summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/lib/libssl/src/apps/apps.c2441
-rw-r--r--src/lib/libssl/src/apps/apps.h88
2 files changed, 1235 insertions, 1294 deletions
diff --git a/src/lib/libssl/src/apps/apps.c b/src/lib/libssl/src/apps/apps.c
index 4d5e3f172a..47347678e5 100644
--- a/src/lib/libssl/src/apps/apps.c
+++ b/src/lib/libssl/src/apps/apps.c
@@ -5,21 +5,21 @@
5 * This package is an SSL implementation written 5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com). 6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL. 7 * The implementation was written so as to conform with Netscapes SSL.
8 * 8 *
9 * This library is free for commercial and non-commercial use as long as 9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions 10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA, 11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms 13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 * 15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed. 17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution 18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used. 19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or 20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package. 21 * in documentation (online or textual) provided with the package.
22 * 22 *
23 * Redistribution and use in source and binary forms, with or without 23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions 24 * modification, are permitted provided that the following conditions
25 * are met: 25 * are met:
@@ -34,10 +34,10 @@
34 * Eric Young (eay@cryptsoft.com)" 34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library 35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-). 36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement: 38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 * 40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE. 51 * SUCH DAMAGE.
52 * 52 *
53 * The licence and distribution terms for any publically available version or 53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
@@ -63,7 +63,7 @@
63 * are met: 63 * are met:
64 * 64 *
65 * 1. Redistributions of source code must retain the above copyright 65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer. 66 * notice, this list of conditions and the following disclaimer.
67 * 67 *
68 * 2. Redistributions in binary form must reproduce the above copyright 68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in 69 * notice, this list of conditions and the following disclaimer in
@@ -159,256 +159,258 @@ static int set_multi_opts(unsigned long *flags, const char *arg, const NAME_EX_T
159 159
160#if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_RSA) 160#if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_RSA)
161/* Looks like this stuff is worth moving into separate function */ 161/* Looks like this stuff is worth moving into separate function */
162static EVP_PKEY * 162static EVP_PKEY *load_netscape_key(BIO *err, BIO *key, const char *file,
163load_netscape_key(BIO *err, BIO *key, const char *file, 163 const char *key_descrip, int format);
164 const char *key_descrip, int format);
165#endif 164#endif
166 165
167int app_init(long mesgwin); 166int app_init(long mesgwin);
168#ifdef undef /* never finished - probably never will be :-) */ 167#ifdef undef /* never finished - probably never will be :-) */
169int args_from_file(char *file, int *argc, char **argv[]) 168int
170 { 169args_from_file(char *file, int *argc, char **argv[])
170{
171 FILE *fp; 171 FILE *fp;
172 int num,i; 172 int num, i;
173 unsigned int len; 173 unsigned int len;
174 static char *buf=NULL; 174 static char *buf = NULL;
175 static char **arg=NULL; 175 static char **arg = NULL;
176 char *p; 176 char *p;
177 177
178 fp=fopen(file,"r"); 178 fp = fopen(file, "r");
179 if (fp == NULL) 179 if (fp == NULL)
180 return(0); 180 return (0);
181 181
182 if (fseek(fp,0,SEEK_END)==0) 182 if (fseek(fp, 0, SEEK_END) == 0)
183 len=ftell(fp), rewind(fp); 183 len = ftell(fp), rewind(fp);
184 else len=-1; 184 else
185 if (len<=0) 185 len = -1;
186 { 186 if (len <= 0) {
187 fclose(fp); 187 fclose(fp);
188 return(0); 188 return (0);
189 } 189 }
190 190
191 *argc=0; 191 *argc = 0;
192 *argv=NULL; 192 *argv = NULL;
193 193
194 if (buf != NULL) OPENSSL_free(buf); 194 if (buf != NULL) OPENSSL_free(buf);
195 buf=(char *)OPENSSL_malloc(len+1); 195 buf = (char *)OPENSSL_malloc(len + 1);
196 if (buf == NULL) return(0); 196 if (buf == NULL)
197 return (0);
197 198
198 len=fread(buf,1,len,fp); 199 len = fread(buf, 1, len, fp);
199 if (len <= 1) return(0); 200 if (len <= 1) return (0);
200 buf[len]='\0'; 201 buf[len] = '\0';
201 202
202 i=0; 203 i = 0;
203 for (p=buf; *p; p++) 204 for (p = buf; *p; p++)
204 if (*p == '\n') i++; 205 if (*p == '\n')
206 i++;
205 if (arg != NULL) OPENSSL_free(arg); 207 if (arg != NULL) OPENSSL_free(arg);
206 arg=(char **)OPENSSL_malloc(sizeof(char *)*(i*2)); 208 arg = (char **)OPENSSL_malloc(sizeof(char *)*(i*2));
207 209
208 *argv=arg; 210 *argv = arg;
209 num=0; 211 num = 0;
210 p=buf; 212 p = buf;
211 for (;;) 213 for (;;) {
212 { 214 if (!*p)
213 if (!*p) break; 215 break;
214 if (*p == '#') /* comment line */ 216 if (*p == '#') /* comment line */
215 { 217 {
216 while (*p && (*p != '\n')) p++; 218 while (*p && (*p != '\n'))
219 p++;
217 continue; 220 continue;
218 } 221 }
219 /* else we have a line */ 222 /* else we have a line */
220 *(arg++)=p; 223 *(arg++) = p;
221 num++; 224 num++;
222 while (*p && ((*p != ' ') && (*p != '\t') && (*p != '\n'))) 225 while (*p && ((*p != ' ') && (*p != '\t') && (*p != '\n')))
223 p++; 226 p++;
224 if (!*p) break; 227 if (!*p)
225 if (*p == '\n') 228 break;
226 { 229 if (*p == '\n') {
227 *(p++)='\0'; 230 *(p++) = '\0';
228 continue; 231 continue;
229 } 232 }
230 /* else it is a tab or space */ 233 /* else it is a tab or space */
231 p++; 234 p++;
232 while (*p && ((*p == ' ') || (*p == '\t') || (*p == '\n'))) 235 while (*p && ((*p == ' ') || (*p == '\t') || (*p == '\n')))
233 p++; 236 p++;
234 if (!*p) break; 237 if (!*p)
235 if (*p == '\n') 238 break;
236 { 239 if (*p == '\n') {
237 p++; 240 p++;
238 continue; 241 continue;
239 } 242 }
240 *(arg++)=p++; 243 *(arg++) = p++;
241 num++; 244 num++;
242 while (*p && (*p != '\n')) p++; 245 while (*p && (*p != '\n'))
243 if (!*p) break; 246 p++;
247 if (!*p)
248 break;
244 /* else *p == '\n' */ 249 /* else *p == '\n' */
245 *(p++)='\0'; 250 *(p++) = '\0';
246 }
247 *argc=num;
248 return(1);
249 } 251 }
252 *argc = num;
253 return (1);
254}
250#endif 255#endif
251 256
252int str2fmt(char *s) 257int
253 { 258str2fmt(char *s)
259{
254 if (s == NULL) 260 if (s == NULL)
255 return FORMAT_UNDEF; 261 return FORMAT_UNDEF;
256 if ((*s == 'D') || (*s == 'd')) 262 if ((*s == 'D') || (*s == 'd'))
257 return(FORMAT_ASN1); 263 return (FORMAT_ASN1);
258 else if ((*s == 'T') || (*s == 't')) 264 else if ((*s == 'T') || (*s == 't'))
259 return(FORMAT_TEXT); 265 return (FORMAT_TEXT);
260 else if ((*s == 'N') || (*s == 'n')) 266 else if ((*s == 'N') || (*s == 'n'))
261 return(FORMAT_NETSCAPE); 267 return (FORMAT_NETSCAPE);
262 else if ((*s == 'S') || (*s == 's')) 268 else if ((*s == 'S') || (*s == 's'))
263 return(FORMAT_SMIME); 269 return (FORMAT_SMIME);
264 else if ((*s == 'M') || (*s == 'm')) 270 else if ((*s == 'M') || (*s == 'm'))
265 return(FORMAT_MSBLOB); 271 return (FORMAT_MSBLOB);
266 else if ((*s == '1') 272 else if ((*s == '1') ||
267 || (strcmp(s,"PKCS12") == 0) || (strcmp(s,"pkcs12") == 0) 273 (strcmp(s, "PKCS12") == 0) || (strcmp(s, "pkcs12") == 0) ||
268 || (strcmp(s,"P12") == 0) || (strcmp(s,"p12") == 0)) 274 (strcmp(s, "P12") == 0) || (strcmp(s, "p12") == 0))
269 return(FORMAT_PKCS12); 275 return (FORMAT_PKCS12);
270 else if ((*s == 'E') || (*s == 'e')) 276 else if ((*s == 'E') || (*s == 'e'))
271 return(FORMAT_ENGINE); 277 return (FORMAT_ENGINE);
272 else if ((*s == 'P') || (*s == 'p')) 278 else if ((*s == 'P') || (*s == 'p')) {
273 { 279 if (s[1] == 'V' || s[1] == 'v')
274 if (s[1] == 'V' || s[1] == 'v') 280 return FORMAT_PVK;
275 return FORMAT_PVK; 281 else
276 else 282 return (FORMAT_PEM);
277 return(FORMAT_PEM); 283 } else
278 } 284 return (FORMAT_UNDEF);
279 else 285}
280 return(FORMAT_UNDEF);
281 }
282 286
283#if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN16) || defined(OPENSSL_SYS_NETWARE) 287#if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN16) || defined(OPENSSL_SYS_NETWARE)
284void program_name(char *in, char *out, int size) 288void
285 { 289program_name(char *in, char *out, int size)
286 int i,n; 290{
287 char *p=NULL; 291 int i, n;
292 char *p = NULL;
288 293
289 n=strlen(in); 294 n = strlen(in);
290 /* find the last '/', '\' or ':' */ 295 /* find the last '/', '\' or ':' */
291 for (i=n-1; i>0; i--) 296 for (i = n - 1; i > 0; i--) {
292 { 297 if ((in[i] == '/') || (in[i] == '\\') || (in[i] == ':')) {
293 if ((in[i] == '/') || (in[i] == '\\') || (in[i] == ':')) 298 p = &(in[i + 1]);
294 {
295 p= &(in[i+1]);
296 break; 299 break;
297 }
298 } 300 }
301 }
299 if (p == NULL) 302 if (p == NULL)
300 p=in; 303 p = in;
301 n=strlen(p); 304 n = strlen(p);
302 305
303 /* strip off trailing .exe if present. */ 306 /* strip off trailing .exe if present. */
304 if ((n > 4) && (p[n-4] == '.') && 307 if ((n > 4) && (p[n - 4] == '.') &&
305 ((p[n-3] == 'e') || (p[n-3] == 'E')) && 308 ((p[n - 3] == 'e') || (p[n - 3] == 'E')) &&
306 ((p[n-2] == 'x') || (p[n-2] == 'X')) && 309 ((p[n - 2] == 'x') || (p[n - 2] == 'X')) &&
307 ((p[n-1] == 'e') || (p[n-1] == 'E'))) 310 ((p[n - 1] == 'e') || (p[n - 1] == 'E')))
308 n-=4; 311 n -= 4;
309 312
310 if (n > size-1) 313 if (n > size - 1)
311 n=size-1; 314 n = size - 1;
312 315
313 for (i=0; i<n; i++) 316 for (i = 0; i < n; i++) {
314 {
315 if ((p[i] >= 'A') && (p[i] <= 'Z')) 317 if ((p[i] >= 'A') && (p[i] <= 'Z'))
316 out[i]=p[i]-'A'+'a'; 318 out[i] = p[i] - 'A' + 'a';
317 else 319 else
318 out[i]=p[i]; 320 out[i] = p[i];
319 }
320 out[n]='\0';
321 } 321 }
322 out[n] = '\0';
323}
322#else 324#else
323void program_name(char *in, char *out, int size) 325void
324 { 326program_name(char *in, char *out, int size)
327{
325 char *p; 328 char *p;
326 329
327 p=strrchr(in,'/'); 330 p = strrchr(in, '/');
328 if (p != NULL) 331 if (p != NULL)
329 p++; 332 p++;
330 else 333 else
331 p=in; 334 p = in;
332 BUF_strlcpy(out,p,size); 335 BUF_strlcpy(out, p, size);
333 } 336}
334#endif 337#endif
335 338
336int chopup_args(ARGS *arg, char *buf, int *argc, char **argv[]) 339int
337 { 340chopup_args(ARGS *arg, char *buf, int *argc, char **argv[])
338 int num,i; 341{
342 int num, i;
339 char *p; 343 char *p;
340 344
341 *argc=0; 345 *argc = 0;
342 *argv=NULL; 346 *argv = NULL;
343 347
344 i=0; 348 i = 0;
345 if (arg->count == 0) 349 if (arg->count == 0) {
346 { 350 arg->count = 20;
347 arg->count=20; 351 arg->data = (char **)OPENSSL_malloc(sizeof(char *)*arg->count);
348 arg->data=(char **)OPENSSL_malloc(sizeof(char *)*arg->count); 352 }
349 } 353 for (i = 0; i < arg->count; i++)
350 for (i=0; i<arg->count; i++) 354 arg->data[i] = NULL;
351 arg->data[i]=NULL;
352 355
353 num=0; 356 num = 0;
354 p=buf; 357 p = buf;
355 for (;;) 358 for (;;) {
356 {
357 /* first scan over white space */ 359 /* first scan over white space */
358 if (!*p) break; 360 if (!*p)
361 break;
359 while (*p && ((*p == ' ') || (*p == '\t') || (*p == '\n'))) 362 while (*p && ((*p == ' ') || (*p == '\t') || (*p == '\n')))
360 p++; 363 p++;
361 if (!*p) break; 364 if (!*p)
365 break;
362 366
363 /* The start of something good :-) */ 367 /* The start of something good :-) */
364 if (num >= arg->count) 368 if (num >= arg->count) {
365 {
366 char **tmp_p; 369 char **tmp_p;
367 int tlen = arg->count + 20; 370 int tlen = arg->count + 20;
368 tmp_p = (char **)OPENSSL_realloc(arg->data, 371 tmp_p = (char **)OPENSSL_realloc(arg->data,
369 sizeof(char *)*tlen); 372 sizeof(char *)*tlen);
370 if (tmp_p == NULL) 373 if (tmp_p == NULL)
371 return 0; 374 return 0;
372 arg->data = tmp_p; 375 arg->data = tmp_p;
373 arg->count = tlen; 376 arg->count = tlen;
374 /* initialize newly allocated data */ 377 /* initialize newly allocated data */
375 for (i = num; i < arg->count; i++) 378 for (i = num; i < arg->count; i++)
376 arg->data[i] = NULL; 379 arg->data[i] = NULL;
377 } 380 }
378 arg->data[num++]=p; 381 arg->data[num++] = p;
379 382
380 /* now look for the end of this */ 383 /* now look for the end of this */
381 if ((*p == '\'') || (*p == '\"')) /* scan for closing quote */ 384 if ((*p == '\'') || (*p == '\"')) /* scan for closing quote */
382 { 385 {
383 i= *(p++); 386 i= *(p++);
384 arg->data[num-1]++; /* jump over quote */ 387 arg->data[num-1]++; /* jump over quote */
385 while (*p && (*p != i)) 388 while (*p && (*p != i))
386 p++; 389 p++;
387 *p='\0'; 390 *p = '\0';
388 } 391 } else {
389 else
390 {
391 while (*p && ((*p != ' ') && 392 while (*p && ((*p != ' ') &&
392 (*p != '\t') && (*p != '\n'))) 393 (*p != '\t') && (*p != '\n')))
393 p++; 394 p++;
394 395
395 if (*p == '\0') 396 if (*p == '\0')
396 p--; 397 p--;
397 else 398 else
398 *p='\0'; 399 *p = '\0';
399 }
400 p++;
401 } 400 }
402 *argc=num; 401 p++;
403 *argv=arg->data;
404 return(1);
405 } 402 }
403 *argc = num;
404 *argv = arg->data;
405 return (1);
406}
406 407
407#ifndef APP_INIT 408#ifndef APP_INIT
408int app_init(long mesgwin) 409int
409 { 410app_init(long mesgwin)
410 return(1); 411{
411 } 412 return (1);
413}
412#endif 414#endif
413 415
414 416
@@ -416,209 +418,212 @@ int dump_cert_text (BIO *out, X509 *x)
416{ 418{
417 char *p; 419 char *p;
418 420
419 p=X509_NAME_oneline(X509_get_subject_name(x),NULL,0); 421 p = X509_NAME_oneline(X509_get_subject_name(x), NULL, 0);
420 BIO_puts(out,"subject="); 422 BIO_puts(out, "subject=");
421 BIO_puts(out,p); 423 BIO_puts(out, p);
422 OPENSSL_free(p); 424 OPENSSL_free(p);
423 425
424 p=X509_NAME_oneline(X509_get_issuer_name(x),NULL,0); 426 p = X509_NAME_oneline(X509_get_issuer_name(x), NULL, 0);
425 BIO_puts(out,"\nissuer="); 427 BIO_puts(out, "\nissuer=");
426 BIO_puts(out,p); 428 BIO_puts(out, p);
427 BIO_puts(out,"\n"); 429 BIO_puts(out, "\n");
428 OPENSSL_free(p); 430 OPENSSL_free(p);
429 431
430 return 0; 432 return 0;
431} 433}
432 434
433static int ui_open(UI *ui) 435static int
434 { 436ui_open(UI *ui)
437{
435 return UI_method_get_opener(UI_OpenSSL())(ui); 438 return UI_method_get_opener(UI_OpenSSL())(ui);
436 } 439}
437static int ui_read(UI *ui, UI_STRING *uis) 440
438 { 441static int
439 if (UI_get_input_flags(uis) & UI_INPUT_FLAG_DEFAULT_PWD 442ui_read(UI *ui, UI_STRING *uis)
440 && UI_get0_user_data(ui)) 443{
441 { 444 if (UI_get_input_flags(uis) & UI_INPUT_FLAG_DEFAULT_PWD &&
442 switch(UI_get_string_type(uis)) 445 UI_get0_user_data(ui)) {
443 { 446 switch (UI_get_string_type(uis)) {
444 case UIT_PROMPT: 447 case UIT_PROMPT:
445 case UIT_VERIFY: 448 case UIT_VERIFY:
446 { 449 {
447 const char *password = 450 const char *password =
448 ((PW_CB_DATA *)UI_get0_user_data(ui))->password; 451 ((PW_CB_DATA *)UI_get0_user_data(ui))->password;
449 if (password && password[0] != '\0') 452 if (password && password[0] != '\0') {
450 { 453 UI_set_result(ui, uis, password);
451 UI_set_result(ui, uis, password); 454 return 1;
452 return 1;
453 } 455 }
454 } 456 }
455 default: 457 default:
456 break; 458 break;
457 }
458 } 459 }
459 return UI_method_get_reader(UI_OpenSSL())(ui, uis);
460 } 460 }
461static int ui_write(UI *ui, UI_STRING *uis) 461 return UI_method_get_reader(UI_OpenSSL())(ui, uis);
462 { 462}
463 if (UI_get_input_flags(uis) & UI_INPUT_FLAG_DEFAULT_PWD 463
464 && UI_get0_user_data(ui)) 464static int
465 { 465ui_write(UI *ui, UI_STRING *uis)
466 switch(UI_get_string_type(uis)) 466{
467 { 467 if (UI_get_input_flags(uis) & UI_INPUT_FLAG_DEFAULT_PWD &&
468 UI_get0_user_data(ui)) {
469 switch (UI_get_string_type(uis)) {
468 case UIT_PROMPT: 470 case UIT_PROMPT:
469 case UIT_VERIFY: 471 case UIT_VERIFY:
470 { 472 {
471 const char *password = 473 const char *password =
472 ((PW_CB_DATA *)UI_get0_user_data(ui))->password; 474 ((PW_CB_DATA *)UI_get0_user_data(ui))->password;
473 if (password && password[0] != '\0') 475 if (password && password[0] != '\0')
474 return 1; 476 return 1;
475 } 477 }
476 default: 478 default:
477 break; 479 break;
478 }
479 } 480 }
480 return UI_method_get_writer(UI_OpenSSL())(ui, uis);
481 } 481 }
482static int ui_close(UI *ui) 482 return UI_method_get_writer(UI_OpenSSL())(ui, uis);
483 { 483}
484
485static int
486ui_close(UI *ui)
487{
484 return UI_method_get_closer(UI_OpenSSL())(ui); 488 return UI_method_get_closer(UI_OpenSSL())(ui);
485 } 489}
486int setup_ui_method(void) 490
487 { 491int
492setup_ui_method(void)
493{
488 ui_method = UI_create_method("OpenSSL application user interface"); 494 ui_method = UI_create_method("OpenSSL application user interface");
489 UI_method_set_opener(ui_method, ui_open); 495 UI_method_set_opener(ui_method, ui_open);
490 UI_method_set_reader(ui_method, ui_read); 496 UI_method_set_reader(ui_method, ui_read);
491 UI_method_set_writer(ui_method, ui_write); 497 UI_method_set_writer(ui_method, ui_write);
492 UI_method_set_closer(ui_method, ui_close); 498 UI_method_set_closer(ui_method, ui_close);
