From 0f113f3ee4d629ef9a4a30911b22b224772085e5 Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Thu, 22 Jan 2015 03:40:55 +0000 Subject: Run util/openssl-format-source -v -c . Reviewed-by: Tim Hudson --- apps/app_rand.c | 188 +- apps/apps.c | 5588 ++++++++++++++++++++++++------------------------ apps/apps.h | 364 ++-- apps/asn1pars.c | 741 ++++--- apps/ca.c | 5573 ++++++++++++++++++++++++------------------------ apps/ciphers.c | 327 ++- apps/cms.c | 2717 +++++++++++------------- apps/crl.c | 706 +++---- apps/crl2p7.c | 466 ++-- apps/dgst.c | 1096 +++++----- apps/dh.c | 517 +++-- apps/dhparam.c | 866 ++++---- apps/dsa.c | 569 +++-- apps/dsaparam.c | 792 ++++--- apps/ec.c | 566 +++-- apps/ecparam.c | 1181 +++++------ apps/enc.c | 1228 ++++++----- apps/engine.c | 884 ++++---- apps/errstr.c | 101 +- apps/gendh.c | 344 +-- apps/gendsa.c | 418 ++-- apps/genpkey.c | 653 +++--- apps/genrsa.c | 511 ++--- apps/nseq.c | 181 +- apps/ocsp.c | 2649 +++++++++++------------ apps/openssl.c | 1039 +++++---- apps/passwd.c | 936 ++++---- apps/pkcs12.c | 1650 ++++++++------- apps/pkcs7.c | 413 ++-- apps/pkcs8.c | 685 +++--- apps/pkey.c | 381 ++-- apps/pkeyparam.c | 211 +- apps/pkeyutl.c | 899 ++++---- apps/prime.c | 159 +- apps/progs.h | 360 ++-- apps/rand.c | 295 ++- apps/req.c | 3206 ++++++++++++++-------------- apps/rsa.c | 744 ++++--- apps/rsautl.c | 555 ++--- apps/s_apps.h | 100 +- apps/s_cb.c | 3223 ++++++++++++++-------------- apps/s_client.c | 3917 +++++++++++++++++----------------- apps/s_server.c | 5743 ++++++++++++++++++++++++-------------------------- apps/s_socket.c | 1169 +++++----- apps/s_time.c | 779 +++---- apps/sess_id.c | 438 ++-- apps/smime.c | 1398 ++++++------ apps/speed.c | 5575 ++++++++++++++++++++++++------------------------ apps/spkac.c | 403 ++-- apps/srp.c | 7 +- apps/testdsa.h | 430 ++-- apps/testrsa.h | 3896 +++++++++++++++++----------------- apps/timeouts.h | 14 +- apps/ts.c | 1910 +++++++++-------- apps/verify.c | 606 +++--- apps/version.c | 139 +- apps/vms_decc_init.c | 168 +- apps/winrand.c | 153 +- apps/x509.c | 2359 ++++++++++----------- 59 files changed, 35603 insertions(+), 37583 deletions(-) mode change 100755 => 100644 apps/vms_decc_init.c (limited to 'apps') diff --git a/apps/app_rand.c b/apps/app_rand.c index b7b6128c1e..595fc7821c 100644 --- a/apps/app_rand.c +++ b/apps/app_rand.c @@ -5,21 +5,21 @@ * This package is an SSL implementation written * by Eric Young (eay@cryptsoft.com). * The implementation was written so as to conform with Netscapes SSL. - * + * * This library is free for commercial and non-commercial use as long as * the following conditions are aheared to. The following conditions * apply to all code found in this distribution, be it the RC4, RSA, * lhash, DES, etc., code; not just the SSL code. The SSL documentation * included with this distribution is covered by the same copyright terms * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * + * * Copyright remains Eric Young's, and as such any Copyright notices in * the code are not to be removed. * If this package is used in a product, Eric Young should be given attribution * as the author of the parts of the library used. * This can be in the form of a textual message at program startup or * in documentation (online or textual) provided with the package. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -34,10 +34,10 @@ * Eric Young (eay@cryptsoft.com)" * The word 'cryptographic' can be left out if the rouines from the library * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from + * 4. If you include any Windows specific code (or a derivative thereof) from * the apps directory (application code) you must include an acknowledgement: * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * + * * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -49,7 +49,7 @@ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. - * + * * The licence and distribution terms for any publically available version or * derivative of this code cannot be changed. i.e. this code cannot simply be * copied and put under another distribution licence @@ -63,7 +63,7 @@ * are met: * * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in @@ -115,104 +115,106 @@ #include #include - static int seeded = 0; static int egdsocket = 0; int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn) - { - int consider_randfile = (file == NULL); - char buffer[200]; - +{ + int consider_randfile = (file == NULL); + char buffer[200]; + #ifdef OPENSSL_SYS_WINDOWS - BIO_printf(bio_e,"Loading 'screen' into random state -"); - BIO_flush(bio_e); - RAND_screen(); - BIO_printf(bio_e," done\n"); + BIO_printf(bio_e, "Loading 'screen' into random state -"); + BIO_flush(bio_e); + RAND_screen(); + BIO_printf(bio_e, " done\n"); #endif - if (file == NULL) - file = RAND_file_name(buffer, sizeof buffer); - else if (RAND_egd(file) > 0) - { - /* we try if the given filename is an EGD socket. - if it is, we don't write anything back to the file. */ - egdsocket = 1; - return 1; - } - if (file == NULL || !RAND_load_file(file, -1)) - { - if (RAND_status() == 0) - { - if (!dont_warn) - { - BIO_printf(bio_e,"unable to load 'random state'\n"); - BIO_printf(bio_e,"This means that the random number generator has not been seeded\n"); - BIO_printf(bio_e,"with much random data.\n"); - if (consider_randfile) /* explanation does not apply when a file is explicitly named */ - { - BIO_printf(bio_e,"Consider setting the RANDFILE environment variable to point at a file that\n"); - BIO_printf(bio_e,"'random' data can be kept in (the file will be overwritten).\n"); - } - } - return 0; - } - } - seeded = 1; - return 1; - } + if (file == NULL) + file = RAND_file_name(buffer, sizeof buffer); + else if (RAND_egd(file) > 0) { + /* + * we try if the given filename is an EGD socket. if it is, we don't + * write anything back to the file. + */ + egdsocket = 1; + return 1; + } + if (file == NULL || !RAND_load_file(file, -1)) { + if (RAND_status() == 0) { + if (!dont_warn) { + BIO_printf(bio_e, "unable to load 'random state'\n"); + BIO_printf(bio_e, + "This means that the random number generator has not been seeded\n"); + BIO_printf(bio_e, "with much random data.\n"); + if (consider_randfile) { /* explanation does not apply when a + * file is explicitly named */ + BIO_printf(bio_e, + "Consider setting the RANDFILE environment variable to point at a file that\n"); + BIO_printf(bio_e, + "'random' data can be kept in (the file will be overwritten).