
+ EVP_MD_free(sign_md);
CMS_ContentInfo_free(cms);
CMS_ContentInfo_free(rcms);
release_engine(e);
diff --git a/apps/crl.c b/apps/crl.c
index e8b501a8af..7f09d476c1 100644
--- a/apps/crl.c
+++ b/apps/crl.c
@@ -82,7 +82,7 @@ int crl_main(int argc, char **argv)
X509_LOOKUP *lookup = NULL;
X509_OBJECT *xobj = NULL;
EVP_PKEY *pkey;
- const EVP_MD *digest = EVP_sha1();
+ EVP_MD *digest = (EVP_MD *)EVP_sha1();
char *infile = NULL, *outfile = NULL, *crldiff = NULL, *keyfile = NULL;
char *digestname = NULL;
const char *CAfile = NULL, *CApath = NULL, *CAstore = NULL, *prog;
@@ -381,6 +381,7 @@ int crl_main(int argc, char **argv)
if (ret != 0)
ERR_print_errors(bio_err);
BIO_free_all(out);
+ EVP_MD_free(digest);
X509_CRL_free(x);
X509_STORE_CTX_free(ctx);
X509_STORE_free(store);
diff --git a/apps/dgst.c b/apps/dgst.c
index 5ddbef8bcc..13a4e0773b 100644
--- a/apps/dgst.c
+++ b/apps/dgst.c
@@ -99,7 +99,7 @@ int dgst_main(int argc, char **argv)
char *hmac_key = NULL;
char *mac_name = NULL, *digestname = NULL;
char *passinarg = NULL, *passin = NULL;
- const EVP_MD *md = NULL;
+ EVP_MD *md = NULL;
const char *outfile = NULL, *keyfile = NULL, *prog = NULL;
const char *sigfile = NULL;
const char *md_name = NULL;
@@ -112,7 +112,7 @@ int dgst_main(int argc, char **argv)
struct doall_dgst_digests dec;
buf = app_malloc(BUFSIZE, "I/O buffer");
- md = EVP_get_digestbyname(argv[0]);
+ md = (EVP_MD *)EVP_get_digestbyname(argv[0]);
prog = opt_init(argc, argv, dgst_options);
while ((o = opt_next()) != OPT_EOF) {
@@ -375,7 +375,7 @@ int dgst_main(int argc, char **argv)
goto end;
}
if (md == NULL)
- md = EVP_sha256();
+ md = (EVP_MD *)EVP_sha256();
if (!EVP_DigestInit_ex(mctx, md, impl)) {
BIO_printf(bio_err, "Error setting digest\n");
ERR_print_errors(bio_err);
@@ -404,8 +404,9 @@ int dgst_main(int argc, char **argv)
if (md == NULL) {
EVP_MD_CTX *tctx;
+
BIO_get_md_ctx(bmd, &tctx);
- md = EVP_MD_CTX_get0_md(tctx);
+ md = EVP_MD_CTX_get1_md(tctx);
}
if (md != NULL)
md_name = EVP_MD_name(md);
@@ -452,6 +453,7 @@ int dgst_main(int argc, char **argv)
BIO_free(in);
OPENSSL_free(passin);
BIO_free_all(out);
+ EVP_MD_free(md);
EVP_PKEY_free(sigkey);
sk_OPENSSL_STRING_free(sigopts);
sk_OPENSSL_STRING_free(macopts);
diff --git a/apps/dsa.c b/apps/dsa.c
index 3a799ea17f..9ea1098514 100644
--- a/apps/dsa.c
+++ b/apps/dsa.c
@@ -79,7 +79,7 @@ int dsa_main(int argc, char **argv)
BIO *out = NULL;
ENGINE *e = NULL;
EVP_PKEY *pkey = NULL;
- const EVP_CIPHER *enc = NULL;
+ EVP_CIPHER *enc = NULL;
char *infile = NULL, *outfile = NULL, *prog;
char *passin = NULL, *passout = NULL, *passinarg = NULL, *passoutarg = NULL;
