diff options
author | Rich Salz <rsalz@akamai.com> | 2020-04-10 11:51:02 -0400 |
---|---|---|
committer | Bernd Edlinger <bernd.edlinger@hotmail.de> | 2020-04-12 20:29:12 +0200 |
commit | 369cef760364a88aafa68afd406328e20689b5e2 (patch) | |
tree | b9d642fc676dbdd7f58a3cbd06a9e33d5c0cd227 /apps | |
parent | 07e2f4b2aabdc5709ae055b226fb54d9d21c631e (diff) |
Don't compile commands if disabled
Rather than wrapping whole files in "ifndef OPENSSL_NO_xxx" we handle
the changes in build.info
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/11518)
Diffstat (limited to 'apps')
-rw-r--r-- | apps/build.info | 61 | ||||
-rw-r--r-- | apps/dhparam.c | 61 | ||||
-rw-r--r-- | apps/dsa.c | 53 | ||||
-rw-r--r-- | apps/dsaparam.c | 33 | ||||
-rw-r--r-- | apps/ec.c | 27 | ||||
-rw-r--r-- | apps/ecparam.c | 34 | ||||
-rw-r--r-- | apps/engine.c | 23 | ||||
-rw-r--r-- | apps/gendsa.c | 33 | ||||
-rw-r--r-- | apps/genrsa.c | 43 | ||||
-rw-r--r-- | apps/ocsp.c | 163 | ||||
-rw-r--r-- | apps/pkcs12.c | 52 | ||||
-rw-r--r-- | apps/rsa.c | 57 | ||||
-rw-r--r-- | apps/rsautl.c | 35 | ||||
-rw-r--r-- | apps/srp.c | 39 | ||||
-rw-r--r-- | apps/ts.c | 46 |
15 files changed, 365 insertions, 395 deletions
diff --git a/apps/build.info b/apps/build.info index 751d8da828..0153736182 100644 --- a/apps/build.info +++ b/apps/build.info @@ -1,16 +1,17 @@ {- our @apps_openssl_src = qw(openssl.c - asn1pars.c ca.c ciphers.c cms.c crl.c crl2p7.c dgst.c dhparam.c - dsa.c dsaparam.c ec.c ecparam.c enc.c engine.c errstr.c gendsa.c - genpkey.c genrsa.c nseq.c ocsp.c passwd.c pkcs12.c pkcs7.c pkcs8.c - pkey.c pkeyparam.c pkeyutl.c prime.c rand.c req.c rsa.c rsautl.c + asn1pars.c ca.c ciphers.c cms.c crl.c crl2p7.c dgst.c + enc.c errstr.c + genpkey.c nseq.c passwd.c pkcs7.c pkcs8.c + pkey.c pkeyparam.c pkeyutl.c prime.c rand.c req.c s_client.c s_server.c s_time.c sess_id.c smime.c speed.c spkac.c - srp.c ts.c verify.c version.c x509.c rehash.c storeutl.c); + verify.c version.c x509.c rehash.c storeutl.c); our @apps_lib_src = ( qw(apps.c opt.c s_cb.c s_socket.c app_rand.c bf_prefix.c), split(/\s+/, $target{apps_aux_src}) ); our @apps_init_src = split(/\s+/, $target{apps_init_src}); "" -} + IF[{- !$disabled{apps} -}] LIBS_NO_INST=libapps.a SOURCE[libapps.a]={- join(" ", @apps_lib_src) -} @@ -21,11 +22,51 @@ IF[{- !$disabled{apps} -}] SOURCE[openssl]={- join(" ", @apps_openssl_src) -} INCLUDE[openssl]=.. ../include DEPEND[openssl]=libapps.a ../libssl - -IF[{- $config{target} =~ /^(?:Cygwin|mingw|VC-)/ -}] - GENERATE[openssl.rc]=../util/mkrc.pl openssl - SOURCE[openssl]=openssl.rc -ENDIF + IF[{- !$disabled{'des'} -}] + SOURCE[openssl]=pkcs12.c + DEPEND[pkcs12.o]=progs.h + ENDIF + IF[{- !$disabled{'ec'} -}] + SOURCE[openssl]=ec.c ecparam.c + DEPEND[ec.o]=progs.h + DEPEND[ecparam.o]=progs.h + ENDIF + IF[{- !$disabled{'ocsp'} -}] + SOURCE[openssl]=ocsp.c + DEPEND[ocsp.o]=progs.h + ENDIF + IF[{- !$disabled{'srp'} -}] + SOURCE[openssl]=srp.c + DEPEND[srp.o]=progs.h + ENDIF + IF[{- !$disabled{'ts'} -}] + SOURCE[openssl]=ts.c + DEPEND[ts.o]=progs.h + ENDIF + IF[{- !