[openssl] master update
dev at ddvo.net
dev at ddvo.net
Tue Dec 7 14:27:16 UTC 2021
The branch master has been updated
via d9f073575fdb07b486cd1b38974cd177687ccc1e (commit)
from b0be101326f369f0dd547556d2f3eb3ef5ed0e33 (commit)
- Log -----------------------------------------------------------------
commit d9f073575fdb07b486cd1b38974cd177687ccc1e
Author: Dr. David von Oheimb <David.von.Oheimb at siemens.com>
Date: Fri Aug 27 15:33:18 2021 +0200
APPS: Improve diagnostics on missing/extra args and unknown cipher/digest
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16450)
-----------------------------------------------------------------------
Summary of changes:
apps/asn1parse.c | 3 +--
apps/ciphers.c | 5 ++---
apps/cmp.c | 4 +---
apps/cms.c | 6 ++----
apps/crl.c | 9 +++------
apps/crl2pkcs7.c | 3 +--
apps/dhparam.c | 2 +-
apps/dsa.c | 9 +++------
apps/dsaparam.c | 2 +-
apps/ec.c | 9 +++------
apps/ecparam.c | 3 +--
apps/enc.c | 9 +++------
apps/fipsinstall.c | 7 +++++--
apps/gendsa.c | 11 ++++-------
apps/genpkey.c | 12 +++++++-----
apps/genrsa.c | 9 +++------
apps/include/opt.h | 2 ++
apps/info.c | 2 +-
apps/lib/opt.c | 40 +++++++++++++++++++++++++++++++++++++---
apps/list.c | 2 +-
apps/mac.c | 5 ++---
apps/nseq.c | 3 +--
apps/ocsp.c | 3 +--
apps/openssl.c | 2 +-
apps/pkcs12.c | 9 +++------
apps/pkcs7.c | 3 +--
apps/pkcs8.c | 3 +--
apps/pkey.c | 9 +++------
apps/pkeyparam.c | 3 +--
apps/pkeyutl.c | 3 +--
apps/prime.c | 8 ++++----
apps/rand.c | 2 +-
apps/req.c | 9 ++-------
apps/rsa.c | 9 +++------
apps/rsautl.c | 3 +--
apps/s_client.c | 5 ++---
apps/s_server.c | 3 +--
apps/s_time.c | 3 +--
apps/sess_id.c | 3 +--
apps/smime.c | 4 +---
apps/spkac.c | 3 +--
apps/storeutl.c | 11 ++++-------
apps/ts.c | 17 ++++++++++-------
apps/version.c | 3 +--
apps/x509.c | 6 ++++--
45 files changed, 134 insertions(+), 147 deletions(-)
diff --git a/apps/asn1parse.c b/apps/asn1parse.c
index f0bfd1d45f..b456f13d94 100644
--- a/apps/asn1parse.c
+++ b/apps/asn1parse.c
@@ -159,8 +159,7 @@ int asn1parse_main(int argc, char **argv)
}
/* No extra args. */
- argc = opt_num_rest();
- if (argc != 0)
+ if (!opt_check_rest_arg(NULL))
goto opthelp;
if (oidfile != NULL) {
diff --git a/apps/ciphers.c b/apps/ciphers.c
index 9c494224a1..dcf0d3fa1e 100644
--- a/apps/ciphers.c
+++ b/apps/ciphers.c
@@ -174,10 +174,9 @@ int ciphers_main(int argc, char **argv)
/* Optional arg is cipher name. */
argv = opt_rest();
- argc = opt_num_rest();
- if (argc == 1)
+ if (opt_num_rest() == 1)
ciphers = argv[0];
- else if (argc != 0)
+ else if (!opt_check_rest_arg(NULL))
goto opthelp;
if (convert != NULL) {
diff --git a/apps/cmp.c b/apps/cmp.c
index f646e3f7bc..5056d841d1 100644
--- a/apps/cmp.c
+++ b/apps/cmp.c
@@ -2552,9 +2552,7 @@ static int get_opts(int argc, char **argv)
}
/* No extra args. */
- argc = opt_num_rest();
- argv = opt_rest();
- if (argc != 0)
+ if (!opt_check_rest_arg(NULL))
goto opthelp;
return 1;
}
diff --git a/apps/cms.c b/apps/cms.c
index 76c7896719..18671fdc30 100644