OPTION_CHOICE o;
@@ -289,6 +289,7 @@ int dsa_main(int argc, char **argv)
OSSL_ENCODER_CTX_free(ectx);
BIO_free_all(out);
EVP_PKEY_free(pkey);
+ EVP_CIPHER_free(enc);
release_engine(e);
OPENSSL_free(passin);
OPENSSL_free(passout);
diff --git a/apps/ec.c b/apps/ec.c
index 490a64122b..3d5371ccdc 100644
--- a/apps/ec.c
+++ b/apps/ec.c
@@ -69,7 +69,7 @@ int ec_main(int argc, char **argv)
EVP_PKEY *eckey = NULL;
BIO *in = NULL, *out = NULL;
ENGINE *e = NULL;
- const EVP_CIPHER *enc = NULL;
+ EVP_CIPHER *enc = NULL;
char *infile = NULL, *outfile = NULL, *ciphername = NULL, *prog;
char *passin = NULL, *passout = NULL, *passinarg = NULL, *passoutarg = NULL;
OPTION_CHOICE o;
@@ -279,6 +279,7 @@ end:
BIO_free(in);
BIO_free_all(out);
EVP_PKEY_free(eckey);
+ EVP_CIPHER_free(enc);
OSSL_ENCODER_CTX_free(ectx);
OSSL_DECODER_CTX_free(dctx);
EVP_PKEY_CTX_free(pctx);
diff --git a/apps/enc.c b/apps/enc.c
index 3647a1ce61..242d3ef0aa 100644
--- a/apps/enc.c
+++ b/apps/enc.c
@@ -109,8 +109,8 @@ int enc_main(int argc, char **argv)
BIO *in = NULL, *out = NULL, *b64 = NULL, *benc = NULL, *rbio =
NULL, *wbio = NULL;
EVP_CIPHER_CTX *ctx = NULL;
- const EVP_CIPHER *cipher = NULL;
- const EVP_MD *dgst = NULL;
+ EVP_CIPHER *cipher = NULL;
+ EVP_MD *dgst = NULL;
const char *digestname = NULL;
char *hkey = NULL, *hiv = NULL, *hsalt = NULL, *p;
char *infile = NULL, *outfile = NULL, *prog;
@@ -314,7 +314,7 @@ int enc_main(int argc, char **argv)
goto opthelp;
}
if (dgst == NULL)
- dgst = EVP_sha256();
+ dgst = (EVP_MD *)EVP_sha256();
if (iter == 0)
iter = 1;
@@ -633,6 +633,8 @@ int enc_main(int argc, char **argv)
BIO_free_all(out);
BIO_free(benc);
BIO_free(b64);
+ EVP_MD_free(dgst);
+ EVP_CIPHER_free(cipher);
#ifdef ZLIB
BIO_free(bzl);
#endif
diff --git a/apps/gendsa.c b/apps/gendsa.c
index 97904d2c82..38d7b4a3eb 100644
--- a/apps/gendsa.c
+++ b/apps/gendsa.c
@@ -56,7 +56,7 @@ int gendsa_main(int argc, char **argv)
BIO *out = NULL, *in = NULL;
EVP_PKEY *pkey = NULL;
EVP_PKEY_CTX *ctx = NULL;
- const EVP_CIPHER *enc = NULL;
+ EVP_CIPHER *enc = NULL;
char *dsaparams = NULL, *ciphername = NULL;
char *outfile = NULL, *passoutarg = NULL, *passout = NULL, *prog;
OPTION_CHOICE o;
@@ -166,6 +166,7 @@ int gendsa_main(int argc, char **argv)
BIO_free_all(out);
EVP_PKEY_free(pkey);
EVP_PKEY_CTX_free(ctx);
+ EVP_CIPHER_free(enc);
release_engine(e);
OPENSSL_free(passout);
return ret;
diff --git a/apps/genpkey.c b/apps/genpkey.c
index 4d28b4ecc2..746cd5902f 100644
--- a/apps/genpkey.c
+++ b/apps/genpkey.c
@@ -64,7 +64,7 @@ int genpkey_main(int argc, char **argv)
EVP_PKEY_CTX *ctx = NULL;