$disabled{'dh'} -}] + SOURCE[openssl]=dhparam.c + DEPEND[dhparam.o]=progs.h + ENDIF + IF[{- !$disabled{'dsa'} -}] + SOURCE[openssl]=dsa.c dsaparam.c gendsa.c + DEPEND[dsa.o]=progs.h + DEPEND[dsaparam.o]=progs.h + DEPEND[gendsa.o]=progs.h + ENDIF + IF[{- !$disabled{'engine'} -}] + SOURCE[openssl]=engine.c + DEPEND[engine.o]=progs.h + ENDIF + IF[{- !$disabled{'rsa'} -}] + SOURCE[openssl]=rsa.c rsautl.c genrsa.c + DEPEND[rsa.o]=progs.h + DEPEND[rsautl.o]=progs.h + DEPEND[genrsa.o]=progs.h + ENDIF + IF[{- $config{target} =~ /^(?:Cygwin|mingw|VC-)/ -}] + GENERATE[openssl.rc]=../util/mkrc.pl openssl + SOURCE[openssl]=openssl.rc + ENDIF {- join("\n ", map { (my $x = $_) =~ s|\.c$|.o|; "DEPEND[$x]=progs.h" } @apps_openssl_src) -} diff --git a/apps/dhparam.c b/apps/dhparam.c index 13f76754d2..11fc3f6bd2 100644 --- a/apps/dhparam.c +++ b/apps/dhparam.c @@ -8,28 +8,24 @@ */ #include <openssl/opensslconf.h> -#ifdef OPENSSL_NO_DH -NON_EMPTY_TRANSLATION_UNIT -#else - -# include <stdio.h> -# include <stdlib.h> -# include <time.h> -# include <string.h> -# include "apps.h" -# include "progs.h" -# include <openssl/bio.h> -# include <openssl/err.h> -# include <openssl/bn.h> -# include <openssl/dh.h> -# include <openssl/x509.h> -# include <openssl/pem.h> - -# ifndef OPENSSL_NO_DSA -# include <openssl/dsa.h> -# endif - -# define DEFBITS 2048 +#include <stdio.h> +#include <stdlib.h> +#include <time.h> +#include <string.h> +#include "apps.h" +#include "progs.h" +#include <openssl/bio.h> +#include <openssl/err.h> +#include <openssl/bn.h> +#include <openssl/dh.h> +#include <openssl/x509.h> +#include <openssl/pem.h> + +#ifndef OPENSSL_NO_DSA +# include <openssl/dsa.h> +#endif + +#define DEFBITS 2048 static int dh_cb(int p, int n, BN_GENCB *cb); @@ -56,13 +52,13 @@ const OPTIONS dhparam_options[] = { {"C", OPT_C, '-', "Print C code"}, {"2", OPT_2, '-', "Generate parameters using 2 as the generator value"}, {"5", OPT_5, '-', "Generate parameters using 5 as the generator value"}, -# ifndef OPENSSL_NO_DSA +#ifndef OPENSSL_NO_DSA {"dsaparam", OPT_DSAPARAM, '-', "Read or generate DSA parameters, convert to DH"}, -# endif -# ifndef OPENSSL_NO_ENGINE +#endif +#ifndef OPENSSL_NO_ENGINE {"engine", OPT_ENGINE, 's', "Use engine e, possibly a hardware device"}, -# endif +#endif {NULL} }; @@ -146,13 +142,13 @@ int dhparam_main(int argc, char **argv) if (g && !num) num = DEFBITS; -# ifndef OPENSSL_NO_DSA +#ifndef OPENSSL_NO_DSA if (dsaparam && g) { BIO_printf(bio_err, "generator may not be chosen for DSA parameters\n"); goto end; } -# endif +#endif out = bio_open_default(outfile, 'w', outformat); if (out == NULL) @@ -173,7 +169,7 @@ int dhparam_main(int argc, char **argv) BN_GENCB_set(cb, dh_cb, bio_err); -# ifndef OPENSSL_NO_DSA +#ifndef OPENSSL_NO_DSA if (dsaparam) { DSA *dsa = DSA_new(); @@ -196,7 +192,7 @@ int dhparam_main(int argc, char **argv) goto end; } } else -# endif +#endif { dh = DH_new(); BIO_printf(bio_err, @@ -217,7 +213,7 @@ int dhparam_main(int argc, char **argv) if (in == NULL) goto end; -# ifndef OPENSSL_NO_DSA +#ifndef OPENSSL_NO_DSA if (dsaparam) { DSA *dsa; @@ -239,7 +235,7 @@ int