summaryrefslogtreecommitdiff
path: root/deps/openssl/openssl/apps
diff options
context:
space:
mode:
Diffstat (limited to 'deps/openssl/openssl/apps')
-rw-r--r--deps/openssl/openssl/apps/app_rand.c11
-rw-r--r--deps/openssl/openssl/apps/ca.c13
-rw-r--r--deps/openssl/openssl/apps/s_client.c33
-rw-r--r--deps/openssl/openssl/apps/s_server.c2
-rw-r--r--deps/openssl/openssl/apps/speed.c4
-rw-r--r--deps/openssl/openssl/apps/spkac.c19
-rw-r--r--deps/openssl/openssl/apps/srp.c66
-rw-r--r--deps/openssl/openssl/apps/tsget1
8 files changed, 72 insertions, 77 deletions
diff --git a/deps/openssl/openssl/apps/app_rand.c b/deps/openssl/openssl/apps/app_rand.c
index b6fe294a68..7f40bba764 100644
--- a/deps/openssl/openssl/apps/app_rand.c
+++ b/deps/openssl/openssl/apps/app_rand.c
@@ -124,16 +124,7 @@ int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn)
char buffer[200];
#ifdef OPENSSL_SYS_WINDOWS
- /*
- * allocate 2 to dont_warn not to use RAND_screen() via
- * -no_rand_screen option in s_client
- */
- if (dont_warn != 2) {
- BIO_printf(bio_e, "Loading 'screen' into random state -");
- BIO_flush(bio_e);
- RAND_screen();
- BIO_printf(bio_e, " done\n");
- }
+ RAND_screen();
#endif
if (file == NULL)
diff --git a/deps/openssl/openssl/apps/ca.c b/deps/openssl/openssl/apps/ca.c
index f90f033bae..9a839969a2 100644
--- a/deps/openssl/openssl/apps/ca.c
+++ b/deps/openssl/openssl/apps/ca.c
@@ -1985,10 +1985,6 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509,
/* Lets add the extensions, if there are any */
if (ext_sect) {
X509V3_CTX ctx;
- if (ci->version == NULL)
- if ((ci->version = ASN1_INTEGER_new()) == NULL)
- goto err;
- ASN1_INTEGER_set(ci->version, 2); /* version 3 certificate */
/*
* Free the current entries if any, there should not be any I believe
@@ -2051,6 +2047,15 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509,
goto err;
}
+ {
+ STACK_OF(X509_EXTENSION) *exts = ci->extensions;
+
+ if (exts != NULL && sk_X509_EXTENSION_num(exts) > 0)
+ /* Make it an X509 v3 certificate. */
+ if (!X509_set_version(ret, 2))
+ goto err;
+ }
+
/* Set the right value for the noemailDN option */
if (email_dn == 0) {
if (!X509_set_subject_name(ret, dn_subject))
diff --git a/deps/openssl/openssl/apps/s_client.c b/deps/openssl/openssl/apps/s_client.c
index ffb8ffc5af..dc467994f8 100644
--- a/deps/openssl/openssl/apps/s_client.c
+++ b/deps/openssl/openssl/apps/s_client.c
@@ -180,13 +180,6 @@ typedef unsigned int u_int;
# include <fcntl.h>
#endif
-/* Use Windows API with STD_INPUT_HANDLE when checking for input?
- Don't look at OPENSSL_SYS_MSDOS for this, since it is always defined if
- OPENSSL_SYS_WINDOWS is defined */
-#if defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_WINCE) && defined(STD_INPUT_HANDLE)
-#define OPENSSL_USE_STD_INPUT_HANDLE
-#endif
-
#undef PROG
#define PROG s_client_main
@@ -236,7 +229,6 @@ static BIO *bio_c_msg = NULL;
static int c_quiet = 0;
static int c_ign_eof = 0;
static int c_brief = 0;
-static int c_no_rand_screen = 0;
#ifndef OPENSSL_NO_PSK
/* Default PSK identity and key */
@@ -452,10 +444,6 @@ static void sc_usage(void)
" -keymatexport label - Export keying material using label\n");
BIO_printf(bio_err,
" -keymatexportlen len - Export len bytes of keying material (default 20)\n");
-#ifdef OPENSSL_SYS_WINDOWS
- BIO_printf(bio_err,
- " -no_rand_screen - Do not use RAND_screen() to initialize random state\n");
-#endif
}
#ifndef OPENSSL_NO_TLSEXT