--- a/apps/cms.c
+++ b/apps/cms.c
@@ -697,10 +697,8 @@ int cms_main(int argc, char **argv)
if (!opt_md(digestname, &sign_md))
goto end;
}
- if (ciphername != NULL) {
- if (!opt_cipher_any(ciphername, &cipher))
- goto end;
- }
+ if (!opt_cipher_any(ciphername, &cipher))
+ goto end;
if (wrapname != NULL) {
if (!opt_cipher_any(wrapname, &wrap_cipher))
goto end;
diff --git a/apps/crl.c b/apps/crl.c
index 2158a107e5..8d353ff2af 100644
--- a/apps/crl.c
+++ b/apps/crl.c
@@ -209,14 +209,11 @@ int crl_main(int argc, char **argv)
}
/* No remaining args. */
- argc = opt_num_rest();
- if (argc != 0)
+ if (!opt_check_rest_arg(NULL))
goto opthelp;
- if (digestname != NULL) {
- if (!opt_md(digestname, &digest))
- goto opthelp;
- }
+ if (!opt_md(digestname, &digest))
+ goto opthelp;
x = load_crl(infile, informat, 1, "CRL");
if (x == NULL)
goto end;
diff --git a/apps/crl2pkcs7.c b/apps/crl2pkcs7.c
index fe59e65427..681c60285f 100644
--- a/apps/crl2pkcs7.c
+++ b/apps/crl2pkcs7.c
@@ -104,8 +104,7 @@ int crl2pkcs7_main(int argc, char **argv)
}
/* No remaining args. */
- argc = opt_num_rest();
- if (argc != 0)
+ if (!opt_check_rest_arg(NULL))
goto opthelp;
if (!nocrl) {
diff --git a/apps/dhparam.c b/apps/dhparam.c
index 0e90698cd6..9fe0eedfc2 100644
--- a/apps/dhparam.c
+++ b/apps/dhparam.c
@@ -155,7 +155,7 @@ int dhparam_main(int argc, char **argv)
if (argc == 1) {
if (!opt_int(argv[0], &num) || num <= 0)
goto opthelp;
- } else if (argc != 0) {
+ } else if (!opt_check_rest_arg(NULL)) {
goto opthelp;
}
if (!app_RAND_load())
diff --git a/apps/dsa.c b/apps/dsa.c
index 51c0284353..9605ed81e7 100644
--- a/apps/dsa.c
+++ b/apps/dsa.c
@@ -161,14 +161,11 @@ int dsa_main(int argc, char **argv)
}
/* No extra args. */
- argc = opt_num_rest();
- if (argc != 0)
+ if (!opt_check_rest_arg(NULL))
goto opthelp;
- if (ciphername != NULL) {
- if (!opt_cipher(ciphername, &enc))
- goto end;
- }
+ if (!opt_cipher(ciphername, &enc))
+ goto end;
private = pubin || pubout ? 0 : 1;
if (text && !pubin)
private = 1;
diff --git a/apps/dsaparam.c b/apps/dsaparam.c
index 8025b8be67..08f912340a 100644
--- a/apps/dsaparam.c
+++ b/apps/dsaparam.c
@@ -133,7 +133,7 @@ int dsaparam_main(int argc, char **argv)
if (argc == 1) {
if (!opt_int(argv[0], &num) || num < 0)
goto opthelp;
- } else if (argc != 0) {
+ } else if (!opt_check_rest_arg(NULL)) {
goto opthelp;
}
if (!app_RAND_load())
diff --git a/apps/ec.c b/apps/ec.c
index dcbef104ee..4573300a5e 100644
--- a/apps/ec.c
+++ b/apps/ec.c
@@ -157,14 +157,11 @@ int ec_main(int argc, char **argv)
}
/* No extra arguments. */
- argc = opt_num_rest();
- if (argc != 0)
+ if (!opt_check_rest_arg(NULL))
goto opthelp;
- if (ciphername != NULL) {
- if (!opt_cipher(ciphername, &enc))
- goto opthelp;
- }
+ if (!opt_cipher(ciphername, &enc))
+ goto opthelp;
private = param_out || pubin || pubout ? 0 : 1;
if (text && !pubin)
private = 1;
diff --git a/apps/ecparam.c b/apps/ecparam.c
index 12eed703de..9910d8c17e 100644
--- a/apps/ecparam.c
+++ b/apps/ecparam.c