dhparam_main(int argc, char **argv) goto end; } } else -# endif +#endif { if (informat == FORMAT_ASN1) { /* @@ -376,4 +372,3 @@ static int dh_cb(int p, int n, BN_GENCB *cb) (void)BIO_flush(BN_GENCB_get_arg(cb)); return 1; } -#endif diff --git a/apps/dsa.c b/apps/dsa.c index 6022e64cd4..fb59e1b4c0 100644 --- a/apps/dsa.c +++ b/apps/dsa.c @@ -8,23 +8,19 @@ */ #include <openssl/opensslconf.h> -#ifdef OPENSSL_NO_DSA -NON_EMPTY_TRANSLATION_UNIT -#else - -# include <stdio.h> -# include <stdlib.h> -# include <string.h> -# include <time.h> -# include "apps.h" -# include "progs.h" -# include <openssl/bio.h> -# include <openssl/err.h> -# include <openssl/dsa.h> -# include <openssl/evp.h> -# include <openssl/x509.h> -# include <openssl/pem.h> -# include <openssl/bn.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <time.h> +#include "apps.h" +#include "progs.h" +#include <openssl/bio.h> +#include <openssl/err.h> +#include <openssl/dsa.h> +#include <openssl/evp.h> +#include <openssl/x509.h> +#include <openssl/pem.h> +#include <openssl/bn.h> typedef enum OPTION_choice { OPT_ERR = -1, OPT_EOF = 0, OPT_HELP, @@ -49,14 +45,14 @@ const OPTIONS dsa_options[] = { {"passin", OPT_PASSIN, 's', "Input file pass phrase source"}, {"passout", OPT_PASSOUT, 's', "Output file pass phrase source"}, {"", OPT_CIPHER, '-', "Any supported cipher"}, -# ifndef OPENSSL_NO_RC4 +#ifndef OPENSSL_NO_RC4 {"pvk-strong", OPT_PVK_STRONG, '-', "Enable 'Strong' PVK encoding level (default)"}, {"pvk-weak", OPT_PVK_WEAK, '-', "Enable 'Weak' PVK encoding level"}, {"pvk-none", OPT_PVK_NONE, '-', "Don't enforce PVK encoding"}, -# endif -# ifndef OPENSSL_NO_ENGINE +#endif +#ifndef OPENSSL_NO_ENGINE {"engine", OPT_ENGINE, 's', "Use engine e, possibly a hardware device"}, -# endif +#endif {NULL} }; @@ -71,9 +67,9 @@ int dsa_main(int argc, char **argv) OPTION_CHOICE o; int informat = FORMAT_PEM, outformat = FORMAT_PEM, text = 0, noout = 0; int i, modulus = 0, pubin = 0, pubout = 0, ret = 1; -# ifndef OPENSSL_NO_RC4 +#ifndef OPENSSL_NO_RC4 int pvk_encr = 2; -# endif +#endif int private = 0; prog = opt_init(argc, argv, dsa_options); @@ -214,7 +210,7 @@ int dsa_main(int argc, char **argv) i = PEM_write_bio_DSAPrivateKey(out, dsa, enc, NULL, 0, NULL, passout); } -# ifndef OPENSSL_NO_RSA +#ifndef OPENSSL_NO_RSA } else if (outformat == FORMAT_MSBLOB || outformat == FORMAT_PVK) { EVP_PKEY *pk; pk = EVP_PKEY_new(); @@ -229,13 +225,13 @@ int dsa_main(int argc, char **argv) goto end; } assert(private); -# ifdef OPENSSL_NO_RC4 +# ifdef OPENSSL_NO_RC4 BIO_printf(bio_err, "PVK format not supported\n"); EVP_PKEY_free(pk); goto end; -# else +# else i = i2b_PVK_bio(out, pk, pvk_encr, 0, passout); -# endif +# endif } else if (pubin || pubout) { i = i2b_PublicKey_bio(out, pk); } else { @@ -243,7 +239,7 @@ int dsa_main(int argc, char **argv) i = i2b_PrivateKey_bio(out, pk); } EVP_PKEY_free(pk); -# endif +#endif } else { BIO_printf(bio_err, "bad output format specified for outfile\n"); goto end; @@ -262,4 +258,3 @@ int dsa_main(int argc, char **argv) OPENSSL_free(passout); return ret; } -#endif diff --git