char *outfile = NULL, *passarg = NULL, *pass = NULL, *prog, *p;
const char *ciphername = NULL, *paramfile = NULL, *algname = NULL;
- const EVP_CIPHER *cipher = NULL;
+ EVP_CIPHER *cipher = NULL;
OPTION_CHOICE o;
int outformat = FORMAT_PEM, text = 0, ret = 1, rv, do_param = 0;
int private = 0, i, m;
@@ -234,6 +234,7 @@ int genpkey_main(int argc, char **argv)
sk_OPENSSL_STRING_free(keyopt);
EVP_PKEY_free(pkey);
EVP_PKEY_CTX_free(ctx);
+ EVP_CIPHER_free(cipher);
BIO_free_all(out);
BIO_free(in);
release_engine(e);
diff --git a/apps/genrsa.c b/apps/genrsa.c
index ab991d2385..ee68d67043 100644
--- a/apps/genrsa.c
+++ b/apps/genrsa.c
@@ -82,7 +82,7 @@ int genrsa_main(int argc, char **argv)
BIO *out = NULL;
EVP_PKEY *pkey = NULL;
EVP_PKEY_CTX *ctx = NULL;
- const EVP_CIPHER *enc = NULL;
+ EVP_CIPHER *enc = NULL;
int ret = 1, num = DEFBITS, private = 0, primes = DEFPRIMES;
unsigned long f4 = RSA_F4;
char *outfile = NULL, *passoutarg = NULL, *passout = NULL;
@@ -243,6 +243,7 @@ opthelp:
BN_GENCB_free(cb);
EVP_PKEY_CTX_free(ctx);
EVP_PKEY_free(pkey);
+ EVP_CIPHER_free(enc);
BIO_free_all(out);
release_engine(eng);
OPENSSL_free(passout);
diff --git a/apps/include/opt.h b/apps/include/opt.h
index 3d79224d04..79018c8cb8 100644
--- a/apps/include/opt.h
+++ b/apps/include/opt.h
@@ -366,8 +366,8 @@ int opt_umax(const char *arg, uintmax_t *result);
#endif
int opt_pair(const char *arg, const OPT_PAIR * pairs, int *result);
int opt_string(const char *name, const char **options);
-int opt_cipher(const char *name, const EVP_CIPHER **cipherp);
-int opt_md(const char *name, const EVP_MD **mdp);
+int opt_cipher(const char *name, EVP_CIPHER **cipherp);
+int opt_md(const char *name, EVP_MD **mdp);
char *opt_arg(void);
char *opt_flag(void);
char *opt_unknown(void);
diff --git a/apps/lib/opt.c b/apps/lib/opt.c
index 4077cf2936..d22a884e67 100644
--- a/apps/lib/opt.c
+++ b/apps/lib/opt.c
@@ -356,9 +356,12 @@ void print_format_error(int format, unsigned long flags)
}
/* Parse a cipher name, put it in *EVP_CIPHER; return 0 on failure, else 1. */
-int opt_cipher(const char *name, const EVP_CIPHER **cipherp)
+int opt_cipher(const char *name, EVP_CIPHER **cipherp)
{
- *cipherp = EVP_get_cipherbyname(name);
+ *cipherp = EVP_CIPHER_fetch(NULL, name, NULL);
+ if (*cipherp != NULL)
+ return 1;
+ *cipherp = (EVP_CIPHER *)EVP_get_cipherbyname(name);
if (*cipherp != NULL)
return 1;
opt_printf_stderr("%s: Unknown cipher: %s\n", prog, name);
@@ -368,9 +371,12 @@ int opt_cipher(const char *name, const EVP_CIPHER **cipherp)
/*
* Parse message digest name, put it in *EVP_MD; return 0 on failure, else 1.