\n"); + } + } + return 0; + } + } + seeded = 1; + return 1; +} long app_RAND_load_files(char *name) - { - char *p,*n; - int last; - long tot=0; - int egd; - - for (;;) - { - last=0; - for (p=name; ((*p != '\0') && (*p != LIST_SEPARATOR_CHAR)); p++); - if (*p == '\0') last=1; - *p='\0'; - n=name; - name=p+1; - if (*n == '\0') break; +{ + char *p, *n; + int last; + long tot = 0; + int egd; - egd=RAND_egd(n); - if (egd > 0) - tot+=egd; - else - tot+=RAND_load_file(n,-1); - if (last) break; - } - if (tot > 512) - app_RAND_allow_write_file(); - return(tot); - } + for (;;) { + last = 0; + for (p = name; ((*p != '\0') && (*p != LIST_SEPARATOR_CHAR)); p++) ; + if (*p == '\0') + last = 1; + *p = '\0'; + n = name; + name = p + 1; + if (*n == '\0') + break; + + egd = RAND_egd(n); + if (egd > 0) + tot += egd; + else + tot += RAND_load_file(n, -1); + if (last) + break; + } + if (tot > 512) + app_RAND_allow_write_file(); + return (tot); +} int app_RAND_write_file(const char *file, BIO *bio_e) - { - char buffer[200]; - - if (egdsocket || !seeded) - /* If we did not manage to read the seed file, - * we should not write a low-entropy seed file back -- - * it would suppress a crucial warning the next time - * we want to use it. */ - return 0; +{ + char buffer[200]; + + if (egdsocket || !seeded) + /* + * If we did not manage to read the seed file, we should not write a + * low-entropy seed file back -- it would suppress a crucial warning + * the next time we want to use it. + */ + return 0; - if (file == NULL) - file = RAND_file_name(buffer, sizeof buffer); - if (file == NULL || !RAND_write_file(file)) - { - BIO_printf(bio_e,"unable to write 'random state'\n"); - return 0; - } - return 1; - } + if (file == NULL) + file = RAND_file_name(buffer, sizeof buffer); + if (file == NULL || !RAND_write_file(file)) { + BIO_printf(bio_e, "unable to write 'random state'\n"); + return 0; + } + return 1; +} void app_RAND_allow_write_file(void) - { - seeded = 1; - } +{ + seeded = 1; +} diff --git a/apps/apps.c b/apps/apps.c index 2731554a29..b6549d5040 100644 --- a/apps/apps.c +++ b/apps/apps.c @@ -5,21 +5,21 @@ * This package is an SSL implementation written * by Eric Young (eay@cryptsoft.com). * The implementation was written so as to conform with Netscapes SSL. - * + * * This library is free for commercial and non-commercial use as long as * the following conditions are aheared to. The following conditions * apply to all code found in this distribution, be it the RC4, RSA, * lhash, DES, etc., code; not just the SSL code. The SSL documentation * included with this distribution is covered by the same copyright terms * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * + * * Copyright remains Eric Young's, and as such any Copyright notices in * the code are not to be removed. * If this package is used in a product, Eric Young should be given attribution * as the author of the parts of the library used. * This can be in the form of a textual message at program startup or * in documentation (online or textual) provided with the package. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -34,10 +34,10 @@ * Eric Young (eay@cryptsoft.com)" * The word 'cryptographic' can be left out if the rouines from the library * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from + * 4. If you include any Windows specific code (or a derivative thereof) from * the apps directory (application code) you must include an acknowledgement: * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * + * * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -49,7 +49,7 @@ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. - * + * * The licence and distribution terms for any publically available version or * derivative of this code cannot be changed. i.e. this code cannot simply be * copied and put under another distribution licence @@ -63,7 +63,7 @@ * are met: * * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in @@ -110,18 +110,17 @@ */ #if !defined(_POSIX_C_SOURCE) && defined(OPENSSL_SYS_VMS) -/* On VMS, you need to define this to get - * the declaration of fileno(). The value - * 2 is to make sure no function defined - * in POSIX-2 is left undefined. +/* + * On VMS, you need to define this to get the declaration of fileno(). The + * value 2 is to make sure no function defined in POSIX-2 is left undefined. */ -#define _POSIX_C_SOURCE 2 +# define _POSIX_C_SOURCE 2 #endif #include #include #include #if !defined(OPENSSL_SYSNAME_WIN32) && !defined(OPENSSL_SYSNAME_WINCE) && !defined(NETWARE_CLIB) -#include +# include #endif #include #include @@ -135,14 +134,14 @@ #include #include #ifndef OPENSSL_NO_ENGINE -#include +# include #endif #ifndef OPENSSL_NO_RSA -#include +# include #endif #include #ifndef OPENSSL_NO_JPAKE -#include +# include #endif #define NON_MAIN @@ -151,2770 +150,2596 @@ #ifdef _WIN32 static int WIN32_rename(const char *from, const char *to); -#define rename(from,to) WIN32_rename((from),(to)) +# define rename(from,to) WIN32_rename((from),(to)) #endif typedef struct { - const char *name; - unsigned long flag; - unsigned long mask; + const char *name; + unsigned long flag; + unsigned long mask; } NAME_EX_TBL; static UI_METHOD *ui_method = NULL; -static int set_table_opts(unsigned long *flags, const char *arg, const NAME_EX_TBL *in_tbl); -static int set_multi_opts(unsigned long *flags, const char *arg, const NAME_EX_TBL *in_tbl); +static int set_table_opts(unsigned long *flags, const char *arg, + const NAME_EX_TBL * in_tbl); +static int set_multi_opts(unsigned long *flags, const char *arg, + const NAME_EX_TBL * in_tbl); #if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_RSA) /* Looks like this stuff is worth moving into separate function */ -static EVP_PKEY * -load_netscape_key(BIO *err, BIO *key, const char *file, - const char *key_descrip, int format); +static EVP_PKEY *load_netscape_key(BIO *err, BIO *key, const char *file, + const char *key_descrip, int format); #endif int app_init(long mesgwin); -#ifdef undef /* never finished - probably never will be :-) */ +#ifdef undef /* never finished - probably never will be + * :-) */ int args_from_file(char *file, int *argc, char **argv[]) - { - FILE *fp; - int num,i; - unsigned int len; - static char *buf=NULL; - static char **arg=NULL; - char *p; - - fp=fopen(file,"r"); - if (fp == NULL) - return(0); - - if (fseek(fp,0,SEEK_END)==0) - len=ftell(fp), rewind(fp); - else len=-1; - if (len<=0) - { - fclose(fp); - return(0); - } - - *argc=0; - *argv=NULL; - - if (buf != NULL) OPENSSL_free(buf); - buf=(char *)OPENSSL_malloc(len+1); - if (buf == NULL) return(0); - - len=fread(buf,1,len,fp); - if (len <= 1) return(0); - buf[len]='\0'; - - i=0; - for (p=buf; *p; p++) - if (*p == '\n') i++; - if (arg != NULL) OPENSSL_free(arg); - arg=(char **)OPENSSL_malloc(sizeof(char *)*(i*2)); - - *argv=arg; - num=0; - p=buf; - for (;;) - { - if (!*p) break; - if (*p == '#') /* comment line */ - { - while (*p && (*p != '\n')) p++; - continue; - } - /* else we have a line */ - *(arg++)=p; - num++; - while (*p && ((*p != ' ') && (*p != '\t') && (*p != '\n'))) - p++; - if (!*p) break; - if (*p == '\n') - { - *(p++)='\0'; - continue; - } - /* else it is a tab or space */ - p++; - while (*p && ((*p == ' ') || (*p == '\t') || (*p == '\n'))) - p++; - if (!