a/apps/dsaparam.c b/apps/dsaparam.c index b227b76a37..ba00bee02b 100644 --- a/apps/dsaparam.c +++ b/apps/dsaparam.c @@ -8,22 +8,18 @@ */ #include <openssl/opensslconf.h> -#ifdef OPENSSL_NO_DSA -NON_EMPTY_TRANSLATION_UNIT -#else - -# include <stdio.h> -# include <stdlib.h> -# include <time.h> -# include <string.h> -# include "apps.h" -# include "progs.h" -# include <openssl/bio.h> -# include <openssl/err.h> -# include <openssl/bn.h> -# include <openssl/dsa.h> -# include <openssl/x509.h> -# include <openssl/pem.h> +#include <stdio.h> +#include <stdlib.h> +#include <time.h> +#include <string.h> +#include "apps.h" +#include "progs.h" +#include <openssl/bio.h> +#include <openssl/err.h> +#include <openssl/bn.h> +#include <openssl/dsa.h> +#include <openssl/x509.h> +#include <openssl/pem.h> static int dsa_cb(int p, int n, BN_GENCB *cb); @@ -44,9 +40,9 @@ const OPTIONS dsaparam_options[] = { {"noout", OPT_NOOUT, '-', "No output"}, {"genkey", OPT_GENKEY, '-', "Generate a DSA key"}, OPT_R_OPTIONS, -# ifndef OPENSSL_NO_ENGINE +#ifndef OPENSSL_NO_ENGINE {"engine", OPT_ENGINE, 's', "Use engine e, possibly a hardware device"}, -# endif +#endif {NULL} }; @@ -255,4 +251,3 @@ static int dsa_cb(int p, int n, BN_GENCB *cb) (void)BIO_flush(BN_GENCB_get_arg(cb)); return 1; } -#endif @@ -8,19 +8,15 @@ */ #include <openssl/opensslconf.h> -#ifdef OPENSSL_NO_EC -NON_EMPTY_TRANSLATION_UNIT -#else - -# include <stdio.h> -# include <stdlib.h> -# include <string.h> -# include "apps.h" -# include "progs.h" -# include <openssl/bio.h> -# include <openssl/err.h> -# include <openssl/evp.h> -# include <openssl/pem.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include "apps.h" +#include "progs.h" +#include <openssl/bio.h> +#include <openssl/err.h> +#include <openssl/evp.h> +#include <openssl/pem.h> static OPT_PAIR conv_forms[] = { {"compressed", POINT_CONVERSION_COMPRESSED}, @@ -62,9 +58,9 @@ const OPTIONS ec_options[] = { "Specifies the way the ec parameters are encoded"}, {"conv_form", OPT_CONV_FORM, 's', "Specifies the point conversion form "}, {"", OPT_CIPHER, '-', "Any supported cipher"}, -# ifndef OPENSSL_NO_ENGINE +#ifndef OPENSSL_NO_ENGINE {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"}, -# endif +#endif {NULL} }; @@ -280,4 +276,3 @@ int ec_main(int argc, char **argv) OPENSSL_free(passout); return ret; } -#endif diff --git a/apps/ecparam.c b/apps/ecparam.c index 917f1a86b2..65ff660964 100644 --- a/apps/ecparam.c +++ b/apps/ecparam.c @@ -9,22 +9,18 @@ */ #include <openssl/opensslconf.h> -#ifdef OPENSSL_NO_EC -NON_EMPTY_TRANSLATION_UNIT -#else - -# include <stdio.h> -# include <stdlib.h> -# include <time.h> -# include <string.h> -# include "apps.h" -# include "progs.h" -# include <openssl/bio.h> -# include <openssl/err.h> -# include <openssl/bn.h> -# include <openssl/ec.h> -# include <openssl/x509.h> -# include <openssl/pem.h> +#include <stdio.h> +#include <stdlib.h> +#include <time.h> +#include <string.h> +#include "apps.h" +#include "progs.h" +#include <openssl/bio.h> +#include <openssl/err.h> +#include <openssl/bn.h> +#include <openssl/ec.h> +#include <openssl/x509.h> +#include <openssl/pem.h> typedef enum OPTION_choice { OPT_ERR = -1, OPT_EOF = 0, OPT_HELP, @@ -55,9 +51,9 @@ const OPTIONS ecparam_options[] = { "Specifies the way the ec parameters are encoded"}, {"genkey", OPT_GENKEY, '-', "Generate ec key"}, OPT_R_OPTIONS, -# ifndef OPENSSL_NO_ENGINE +#ifndef OPENSSL_NO_ENGINE {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"}, -# endif +#endif {NULL} }; @@ -446,5 +442,3 @@ int ecparam_main(int argc, char **argv) BIO_free_all(out); return ret; } - -#endif diff --git a/apps/engine.c b/apps/engine.c index 83f9588a0a..a00161ed29 100644 --- a/apps/engine.c +++ b/apps/engine.c @@ -8,19 +8,15 @@ */ #include <openssl/opensslconf.h> -#ifdef OPENSSL_NO_ENGINE -NON_EMPTY_TRANSLATION_UNIT -#else - -# include "apps.h" -# include "progs.h" -# include <stdio.h> -# include <stdlib.h> -# include <string.h> -# include <openssl/err.h> -# include <openssl/engine.h> -# include <openssl/ssl.h> -# include <openssl/store.h> +#include "apps.h" +#include "progs.h" +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <openssl/err.h> +#include <openssl/engine.h> +#include <openssl/ssl.h> +#include <openssl/store.h> typedef enum OPTION_choice { OPT_ERR = -1, OPT_EOF = 0, OPT_HELP, @@ -486,4 +482,3 @@ int engine_main(int argc, char **argv) BIO_free_all(out); return ret; } -#endif diff --git a/apps/gendsa.c b/apps/gendsa.c index 401375420b..74540ffde5 100644 --- a/apps/gendsa.c +++ b/apps/gendsa.c @@ -8,22 +8,18 @@ */ #include <openssl/opensslconf.h> -#ifdef OPENSSL_NO_DSA -NON_EMPTY_TRANSLATION_UNIT -#else - -# include <stdio.h> -# include <string.h> -# include <sys/types.h> -# include <sys/stat.h> -# include "apps.h" -# include "progs.h" -# include <openssl/bio.h> -# include <openssl/err.h> -# include <openssl/bn.h> -# include <openssl/dsa.h> -# include <openssl/x509.h> -# include <openssl/pem.h> +#include <stdio.h> +#include <string.h> +#include <sys/types.h> +#include <sys/stat.h> +#include "apps.h" +#include "progs.h" +#include <openssl/bio.h> +#include <openssl/err.h> +#include <openssl/bn.h> +#include <openssl/dsa.h> +#include <openssl/x509.h> +#include <openssl/pem.h> typedef enum OPTION_choice { OPT_ERR = -1, OPT_EOF = 0, OPT_HELP, @@ -39,9 +35,9 @@ const OPTIONS gendsa_options[] = { {"passout", OPT_PASSOUT, 's', "Output file pass phrase source"}, OPT_R_OPTIONS, {"", OPT_CIPHER, '-', "Encrypt the output with any supported cipher"}, -# ifndef OPENSSL_NO_ENGINE +#ifndef OPENSSL_NO_ENGINE {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"}, -# endif +#endif {NULL} }; @@ -143,4 +139,3 @@ int gendsa_main(int argc, char **argv) OPENSSL_free(passout); return ret; } -#endif diff --git a/apps/genrsa.c b/apps/genrsa.c index c17cd14715..eff38b35ed 100644 --- a/apps/genrsa.c +++ b/apps/genrsa.c @@ -8,27 +8,23 @@ */ #include <openssl/opensslconf.h> -#ifdef OPENSSL_NO_RSA -NON_EMPTY_TRANSLATION_UNIT -#else - -# include <stdio.h> -# include <string.h> -# include <sys/types.h> -# include <sys/stat.h> -# include "apps.h" -# include "progs.h" -# include <openssl/bio.h> -# include <openssl/err.h> -# include <openssl/bn.h> -# include <openssl/rsa.h> -# include <openssl/evp.h> -# include <openssl/x509.h> -# include <openssl/pem.h> -# include <openssl/rand.h> - -# define DEFBITS 2048 -# define DEFPRIMES 2 +#include <stdio.h> +#include <string.h> +#include <sys/types.h> +#include <sys/stat.h> +#include "apps.h" +#include "progs.h" +#include <openssl/bio.h> +#include <openssl/err.h> +#include <openssl/bn.h> +#include <openssl/rsa.h> +#include <openssl/evp.h> +#include <openssl/x509.h> +#include <openssl/pem.h> +#include <openssl/rand.h> + +#define DEFBITS 2048 +#define DEFPRIMES 2 static int genrsa_cb(int p, int n, BN_GENCB *cb); @@ -48,9 +44,9 @@ const OPTIONS genrsa_options[] = { OPT_R_OPTIONS, {"passout", OPT_PASSOUT, 's', "Output file pass phrase source"}, {"", OPT_CIPHER, '-', "Encrypt the output with any supported cipher"}, -# ifndef OPENSSL_NO_ENGINE +#ifndef OPENSSL_NO_ENGINE {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"}, -# endif +#endif {"primes", OPT_PRIMES, 'p', "Specify number of primes"}, {NULL} }; @@ -198,4 +194,3 @@ static int genrsa_cb(int p, int n, BN_GENCB *cb) (void)BIO_flush(BN_GENCB_get_arg(cb)); return 1; } -#endif diff --git a/apps/ocsp.c b/apps/ocsp.c index b85a4d82c1..eb98c25310 100644 --- a/apps/ocsp.c +++ b/apps/ocsp.c @@ -9,65 +9,62 @@ #include <openssl/opensslconf.h> -#ifdef OPENSSL_NO_OCSP -NON_EMPTY_TRANSLATION_UNIT -#else -# ifdef OPENSSL_SYS_VMS -# define _XOPEN_SOURCE_EXTENDED/* So fd_set and friends get properly defined +#ifdef OPENSSL_SYS_VMS +# define _XOPEN_SOURCE_EXTENDED/* So fd_set and friends get properly defined * on OpenVMS */ -# endif +#endif -# include <stdio.h> -# include <stdlib.h> -# include <string.h> -# include <time.h> -# include <ctype.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <time.h> +#include <ctype.h> /* Needs to be included before the openssl headers */ -# include "apps.h" -# include "progs.h" -# include "internal/sockets.h" -# include <openssl/e_os2.h> -# include <openssl/crypto.h> -# include <openssl/err.h> -# include <openssl/ssl.h> -# include <openssl/evp.h> -# include <openssl/bn.h> -# include <openssl/x509v3.h> -# include <openssl/rand.h> +#include "apps.h" +#include "progs.h" +#include "internal/sockets.h" +#include <openssl/e_os2.h> +#include <openssl/crypto.h> +#include <openssl/err.h> +#include <openssl/ssl.h> +#include <openssl/evp.h> +#include <openssl/bn.h> +#include <openssl/x509v3.h> +#include <openssl/rand.h> #ifndef HAVE_FORK -# if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS) -# define HAVE_FORK 0 -# else -# define HAVE_FORK 1 -# endif +#if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS) +# define HAVE_FORK 0 +#else +# define HAVE_FORK 1 +#endif #endif #if HAVE_FORK -# undef NO_FORK +#undef NO_FORK #else -# define NO_FORK +#define NO_FORK #endif -# if !defined(NO_FORK) && !defined(OPENSSL_NO_SOCK) \ +#if !defined(NO_FORK) && !defined(OPENSSL_NO_SOCK) \ && !defined(OPENSSL_NO_POSIX_IO) -# define OCSP_DAEMON -# include <sys/types.h> -# include <sys/wait.h> -# include <syslog.h> -# include <signal.h> -# define MAXERRLEN 1000 /* limit