493 return 0; 499 return 0;
494 } 500}
495void destroy_ui_method(void) 501
496 { 502void
497 if(ui_method) 503destroy_ui_method(void)
498 { 504{
505 if (ui_method) {
499 UI_destroy_method(ui_method); 506 UI_destroy_method(ui_method);
500 ui_method = NULL; 507 ui_method = NULL;
501 }
502 } 508 }
503int password_callback(char *buf, int bufsiz, int verify, 509}
504 PW_CB_DATA *cb_tmp) 510
505 { 511int
512password_callback(char *buf, int bufsiz, int verify,
513 PW_CB_DATA *cb_tmp)
514{
506 UI *ui = NULL; 515 UI *ui = NULL;
507 int res = 0; 516 int res = 0;
508 const char *prompt_info = NULL; 517 const char *prompt_info = NULL;
509 const char *password = NULL; 518 const char *password = NULL;
510 PW_CB_DATA *cb_data = (PW_CB_DATA *)cb_tmp; 519 PW_CB_DATA *cb_data = (PW_CB_DATA *)cb_tmp;
511 520
512 if (cb_data) 521 if (cb_data) {
513 {
514 if (cb_data->password) 522 if (cb_data->password)
515 password = cb_data->password; 523 password = cb_data->password;
516 if (cb_data->prompt_info) 524 if (cb_data->prompt_info)
517 prompt_info = cb_data->prompt_info; 525 prompt_info = cb_data->prompt_info;
518 } 526 }
519 527
520 if (password) 528 if (password) {
521 {
522 res = strlen(password); 529 res = strlen(password);
523 if (res > bufsiz) 530 if (res > bufsiz)
524 res = bufsiz; 531 res = bufsiz;
525 memcpy(buf, password, res); 532 memcpy(buf, password, res);
526 return res; 533 return res;
527 } 534 }
528 535
529 ui = UI_new_method(ui_method); 536 ui = UI_new_method(ui_method);
530 if (ui) 537 if (ui) {
531 {
532 int ok = 0; 538 int ok = 0;
533 char *buff = NULL; 539 char *buff = NULL;
534 int ui_flags = 0; 540 int ui_flags = 0;
535 char *prompt = NULL; 541 char *prompt = NULL;
536 542
537 prompt = UI_construct_prompt(ui, "pass phrase", 543 prompt = UI_construct_prompt(ui, "pass phrase",
538 prompt_info); 544 prompt_info);
539 545
540 ui_flags |= UI_INPUT_FLAG_DEFAULT_PWD; 546 ui_flags |= UI_INPUT_FLAG_DEFAULT_PWD;
541 UI_ctrl(ui, UI_CTRL_PRINT_ERRORS, 1, 0, 0); 547 UI_ctrl(ui, UI_CTRL_PRINT_ERRORS, 1, 0, 0);
542 548
543 if (ok >= 0) 549 if (ok >= 0)
544 ok = UI_add_input_string(ui,prompt,ui_flags,buf, 550 ok = UI_add_input_string(ui, prompt, ui_flags, buf,
545 PW_MIN_LENGTH,bufsiz-1); 551 PW_MIN_LENGTH, bufsiz - 1);
546 if (ok >= 0 && verify) 552 if (ok >= 0 && verify) {
547 {
548 buff = (char *)OPENSSL_malloc(bufsiz); 553 buff = (char *)OPENSSL_malloc(bufsiz);
549 ok = UI_add_verify_string(ui,prompt,ui_flags,buff, 554 ok = UI_add_verify_string(ui, prompt, ui_flags, buff,
550 PW_MIN_LENGTH,bufsiz-1, buf); 555 PW_MIN_LENGTH, bufsiz - 1, buf);
551 } 556 }
552 if (ok >= 0) 557 if (ok >= 0)
553 do 558 do {
554 {
555 ok = UI_process(ui); 559 ok = UI_process(ui);
556 } 560 } while (ok < 0 &&
557 while (ok < 0 && UI_ctrl(ui, UI_CTRL_IS_REDOABLE, 0, 0, 0)); 561 UI_ctrl(ui, UI_CTRL_IS_REDOABLE, 0, 0, 0));
558 562
559 if (buff) 563 if (buff) {
560 { 564 OPENSSL_cleanse(buff, (unsigned int)bufsiz);
561 OPENSSL_cleanse(buff,(unsigned int)bufsiz);
562 OPENSSL_free(buff); 565 OPENSSL_free(buff);
563 } 566 }
564 567
565 if (ok >= 0) 568 if (ok >= 0)
566 res = strlen(buf); 569 res = strlen(buf);
567 if (ok == -1) 570 if (ok == -1) {
568 {
569 BIO_printf(bio_err, "User interface error\n"); 571 BIO_printf(bio_err, "User interface error\n");
570 ERR_print_errors(bio_err); 572 ERR_print_errors(bio_err);
571 OPENSSL_cleanse(buf,(unsigned int)bufsiz); 573 OPENSSL_cleanse(buf, (unsigned int)bufsiz);
572 res = 0; 574 res = 0;
573 } 575 }
574 if (ok == -2) 576 if (ok == -2) {
575 { 577 BIO_printf(bio_err, "aborted!\n");
576 BIO_printf(bio_err,"aborted!\n"); 578 OPENSSL_cleanse(buf, (unsigned int)bufsiz);
577 OPENSSL_cleanse(buf,(unsigned int)bufsiz);
578 res = 0; 579 res = 0;
579 } 580 }
580 UI_free(ui); 581 UI_free(ui);
581 OPENSSL_free(prompt); 582 OPENSSL_free(prompt);
582 }
583 return res;
584 } 583 }
584 return res;
585}
585 586
586static char *app_get_pass(BIO *err, char *arg, int keepbio); 587static char *app_get_pass(BIO *err, char *arg, int keepbio);
587 588
588int app_passwd(BIO *err, char *arg1, char *arg2, char **pass1, char **pass2) 589int
590app_passwd(BIO *err, char *arg1, char *arg2, char **pass1, char **pass2)
589{ 591{
590 int same; 592 int same;
591 if(!arg2 || !arg1 || strcmp(arg1, arg2)) same = 0; 593 if (!arg2 || !arg1 || strcmp(arg1, arg2)) same = 0;
592 else same = 1; 594 else
593 if(arg1) { 595 same = 1;
596 if (arg1) {
594 *pass1 = app_get_pass(err, arg1, same); 597 *pass1 = app_get_pass(err, arg1, same);
595 if(!*pass1) return 0; 598 if (!*pass1) return 0;
596 } else if(pass1) *pass1 = NULL; 599 } else if (pass1) *pass1 = NULL;
597 if(arg2) { 600 if (arg2) {
598 *pass2 = app_get_pass(err, arg2, same ? 2 : 0); 601 *pass2 = app_get_pass(err, arg2, same ? 2 : 0);
599 if(!*pass2) return 0; 602 if (!*pass2) return 0;
600 } else if(pass2) *pass2 = NULL; 603 } else if (pass2) *pass2 = NULL;
601 return 1; 604 return 1;
602} 605}
603 606
604static char *app_get_pass(BIO *err, char *arg, int keepbio) 607static char *
608app_get_pass(BIO *err, char *arg, int keepbio)
605{ 609{
606 char *tmp, tpass[APP_PASS_LEN]; 610 char *tmp, tpass[APP_PASS_LEN];
607 static BIO *pwdbio = NULL; 611 static BIO *pwdbio = NULL;
608 int i; 612 int i;
609 if(!strncmp(arg, "pass:", 5)) return BUF_strdup(arg + 5); 613 if (!strncmp(arg, "pass:", 5))
610 if(!strncmp(arg, "env:", 4)) { 614 return BUF_strdup(arg + 5);
615 if (!strncmp(arg, "env:", 4)) {
611 tmp = getenv(arg + 4); 616 tmp = getenv(arg + 4);
612 if(!tmp) { 617 if (!tmp) {
613 BIO_printf(err, "Can't read environment variable %s\n", arg + 4); 618 BIO_printf(err, "Can't read environment variable %s\n", arg + 4);
614 return NULL; 619 return NULL;
615 } 620 }
616 return BUF_strdup(tmp); 621 return BUF_strdup(tmp);
617 } 622 }
618 if(!keepbio || !pwdbio) { 623 if (!keepbio || !pwdbio) {
619 if(!strncmp(arg, "file:", 5)) { 624 if (!strncmp(arg, "file:", 5)) {
620 pwdbio = BIO_new_file(arg + 5, "r"); 625 pwdbio = BIO_new_file(arg + 5, "r");
621 if(!pwdbio) { 626 if (!pwdbio) {
622 BIO_printf(err, "Can't open file %s\n", arg + 5); 627 BIO_printf(err, "Can't open file %s\n", arg + 5);
623 return NULL; 628 return NULL;
624 } 629 }
@@ -631,11 +636,11 @@ static char *app_get_pass(BIO *err, char *arg, int keepbio)
631 * on real Windows descriptors, such as those obtained 636 * on real Windows descriptors, such as those obtained
632 * with CreateFile. 637 * with CreateFile.
633 */ 638 */
634 } else if(!strncmp(arg, "fd:", 3)) { 639 } else if (!strncmp(arg, "fd:", 3)) {
635 BIO *btmp; 640 BIO *btmp;
636 i = atoi(arg + 3); 641 i = atoi(arg + 3);
637 if(i >= 0) pwdbio = BIO_new_fd(i, BIO_NOCLOSE); 642 if (i >= 0) pwdbio = BIO_new_fd(i, BIO_NOCLOSE);
638 if((i < 0) || !pwdbio) { 643 if ((i < 0) || !pwdbio) {
639 BIO_printf(err, "Can't access file descriptor %s\n", arg + 3); 644 BIO_printf(err, "Can't access file descriptor %s\n", arg + 3);
640 return NULL; 645 return NULL;
641 } 646 }
@@ -643,9 +648,9 @@ static char *app_get_pass(BIO *err, char *arg, int keepbio)
643 btmp = BIO_new(BIO_f_buffer()); 648 btmp = BIO_new(BIO_f_buffer());
644 pwdbio = BIO_push(btmp, pwdbio); 649 pwdbio = BIO_push(btmp, pwdbio);
645#endif 650#endif
646 } else if(!strcmp(arg, "stdin")) { 651 } else if (!strcmp(arg, "stdin")) {
647 pwdbio = BIO_new_fp(stdin, BIO_NOCLOSE); 652 pwdbio = BIO_new_fp(stdin, BIO_NOCLOSE);
648 if(!pwdbio) { 653 if (!pwdbio) {
649 BIO_printf(err, "Can't open BIO for stdin\n"); 654 BIO_printf(err, "Can't open BIO for stdin\n");
650 return NULL; 655 return NULL;
651 } 656 }
@@ -655,353 +660,311 @@ static char *app_get_pass(BIO *err, char *arg, int keepbio)
655 } 660 }
656 } 661 }
657 i = BIO_gets(pwdbio, tpass, APP_PASS_LEN); 662 i = BIO_gets(pwdbio, tpass, APP_PASS_LEN);
658 if(keepbio != 1) { 663 if (keepbio != 1) {
659 BIO_free_all(pwdbio); 664 BIO_free_all(pwdbio);
660 pwdbio = NULL; 665 pwdbio = NULL;
661 } 666 }
662 if(i <= 0) { 667 if (i <= 0) {
663 BIO_printf(err, "Error reading password from BIO\n"); 668 BIO_printf(err, "Error reading password from BIO\n");
664 return NULL; 669 return NULL;
665 } 670 }
666 tmp = strchr(tpass, '\n'); 671 tmp = strchr(tpass, '\n');
667 if(tmp) *tmp = 0; 672 if (tmp) *tmp = 0;
668 return BUF_strdup(tpass); 673 return BUF_strdup(tpass);
669} 674}
670 675
671int add_oid_section(BIO *err, CONF *conf) 676int
672{ 677add_oid_section(BIO *err, CONF *conf)
678{
673 char *p; 679 char *p;
674 STACK_OF(CONF_VALUE) *sktmp; 680 STACK_OF(CONF_VALUE) *sktmp;
675 CONF_VALUE *cnf; 681 CONF_VALUE *cnf;
676 int i; 682 int i;
677 if(!(p=NCONF_get_string(conf,NULL,"oid_section"))) 683 if (!(p = NCONF_get_string(conf, NULL, "oid_section"))) {
678 {
679 ERR_clear_error(); 684 ERR_clear_error();
680 return 1; 685 return 1;
681 } 686 }
682 if(!(sktmp = NCONF_get_section(conf, p))) { 687 if (!(sktmp = NCONF_get_section(conf, p))) {
683 BIO_printf(err, "problem loading oid section %s\n", p); 688 BIO_printf(err, "problem loading oid section %s\n", p);
684 return 0; 689 return 0;
685 } 690 }
686 for(i = 0; i < sk_CONF_VALUE_num(sktmp); i++) { 691 for (i = 0; i < sk_CONF_VALUE_num(sktmp); i++) {
687 cnf = sk_CONF_VALUE_value(sktmp, i); 692 cnf = sk_CONF_VALUE_value(sktmp, i);
688 if(OBJ_create(cnf->value, cnf->name, cnf->name) == NID_undef) { 693 if (OBJ_create(cnf->value, cnf->name, cnf->name) == NID_undef) {
689 BIO_printf(err, "problem creating object %s=%s\n", 694 BIO_printf(err, "problem creating object %s=%s\n",
690 cnf->name, cnf->value); 695 cnf->name, cnf->value);
691 return 0; 696 return 0;
692 } 697 }
693 } 698 }
694 return 1; 699 return 1;
695} 700}
696 701
697static int load_pkcs12(BIO *err, BIO *in, const char *desc, 702static int
698 pem_password_cb *pem_cb, void *cb_data, 703load_pkcs12(BIO *err, BIO *in, const char *desc, pem_password_cb *pem_cb,
699 EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca) 704 void *cb_data, EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca)
700 { 705{
701 const char *pass; 706 const char *pass;
702 char tpass[PEM_BUFSIZE]; 707 char tpass[PEM_BUFSIZE];
703 int len, ret = 0; 708 int len, ret = 0;
704 PKCS12 *p12; 709 PKCS12 *p12;
705 p12 = d2i_PKCS12_bio(in, NULL); 710 p12 = d2i_PKCS12_bio(in, NULL);
706 if (p12 == NULL) 711 if (p12 == NULL) {
707 { 712 BIO_printf(err, "Error loading PKCS12 file for %s\n", desc);
708 BIO_printf(err, "Error loading PKCS12 file for %s\n", desc);
709 goto die; 713 goto die;
710 } 714 }
711 /* See if an empty password will do */ 715 /* See if an empty password will do */
712 if (PKCS12_verify_mac(p12, "", 0) || PKCS12_verify_mac(p12, NULL, 0)) 716 if (PKCS12_verify_mac(p12, "", 0) || PKCS12_verify_mac(p12, NULL, 0))
713 pass = ""; 717 pass = "";
714 else 718 else {
715 {
716 if (!pem_cb) 719 if (!pem_cb)
717 pem_cb = (pem_password_cb *)password_callback; 720 pem_cb = (pem_password_cb *)password_callback;
718 len = pem_cb(tpass, PEM_BUFSIZE, 0, cb_data); 721 len = pem_cb(tpass, PEM_BUFSIZE, 0, cb_data);
719 if (len < 0) 722 if (len < 0) {
720 {
721 BIO_printf(err, "Passpharse callback error for %s\n", 723 BIO_printf(err, "Passpharse callback error for %s\n",
722 desc); 724 desc);
723 goto die; 725 goto die;
724 } 726 }
725 if (len < PEM_BUFSIZE) 727 if (len < PEM_BUFSIZE)
726 tpass[len] = 0; 728 tpass[len] = 0;
727 if (!PKCS12_verify_mac(p12, tpass, len)) 729 if (!PKCS12_verify_mac(p12, tpass, len)) {
728 {
729 BIO_printf(err, 730 BIO_printf(err,
730 "Mac verify error (wrong password?) in PKCS12 file for %s\n", desc); 731 "Mac verify error (wrong password?) in PKCS12 file for %s\n", desc);
731 goto die; 732 goto die;
732 }
733 pass = tpass;
734 } 733 }
734 pass = tpass;
735 }
735 ret = PKCS12_parse(p12, pass, pkey, cert, ca); 736 ret = PKCS12_parse(p12, pass, pkey, cert, ca);
736 die: 737die:
737 if (p12) 738 if (p12)
738 PKCS12_free(p12); 739 PKCS12_free(p12);
739 return ret; 740 return ret;
740 } 741}
741 742
742X509 *load_cert(BIO *err, const char *file, int format, 743X509 *
743 const char *pass, ENGINE *e, const char *cert_descrip) 744load_cert(BIO *err, const char *file, int format, const char *pass, ENGINE *e,
744 { 745 const char *cert_descrip)
745 X509 *x=NULL; 746{
747 X509 *x = NULL;
746 BIO *cert; 748 BIO *cert;
747 749
748 if ((cert=BIO_new(BIO_s_file())) == NULL) 750 if ((cert = BIO_new(BIO_s_file())) == NULL) {
749 {
750 ERR_print_errors(err); 751 ERR_print_errors(err);
751 goto end; 752 goto end;
752 } 753 }
753 754
754 if (file == NULL) 755 if (file == NULL) {
755 {
756#ifdef _IONBF 756#ifdef _IONBF
757# ifndef OPENSSL_NO_SETVBUF_IONBF 757# ifndef OPENSSL_NO_SETVBUF_IONBF
758 setvbuf(stdin, NULL, _IONBF, 0); 758 setvbuf(stdin, NULL, _IONBF, 0);
759# endif /* ndef OPENSSL_NO_SETVBUF_IONBF */ 759# endif /* ndef OPENSSL_NO_SETVBUF_IONBF */
760#endif 760#endif
761 BIO_set_fp(cert,stdin,BIO_NOCLOSE); 761 BIO_set_fp(cert, stdin, BIO_NOCLOSE);
762 } 762 } else {
763 else 763 if (BIO_read_filename(cert, file) <= 0) {
764 {
765 if (BIO_read_filename(cert,file) <= 0)
766 {
767 BIO_printf(err, "Error opening %s %s\n", 764 BIO_printf(err, "Error opening %s %s\n",
768 cert_descrip, file); 765 cert_descrip, file);
769 ERR_print_errors(err); 766 ERR_print_errors(err);
770 goto end; 767 goto end;
771 }
772 } 768 }
769 }
773 770
774 if (format == FORMAT_ASN1) 771 if (format == FORMAT_ASN1)
775 x=d2i_X509_bio(cert,NULL); 772 x = d2i_X509_bio(cert, NULL);
776 else if (format == FORMAT_NETSCAPE) 773 else if (format == FORMAT_NETSCAPE) {
777 {
778 NETSCAPE_X509 *nx; 774 NETSCAPE_X509 *nx;
779 nx=ASN1_item_d2i_bio(ASN1_ITEM_rptr(NETSCAPE_X509),cert,NULL); 775 nx = ASN1_item_d2i_bio(ASN1_ITEM_rptr(NETSCAPE_X509), cert, NULL);
780 if (nx == NULL) 776 if (nx == NULL)
781 goto end; 777 goto end;
782 778
783 if ((strncmp(NETSCAPE_CERT_HDR,(char *)nx->header->data, 779 if ((strncmp(NETSCAPE_CERT_HDR, (char *)nx->header->data,
784 nx->header->length) != 0)) 780 nx->header->length) != 0)) {
785 {
786 NETSCAPE_X509_free(nx); 781 NETSCAPE_X509_free(nx);
787 BIO_printf(err,"Error reading header on certificate\n"); 782 BIO_printf(err, "Error reading header on certificate\n");
788 goto end; 783 goto end;
789 } 784 }
790 x=nx->cert; 785 x = nx->cert;
791 nx->cert = NULL; 786 nx->cert = NULL;
792 NETSCAPE_X509_free(nx); 787 NETSCAPE_X509_free(nx);
793 } 788 } else if (format == FORMAT_PEM)
794 else if (format == FORMAT_PEM) 789 x = PEM_read_bio_X509_AUX(cert, NULL,
795 x=PEM_read_bio_X509_AUX(cert,NULL, 790 (pem_password_cb *)password_callback, NULL);
796 (pem_password_cb *)password_callback, NULL); 791 else if (format == FORMAT_PKCS12) {
797 else if (format == FORMAT_PKCS12) 792 if (!load_pkcs12(err, cert, cert_descrip, NULL, NULL,
798 { 793 NULL, &x, NULL))
799 if (!load_pkcs12(err, cert,cert_descrip, NULL, NULL,
800 NULL, &x, NULL))
801 goto end; 794 goto end;
802 } 795 } else {
803 else { 796 BIO_printf(err, "bad input format specified for %s\n",
804 BIO_printf(err,"bad input format specified for %s\n", 797 cert_descrip);
805 cert_descrip);
806 goto end; 798 goto end;
807 } 799 }
808end: 800end:
809 if (x == NULL) 801 if (x == NULL) {
810 { 802 BIO_printf(err, "unable to load certificate\n");
811 BIO_printf(err,"unable to load certificate\n");
812 ERR_print_errors(err); 803 ERR_print_errors(err);
813 }
814 if (cert != NULL) BIO_free(cert);
815 return(x);
816 } 804 }
805 if (cert != NULL) BIO_free(cert);
806 return (x);
807}
817 808
818EVP_PKEY *load_key(BIO *err, const char *file, int format, int maybe_stdin, 809EVP_PKEY *
819 const char *pass, ENGINE *e, const char *key_descrip) 810load_key(BIO *err, const char *file, int format, int maybe_stdin,
820 { 811 const char *pass, ENGINE *e, const char *key_descrip)
821 BIO *key=NULL; 812{
822 EVP_PKEY *pkey=NULL; 813 BIO *key = NULL;
814 EVP_PKEY *pkey = NULL;
823 PW_CB_DATA cb_data; 815 PW_CB_DATA cb_data;
824 816
825 cb_data.password = pass; 817 cb_data.password = pass;
826 cb_data.prompt_info = file; 818 cb_data.prompt_info = file;
827 819
828 if (file == NULL && (!maybe_stdin || format == FORMAT_ENGINE)) 820 if (file == NULL && (!maybe_stdin || format == FORMAT_ENGINE)) {
829 { 821 BIO_printf(err, "no keyfile specified\n");
830 BIO_printf(err,"no keyfile specified\n");
831 goto end; 822 goto end;
832 } 823 }
833#ifndef OPENSSL_NO_ENGINE 824#ifndef OPENSSL_NO_ENGINE
834 if (format == FORMAT_ENGINE) 825 if (format == FORMAT_ENGINE) {
835 {
836 if (!e) 826 if (!e)
837 BIO_printf(err,"no engine specified\n"); 827 BIO_printf(err, "no engine specified\n");
838 else 828 else {
839 {
840 pkey = ENGINE_load_private_key(e, file, 829 pkey = ENGINE_load_private_key(e, file,
841 ui_method, &cb_data); 830 ui_method, &cb_data);
842 if (!pkey) 831 if (!pkey) {
843 { 832 BIO_printf(err, "cannot load %s from engine\n", key_descrip);
844 BIO_printf(err,"cannot load %s from engine\n",key_descrip);
845 ERR_print_errors(err); 833 ERR_print_errors(err);
846 }
847 } 834 }
848 goto end;
849 } 835 }
836 goto end;
837 }
850#endif 838#endif
851 key=BIO_new(BIO_s_file()); 839 key = BIO_new(BIO_s_file());
852 if (key == NULL) 840 if (key == NULL) {
853 {
854 ERR_print_errors(err); 841 ERR_print_errors(err);
855 goto end; 842 goto end;
856 } 843 }
857 if (file == NULL && maybe_stdin) 844 if (file == NULL && maybe_stdin) {