*p) break; - if (*p == '\n') - { - p++; - continue; - } - *(arg++)=p++; - num++; - while (*p && (*p != '\n')) p++; - if (!*p) break; - /* else *p == '\n' */ - *(p++)='\0'; - } - *argc=num; - return(1); - } +{ + FILE *fp; + int num, i; + unsigned int len; + static char *buf = NULL; + static char **arg = NULL; + char *p; + + fp = fopen(file, "r"); + if (fp == NULL) + return (0); + + if (fseek(fp, 0, SEEK_END) == 0) + len = ftell(fp), rewind(fp); + else + len = -1; + if (len <= 0) { + fclose(fp); + return (0); + } + + *argc = 0; + *argv = NULL; + + if (buf != NULL) + OPENSSL_free(buf); + buf = (char *)OPENSSL_malloc(len + 1); + if (buf == NULL) + return (0); + + len = fread(buf, 1, len, fp); + if (len <= 1) + return (0); + buf[len] = '\0'; + + i = 0; + for (p = buf; *p; p++) + if (*p == '\n') + i++; + if (arg != NULL) + OPENSSL_free(arg); + arg = (char **)OPENSSL_malloc(sizeof(char *) * (i * 2)); + + *argv = arg; + num = 0; + p = buf; + for (;;) { + if (!*p) + break; + if (*p == '#') { /* comment line */ + while (*p && (*p != '\n')) + p++; + continue; + } + /* else we have a line */ + *(arg++) = p; + num++; + while (*p && ((*p != ' ') && (*p != '\t') && (*p != '\n'))) + p++; + if (!*p) + break; + if (*p == '\n') { + *(p++) = '\0'; + continue; + } + /* else it is a tab or space */ + p++; + while (*p && ((*p == ' ') || (*p == '\t') || (*p == '\n'))) + p++; + if (!*p) + break; + if (*p == '\n') { + p++; + continue; + } + *(arg++) = p++; + num++; + while (*p && (*p != '\n')) + p++; + if (!*p) + break; + /* else *p == '\n' */ + *(p++) = '\0'; + } + *argc = num; + return (1); +} #endif int str2fmt(char *s) - { - if (s == NULL) - return FORMAT_UNDEF; - if ((*s == 'D') || (*s == 'd')) - return(FORMAT_ASN1); - else if ((*s == 'T') || (*s == 't')) - return(FORMAT_TEXT); - else if ((strcmp(s,"NSS") == 0) || (strcmp(s,"nss") == 0)) - return(FORMAT_NSS); - else if ((*s == 'N') || (*s == 'n')) - return(FORMAT_NETSCAPE); - else if ((*s == 'S') || (*s == 's')) - return(FORMAT_SMIME); - else if ((*s == 'M') || (*s == 'm')) - return(FORMAT_MSBLOB); - else if ((*s == '1') - || (strcmp(s,"PKCS12") == 0) || (strcmp(s,"pkcs12") == 0) - || (strcmp(s,"P12") == 0) || (strcmp(s,"p12") == 0)) - return(FORMAT_PKCS12); - else if ((*s == 'E') || (*s == 'e')) - return(FORMAT_ENGINE); - else if ((*s == 'H') || (*s == 'h')) - return FORMAT_HTTP; - else if ((*s == 'P') || (*s == 'p')) - { - if (s[1] == 'V' || s[1] == 'v') - return FORMAT_PVK; - else - return(FORMAT_PEM); - } - else - return(FORMAT_UNDEF); - } +{ + if (s == NULL) + return FORMAT_UNDEF; + if ((*s == 'D') || (*s == 'd')) + return (FORMAT_ASN1); + else if ((*s == 'T') || (*s == 't')) + return (FORMAT_TEXT); + else if ((strcmp(s, "NSS") == 0) || (strcmp(s, "nss") == 0)) + return (FORMAT_NSS); + else if ((*s == 'N') || (*s == 'n')) + return (FORMAT_NETSCAPE); + else if ((*s == 'S') || (*s == 's')) + return (FORMAT_SMIME); + else if ((*s == 'M') || (*s == 'm')) + return (FORMAT_MSBLOB); + else if ((*s == '1') + || (strcmp(s, "PKCS12") == 0) || (strcmp(s, "pkcs12") == 0) + || (strcmp(s, "P12") == 0) || (strcmp(s, "p12") == 0)) + return (FORMAT_PKCS12); + else if ((*s == 'E') || (*s == 'e')) + return (FORMAT_ENGINE); + else if ((*s == 'H') || (*s == 'h')) + return FORMAT_HTTP; + else if ((*s == 'P') || (*s == 'p')) { + if (s[1] == 'V' || s[1] == 'v') + return FORMAT_PVK; + else + return (FORMAT_PEM); + } else + return (FORMAT_UNDEF); +} #if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_NETWARE) void program_name(char *in, char *out, int size) - { - int i,n; - char *p=NULL; - - n=strlen(in); - /* find the last '/', '\' or ':' */ - for (i=n-1; i>0; i--) - { - if ((in[i] == '/') || (in[i] == '\\') || (in[i] == ':')) - { - p= &(in[i+1]); - break; - } - } - if (p == NULL) - p=in; - n=strlen(p); - -#if defined(OPENSSL_SYS_NETWARE) - /* strip off trailing .nlm if present. */ - if ((n > 4) && (p[n-4] == '.') && - ((p[n-3] == 'n') || (p[n-3] == 'N')) && - ((p[n-2] == 'l') || (p[n-2] == 'L')) && - ((p[n-1] == 'm') || (p[n-1] == 'M'))) - n-=4; -#else - /* strip off trailing .exe if present. */ - if ((n > 4) && (p[n-4] == '.') && - ((p[n-3] == 'e') || (p[n-3] == 'E')) && - ((p[n-2] == 'x') || (p[n-2] == 'X')) && - ((p[n-1] == 'e') || (p[n-1] == 'E'))) - n-=4; -#endif +{ + int i, n; + char *p = NULL; + + n = strlen(in); + /* find the last '/', '\' or ':' */ + for (i = n - 1; i > 0; i--) { + if ((in[i] == '/') || (in[i] == '\\') || (in[i] == ':')) { + p = &(in[i + 1]); + break; + } + } + if (p == NULL) + p = in; + n = strlen(p); + +# if defined(OPENSSL_SYS_NETWARE) + /* strip off trailing .nlm if present. */ + if ((n > 4) && (p[n - 4] == '.') && + ((p[n - 3] == 'n') || (p[n - 3] == 'N')) && + ((p[n - 2] == 'l') || (p[n - 2] == 'L')) && + ((p[n - 1] == 'm') || (p[n - 1] == 'M'))) + n -= 4; +# else + /* strip off trailing .exe if present. */ + if ((n > 4) && (p[n - 4] == '.') && + ((p[n - 3] == 'e') || (p[n - 3] == 'E')) && + ((p[n - 2] == 'x') || (p[n - 2] == 'X')) && + ((p[n - 1] == 'e') || (p[n - 1] == 'E'))) + n -= 4; +# endif + + if (n > size - 1) + n = size - 1; - if (n > size-1) - n=size-1; - - for (i=0; i= 'A') && (p[i] <= 'Z')) - out[i]=p[i]-'A'+'a'; - else - out[i]=p[i]; - } - out[n]='\0'; - } + for (i = 0; i < n; i++) { + if ((p[i] >= 'A') && (p[i] <= 'Z')) + out[i] = p[i] - 'A' + 'a'; + else + out[i] = p[i]; + } + out[n] = '\0'; +} #else -#ifdef OPENSSL_SYS_VMS +# ifdef OPENSSL_SYS_VMS void program_name(char *in, char *out, int size) - { - char *p=in, *q; - char *chars=":]>"; - - while(*chars != '\0') - { - q=strrchr(p,*chars); - if (q > p) - p = q + 1; - chars++; - } - - q=strrchr(p,'.'); - if (q == NULL) - q = p + strlen(p); - strncpy(out,p,size-1); - if (q-p >= size) - { - out[size-1]='\0'; - } - else - { - out[q-p]='\0'; - } - } -#else +{ + char *p = in, *q; + char *chars = ":]>"; + + while (*chars != '\0') { + q = strrchr(p, *chars); + if (q > p) + p = q + 1; + chars++; + } + + q = strrchr(p, '.'); + if (q == NULL) + q = p + strlen(p); + strncpy(out, p, size - 1); + if (q - p >= size) { + out[size - 1] = '\0'; + } else { + out[q - p] = '\0'; + } +} +# else void program_name(char *in, char *out, int size) - { - char *p; - - p=strrchr(in,'/'); - if (p != NULL) - p++; - else - p=in; - BUF_strlcpy(out,p,size); - } -#endif +{ + char *p; + + p = strrchr(in, '/'); + if (p != NULL) + p++; + else + p = in; + BUF_strlcpy(out, p, size); +} +# endif #endif int chopup_args(ARGS *arg, char *buf, int *argc, char **argv[]) - { - int num,i; - char *p; - - *argc=0; - *argv=NULL; - - i=0; - if (arg->count == 0) - { - arg->count=20; - arg->data=(char **)OPENSSL_malloc(sizeof(char *)*arg->count); - if (arg->data == NULL) - return 0; - } - for (i=0; icount; i++) - arg->data[i]=NULL; - - num=0; - p=buf; - for (;;) - { - /* first scan over white space */ - if (!