*/
-int opt_md(const char *name, const EVP_MD **mdp)
+int opt_md(const char *name, EVP_MD **mdp)
{
- *mdp = EVP_get_digestbyname(name);
+ *mdp = (EVP_MD *)EVP_get_digestbyname(name);
+ if (*mdp != NULL)
+ return 1;
+ *mdp = EVP_MD_fetch(NULL, name, NULL);
if (*mdp != NULL)
return 1;
opt_printf_stderr("%s: Unknown option or message digest: %s\n", prog,
diff --git a/apps/ocsp.c b/apps/ocsp.c
index 7d64ee2d02..a4d2e63654 100644
--- a/apps/ocsp.c
+++ b/apps/ocsp.c
@@ -203,7 +203,7 @@ const OPTIONS ocsp_options[] = {
int ocsp_main(int argc, char **argv)
{
BIO *acbio = NULL, *cbio = NULL, *derbio = NULL, *out = NULL;
- const EVP_MD *cert_id_md = NULL, *rsign_md = NULL;
+ EVP_MD *cert_id_md = NULL, *rsign_md = NULL;
STACK_OF(OPENSSL_STRING) *rsign_sigopts = NULL;
int trailing_md = 0;
CA_DB *rdb = NULL;
@@ -218,7 +218,7 @@ int ocsp_main(int argc, char **argv)
STACK_OF(X509) *issuers = NULL;
X509 *issuer = NULL, *cert = NULL;
STACK_OF(X509) *rca_cert = NULL;
- const EVP_MD *resp_certid_md = NULL;
+ EVP_MD *resp_certid_md = NULL;
X509 *signer = NULL, *rsigner = NULL;
X509_STORE *store = NULL;
X509_VERIFY_PARAM *vpm = NULL;
@@ -418,7 +418,7 @@ int ocsp_main(int argc, char **argv)
if (cert == NULL)
goto end;
if (cert_id_md == NULL)
- cert_id_md = EVP_sha1();
+ cert_id_md = (EVP_MD *)EVP_sha1();
if (!add_ocsp_cert(&req, cert, cert_id_md, issuer, ids))
goto end;
if (!sk_OPENSSL_STRING_push(reqnames, opt_arg()))
@@ -427,7 +427,7 @@ int ocsp_main(int argc, char **argv)
break;
case OPT_SERIAL:
if (cert_id_md == NULL)
- cert_id_md = EVP_sha1();
+ cert_id_md = (EVP_MD *)EVP_sha1();
if (!add_ocsp_serial(&req, opt_arg(), cert_id_md, issuer, ids))
goto end;
if (!sk_OPENSSL_STRING_push(reqnames, opt_arg()))
@@ -485,8 +485,7 @@ int ocsp_main(int argc, char **argv)
goto end;
break;
case OPT_RCID:
- resp_certid_md = EVP_get_digestbyname(opt_arg());
- if (resp_certid_md == NULL)
+ if (!opt_md(opt_arg(), &resp_certid_md))
goto opthelp;
break;
case OPT_MD:
@@ -827,6 +826,9 @@ redo_accept:
sk_OPENSSL_STRING_free(rsign_sigopts);
EVP_PKEY_free(key);
EVP_PKEY_free(rkey);
+ EVP_MD_free(cert_id_md);
+ EVP_MD_free(rsign_md);
+ EVP_MD_free(resp_certid_md);
X509_free(cert);
sk_X509_pop_free(issuers, X509_free);
X509_free(rsigner);
diff --git a/apps/pkcs12.c b/apps/pkcs12.c
index 8c515870de..e8adeccb5c 100644
--- a/apps/pkcs12.c
+++ b/apps/pkcs12.c
@@ -165,8 +165,8 @@ int pkcs12_main(int argc, char **argv)
BIO *in = NULL, *out = NULL;
PKCS12 *p12 = NULL;
STACK_OF(OPENSSL_STRING) *canames = NULL;
- const EVP_CIPHER *const default_enc = EVP_aes_256_cbc();
- const EVP_CIPHER *enc = default_enc;
+ EVP_CIPHER *default_enc = (EVP_CIPHER *)EVP_aes_256_cbc();
+ EVP_CIPHER *enc = (EVP_CIPHER *)default_enc;
OPTION_CHOICE o;