858 {
859#ifdef _IONBF 845#ifdef _IONBF
860# ifndef OPENSSL_NO_SETVBUF_IONBF 846# ifndef OPENSSL_NO_SETVBUF_IONBF
861 setvbuf(stdin, NULL, _IONBF, 0); 847 setvbuf(stdin, NULL, _IONBF, 0);
862# endif /* ndef OPENSSL_NO_SETVBUF_IONBF */ 848# endif /* ndef OPENSSL_NO_SETVBUF_IONBF */
863#endif 849#endif
864 BIO_set_fp(key,stdin,BIO_NOCLOSE); 850 BIO_set_fp(key, stdin, BIO_NOCLOSE);
865 } 851 } else if (BIO_read_filename(key, file) <= 0) {
866 else 852 BIO_printf(err, "Error opening %s %s\n",
867 if (BIO_read_filename(key,file) <= 0) 853 key_descrip, file);
868 { 854 ERR_print_errors(err);
869 BIO_printf(err, "Error opening %s %s\n", 855 goto end;
870 key_descrip, file); 856 }
871 ERR_print_errors(err); 857 if (format == FORMAT_ASN1) {
872 goto end; 858 pkey = d2i_PrivateKey_bio(key, NULL);
873 } 859 } else if (format == FORMAT_PEM) {
874 if (format == FORMAT_ASN1) 860 pkey = PEM_read_bio_PrivateKey(key, NULL,
875 { 861 (pem_password_cb *)password_callback, &cb_data);
876 pkey=d2i_PrivateKey_bio(key, NULL); 862 }
877 }
878 else if (format == FORMAT_PEM)
879 {
880 pkey=PEM_read_bio_PrivateKey(key,NULL,
881 (pem_password_cb *)password_callback, &cb_data);
882 }
883#if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_RSA) 863#if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_RSA)
884 else if (format == FORMAT_NETSCAPE || format == FORMAT_IISSGC) 864 else if (format == FORMAT_NETSCAPE || format == FORMAT_IISSGC)
885 pkey = load_netscape_key(err, key, file, key_descrip, format); 865 pkey = load_netscape_key(err, key, file, key_descrip, format);
886#endif 866#endif
887 else if (format == FORMAT_PKCS12) 867 else if (format == FORMAT_PKCS12) {
888 {
889 if (!load_pkcs12(err, key, key_descrip, 868 if (!load_pkcs12(err, key, key_descrip,
890 (pem_password_cb *)password_callback, &cb_data, 869 (pem_password_cb *)password_callback, &cb_data,
891 &pkey, NULL, NULL)) 870 &pkey, NULL, NULL))
892 goto end; 871 goto end;
893 } 872 }
894#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DSA) && !defined (OPENSSL_NO_RC4) 873#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DSA) && !defined (OPENSSL_NO_RC4)
895 else if (format == FORMAT_MSBLOB) 874 else if (format == FORMAT_MSBLOB)
896 pkey = b2i_PrivateKey_bio(key); 875 pkey = b2i_PrivateKey_bio(key);
897 else if (format == FORMAT_PVK) 876 else if (format == FORMAT_PVK)
898 pkey = b2i_PVK_bio(key, (pem_password_cb *)password_callback, 877 pkey = b2i_PVK_bio(key, (pem_password_cb *)password_callback,
899 &cb_data); 878 &cb_data);
900#endif 879#endif
901 else 880 else {
902 { 881 BIO_printf(err, "bad input format specified for key file\n");
903 BIO_printf(err,"bad input format specified for key file\n");
904 goto end; 882 goto end;
905 } 883 }
906 end: 884end:
907 if (key != NULL) BIO_free(key); 885 if (key != NULL)
908 if (pkey == NULL) 886 BIO_free(key);
909 { 887 if (pkey == NULL) {
910 BIO_printf(err,"unable to load %s\n", key_descrip); 888 BIO_printf(err, "unable to load %s\n", key_descrip);
911 ERR_print_errors(err); 889 ERR_print_errors(err);
912 }
913 return(pkey);
914 } 890 }
891 return (pkey);
892}
915 893
916EVP_PKEY *load_pubkey(BIO *err, const char *file, int format, int maybe_stdin, 894EVP_PKEY *
917 const char *pass, ENGINE *e, const char *key_descrip) 895load_pubkey(BIO *err, const char *file, int format, int maybe_stdin,
918 { 896 const char *pass, ENGINE *e, const char *key_descrip)
919 BIO *key=NULL; 897{
920 EVP_PKEY *pkey=NULL; 898 BIO *key = NULL;
899 EVP_PKEY *pkey = NULL;
921 PW_CB_DATA cb_data; 900 PW_CB_DATA cb_data;
922 901
923 cb_data.password = pass; 902 cb_data.password = pass;
924 cb_data.prompt_info = file; 903 cb_data.prompt_info = file;
925 904
926 if (file == NULL && (!maybe_stdin || format == FORMAT_ENGINE)) 905 if (file == NULL && (!maybe_stdin || format == FORMAT_ENGINE)) {
927 { 906 BIO_printf(err, "no keyfile specified\n");
928 BIO_printf(err,"no keyfile specified\n");
929 goto end; 907 goto end;
930 } 908 }
931#ifndef OPENSSL_NO_ENGINE 909#ifndef OPENSSL_NO_ENGINE
932 if (format == FORMAT_ENGINE) 910 if (format == FORMAT_ENGINE) {
933 {
934 if (!e) 911 if (!e)
935 BIO_printf(bio_err,"no engine specified\n"); 912 BIO_printf(bio_err, "no engine specified\n");
936 else 913 else
937 pkey = ENGINE_load_public_key(e, file, 914 pkey = ENGINE_load_public_key(e, file,
938 ui_method, &cb_data); 915 ui_method, &cb_data);
939 goto end; 916 goto end;
940 } 917 }
941#endif 918#endif
942 key=BIO_new(BIO_s_file()); 919 key = BIO_new(BIO_s_file());
943 if (key == NULL) 920 if (key == NULL) {
944 {
945 ERR_print_errors(err); 921 ERR_print_errors(err);
946 goto end; 922 goto end;
947 } 923 }
948 if (file == NULL && maybe_stdin) 924 if (file == NULL && maybe_stdin) {
949 {
950#ifdef _IONBF 925#ifdef _IONBF
951# ifndef OPENSSL_NO_SETVBUF_IONBF 926# ifndef OPENSSL_NO_SETVBUF_IONBF
952 setvbuf(stdin, NULL, _IONBF, 0); 927 setvbuf(stdin, NULL, _IONBF, 0);
953# endif /* ndef OPENSSL_NO_SETVBUF_IONBF */ 928# endif /* ndef OPENSSL_NO_SETVBUF_IONBF */
954#endif 929#endif
955 BIO_set_fp(key,stdin,BIO_NOCLOSE); 930 BIO_set_fp(key, stdin, BIO_NOCLOSE);
956 } 931 } else if (BIO_read_filename(key, file) <= 0) {
957 else 932 BIO_printf(err, "Error opening %s %s\n",
958 if (BIO_read_filename(key,file) <= 0) 933 key_descrip, file);
959 { 934 ERR_print_errors(err);
960 BIO_printf(err, "Error opening %s %s\n", 935 goto end;
961 key_descrip, file); 936 }
962 ERR_print_errors(err); 937 if (format == FORMAT_ASN1) {
963 goto end; 938 pkey = d2i_PUBKEY_bio(key, NULL);
964 } 939 }
965 if (format == FORMAT_ASN1)
966 {
967 pkey=d2i_PUBKEY_bio(key, NULL);
968 }
969#ifndef OPENSSL_NO_RSA 940#ifndef OPENSSL_NO_RSA
970 else if (format == FORMAT_ASN1RSA) 941 else if (format == FORMAT_ASN1RSA) {
971 {
972 RSA *rsa; 942 RSA *rsa;
973 rsa = d2i_RSAPublicKey_bio(key, NULL); 943 rsa = d2i_RSAPublicKey_bio(key, NULL);
974 if (rsa) 944 if (rsa) {
975 {
976 pkey = EVP_PKEY_new(); 945 pkey = EVP_PKEY_new();
977 if (pkey) 946 if (pkey)
978 EVP_PKEY_set1_RSA(pkey, rsa); 947 EVP_PKEY_set1_RSA(pkey, rsa);
979 RSA_free(rsa); 948 RSA_free(rsa);
980 } 949 } else
981 else
982 pkey = NULL; 950 pkey = NULL;
983 } 951 } else if (format == FORMAT_PEMRSA) {
984 else if (format == FORMAT_PEMRSA)
985 {
986 RSA *rsa; 952 RSA *rsa;
987 rsa = PEM_read_bio_RSAPublicKey(key, NULL, 953 rsa = PEM_read_bio_RSAPublicKey(key, NULL,
988 (pem_password_cb *)password_callback, &cb_data); 954 (pem_password_cb *)password_callback, &cb_data);
989 if (rsa) 955 if (rsa) {
990 {
991 pkey = EVP_PKEY_new(); 956 pkey = EVP_PKEY_new();
992 if (pkey) 957 if (pkey)
993 EVP_PKEY_set1_RSA(pkey, rsa); 958 EVP_PKEY_set1_RSA(pkey, rsa);
994 RSA_free(rsa); 959 RSA_free(rsa);
995 } 960 } else
996 else
997 pkey = NULL; 961 pkey = NULL;
998 } 962 }
999#endif 963#endif
1000 else if (format == FORMAT_PEM) 964 else if (format == FORMAT_PEM) {
1001 { 965 pkey = PEM_read_bio_PUBKEY(key, NULL,
1002 pkey=PEM_read_bio_PUBKEY(key,NULL, 966 (pem_password_cb *)password_callback, &cb_data);
1003 (pem_password_cb *)password_callback, &cb_data); 967 }
1004 }
1005#if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_RSA) 968#if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_RSA)
1006 else if (format == FORMAT_NETSCAPE || format == FORMAT_IISSGC) 969 else if (format == FORMAT_NETSCAPE || format == FORMAT_IISSGC)
1007 pkey = load_netscape_key(err, key, file, key_descrip, format); 970 pkey = load_netscape_key(err, key, file, key_descrip, format);
@@ -1010,52 +973,49 @@ EVP_PKEY *load_pubkey(BIO *err, const char *file, int format, int maybe_stdin,
1010 else if (format == FORMAT_MSBLOB) 973 else if (format == FORMAT_MSBLOB)
1011 pkey = b2i_PublicKey_bio(key); 974 pkey = b2i_PublicKey_bio(key);
1012#endif 975#endif
1013 else 976 else {
1014 { 977 BIO_printf(err, "bad input format specified for key file\n");
1015 BIO_printf(err,"bad input format specified for key file\n");
1016 goto end; 978 goto end;
1017 }
1018 end:
1019 if (key != NULL) BIO_free(key);
1020 if (pkey == NULL)
1021 BIO_printf(err,"unable to load %s\n", key_descrip);
1022 return(pkey);
1023 } 979 }
980end:
981 if (key != NULL) BIO_free(key);
982 if (pkey == NULL)
983 BIO_printf(err, "unable to load %s\n", key_descrip);
984 return (pkey);
985}
1024 986
1025#if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_RSA) 987#if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_RSA)
1026static EVP_PKEY * 988static EVP_PKEY *
1027load_netscape_key(BIO *err, BIO *key, const char *file, 989load_netscape_key(BIO *err, BIO *key, const char *file,
1028 const char *key_descrip, int format) 990 const char *key_descrip, int format)
1029 { 991{
1030 EVP_PKEY *pkey; 992 EVP_PKEY *pkey;
1031 BUF_MEM *buf; 993 BUF_MEM *buf;
1032 RSA *rsa; 994 RSA *rsa;
1033 const unsigned char *p; 995 const unsigned char *p;
1034 int size, i; 996 int size, i;
1035 997
1036 buf=BUF_MEM_new(); 998 buf = BUF_MEM_new();
1037 pkey = EVP_PKEY_new(); 999 pkey = EVP_PKEY_new();
1038 size = 0; 1000 size = 0;
1039 if (buf == NULL || pkey == NULL) 1001 if (buf == NULL || pkey == NULL)
1040 goto error; 1002 goto error;
1041 for (;;) 1003 for (;;) {
1042 { 1004 if (!BUF_MEM_grow_clean(buf, size + 1024*10))
1043 if (!BUF_MEM_grow_clean(buf,size+1024*10))
1044 goto error; 1005 goto error;
1045 i = BIO_read(key, &(buf->data[size]), 1024*10); 1006 i = BIO_read(key, &(buf->data[size]), 1024*10);
1046 size += i; 1007 size += i;
1047 if (i == 0) 1008 if (i == 0)
1048 break; 1009 break;
1049 if (i < 0) 1010 if (i < 0) {
1050 { 1011 BIO_printf(err, "Error reading %s %s",
1051 BIO_printf(err, "Error reading %s %s", 1012 key_descrip, file);
1052 key_descrip, file); 1013 goto error;
1053 goto error;
1054 }
1055 } 1014 }
1056 p=(unsigned char *)buf->data; 1015 }
1057 rsa = d2i_RSA_NET(NULL,&p,(long)size,NULL, 1016 p = (unsigned char *)buf->data;
1058 (format == FORMAT_IISSGC ? 1 : 0)); 1017 rsa = d2i_RSA_NET(NULL, &p, (long)size, NULL,
1018 (format == FORMAT_IISSGC ? 1 : 0));
1059 if (rsa == NULL) 1019 if (rsa == NULL)
1060 goto error; 1020 goto error;
1061 BUF_MEM_free(buf); 1021 BUF_MEM_free(buf);
@@ -1065,13 +1025,14 @@ error:
1065 BUF_MEM_free(buf); 1025 BUF_MEM_free(buf);
1066 EVP_PKEY_free(pkey); 1026 EVP_PKEY_free(pkey);
1067 return NULL; 1027 return NULL;
1068 } 1028}
1069#endif /* ndef OPENSSL_NO_RC4 */ 1029#endif /* ndef OPENSSL_NO_RC4 */
1070 1030
1071static int load_certs_crls(BIO *err, const char *file, int format, 1031static int
1072 const char *pass, ENGINE *e, const char *desc, 1032load_certs_crls(BIO *err, const char *file, int format, const char *pass,
1073 STACK_OF(X509) **pcerts, STACK_OF(X509_CRL) **pcrls) 1033 ENGINE *e, const char *desc, STACK_OF(X509) **pcerts,
1074 { 1034 STACK_OF(X509_CRL) **pcrls)
1035{
1075 int i; 1036 int i;
1076 BIO *bio; 1037 BIO *bio;
1077 STACK_OF(X509_INFO) *xis = NULL; 1038 STACK_OF(X509_INFO) *xis = NULL;
@@ -1082,60 +1043,53 @@ static int load_certs_crls(BIO *err, const char *file, int format,
1082 cb_data.password = pass; 1043 cb_data.password = pass;
1083 cb_data.prompt_info = file; 1044 cb_data.prompt_info = file;
1084 1045
1085 if (format != FORMAT_PEM) 1046 if (format != FORMAT_PEM) {
1086 { 1047 BIO_printf(err, "bad input format specified for %s\n", desc);
1087 BIO_printf(err,"bad input format specified for %s\n", desc);
1088 return 0; 1048 return 0;
1089 } 1049 }
1090 1050
1091 if (file == NULL) 1051 if (file == NULL)
1092 bio = BIO_new_fp(stdin,BIO_NOCLOSE); 1052 bio = BIO_new_fp(stdin, BIO_NOCLOSE);
1093 else 1053 else
1094 bio = BIO_new_file(file, "r"); 1054 bio = BIO_new_file(file, "r");
1095 1055
1096 if (bio == NULL) 1056 if (bio == NULL) {
1097 {
1098 BIO_printf(err, "Error opening %s %s\n", 1057 BIO_printf(err, "Error opening %s %s\n",
1099 desc, file ? file : "stdin"); 1058 desc, file ? file : "stdin");
1100 ERR_print_errors(err); 1059 ERR_print_errors(err);
1101 return 0; 1060 return 0;
1102 } 1061 }
1103 1062
1104 xis = PEM_X509_INFO_read_bio(bio, NULL, 1063 xis = PEM_X509_INFO_read_bio(bio, NULL,
1105 (pem_password_cb *)password_callback, &cb_data); 1064 (pem_password_cb *)password_callback, &cb_data);
1106 1065
1107 BIO_free(bio); 1066 BIO_free(bio);
1108 1067
1109 if (pcerts) 1068 if (pcerts) {
1110 {
1111 *pcerts = sk_X509_new_null(); 1069 *pcerts = sk_X509_new_null();
1112 if (!*pcerts) 1070 if (!*pcerts)
1113 goto end; 1071 goto end;
1114 } 1072 }
1115 1073
1116 if (pcrls) 1074 if (pcrls) {
1117 {
1118 *pcrls = sk_X509_CRL_new_null(); 1075 *pcrls = sk_X509_CRL_new_null();
1119 if (!*pcrls) 1076 if (!*pcrls)
1120 goto end; 1077 goto end;
1121 } 1078 }
1122 1079
1123 for(i = 0; i < sk_X509_INFO_num(xis); i++) 1080 for (i = 0; i < sk_X509_INFO_num(xis); i++) {
1124 {
1125 xi = sk_X509_INFO_value (xis, i); 1081 xi = sk_X509_INFO_value (xis, i);
1126 if (xi->x509 && pcerts) 1082 if (xi->x509 && pcerts) {
1127 {
1128 if (!sk_X509_push(*pcerts, xi->x509)) 1083 if (!sk_X509_push(*pcerts, xi->x509))
1129 goto end; 1084 goto end;
1130 xi->x509 = NULL; 1085 xi->x509 = NULL;
1131 } 1086 }
1132 if (xi->crl && pcrls) 1087 if (xi->crl && pcrls) {
1133 {
1134 if (!sk_X509_CRL_push(*pcrls, xi->crl)) 1088 if (!sk_X509_CRL_push(*pcrls, xi->crl))
1135 goto end; 1089 goto end;
1136 xi->crl = NULL; 1090 xi->crl = NULL;
1137 }
1138 } 1091 }
1092 }
1139 1093
1140 if (pcerts && sk_X509_num(*pcerts) > 0) 1094 if (pcerts && sk_X509_num(*pcerts) > 0)
1141 rv = 1; 1095 rv = 1;
@@ -1143,47 +1097,45 @@ static int load_certs_crls(BIO *err, const char *file, int format,
1143 if (pcrls && sk_X509_CRL_num(*pcrls) > 0) 1097 if (pcrls && sk_X509_CRL_num(*pcrls) > 0)
1144 rv = 1; 1098 rv = 1;
1145 1099
1146 end: 1100end:
1147
1148 if (xis) 1101 if (xis)
1149 sk_X509_INFO_pop_free(xis, X509_INFO_free); 1102 sk_X509_INFO_pop_free(xis, X509_INFO_free);
1150 1103
1151 if (rv == 0) 1104 if (rv == 0) {
1152 { 1105 if (pcerts) {
1153 if (pcerts)
1154 {
1155 sk_X509_pop_free(*pcerts, X509_free); 1106 sk_X509_pop_free(*pcerts, X509_free);
1156 *pcerts = NULL; 1107 *pcerts = NULL;
1157 } 1108 }
1158 if (pcrls) 1109 if (pcrls) {
1159 {
1160 sk_X509_CRL_pop_free(*pcrls, X509_CRL_free); 1110 sk_X509_CRL_pop_free(*pcrls, X509_CRL_free);
1161 *pcrls = NULL; 1111 *pcrls = NULL;
1162 }
1163 BIO_printf(err,"unable to load %s\n",
1164 pcerts ? "certificates" : "CRLs");
1165 ERR_print_errors(err);
1166 } 1112 }
1167 return rv; 1113 BIO_printf(err, "unable to load %s\n",
1114 pcerts ? "certificates" : "CRLs");
1115 ERR_print_errors(err);
1168 } 1116 }
1117 return rv;
1118}
1169 1119
1170STACK_OF(X509) *load_certs(BIO *err, const char *file, int format, 1120STACK_OF(X509) *
1171 const char *pass, ENGINE *e, const char *desc) 1121load_certs(BIO *err, const char *file, int format, const char *pass, ENGINE *e,
1172 { 1122 const char *desc)
1123{
1173 STACK_OF(X509) *certs; 1124 STACK_OF(X509) *certs;
1174 if (!load_certs_crls(err, file, format, pass, e, desc, &certs, NULL)) 1125 if (!load_certs_crls(err, file, format, pass, e, desc, &certs, NULL))
1175 return NULL; 1126 return NULL;
1176 return certs; 1127 return certs;
1177 } 1128}
1178 1129
1179STACK_OF(X509_CRL) *load_crls(BIO *err, const char *file, int format, 1130STACK_OF(X509_CRL) *
1180 const char *pass, ENGINE *e, const char *desc) 1131load_crls(BIO *err, const char *file, int format, const char *pass, ENGINE *e,
1181 { 1132 const char *desc)
1133{
1182 STACK_OF(X509_CRL) *crls; 1134 STACK_OF(X509_CRL) *crls;
1183 if (!load_certs_crls(err, file, format, pass, e, desc, NULL, &crls)) 1135 if (!load_certs_crls(err, file, format, pass, e, desc, NULL, &crls))
1184 return NULL; 1136 return NULL;
1185 return crls; 1137 return crls;
1186 } 1138}
1187 1139
1188#define X509V3_EXT_UNKNOWN_MASK (0xfL << 16) 1140#define X509V3_EXT_UNKNOWN_MASK (0xfL << 16)
1189/* Return error for unknown extensions */ 1141/* Return error for unknown extensions */
@@ -1198,7 +1150,8 @@ STACK_OF(X509_CRL) *load_crls(BIO *err, const char *file, int format,
1198#define X509_FLAG_CA (X509_FLAG_NO_ISSUER | X509_FLAG_NO_PUBKEY | \ 1150#define X509_FLAG_CA (X509_FLAG_NO_ISSUER | X509_FLAG_NO_PUBKEY | \
1199 X509_FLAG_NO_HEADER | X509_FLAG_NO_VERSION) 1151 X509_FLAG_NO_HEADER | X509_FLAG_NO_VERSION)
1200 1152
1201int set_cert_ex(unsigned long *flags, const char *arg) 1153int
1154set_cert_ex(unsigned long *flags, const char *arg)
1202{ 1155{
1203 static const NAME_EX_TBL cert_tbl[] = { 1156 static const NAME_EX_TBL cert_tbl[] = {
1204 { "compatible", X509_FLAG_COMPAT, 0xffffffffl}, 1157 { "compatible", X509_FLAG_COMPAT, 0xffffffffl},
@@ -1224,7 +1177,8 @@ int set_cert_ex(unsigned long *flags, const char *arg)
1224 return set_multi_opts(flags, arg, cert_tbl); 1177 return set_multi_opts(flags, arg, cert_tbl);
1225} 1178}
1226 1179
1227int set_name_ex(unsigned long *flags, const char *arg) 1180int
1181set_name_ex(unsigned long *flags, const char *arg)
1228{ 1182{
1229 static const NAME_EX_TBL ex_tbl[] = { 1183 static const NAME_EX_TBL ex_tbl[] = {
1230 { "esc_2253", ASN1_STRFLGS_ESC_2253, 0}, 1184 { "esc_2253", ASN1_STRFLGS_ESC_2253, 0},
@@ -1259,7 +1213,8 @@ int set_name_ex(unsigned long *flags, const char *arg)
1259 return set_multi_opts(flags, arg, ex_tbl); 1213 return set_multi_opts(flags, arg, ex_tbl);