*p) break; - while (*p && ((*p == ' ') || (*p == '\t') || (*p == '\n'))) - p++; - if (!*p) break; - - /* The start of something good :-) */ - if (num >= arg->count) - { - char **tmp_p; - int tlen = arg->count + 20; - tmp_p = (char **)OPENSSL_realloc(arg->data, - sizeof(char *)*tlen); - if (tmp_p == NULL) - return 0; - arg->data = tmp_p; - arg->count = tlen; - /* initialize newly allocated data */ - for (i = num; i < arg->count; i++) - arg->data[i] = NULL; - } - arg->data[num++]=p; - - /* now look for the end of this */ - if ((*p == '\'') || (*p == '\"')) /* scan for closing quote */ - { - i= *(p++); - arg->data[num-1]++; /* jump over quote */ - while (*p && (*p != i)) - p++; - *p='\0'; - } - else - { - while (*p && ((*p != ' ') && - (*p != '\t') && (*p != '\n'))) - p++; - - if (*p == '\0') - p--; - else - *p='\0'; - } - p++; - } - *argc=num; - *argv=arg->data; - return(1); - } +{ + int num, i; + char *p; + + *argc = 0; + *argv = NULL; + + i = 0; + if (arg->count == 0) { + arg->count = 20; + arg->data = (char **)OPENSSL_malloc(sizeof(char *) * arg->count); + if (arg->data == NULL) + return 0; + } + for (i = 0; i < arg->count; i++) + arg->data[i] = NULL; + + num = 0; + p = buf; + for (;;) { + /* first scan over white space */ + if (!*p) + break; + while (*p && ((*p == ' ') || (*p == '\t') || (*p == '\n'))) + p++; + if (!*p) + break; + + /* The start of something good :-) */ + if (num >= arg->count) { + char **tmp_p; + int tlen = arg->count + 20; + tmp_p = (char **)OPENSSL_realloc(arg->data, + sizeof(char *) * tlen); + if (tmp_p == NULL) + return 0; + arg->data = tmp_p; + arg->count = tlen; + /* initialize newly allocated data */ + for (i = num; i < arg->count; i++) + arg->data[i] = NULL; + } + arg->data[num++] = p; + + /* now look for the end of this */ + if ((*p == '\'') || (*p == '\"')) { /* scan for closing quote */ + i = *(p++); + arg->data[num - 1]++; /* jump over quote */ + while (*p && (*p != i)) + p++; + *p = '\0'; + } else { + while (*p && ((*p != ' ') && (*p != '\t') && (*p != '\n'))) + p++; + + if (*p == '\0') + p--; + else + *p = '\0'; + } + p++; + } + *argc = num; + *argv = arg->data; + return (1); +} #ifndef APP_INIT int app_init(long mesgwin) - { - return(1); - } +{ + return (1); +} #endif - -int dump_cert_text (BIO *out, X509 *x) +int dump_cert_text(BIO *out, X509 *x) { - char *p; + char *p; - p=X509_NAME_oneline(X509_get_subject_name(x),NULL,0); - BIO_puts(out,"subject="); - BIO_puts(out,p); - OPENSSL_free(p); + p = X509_NAME_oneline(X509_get_subject_name(x), NULL, 0); + BIO_puts(out, "subject="); + BIO_puts(out, p); + OPENSSL_free(p); - p=X509_NAME_oneline(X509_get_issuer_name(x),NULL,0); - BIO_puts(out,"\nissuer="); - BIO_puts(out,p); - BIO_puts(out,"\n"); - OPENSSL_free(p); + p = X509_NAME_oneline(X509_get_issuer_name(x), NULL, 0); + BIO_puts(out, "\nissuer="); + BIO_puts(out, p); + BIO_puts(out, "\n"); + OPENSSL_free(p); - return 0; + return 0; } static int ui_open(UI *ui) - { - return UI_method_get_opener(UI_OpenSSL())(ui); - } +{ + return UI_method_get_opener(UI_OpenSSL())(ui); +} + static int ui_read(UI *ui, UI_STRING *uis) - { - if (UI_get_input_flags(uis) & UI_INPUT_FLAG_DEFAULT_PWD - && UI_get0_user_data(ui)) - { - switch(UI_get_string_type(uis)) - { - case UIT_PROMPT: - case UIT_VERIFY: - { - const char *password = - ((PW_CB_DATA *)UI_get0_user_data(ui))->password; - if (password && password[0] != '\0') - { - UI_set_result(ui, uis, password); - return 1; - } - } - default: - break; - } - } - return UI_method_get_reader(UI_OpenSSL())(ui, uis); - } +{ + if (UI_get_input_flags(uis) & UI_INPUT_FLAG_DEFAULT_PWD + && UI_get0_user_data(ui)) { + switch (UI_get_string_type(uis)) { + case UIT_PROMPT: + case UIT_VERIFY: + { + const char *password = + ((PW_CB_DATA *)UI_get0_user_data(ui))->password; + if (password && password[0] != '\0') { + UI_set_result(ui, uis, password); + return 1; + } + } + default: + break; + } + } + return UI_method_get_reader(UI_OpenSSL())(ui, uis); +} + static int ui_write(UI *ui, UI_STRING *uis) - { - if (UI_get_input_flags(uis) & UI_INPUT_FLAG_DEFAULT_PWD - && UI_get0_user_data(ui)) - { - switch(UI_get_string_type(uis)) - { - case UIT_PROMPT: - case UIT_VERIFY: - { - const char *password = - ((PW_CB_DATA *)UI_get0_user_data(ui))->password; - if (password && password[0] != '\0') - return 1; - } - default: - break; - } - } - return UI_method_get_writer(UI_OpenSSL())(ui, uis); - } +{ + if (UI_get_input_flags(uis) & UI_INPUT_FLAG_DEFAULT_PWD + && UI_get0_user_data(ui)) { + switch (UI_get_string_type(uis)) { + case UIT_PROMPT: + case UIT_VERIFY: + { + const char *password = + ((PW_CB_DATA *)UI_get0_user_data(ui))->password; + if (password && password[0] != '\0') + return 1; + } + default: + break; + } + } + return UI_method_get_writer(UI_OpenSSL())(ui, uis); +} + static int ui_close(UI *ui) - { - return UI_method_get_closer(UI_OpenSSL())(ui); - } +{ + return UI_method_get_closer(UI_OpenSSL())(ui); +} + int setup_ui_method(void) - { - ui_method = UI_create_method("OpenSSL application user interface"); - UI_method_set_opener(ui_method, ui_open); - UI_method_set_reader(ui_method, ui_read); - UI_method_set_writer(ui_method, ui_write); - UI_method_set_closer(ui_method, ui_close); - return 0; - } +{ + ui_method = UI_create_method("OpenSSL application user interface"); + UI_method_set_opener(ui_method, ui_open); + UI_method_set_reader(ui_method, ui_read); + UI_method_set_writer(ui_method, ui_write); + UI_method_set_closer(ui_method, ui_close); + return 0; +} + void destroy_ui_method(void) - { - if(ui_method) - { - UI_destroy_method(ui_method); - ui_method = NULL; - } - } -int password_callback(char *buf, int bufsiz, int verify, - PW_CB_DATA *cb_tmp) - { - UI *ui = NULL; - int res = 0; - const char *prompt_info = NULL; - const char *password = NULL; - PW_CB_DATA *cb_data = (PW_CB_DATA *)cb_tmp; - - if (cb_data) - { - if (cb_data->password) - password = cb_data->password; - if (cb_data->prompt_info) - prompt_info = cb_data->prompt_info; - } - - if (password) - { - res = strlen(password); - if (res > bufsiz) - res = bufsiz; - memcpy(buf, password, res); - return res; - } - - ui = UI_new_method(ui_method); - if (ui) - { - int ok = 0; - char *buff = NULL; - int ui_flags = 0; - char *prompt = NULL; - - prompt = UI_construct_prompt(ui, "pass phrase", - prompt_info); - - ui_flags |= UI_INPUT_FLAG_DEFAULT_PWD; - UI_ctrl(ui, UI_CTRL_PRINT_ERRORS, 1, 0, 0); - - if (ok >= 0) - ok = UI_add_input_string(ui,prompt,ui_flags,buf, - PW_MIN_LENGTH,bufsiz-1); - if (ok >= 0 && verify) - { - buff = (char *)OPENSSL_malloc(bufsiz); - ok = UI_add_verify_string(ui,prompt,ui_flags,buff, - PW_MIN_LENGTH,bufsiz-1, buf); - } - if (ok >= 0) - do - { - ok = UI_process(ui); - } - while (ok < 0 && UI_ctrl(ui, UI_CTRL_IS_REDOABLE, 0, 0, 0)); - - if (buff) - { - OPENSSL_cleanse(buff,(unsigned int)bufsiz); - OPENSSL_free(buff); - } - - if (ok >= 0) - res = strlen(buf); - if (ok == -1) - { - BIO_printf(bio_err, "User interface error\n"); - ERR_print_errors(bio_err); - OPENSSL_cleanse(buf,(unsigned int)bufsiz); - res = 0; - } - if (ok == -2) - { - BIO_printf(bio_err,"aborted!