diff options
| author | bcook <> | 2015-09-11 14:30:23 +0000 |
|---|---|---|
| committer | bcook <> | 2015-09-11 14:30:23 +0000 |
| commit | e2fad4e6bdd4e404b3f4c186de52078738af2271 (patch) | |
| tree | cc1109842924cab95a77b6863b32de51b6d4f960 /src/usr.bin/openssl/ts.c | |
| parent | 7cea1ef22b79637be449efa70b99c6deaf74ef10 (diff) | |
| download | openbsd-e2fad4e6bdd4e404b3f4c186de52078738af2271.tar.gz openbsd-e2fad4e6bdd4e404b3f4c186de52078738af2271.tar.bz2 openbsd-e2fad4e6bdd4e404b3f4c186de52078738af2271.zip | |
Remove engine command and parameters from openssl(1).
We do not have any builtin or dynamic engines, meaning openssl(1) has
no way to use the engine command or parameters at all.
ok jsing@
Diffstat (limited to '')
| -rw-r--r-- | src/usr.bin/openssl/ts.c | 26 |
1 files changed, 8 insertions, 18 deletions
diff --git a/src/usr.bin/openssl/ts.c b/src/usr.bin/openssl/ts.c index ae7dfff615..e958d0aaff 100644 --- a/src/usr.bin/openssl/ts.c +++ b/src/usr.bin/openssl/ts.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ts.c,v 1.5 2015/08/22 16:36:05 jsing Exp $ */ | 1 | /* $OpenBSD: ts.c,v 1.6 2015/09/11 14:30:23 bcook Exp $ */ |
| 2 | /* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL | 2 | /* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL |
| 3 | * project 2002. | 3 | * project 2002. |
| 4 | */ | 4 | */ |
| @@ -92,13 +92,13 @@ static int create_digest(BIO * input, char *digest, | |||
| 92 | static ASN1_INTEGER *create_nonce(int bits); | 92 | static ASN1_INTEGER *create_nonce(int bits); |
| 93 | 93 | ||
| 94 | /* Reply related functions. */ | 94 | /* Reply related functions. */ |
| 95 | static int reply_command(CONF * conf, char *section, char *engine, | 95 | static int reply_command(CONF * conf, char *section, |
| 96 | char *queryfile, char *passin, char *inkey, | 96 | char *queryfile, char *passin, char *inkey, |
| 97 | char *signer, char *chain, const char *policy, | 97 | char *signer, char *chain, const char *policy, |
| 98 | char *in, int token_in, char *out, int token_out, | 98 | char *in, int token_in, char *out, int token_out, |
| 99 | int text); | 99 | int text); |
| 100 | static TS_RESP *read_PKCS7(BIO * in_bio); | 100 | static TS_RESP *read_PKCS7(BIO * in_bio); |
| 101 | static TS_RESP *create_response(CONF * conf, const char *section, char *engine, | 101 | static TS_RESP *create_response(CONF * conf, const char *section, |
| 102 | char *queryfile, char *passin, char *inkey, | 102 | char *queryfile, char *passin, char *inkey, |
| 103 | char *signer, char *chain, const char *policy); | 103 | char *signer, char *chain, const char *policy); |
| 104 | static ASN1_INTEGER *serial_cb(TS_RESP_CTX * ctx, void *data); | 104 | static ASN1_INTEGER *serial_cb(TS_RESP_CTX * ctx, void *data); |
| @@ -144,7 +144,6 @@ ts_main(int argc, char **argv) | |||
| 144 | char *ca_path = NULL; | 144 | char *ca_path = NULL; |
| 145 | char *ca_file = NULL; | 145 | char *ca_file = NULL; |
| 146 | char *untrusted = NULL; | 146 | char *untrusted = NULL; |
| 147 | char *engine = NULL; | ||
| 148 | /* Input is ContentInfo instead of TimeStampResp. */ | 147 | /* Input is ContentInfo instead of TimeStampResp. */ |
| 149 | int token_in = 0; | 148 | int token_in = 0; |
| 150 | /* Output is ContentInfo instead of TimeStampResp. */ | 149 | /* Output is ContentInfo instead of TimeStampResp. */ |
| @@ -233,10 +232,6 @@ ts_main(int argc, char **argv) | |||
| 233 | if (argc-- < 1) | 232 | if (argc-- < 1) |
| 234 | goto usage; | 233 | goto usage; |
| 235 | untrusted = *++argv; | 234 | untrusted = *++argv; |
| 236 | } else if (strcmp(*argv, "-engine") == 0) { | ||
| 237 | if (argc-- < 1) | ||
| 238 | goto usage; | ||
| 239 | engine = *++argv; | ||
| 240 | } else if ((md = EVP_get_digestbyname(*argv + 1)) != NULL) { | 235 | } else if ((md = EVP_get_digestbyname(*argv + 1)) != NULL) { |