1260} 1214}
1261 1215
1262int set_ext_copy(int *copy_type, const char *arg) 1216int
1217set_ext_copy(int *copy_type, const char *arg)
1263{ 1218{
1264 if (!strcasecmp(arg, "none")) 1219 if (!strcasecmp(arg, "none"))
1265 *copy_type = EXT_COPY_NONE; 1220 *copy_type = EXT_COPY_NONE;
@@ -1272,7 +1227,8 @@ int set_ext_copy(int *copy_type, const char *arg)
1272 return 1; 1227 return 1;
1273} 1228}
1274 1229
1275int copy_extensions(X509 *x, X509_REQ *req, int copy_type) 1230int
1231copy_extensions(X509 *x, X509_REQ *req, int copy_type)
1276{ 1232{
1277 STACK_OF(X509_EXTENSION) *exts = NULL; 1233 STACK_OF(X509_EXTENSION) *exts = NULL;
1278 X509_EXTENSION *ext, *tmpext; 1234 X509_EXTENSION *ext, *tmpext;
@@ -1282,7 +1238,7 @@ int copy_extensions(X509 *x, X509_REQ *req, int copy_type)
1282 return 1; 1238 return 1;
1283 exts = X509_REQ_get_extensions(req); 1239 exts = X509_REQ_get_extensions(req);
1284 1240
1285 for(i = 0; i < sk_X509_EXTENSION_num(exts); i++) { 1241 for (i = 0; i < sk_X509_EXTENSION_num(exts); i++) {
1286 ext = sk_X509_EXTENSION_value(exts, i); 1242 ext = sk_X509_EXTENSION_value(exts, i);
1287 obj = X509_EXTENSION_get_object(ext); 1243 obj = X509_EXTENSION_get_object(ext);
1288 idx = X509_get_ext_by_OBJ(x, obj, -1); 1244 idx = X509_get_ext_by_OBJ(x, obj, -1);
@@ -1305,23 +1261,20 @@ int copy_extensions(X509 *x, X509_REQ *req, int copy_type)
1305 1261
1306 ret = 1; 1262 ret = 1;
1307 1263
1308 end: 1264end:
1309
1310 sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free); 1265 sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free);
1311 1266
1312 return ret; 1267 return ret;
1313} 1268}
1314
1315
1316
1317 1269
1318static int set_multi_opts(unsigned long *flags, const char *arg, const NAME_EX_TBL *in_tbl) 1270static int
1271set_multi_opts(unsigned long *flags, const char *arg, const NAME_EX_TBL *in_tbl)
1319{ 1272{
1320 STACK_OF(CONF_VALUE) *vals; 1273 STACK_OF(CONF_VALUE) *vals;
1321 CONF_VALUE *val; 1274 CONF_VALUE *val;
1322 int i, ret = 1; 1275 int i, ret = 1;
1323 if(!arg) return 0; 1276 if (!arg) return 0;
1324 vals = X509V3_parse_list(arg); 1277 vals = X509V3_parse_list(arg);
1325 for (i = 0; i < sk_CONF_VALUE_num(vals); i++) { 1278 for (i = 0; i < sk_CONF_VALUE_num(vals); i++) {
1326 val = sk_CONF_VALUE_value(vals, i); 1279 val = sk_CONF_VALUE_value(vals, i);
1327 if (!set_table_opts(flags, val->name, in_tbl)) 1280 if (!set_table_opts(flags, val->name, in_tbl))
@@ -1331,13 +1284,14 @@ static int set_multi_opts(unsigned long *flags, const char *arg, const NAME_EX_T
1331 return ret; 1284 return ret;
1332} 1285}
1333 1286
1334static int set_table_opts(unsigned long *flags, const char *arg, const NAME_EX_TBL *in_tbl) 1287static int
1288set_table_opts(unsigned long *flags, const char *arg, const NAME_EX_TBL *in_tbl)
1335{ 1289{
1336 char c; 1290 char c;
1337 const NAME_EX_TBL *ptbl; 1291 const NAME_EX_TBL *ptbl;
1338 c = arg[0]; 1292 c = arg[0];
1339 1293
1340 if(c == '-') { 1294 if (c == '-') {
1341 c = 0; 1295 c = 0;
1342 arg++; 1296 arg++;
1343 } else if (c == '+') { 1297 } else if (c == '+') {
@@ -1345,131 +1299,139 @@ static int set_table_opts(unsigned long *flags, const char *arg, const NAME_EX_T
1345 arg++; 1299 arg++;
1346 } else c = 1; 1300 } else c = 1;
1347 1301
1348 for(ptbl = in_tbl; ptbl->name; ptbl++) { 1302 for (ptbl = in_tbl; ptbl->name; ptbl++) {
1349 if(!strcasecmp(arg, ptbl->name)) { 1303 if (!strcasecmp(arg, ptbl->name)) {
1350 *flags &= ~ptbl->mask; 1304 *flags &= ~ptbl->mask;
1351 if(c) *flags |= ptbl->flag; 1305 if (c)
1352 else *flags &= ~ptbl->flag; 1306 *flags |= ptbl->flag;
1307 else
1308 *flags &= ~ptbl->flag;
1353 return 1; 1309 return 1;
1354 } 1310 }
1355 } 1311 }
1356 return 0; 1312 return 0;
1357} 1313}
1358 1314
1359void print_name(BIO *out, const char *title, X509_NAME *nm, unsigned long lflags) 1315void
1316print_name(BIO *out, const char *title, X509_NAME *nm, unsigned long lflags)
1360{ 1317{
1361 char *buf; 1318 char *buf;
1362 char mline = 0; 1319 char mline = 0;
1363 int indent = 0; 1320 int indent = 0;
1364 1321
1365 if(title) BIO_puts(out, title); 1322 if (title)
1366 if((lflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) { 1323 BIO_puts(out, title);
1324 if ((lflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) {
1367 mline = 1; 1325 mline = 1;
1368 indent = 4; 1326 indent = 4;
1369 } 1327 }
1370 if(lflags == XN_FLAG_COMPAT) { 1328 if (lflags == XN_FLAG_COMPAT) {
1371 buf = X509_NAME_oneline(nm, 0, 0); 1329 buf = X509_NAME_oneline(nm, 0, 0);
1372 BIO_puts(out, buf); 1330 BIO_puts(out, buf);
1373 BIO_puts(out, "\n"); 1331 BIO_puts(out, "\n");
1374 OPENSSL_free(buf); 1332 OPENSSL_free(buf);
1375 } else { 1333 } else {
1376 if(mline) BIO_puts(out, "\n"); 1334 if (mline)
1335 BIO_puts(out, "\n");
1377 X509_NAME_print_ex(out, nm, indent, lflags); 1336 X509_NAME_print_ex(out, nm, indent, lflags);
1378 BIO_puts(out, "\n"); 1337 BIO_puts(out, "\n");
1379 } 1338 }
1380} 1339}
1381 1340
1382X509_STORE *setup_verify(BIO *bp, char *CAfile, char *CApath) 1341X509_STORE *
1342setup_verify(BIO *bp, char *CAfile, char *CApath)
1383{ 1343{
1384 X509_STORE *store; 1344 X509_STORE *store;
1385 X509_LOOKUP *lookup; 1345 X509_LOOKUP *lookup;
1386 if(!(store = X509_STORE_new())) goto end; 1346 if (!(store = X509_STORE_new()))
1387 lookup=X509_STORE_add_lookup(store,X509_LOOKUP_file()); 1347 goto end;
1388 if (lookup == NULL) goto end; 1348 lookup = X509_STORE_add_lookup(store, X509_LOOKUP_file());
1349 if (lookup == NULL)
1350 goto end;
1389 if (CAfile) { 1351 if (CAfile) {
1390 if(!X509_LOOKUP_load_file(lookup,CAfile,X509_FILETYPE_PEM)) { 1352 if (!X509_LOOKUP_load_file(lookup, CAfile, X509_FILETYPE_PEM)) {
1391 BIO_printf(bp, "Error loading file %s\n", CAfile); 1353 BIO_printf(bp, "Error loading file %s\n", CAfile);
1392 goto end; 1354 goto end;
1393 } 1355 }
1394 } else X509_LOOKUP_load_file(lookup,NULL,X509_FILETYPE_DEFAULT); 1356 } else
1395 1357 X509_LOOKUP_load_file(lookup, NULL, X509_FILETYPE_DEFAULT);
1396 lookup=X509_STORE_add_lookup(store,X509_LOOKUP_hash_dir()); 1358
1397 if (lookup == NULL) goto end; 1359 lookup = X509_STORE_add_lookup(store, X509_LOOKUP_hash_dir());
1360 if (lookup == NULL)
1361 goto end;
1398 if (CApath) { 1362 if (CApath) {
1399 if(!X509_LOOKUP_add_dir(lookup,CApath,X509_FILETYPE_PEM)) { 1363 if (!X509_LOOKUP_add_dir(lookup, CApath, X509_FILETYPE_PEM)) {
1400 BIO_printf(bp, "Error loading directory %s\n", CApath); 1364 BIO_printf(bp, "Error loading directory %s\n", CApath);
1401 goto end; 1365 goto end;
1402 } 1366 }
1403 } else X509_LOOKUP_add_dir(lookup,NULL,X509_FILETYPE_DEFAULT); 1367 } else
1368 X509_LOOKUP_add_dir(lookup, NULL, X509_FILETYPE_DEFAULT);
1404 1369
1405 ERR_clear_error(); 1370 ERR_clear_error();
1406 return store; 1371 return store;
1407 end: 1372
1373end:
1408 X509_STORE_free(store); 1374 X509_STORE_free(store);
1409 return NULL; 1375 return NULL;
1410} 1376}
1411 1377
1412#ifndef OPENSSL_NO_ENGINE 1378#ifndef OPENSSL_NO_ENGINE
1413/* Try to load an engine in a shareable library */ 1379/* Try to load an engine in a shareable library */
1414static ENGINE *try_load_engine(BIO *err, const char *engine, int debug) 1380static ENGINE *
1415 { 1381try_load_engine(BIO *err, const char *engine, int debug)
1382{
1416 ENGINE *e = ENGINE_by_id("dynamic"); 1383 ENGINE *e = ENGINE_by_id("dynamic");
1417 if (e) 1384 if (e) {
1418 { 1385 if (!ENGINE_ctrl_cmd_string(e, "SO_PATH", engine, 0) ||
1419 if (!ENGINE_ctrl_cmd_string(e, "SO_PATH", engine, 0) 1386 !ENGINE_ctrl_cmd_string(e, "LOAD", NULL, 0)) {
1420 || !ENGINE_ctrl_cmd_string(e, "LOAD", NULL, 0))
1421 {
1422 ENGINE_free(e); 1387 ENGINE_free(e);
1423 e = NULL; 1388 e = NULL;
1424 }
1425 } 1389 }
1426 return e;
1427 } 1390 }
1391 return e;
1392}
1428 1393
1429ENGINE *setup_engine(BIO *err, const char *engine, int debug) 1394ENGINE *
1430 { 1395setup_engine(BIO *err, const char *engine, int debug)
1431 ENGINE *e = NULL; 1396{
1397 ENGINE *e = NULL;
1432 1398
1433 if (engine) 1399 if (engine) {
1434 { 1400 if (strcmp(engine, "auto") == 0) {
1435 if(strcmp(engine, "auto") == 0) 1401 BIO_printf(err, "enabling auto ENGINE support\n");
1436 {
1437 BIO_printf(err,"enabling auto ENGINE support\n");
1438 ENGINE_register_all_complete(); 1402 ENGINE_register_all_complete();
1439 return NULL; 1403 return NULL;
1440 } 1404 }
1441 if((e = ENGINE_by_id(engine)) == NULL 1405 if ((e = ENGINE_by_id(engine)) == NULL &&
1442 && (e = try_load_engine(err, engine, debug)) == NULL) 1406 (e = try_load_engine(err, engine, debug)) == NULL) {
1443 { 1407 BIO_printf(err, "invalid engine \"%s\"\n", engine);
1444 BIO_printf(err,"invalid engine \"%s\"\n", engine);
1445 ERR_print_errors(err); 1408 ERR_print_errors(err);
1446 return NULL; 1409 return NULL;
1447 } 1410 }
1448 if (debug) 1411 if (debug) {
1449 {
1450 ENGINE_ctrl(e, ENGINE_CTRL_SET_LOGSTREAM, 1412 ENGINE_ctrl(e, ENGINE_CTRL_SET_LOGSTREAM,
1451 0, err, 0); 1413 0, err, 0);
1452 } 1414 }
1453 ENGINE_ctrl_cmd(e, "SET_USER_INTERFACE", 0, ui_method, 0, 1); 1415 ENGINE_ctrl_cmd(e, "SET_USER_INTERFACE", 0, ui_method, 0, 1);
1454 if(!ENGINE_set_default(e, ENGINE_METHOD_ALL)) 1416 if (!ENGINE_set_default(e, ENGINE_METHOD_ALL)) {
1455 { 1417 BIO_printf(err, "can't use that engine\n");
1456 BIO_printf(err,"can't use that engine\n");
1457 ERR_print_errors(err); 1418 ERR_print_errors(err);
1458 ENGINE_free(e); 1419 ENGINE_free(e);
1459 return NULL; 1420 return NULL;
1460 } 1421 }
1461 1422
1462 BIO_printf(err,"engine \"%s\" set.\n", ENGINE_get_id(e)); 1423 BIO_printf(err, "engine \"%s\" set.\n", ENGINE_get_id(e));
1463 1424
1464 /* Free our "structural" reference. */ 1425 /* Free our "structural" reference. */
1465 ENGINE_free(e); 1426 ENGINE_free(e);
1466 } 1427 }
1467 return e; 1428 return e;
1468 } 1429}
1469#endif 1430#endif
1470 1431
1471int load_config(BIO *err, CONF *cnf) 1432int
1472 { 1433load_config(BIO *err, CONF *cnf)
1434{
1473 static int load_config_called = 0; 1435 static int load_config_called = 0;
1474 if (load_config_called) 1436 if (load_config_called)
1475 return 1; 1437 return 1;
@@ -1481,56 +1443,70 @@ int load_config(BIO *err, CONF *cnf)
1481 1443
1482 OPENSSL_load_builtin_modules(); 1444 OPENSSL_load_builtin_modules();
1483 1445
1484 if (CONF_modules_load(cnf, NULL, 0) <= 0) 1446 if (CONF_modules_load(cnf, NULL, 0) <= 0) {
1485 {
1486 BIO_printf(err, "Error configuring OpenSSL\n"); 1447 BIO_printf(err, "Error configuring OpenSSL\n");
1487 ERR_print_errors(err); 1448 ERR_print_errors(err);
1488 return 0; 1449 return 0;
1489 }
1490 return 1;
1491 } 1450 }
1451 return 1;
1452}
1492 1453
1493char *make_config_name() 1454char *
1494 { 1455make_config_name()
1495 const char *t=X509_get_default_cert_area(); 1456{
1457 const char *t = X509_get_default_cert_area();
1496 size_t len; 1458 size_t len;
1497 char *p; 1459 char *p;
1498 1460
1499 len=strlen(t)+strlen(OPENSSL_CONF)+2; 1461 len = strlen(t) + strlen(OPENSSL_CONF) + 2;
1500 p=OPENSSL_malloc(len); 1462 p = OPENSSL_malloc(len);
1501 BUF_strlcpy(p,t,len); 1463 BUF_strlcpy(p, t, len);
1502 BUF_strlcat(p,"/",len); 1464 BUF_strlcat(p, "/", len);
1503 BUF_strlcat(p,OPENSSL_CONF,len); 1465 BUF_strlcat(p, OPENSSL_CONF, len);
1504 1466
1505 return p; 1467 return p;
1506 } 1468}
1507 1469
1508static unsigned long index_serial_hash(const OPENSSL_CSTRING *a) 1470static unsigned long
1509 { 1471index_serial_hash(const OPENSSL_CSTRING *a)
1472{
1510 const char *n; 1473 const char *n;
1511 1474
1512 n=a[DB_serial]; 1475 n = a[DB_serial];
1513 while (*n == '0') n++; 1476 while (*n == '0')
1514 return(lh_strhash(n)); 1477 n++;
1515 } 1478 return (lh_strhash(n));
1479}
1516 1480
1517static int index_serial_cmp(const OPENSSL_CSTRING *a, const OPENSSL_CSTRING *b) 1481static int
1518 { 1482index_serial_cmp(const OPENSSL_CSTRING *a, const OPENSSL_CSTRING *b)
1519 const char *aa,*bb; 1483{
1484 const char *aa, *bb;
1520 1485
1521 for (aa=a[DB_serial]; *aa == '0'; aa++); 1486 for (aa = a[DB_serial]; *aa == '0'; aa++)
1522 for (bb=b[DB_serial]; *bb == '0'; bb++); 1487 ;
1523 return(strcmp(aa,bb)); 1488 for (bb = b[DB_serial]; *bb == '0'; bb++)
1524 } 1489 ;
1490 return (strcmp(aa, bb));
1491}
1525 1492
1526static int index_name_qual(char **a) 1493static int
1527 { return(a[0][0] == 'V'); } 1494index_name_qual(char **a)
1495{
1496 return (a[0][0] == 'V');
1497}
1528 1498
1529static unsigned long index_name_hash(const OPENSSL_CSTRING *a) 1499static unsigned long
1530 { return(lh_strhash(a[DB_name])); } 1500index_name_hash(const OPENSSL_CSTRING *a)
1501{
1502 return (lh_strhash(a[DB_name]));
1503}
1531 1504
1532int index_name_cmp(const OPENSSL_CSTRING *a, const OPENSSL_CSTRING *b) 1505int
1533 { return(strcmp(a[DB_name], b[DB_name])); } 1506index_name_cmp(const OPENSSL_CSTRING *a, const OPENSSL_CSTRING *b)
1507{
1508 return (strcmp(a[DB_name], b[DB_name]));
1509}
1534 1510
1535static IMPLEMENT_LHASH_HASH_FN(index_serial, OPENSSL_CSTRING) 1511static IMPLEMENT_LHASH_HASH_FN(index_serial, OPENSSL_CSTRING)
1536static IMPLEMENT_LHASH_COMP_FN(index_serial, OPENSSL_CSTRING) 1512static IMPLEMENT_LHASH_COMP_FN(index_serial, OPENSSL_CSTRING)
@@ -1540,80 +1516,73 @@ static IMPLEMENT_LHASH_COMP_FN(index_name, OPENSSL_CSTRING)
1540#undef BSIZE 1516#undef BSIZE
1541#define BSIZE 256 1517#define BSIZE 256
1542 1518
1543BIGNUM *load_serial(char *serialfile, int create, ASN1_INTEGER **retai) 1519BIGNUM *
1544 { 1520load_serial(char *serialfile, int create, ASN1_INTEGER **retai)
1545 BIO *in=NULL; 1521{
1546 BIGNUM *ret=NULL; 1522 BIO *in = NULL;
1523 BIGNUM *ret = NULL;
1547 char buf[1024]; 1524 char buf[1024];
1548 ASN1_INTEGER *ai=NULL; 1525 ASN1_INTEGER *ai = NULL;
1549 1526
1550 ai=ASN1_INTEGER_new(); 1527 ai = ASN1_INTEGER_new();
1551 if (ai == NULL) goto err; 1528 if (ai == NULL)
1529 goto err;
1552 1530
1553 if ((in=BIO_new(BIO_s_file())) == NULL) 1531 if ((in = BIO_new(BIO_s_file())) == NULL) {
1554 {
1555 ERR_print_errors(bio_err); 1532 ERR_print_errors(bio_err);
1556 goto err; 1533 goto err;
1557 } 1534 }
1558 1535
1559 if (BIO_read_filename(in,serialfile) <= 0) 1536 if (BIO_read_filename(in, serialfile) <= 0) {
1560 { 1537 if (!create) {
1561 if (!create)
1562 {
1563 perror(serialfile); 1538 perror(serialfile);
1564 goto err; 1539 goto err;
1565 } 1540 } else {
1566 else 1541 ret = BN_new();
1567 {
1568 ret=BN_new();
1569 if (ret == NULL || !rand_serial(ret, ai)) 1542 if (ret == NULL || !rand_serial(ret, ai))
1570 BIO_printf(bio_err, "Out of memory\n"); 1543 BIO_printf(bio_err, "Out of memory\n");
1571 }
1572 } 1544 }
1573 else 1545 } else {
1574 { 1546 if (!a2i_ASN1_INTEGER(in, ai, buf, 1024)) {
1575 if (!a2i_ASN1_INTEGER(in,ai,buf,1024)) 1547 BIO_printf(bio_err, "unable to load number from %s\n",
1576 { 1548 serialfile);
1577 BIO_printf(bio_err,"unable to load number from %s\n",
1578 serialfile);
1579 goto err; 1549 goto err;
1580 } 1550 }
1581 ret=ASN1_INTEGER_to_BN(ai,NULL); 1551 ret = ASN1_INTEGER_to_BN(ai, NULL);
1582 if (ret == NULL) 1552 if (ret == NULL) {
1583 { 1553 BIO_printf(bio_err, "error converting number from bin to BIGNUM\n");
1584 BIO_printf(bio_err,"error converting number from bin to BIGNUM\n");
1585 goto err; 1554 goto err;
1586 }
1587 } 1555 }
1556 }
1588 1557
1589 if (ret && retai) 1558 if (ret && retai) {
1590 {
1591 *retai = ai; 1559 *retai = ai;
1592 ai = NULL; 1560 ai = NULL;
1593 }
1594 err:
1595 if (in != NULL) BIO_free(in);
1596 if (ai != NULL) ASN1_INTEGER_free(ai);
1597 return(ret);
1598 } 1561 }
1562err:
1563 if (in != NULL) BIO_free(in);
1564 if (ai != NULL) ASN1_INTEGER_free(ai);
1565 return (ret);
1566}
1599 1567
1600int save_serial(char *serialfile, char *suffix, BIGNUM *serial, ASN1_INTEGER **retai) 1568int
1601 { 1569save_serial(char *serialfile, char *suffix, BIGNUM *serial,
1570 ASN1_INTEGER **retai)
1571{
1602 char buf[1][BSIZE]; 1572 char buf[1][BSIZE];
1603 BIO *out = NULL; 1573 BIO *out = NULL;
1604 int ret=0; 1574 int ret = 0;
1605 ASN1_INTEGER *ai=NULL; 1575 ASN1_INTEGER *ai = NULL;
1606 int j; 1576 int j;
1607 1577
1608 if (suffix == NULL) 1578 if (suffix == NULL)
1609 j = strlen(serialfile); 1579 j = strlen(serialfile);
1610 else 1580 else
1611 j = strlen(serialfile) + strlen(suffix) + 1; 1581 j = strlen(serialfile) + strlen(suffix) + 1;
1612 if (j >= BSIZE) 1582 if (j >= BSIZE) {
1613 { 1583 BIO_printf(bio_err, "file name too long\n");
1614 BIO_printf(bio_err,"file name too long\n");
1615 goto err; 1584 goto err;
1616 } 1585 }
1617 1586
1618 if (suffix == NULL) 1587 if (suffix == NULL)
1619 BUF_strlcpy(buf[0], serialfile, BSIZE); 1588 BUF_strlcpy(buf[0], serialfile, BSIZE);
@@ -1622,90 +1591,89 @@ int save_serial(char *serialfile, char *suffix, BIGNUM *serial, ASN1_INTEGER **r
1622#ifdef RL_DEBUG 1591#ifdef RL_DEBUG
1623 BIO_printf(bio_err, "DEBUG: writing \"%s\"\n", buf[0]); 1592 BIO_printf(bio_err, "DEBUG: writing \"%s\"\n", buf[0]);
1624#endif 1593#endif
1625 out=BIO_new(BIO_s_file()); 1594 out = BIO_new(BIO_s_file());
1626 if (out == NULL) 1595 if (out == NULL) {
1627 {
1628 ERR_print_errors(bio_err); 1596 ERR_print_errors(bio_err);
1629 goto err; 1597 goto err;
1630 } 1598 }
1631 if (BIO_write_filename(out,buf[0]) <= 0) 1599 if (BIO_write_filename(out, buf[0]) <= 0) {