\n"); - OPENSSL_cleanse(buf,(unsigned int)bufsiz); - res = 0; - } - UI_free(ui); - OPENSSL_free(prompt); - } - return res; - } +{ + if (ui_method) { + UI_destroy_method(ui_method); + ui_method = NULL; + } +} + +int password_callback(char *buf, int bufsiz, int verify, PW_CB_DATA *cb_tmp) +{ + UI *ui = NULL; + int res = 0; + const char *prompt_info = NULL; + const char *password = NULL; + PW_CB_DATA *cb_data = (PW_CB_DATA *)cb_tmp; + + if (cb_data) { + if (cb_data->password) + password = cb_data->password; + if (cb_data->prompt_info) + prompt_info = cb_data->prompt_info; + } + + if (password) { + res = strlen(password); + if (res > bufsiz) + res = bufsiz; + memcpy(buf, password, res); + return res; + } + + ui = UI_new_method(ui_method); + if (ui) { + int ok = 0; + char *buff = NULL; + int ui_flags = 0; + char *prompt = NULL; + + prompt = UI_construct_prompt(ui, "pass phrase", prompt_info); + + ui_flags |= UI_INPUT_FLAG_DEFAULT_PWD; + UI_ctrl(ui, UI_CTRL_PRINT_ERRORS, 1, 0, 0); + + if (ok >= 0) + ok = UI_add_input_string(ui, prompt, ui_flags, buf, + PW_MIN_LENGTH, bufsiz - 1); + if (ok >= 0 && verify) { + buff = (char *)OPENSSL_malloc(bufsiz); + ok = UI_add_verify_string(ui, prompt, ui_flags, buff, + PW_MIN_LENGTH, bufsiz - 1, buf); + } + if (ok >= 0) + do { + ok = UI_process(ui); + } + while (ok < 0 && UI_ctrl(ui, UI_CTRL_IS_REDOABLE, 0, 0, 0)); + + if (buff) { + OPENSSL_cleanse(buff, (unsigned int)bufsiz); + OPENSSL_free(buff); + } + + if (ok >= 0) + res = strlen(buf); + if (ok == -1) { + BIO_printf(bio_err, "User interface error\n"); + ERR_print_errors(bio_err); + OPENSSL_cleanse(buf, (unsigned int)bufsiz); + res = 0; + } + if (ok == -2) { + BIO_printf(bio_err, "aborted!\n"); + OPENSSL_cleanse(buf, (unsigned int)bufsiz); + res = 0; + } + UI_free(ui); + OPENSSL_free(prompt); + } + return res; +} static char *app_get_pass(BIO *err, char *arg, int keepbio); int app_passwd(BIO *err, char *arg1, char *arg2, char **pass1, char **pass2) { - int same; - if(!arg2 || !arg1 || strcmp(arg1, arg2)) same = 0; - else same = 1; - if(arg1) { - *pass1 = app_get_pass(err, arg1, same); - if(!*pass1) return 0; - } else if(pass1) *pass1 = NULL; - if(arg2) { - *pass2 = app_get_pass(err, arg2, same ? 2 : 0); - if(!*pass2) return 0; - } else if(pass2) *pass2 = NULL; - return 1; + int same; + if (!arg2 || !arg1 || strcmp(arg1, arg2)) + same = 0; + else + same = 1; + if (arg1) { + *pass1 = app_get_pass(err, arg1, same); + if (!*pass1) + return 0; + } else if (pass1) + *pass1 = NULL; + if (arg2) { + *pass2 = app_get_pass(err, arg2, same ? 2 : 0); + if (!*pass2) + return 0; + } else if (pass2) + *pass2 = NULL; + return 1; } static char *app_get_pass(BIO *err, char *arg, int keepbio) { - char *tmp, tpass[APP_PASS_LEN]; - static BIO *pwdbio = NULL; - int i; - if(!strncmp(arg, "pass:", 5)) return BUF_strdup(arg + 5); - if(!strncmp(arg, "env:", 4)) { - tmp = getenv(arg + 4); - if(!tmp) { - BIO_printf(err, "Can't read environment variable %s\n", arg + 4); - return NULL; - } - return BUF_strdup(tmp); - } - if(!keepbio || !pwdbio) { - if(!strncmp(arg, "file:", 5)) { - pwdbio = BIO_new_file(arg + 5, "r"); - if(!pwdbio) { - BIO_printf(err, "Can't open file %s\n", arg + 5); - return NULL; - } + char *tmp, tpass[APP_PASS_LEN]; + static BIO *pwdbio = NULL; + int i; + if (!strncmp(arg, "pass:", 5)) + return BUF_strdup(arg + 5); + if (!strncmp(arg, "env:", 4)) { + tmp = getenv(arg + 4); + if (!tmp) { + BIO_printf(err, "Can't read environment variable %s\n", arg + 4); + return NULL; + } + return BUF_strdup(tmp); + } + if (!keepbio || !pwdbio) { + if (!strncmp(arg, "file:", 5)) { + pwdbio = BIO_new_file(arg + 5, "r"); + if (!pwdbio) { + BIO_printf(err, "Can't open file %s\n", arg + 5); + return NULL; + } #if !defined(_WIN32) - /* - * Under _WIN32, which covers even Win64 and CE, file - * descriptors referenced by BIO_s_fd are not inherited - * by child process and therefore below is not an option. - * It could have been an option if bss_fd.c was operating - * on real Windows descriptors, such as those obtained - * with CreateFile. - */ - } else if(!strncmp(arg, "fd:", 3)) { - BIO *btmp; - i = atoi(arg + 3); - if(i >= 0) pwdbio = BIO_new_fd(i, BIO_NOCLOSE); - if((i < 0) || !pwdbio) { - BIO_printf(err, "Can't access file descriptor %s\n", arg + 3); - return NULL; - } - /* Can't do BIO_gets on an fd BIO so add a buffering BIO */ - btmp = BIO_new(BIO_f_buffer()); - pwdbio = BIO_push(btmp, pwdbio); -#endif - } else if(!strcmp(arg, "stdin")) { - pwdbio = BIO_new_fp(stdin, BIO_NOCLOSE); - if(!pwdbio) { - BIO_printf(err, "Can't open BIO for stdin\n"); - return NULL; - } - } else { - BIO_printf(err, "Invalid password argument \"%s\"\n", arg); - return NULL; - } - } - i = BIO_gets(pwdbio, tpass, APP_PASS_LEN); - if(keepbio != 1) { - BIO_free_all(pwdbio); - pwdbio = NULL; - } - if(i <= 0) { - BIO_printf(err, "Error reading password from BIO\n"); - return NULL; - } - tmp = strchr(tpass, '\n'); - if(tmp) *tmp = 0; - return BUF_strdup(tpass); + /* + * Under _WIN32, which covers even Win64 and CE, file + * descriptors referenced by BIO_s_fd are not inherited + * by child process and therefore below is not an option. + * It could have been an option if bss_fd.c was operating + * on real Windows descriptors, such as those obtained + * with CreateFile. + */ + } else if (!strncmp(arg, "fd:", 3)) { + BIO *btmp; + i = atoi(arg + 3); + if (i >= 0) + pwdbio = BIO_new_fd(i, BIO_NOCLOSE); + if ((i < 0) || !pwdbio) { + BIO_printf(err, "Can't access file descriptor %s\n", arg + 3); + return NULL; + } + /* + * Can't do BIO_gets on an fd BIO so add a buffering BIO + */ + btmp = BIO_new(BIO_f_buffer()); + pwdbio = BIO_push(btmp, pwdbio); +#endif + } else if (!strcmp(arg, "stdin")) { + pwdbio = BIO_new_fp(stdin, BIO_NOCLOSE); + if (!pwdbio) { + BIO_printf(err, "Can't open BIO for stdin\n"); + return NULL; + } + } else { + BIO_printf(err, "Invalid password argument \"%s\"\n", arg); + return NULL; + } + } + i = BIO_gets(pwdbio, tpass, APP_PASS_LEN); + if (keepbio != 1) { + BIO_free_all(pwdbio); + pwdbio = NULL; + } + if (i <= 0) { + BIO_printf(err, "Error reading password from BIO\n"); + return NULL; + } + tmp = strchr(tpass, '\n'); + if (tmp) + *tmp = 0; + return BUF_strdup(tpass); } int add_oid_section(BIO *err, CONF *conf) -{ - char *p; - STACK_OF(CONF_VALUE) *sktmp; - CONF_VALUE *cnf; - int i; - if(!(p=NCONF_get_string(conf,NULL,"oid_section"))) - { - ERR_clear_error(); - return 1; - } - if(!