@@ -186,8 +186,7 @@ int ecparam_main(int argc, char **argv)
}
/* No extra args. */
- argc = opt_num_rest();
- if (argc != 0)
+ if (!opt_check_rest_arg(NULL))
goto opthelp;
if (!app_RAND_load())
diff --git a/apps/enc.c b/apps/enc.c
index 3dd6098563..e71453c3c4 100644
--- a/apps/enc.c
+++ b/apps/enc.c
@@ -289,17 +289,14 @@ int enc_main(int argc, char **argv)
}
/* No extra arguments. */
- argc = opt_num_rest();
- if (argc != 0)
+ if (!opt_check_rest_arg(NULL))
goto opthelp;
if (!app_RAND_load())
goto end;
/* Get the cipher name, either from progname (if set) or flag. */
- if (ciphername != NULL) {
- if (!opt_cipher(ciphername, &cipher))
- goto opthelp;
- }
+ if (!opt_cipher(ciphername, &cipher))
+ goto opthelp;
if (digestname != NULL) {
if (!opt_md(digestname, &dgst))
goto opthelp;
diff --git a/apps/fipsinstall.c b/apps/fipsinstall.c
index 363631112e..5af007083a 100644
--- a/apps/fipsinstall.c
+++ b/apps/fipsinstall.c
@@ -382,9 +382,12 @@ opthelp:
}
/* No extra arguments. */
- argc = opt_num_rest();
- if (argc != 0 || (verify && in_fname == NULL))
+ if (!opt_check_rest_arg(NULL))
goto opthelp;
+ if (verify && in_fname == NULL) {
+ BIO_printf(bio_err, "Missing -in option for -verify\n");
+ goto opthelp;
+ }
if (parent_config != NULL) {
/* Test that a parent config can load the module */
diff --git a/apps/gendsa.c b/apps/gendsa.c
index e5c9bc22ad..b9bc2f502b 100644
--- a/apps/gendsa.c
+++ b/apps/gendsa.c
@@ -101,19 +101,16 @@ int gendsa_main(int argc, char **argv)
}
/* One argument, the params file. */
- argc = opt_num_rest();
- argv = opt_rest();
- if (argc != 1)
+ if (!opt_check_rest_arg("params file"))
goto opthelp;
+ argv = opt_rest();
dsaparams = argv[0];
if (!app_RAND_load())
goto end;
- if (ciphername != NULL) {
- if (!opt_cipher(ciphername, &enc))
- goto end;
- }
+ if (!opt_cipher(ciphername, &enc))
+ goto end;
private = 1;
if (!app_passwd(NULL, passoutarg, NULL, &passout)) {
diff --git a/apps/genpkey.c b/apps/genpkey.c
index d00754eeac..7f70a6baa2 100644
--- a/apps/genpkey.c
+++ b/apps/genpkey.c
@@ -139,8 +139,7 @@ int genpkey_main(int argc, char **argv)
}
/* No extra arguments. */
- argc = opt_num_rest();
- if (argc != 0)
+ if (!opt_check_rest_arg(NULL))
goto opthelp;
/* Fetch cipher, etc. */
@@ -163,9 +162,12 @@ int genpkey_main(int argc, char **argv)
goto end;
}
}
- if (ciphername != NULL)
- if (!opt_cipher(ciphername, &cipher) || do_param == 1)
- goto opthelp;
+ if (!opt_cipher(ciphername, &cipher))
+ goto opthelp;
+ if (ciphername != NULL && do_param == 1) {
+ BIO_printf(bio_err, "Cannot use cipher with -genparam option\n");
+ goto opthelp;
+ }
private = do_param ? 0 : 1;
diff --git a/apps/genrsa.c b/apps/genrsa.c
index e709ea38ce..1a6c67380f 100644
--- a/apps/genrsa.c
+++ b/apps/genrsa.c
@@ -157,8 +157,7 @@ opthelp:
"Warning: It is not recommended to use more than %d bit for RSA keys.\n"
" Your key size is %d! Larger key size may behave not as expected.\n",
OPENSSL_RSA_MAX_MODULUS_BITS, num);
- } else if (argc > 0) {