1632 {
1633 perror(serialfile); 1600 perror(serialfile);
1634 goto err; 1601 goto err;
1635 } 1602 }
1636 1603
1637 if ((ai=BN_to_ASN1_INTEGER(serial,NULL)) == NULL) 1604 if ((ai = BN_to_ASN1_INTEGER(serial, NULL)) == NULL) {
1638 { 1605 BIO_printf(bio_err, "error converting serial to ASN.1 format\n");
1639 BIO_printf(bio_err,"error converting serial to ASN.1 format\n");
1640 goto err; 1606 goto err;
1641 } 1607 }
1642 i2a_ASN1_INTEGER(out,ai); 1608 i2a_ASN1_INTEGER(out, ai);
1643 BIO_puts(out,"\n"); 1609 BIO_puts(out, "\n");
1644 ret=1; 1610 ret = 1;
1645 if (retai) 1611 if (retai) {
1646 {
1647 *retai = ai; 1612 *retai = ai;
1648 ai = NULL; 1613 ai = NULL;
1649 }
1650err:
1651 if (out != NULL) BIO_free_all(out);
1652 if (ai != NULL) ASN1_INTEGER_free(ai);
1653 return(ret);
1654 } 1614 }
1615err:
1616 if (out != NULL)
1617 BIO_free_all(out);
1618 if (ai != NULL)
1619 ASN1_INTEGER_free(ai);
1620 return (ret);
1621}
1655 1622
1656int rotate_serial(char *serialfile, char *new_suffix, char *old_suffix) 1623int
1657 { 1624rotate_serial(char *serialfile, char *new_suffix, char *old_suffix)
1625{
1658 char buf[5][BSIZE]; 1626 char buf[5][BSIZE];
1659 int i,j; 1627 int i, j;
1660 1628
1661 i = strlen(serialfile) + strlen(old_suffix); 1629 i = strlen(serialfile) + strlen(old_suffix);
1662 j = strlen(serialfile) + strlen(new_suffix); 1630 j = strlen(serialfile) + strlen(new_suffix);
1663 if (i > j) j = i; 1631 if (i > j)
1664 if (j + 1 >= BSIZE) 1632 j = i;
1665 { 1633 if (j + 1 >= BSIZE) {
1666 BIO_printf(bio_err,"file name too long\n"); 1634 BIO_printf(bio_err, "file name too long\n");
1667 goto err; 1635 goto err;
1668 } 1636 }
1669 1637
1670 (void) snprintf(buf[0], sizeof buf[0], "%s.%s", 1638 (void) snprintf(buf[0], sizeof buf[0], "%s.%s",
1671 serialfile, new_suffix); 1639 serialfile, new_suffix);
1672 (void) snprintf(buf[1], sizeof buf[1], "%s.%s", 1640 (void) snprintf(buf[1], sizeof buf[1], "%s.%s",
1673 serialfile, old_suffix); 1641 serialfile, old_suffix);
1674#ifdef RL_DEBUG 1642#ifdef RL_DEBUG
1675 BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n", 1643 BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
1676 serialfile, buf[1]); 1644 serialfile, buf[1]);
1677#endif 1645#endif
1678 if (rename(serialfile,buf[1]) < 0 && errno != ENOENT 1646 if (rename(serialfile, buf[1]) < 0 && errno != ENOENT
1679#ifdef ENOTDIR 1647#ifdef ENOTDIR
1680 && errno != ENOTDIR 1648 && errno != ENOTDIR
1681#endif 1649#endif
1682 ) { 1650 ) {
1683 BIO_printf(bio_err, 1651 BIO_printf(bio_err,
1684 "unable to rename %s to %s\n", 1652 "unable to rename %s to %s\n",
1685 serialfile, buf[1]); 1653 serialfile, buf[1]);
1686 perror("reason"); 1654 perror("reason");
1687 goto err; 1655 goto err;
1688 } 1656 }
1689#ifdef RL_DEBUG 1657#ifdef RL_DEBUG
1690 BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n", 1658 BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
1691 buf[0],serialfile); 1659 buf[0], serialfile);
1692#endif 1660#endif
1693 if (rename(buf[0],serialfile) < 0) 1661 if (rename(buf[0], serialfile) < 0) {
1694 {
1695 BIO_printf(bio_err, 1662 BIO_printf(bio_err,
1696 "unable to rename %s to %s\n", 1663 "unable to rename %s to %s\n",
1697 buf[0],serialfile); 1664 buf[0], serialfile);
1698 perror("reason"); 1665 perror("reason");
1699 rename(buf[1],serialfile); 1666 rename(buf[1], serialfile);
1700 goto err; 1667 goto err;
1701 } 1668 }
1702 return 1; 1669 return 1;
1703 err: 1670err:
1704 return 0; 1671 return 0;
1705 } 1672}
1706 1673
1707int rand_serial(BIGNUM *b, ASN1_INTEGER *ai) 1674int
1708 { 1675rand_serial(BIGNUM *b, ASN1_INTEGER *ai)
1676{
1709 BIGNUM *btmp; 1677 BIGNUM *btmp;
1710 int ret = 0; 1678 int ret = 0;
1711 if (b) 1679 if (b)
@@ -1722,132 +1690,122 @@ int rand_serial(BIGNUM *b, ASN1_INTEGER *ai)
1722 goto error; 1690 goto error;
1723 1691
1724 ret = 1; 1692 ret = 1;
1725
1726 error:
1727 1693
1694error:
1728 if (!b) 1695 if (!b)
1729 BN_free(btmp); 1696 BN_free(btmp);
1730 1697
1731 return ret; 1698 return ret;
1732 } 1699}
1733 1700
1734CA_DB *load_index(char *dbfile, DB_ATTR *db_attr) 1701CA_DB *
1735 { 1702load_index(char *dbfile, DB_ATTR *db_attr)
1703{
1736 CA_DB *retdb = NULL; 1704 CA_DB *retdb = NULL;
1737 TXT_DB *tmpdb = NULL; 1705 TXT_DB *tmpdb = NULL;
1738 BIO *in = BIO_new(BIO_s_file()); 1706 BIO *in = BIO_new(BIO_s_file());
1739 CONF *dbattr_conf = NULL; 1707 CONF *dbattr_conf = NULL;
1740 char buf[1][BSIZE]; 1708 char buf[1][BSIZE];
1741 long errorline= -1; 1709 long errorline = -1;
1742 1710
1743 if (in == NULL) 1711 if (in == NULL) {
1744 {
1745 ERR_print_errors(bio_err); 1712 ERR_print_errors(bio_err);
1746 goto err; 1713 goto err;
1747 } 1714 }
1748 if (BIO_read_filename(in,dbfile) <= 0) 1715 if (BIO_read_filename(in, dbfile) <= 0) {
1749 {
1750 perror(dbfile); 1716 perror(dbfile);
1751 BIO_printf(bio_err,"unable to open '%s'\n",dbfile); 1717 BIO_printf(bio_err, "unable to open '%s'\n", dbfile);
1752 goto err; 1718 goto err;
1753 } 1719 }
1754 if ((tmpdb = TXT_DB_read(in,DB_NUMBER)) == NULL) 1720 if ((tmpdb = TXT_DB_read(in, DB_NUMBER)) == NULL)
1755 goto err; 1721 goto err;
1756 1722
1757 (void) snprintf(buf[0], sizeof buf[0], "%s.attr", dbfile); 1723 (void) snprintf(buf[0], sizeof buf[0], "%s.attr", dbfile);
1758 dbattr_conf = NCONF_new(NULL); 1724 dbattr_conf = NCONF_new(NULL);
1759 if (NCONF_load(dbattr_conf,buf[0],&errorline) <= 0) 1725 if (NCONF_load(dbattr_conf, buf[0], &errorline) <= 0) {
1760 { 1726 if (errorline > 0) {
1761 if (errorline > 0)
1762 {
1763 BIO_printf(bio_err, 1727 BIO_printf(bio_err,
1764 "error on line %ld of db attribute file '%s'\n" 1728 "error on line %ld of db attribute file '%s'\n"
1765 ,errorline,buf[0]); 1729 , errorline, buf[0]);
1766 goto err; 1730 goto err;
1767 } 1731 } else {
1768 else
1769 {
1770 NCONF_free(dbattr_conf); 1732 NCONF_free(dbattr_conf);
1771 dbattr_conf = NULL; 1733 dbattr_conf = NULL;
1772 }
1773 } 1734 }
1735 }
1774 1736
1775 if ((retdb = OPENSSL_malloc(sizeof(CA_DB))) == NULL) 1737 if ((retdb = OPENSSL_malloc(sizeof(CA_DB))) == NULL) {
1776 {
1777 fprintf(stderr, "Out of memory\n"); 1738 fprintf(stderr, "Out of memory\n");
1778 goto err; 1739 goto err;
1779 } 1740 }
1780 1741
1781 retdb->db = tmpdb; 1742 retdb->db = tmpdb;
1782 tmpdb = NULL; 1743 tmpdb = NULL;
1783 if (db_attr) 1744 if (db_attr)
1784 retdb->attributes = *db_attr; 1745 retdb->attributes = *db_attr;
1785 else 1746 else {
1786 {
1787 retdb->attributes.unique_subject = 1; 1747 retdb->attributes.unique_subject = 1;
1788 } 1748 }
1789 1749
1790 if (dbattr_conf) 1750 if (dbattr_conf) {
1791 { 1751 char *p = NCONF_get_string(dbattr_conf, NULL, "unique_subject");
1792 char *p = NCONF_get_string(dbattr_conf,NULL,"unique_subject"); 1752 if (p) {
1793 if (p)
1794 {
1795#ifdef RL_DEBUG 1753#ifdef RL_DEBUG
1796 BIO_printf(bio_err, "DEBUG[load_index]: unique_subject = \"%s\"\n", p); 1754 BIO_printf(bio_err, "DEBUG[load_index]: unique_subject = \"%s\"\n", p);
1797#endif 1755#endif
1798 retdb->attributes.unique_subject = parse_yesno(p,1); 1756 retdb->attributes.unique_subject = parse_yesno(p, 1);
1799 }
1800 } 1757 }
1758 }
1801 1759
1802 err: 1760err:
1803 if (dbattr_conf) NCONF_free(dbattr_conf); 1761 if (dbattr_conf)
1804 if (tmpdb) TXT_DB_free(tmpdb); 1762 NCONF_free(dbattr_conf);
1805 if (in) BIO_free_all(in); 1763 if (tmpdb)
1764 TXT_DB_free(tmpdb);
1765 if (in)
1766 BIO_free_all(in);
1806 return retdb; 1767 return retdb;
1807 } 1768}
1808 1769
1809int index_index(CA_DB *db) 1770int
1810 { 1771index_index(CA_DB *db)
1772{
1811 if (!TXT_DB_create_index(db->db, DB_serial, NULL, 1773 if (!TXT_DB_create_index(db->db, DB_serial, NULL,
1812 LHASH_HASH_FN(index_serial), 1774 LHASH_HASH_FN(index_serial),
1813 LHASH_COMP_FN(index_serial))) 1775 LHASH_COMP_FN(index_serial))) {
1814 {
1815 BIO_printf(bio_err, 1776 BIO_printf(bio_err,
1816 "error creating serial number index:(%ld,%ld,%ld)\n", 1777 "error creating serial number index:(%ld,%ld,%ld)\n",
1817 db->db->error,db->db->arg1,db->db->arg2); 1778 db->db->error, db->db->arg1, db->db->arg2);
1818 return 0; 1779 return 0;
1819 } 1780 }
1820 1781
1821 if (db->attributes.unique_subject 1782 if (db->attributes.unique_subject &&
1822 && !TXT_DB_create_index(db->db, DB_name, index_name_qual, 1783 !TXT_DB_create_index(db->db, DB_name, index_name_qual,
1823 LHASH_HASH_FN(index_name), 1784 LHASH_HASH_FN(index_name), LHASH_COMP_FN(index_name))) {
1824 LHASH_COMP_FN(index_name))) 1785 BIO_printf(bio_err, "error creating name index:(%ld,%ld,%ld)\n",
1825 { 1786 db->db->error, db->db->arg1, db->db->arg2);
1826 BIO_printf(bio_err,"error creating name index:(%ld,%ld,%ld)\n",
1827 db->db->error,db->db->arg1,db->db->arg2);
1828 return 0; 1787 return 0;
1829 }
1830 return 1;
1831 } 1788 }
1789 return 1;
1790}
1832 1791
1833int save_index(const char *dbfile, const char *suffix, CA_DB *db) 1792int
1834 { 1793save_index(const char *dbfile, const char *suffix, CA_DB *db)
1794{
1835 char buf[3][BSIZE]; 1795 char buf[3][BSIZE];
1836 BIO *out = BIO_new(BIO_s_file()); 1796 BIO *out = BIO_new(BIO_s_file());
1837 int j; 1797 int j;
1838 1798
1839 if (out == NULL) 1799 if (out == NULL) {
1840 {
1841 ERR_print_errors(bio_err); 1800 ERR_print_errors(bio_err);
1842 goto err; 1801 goto err;
1843 } 1802 }
1844 1803
1845 j = strlen(dbfile) + strlen(suffix); 1804 j = strlen(dbfile) + strlen(suffix);
1846 if (j + 6 >= BSIZE) 1805 if (j + 6 >= BSIZE) {
1847 { 1806 BIO_printf(bio_err, "file name too long\n");
1848 BIO_printf(bio_err,"file name too long\n");
1849 goto err; 1807 goto err;
1850 } 1808 }
1851 1809
1852 (void) snprintf(buf[2], sizeof buf[2], "%s.attr", dbfile); 1810 (void) snprintf(buf[2], sizeof buf[2], "%s.attr", dbfile);
1853 (void) snprintf(buf[1], sizeof buf[1], "%s.attr.%s", dbfile, suffix); 1811 (void) snprintf(buf[1], sizeof buf[1], "%s.attr.%s", dbfile, suffix);
@@ -1855,140 +1813,138 @@ int save_index(const char *dbfile, const char *suffix, CA_DB *db)
1855#ifdef RL_DEBUG 1813#ifdef RL_DEBUG
1856 BIO_printf(bio_err, "DEBUG: writing \"%s\"\n", buf[0]); 1814 BIO_printf(bio_err, "DEBUG: writing \"%s\"\n", buf[0]);
1857#endif 1815#endif
1858 if (BIO_write_filename(out,buf[0]) <= 0) 1816 if (BIO_write_filename(out, buf[0]) <= 0) {
1859 {
1860 perror(dbfile); 1817 perror(dbfile);
1861 BIO_printf(bio_err,"unable to open '%s'\n", dbfile); 1818 BIO_printf(bio_err, "unable to open '%s'\n", dbfile);
1862 goto err; 1819 goto err;
1863 } 1820 }
1864 j=TXT_DB_write(out,db->db); 1821 j = TXT_DB_write(out, db->db);
1865 if (j <= 0) goto err; 1822 if (j <= 0)
1866 1823 goto err;
1824
1867 BIO_free(out); 1825 BIO_free(out);
1868 1826
1869 out = BIO_new(BIO_s_file()); 1827 out = BIO_new(BIO_s_file());
1870#ifdef RL_DEBUG 1828#ifdef RL_DEBUG
1871 BIO_printf(bio_err, "DEBUG: writing \"%s\"\n", buf[1]); 1829 BIO_printf(bio_err, "DEBUG: writing \"%s\"\n", buf[1]);
1872#endif 1830#endif
1873 if (BIO_write_filename(out,buf[1]) <= 0) 1831 if (BIO_write_filename(out, buf[1]) <= 0) {
1874 {
1875 perror(buf[2]); 1832 perror(buf[2]);
1876 BIO_printf(bio_err,"unable to open '%s'\n", buf[2]); 1833 BIO_printf(bio_err, "unable to open '%s'\n", buf[2]);
1877 goto err; 1834 goto err;
1878 } 1835 }
1879 BIO_printf(out,"unique_subject = %s\n", 1836 BIO_printf(out, "unique_subject = %s\n",
1880 db->attributes.unique_subject ? "yes" : "no"); 1837 db->attributes.unique_subject ? "yes" : "no");
1881 BIO_free(out); 1838 BIO_free(out);
1882 1839
1883 return 1; 1840 return 1;
1884 err: 1841err:
1885 return 0; 1842 return 0;
1886 } 1843}
1887 1844
1888int rotate_index(const char *dbfile, const char *new_suffix, const char *old_suffix) 1845int
1889 { 1846rotate_index(const char *dbfile, const char *new_suffix, const char *old_suffix)
1847{
1890 char buf[5][BSIZE]; 1848 char buf[5][BSIZE];
1891 int i,j; 1849 int i, j;
1892 1850
1893 i = strlen(dbfile) + strlen(old_suffix); 1851 i = strlen(dbfile) + strlen(old_suffix);
1894 j = strlen(dbfile) + strlen(new_suffix); 1852 j = strlen(dbfile) + strlen(new_suffix);
1895 if (i > j) j = i; 1853 if (i > j)
1896 if (j + 6 >= BSIZE) 1854 j = i;
1897 { 1855 if (j + 6 >= BSIZE) {
1898 BIO_printf(bio_err,"file name too long\n"); 1856 BIO_printf(bio_err, "file name too long\n");
1899 goto err; 1857 goto err;
1900 } 1858 }
1901 1859
1902 (void) snprintf(buf[4], sizeof buf[4], "%s.attr", dbfile); 1860 (void) snprintf(buf[4], sizeof buf[4], "%s.attr", dbfile);
1903 (void) snprintf(buf[2], sizeof buf[2], "%s.attr.%s", 1861 (void) snprintf(buf[2], sizeof buf[2], "%s.attr.%s",
1904 dbfile, new_suffix); 1862 dbfile, new_suffix);
1905 (void) snprintf(buf[0], sizeof buf[0], "%s.%s", 1863 (void) snprintf(buf[0], sizeof buf[0], "%s.%s",
1906 dbfile, new_suffix); 1864 dbfile, new_suffix);
1907 (void) snprintf(buf[1], sizeof buf[1], "%s.%s", 1865 (void) snprintf(buf[1], sizeof buf[1], "%s.%s",
1908 dbfile, old_suffix); 1866 dbfile, old_suffix);
1909 (void) snprintf(buf[3], sizeof buf[3], "%s.attr.%s", 1867 (void) snprintf(buf[3], sizeof buf[3], "%s.attr.%s",
1910 dbfile, old_suffix); 1868 dbfile, old_suffix);
1911#ifdef RL_DEBUG 1869#ifdef RL_DEBUG
1912 BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n", 1870 BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
1913 dbfile, buf[1]); 1871 dbfile, buf[1]);
1914#endif 1872#endif
1915 if (rename(dbfile,buf[1]) < 0 && errno != ENOENT 1873 if (rename(dbfile, buf[1]) < 0 && errno != ENOENT
1916#ifdef ENOTDIR 1874#ifdef ENOTDIR
1917 && errno != ENOTDIR 1875 && errno != ENOTDIR
1918#endif 1876#endif
1919 ) { 1877 ) {
1920 BIO_printf(bio_err, 1878 BIO_printf(bio_err,
1921 "unable to rename %s to %s\n", 1879 "unable to rename %s to %s\n",
1922 dbfile, buf[1]); 1880 dbfile, buf[1]);
1923 perror("reason"); 1881 perror("reason");
1924 goto err; 1882 goto err;
1925 } 1883 }
1926#ifdef RL_DEBUG 1884#ifdef RL_DEBUG
1927 BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n", 1885 BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
1928 buf[0],dbfile); 1886 buf[0], dbfile);
1929#endif 1887#endif
1930 if (rename(buf[0],dbfile) < 0) 1888 if (rename(buf[0], dbfile) < 0) {
1931 {
1932 BIO_printf(bio_err, 1889 BIO_printf(bio_err,
1933 "unable to rename %s to %s\n", 1890 "unable to rename %s to %s\n",
1934 buf[0],dbfile); 1891 buf[0], dbfile);
1935 perror("reason"); 1892 perror("reason");
1936 rename(buf[1],dbfile); 1893 rename(buf[1], dbfile);
1937 goto err; 1894 goto err;
1938 } 1895 }
1939#ifdef RL_DEBUG 1896#ifdef RL_DEBUG
1940 BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n", 1897 BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
1941 buf[4],buf[3]); 1898 buf[4], buf[3]);
1942#endif 1899#endif
1943 if (rename(buf[4],buf[3]) < 0 && errno != ENOENT 1900 if (rename(buf[4], buf[3]) < 0 && errno != ENOENT
1944#ifdef ENOTDIR 1901#ifdef ENOTDIR
1945 && errno != ENOTDIR 1902 && errno != ENOTDIR
1946#endif 1903#endif
1947 ) { 1904 ) {
1948 BIO_printf(bio_err, 1905 BIO_printf(bio_err,
1949 "unable to rename %s to %s\n", 1906 "unable to rename %s to %s\n",
1950 buf[4], buf[3]); 1907 buf[4], buf[3]);
1951 perror("reason"); 1908 perror("reason");
1952 rename(dbfile,buf[0]); 1909 rename(dbfile, buf[0]);
1953 rename(buf[1],dbfile); 1910 rename(buf[1], dbfile);
1954 goto err; 1911 goto err;
1955 } 1912 }
1956#ifdef RL_DEBUG 1913#ifdef RL_DEBUG
1957 BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n", 1914 BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
1958 buf[2],buf[4]); 1915 buf[2], buf[4]);
1959#endif 1916#endif
1960 if (rename(buf[2],buf[4]) < 0) 1917 if (rename(buf[2], buf[4]) < 0) {
1961 {
1962 BIO_printf(bio_err, 1918 BIO_printf(bio_err,
1963 "unable to rename %s to %s\n", 1919 "unable to rename %s to %s\n",
1964 buf[2],buf[4]); 1920 buf[2], buf[4]);
1965 perror("reason"); 1921 perror("reason");
1966 rename(buf[3],buf[4]); 1922 rename(buf[3], buf[4]);
1967 rename(dbfile,buf[0]); 1923 rename(dbfile, buf[0]);
1968 rename(buf[1],dbfile); 1924 rename(buf[1], dbfile);
1969 goto err; 1925 goto err;
1970 } 1926 }
1971 return 1; 1927 return 1;
1972 err: 1928
1929err:
1973 return 0; 1930 return 0;
1974 } 1931}
1975 1932
1976void free_index(CA_DB *db) 1933void
1977 { 1934free_index(CA_DB *db)
1978 if (db) 1935{
1979 { 1936 if (db) {
1980 if (db->db) TXT_DB_free(db->db); 1937 if (db->db) TXT_DB_free(db->db);
1981 OPENSSL_free(db); 1938 OPENSSL_free(db);
1982 }
1983 } 1939 }
1940}
1984 1941
1985int parse_yesno(const char *str, int def) 1942int
1986 { 1943parse_yesno(const char *str, int def)
1944{
1987 int ret = def; 1945 int ret = def;
1988 if (str) 1946 if (str) {
1989 { 1947 switch (*str) {
1990 switch (*str)
1991 {
1992 case 'f': /* false */ 1948 case 'f': /* false */
1993 case 'F': /* FALSE */ 1949 case 'F': /* FALSE */
1994 case 'n': /* no */ 1950 case 'n': /* no */
@@ -2006,17 +1962,18 @@ int parse_yesno(const char *str, int def)
2006 default: 1962 default:
2007 ret = def; 1963 ret = def;
2008 break; 1964 break;
2009 }
2010 } 1965 }
2011 return ret;
2012 } 1966 }
1967 return ret;
1968}
2013 1969
2014/* 1970/*
2015 * subject is expected to be in the format /type0=value0/type1=value1/type2=... 1971 * subject is expected to be in the format /type0=value0/type1=value1/type2=...