(sktmp = NCONF_get_section(conf, p))) { - BIO_printf(err, "problem loading oid section %s\n", p); - return 0; - } - for(i = 0; i < sk_CONF_VALUE_num(sktmp); i++) { - cnf = sk_CONF_VALUE_value(sktmp, i); - if(OBJ_create(cnf->value, cnf->name, cnf->name) == NID_undef) { - BIO_printf(err, "problem creating object %s=%s\n", - cnf->name, cnf->value); - return 0; - } - } - return 1; +{ + char *p; + STACK_OF(CONF_VALUE) *sktmp; + CONF_VALUE *cnf; + int i; + if (!(p = NCONF_get_string(conf, NULL, "oid_section"))) { + ERR_clear_error(); + return 1; + } + if (!(sktmp = NCONF_get_section(conf, p))) { + BIO_printf(err, "problem loading oid section %s\n", p); + return 0; + } + for (i = 0; i < sk_CONF_VALUE_num(sktmp); i++) { + cnf = sk_CONF_VALUE_value(sktmp, i); + if (OBJ_create(cnf->value, cnf->name, cnf->name) == NID_undef) { + BIO_printf(err, "problem creating object %s=%s\n", + cnf->name, cnf->value); + return 0; + } + } + return 1; } static int load_pkcs12(BIO *err, BIO *in, const char *desc, - pem_password_cb *pem_cb, void *cb_data, - EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca) - { - const char *pass; - char tpass[PEM_BUFSIZE]; - int len, ret = 0; - PKCS12 *p12; - p12 = d2i_PKCS12_bio(in, NULL); - if (p12 == NULL) - { - BIO_printf(err, "Error loading PKCS12 file for %s\n", desc); - goto die; - } - /* See if an empty password will do */ - if (PKCS12_verify_mac(p12, "", 0) || PKCS12_verify_mac(p12, NULL, 0)) - pass = ""; - else - { - if (!pem_cb) - pem_cb = (pem_password_cb *)password_callback; - len = pem_cb(tpass, PEM_BUFSIZE, 0, cb_data); - if (len < 0) - { - BIO_printf(err, "Passpharse callback error for %s\n", - desc); - goto die; - } - if (len < PEM_BUFSIZE) - tpass[len] = 0; - if (!PKCS12_verify_mac(p12, tpass, len)) - { - BIO_printf(err, - "Mac verify error (wrong password?) in PKCS12 file for %s\n", desc); - goto die; - } - pass = tpass; - } - ret = PKCS12_parse(p12, pass, pkey, cert, ca); - die: - if (p12) - PKCS12_free(p12); - return ret; - } + pem_password_cb *pem_cb, void *cb_data, + EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca) +{ + const char *pass; + char tpass[PEM_BUFSIZE]; + int len, ret = 0; + PKCS12 *p12; + p12 = d2i_PKCS12_bio(in, NULL); + if (p12 == NULL) { + BIO_printf(err, "Error loading PKCS12 file for %s\n", desc); + goto die; + } + /* See if an empty password will do */ + if (PKCS12_verify_mac(p12, "", 0) || PKCS12_verify_mac(p12, NULL, 0)) + pass = ""; + else { + if (!pem_cb) + pem_cb = (pem_password_cb *)password_callback; + len = pem_cb(tpass, PEM_BUFSIZE, 0, cb_data); + if (len < 0) { + BIO_printf(err, "Passpharse callback error for %s\n", desc); + goto die; + } + if (len < PEM_BUFSIZE) + tpass[len] = 0; + if (!PKCS12_verify_mac(p12, tpass, len)) { + BIO_printf(err, + "Mac verify error (wrong password?) in PKCS12 file for %s\n", + desc); + goto die; + } + pass = tpass; + } + ret = PKCS12_parse(p12, pass, pkey, cert, ca); + die: + if (p12) + PKCS12_free(p12); + return ret; +} int load_cert_crl_http(const char *url, BIO *err, - X509 **pcert, X509_CRL **pcrl) - { - char *host = NULL, *port = NULL, *path = NULL; - BIO *bio = NULL; - OCSP_REQ_CTX *rctx = NULL; - int use_ssl, rv = 0; - if (!OCSP_parse_url(url, &host, &port, &path, &use_ssl)) - goto err; - if (use_ssl) - { - if (err) - BIO_puts(err, "https not supported\n"); - goto err; - } - bio = BIO_new_connect(host); - if (!bio || !BIO_set_conn_port(bio, port)) - goto err; - rctx = OCSP_REQ_CTX_new(bio, 1024); - if (!rctx) - goto err; - if (!OCSP_REQ_CTX_http(rctx, "GET", path)) - goto err; - if (!OCSP_REQ_CTX_add1_header(rctx, "Host", host)) - goto err; - if (pcert) - { - do - { - rv = X509_http_nbio(rctx, pcert); - } - while (rv == -1); - } - else - { - do - { - rv = X509_CRL_http_nbio(rctx, pcrl); - } while (rv == -1); - } - - err: - if (host) - OPENSSL_free(host); - if (path) - OPENSSL_free(path); - if (port) - OPENSSL_free(port); - if (bio) - BIO_free_all(bio); - if (rctx) - OCSP_REQ_CTX_free(rctx); - if (rv != 1) - { - if (bio && err) - BIO_printf(bio_err, "Error loading %s from %s\n", - pcert ? "certificate" : "CRL", url); - ERR_print_errors(bio_err); - } - return rv; - } + X509 **pcert, X509_CRL **pcrl) +{ + char *host = NULL, *port = NULL, *path = NULL; + BIO *bio = NULL; + OCSP_REQ_CTX *rctx = NULL; + int use_ssl, rv = 0; + if (!OCSP_parse_url(url, &host, &port, &path, &use_ssl)) + goto err; + if (use_ssl) { + if (err) + BIO_puts(err, "https not supported\n"); + goto err; + } + bio = BIO_new_connect(host); + if (!bio || !BIO_set_conn_port(bio, port)) + goto err; + rctx = OCSP_REQ_CTX_new(bio, 1024); + if (!rctx) + goto err; + if (!OCSP_REQ_CTX_http(rctx, "GET", path)) + goto err; + if (!OCSP_REQ_CTX_add1_header(rctx, "Host", host)) + goto err; + if (pcert) { + do { + rv = X509_http_nbio(rctx, pcert); + } + while (rv == -1); + } else { + do { + rv = X509_CRL_http_nbio(rctx, pcrl); + } while (rv == -1); + } + + err: + if (host) + OPENSSL_free(host); + if (path) + OPENSSL_free(path); + if (port) + OPENSSL_free(port); + if (bio) + BIO_free_all(bio); + if (rctx) + OCSP_REQ_CTX_free(rctx); + if (rv != 1) { + if (bio && err) + BIO_printf(bio_err, "Error loading %s from %s\n", + pcert ? "certificate" : "CRL", url); + ERR_print_errors(bio_err); + } + return rv; +} X509 *load_cert(BIO *err, const char *file, int format, - const char *pass, ENGINE *e, const char *cert_descrip) - { - X509 *x=NULL; - BIO *cert; - - if (format == FORMAT_HTTP) - { - load_cert_crl_http(file, err, &x, NULL); - return x; - } - - if ((cert=BIO_new(BIO_s_file())) == NULL) - { - ERR_print_errors(err); - goto end; - } - - if (file == NULL) - { + const char *pass, ENGINE *e, const char *cert_descrip) +{ + X509 *x = NULL; + BIO *cert; + + if (format == FORMAT_HTTP) { + load_cert_crl_http(file, err, &x, NULL); + return x; + } + + if ((cert = BIO_new(BIO_s_file())) == NULL) { + ERR_print_errors(err); + goto end; + } + + if (file == NULL) { #ifdef _IONBF # ifndef OPENSSL_NO_SETVBUF_IONBF - setvbuf(stdin, NULL, _IONBF, 0); -# endif /* ndef OPENSSL_NO_SETVBUF_IONBF */ -#endif - BIO_set_fp(cert,stdin,BIO_NOCLOSE); - } - else - { - if (BIO_read_filename(cert,file) <= 0) - { - BIO_printf(err, "Error opening %s %s\n", - cert_descrip, file); - ERR_print_errors(err); - goto end; - } - } - - if (format == FORMAT_ASN1) - x=d2i_X509_bio(cert,NULL); - else if (format == FORMAT_NETSCAPE) - { - NETSCAPE_X509 *nx; - nx=ASN1_item_d2i_bio(ASN1_ITEM_rptr(NETSCAPE_X509),cert,NULL); - if (nx == NULL) - goto end; - - if ((strncmp(NETSCAPE_CERT_HDR,(char *)nx->header->data, - nx->header->length) != 0)) - { - NETSCAPE_X509_free(nx); - BIO_printf(err,"Error reading header on certificate\n"); - goto end; - } - x=nx->cert; - nx->cert = NULL; - NETSCAPE_X509_free(nx); - } - else if (format == FORMAT_PEM) - x=PEM_read_bio_X509_AUX(cert,NULL, - (pem_password_cb *)password_callback, NULL); - else if (format == FORMAT_PKCS12) - { - if (!load_pkcs12(err, cert,cert_descrip, NULL, NULL, - NULL, &x, NULL)) - goto end; - } - else { - BIO_printf(err,"bad input format specified for %s\n", - cert_descrip); - goto