- BIO_printf(bio_err, "Extra arguments given.\n");
+ } else if (!opt_check_rest_arg(NULL)) {
goto opthelp;
}
@@ -166,10 +165,8 @@ opthelp:
goto end;
private = 1;
- if (ciphername != NULL) {
- if (!opt_cipher(ciphername, &enc))
- goto end;
- }
+ if (!opt_cipher(ciphername, &enc))
+ goto end;
if (!app_passwd(NULL, passoutarg, NULL, &passout)) {
BIO_printf(bio_err, "Error getting password\n");
goto end;
diff --git a/apps/include/opt.h b/apps/include/opt.h
index 4f83a0ed53..9493901c44 100644
--- a/apps/include/opt.h
+++ b/apps/include/opt.h
@@ -368,6 +368,7 @@ char *opt_unknown(void);
int opt_cipher(const char *name, EVP_CIPHER **cipherp);
int opt_cipher_any(const char *name, EVP_CIPHER **cipherp);
int opt_cipher_silent(const char *name, EVP_CIPHER **cipherp);
+int opt_check_md(const char *name);
int opt_md(const char *name, EVP_MD **mdp);
int opt_md_silent(const char *name, EVP_MD **mdp);
@@ -392,6 +393,7 @@ int opt_provider_option_given(void);
char **opt_rest(void);
int opt_num_rest(void);
+int opt_check_rest_arg(const char *expected);
/* Returns non-zero if legacy paths are still available */
int opt_legacy_okay(void);
diff --git a/apps/info.c b/apps/info.c
index c68603652f..befc62dac1 100644
--- a/apps/info.c
+++ b/apps/info.c
@@ -86,7 +86,7 @@ opthelp:
break;
}
}
- if (opt_num_rest() != 0)
+ if (!opt_check_rest_arg(NULL))
goto opthelp;
if (dirty > 1) {
BIO_printf(bio_err, "%s: Only one item allowed\n", prog);
diff --git a/apps/lib/opt.c b/apps/lib/opt.c
index 157367982d..3925ec96c3 100644
--- a/apps/lib/opt.c
+++ b/apps/lib/opt.c
@@ -399,8 +399,10 @@ int opt_cipher_any(const char *name, EVP_CIPHER **cipherp)
{
int ret;
+ if (name == NULL)
+ return 1;
if ((ret = opt_cipher_silent(name, cipherp)) == 0)
- opt_printf_stderr("%s: Unknown cipher: %s\n", prog, name);
+ opt_printf_stderr("%s: Unknown option or cipher: %s\n", prog, name);
return ret;
}
@@ -410,6 +412,8 @@ int opt_cipher(const char *name, EVP_CIPHER **cipherp)
unsigned long int flags;
EVP_CIPHER *c = NULL;
+ if (name == NULL)
+ return 1;
if (opt_cipher_any(name, &c)) {
mode = EVP_CIPHER_get_mode(c);
flags = EVP_CIPHER_get_flags(c);
@@ -454,12 +458,22 @@ int opt_md(const char *name, EVP_MD **mdp)
{
int ret;
+ if (name == NULL)
+ return 1;
if ((ret = opt_md_silent(name, mdp)) == 0)
- opt_printf_stderr("%s: Unknown option or message digest: %s\n", prog,
- name != NULL ? name : "\"\"");
+ opt_printf_stderr("%s: Unknown option or message digest: %s\n",
+ prog, name);
return ret;
}
+int opt_check_md(const char *name)
+{
+ if (opt_md(name, NULL))
+ return 1;
+ ERR_clear_error();
+ return 0;
+}
+
/* Look through a list of name/value pairs. */
int opt_pair(const char *name, const OPT_PAIR* pairs, int *result)
{
@@ -1013,6 +1027,26 @@ int opt_num_rest(void)
return i;
}
+int opt_check_rest_arg(const char *expected)
+{
+ char *opt = *opt_rest();
+
+ if (opt == NULL || *opt == '\0') {
+ if (expected == NULL)
+ return 1;
+ opt_printf_stderr("%s: Missing argument: %s\n", prog, expected);