2016 * where characters may be escaped by \ 1972 * where characters may be escaped by \
2017 */ 1973 */
2018X509_NAME *parse_name(char *subject, long chtype, int multirdn) 1974X509_NAME *
2019 { 1975parse_name(char *subject, long chtype, int multirdn)
1976{
2020 size_t buflen = strlen(subject)+1; /* to copy the types and values into. due to escaping, the copy can only become shorter */ 1977 size_t buflen = strlen(subject)+1; /* to copy the types and values into. due to escaping, the copy can only become shorter */
2021 char *buf = OPENSSL_malloc(buflen); 1978 char *buf = OPENSSL_malloc(buflen);
2022 size_t max_ne = buflen / 2 + 1; /* maximum number of name elements */ 1979 size_t max_ne = buflen / 2 + 1; /* maximum number of name elements */
@@ -2030,106 +1987,86 @@ X509_NAME *parse_name(char *subject, long chtype, int multirdn)
2030 X509_NAME *n = NULL; 1987 X509_NAME *n = NULL;
2031 int nid; 1988 int nid;
2032 1989
2033 if (!buf || !ne_types || !ne_values || !mval) 1990 if (!buf || !ne_types || !ne_values || !mval) {
2034 {
2035 BIO_printf(bio_err, "malloc error\n"); 1991 BIO_printf(bio_err, "malloc error\n");
2036 goto error; 1992 goto error;
2037 } 1993 }
2038 1994
2039 if (*subject != '/') 1995 if (*subject != '/') {
2040 {
2041 BIO_printf(bio_err, "Subject does not start with '/'.\n"); 1996 BIO_printf(bio_err, "Subject does not start with '/'.\n");
2042 goto error; 1997 goto error;
2043 } 1998 }
2044 sp++; /* skip leading / */ 1999 sp++; /* skip leading / */
2045 2000
2046 /* no multivalued RDN by default */ 2001 /* no multivalued RDN by default */
2047 mval[ne_num] = 0; 2002 mval[ne_num] = 0;
2048 2003
2049 while (*sp) 2004 while (*sp) {
2050 {
2051 /* collect type */ 2005 /* collect type */
2052 ne_types[ne_num] = bp; 2006 ne_types[ne_num] = bp;
2053 while (*sp) 2007 while (*sp) {
2054 {
2055 if (*sp == '\\') /* is there anything to escape in the type...? */ 2008 if (*sp == '\\') /* is there anything to escape in the type...? */
2056 { 2009 {
2057 if (*++sp) 2010 if (*++sp)
2058 *bp++ = *sp++; 2011 *bp++ = *sp++;
2059 else 2012 else {
2060 {
2061 BIO_printf(bio_err, "escape character at end of string\n"); 2013 BIO_printf(bio_err, "escape character at end of string\n");
2062 goto error; 2014 goto error;
2063 } 2015 }
2064 } 2016 } else if (*sp == '=') {
2065 else if (*sp == '=')
2066 {
2067 sp++; 2017 sp++;
2068 *bp++ = '\0'; 2018 *bp++ = '\0';
2069 break; 2019 break;
2070 } 2020 } else
2071 else
2072 *bp++ = *sp++; 2021 *bp++ = *sp++;
2073 } 2022 }
2074 if (!*sp) 2023 if (!*sp) {
2075 {
2076 BIO_printf(bio_err, "end of string encountered while processing type of subject name element #%d\n", ne_num); 2024 BIO_printf(bio_err, "end of string encountered while processing type of subject name element #%d\n", ne_num);
2077 goto error; 2025 goto error;
2078 } 2026 }
2079 ne_values[ne_num] = bp; 2027 ne_values[ne_num] = bp;
2080 while (*sp) 2028 while (*sp) {
2081 { 2029 if (*sp == '\\') {
2082 if (*sp == '\\')
2083 {
2084 if (*++sp) 2030 if (*++sp)
2085 *bp++ = *sp++; 2031 *bp++ = *sp++;
2086 else 2032 else {
2087 {
2088 BIO_printf(bio_err, "escape character at end of string\n"); 2033 BIO_printf(bio_err, "escape character at end of string\n");
2089 goto error; 2034 goto error;
2090 }
2091 } 2035 }
2092 else if (*sp == '/') 2036 } else if (*sp == '/') {
2093 {
2094 sp++; 2037 sp++;
2095 /* no multivalued RDN by default */ 2038 /* no multivalued RDN by default */
2096 mval[ne_num+1] = 0; 2039 mval[ne_num + 1] = 0;
2097 break; 2040 break;
2098 } 2041 } else if (*sp == '+' && multirdn) {
2099 else if (*sp == '+' && multirdn)
2100 {
2101 /* a not escaped + signals a mutlivalued RDN */ 2042 /* a not escaped + signals a mutlivalued RDN */
2102 sp++; 2043 sp++;
2103 mval[ne_num+1] = -1; 2044 mval[ne_num + 1] = -1;
2104 break; 2045 break;
2105 } 2046 } else
2106 else
2107 *bp++ = *sp++; 2047 *bp++ = *sp++;
2108 } 2048 }
2109 *bp++ = '\0'; 2049 *bp++ = '\0';
2110 ne_num++; 2050 ne_num++;
2111 } 2051 }
2112 2052
2113 if (!(n = X509_NAME_new())) 2053 if (!(n = X509_NAME_new()))
2114 goto error; 2054 goto error;
2115 2055
2116 for (i = 0; i < ne_num; i++) 2056 for (i = 0; i < ne_num; i++) {
2117 { 2057 if ((nid = OBJ_txt2nid(ne_types[i])) == NID_undef) {
2118 if ((nid=OBJ_txt2nid(ne_types[i])) == NID_undef)
2119 {
2120 BIO_printf(bio_err, "Subject Attribute %s has no known NID, skipped\n", ne_types[i]); 2058 BIO_printf(bio_err, "Subject Attribute %s has no known NID, skipped\n", ne_types[i]);
2121 continue; 2059 continue;
2122 } 2060 }
2123 2061
2124 if (!*ne_values[i]) 2062 if (!*ne_values[i]) {
2125 {
2126 BIO_printf(bio_err, "No value provided for Subject Attribute %s, skipped\n", ne_types[i]); 2063 BIO_printf(bio_err, "No value provided for Subject Attribute %s, skipped\n", ne_types[i]);
2127 continue; 2064 continue;
2128 } 2065 }
2129 2066
2130 if (!X509_NAME_add_entry_by_NID(n, nid, chtype, (unsigned char*)ne_values[i], -1,-1,mval[i])) 2067 if (!X509_NAME_add_entry_by_NID(n, nid, chtype, (unsigned char*)ne_values[i], -1, -1, mval[i]))
2131 goto error; 2068 goto error;
2132 } 2069 }
2133 2070
2134 OPENSSL_free(ne_values); 2071 OPENSSL_free(ne_values);
2135 OPENSSL_free(ne_types); 2072 OPENSSL_free(ne_types);
@@ -2150,9 +2087,10 @@ error:
2150 return NULL; 2087 return NULL;
2151} 2088}
2152 2089
2153int args_verify(char ***pargs, int *pargc, 2090int
2154 int *badarg, BIO *err, X509_VERIFY_PARAM **pm) 2091args_verify(char ***pargs, int *pargc,
2155 { 2092 int *badarg, BIO *err, X509_VERIFY_PARAM **pm)
2093{
2156 ASN1_OBJECT *otmp = NULL; 2094 ASN1_OBJECT *otmp = NULL;
2157 unsigned long flags = 0; 2095 unsigned long flags = 0;
2158 int i; 2096 int i;
@@ -2160,80 +2098,62 @@ int args_verify(char ***pargs, int *pargc,
2160 char **oldargs = *pargs; 2098 char **oldargs = *pargs;
2161 char *arg = **pargs, *argn = (*pargs)[1]; 2099 char *arg = **pargs, *argn = (*pargs)[1];
2162 time_t at_time = 0; 2100 time_t at_time = 0;
2163 if (!strcmp(arg, "-policy")) 2101 if (!strcmp(arg, "-policy")) {
2164 {
2165 if (!argn) 2102 if (!argn)
2166 *badarg = 1; 2103 *badarg = 1;
2167 else 2104 else {
2168 {
2169 otmp = OBJ_txt2obj(argn, 0); 2105 otmp = OBJ_txt2obj(argn, 0);
2170 if (!otmp) 2106 if (!otmp) {
2171 {
2172 BIO_printf(err, "Invalid Policy \"%s\"\n", 2107 BIO_printf(err, "Invalid Policy \"%s\"\n",
2173 argn); 2108 argn);
2174 *badarg = 1; 2109 *badarg = 1;
2175 }
2176 } 2110 }
2177 (*pargs)++;
2178 } 2111 }
2179 else if (strcmp(arg,"-purpose") == 0) 2112 (*pargs)++;
2180 { 2113 } else if (strcmp(arg, "-purpose") == 0) {
2181 X509_PURPOSE *xptmp; 2114 X509_PURPOSE *xptmp;
2182 if (!argn) 2115 if (!argn)
2183 *badarg = 1; 2116 *badarg = 1;
2184 else 2117 else {
2185 {
2186 i = X509_PURPOSE_get_by_sname(argn); 2118 i = X509_PURPOSE_get_by_sname(argn);
2187 if(i < 0) 2119 if (i < 0) {
2188 {
2189 BIO_printf(err, "unrecognized purpose\n"); 2120 BIO_printf(err, "unrecognized purpose\n");
2190 *badarg = 1; 2121 *badarg = 1;
2191 } 2122 } else {
2192 else
2193 {
2194 xptmp = X509_PURPOSE_get0(i); 2123 xptmp = X509_PURPOSE_get0(i);
2195 purpose = X509_PURPOSE_get_id(xptmp); 2124 purpose = X509_PURPOSE_get_id(xptmp);
2196 }
2197 } 2125 }
2198 (*pargs)++;
2199 } 2126 }
2200 else if (strcmp(arg,"-verify_depth") == 0) 2127 (*pargs)++;
2201 { 2128 } else if (strcmp(arg, "-verify_depth") == 0) {
2202 if (!argn) 2129 if (!argn)
2203 *badarg = 1; 2130 *badarg = 1;
2204 else 2131 else {
2205 {
2206 depth = atoi(argn); 2132 depth = atoi(argn);
2207 if(depth < 0) 2133 if (depth < 0) {
2208 {
2209 BIO_printf(err, "invalid depth\n"); 2134 BIO_printf(err, "invalid depth\n");
2210 *badarg = 1; 2135 *badarg = 1;
2211 }
2212 } 2136 }
2213 (*pargs)++;
2214 } 2137 }
2215 else if (strcmp(arg,"-attime") == 0) 2138 (*pargs)++;
2216 { 2139 } else if (strcmp(arg, "-attime") == 0) {
2217 if (!argn) 2140 if (!argn)
2218 *badarg = 1; 2141 *badarg = 1;
2219 else 2142 else {
2220 {
2221 long timestamp; 2143 long timestamp;
2222 /* interpret the -attime argument as seconds since 2144 /* interpret the -attime argument as seconds since
2223 * Epoch */ 2145 * Epoch */
2224 if (sscanf(argn, "%li", &timestamp) != 1) 2146 if (sscanf(argn, "%li", &timestamp) != 1) {
2225 {
2226 BIO_printf(bio_err, 2147 BIO_printf(bio_err,
2227 "Error parsing timestamp %s\n", 2148 "Error parsing timestamp %s\n",
2228 argn); 2149 argn);
2229 *badarg = 1; 2150 *badarg = 1;
2230 } 2151 }
2231 /* on some platforms time_t may be a float */ 2152 /* on some platforms time_t may be a float */
2232 at_time = (time_t) timestamp; 2153 at_time = (time_t) timestamp;
2233 }
2234 (*pargs)++;
2235 } 2154 }
2236 else if (!strcmp(arg, "-ignore_critical")) 2155 (*pargs)++;
2156 } else if (!strcmp(arg, "-ignore_critical"))
2237 flags |= X509_V_FLAG_IGNORE_CRITICAL; 2157 flags |= X509_V_FLAG_IGNORE_CRITICAL;
2238 else if (!strcmp(arg, "-issuer_checks")) 2158 else if (!strcmp(arg, "-issuer_checks"))
2239 flags |= X509_V_FLAG_CB_ISSUER_CHECK; 2159 flags |= X509_V_FLAG_CB_ISSUER_CHECK;
@@ -2262,19 +2182,17 @@ int args_verify(char ***pargs, int *pargc,
2262 else 2182 else
2263 return 0; 2183 return 0;
2264 2184
2265 if (*badarg) 2185 if (*badarg) {
2266 {
2267 if (*pm) 2186 if (*pm)
2268 X509_VERIFY_PARAM_free(*pm); 2187 X509_VERIFY_PARAM_free(*pm);
2269 *pm = NULL; 2188 *pm = NULL;
2270 goto end; 2189 goto end;
2271 } 2190 }
2272 2191
2273 if (!*pm && !(*pm = X509_VERIFY_PARAM_new())) 2192 if (!*pm && !(*pm = X509_VERIFY_PARAM_new())) {
2274 {
2275 *badarg = 1; 2193 *badarg = 1;
2276 goto end; 2194 goto end;
2277 } 2195 }
2278 2196
2279 if (otmp) 2197 if (otmp)
2280 X509_VERIFY_PARAM_add0_policy(*pm, otmp); 2198 X509_VERIFY_PARAM_add0_policy(*pm, otmp);
@@ -2287,34 +2205,32 @@ int args_verify(char ***pargs, int *pargc,
2287 if (depth >= 0) 2205 if (depth >= 0)
2288 X509_VERIFY_PARAM_set_depth(*pm, depth); 2206 X509_VERIFY_PARAM_set_depth(*pm, depth);
2289 2207
2290 if (at_time) 2208 if (at_time)
2291 X509_VERIFY_PARAM_set_time(*pm, at_time); 2209 X509_VERIFY_PARAM_set_time(*pm, at_time);
2292 2210
2293 end: 2211end:
2294
2295 (*pargs)++; 2212 (*pargs)++;
2296 2213
2297 if (pargc) 2214 if (pargc)
2298 *pargc -= *pargs - oldargs; 2215 *pargc -= *pargs - oldargs;
2299 2216
2300 return 1; 2217 return 1;
2301 2218}
2302 }
2303 2219
2304/* Read whole contents of a BIO into an allocated memory buffer and 2220/* Read whole contents of a BIO into an allocated memory buffer and
2305 * return it. 2221 * return it.
2306 */ 2222 */
2307 2223
2308int bio_to_mem(unsigned char **out, int maxlen, BIO *in) 2224int
2309 { 2225bio_to_mem(unsigned char **out, int maxlen, BIO *in)
2226{
2310 BIO *mem; 2227 BIO *mem;
2311 int len, ret; 2228 int len, ret;
2312 unsigned char tbuf[1024]; 2229 unsigned char tbuf[1024];
2313 mem = BIO_new(BIO_s_mem()); 2230 mem = BIO_new(BIO_s_mem());
2314 if (!mem) 2231 if (!mem)
2315 return -1; 2232 return -1;
2316 for(;;) 2233 for (;;) {
2317 {
2318 if ((maxlen != -1) && maxlen < 1024) 2234 if ((maxlen != -1) && maxlen < 1024)
2319 len = maxlen; 2235 len = maxlen;
2320 else 2236 else
@@ -2322,86 +2238,83 @@ int bio_to_mem(unsigned char **out, int maxlen, BIO *in)
2322 len = BIO_read(in, tbuf, len); 2238 len = BIO_read(in, tbuf, len);
2323 if (len <= 0) 2239 if (len <= 0)
2324 break; 2240 break;
2325 if (BIO_write(mem, tbuf, len) != len) 2241 if (BIO_write(mem, tbuf, len) != len) {
2326 {
2327 BIO_free(mem); 2242 BIO_free(mem);
2328 return -1; 2243 return -1;
2329 } 2244 }
2330 maxlen -= len; 2245 maxlen -= len;
2331 2246
2332 if (maxlen == 0) 2247 if (maxlen == 0)
2333 break; 2248 break;
2334 } 2249 }
2335 ret = BIO_get_mem_data(mem, (char **)out); 2250 ret = BIO_get_mem_data(mem, (char **)out);
2336 BIO_set_flags(mem, BIO_FLAGS_MEM_RDONLY); 2251 BIO_set_flags(mem, BIO_FLAGS_MEM_RDONLY);
2337 BIO_free(mem); 2252 BIO_free(mem);
2338 return ret; 2253 return ret;
2339 } 2254}
2340 2255
2341int pkey_ctrl_string(EVP_PKEY_CTX *ctx, char *value) 2256int
2342 { 2257pkey_ctrl_string(EVP_PKEY_CTX *ctx, char *value)
2258{
2343 int rv; 2259 int rv;
2344 char *stmp, *vtmp = NULL; 2260 char *stmp, *vtmp = NULL;
2345 stmp = BUF_strdup(value); 2261 stmp = BUF_strdup(value);
2346 if (!stmp) 2262 if (!stmp)
2347 return -1; 2263 return -1;
2348 vtmp = strchr(stmp, ':'); 2264 vtmp = strchr(stmp, ':');
2349 if (vtmp) 2265 if (vtmp) {
2350 {
2351 *vtmp = 0; 2266 *vtmp = 0;
2352 vtmp++; 2267 vtmp++;
2353 } 2268 }
2354 rv = EVP_PKEY_CTX_ctrl_str(ctx, stmp, vtmp); 2269 rv = EVP_PKEY_CTX_ctrl_str(ctx, stmp, vtmp);
2355 OPENSSL_free(stmp); 2270 OPENSSL_free(stmp);
2356 return rv; 2271 return rv;
2357 } 2272}
2358 2273
2359static void nodes_print(BIO *out, const char *name, 2274static void
2360 STACK_OF(X509_POLICY_NODE) *nodes) 2275nodes_print(BIO *out, const char *name, STACK_OF(X509_POLICY_NODE) *nodes)
2361 { 2276{
2362 X509_POLICY_NODE *node; 2277 X509_POLICY_NODE *node;
2363 int i; 2278 int i;
2364 BIO_printf(out, "%s Policies:", name); 2279 BIO_printf(out, "%s Policies:", name);
2365 if (nodes) 2280 if (nodes) {
2366 {
2367 BIO_puts(out, "\n"); 2281 BIO_puts(out, "\n");
2368 for (i = 0; i < sk_X509_POLICY_NODE_num(nodes); i++) 2282 for (i = 0; i < sk_X509_POLICY_NODE_num(nodes); i++) {
2369 {
2370 node = sk_X509_POLICY_NODE_value(nodes, i); 2283 node = sk_X509_POLICY_NODE_value(nodes, i);
2371 X509_POLICY_NODE_print(out, node, 2); 2284 X509_POLICY_NODE_print(out, node, 2);
2372 }
2373 } 2285 }
2374 else 2286 } else
2375 BIO_puts(out, " <empty>\n"); 2287 BIO_puts(out, " <empty>\n");
2376 } 2288}
2377 2289
2378void policies_print(BIO *out, X509_STORE_CTX *ctx) 2290void
2379 { 2291policies_print(BIO *out, X509_STORE_CTX *ctx)
2292{
2380 X509_POLICY_TREE *tree; 2293 X509_POLICY_TREE *tree;
2381 int explicit_policy; 2294 int explicit_policy;
2382 int free_out = 0; 2295 int free_out = 0;
2383 if (out == NULL) 2296 if (out == NULL) {
2384 {
2385 out = BIO_new_fp(stderr, BIO_NOCLOSE); 2297 out = BIO_new_fp(stderr, BIO_NOCLOSE);
2386 free_out = 1; 2298 free_out = 1;
2387 } 2299 }
2388 tree = X509_STORE_CTX_get0_policy_tree(ctx); 2300 tree = X509_STORE_CTX_get0_policy_tree(ctx);
2389 explicit_policy = X509_STORE_CTX_get_explicit_policy(ctx); 2301 explicit_policy = X509_STORE_CTX_get_explicit_policy(ctx);
2390 2302
2391 BIO_printf(out, "Require explicit Policy: %s\n", 2303 BIO_printf(out, "Require explicit Policy: %s\n",
2392 explicit_policy ? "True" : "False"); 2304 explicit_policy ? "True" : "False");
2393 2305
2394 nodes_print(out, "Authority", X509_policy_tree_get0_policies(tree)); 2306 nodes_print(out, "Authority", X509_policy_tree_get0_policies(tree));
2395 nodes_print(out, "User", X509_policy_tree_get0_user_policies(tree)); 2307 nodes_print(out, "User", X509_policy_tree_get0_user_policies(tree));
2396 if (free_out) 2308 if (free_out)
2397 BIO_free(out); 2309 BIO_free(out);
2398 } 2310}
2399 2311
2400#if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK) 2312#if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK)
2401 2313
2402static JPAKE_CTX *jpake_init(const char *us, const char *them, 2314static JPAKE_CTX *
2403 const char *secret) 2315jpake_init(const char *us, const char *them,
2404 { 2316 const char *secret)
2317{
2405 BIGNUM *p = NULL; 2318 BIGNUM *p = NULL;
2406 BIGNUM *g = NULL; 2319 BIGNUM *g = NULL;
2407 BIGNUM *q = NULL; 2320 BIGNUM *q = NULL;
@@ -2424,20 +2337,22 @@ static JPAKE_CTX *jpake_init(const char *us, const char *them,
2424 BN_free(p); 2337 BN_free(p);
2425 2338
2426 return ctx; 2339 return ctx;
2427 } 2340}
2428 2341
2429static void jpake_send_part(BIO *conn, const JPAKE_STEP_PART *p) 2342static void
2430 { 2343jpake_send_part(BIO *conn, const JPAKE_STEP_PART *p)
2344{
2431 BN_print(conn, p->gx); 2345 BN_print(conn, p->gx);
2432 BIO_puts(conn, "\n"); 2346 BIO_puts(conn, "\n");
2433 BN_print(conn, p->zkpx.gr); 2347 BN_print(conn, p->zkpx.gr);
2434 BIO_puts(conn, "\n"); 2348 BIO_puts(conn, "\n");
2435 BN_print(conn, p->zkpx.b); 2349 BN_print(conn, p->zkpx.b);
2436 BIO_puts(conn, "\n"); 2350 BIO_puts(conn, "\n");
2437 } 2351}
2438 2352
2439static void jpake_send_step1(BIO *bconn, JPAKE_CTX *ctx) 2353static void
2440 { 2354jpake_send_step1(BIO *bconn, JPAKE_CTX *ctx)
2355{
2441 JPAKE_STEP1 s1; 2356 JPAKE_STEP1 s1;
2442 2357
2443 JPAKE_STEP1_init(&s1); 2358 JPAKE_STEP1_init(&s1);
@@ -2446,10 +2361,11 @@ static void jpake_send_step1(BIO *bconn, JPAKE_CTX *ctx)
2446 jpake_send_part(bconn, &s1.p2); 2361 jpake_send_part(bconn, &s1.p2);
2447 (void)BIO_flush(bconn); 2362 (void)BIO_flush(bconn);
2448 JPAKE_STEP1_release(&s1); 2363 JPAKE_STEP1_release(&s1);
2449 } 2364}
2450 2365
2451static void jpake_send_step2(BIO *bconn, JPAKE_CTX *ctx) 2366static void
2452 { 2367jpake_send_step2(BIO *bconn, JPAKE_CTX *ctx)
2368{
2453 JPAKE_STEP2 s2; 2369 JPAKE_STEP2 s2;
2454 2370
2455 JPAKE_STEP2_init(&s2); 2371 JPAKE_STEP2_init(&s2);
@@ -2457,10 +2373,11 @@ static void jpake_send_step2(BIO *bconn, JPAKE_CTX *ctx)
2457 jpake_send_part(bconn, &s2); 2373 jpake_send_part(bconn, &s2);
2458 (void)BIO_flush(bconn); 2374 (void)BIO_flush(bconn);
2459 JPAKE_STEP2_release(&s2); 2375 JPAKE_STEP2_release(&s2);
2460 } 2376}
2461 2377
