[openssl-dev] [openssl.org #4215] Results of regression for some apps

Mon Jan 4 14:07:23 UTC 2016

Hello!

I found the following problems running my cipher suite with openssl 1.1.0

1. Some apps try to load the default config file twice. In case when we
load an engine via the config file and the engine prevents itself from
loading more than once, it causes errors.

The attached patch contains fixes for the 'req' and 'ts' utilities, but may
be there are some more utilities with specific config files.

2. The 'smime' utility erroneously regards the '-signer' option to be the
name of input file. It's wrong when the utility uses this option in -verify
mode. So the attached patch makes this option to be processed as string,
not as input.

3. The 'cms' and 'smime' utilities do not accept the '-inform smime'
options. It may be a bug or not a bug (files in SMIME format are accepted)
but it is definitely an incompatibility.

Thank you!

-- 
SY, Dmitry Belyavsky

-------------- next part --------------

diff --git a/apps/req.c b/apps/req.c
index a0da788..9235b2b 100644
--- a/apps/req.c
+++ b/apps/req.c
@@ -377,13 +377,14 @@ int req_main(int argc, char **argv)
         BIO_printf(bio_err, "Error getting passwords\n");
         goto end;
     }
-
+    if (template != default_config_file)
+    {
     if (verbose)
         BIO_printf(bio_err, "Using configuration from %s\n", template);
     req_conf = app_load_config(template);
     if (!app_load_modules(req_conf))
         goto end;
-
+    }
     if (req_conf != NULL) {
         p = NCONF_get_string(req_conf, NULL, "oid_file");
         if (p == NULL)
diff --git a/apps/smime.c b/apps/smime.c
index 551a8fd..a1dde89 100644
--- a/apps/smime.c
+++ b/apps/smime.c
@@ -115,7 +115,7 @@ OPTIONS smime_options[] = {
     {"noattr", OPT_NOATTR, '-', "Don't include any signed attributes"},
     {"binary", OPT_BINARY, '-', "Don't translate message to text"},
     {"certfile", OPT_CERTFILE, '<', "Other certificates file"},
-    {"signer", OPT_SIGNER, '<', "Signer certificate file"},
+    {"signer", OPT_SIGNER, 's', "Signer certificate file"},
     {"recip", OPT_RECIP, '<', "Recipient certificate file for decryption"},
     {"in", OPT_IN, '<', "Input file"},
     {"inform", OPT_INFORM, 'F', "Input format SMIME (default), PEM or DER"},
diff --git a/apps/ts.c b/apps/ts.c
index 00b5e53..c1a3b05 100644
--- a/apps/ts.c
+++ b/apps/ts.c
@@ -319,10 +319,11 @@ int ts_main(int argc, char **argv)
         goto end;
     }
 
+    if (configfile != default_config_file) {
     conf = load_config_file(configfile);
     if (!app_load_modules(conf))
         goto end;
-
+    }
     /* Check parameter consistency and execute the appropriate function. */
     switch (mode) {
     default:
-------------- next part --------------
_______________________________________________
openssl-bugs-mod mailing list
openssl-bugs-mod at openssl.org
https://mta.openssl.org/mailman/listinfo/openssl-bugs-mod
