diff options
Diffstat (limited to 'apps')
| -rw-r--r-- | apps/ca.c | 2 | ||||
| -rw-r--r-- | apps/include/apps.h | 3 | ||||
| -rw-r--r-- | apps/lib/apps.c | 33 | ||||
| -rw-r--r-- | apps/req.c | 3 | ||||
| -rw-r--r-- | apps/storeutl.c | 14 | ||||
| -rw-r--r-- | apps/ts.c | 8 | ||||
| -rw-r--r-- | apps/x509.c | 5 |
7 files changed, 49 insertions, 19 deletions
@@ -1643,7 +1643,7 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, BIO_printf(bio_err, "Everything appears to be ok, creating and signing the certificate\n"); - if ((ret = X509_new()) == NULL) + if ((ret = X509_new_with_libctx(app_get0_libctx(), app_get0_propq())) == NULL) goto end; #ifdef X509_V3 diff --git a/apps/include/apps.h b/apps/include/apps.h index 9a76dcd339..e91cdcdb8f 100644 --- a/apps/include/apps.h +++ b/apps/include/apps.h @@ -299,4 +299,7 @@ void app_params_free(OSSL_PARAM *params); int app_provider_load(OPENSSL_CTX *libctx, const char *provider_name); void app_providers_cleanup(void); +OPENSSL_CTX *app_get0_libctx(void); +const char *app_get0_propq(void); + #endif diff --git a/apps/lib/apps.c b/apps/lib/apps.c index ba40e9bc7e..cf99ca0ebf 100644 --- a/apps/lib/apps.c +++ b/apps/lib/apps.c @@ -342,6 +342,12 @@ OPENSSL_CTX *app_get0_libctx(void) return app_libctx; } +/* TODO(3.0): Make this an environment variable if required */ +const char *app_get0_propq(void) +{ + return NULL; +} + OPENSSL_CTX *app_create_libctx(void) { /* @@ -657,9 +663,11 @@ static int load_certs_crls(const char *file, int format, if (bio == NULL) return 0; - xis = PEM_X509_INFO_read_bio(bio, NULL, - (pem_password_cb *)password_callback, - &cb_data); + xis = PEM_X509_INFO_read_bio_with_libctx(bio, NULL, + (pem_password_cb *)password_callback, + &cb_data, + app_get0_libctx(), + app_get0_propq()); BIO_free(bio); @@ -765,6 +773,8 @@ int load_key_cert_crl(const char *uri, int maybe_stdin, { PW_CB_DATA uidata; OSSL_STORE_CTX *ctx = NULL; + OPENSSL_CTX *libctx = app_get0_libctx(); + const char *propq = app_get0_propq(); int ret = 0; /* TODO make use of the engine reference 'eng' when loading pkeys */ @@ -791,11 +801,12 @@ int load_key_cert_crl(const char *uri, int maybe_stdin, unbuffer(stdin); bio = BIO_new_fp(stdin, 0); if (bio != NULL) - ctx = OSSL_STORE_attach(bio, NULL, "file", NULL, + ctx = OSSL_STORE_attach(bio, "file", libctx, propq, get_ui_method(), &uidata, NULL, NULL); uri = "<stdin>"; } else { - ctx = OSSL_STORE_open(uri, get_ui_method(), &uidata, NULL, NULL); + ctx = OSSL_STORE_open_with_libctx(uri, libctx, propq, get_ui_method(), + &uidata, NULL, NULL); } if (ctx == NULL) { BIO_printf(bio_err, "Could not open file or uri %s for loading %s\n", @@ -1099,6 +1110,8 @@ X509_STORE *setup_verify(const char *CAfile, int noCAfile, { X509_STORE *store = X509_STORE_new(); X509_LOOKUP *lookup; + OPENSSL_CTX *libctx = app_get0_libctx(); + const char *propq = app_get0_propq(); if (store == NULL) goto end; @@ -1108,12 +1121,16 @@ X509_STORE *setup_verify(const char *CAfile, int noCAfile, if (lookup == NULL) goto end; if (CAfile != NULL) { - if (!X509_LOOKUP_load_file(lookup, CAfile, X509_FILETYPE_PEM)) { + if (!X509_LOOKUP_load_file_with_libctx(lookup, CAfile, + X509_FILETYPE_PEM, + libctx, propq)) { BIO_printf(bio_err, "Error loading file %s\n", CAfile); goto end; } } else { - X509_LOOKUP_load_file(lookup, NULL, X509_FILETYPE_DEFAULT); + X509_LOOKUP_load_file_with_libctx(lookup, NULL, + X509_FILETYPE_DEFAULT, + libctx, propq); } } @@ -1135,7 +1152,7 @@ X509_STORE *setup_verify(const char *CAfile, int noCAfile, lookup = X509_STORE_add_lookup(store, X509_LOOKUP_store()); if (lookup == NULL) goto end; - if (!X509_LOOKUP_add_store(lookup, CAstore)) { + if (!X509_LOOKUP_add_store_with_libctx(lookup, CAstore, libctx, propq)) { if (CAstore != NULL) BIO_printf(bio_err, "Error loading store URI %s\n", CAstore); goto end; diff --git a/apps/req.c b/apps/req.c index 4ae828cd45..bee0329b24 100644 --- a/apps/req.c +++ b/apps/req.c @@ -742,7 +742,8 @@ int req_main(int argc, char **argv) if (x509) { EVP_PKEY *tmppkey; X509V3_CTX ext_ctx; - if ((x509ss = X509_new()) == NULL) + if ((x509ss = X509_new_with_libctx(app_get0_libctx(), + app_get0_propq())) == NULL) goto end; /* Set version to V3 */ diff --git a/apps/storeutl.c b/apps/storeutl.c index 87e8fcc9e6..95af277260 100644 --- a/apps/storeutl.c +++ b/apps/storeutl.c @@ -19,7 +19,7 @@ static int process(const char *uri, const UI_METHOD *uimeth, PW_CB_DATA *uidata, int expected, int criterion, OSSL_STORE_SEARCH *search, int text, int noout, int recursive, int indent, BIO *out, - const char *prog); + const char *prog, OPENSSL_CTX *libctx, const char *propq); typedef enum OPTION_choice { OPT_ERR = -1, OPT_EOF = 0, OPT_HELP, OPT_ENGINE, OPT_OUT, OPT_PASSIN, @@ -84,6 +84,8 @@ int storeutl_main(int argc, char *argv[]) char *alias = NULL; OSSL_STORE_SEARCH *search = NULL; const EVP_MD *digest = NULL; + OPENSSL_CTX *libctx = app_get0_libctx(); + const char *propq = app_get0_propq(); while ((o = opt_next()) != OPT_EOF) { switch (o) { @@ -322,7 +324,7 @@ int storeutl_main(int argc, char *argv[]) ret = process(argv[0], get_ui_method(), &pw_cb_data, expected, criterion, search, - text, noout, recursive, 0, out, prog); + text, noout, recursive, 0, out, prog, libctx, propq); end: OPENSSL_free(fingerprint); @@ -353,12 +355,13 @@ static int indent_printf(int indent, BIO *bio, const char *format, ...) static int process(const char *uri, const UI_METHOD *uimeth, PW_CB_DATA *uidata, int expected, int criterion, OSSL_STORE_SEARCH *search, int text, int noout, int recursive, int indent, BIO *out, - const char *prog) + const char *prog, OPENSSL_CTX *libctx, const char *propq) { OSSL_STORE_CTX *store_ctx = NULL; int ret = 1, items = 0; - if ((store_ctx = OSSL_STORE_open(uri, uimeth, uidata, NULL, NULL)) + if ((store_ctx = OSSL_STORE_open_with_libctx(uri, libctx, propq, + uimeth, uidata, NULL, NULL)) == NULL) { BIO_printf(bio_err, "Couldn't open file or uri %s\n", uri); ERR_print_errors(bio_err); @@ -439,7 +442,8 @@ static int process(const char *uri, const UI_METHOD *uimeth, PW_CB_DATA *uidata, const char *suburi = OSSL_STORE_INFO_get0_NAME(info); ret += process(suburi, uimeth, uidata, expected, criterion, search, - text, noout, recursive, indent + 2, out, prog); + text, noout, recursive, indent + 2, out, prog, + libctx, propq); } break; case OSSL_STORE_INFO_PARAMS: @@ -957,6 +957,8 @@ static X509_STORE *create_cert_store(const char *CApath, const char *CAfile, { X509_STORE *cert_ctx = NULL; X509_LOOKUP *lookup = NULL; + OPENSSL_CTX *libctx = app_get0_libctx(); + const char *propq = app_get0_propq(); cert_ctx = X509_STORE_new(); X509_STORE_set_verify_cb(cert_ctx, verify_cb); @@ -978,7 +980,9 @@ static X509_STORE *create_cert_store(const char *CApath, const char *CAfile, BIO_printf(bio_err, "memory allocation failure\n"); goto err; } - if (!X509_LOOKUP_load_file(lookup, CAfile, X509_FILETYPE_PEM)) { + if (!X509_LOOKUP_load_file_with_libctx(lookup, CAfile, + X509_FILETYPE_PEM, + libctx, propq)) { BIO_printf(bio_err, "Error loading file %s\n", CAfile); goto err; } @@ -990,7 +994,7 @@ static X509_STORE *create_cert_store(const char *CApath, const char *CAfile, BIO_printf(bio_err, "memory allocation failure\n"); goto err; } - if (!X509_LOOKUP_load_store(lookup, CAstore)) { + if (!X509_LOOKUP_load_store_with_libctx(lookup, CAstore, libctx, propq)) { BIO_printf(bio_err, "Error loading store URI %s\n", CAstore); goto err; } diff --git a/apps/x509.c b/apps/x509.c index c09bca37bc..d8f69c08eb 100644 --- a/apps/x509.c +++ b/apps/x509.c @@ -510,7 +510,8 @@ int x509_main(int argc, char **argv) goto end; } - if (!X509_STORE_set_default_paths(ctx)) { + if (!X509_STORE_set_default_paths_with_libctx(ctx, app_get0_libctx(), + app_get0_propq())) { ERR_print_errors(bio_err); goto end; } @@ -607,7 +608,7 @@ int x509_main(int argc, char **argv) "We need a private key to sign with, use -signkey or -CAkey or -CA <file> with private key\n"); goto end; } - if ((x = X509_new()) == NULL) + if ((x = X509_new_with_libctx(app_get0_libctx(), app_get0_propq())) == NULL) goto end; if (sno == NULL) { |