+ return 0;
+ } else if (expected != NULL) {
+ return 1;
+ }
+ if (opt_unknown() == NULL)
+ opt_printf_stderr("%s: Extra option: \"%s\"\n", prog, opt);
+ else
+ opt_printf_stderr("%s: Extra (unknown) options: \"%s\" \"%s\"\n",
+ prog, opt_unknown(), opt != NULL ? opt : "");
+ return 0;
+}
+
/* Return a string describing the parameter type. */
static const char *valtype2param(const OPTIONS *o)
{
diff --git a/apps/list.c b/apps/list.c
index 9732d6625a..30bf2be919 100644
--- a/apps/list.c
+++ b/apps/list.c
@@ -1647,7 +1647,7 @@ opthelp:
}
/* No extra arguments. */
- if (opt_num_rest() != 0)
+ if (!opt_check_rest_arg(NULL))
goto opthelp;
if (todo.commands)
diff --git a/apps/mac.c b/apps/mac.c
index 08f06be867..8bd7ce2397 100644
--- a/apps/mac.c
+++ b/apps/mac.c
@@ -137,10 +137,9 @@ opthelp:
}
/* One argument, the MAC name. */
- argc = opt_num_rest();
- argv = opt_rest();
- if (argc != 1)
+ if (!opt_check_rest_arg("MAC name"))
goto opthelp;
+ argv = opt_rest();
mac = EVP_MAC_fetch(app_get0_libctx(), argv[0], app_get0_propq());
if (mac == NULL) {
diff --git a/apps/nseq.c b/apps/nseq.c
index d5524370f2..e66b58d957 100644
--- a/apps/nseq.c
+++ b/apps/nseq.c
@@ -73,8 +73,7 @@ int nseq_main(int argc, char **argv)
}
/* No extra arguments. */
- argc = opt_num_rest();
- if (argc != 0)
+ if (!opt_check_rest_arg(NULL))
goto opthelp;
in = bio_open_default(infile, 'r', FORMAT_PEM);
diff --git a/apps/ocsp.c b/apps/ocsp.c
index 841b5f7b81..b0d030a940 100644
--- a/apps/ocsp.c
+++ b/apps/ocsp.c
@@ -535,8 +535,7 @@ int ocsp_main(int argc, char **argv)
}
/* No extra arguments. */
- argc = opt_num_rest();
- if (argc != 0)
+ if (!opt_check_rest_arg(NULL))
goto opthelp;
if (trailing_md) {
diff --git a/apps/openssl.c b/apps/openssl.c
index d61acbbc54..3497d51f4d 100644
--- a/apps/openssl.c
+++ b/apps/openssl.c
@@ -357,7 +357,7 @@ int help_main(int argc, char **argv)
new_argv[2] = NULL;
return do_cmd(prog_init(), 2, new_argv);
}
- if (opt_num_rest() != 0) {
+ if (!opt_check_rest_arg(NULL)) {
BIO_printf(bio_err, "Usage: %s\n", prog);
return 1;
}
diff --git a/apps/pkcs12.c b/apps/pkcs12.c
index acc45c405a..65dcdad38a 100644
--- a/apps/pkcs12.c
+++ b/apps/pkcs12.c
@@ -356,17 +356,14 @@ int pkcs12_main(int argc, char **argv)
}
/* No extra arguments. */
- argc = opt_num_rest();
- if (argc != 0)
+ if (!opt_check_rest_arg(NULL))
goto opthelp;
if (!app_RAND_load())
goto end;
- if (ciphername != NULL) {
- if (!opt_cipher_any(ciphername, &enc))
- goto opthelp;
- }
+ if (!opt_cipher_any(ciphername, &enc))
+ goto opthelp;
if (export_pkcs12) {
if ((options & INFO) != 0)
WARN_EXPORT("info");
diff --git a/apps/pkcs7.c b/apps/pkcs7.c
index ba11e8151a..ac2dec152a 100644
--- a/apps/pkcs7.c
+++ b/apps/pkcs7.c
@@ -111,8 +111,7 @@ int pkcs7_main(int argc, char **argv)
}
/* No extra arguments. */
- argc = opt_num_rest();
- if (argc != 0)
+ if (!opt_check_rest_arg(NULL))
goto opthelp;
in = bio_open_default(infile, 'r', informat);
diff --git a/apps/pkcs8.c b/apps/pkcs8.c
index 6b09b909eb..e3932245f3 100644