@@ -1148,10 +1136,6 @@ int MAIN(int argc, char **argv)
keymatexportlen = atoi(*(++argv));
if (keymatexportlen == 0)
goto bad;
-#ifdef OPENSSL_SYS_WINDOWS
- } else if (strcmp(*argv, "-no_rand_screen") == 0) {
- c_no_rand_screen = 1;
-#endif
} else {
BIO_printf(bio_err, "unknown option %s\n", *argv);
badop = 1;
@@ -1268,7 +1252,7 @@ int MAIN(int argc, char **argv)
if (!load_excert(&exc, bio_err))
goto end;
- if (!app_RAND_load_file(NULL, bio_err, ++c_no_rand_screen) && inrand == NULL
+ if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL
&& !RAND_status()) {
BIO_printf(bio_err,
"warning, not much extra random data, consider using the -rand option\n");
@@ -1683,6 +1667,8 @@ int MAIN(int argc, char **argv)
if (strstr(mbuf, "/stream:features>"))
goto shut;
seen = BIO_read(sbio, mbuf, BUFSIZZ);
+ if (seen <= 0)
+ goto shut;
mbuf[seen] = 0;
}
BIO_printf(sbio,
@@ -1806,7 +1792,10 @@ int MAIN(int argc, char **argv)
tv.tv_usec = 0;
i = select(width, (void *)&readfds, (void *)&writefds,
NULL, &tv);
-#if defined(OPENSSL_USE_STD_INPUT_HANDLE)
+# if defined(OPENSSL_SYS_WINCE) || defined(OPENSSL_SYS_MSDOS)
+ if (!i && (!_kbhit() || !read_tty))
+ continue;
+# else
if (!i && (!((_kbhit())
|| (WAIT_OBJECT_0 ==
WaitForSingleObject(GetStdHandle
@@ -1814,8 +1803,6 @@ int MAIN(int argc, char **argv)
0)))
|| !read_tty))
continue;
-#else
- if(!i && (!_kbhit() || !read_tty) ) continue;
# endif
} else
i = select(width, (void *)&readfds, (void *)&writefds,
@@ -2017,12 +2004,12 @@ int MAIN(int argc, char **argv)
}
}
#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS)
-#if defined(OPENSSL_USE_STD_INPUT_HANDLE)
+# if defined(OPENSSL_SYS_WINCE) || defined(OPENSSL_SYS_MSDOS)
+ else if (_kbhit())
+# else
else if ((_kbhit())
|| (WAIT_OBJECT_0 ==
WaitForSingleObject(GetStdHandle(STD_INPUT_HANDLE), 0)))
-#else
- else if (_kbhit())
# endif
#elif defined (OPENSSL_SYS_NETWARE)
else if (_kbhit())
diff --git a/deps/openssl/openssl/apps/s_server.c b/deps/openssl/openssl/apps/s_server.c
index d758713869..98ffc09314 100644
--- a/deps/openssl/openssl/apps/s_server.c
+++ b/deps/openssl/openssl/apps/s_server.c
@@ -3017,7 +3017,7 @@ static int www_body(char *hostname, int s, int stype, unsigned char *context)
PEM_write_bio_X509(io, peer);
} else
BIO_puts(io, "no client certificate available\n");
- BIO_puts(io, "</BODY></HTML>\r\n\r\n");
+ BIO_puts(io, "</pre></BODY></HTML>\r\n\r\n");
break;
} else if ((www == 2 || www == 3)
&& (strncmp("GET /", buf, 5) == 0)) {
diff --git a/deps/openssl/openssl/apps/speed.c b/deps/openssl/openssl/apps/speed.c
index 6cd1021525..5259c16f12 100644
--- a/deps/openssl/openssl/apps/speed.c
+++ b/deps/openssl/openssl/apps/speed.c
@@ -307,7 +307,8 @@ static SIGRETTYPE sig_done(int sig)
# if !defined(SIGALRM)
# define SIGALRM
# endif
-static unsigned int lapse, schlock;
+static volatile unsigned int lapse;
+static volatile unsigned int schlock;
static void alarm_win32(unsigned int secs)
{
lapse = secs * 1000;
@@ -725,6 +726,7 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err, "no EVP given\n");
goto end;
}
+ evp_md = NULL;
evp_cipher = EVP_get_cipherbyname(*argv);
if (!evp_cipher) {
evp_md = EVP_get_digestbyname(*argv);
diff --git a/deps/openssl/openssl/apps/spkac.c b/deps/openssl/openssl/apps/spkac.c
index 7f5333fe83..4b4106d03b 100644
--- a/deps/openssl/openssl/apps/spkac.c
+++ b/deps/openssl/openssl/apps/spkac.c
@@ -5,7 +5,7 @@
* 1999. Based on an original idea by Massimiliano Pala (madwolf@openca.org).