2462static void jpake_send_step3a(BIO *bconn, JPAKE_CTX *ctx) 2378static void
2463 { 2379jpake_send_step3a(BIO *bconn, JPAKE_CTX *ctx)
2380{
2464 JPAKE_STEP3A s3a; 2381 JPAKE_STEP3A s3a;
2465 2382
2466 JPAKE_STEP3A_init(&s3a); 2383 JPAKE_STEP3A_init(&s3a);
@@ -2468,10 +2385,11 @@ static void jpake_send_step3a(BIO *bconn, JPAKE_CTX *ctx)
2468 BIO_write(bconn, s3a.hhk, sizeof s3a.hhk); 2385 BIO_write(bconn, s3a.hhk, sizeof s3a.hhk);
2469 (void)BIO_flush(bconn); 2386 (void)BIO_flush(bconn);
2470 JPAKE_STEP3A_release(&s3a); 2387 JPAKE_STEP3A_release(&s3a);
2471 } 2388}
2472 2389
2473static void jpake_send_step3b(BIO *bconn, JPAKE_CTX *ctx) 2390static void
2474 { 2391jpake_send_step3b(BIO *bconn, JPAKE_CTX *ctx)
2392{
2475 JPAKE_STEP3B s3b; 2393 JPAKE_STEP3B s3b;
2476 2394
2477 JPAKE_STEP3B_init(&s3b); 2395 JPAKE_STEP3B_init(&s3b);
@@ -2479,90 +2397,93 @@ static void jpake_send_step3b(BIO *bconn, JPAKE_CTX *ctx)
2479 BIO_write(bconn, s3b.hk, sizeof s3b.hk); 2397 BIO_write(bconn, s3b.hk, sizeof s3b.hk);
2480 (void)BIO_flush(bconn); 2398 (void)BIO_flush(bconn);
2481 JPAKE_STEP3B_release(&s3b); 2399 JPAKE_STEP3B_release(&s3b);
2482 } 2400}
2483 2401
2484static void readbn(BIGNUM **bn, BIO *bconn) 2402static void
2485 { 2403readbn(BIGNUM **bn, BIO *bconn)
2404{
2486 char buf[10240]; 2405 char buf[10240];
2487 int l; 2406 int l;
2488 2407
2489 l = BIO_gets(bconn, buf, sizeof buf); 2408 l = BIO_gets(bconn, buf, sizeof buf);
2490 assert(l > 0); 2409 assert(l > 0);
2491 assert(buf[l-1] == '\n'); 2410 assert(buf[l - 1] == '\n');
2492 buf[l-1] = '\0'; 2411 buf[l - 1] = '\0';
2493 BN_hex2bn(bn, buf); 2412 BN_hex2bn(bn, buf);
2494 } 2413}
2495 2414
2496static void jpake_receive_part(JPAKE_STEP_PART *p, BIO *bconn) 2415static void
2497 { 2416jpake_receive_part(JPAKE_STEP_PART *p, BIO *bconn)
2417{
2498 readbn(&p->gx, bconn); 2418 readbn(&p->gx, bconn);
2499 readbn(&p->zkpx.gr, bconn); 2419 readbn(&p->zkpx.gr, bconn);
2500 readbn(&p->zkpx.b, bconn); 2420 readbn(&p->zkpx.b, bconn);
2501 } 2421}
2502 2422
2503static void jpake_receive_step1(JPAKE_CTX *ctx, BIO *bconn) 2423static void
2504 { 2424jpake_receive_step1(JPAKE_CTX *ctx, BIO *bconn)
2425{
2505 JPAKE_STEP1 s1; 2426 JPAKE_STEP1 s1;
2506 2427
2507 JPAKE_STEP1_init(&s1); 2428 JPAKE_STEP1_init(&s1);
2508 jpake_receive_part(&s1.p1, bconn); 2429 jpake_receive_part(&s1.p1, bconn);
2509 jpake_receive_part(&s1.p2, bconn); 2430 jpake_receive_part(&s1.p2, bconn);
2510 if(!JPAKE_STEP1_process(ctx, &s1)) 2431 if (!JPAKE_STEP1_process(ctx, &s1)) {
2511 {
2512 ERR_print_errors(bio_err); 2432 ERR_print_errors(bio_err);
2513 exit(1); 2433 exit(1);
2514 }
2515 JPAKE_STEP1_release(&s1);
2516 } 2434 }
2435 JPAKE_STEP1_release(&s1);
2436}
2517 2437
2518static void jpake_receive_step2(JPAKE_CTX *ctx, BIO *bconn) 2438static void
2519 { 2439jpake_receive_step2(JPAKE_CTX *ctx, BIO *bconn)
2440{
2520 JPAKE_STEP2 s2; 2441 JPAKE_STEP2 s2;
2521 2442
2522 JPAKE_STEP2_init(&s2); 2443 JPAKE_STEP2_init(&s2);
2523 jpake_receive_part(&s2, bconn); 2444 jpake_receive_part(&s2, bconn);
2524 if(!JPAKE_STEP2_process(ctx, &s2)) 2445 if (!JPAKE_STEP2_process(ctx, &s2)) {
2525 {
2526 ERR_print_errors(bio_err); 2446 ERR_print_errors(bio_err);
2527 exit(1); 2447 exit(1);
2528 }
2529 JPAKE_STEP2_release(&s2);
2530 } 2448 }
2449 JPAKE_STEP2_release(&s2);
2450}
2531 2451
2532static void jpake_receive_step3a(JPAKE_CTX *ctx, BIO *bconn) 2452static void
2533 { 2453jpake_receive_step3a(JPAKE_CTX *ctx, BIO *bconn)
2454{
2534 JPAKE_STEP3A s3a; 2455 JPAKE_STEP3A s3a;
2535 int l; 2456 int l;
2536 2457
2537 JPAKE_STEP3A_init(&s3a); 2458 JPAKE_STEP3A_init(&s3a);
2538 l = BIO_read(bconn, s3a.hhk, sizeof s3a.hhk); 2459 l = BIO_read(bconn, s3a.hhk, sizeof s3a.hhk);
2539 assert(l == sizeof s3a.hhk); 2460 assert(l == sizeof s3a.hhk);
2540 if(!JPAKE_STEP3A_process(ctx, &s3a)) 2461 if (!JPAKE_STEP3A_process(ctx, &s3a)) {
2541 {
2542 ERR_print_errors(bio_err); 2462 ERR_print_errors(bio_err);
2543 exit(1); 2463 exit(1);
2544 }
2545 JPAKE_STEP3A_release(&s3a);
2546 } 2464 }
2465 JPAKE_STEP3A_release(&s3a);
2466}
2547 2467
2548static void jpake_receive_step3b(JPAKE_CTX *ctx, BIO *bconn) 2468static void
2549 { 2469jpake_receive_step3b(JPAKE_CTX *ctx, BIO *bconn)
2470{
2550 JPAKE_STEP3B s3b; 2471 JPAKE_STEP3B s3b;
2551 int l; 2472 int l;
2552 2473
2553 JPAKE_STEP3B_init(&s3b); 2474 JPAKE_STEP3B_init(&s3b);
2554 l = BIO_read(bconn, s3b.hk, sizeof s3b.hk); 2475 l = BIO_read(bconn, s3b.hk, sizeof s3b.hk);
2555 assert(l == sizeof s3b.hk); 2476 assert(l == sizeof s3b.hk);
2556 if(!JPAKE_STEP3B_process(ctx, &s3b)) 2477 if (!JPAKE_STEP3B_process(ctx, &s3b)) {
2557 {
2558 ERR_print_errors(bio_err); 2478 ERR_print_errors(bio_err);
2559 exit(1); 2479 exit(1);
2560 }
2561 JPAKE_STEP3B_release(&s3b);
2562 } 2480 }
2481 JPAKE_STEP3B_release(&s3b);
2482}
2563 2483
2564void jpake_client_auth(BIO *out, BIO *conn, const char *secret) 2484void
2565 { 2485jpake_client_auth(BIO *out, BIO *conn, const char *secret)
2486{
2566 JPAKE_CTX *ctx; 2487 JPAKE_CTX *ctx;
2567 BIO *bconn; 2488 BIO *bconn;
2568 2489
@@ -2588,10 +2509,11 @@ void jpake_client_auth(BIO *out, BIO *conn, const char *secret)
2588 BIO_free(bconn); 2509 BIO_free(bconn);
2589 2510
2590 JPAKE_CTX_free(ctx); 2511 JPAKE_CTX_free(ctx);
2591 } 2512}
2592 2513
2593void jpake_server_auth(BIO *out, BIO *conn, const char *secret) 2514void
2594 { 2515jpake_server_auth(BIO *out, BIO *conn, const char *secret)
2516{
2595 JPAKE_CTX *ctx; 2517 JPAKE_CTX *ctx;
2596 BIO *bconn; 2518 BIO *bconn;
2597 2519
@@ -2617,7 +2539,7 @@ void jpake_server_auth(BIO *out, BIO *conn, const char *secret)
2617 BIO_free(bconn); 2539 BIO_free(bconn);
2618 2540
2619 JPAKE_CTX_free(ctx); 2541 JPAKE_CTX_free(ctx);
2620 } 2542}
2621 2543
2622#endif 2544#endif
2623 2545
@@ -2630,8 +2552,9 @@ void jpake_server_auth(BIO *out, BIO *conn, const char *secret)
2630 * 2552 *
2631 * returns: a malloced buffer or NULL on failure. 2553 * returns: a malloced buffer or NULL on failure.
2632 */ 2554 */
2633unsigned char *next_protos_parse(unsigned short *outlen, const char *in) 2555unsigned char *
2634 { 2556next_protos_parse(unsigned short *outlen, const char *in)
2557{
2635 size_t len; 2558 size_t len;
2636 unsigned char *out; 2559 unsigned char *out;
2637 size_t i, start = 0; 2560 size_t i, start = 0;
@@ -2644,25 +2567,21 @@ unsigned char *next_protos_parse(unsigned short *outlen, const char *in)
2644 if (!out) 2567 if (!out)
2645 return NULL; 2568 return NULL;
2646 2569
2647 for (i = 0; i <= len; ++i) 2570 for (i = 0; i <= len; ++i) {
2648 { 2571 if (i == len || in[i] == ', ') {
2649 if (i == len || in[i] == ',') 2572 if (i - start > 255) {
2650 {
2651 if (i - start > 255)
2652 {
2653 OPENSSL_free(out); 2573 OPENSSL_free(out);
2654 return NULL; 2574 return NULL;
2655 } 2575 }
2656 out[start] = i - start; 2576 out[start] = i - start;
2657 start = i + 1; 2577 start = i + 1;
2658 } 2578 } else
2659 else 2579 out[i + 1] = in[i];
2660 out[i+1] = in[i]; 2580 }
2661 }
2662 2581
2663 *outlen = len + 1; 2582 *outlen = len + 1;
2664 return out; 2583 return out;
2665 } 2584}
2666#endif /* !OPENSSL_NO_TLSEXT && !OPENSSL_NO_NEXTPROTONEG */ 2585#endif /* !OPENSSL_NO_TLSEXT && !OPENSSL_NO_NEXTPROTONEG */
2667 2586
2668/* 2587/*
@@ -2677,117 +2596,115 @@ unsigned char *next_protos_parse(unsigned short *outlen, const char *in)
2677# include <windows.h> 2596# include <windows.h>
2678# include <tchar.h> 2597# include <tchar.h>
2679 2598
2680static int WIN32_rename(const char *from, const char *to) 2599static int
2681 { 2600WIN32_rename(const char *from, const char *to)
2682 TCHAR *tfrom=NULL,*tto; 2601{
2602 TCHAR *tfrom = NULL, *tto;
2683 DWORD err; 2603 DWORD err;
2684 int ret=0; 2604 int ret = 0;
2685 2605
2686 if (sizeof(TCHAR) == 1) 2606 if (sizeof(TCHAR) == 1) {
2687 {
2688 tfrom = (TCHAR *)from; 2607 tfrom = (TCHAR *)from;
2689 tto = (TCHAR *)to; 2608 tto = (TCHAR *)to;
2690 } 2609 }
2691 else /* UNICODE path */ 2610 else /* UNICODE path */
2692 { 2611 {
2693 size_t i,flen=strlen(from)+1,tlen=strlen(to)+1; 2612 size_t i, flen = strlen(from) + 1, tlen = strlen(to) + 1;
2694 tfrom = (TCHAR *)malloc(sizeof(TCHAR)*(flen+tlen)); 2613 tfrom = (TCHAR *)malloc(sizeof(TCHAR)*(flen + tlen));
2695 if (tfrom==NULL) goto err; 2614 if (tfrom == NULL)
2696 tto=tfrom+flen; 2615 goto err;
2616 tto = tfrom + flen;
2697#if !defined(_WIN32_WCE) || _WIN32_WCE>=101 2617#if !defined(_WIN32_WCE) || _WIN32_WCE>=101
2698 if (!MultiByteToWideChar(CP_ACP,0,from,flen,(WCHAR *)tfrom,flen)) 2618 if (!MultiByteToWideChar(CP_ACP, 0, from, flen, (WCHAR *)tfrom, flen))
2699#endif 2619#endif
2700 for (i=0;i<flen;i++) tfrom[i]=(TCHAR)from[i]; 2620 for (i = 0;i < flen;i++) tfrom[i] = (TCHAR)from[i];
2701#if !defined(_WIN32_WCE) || _WIN32_WCE>=101 2621#if !defined(_WIN32_WCE) || _WIN32_WCE>=101
2702 if (!MultiByteToWideChar(CP_ACP,0,to, tlen,(WCHAR *)tto, tlen)) 2622 if (!MultiByteToWideChar(CP_ACP, 0, to, tlen, (WCHAR *)tto, tlen))
2703#endif 2623#endif
2704 for (i=0;i<tlen;i++) tto[i] =(TCHAR)to[i]; 2624 for (i = 0;i < tlen;i++) tto[i] = (TCHAR)to[i];
2705 } 2625 }
2706 2626
2707 if (MoveFile(tfrom,tto)) goto ok; 2627 if (MoveFile(tfrom, tto))
2708 err=GetLastError();
2709 if (err==ERROR_ALREADY_EXISTS || err==ERROR_FILE_EXISTS)
2710 {
2711 if (DeleteFile(tto) && MoveFile(tfrom,tto))
2712 goto ok; 2628 goto ok;
2713 err=GetLastError(); 2629 err = GetLastError();
2714 } 2630 if (err == ERROR_ALREADY_EXISTS || err == ERROR_FILE_EXISTS) {
2715 if (err==ERROR_FILE_NOT_FOUND || err==ERROR_PATH_NOT_FOUND) 2631 if (DeleteFile(tto) && MoveFile(tfrom, tto))
2632 goto ok;
2633 err = GetLastError();
2634 }
2635 if (err == ERROR_FILE_NOT_FOUND || err == ERROR_PATH_NOT_FOUND)
2716 errno = ENOENT; 2636 errno = ENOENT;
2717 else if (err==ERROR_ACCESS_DENIED) 2637 else if (err == ERROR_ACCESS_DENIED)
2718 errno = EACCES; 2638 errno = EACCES;
2719 else 2639 else
2720 errno = EINVAL; /* we could map more codes... */ 2640 errno = EINVAL; /* we could map more codes... */
2721err: 2641err:
2722 ret=-1; 2642 ret = -1;
2723ok: 2643ok:
2724 if (tfrom!=NULL && tfrom!=(TCHAR *)from) free(tfrom); 2644 if (tfrom != NULL && tfrom != (TCHAR *)from) free(tfrom);
2725 return ret; 2645 return ret;
2726 } 2646}
2727#endif 2647#endif
2728 2648
2729/* app_tminterval section */ 2649/* app_tminterval section */
2730#if defined(_WIN32) 2650#if defined(_WIN32)
2731double app_tminterval(int stop,int usertime) 2651double
2732 { 2652app_tminterval(int stop, int usertime)
2653{
2733 FILETIME now; 2654 FILETIME now;
2734 double ret=0; 2655 double ret = 0;
2735 static ULARGE_INTEGER tmstart; 2656 static ULARGE_INTEGER tmstart;
2736 static int warning=1; 2657 static int warning = 1;
2737#ifdef _WIN32_WINNT 2658#ifdef _WIN32_WINNT
2738 static HANDLE proc=NULL; 2659 static HANDLE proc = NULL;
2739 2660
2740 if (proc==NULL) 2661 if (proc == NULL) {
2741 {
2742 if (check_winnt()) 2662 if (check_winnt())
2743 proc = OpenProcess(PROCESS_QUERY_INFORMATION,FALSE, 2663 proc = OpenProcess(PROCESS_QUERY_INFORMATION, FALSE,
2744 GetCurrentProcessId()); 2664 GetCurrentProcessId());
2745 if (proc==NULL) proc = (HANDLE)-1; 2665 if (proc == NULL) proc = (HANDLE) - 1;
2746 } 2666 }
2747 2667
2748 if (usertime && proc!=(HANDLE)-1) 2668 if (usertime && proc != (HANDLE) - 1) {
2749 {
2750 FILETIME junk; 2669 FILETIME junk;
2751 GetProcessTimes(proc,&junk,&junk,&junk,&now); 2670 GetProcessTimes(proc, &junk, &junk, &junk, &now);
2752 } 2671 } else
2753 else
2754#endif 2672#endif
2755 { 2673 {
2756 SYSTEMTIME systime; 2674 SYSTEMTIME systime;
2757 2675
2758 if (usertime && warning) 2676 if (usertime && warning) {
2759 { 2677 BIO_printf(bio_err, "To get meaningful results, run "
2760 BIO_printf(bio_err,"To get meaningful results, run " 2678 "this program on idle system.\n");
2761 "this program on idle system.\n"); 2679 warning = 0;
2762 warning=0;
2763 }
2764 GetSystemTime(&systime);
2765 SystemTimeToFileTime(&systime,&now);
2766 } 2680 }
2681 GetSystemTime(&systime);
2682 SystemTimeToFileTime(&systime, &now);
2683 }
2767 2684
2768 if (stop==TM_START) 2685 if (stop == TM_START) {
2769 { 2686 tmstart.u.LowPart = now.dwLowDateTime;
2770 tmstart.u.LowPart = now.dwLowDateTime;
2771 tmstart.u.HighPart = now.dwHighDateTime; 2687 tmstart.u.HighPart = now.dwHighDateTime;
2772 } 2688 }
2773 else { 2689 else {
2774 ULARGE_INTEGER tmstop; 2690 ULARGE_INTEGER tmstop;
2775 2691
2776 tmstop.u.LowPart = now.dwLowDateTime; 2692 tmstop.u.LowPart = now.dwLowDateTime;
2777 tmstop.u.HighPart = now.dwHighDateTime; 2693 tmstop.u.HighPart = now.dwHighDateTime;
2778 2694
2779 ret = (__int64)(tmstop.QuadPart - tmstart.QuadPart)*1e-7; 2695 ret = (__int64)(tmstop.QuadPart - tmstart.QuadPart)*1e - 7;
2780 } 2696 }
2781 2697
2782 return (ret); 2698 return (ret);
2783 } 2699}
2784 2700
2785#elif defined(OPENSSL_SYSTEM_VXWORKS) 2701#elif defined(OPENSSL_SYSTEM_VXWORKS)
2786#include <time.h> 2702#include <time.h>
2787 2703
2788double app_tminterval(int stop,int usertime) 2704double
2789 { 2705app_tminterval(int stop, int usertime)
2790 double ret=0; 2706{
2707 double ret = 0;
2791#ifdef CLOCK_REALTIME 2708#ifdef CLOCK_REALTIME
2792 static struct timespec tmstart; 2709 static struct timespec tmstart;
2793 struct timespec now; 2710 struct timespec now;
@@ -2795,34 +2712,37 @@ double app_tminterval(int stop,int usertime)
2795 static unsigned long tmstart; 2712 static unsigned long tmstart;
2796 unsigned long now; 2713 unsigned long now;
2797#endif 2714#endif
2798 static int warning=1; 2715 static int warning = 1;
2799 2716
2800 if (usertime && warning) 2717 if (usertime && warning) {
2801 { 2718 BIO_printf(bio_err, "To get meaningful results, run "
2802 BIO_printf(bio_err,"To get meaningful results, run " 2719 "this program on idle system.\n");
2803 "this program on idle system.\n"); 2720 warning = 0;
2804 warning=0; 2721 }
2805 }
2806 2722
2807#ifdef CLOCK_REALTIME 2723#ifdef CLOCK_REALTIME
2808 clock_gettime(CLOCK_REALTIME,&now); 2724 clock_gettime(CLOCK_REALTIME, &now);
2809 if (stop==TM_START) tmstart = now; 2725 if (stop == TM_START)
2810 else ret = ( (now.tv_sec+now.tv_nsec*1e-9) 2726 tmstart = now;
2811 - (tmstart.tv_sec+tmstart.tv_nsec*1e-9) ); 2727 else ret = ( (now.tv_sec + now.tv_nsec*1e - 9)
2728 - (tmstart.tv_sec + tmstart.tv_nsec*1e - 9) );
2812#else 2729#else
2813 now = tickGet(); 2730 now = tickGet();
2814 if (stop==TM_START) tmstart = now; 2731 if (stop == TM_START)
2815 else ret = (now - tmstart)/(double)sysClkRateGet(); 2732 tmstart = now;
2733 else
2734 ret = (now - tmstart)/(double)sysClkRateGet();
2816#endif 2735#endif
2817 return (ret); 2736 return (ret);
2818 } 2737}
2819 2738
2820#elif defined(OPENSSL_SYSTEM_VMS) 2739#elif defined(OPENSSL_SYSTEM_VMS)
2821#include <time.h> 2740#include <time.h>
2822#include <times.h> 2741#include <times.h>
2823 2742
2824double app_tminterval(int stop,int usertime) 2743double
2825 { 2744app_tminterval(int stop, int usertime)
2745{
2826 static clock_t tmstart; 2746 static clock_t tmstart;
2827 double ret = 0; 2747 double ret = 0;
2828 clock_t now; 2748 clock_t now;
@@ -2830,141 +2750,166 @@ double app_tminterval(int stop,int usertime)
2830 struct tms rus; 2750 struct tms rus;
2831 2751
2832 now = times(&rus); 2752 now = times(&rus);
2833 if (usertime) now = rus.tms_utime; 2753 if (usertime)
2754 now = rus.tms_utime;
2834#else 2755#else
2835 if (usertime) 2756 if (usertime)
2836 now = clock(); /* sum of user and kernel times */ 2757 now = clock(); /* sum of user and kernel times */
2837 else { 2758 else {
2838 struct timeval tv; 2759 struct timeval tv;
2839 gettimeofday(&tv,NULL); 2760 gettimeofday(&tv, NULL);
2840 now = (clock_t)( 2761 now = (clock_t)(
2841 (unsigned long long)tv.tv_sec*CLK_TCK + 2762 (unsigned long long)tv.tv_sec*CLK_TCK +
2842 (unsigned long long)tv.tv_usec*(1000000/CLK_TCK) 2763 (unsigned long long)tv.tv_usec*(1000000/CLK_TCK)
2843 ); 2764 );
2844 } 2765 }
2845#endif 2766#endif
2846 if (stop==TM_START) tmstart = now; 2767 if (stop == TM_START)
2847 else ret = (now - tmstart)/(double)(CLK_TCK); 2768 tmstart = now;
2769 else
2770 ret = (now - tmstart)/(double)(CLK_TCK);
2848 2771
2849 return (ret); 2772 return (ret);
2850 } 2773}
2851 2774
2852#elif defined(_SC_CLK_TCK) /* by means of unistd.h */ 2775#elif defined(_SC_CLK_TCK) /* by means of unistd.h */
2853#include <sys/times.h> 2776#include <sys/times.h>
2854 2777
2855double app_tminterval(int stop,int usertime) 2778double
2856 { 2779app_tminterval(int stop, int usertime)
2780{
2857 double ret = 0; 2781 double ret = 0;
2858 struct tms rus; 2782 struct tms rus;
2859 clock_t now = times(&rus); 2783 clock_t now = times(&rus);
2860 static clock_t tmstart; 2784 static clock_t tmstart;
2861 2785
2862 if (usertime) now = rus.tms_utime; 2786 if (usertime)
2787 now = rus.tms_utime;
2863 2788
2864 if (stop==TM_START) tmstart = now; 2789 if (stop == TM_START)
2865 else 2790 tmstart = now;
2866 { 2791 else {
2867 long int tck = sysconf(_SC_CLK_TCK); 2792 long int tck = sysconf(_SC_CLK_TCK);
2868 ret = (now - tmstart)/(double)tck; 2793 ret = (now - tmstart)/(double)tck;
2869 } 2794 }
2870 2795