error text sent to syslog to 1000 bytes */ -# else -# undef LOG_INFO -# undef LOG_WARNING -# undef LOG_ERR -# define LOG_INFO 0 -# define LOG_WARNING 1 -# define LOG_ERR 2 -# endif +# define OCSP_DAEMON +# include <sys/types.h> +# include <sys/wait.h> +# include <syslog.h> +# include <signal.h> +# define MAXERRLEN 1000 /* limit error text sent to syslog to 1000 bytes */ +#else +# undef LOG_INFO +# undef LOG_WARNING +# undef LOG_ERR +# define LOG_INFO 0 +# define LOG_WARNING 1 +# define LOG_ERR 2 +#endif -# if defined(OPENSSL_SYS_VXWORKS) +#if defined(OPENSSL_SYS_VXWORKS) /* not supported */ int setpgid(pid_t pid, pid_t pgid) { @@ -80,9 +77,9 @@ pid_t fork(void) errno = ENOSYS; return (pid_t) -1; } -# endif +#endif /* Maximum leeway in validity period: default 5 minutes */ -# define MAX_VALIDITY_PERIOD (5 * 60) +#define MAX_VALIDITY_PERIOD (5 * 60) static int add_ocsp_cert(OCSP_REQUEST **req, X509 *cert, const EVP_MD *cert_id_md, X509 *issuer, @@ -109,20 +106,20 @@ static void log_message(int level, const char *fmt, ...); static char *prog; static int multi = 0; -# ifdef OCSP_DAEMON +#ifdef OCSP_DAEMON static int acfd = (int) INVALID_SOCKET; static int index_changed(CA_DB *); static void spawn_loop(void); static int print_syslog(const char *str, size_t len, void *levPtr); static void socket_timeout(int signum); -# endif +#endif -# ifndef OPENSSL_NO_SOCK +#ifndef OPENSSL_NO_SOCK static OCSP_RESPONSE *query_responder(BIO *cbio, const char *host, const char *path, const STACK_OF(CONF_VALUE) *headers, OCSP_REQUEST *req, int req_timeout); -# endif +#endif typedef enum OPTION_choice { OPT_ERR = -1, OPT_EOF = 0, OPT_HELP, @@ -160,9 +157,9 @@ const OPTIONS ocsp_options[] = { "Don't include any certificates in response"}, {"resp_key_id", OPT_RESP_KEY_ID, '-', "Identify response by signing certificate key ID"}, -# ifdef OCSP_DAEMON +#ifdef OCSP_DAEMON {"multi", OPT_MULTI, 'p', "run multiple responder processes"}, -# endif +#endif {"no_certs", OPT_NO_CERTS, '-', "Don't include any certificates in signed request"}, {"no_signature_verify", OPT_NO_SIGNATURE_VERIFY, '-', @@ -511,9 +508,9 @@ int ocsp_main(int argc, char **argv) trailing_md = 1; break; case OPT_MULTI: -# ifdef OCSP_DAEMON +#ifdef OCSP_DAEMON multi = atoi(opt_arg()); -# endif +#endif break; } } @@ -593,7 +590,7 @@ int ocsp_main(int argc, char **argv) } } -# ifdef OCSP_DAEMON +#ifdef OCSP_DAEMON if (multi && acbio != NULL) spawn_loop(); if (acbio != NULL && req_timeout > 0) @@ -606,7 +603,7 @@ int ocsp_main(int argc, char **argv) redo_accept: if (acbio != NULL) { -# ifdef OCSP_DAEMON +#ifdef OCSP_DAEMON if (index_changed(rdb)) { CA_DB *newrdb = load_index(ridx_filename, NULL); @@ -619,7 +616,7 @@ redo_accept: ridx_filename); } } -# endif +#endif req = NULL; if (!do_responder(&req, &cbio, acbio, req_timeout)) @@ -688,16 +685,16 @@ redo_accept: if (cbio != NULL) send_ocsp_response(cbio, resp); } else if (host != NULL) { -# ifndef OPENSSL_NO_SOCK +#ifndef OPENSSL_NO_SOCK resp = process_responder(req, host, path, port, use_ssl, headers, req_timeout); if (resp == NULL) goto end; -# else +#else BIO_printf(bio_err, "Error creating connect BIO - sockets not supported.