--- a/apps/pkcs8.c
+++ b/apps/pkcs8.c
@@ -193,8 +193,7 @@ int pkcs8_main(int argc, char **argv)
}
/* No extra arguments. */
- argc = opt_num_rest();
- if (argc != 0)
+ if (!opt_check_rest_arg(NULL))
goto opthelp;
private = 1;
diff --git a/apps/pkey.c b/apps/pkey.c
index fb3899b08e..41a4c29897 100644
--- a/apps/pkey.c
+++ b/apps/pkey.c
@@ -171,8 +171,7 @@ int pkey_main(int argc, char **argv)
}
/* No extra arguments. */
- argc = opt_num_rest();
- if (argc != 0)
+ if (!opt_check_rest_arg(NULL))
goto opthelp;
if (text && text_pub)
@@ -190,10 +189,8 @@ int pkey_main(int argc, char **argv)
private = (!noout && !pubout) || (text && !text_pub);
- if (ciphername != NULL) {
- if (!opt_cipher(ciphername, &cipher))
- goto opthelp;
- }
+ if (!opt_cipher(ciphername, &cipher))
+ goto opthelp;
if (cipher == NULL) {
if (passoutarg != NULL)
BIO_printf(bio_err,
diff --git a/apps/pkeyparam.c b/apps/pkeyparam.c
index 45647341ce..3722be4bf6 100644
--- a/apps/pkeyparam.c
+++ b/apps/pkeyparam.c
@@ -91,8 +91,7 @@ int pkeyparam_main(int argc, char **argv)
}
/* No extra arguments. */
- argc = opt_num_rest();
- if (argc != 0)
+ if (!opt_check_rest_arg(NULL))
goto opthelp;
in = bio_open_default(infile, 'r', FORMAT_PEM);
diff --git a/apps/pkeyutl.c b/apps/pkeyutl.c
index d7290f7d48..9e18dfc0e9 100644
--- a/apps/pkeyutl.c
+++ b/apps/pkeyutl.c
@@ -253,8 +253,7 @@ int pkeyutl_main(int argc, char **argv)
}
/* No extra arguments. */
- argc = opt_num_rest();
- if (argc != 0)
+ if (!opt_check_rest_arg(NULL))
goto opthelp;
if (!app_RAND_load())
diff --git a/apps/prime.c b/apps/prime.c
index e269493d5c..190254d90e 100644
--- a/apps/prime.c
+++ b/apps/prime.c
@@ -83,12 +83,12 @@ opthelp:
}
/* Optional arguments are numbers to check. */
+ if (generate && !opt_check_rest_arg(NULL))
+ goto opthelp;
argc = opt_num_rest();
argv = opt_rest();
- if (generate) {
- if (argc != 0)
- goto opthelp;
- } else if (argc == 0) {
+ if (!generate && argc == 0) {
+ BIO_printf(bio_err, "Missing number (s) to check\n");
goto opthelp;
}
diff --git a/apps/rand.c b/apps/rand.c
index cbf495d5bc..f99c91dbbf 100644
--- a/apps/rand.c
+++ b/apps/rand.c
@@ -95,7 +95,7 @@ int rand_main(int argc, char **argv)
if (argc == 1) {
if (!opt_int(argv[0], &num) || num <= 0)
goto opthelp;
- } else if (argc != 0) {
+ } else if (!opt_check_rest_arg(NULL)) {
goto opthelp;
}
diff --git a/apps/req.c b/apps/req.c
index 274f839902..36ac493807 100644
--- a/apps/req.c
+++ b/apps/req.c
@@ -241,7 +241,6 @@ int req_main(int argc, char **argv)
X509 *new_x509 = NULL, *CAcert = NULL;
X509_REQ *req = NULL;
EVP_CIPHER *cipher = NULL;
- EVP_MD *md = NULL;
int ext_copy = EXT_COPY_UNSET;
BIO *addext_bio = NULL;
char *extsect = NULL;
@@ -473,8 +472,7 @@ int req_main(int argc, char **argv)
}
/* No extra arguments. */
- argc = opt_num_rest();
- if (argc != 0)
+ if (!opt_check_rest_arg(NULL))
goto opthelp;
if (!app_RAND_load())
@@ -533,11 +531,8 @@ int req_main(int argc, char **argv)
/* Check that any specified digest is fetchable */