prog = opt_init(argc, argv, pkcs12_options);
@@ -433,7 +433,7 @@ int pkcs12_main(int argc, char **argv)
if (key_pbe == NID_undef)
key_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
if (enc == default_enc)
- enc = EVP_des_ede3_cbc();
+ enc = (EVP_CIPHER *)EVP_des_ede3_cbc();
if (macalg == NULL)
macalg = "sha1";
}
@@ -501,7 +501,7 @@ int pkcs12_main(int argc, char **argv)
X509 *ee_cert = NULL, *x = NULL;
STACK_OF(X509) *certs = NULL;
STACK_OF(X509) *untrusted_certs = NULL;
- const EVP_MD *macmd = NULL;
+ EVP_MD *macmd = NULL;
unsigned char *catmp = NULL;
int i;
@@ -679,6 +679,7 @@ int pkcs12_main(int argc, char **argv)
export_end:
EVP_PKEY_free(key);
+ EVP_MD_free(macmd);
sk_X509_pop_free(certs, X509_free);
sk_X509_pop_free(untrusted_certs, X509_free);
X509_free(ee_cert);
diff --git a/apps/pkcs8.c b/apps/pkcs8.c
index cfcb341787..653cb45faa 100644
--- a/apps/pkcs8.c
+++ b/apps/pkcs8.c
@@ -74,7 +74,7 @@ int pkcs8_main(int argc, char **argv)
EVP_PKEY *pkey = NULL;
PKCS8_PRIV_KEY_INFO *p8inf = NULL;
X509_SIG *p8 = NULL;
- const EVP_CIPHER *cipher = NULL;
+ EVP_CIPHER *cipher = NULL;
char *infile = NULL, *outfile = NULL, *ciphername = NULL;
char *passinarg = NULL, *passoutarg = NULL, *prog;
#ifndef OPENSSL_NO_UI_CONSOLE
@@ -154,7 +154,7 @@ int pkcs8_main(int argc, char **argv)
goto opthelp;
}
if (cipher == NULL)
- cipher = EVP_aes_256_cbc();
+ cipher = (EVP_CIPHER *)EVP_aes_256_cbc();
break;
case OPT_ITER:
if (!opt_int(opt_arg(), &iter))
@@ -175,7 +175,7 @@ int pkcs8_main(int argc, char **argv)
scrypt_r = 8;
scrypt_p = 1;
if (cipher == NULL)
- cipher = EVP_aes_256_cbc();
+ cipher = (EVP_CIPHER *)EVP_aes_256_cbc();
break;
case OPT_SCRYPT_N:
if (!opt_long(opt_arg(), &scrypt_N) || scrypt_N <= 0)
@@ -213,7 +213,7 @@ int pkcs8_main(int argc, char **argv)
}
if ((pbe_nid == -1) && cipher == NULL)
- cipher = EVP_aes_256_cbc();
+ cipher = (EVP_CIPHER *)EVP_aes_256_cbc();
in = bio_open_default(infile, 'r', informat);
if (in == NULL)
@@ -370,6 +370,7 @@ int pkcs8_main(int argc, char **argv)
X509_SIG_free(p8);
PKCS8_PRIV_KEY_INFO_free(p8inf);
EVP_PKEY_free(pkey);
+ EVP_CIPHER_free(cipher);
release_engine(e);
BIO_free_all(out);
BIO_free(in);
diff --git a/apps/pkey.c b/apps/pkey.c
index 5cf0abe04b..0587aacc30 100644
--- a/apps/pkey.c
+++ b/apps/pkey.c
@@ -71,7 +71,7 @@ int pkey_main(int argc, char **argv)
ENGINE *e = NULL;
EVP_PKEY *pkey = NULL;
EVP_PKEY_CTX *ctx = NULL;
- const EVP_CIPHER *cipher = NULL;
+ EVP_CIPHER *cipher = NULL;
char *infile = NULL, *outfile = NULL, *passin = NULL, *passout = NULL;
char *passinarg = NULL, *passoutarg = NULL, *ciphername = NULL, *prog;
OPTION_CHOICE o;
@@ -318,6 +318,7 @@ int pkey_main(int argc, char **argv)
ERR_print_errors(bio_err);