end; - } -end: - if (x == NULL) - { - BIO_printf(err,"unable to load certificate\n"); - ERR_print_errors(err); - } - if (cert != NULL) BIO_free(cert); - return(x); - } + setvbuf(stdin, NULL, _IONBF, 0); +# endif /* ndef OPENSSL_NO_SETVBUF_IONBF */ +#endif + BIO_set_fp(cert, stdin, BIO_NOCLOSE); + } else { + if (BIO_read_filename(cert, file) <= 0) { + BIO_printf(err, "Error opening %s %s\n", cert_descrip, file); + ERR_print_errors(err); + goto end; + } + } + + if (format == FORMAT_ASN1) + x = d2i_X509_bio(cert, NULL); + else if (format == FORMAT_NETSCAPE) { + NETSCAPE_X509 *nx; + nx = ASN1_item_d2i_bio(ASN1_ITEM_rptr(NETSCAPE_X509), cert, NULL); + if (nx == NULL) + goto end; + + if ((strncmp(NETSCAPE_CERT_HDR, (char *)nx->header->data, + nx->header->length) != 0)) { + NETSCAPE_X509_free(nx); + BIO_printf(err, "Error reading header on certificate\n"); + goto end; + } + x = nx->cert; + nx->cert = NULL; + NETSCAPE_X509_free(nx); + } else if (format == FORMAT_PEM) + x = PEM_read_bio_X509_AUX(cert, NULL, + (pem_password_cb *)password_callback, NULL); + else if (format == FORMAT_PKCS12) { + if (!load_pkcs12(err, cert, cert_descrip, NULL, NULL, NULL, &x, NULL)) + goto end; + } else { + BIO_printf(err, "bad input format specified for %s\n", cert_descrip); + goto end; + } + end: + if (x == NULL) { + BIO_printf(err, "unable to load certificate\n"); + ERR_print_errors(err); + } + if (cert != NULL) + BIO_free(cert); + return (x); +} X509_CRL *load_crl(const char *infile, int format) - { - X509_CRL *x=NULL; - BIO *in=NULL; - - if (format == FORMAT_HTTP) - { - load_cert_crl_http(infile, bio_err, NULL, &x); - return x; - } - - in=BIO_new(BIO_s_file()); - if (in == NULL) - { - ERR_print_errors(bio_err); - goto end; - } - - if (infile == NULL) - BIO_set_fp(in,stdin,BIO_NOCLOSE); - else - { - if (BIO_read_filename(in,infile) <= 0) - { - perror(infile); - goto end; - } - } - if (format == FORMAT_ASN1) - x=d2i_X509_CRL_bio(in,NULL); - else if (format == FORMAT_PEM) - x=PEM_read_bio_X509_CRL(in,NULL,NULL,NULL); - else { - BIO_printf(bio_err,"bad input format specified for input crl\n"); - goto end; - } - if (x == NULL) - { - BIO_printf(bio_err,"unable to load CRL\n"); - ERR_print_errors(bio_err); - goto end; - } - -end: - BIO_free(in); - return(x); - } +{ + X509_CRL *x = NULL; + BIO *in = NULL; + + if (format == FORMAT_HTTP) { + load_cert_crl_http(infile, bio_err, NULL, &x); + return x; + } + + in = BIO_new(BIO_s_file()); + if (in == NULL) { + ERR_print_errors(bio_err); + goto end; + } + + if (infile == NULL) + BIO_set_fp(in, stdin, BIO_NOCLOSE); + else { + if (BIO_read_filename(in, infile) <= 0) { + perror(infile); + goto end; + } + } + if (format == FORMAT_ASN1) + x = d2i_X509_CRL_bio(in, NULL); + else if (format == FORMAT_PEM) + x = PEM_read_bio_X509_CRL(in, NULL, NULL, NULL); + else { + BIO_printf(bio_err, "bad input format specified for input crl\n"); + goto end; + } + if (x == NULL) { + BIO_printf(bio_err, "unable to load CRL\n"); + ERR_print_errors(bio_err); + goto end; + } + end: + BIO_free(in); + return (x); +} EVP_PKEY *load_key(BIO *err, const char *file, int format, int maybe_stdin, - const char *pass, ENGINE *e, const char *key_descrip) - { - BIO *key=NULL; - EVP_PKEY *pkey=NULL; - PW_CB_DATA cb_data; - - cb_data.password = pass; - cb_data.prompt_info = file; - - if (file == NULL && (!maybe_stdin || format == FORMAT_ENGINE)) - { - BIO_printf(err,"no keyfile specified\n"); - goto end; - } + const char *pass, ENGINE *e, const char *key_descrip) +{ + BIO *key = NULL; + EVP_PKEY *pkey = NULL; + PW_CB_DATA cb_data; + + cb_data.password = pass; + cb_data.prompt_info = file; + + if (file == NULL && (!maybe_stdin || format == FORMAT_ENGINE)) { + BIO_printf(err, "no keyfile specified\n"); + goto end; + } #ifndef OPENSSL_NO_ENGINE - if (format == FORMAT_ENGINE) - { - if (!e) - BIO_printf(err,"no engine specified\n"); - else - { - pkey = ENGINE_load_private_key(e, file, - ui_method, &cb_data); - if (!pkey) - { - BIO_printf(err,"cannot load %s from engine\n",key_descrip); - ERR_print_errors(err); - } - } - goto end; - } -#endif - key=BIO_new(BIO_s_file()); - if (key == NULL) - { - ERR_print_errors(err); - goto end; - } - if (file == NULL && maybe_stdin) - { + if (format == FORMAT_ENGINE) { + if (!e) + BIO_printf(err, "no engine specified\n"); + else { + pkey = ENGINE_load_private_key(e, file, ui_method, &cb_data); + if (!pkey) { + BIO_printf(err, "cannot load %s from engine\n", key_descrip); + ERR_print_errors(err); + } + } + goto end; + } +#endif + key = BIO_new(BIO_s_file()); + if (key == NULL) { + ERR_print_errors(err); + goto end; + } + if (file == NULL && maybe_stdin) { #ifdef _IONBF # ifndef OPENSSL_NO_SETVBUF_IONBF - setvbuf(stdin, NULL, _IONBF, 0); -# endif /* ndef OPENSSL_NO_SETVBUF_IONBF */ -#endif - BIO_set_fp(key,stdin,BIO_NOCLOSE); - } - else - if (BIO_read_filename(key,file) <= 0) - { - BIO_printf(err, "Error opening %s %s\n", - key_descrip, file); - ERR_print_errors(err); - goto end; - } - if (format == FORMAT_ASN1) - { - pkey=d2i_PrivateKey_bio(key, NULL); - } - else if (format == FORMAT_PEM) - { - pkey=PEM_read_bio_PrivateKey(key,NULL, - (pem_password_cb *)password_callback, &cb_data); - } + setvbuf(stdin, NULL, _IONBF, 0); +# endif /* ndef OPENSSL_NO_SETVBUF_IONBF */ +#endif + BIO_set_fp(key, stdin, BIO_NOCLOSE); + } else if (BIO_read_filename(key, file) <= 0) { + BIO_printf(err, "Error opening %s %s\n", key_descrip, file); + ERR_print_errors(err); + goto end; + } + if (format == FORMAT_ASN1) { + pkey = d2i_PrivateKey_bio(key, NULL); + } else if (format == FORMAT_PEM) { + pkey = PEM_read_bio_PrivateKey(key, NULL, + (pem_password_cb *)password_callback, + &cb_data); + } #if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_RSA) - else if (format == FORMAT_NETSCAPE || format == FORMAT_IISSGC) - pkey = load_netscape_key(err, key, file, key_descrip, format); -#endif - else if (format == FORMAT_PKCS12) - { - if (!load_pkcs12(err, key, key_descrip, - (pem_password_cb *)password_callback, &cb_data, - &pkey, NULL, NULL)) - goto end; - } + else if (format == FORMAT_NETSCAPE || format == FORMAT_IISSGC) + pkey = load_netscape_key(err, key, file, key_descrip, format); +#endif + else if (format == FORMAT_PKCS12) { + if (!load_pkcs12(err, key, key_descrip, + (pem_password_cb *)password_callback, &cb_data, + &pkey, NULL, NULL)) + goto end; + } #if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DSA) && !defined (OPENSSL_NO_RC4) - else if (format == FORMAT_MSBLOB) - pkey = b2i_PrivateKey_bio(key); - else if (format == FORMAT_PVK) - pkey = b2i_PVK_bio(key, (pem_password_cb *)password_callback, - &cb_data); -#endif - else - { - BIO_printf(err,"bad input format specified for key file\n"); - goto end; - } + else if (format == FORMAT_MSBLOB) + pkey = b2i_PrivateKey_bio(key); + else if (format == FORMAT_PVK) + pkey = b2i_PVK_bio(key, (pem_password_cb *)password_callback, + &cb_data); +#endif + else { + BIO_printf(err, "bad input format specified for key file\n"); + goto end; + } end: - if (key != NULL) BIO_free(key); - if (pkey == NULL) - { - BIO_printf(err,"unable to load %s\n", key_descrip); - ERR_print_errors(err); - } - return(pkey); - } + if (key != NULL) + BIO_free(key); + if (pkey == NULL) { + BIO_printf(err, "unable to load %s\n", key_descrip); + ERR_print_errors(err); + } + return (pkey); +} EVP_PKEY *load_pubkey(BIO *err, const char *file, int format, int maybe_stdin, - const char *pass, ENGINE *e, const char *key_descrip) - { - BIO *key=NULL; - EVP_PKEY *pkey=NULL; - PW_CB_DATA cb_data; - - cb_data.password = pass; - cb_data.prompt_info = file; - - if (file == NULL && (!maybe_stdin || format == FORMAT_ENGINE)) - { - BIO_printf(err,"no keyfile specified\n"); - goto end; - } + const char *pass, ENGINE *e, const char *key_descrip) +{ + BIO *key = NULL; + EVP_PKEY *pkey = NULL; + PW_CB_DATA cb_data; + + cb_data.password = pass; + cb_data.prompt_info = file; + + if (file == NULL && (!maybe_stdin || format == FORMAT_ENGINE)) { + BIO_printf(err, "no keyfile specified\n"); + goto end; + } #ifndef OPENSSL_NO_ENGINE - if (format == FORMAT_ENGINE) - { - if (!e) - BIO_printf(bio_err,"no engine specified\n"); - else - pkey = ENGINE_load_public_key(e, file, - ui_method, &cb_data); - goto end; - } -#endif - key=BIO_new(BIO_s_file()); - if (key == NULL) - { - ERR_print_errors(err); - goto end; - } - if (file == NULL && maybe_stdin) - { + if (format == FORMAT_ENGINE) { + if (!e) + BIO_printf(bio_err, "no engine specified\n"); + else + pkey = ENGINE_load_public_key(e, file, ui_method, &cb_data); + goto end; + } +#endif + key = BIO_new(BIO_s_file()); + if (key == NULL) { + ERR_print_errors(err); + goto end; + } + if (file == NULL && maybe_stdin) { #ifdef _IONBF # ifndef OPENSSL_NO_SETVBUF_IONBF - setvbuf(stdin, NULL, _IONBF, 0); -# endif /* ndef OPENSSL_NO_SETVBUF_IONBF */ -#endif - BIO_set_fp(key,stdin,BIO_NOCLOSE); - } - else - if (BIO_read_filename(key,file) <= 0) - { - BIO_printf(err, "Error opening %s %s\n", - key_descrip, file); - ERR_print_errors(err); - goto end; - } - if (format == FORMAT_ASN1) - { - pkey=d2i_PUBKEY_bio(key, NULL); - } + setvbuf(stdin, NULL, _IONBF, 0); +# endif /* ndef OPENSSL_NO_SETVBUF_IONBF */ +#endif + BIO_set_fp(key, stdin, BIO_NOCLOSE); + } else if (BIO_read_filename(key, file) <= 0) { + BIO_printf(err, "Error opening %s %s\n", key_descrip, file); + ERR_print_errors(err); + goto end; + } + if (format == FORMAT_ASN1) { + pkey = d2i_PUBKEY_bio(key, NULL); + } #ifndef OPENSSL_NO_RSA - else if (format == FORMAT_ASN1RSA) - { - RSA *rsa; - rsa = d2i_RSAPublicKey_bio(key, NULL); - if (rsa) - { - pkey = EVP_PKEY_new(); - if (pkey) - EVP_PKEY_set1_RSA(pkey, rsa); - RSA_free(rsa); - } - else - pkey = NULL; - } - else if (format == FORMAT_PEMRSA) - { - RSA *rsa; - rsa = PEM_read_bio_RSAPublicKey(key, NULL, - (pem_password_cb *)password_callback, &cb_data); - if (rsa) - { - pkey = EVP_PKEY_new(); - if (pkey) - EVP_PKEY_set1_RSA(pkey, rsa); - RSA_free(rsa); - } - else - pkey = NULL; - } -#endif - else if (format == FORMAT_PEM) - { - pkey=PEM_read_bio_PUBKEY(key,NULL, - (pem_password_cb *)password_callback, &cb_data); - } + else if (format == FORMAT_ASN1RSA) { + RSA *rsa; + rsa = d2i_RSAPublicKey_bio(key, NULL); + if (rsa) { + pkey = EVP_PKEY_new(); + if (pkey) + EVP_PKEY_set1_RSA(pkey, rsa); + RSA_free(rsa); + } else + pkey = NULL; + } else if (format == FORMAT_PEMRSA) { + RSA *rsa; + rsa = PEM_read_bio_RSAPublicKey(key, NULL, + (pem_password_cb *)password_callback, + &cb_data); + if (rsa) { + pkey = EVP_PKEY_new(); + if (pkey) + EVP_PKEY_set1_RSA(pkey, rsa); + RSA_free(rsa); + } else + pkey = NULL; + } +#endif + else if (format == FORMAT_PEM) { + pkey = PEM_read_bio_PUBKEY(key, NULL, + (pem_password_cb *)password_callback, + &cb_data); + } #if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_RSA) - else if (format == FORMAT_NETSCAPE || format == FORMAT_IISSGC) - pkey = load_netscape_key(err, key, file, key_descrip, format); + else if (format == FORMAT_NETSCAPE || format == FORMAT_IISSGC) + pkey = load_netscape_key(err, key, file, key_descrip, format); #endif #if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DSA) - else if (format == FORMAT_MSBLOB) - pkey = b2i_PublicKey_bio(key); + else if (format == FORMAT_MSBLOB) + pkey = b2i_PublicKey_bio(key); #endif - else - { - BIO_printf(err,"bad input format specified for key file\n"); - goto end; - } + else { + BIO_printf(err, "bad input format specified for key file\n"); + goto end; + } end: - if (key != NULL) BIO_free(key); - if (pkey == NULL) - BIO_printf(err,"unable to load %s\n", key_descrip); - return(pkey); - } + if (key != NULL) + BIO_free(key); + if (pkey == NULL) + BIO_printf(err, "unable to load %s\n", key_descrip); + return (pkey); +} #if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_RSA) -static EVP_PKEY * -load_netscape_key(BIO *err, BIO *key, const char *file, - const char *key_descrip, int format) - { - EVP_PKEY *pkey; - BUF_MEM *buf; - RSA *rsa; - const unsigned char *p; - int size, i; - - buf=BUF_MEM_new(); - pkey = EVP_PKEY_new(); - size = 0; - if (buf == NULL || pkey == NULL) - goto error; - for (;;) - { - if (!BUF_MEM_grow_clean(buf,size+1024*10)) - goto error; - i = BIO_read(key, &(buf->data[size]), 1024*10); - size += i; - if (i == 0) - break; - if (i < 0) - { - BIO_printf(err, "Error reading %s %s", - key_descrip, file); - goto error; - } - } - p=(unsigned char *)buf->data; - rsa = d2i_RSA_NET(NULL,&p,(long)size,NULL, - (format == FORMAT_IISSGC ? 1 : 0)); - if (rsa == NULL) - goto error; - BUF_MEM_free(buf); - EVP_PKEY_set1_RSA(pkey, rsa); - return pkey; -error: - BUF_MEM_free(buf); - EVP_PKEY_free(pkey); - return NULL; - } -#endif /* ndef OPENSSL_NO_RC4 */ +static EVP_PKEY *load_netscape_key(BIO *err, BIO *key, const char *file, + const char *key_descrip, int format) +{ + EVP_PKEY *pkey; + BUF_MEM *buf; + RSA *rsa; + const unsigned char *p; + int size, i; + + buf = BUF_MEM_new(); + pkey = EVP_PKEY_new(); + size = 0; + if (buf == NULL || pkey == NULL) + goto error; + for (;;) { + if (!BUF_MEM_grow_clean(buf, size + 1024 * 10)) + goto error; + i = BIO_read(key, &(buf->data[size]), 1024 * 10); + size += i; + if (i == 0) + break; + if (i < 0) { + BIO_printf(err, "Error reading %s %s", key_descrip, file); + goto error; + } + } + p = (unsigned char *)buf->data; + rsa = d2i_RSA_NET(NULL, &p, (long)size, NULL, + (format == FORMAT_IISSGC ? 1 : 0)); + if (rsa == NULL) + goto error; + BUF_MEM_free(buf); + EVP_PKEY_set1_RSA(pkey, rsa); + return pkey; + error: + BUF_MEM_free(buf); + EVP_PKEY_free(pkey); + return NULL; +} +#endif /* ndef OPENSSL_NO_RC4 */ static int load_certs_crls(BIO *err, const char *file, int format, - const char *pass, ENGINE *e, const char *desc, - STAC