if (digest != NULL) {
- if (!opt_md(digest, &md)) {
- ERR_clear_error();
+ if (!opt_check_md(digest))
goto opthelp;
- }
- EVP_MD_free(md);
} else {
/* No digest specified, default to configuration */
p = NCONF_get_string(req_conf, section, "default_md");
diff --git a/apps/rsa.c b/apps/rsa.c
index 05a091ce4b..fb73173428 100644
--- a/apps/rsa.c
+++ b/apps/rsa.c
@@ -217,14 +217,11 @@ int rsa_main(int argc, char **argv)
}
/* No extra arguments. */
- argc = opt_num_rest();
- if (argc != 0)
+ if (!opt_check_rest_arg(NULL))
goto opthelp;
- if (ciphername != NULL) {
- if (!opt_cipher(ciphername, &enc))
- goto opthelp;
- }
+ if (!opt_cipher(ciphername, &enc))
+ goto opthelp;
private = (text && !pubin) || (!pubout && !noout) ? 1 : 0;
if (!app_passwd(passinarg, passoutarg, &passin, &passout)) {
diff --git a/apps/rsautl.c b/apps/rsautl.c
index ae0206014d..c428bf18b4 100644
--- a/apps/rsautl.c
+++ b/apps/rsautl.c
@@ -169,8 +169,7 @@ int rsautl_main(int argc, char **argv)
}
/* No extra arguments. */
- argc = opt_num_rest();
- if (argc != 0)
+ if (!opt_check_rest_arg(NULL))
goto opthelp;
if (!app_RAND_load())
diff --git a/apps/s_client.c b/apps/s_client.c
index e0748496de..b905fbd3ec 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -1473,8 +1473,7 @@ int s_client_main(int argc, char **argv)
}
/* Optional argument is connect string if -connect not used. */
- argc = opt_num_rest();
- if (argc == 1) {
+ if (opt_num_rest() == 1) {
/* Don't allow -connect and a separate argument. */
if (connectstr != NULL) {
BIO_printf(bio_err,
@@ -1484,7 +1483,7 @@ int s_client_main(int argc, char **argv)
}
connect_type = use_inet;
freeandcopy(&connectstr, *opt_rest());
- } else if (argc != 0) {
+ } else if (!opt_check_rest_arg(NULL)) {
goto opthelp;
}
if (!app_RAND_load())
diff --git a/apps/s_server.c b/apps/s_server.c
index d60a1f3c85..6b0e013ca7 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -1648,8 +1648,7 @@ int s_server_main(int argc, char *argv[])
}
/* No extra arguments. */
- argc = opt_num_rest();
- if (argc != 0)
+ if (!opt_check_rest_arg(NULL))
goto opthelp;
if (!app_RAND_load())
diff --git a/apps/s_time.c b/apps/s_time.c
index 1a58e19de5..1c6ed78b2c 100644
--- a/apps/s_time.c
+++ b/apps/s_time.c
@@ -234,8 +234,7 @@ int s_time_main(int argc, char **argv)
}
/* No extra arguments. */
- argc = opt_num_rest();
- if (argc != 0)
+ if (!opt_check_rest_arg(NULL))
goto opthelp;
if (cipher == NULL)
diff --git a/apps/sess_id.c b/apps/sess_id.c
index 714c0f7787..54b3d05563 100644
--- a/apps/sess_id.c
+++ b/apps/sess_id.c
@@ -98,8 +98,7 @@ int sess_id_main(int argc, char **argv)
}
/* No extra arguments. */
- argc = opt_num_rest();
- if (argc != 0)
+ if (!opt_check_rest_arg(NULL))
goto opthelp;
x = load_sess_id(infile, informat);
diff --git a/apps/smime.c b/apps/smime.c
index a2ff0b5be7..6cf6ab3a45 100644
--- a/apps/smime.c
+++ b/apps/smime.c
@@ -366,10 +366,8 @@ int smime_main(int argc, char **argv)
if (!opt_md(digestname, &sign_md))
goto opthelp;
}