EVP_PKEY_CTX_free(ctx);
EVP_PKEY_free(pkey);
+ EVP_CIPHER_free(cipher);
release_engine(e);
BIO_free_all(out);
BIO_free(in);
diff --git a/apps/pkeyutl.c b/apps/pkeyutl.c
index fd1cdf8f4b..a9571b5f63 100644
--- a/apps/pkeyutl.c
+++ b/apps/pkeyutl.c
@@ -124,6 +124,7 @@ int pkeyutl_main(int argc, char **argv)
STACK_OF(OPENSSL_STRING) *pkeyopts_passin = NULL;
int rawin = 0;
EVP_MD_CTX *mctx = NULL;
+ EVP_MD *md = NULL;
int filesize = -1;
OSSL_LIB_CTX *libctx = app_get0_libctx();
@@ -507,6 +508,7 @@ int pkeyutl_main(int argc, char **argv)
end:
EVP_MD_CTX_free(mctx);
EVP_PKEY_CTX_free(ctx);
+ EVP_MD_free(md);
release_engine(e);
BIO_free(in);
BIO_free_all(out);
diff --git a/apps/req.c b/apps/req.c
index 1b17adb6f4..4e1cae6ba6 100644
--- a/apps/req.c
+++ b/apps/req.c
@@ -239,8 +239,8 @@ int req_main(int argc, char **argv)
LHASH_OF(OPENSSL_STRING) *addexts = NULL;
X509 *new_x509 = NULL, *CAcert = NULL;
X509_REQ *req = NULL;
- const EVP_CIPHER *cipher = NULL;
- const EVP_MD *md_alg = NULL, *digest = NULL;
+ EVP_CIPHER *cipher = NULL;
+ EVP_MD *md_alg = NULL, *digest = NULL;
int ext_copy = EXT_COPY_UNSET;
BIO *addext_bio = NULL;
char *extensions = NULL;
@@ -264,7 +264,7 @@ int req_main(int argc, char **argv)
unsigned long chtype = MBSTRING_ASC, reqflag = 0;
#ifndef OPENSSL_NO_DES
- cipher = EVP_des_ede3_cbc();
+ cipher = (EVP_CIPHER *)EVP_des_ede3_cbc();
#endif
prog = opt_init(argc, argv, req_options);
@@ -1058,6 +1058,8 @@ int req_main(int argc, char **argv)
BIO_free(addext_bio);
BIO_free_all(out);
EVP_PKEY_free(pkey);
+ EVP_MD_free(md_alg);
+ EVP_MD_free(digest);
EVP_PKEY_CTX_free(genctx);
sk_OPENSSL_STRING_free(pkeyopts);
sk_OPENSSL_STRING_free(sigopts);
diff --git a/apps/rsa.c b/apps/rsa.c
index 251f84f210..fc1db506d7 100644
--- a/apps/rsa.c
+++ b/apps/rsa.c
@@ -92,7 +92,7 @@ int rsa_main(int argc, char **argv)
BIO *out = NULL;
EVP_PKEY *pkey = NULL;
EVP_PKEY_CTX *pctx;
- const EVP_CIPHER *enc = NULL;
+ EVP_CIPHER *enc = NULL;
char *infile = NULL, *outfile = NULL, *ciphername = NULL, *prog;
char *passin = NULL, *passout = NULL, *passinarg = NULL, *passoutarg = NULL;
int private = 0;
@@ -357,6 +357,7 @@ int rsa_main(int argc, char **argv)
release_engine(e);
BIO_free_all(out);
EVP_PKEY_free(pkey);
+ EVP_CIPHER_free(enc);
OPENSSL_free(passin);
OPENSSL_free(passout);
return ret;
diff --git a/apps/smime.c b/apps/smime.c
index 98a2f32b4a..ed12b92193 100644
--- a/apps/smime.c
+++ b/apps/smime.c
@@ -140,8 +140,8 @@ int smime_main(int argc, char **argv)
X509 *cert = NULL, *recip = NULL, *signer = NULL;
X509_STORE *store = NULL;
X509_VERIFY_PARAM *vpm = NULL;
- const EVP_CIPHER *cipher = NULL;
- const EVP_MD *sign_md = NULL;
+ EVP_CIPHER *cipher = NULL;
+ EVP_MD *sign_md = NULL;