| 241 | /* empty. */ | 236 | /* empty. */ |
| 242 | } else | 237 | } else |
| @@ -282,7 +277,7 @@ ts_main(int argc, char **argv) | |||
| 282 | goto usage; | 277 | goto usage; |
| 283 | } | 278 | } |
| 284 | 279 | ||
| 285 | ret = !reply_command(conf, section, engine, queryfile, | 280 | ret = !reply_command(conf, section, queryfile, |
| 286 | password, inkey, signer, chain, policy, | 281 | password, inkey, signer, chain, policy, |
| 287 | in, token_in, out, token_out, text); | 282 | in, token_in, out, token_out, text); |
| 288 | break; | 283 | break; |
| @@ -312,7 +307,7 @@ usage: | |||
| 312 | "[-signer tsa_cert.pem] [-inkey private_key.pem] " | 307 | "[-signer tsa_cert.pem] [-inkey private_key.pem] " |
| 313 | "[-chain certs_file.pem] [-policy object_id] " | 308 | "[-chain certs_file.pem] [-policy object_id] " |
| 314 | "[-in response.tsr] [-token_in] " | 309 | "[-in response.tsr] [-token_in] " |
| 315 | "[-out response.tsr] [-token_out] [-text] [-engine id]\n"); | 310 | "[-out response.tsr] [-token_out] [-text]\n"); |
| 316 | BIO_printf(bio_err, "or\n" | 311 | BIO_printf(bio_err, "or\n" |
| 317 | "ts -verify [-data file_to_hash] [-digest digest_bytes] " | 312 | "ts -verify [-data file_to_hash] [-digest digest_bytes] " |
| 318 | "[-queryfile request.tsq] " | 313 | "[-queryfile request.tsq] " |
| @@ -615,7 +610,7 @@ err: | |||
| 615 | */ | 610 | */ |
| 616 | 611 | ||
| 617 | static int | 612 | static int |
| 618 | reply_command(CONF * conf, char *section, char *engine, char *queryfile, | 613 | reply_command(CONF * conf, char *section, char *queryfile, |
| 619 | char *passin, char *inkey, char *signer, char *chain, const char *policy, | 614 | char *passin, char *inkey, char *signer, char *chain, const char *policy, |
| 620 | char *in, int token_in, char *out, int token_out, int text) | 615 | char *in, int token_in, char *out, int token_out, int text) |
| 621 | { | 616 | { |
| @@ -642,7 +637,7 @@ reply_command(CONF * conf, char *section, char *engine, char *queryfile, | |||
| 642 | response = d2i_TS_RESP_bio(in_bio, NULL); | 637 | response = d2i_TS_RESP_bio(in_bio, NULL); |
| 643 | } | 638 | } |
| 644 | } else { | 639 | } else { |
| 645 | response = create_response(conf, section, engine, queryfile, | 640 | response = create_response(conf, section, queryfile, |
| 646 | passin, inkey, signer, chain, | 641 | passin, inkey, signer, chain, |
| 647 | policy); | 642 | policy); |
| 648 | if (response) | 643 | if (response) |
| @@ -740,7 +735,7 @@ end: | |||
| 740 | } | 735 | } |
| 741 | 736 | ||
| 742 | static TS_RESP * | 737 | static TS_RESP * |
| 743 | create_response(CONF * conf, const char *section, char *engine, | 738 | create_response(CONF * conf, const char *section, |
| 744 | char *queryfile, char *passin, char *inkey, | 739 | char *queryfile, char *passin, char *inkey, |
| 745 | char *signer, char *chain, const char *policy) | 740 | char *signer, char *chain, const char *policy) |
| 746 | { | 741 | { |
| @@ -763,11 +758,6 @@ create_response(CONF * conf, const char *section, char *engine, | |||
| 763 | /* Setting serial number provider callback. */ | 758 | /* Setting serial number provider callback. */ |
| 764 | if (!TS_CONF_set_serial(conf, section, serial_cb, resp_ctx)) | 759 | if (!TS_CONF_set_serial(conf, section, serial_cb, resp_ctx)) |
| 765 | goto end; | 760 | goto end; |
| 766 | #ifndef OPENSSL_NO_ENGINE | ||
| 767 | /* Setting default OpenSSL engine. */ | ||
| 768 | if (!TS_CONF_set_crypto_device(conf, section, engine)) | ||
| 769 | goto end; | ||
| 770 | #endif | ||
| 771 | 761 | ||
| 772 | /* Setting TSA signer certificate. */ | 762 | /* Setting TSA signer certificate. */ |
| 773 | if (!TS_CONF_set_signer_cert(conf, section, signer, resp_ctx)) | 763 | if (!TS_CONF_set_signer_cert(conf, section, signer, resp_ctx)) |