- if (ciphername != NULL) {
- if (!opt_cipher_any(ciphername, &cipher))
+ if (!opt_cipher_any(ciphername, &cipher))
goto opthelp;
- }
if (!(operation & SMIME_SIGNERS) && (skkeys != NULL || sksigners != NULL)) {
BIO_puts(bio_err, "Multiple signers or keys not allowed\n");
goto opthelp;
diff --git a/apps/spkac.c b/apps/spkac.c
index d92be7d645..b389d9afce 100644
--- a/apps/spkac.c
+++ b/apps/spkac.c
@@ -133,8 +133,7 @@ int spkac_main(int argc, char **argv)
}
/* No extra arguments. */
- argc = opt_num_rest();
- if (argc != 0)
+ if (!opt_check_rest_arg(NULL))
goto opthelp;
if (!app_passwd(passinarg, NULL, &passin, NULL)) {
diff --git a/apps/storeutl.c b/apps/storeutl.c
index 1368caae92..8d1ce3cea3 100644
--- a/apps/storeutl.c
+++ b/apps/storeutl.c
@@ -258,15 +258,12 @@ int storeutl_main(int argc, char *argv[])
}
/* One argument, the URI */
- argc = opt_num_rest();
- argv = opt_rest();
- if (argc != 1)
+ if (!opt_check_rest_arg("URI"))
goto opthelp;
+ argv = opt_rest();
- if (digestname != NULL) {
- if (!opt_md(digestname, &digest))
- goto opthelp;
- }
+ if (!opt_md(digestname, &digest))
+ goto opthelp;
if (criterion != 0) {
switch (criterion) {
diff --git a/apps/ts.c b/apps/ts.c
index e65d223348..8e58ef00b4 100644
--- a/apps/ts.c
+++ b/apps/ts.c
@@ -204,8 +204,10 @@ int ts_main(int argc, char **argv)
case OPT_QUERY:
case OPT_REPLY:
case OPT_VERIFY:
- if (mode != OPT_ERR)
+ if (mode != OPT_ERR) {
+ BIO_printf(bio_err, "%s: Must give only one of -query, -reply, or -verify\n", prog);
goto opthelp;
+ }
mode = o;
break;
case OPT_DATA:
@@ -288,17 +290,18 @@ int ts_main(int argc, char **argv)
}
/* No extra arguments. */
- argc = opt_num_rest();
- if (argc != 0 || mode == OPT_ERR)
+ if (!opt_check_rest_arg(NULL))
+ goto opthelp;
+ if (mode == OPT_ERR) {
+ BIO_printf(bio_err, "%s: Must give one of -query, -reply, or -verify\n", prog);
goto opthelp;
+ }
if (!app_RAND_load())
goto end;
- if (digestname != NULL) {
- if (!opt_md(digestname, &md))
- goto opthelp;
- }
+ if (!opt_md(digestname, &md))
+ goto opthelp;
if (mode == OPT_REPLY && passin &&
!app_passwd(passin, NULL, &password, NULL)) {
BIO_printf(bio_err, "Error getting password.\n");
diff --git a/apps/version.c b/apps/version.c
index cab17a46bf..7185e9edcd 100644
--- a/apps/version.c
+++ b/apps/version.c
@@ -99,8 +99,7 @@ opthelp:
}
/* No extra arguments. */
- argc = opt_num_rest();
- if (argc != 0)
+ if (!opt_check_rest_arg(NULL))
goto opthelp;
if (!dirty)
diff --git a/apps/x509.c b/apps/x509.c
index 28fa769a01..188bc17a09 100644
--- a/apps/x509.c
+++ b/apps/x509.c
@@ -594,13 +594,15 @@ int x509_main(int argc, char **argv)
}
/* No extra arguments. */
- argc = opt_num_rest();
- if (argc != 0)
+ if (!opt_check_rest_arg(NULL))
goto opthelp;
if (!app_RAND_load())
goto end;
+ if (!opt_check_md(digest))
+ goto opthelp;
+
if (preserve_dates && days != UNSET_DAYS) {
BIO_printf(bio_err, "Cannot use -preserve_dates with -days option\n");
goto err;
More information about the openssl-commits
mailing list