2871 return (ret); 2796 return (ret);
2872 } 2797}
2873 2798
2874#else 2799#else
2875#include <sys/time.h> 2800#include <sys/time.h>
2876#include <sys/resource.h> 2801#include <sys/resource.h>
2877 2802
2878double app_tminterval(int stop,int usertime) 2803double
2879 { 2804app_tminterval(int stop, int usertime)
2805{
2880 double ret = 0; 2806 double ret = 0;
2881 struct rusage rus; 2807 struct rusage rus;
2882 struct timeval now; 2808 struct timeval now;
2883 static struct timeval tmstart; 2809 static struct timeval tmstart;
2884 2810
2885 if (usertime) getrusage(RUSAGE_SELF,&rus), now = rus.ru_utime; 2811 if (usertime)
2886 else gettimeofday(&now,NULL); 2812 getrusage(RUSAGE_SELF, &rus), now = rus.ru_utime;
2813 else
2814 gettimeofday(&now, NULL);
2887 2815
2888 if (stop==TM_START) tmstart = now; 2816 if (stop == TM_START)
2889 else ret = ( (now.tv_sec+now.tv_usec*1e-6) 2817 tmstart = now;
2890 - (tmstart.tv_sec+tmstart.tv_usec*1e-6) ); 2818 else
2819 ret = ((now.tv_sec + now.tv_usec * 1e-6) -
2820 (tmstart.tv_sec + tmstart.tv_usec * 1e-6) );
2891 2821
2892 return ret; 2822 return ret;
2893 } 2823}
2894#endif 2824#endif
2895 2825
2896/* app_isdir section */ 2826/* app_isdir section */
2897#ifdef _WIN32 2827#ifdef _WIN32
2898int app_isdir(const char *name) 2828int
2899 { 2829app_isdir(const char *name)
2830{
2900 HANDLE hList; 2831 HANDLE hList;
2901 WIN32_FIND_DATA FileData; 2832 WIN32_FIND_DATA FileData;
2902#if defined(UNICODE) || defined(_UNICODE) 2833#if defined(UNICODE) || defined(_UNICODE)
2903 size_t i, len_0 = strlen(name)+1; 2834 size_t i, len_0 = strlen(name) + 1;
2904 2835
2905 if (len_0 > sizeof(FileData.cFileName)/sizeof(FileData.cFileName[0])) 2836 if (len_0 > sizeof(FileData.cFileName)/sizeof(FileData.cFileName[0]))
2906 return -1; 2837 return -1;
2907 2838
2908#if !defined(_WIN32_WCE) || _WIN32_WCE>=101 2839#if !defined(_WIN32_WCE) || _WIN32_WCE>=101
2909 if (!MultiByteToWideChar(CP_ACP,0,name,len_0,FileData.cFileName,len_0)) 2840 if (!MultiByteToWideChar(CP_ACP, 0, name, len_0, FileData.cFileName, len_0))
2910#endif 2841#endif
2911 for (i=0;i<len_0;i++) 2842 for (i = 0; i < len_0; i++)
2912 FileData.cFileName[i] = (WCHAR)name[i]; 2843 FileData.cFileName[i] = (WCHAR)name[i];
2913 2844
2914 hList = FindFirstFile(FileData.cFileName,&FileData); 2845 hList = FindFirstFile(FileData.cFileName, &FileData);
2915#else 2846#else
2916 hList = FindFirstFile(name,&FileData); 2847 hList = FindFirstFile(name, &FileData);
2917#endif 2848#endif
2918 if (hList == INVALID_HANDLE_VALUE) return -1; 2849 if (hList == INVALID_HANDLE_VALUE)
2850 return -1;
2919 FindClose(hList); 2851 FindClose(hList);
2920 return ((FileData.dwFileAttributes&FILE_ATTRIBUTE_DIRECTORY)!=0); 2852 return ((FileData.dwFileAttributes&FILE_ATTRIBUTE_DIRECTORY) != 0);
2921 } 2853}
2922#else 2854#else
2923#include <sys/stat.h> 2855#include <sys/stat.h>
2924#ifndef S_ISDIR 2856#ifndef S_ISDIR
2925# if defined(_S_IFMT) && defined(_S_IFDIR) 2857# if defined(_S_IFMT) && defined(_S_IFDIR)
2926# define S_ISDIR(a) (((a) & _S_IFMT) == _S_IFDIR) 2858# define S_ISDIR(a) (((a) & _S_IFMT) == _S_IFDIR)
2927# else 2859# else
2928# define S_ISDIR(a) (((a) & S_IFMT) == S_IFDIR) 2860# define S_ISDIR(a) (((a) & S_IFMT) == S_IFDIR)
2929# endif 2861# endif
2930#endif 2862#endif
2931 2863
2932int app_isdir(const char *name) 2864int
2933 { 2865app_isdir(const char *name)
2866{
2934#if defined(S_ISDIR) 2867#if defined(S_ISDIR)
2935 struct stat st; 2868 struct stat st;
2936 2869
2937 if (stat(name,&st)==0) return S_ISDIR(st.st_mode); 2870 if (stat(name, &st) == 0)
2938 else return -1; 2871 return S_ISDIR(st.st_mode);
2872 else
2873 return -1;
2939#else 2874#else
2940 return -1; 2875 return -1;
2941#endif 2876#endif
2942 } 2877}
2943#endif 2878#endif
2944 2879
2945/* raw_read|write section */ 2880/* raw_read|write section */
2946#if defined(_WIN32) && defined(STD_INPUT_HANDLE) 2881#if defined(_WIN32) && defined(STD_INPUT_HANDLE)
2947int raw_read_stdin(void *buf,int siz) 2882int
2948 { 2883raw_read_stdin(void *buf, int siz)
2884{
2949 DWORD n; 2885 DWORD n;
2950 if (ReadFile(GetStdHandle(STD_INPUT_HANDLE),buf,siz,&n,NULL)) 2886 if (ReadFile(GetStdHandle(STD_INPUT_HANDLE), buf, siz, &n, NULL))
2951 return (n); 2887 return (n);
2952 else return (-1); 2888 else
2953 } 2889 return (-1);
2890}
2954#else 2891#else
2955int raw_read_stdin(void *buf,int siz) 2892int
2956 { return read(fileno(stdin),buf,siz); } 2893raw_read_stdin(void *buf, int siz)
2894{
2895 return read(fileno(stdin), buf, siz);
2896}
2957#endif 2897#endif
2958 2898
2959#if defined(_WIN32) && defined(STD_OUTPUT_HANDLE) 2899#if defined(_WIN32) && defined(STD_OUTPUT_HANDLE)
2960int raw_write_stdout(const void *buf,int siz) 2900int
2961 { 2901raw_write_stdout(const void *buf, int siz)
2902{
2962 DWORD n; 2903 DWORD n;
2963 if (WriteFile(GetStdHandle(STD_OUTPUT_HANDLE),buf,siz,&n,NULL)) 2904 if (WriteFile(GetStdHandle(STD_OUTPUT_HANDLE), buf, siz, &n, NULL))
2964 return (n); 2905 return (n);
2965 else return (-1); 2906 else
2966 } 2907 return (-1);
2908}
2967#else 2909#else
2968int raw_write_stdout(const void *buf,int siz) 2910int
2969 { return write(fileno(stdout),buf,siz); } 2911raw_write_stdout(const void *buf, int siz)
2912{
2913 return write(fileno(stdout), buf, siz);
2914}
2970#endif 2915#endif
diff --git a/src/lib/libssl/src/apps/apps.h b/src/lib/libssl/src/apps/apps.h
index 3aeb46c4e2..02af317651 100644
--- a/src/lib/libssl/src/apps/apps.h
+++ b/src/lib/libssl/src/apps/apps.h
@@ -5,21 +5,21 @@
5 * This package is an SSL implementation written 5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com). 6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL. 7 * The implementation was written so as to conform with Netscapes SSL.
8 * 8 *
9 * This library is free for commercial and non-commercial use as long as 9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions 10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA, 11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms 13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 * 15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed. 17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution 18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used. 19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or 20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package. 21 * in documentation (online or textual) provided with the package.
22 * 22 *
23 * Redistribution and use in source and binary forms, with or without 23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions 24 * modification, are permitted provided that the following conditions
25 * are met: 25 * are met:
@@ -34,10 +34,10 @@
34 * Eric Young (eay@cryptsoft.com)" 34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library 35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-). 36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement: 38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 * 40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE. 51 * SUCH DAMAGE.
52 * 52 *
53 * The licence and distribution terms for any publically available version or 53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
@@ -63,7 +63,7 @@
63 * are met: 63 * are met:
64 * 64 *
65 * 1. Redistributions of source code must retain the above copyright 65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer. 66 * notice, this list of conditions and the following disclaimer.
67 * 67 *
68 * 2. Redistributions in binary form must reproduce the above copyright 68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in 69 * notice, this list of conditions and the following disclaimer in
@@ -142,8 +142,8 @@ long app_RAND_load_files(char *file); /* `file' is a list of files to read,
142#define MAIN(a,v) main(a,v) 142#define MAIN(a,v) main(a,v)
143 143
144#ifndef NON_MAIN 144#ifndef NON_MAIN
145CONF *config=NULL; 145CONF *config = NULL;
146BIO *bio_err=NULL; 146BIO *bio_err = NULL;
147#else 147#else
148extern CONF *config; 148extern CONF *config;
149extern BIO *bio_err; 149extern BIO *bio_err;
@@ -169,7 +169,7 @@ extern BIO *bio_err;
169#endif 169#endif
170 170
171#ifdef OPENSSL_NO_COMP 171#ifdef OPENSSL_NO_COMP
172#define zlib_cleanup() 172#define zlib_cleanup()
173#else 173#else
174#define zlib_cleanup() COMP_zlib_cleanup() 174#define zlib_cleanup() COMP_zlib_cleanup()
175#endif 175#endif
@@ -211,21 +211,20 @@ extern BIO *bio_err;
211#endif 211#endif
212 212
213 213
214typedef struct args_st 214typedef struct args_st {
215 {
216 char **data; 215 char **data;
217 int count; 216 int count;
218 } ARGS; 217} ARGS;
219 218
220#define PW_MIN_LENGTH 4 219#define PW_MIN_LENGTH 4
221typedef struct pw_cb_data 220typedef struct pw_cb_data {
222 {
223 const void *password; 221 const void *password;
224 const char *prompt_info; 222 const char *prompt_info;
225 } PW_CB_DATA; 223} PW_CB_DATA;
226 224
227int password_callback(char *buf, int bufsiz, int verify, 225int
228 PW_CB_DATA *cb_data); 226password_callback(char *buf, int bufsiz, int verify,
227PW_CB_DATA *cb_data);
229 228
230int setup_ui_method(void); 229int setup_ui_method(void);
231void destroy_ui_method(void); 230void destroy_ui_method(void);
@@ -233,8 +232,8 @@ void destroy_ui_method(void);
233int should_retry(int i); 232int should_retry(int i);
234int args_from_file(char *file, int *argc, char **argv[]); 233int args_from_file(char *file, int *argc, char **argv[]);
235int str2fmt(char *s); 234int str2fmt(char *s);
236void program_name(char *in,char *out,int size); 235void program_name(char *in, char *out, int size);
237int chopup_args(ARGS *arg,char *buf, int *argc, char **argv[]); 236int chopup_args(ARGS *arg, char *buf, int *argc, char **argv[]);
238#ifdef HEADER_X509_H 237#ifdef HEADER_X509_H
239int dump_cert_text(BIO *out, X509 *x); 238int dump_cert_text(BIO *out, X509 *x);
240void print_name(BIO *out, const char *title, X509_NAME *nm, unsigned long lflags); 239void print_name(BIO *out, const char *title, X509_NAME *nm, unsigned long lflags);
@@ -246,15 +245,15 @@ int copy_extensions(X509 *x, X509_REQ *req, int copy_type);
246int app_passwd(BIO *err, char *arg1, char *arg2, char **pass1, char **pass2); 245int app_passwd(BIO *err, char *arg1, char *arg2, char **pass1, char **pass2);
247int add_oid_section(BIO *err, CONF *conf); 246int add_oid_section(BIO *err, CONF *conf);
248X509 *load_cert(BIO *err, const char *file, int format, 247X509 *load_cert(BIO *err, const char *file, int format,
249 const char *pass, ENGINE *e, const char *cert_descrip); 248 const char *pass, ENGINE *e, const char *cert_descrip);
250EVP_PKEY *load_key(BIO *err, const char *file, int format, int maybe_stdin, 249EVP_PKEY *load_key(BIO *err, const char *file, int format, int maybe_stdin,
251 const char *pass, ENGINE *e, const char *key_descrip); 250 const char *pass, ENGINE *e, const char *key_descrip);
252EVP_PKEY *load_pubkey(BIO *err, const char *file, int format, int maybe_stdin, 251EVP_PKEY *load_pubkey(BIO *err, const char *file, int format, int maybe_stdin,
253 const char *pass, ENGINE *e, const char *key_descrip); 252 const char *pass, ENGINE *e, const char *key_descrip);
254STACK_OF(X509) *load_certs(BIO *err, const char *file, int format, 253STACK_OF(X509) *load_certs(BIO *err, const char *file, int format,
255 const char *pass, ENGINE *e, const char *cert_descrip); 254 const char *pass, ENGINE *e, const char *cert_descrip);
256STACK_OF(X509_CRL) *load_crls(BIO *err, const char *file, int format, 255STACK_OF(X509_CRL) *load_crls(BIO *err, const char *file, int format,
257 const char *pass, ENGINE *e, const char *cert_descrip); 256 const char *pass, ENGINE *e, const char *cert_descrip);
258X509_STORE *setup_verify(BIO *bp, char *CAfile, char *CApath); 257X509_STORE *setup_verify(BIO *bp, char *CAfile, char *CApath);
259#ifndef OPENSSL_NO_ENGINE 258#ifndef OPENSSL_NO_ENGINE
260ENGINE *setup_engine(BIO *err, const char *engine, int debug); 259ENGINE *setup_engine(BIO *err, const char *engine, int debug);
@@ -262,9 +261,8 @@ ENGINE *setup_engine(BIO *err, const char *engine, int debug);
262 261
263#ifndef OPENSSL_NO_OCSP 262#ifndef OPENSSL_NO_OCSP
264OCSP_RESPONSE *process_responder(BIO *err, OCSP_REQUEST *req, 263OCSP_RESPONSE *process_responder(BIO *err, OCSP_REQUEST *req,
265 char *host, char *path, char *port, int use_ssl, 264 char *host, char *path, char *port, int use_ssl,
266 STACK_OF(CONF_VALUE) *headers, 265 STACK_OF(CONF_VALUE) *headers, int req_timeout);
267 int req_timeout);
268#endif 266#endif
269 267
270int load_config(BIO *err, CONF *cnf); 268int load_config(BIO *err, CONF *cnf);
@@ -272,13 +270,13 @@ char *make_config_name(void);
272 270
273/* Functions defined in ca.c and also used in ocsp.c */ 271/* Functions defined in ca.c and also used in ocsp.c */
274int unpack_revinfo(ASN1_TIME **prevtm, int *preason, ASN1_OBJECT **phold, 272int unpack_revinfo(ASN1_TIME **prevtm, int *preason, ASN1_OBJECT **phold,
275 ASN1_GENERALIZEDTIME **pinvtm, const char *str); 273 ASN1_GENERALIZEDTIME **pinvtm, const char *str);
276 274
277#define DB_type 0 275#define DB_type 0
278#define DB_exp_date 1 276#define DB_exp_date 1
279#define DB_rev_date 2 277#define DB_rev_date 2
280#define DB_serial 3 /* index - unique */ 278#define DB_serial 3 /* index - unique */
281#define DB_file 4 279#define DB_file 4
282#define DB_name 5 /* index - unique when active and not disabled */ 280#define DB_name 5 /* index - unique when active and not disabled */
283#define DB_NUMBER 6 281#define DB_NUMBER 6
284 282
@@ -286,15 +284,13 @@ int unpack_revinfo(ASN1_TIME **prevtm, int *preason, ASN1_OBJECT **phold,
286#define DB_TYPE_EXP 'E' 284#define DB_TYPE_EXP 'E'
287#define DB_TYPE_VAL 'V' 285#define DB_TYPE_VAL 'V'
288 286
289typedef struct db_attr_st 287typedef struct db_attr_st {
290 {
291 int unique_subject; 288 int unique_subject;
292 } DB_ATTR; 289} DB_ATTR;
293typedef struct ca_db_st 290typedef struct ca_db_st {
294 {
295 DB_ATTR attributes; 291 DB_ATTR attributes;
296 TXT_DB *db; 292 TXT_DB *db;
297 } CA_DB; 293} CA_DB;
298 294
299BIGNUM *load_serial(char *serialfile, int create, ASN1_INTEGER **retai); 295BIGNUM *load_serial(char *serialfile, int create, ASN1_INTEGER **retai);
300int save_serial(char *serialfile, char *suffix, BIGNUM *serial, ASN1_INTEGER **retai); 296int save_serial(char *serialfile, char *suffix, BIGNUM *serial, ASN1_INTEGER **retai);
@@ -312,19 +308,19 @@ int index_name_cmp(const OPENSSL_CSTRING *a, const OPENSSL_CSTRING *b);
312int parse_yesno(const char *str, int def); 308int parse_yesno(const char *str, int def);
313 309
314X509_NAME *parse_name(char *str, long chtype, int multirdn); 310X509_NAME *parse_name(char *str, long chtype, int multirdn);
315int args_verify(char ***pargs, int *pargc, 311int args_verify(char ***pargs, int *pargc, int *badarg, BIO *err,
316 int *badarg, BIO *err, X509_VERIFY_PARAM **pm); 312 X509_VERIFY_PARAM **pm);
317void policies_print(BIO *out, X509_STORE_CTX *ctx); 313void policies_print(BIO *out, X509_STORE_CTX *ctx);
318int bio_to_mem(unsigned char **out, int maxlen, BIO *in); 314int bio_to_mem(unsigned char **out, int maxlen, BIO *in);
319int pkey_ctrl_string(EVP_PKEY_CTX *ctx, char *value); 315int pkey_ctrl_string(EVP_PKEY_CTX *ctx, char *value);
320int init_gen_str(BIO *err, EVP_PKEY_CTX **pctx, 316int init_gen_str(BIO *err, EVP_PKEY_CTX **pctx, const char *algname, ENGINE *e,
321 const char *algname, ENGINE *e, int do_param); 317 int do_param);
322int do_X509_sign(BIO *err, X509 *x, EVP_PKEY *pkey, const EVP_MD *md, 318int do_X509_sign(BIO *err, X509 *x, EVP_PKEY *pkey, const EVP_MD *md,
323 STACK_OF(OPENSSL_STRING) *sigopts); 319 STACK_OF(OPENSSL_STRING) *sigopts);
324int do_X509_REQ_sign(BIO *err, X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md, 320int do_X509_REQ_sign(BIO *err, X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md,
325 STACK_OF(OPENSSL_STRING) *sigopts); 321 STACK_OF(OPENSSL_STRING) *sigopts);
326int do_X509_CRL_sign(BIO *err, X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md, 322int do_X509_CRL_sign(BIO *err, X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md,
327 STACK_OF(OPENSSL_STRING) *sigopts); 323 STACK_OF(OPENSSL_STRING) *sigopts);
328#ifndef OPENSSL_NO_PSK 324#ifndef OPENSSL_NO_PSK
329extern char *psk_key; 325extern char *psk_key;
330#endif 326#endif
@@ -363,12 +359,12 @@ unsigned char *next_protos_parse(unsigned short *outlen, const char *in);
363#define SERIAL_RAND_BITS 64 359#define SERIAL_RAND_BITS 64
364 360
365int app_isdir(const char *); 361int app_isdir(const char *);
366int raw_read_stdin(void *,int); 362int raw_read_stdin(void *, int);
367int raw_write_stdout(const void *,int); 363int raw_write_stdout(const void *, int);
368 364
369#define TM_START 0 365#define TM_START 0
370#define TM_STOP 1 366#define TM_STOP 1
371double app_tminterval (int stop,int usertime); 367double app_tminterval (int stop, int usertime);
372 368
373#define OPENSSL_NO_SSL_INTERN 369#define OPENSSL_NO_SSL_INTERN
374 370
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-11-12 23:34:58 +0000