const char *CAfile = NULL, *CApath = NULL, *CAstore = NULL, *prog = NULL;
char *certfile = NULL, *keyfile = NULL, *contfile = NULL;
char *infile = NULL, *outfile = NULL, *signerfile = NULL, *recipfile = NULL;
@@ -439,7 +439,7 @@ int smime_main(int argc, char **argv)
if (operation == SMIME_ENCRYPT) {
if (cipher == NULL) {
#ifndef OPENSSL_NO_DES
- cipher = EVP_des_ede3_cbc();
+ cipher = (EVP_CIPHER *)EVP_des_ede3_cbc();
#else
BIO_printf(bio_err, "No cipher selected\n");
goto end;
@@ -662,6 +662,8 @@ int smime_main(int argc, char **argv)
X509_free(recip);
X509_free(signer);
EVP_PKEY_free(key);
+ EVP_MD_free(sign_md);
+ EVP_CIPHER_free(cipher);
PKCS7_free(p7);
release_engine(e);
BIO_free(in);
diff --git a/apps/storeutl.c b/apps/storeutl.c
index 618b6b480e..7fec56c9ea 100644
--- a/apps/storeutl.c
+++ b/apps/storeutl.c
@@ -83,7 +83,7 @@ int storeutl_main(int argc, char *argv[])
size_t fingerprintlen = 0;
char *alias = NULL, *digestname = NULL;
OSSL_STORE_SEARCH *search = NULL;
- const EVP_MD *digest = NULL;
+ EVP_MD *digest = NULL;
OSSL_LIB_CTX *libctx = app_get0_libctx();
while ((o = opt_next()) != OPT_EOF) {
@@ -322,6 +322,7 @@ int storeutl_main(int argc, char *argv[])
text, noout, recursive, 0, out, prog, libctx);
end:
+ EVP_MD_free(digest);
OPENSSL_free(fingerprint);
OPENSSL_free(alias);
ASN1_INTEGER_free(serial);
diff --git a/apps/ts.c b/apps/ts.c
index b4a5e85fea..ad6a3d382b 100644
--- a/apps/ts.c
+++ b/apps/ts.c
@@ -168,7 +168,7 @@ int ts_main(int argc, char **argv)
char *in = NULL, *out = NULL, *queryfile = NULL, *passin = NULL;
char *inkey = NULL, *signer = NULL, *chain = NULL, *CApath = NULL;
char *CAstore = NULL;
- const EVP_MD *md = NULL;
+ EVP_MD *md = NULL;
OPTION_CHOICE o, mode = OPT_ERR;
int ret = 1, no_nonce = 0, cert = 0, text = 0;
int vpmtouched = 0;
@@ -343,6 +343,7 @@ int ts_main(int argc, char **argv)
end:
X509_VERIFY_PARAM_free(vpm);
+ EVP_MD_free(md);
NCONF_free(conf);
OPENSSL_free(password);
return ret;
diff --git a/apps/x509.c b/apps/x509.c
index 18c0ce90d8..3c67855e6a 100644
--- a/apps/x509.c
+++ b/apps/x509.c
@@ -258,7 +258,7 @@ int x509_main(int argc, char **argv)
X509 *x = NULL, *xca = NULL, *issuer_cert;
X509_REQ *req = NULL, *rq = NULL;
X509_STORE *ctx = NULL;
- const EVP_MD *digest = NULL;
+ EVP_MD *digest = NULL;
char *CAkeyfile = NULL, *CAserial = NULL, *pubkeyfile = NULL, *alias = NULL;
char *checkhost = NULL, *checkemail = NULL, *checkip = NULL;
char *ext_names = NULL;
@@ -1038,6 +1038,7 @@ int x509_main(int argc, char **argv)
EVP_PKEY_free(privkey);
EVP_PKEY_free(CAkey);
EVP_PKEY_free(pubkey);
+ EVP_MD_free(digest);
sk_OPENSSL_STRING_free(sigopts);
sk_OPENSSL_STRING_free(vfyopts);
X509_REQ_free(rq);
More information about the openssl-commits
mailing list