\n"); goto end; -# endif +#endif } else if (respin != NULL) { derbio = bio_open_default(respin, 'r', FORMAT_ASN1); if (derbio == NULL) @@ -840,7 +837,7 @@ log_message(int level, const char *fmt, ...) va_list ap; va_start(ap, fmt); -# ifdef OCSP_DAEMON +#ifdef OCSP_DAEMON if (multi) { char buf[1024]; if (vsnprintf(buf, sizeof(buf), fmt, ap) > 0) { @@ -849,7 +846,7 @@ log_message(int level, const char *fmt, ...) if (level >= LOG_ERR) ERR_print_errors_cb(print_syslog, &level); } -# endif +#endif if (!multi) { BIO_printf(bio_err, "%s: ", prog); BIO_vprintf(bio_err, fmt, ap); @@ -858,7 +855,7 @@ log_message(int level, const char *fmt, ...) va_end(ap); } -# ifdef OCSP_DAEMON +#ifdef OCSP_DAEMON static int print_syslog(const char *str, size_t len, void *levPtr) { @@ -1011,7 +1008,7 @@ static void spawn_loop(void) syslog(LOG_INFO, "terminating on signal: %d", termsig); killall(0, kidpids); } -# endif +#endif static int add_ocsp_cert(OCSP_REQUEST **req, X509 *cert, const EVP_MD *cert_id_md, X509 *issuer, @@ -1291,11 +1288,11 @@ static char **lookup_serial(CA_DB *db, ASN1_INTEGER *ser) static BIO *init_responder(const char *port) { -# ifdef OPENSSL_NO_SOCK +#ifdef OPENSSL_NO_SOCK BIO_printf(bio_err, "Error setting up accept BIO - sockets not supported.\n"); return NULL; -# else +#else BIO *acbio = NULL, *bufbio = NULL; bufbio = BIO_new(BIO_f_buffer()); @@ -1322,10 +1319,10 @@ static BIO *init_responder(const char *port) BIO_free_all(acbio); BIO_free(bufbio); return NULL; -# endif +#endif } -# ifndef OPENSSL_NO_SOCK +#ifndef OPENSSL_NO_SOCK /* * Decode %xx URL-decoding in-place. Ignores mal-formed sequences. */ @@ -1349,22 +1346,22 @@ static int urldecode(char *p) *out = '\0'; return (int)(out - save); } -# endif +#endif -# ifdef OCSP_DAEMON +#ifdef OCSP_DAEMON static void socket_timeout(int signum) { if (acfd != (int)INVALID_SOCKET) (void)shutdown(acfd, SHUT_RD); } -# endif +#endif static int do_responder(OCSP_REQUEST **preq, BIO **pcbio, BIO *acbio, int timeout) { -# ifdef OPENSSL_NO_SOCK +#ifdef OPENSSL_NO_SOCK return 0; -# else +#else int len; OCSP_REQUEST *req = NULL; char inbuf[2048], reqbuf[2048]; @@ -1382,12 +1379,12 @@ static int do_responder(OCSP_REQUEST **preq, BIO **pcbio, BIO *acbio, *pcbio = cbio; client = BIO_get_peer_name(cbio); -# ifdef OCSP_DAEMON +# ifdef OCSP_DAEMON if (timeout > 0) { (void) BIO_get_fd(cbio, &acfd); alarm(timeout); } -# endif +# endif /* Read the request line. */ len = BIO_gets(cbio, reqbuf, sizeof(reqbuf)); @@ -1450,11 +1447,11 @@ static int do_responder(OCSP_REQUEST **preq, BIO **pcbio, BIO *acbio, break; } -# ifdef OCSP_DAEMON +# ifdef OCSP_DAEMON /* Clear alarm before we close the client socket */ alarm(0); timeout = 0; -# endif +# endif /* Try to read OCSP request */ if (getbio != NULL) { @@ -1470,13 +1467,13 @@ static int do_responder(OCSP_REQUEST **preq, BIO **pcbio, BIO *acbio, *preq = req; out: -# ifdef OCSP_DAEMON +# ifdef OCSP_DAEMON if (timeout > 0) alarm(0); acfd = (int)INVALID_SOCKET; -# endif - return 1; # endif + return 1; |