*/
/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2017 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -185,20 +185,23 @@ int MAIN(int argc, char **argv)
}
e = setup_engine(bio_err, engine, 0);
- if (keyfile) {
+ if (keyfile != NULL) {
pkey = load_key(bio_err,
strcmp(keyfile, "-") ? keyfile : NULL,
FORMAT_PEM, 1, passin, e, "private key");
- if (!pkey) {
+ if (pkey == NULL)
goto end;
- }
spki = NETSCAPE_SPKI_new();
- if (challenge)
+ if (spki == NULL)
+ goto end;
+ if (challenge != NULL)
ASN1_STRING_set(spki->spkac->challenge,
challenge, (int)strlen(challenge));
NETSCAPE_SPKI_set_pubkey(spki, pkey);
NETSCAPE_SPKI_sign(spki, pkey, EVP_md5());
spkstr = NETSCAPE_SPKI_b64_encode(spki);
+ if (spkstr == NULL)
+ goto end;
if (outfile)
out = BIO_new_file(outfile, "w");
@@ -253,7 +256,7 @@ int MAIN(int argc, char **argv)
spki = NETSCAPE_SPKI_b64_decode(spkstr, -1);
- if (!spki) {
+ if (spki == NULL) {
BIO_printf(bio_err, "Error loading SPKAC\n");
ERR_print_errors(bio_err);
goto end;
@@ -282,9 +285,9 @@ int MAIN(int argc, char **argv)
pkey = NETSCAPE_SPKI_get_pubkey(spki);
if (verify) {
i = NETSCAPE_SPKI_verify(spki, pkey);
- if (i > 0)
+ if (i > 0) {
BIO_printf(bio_err, "Signature OK\n");
- else {
+ } else {
BIO_printf(bio_err, "Signature Failure\n");
ERR_print_errors(bio_err);
goto end;
diff --git a/deps/openssl/openssl/apps/srp.c b/deps/openssl/openssl/apps/srp.c
index ce01a24f2a..491445df60 100644
--- a/deps/openssl/openssl/apps/srp.c
+++ b/deps/openssl/openssl/apps/srp.c
@@ -123,13 +123,14 @@ static int get_index(CA_DB *db, char *id, char type)
int i;
if (id == NULL)
return -1;
- if (type == DB_SRP_INDEX)
+ if (type == DB_SRP_INDEX) {
for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++) {
pp = sk_OPENSSL_PSTRING_value(db->db->data, i);
if (pp[DB_srptype][0] == DB_SRP_INDEX
&& !strcmp(id, pp[DB_srpid]))
return i;
- } else
+ }
+ } else {
for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++) {
pp = sk_OPENSSL_PSTRING_value(db->db->data, i);
@@ -137,6 +138,7 @@ static int get_index(CA_DB *db, char *id, char type)
&& !strcmp(id, pp[DB_srpid]))
return i;
}
+ }
return -1;
}
@@ -177,8 +179,8 @@ static int update_index(CA_DB *db, BIO *bio, char **row)
char **irow;
int i;
- if ((irow =
- (char **)OPENSSL_malloc(sizeof(char *) * (DB_NUMBER + 1))) == NULL) {
+ irow = (char **)OPENSSL_malloc(sizeof(char *) * (DB_NUMBER + 1));
+ if (irow == NULL) {
BIO_printf(bio_err, "Memory allocation failure\n");
return 0;
}
@@ -205,30 +207,32 @@ static char *srp_verify_user(const char *user, const char *srp_verifier,
char *srp_usersalt, const char *g, const char *N,
const char *passin, BIO *bio, int verbose)
{
- char password[1024];
+ char password[1025];
PW_CB_DATA cb_tmp;
char *verifier = NULL;
char *gNid = NULL;
+ int len;
cb_tmp.prompt_info = user;
cb_tmp.password = passin;
- if (password_callback(password, 1024, 0, &cb_tmp) > 0) {
+ len = password_callback(password, sizeof(password)-1, 0, &cb_tmp);
+ if (len > 0) {
+ password[len] = 0;
VERBOSE BIO_printf(bio,
"Validating\n user=\"%s\"\n srp_verifier=\"%s\"\n srp_usersalt=\"%s\"\n g=\"%s\"\n N=\"%s\"\n",
user, srp_verifier, srp_usersalt, g, N);
- BIO_printf(bio, "Pass %s\n", password);
+ VVERBOSE BIO_printf(bio, "Pass %s\n", password);
- if (!
- (gNid =
- SRP_create_verifier(user, password, &srp_usersalt, &verifier, N,
- g))) {
+ if (!(gNid = SRP_create_verifier(user, password, &srp_usersalt,
+ &verifier, N, g))) {
BIO_printf(bio, "Internal error validating SRP verifier\n");
} else {
if (strcmp(verifier, srp_verifier))
gNid = NULL;
OPENSSL_free(verifier);
}
+ OPENSSL_cleanse(password, len);
}
return gNid;
}
@@ -237,24 +241,27 @@ static char *srp_create_user(char *user, char **srp_verifier,
char **srp_usersalt, char *g, char *N,
char *passout, BIO *bio, int verbose)
{
- char password[1024];
+ char password[1025];
PW_CB_DATA cb_tmp;
char *gNid = NULL;
char *salt = NULL;
+ int len;
cb_tmp.prompt_info = user;
cb_tmp.password = passout;
- if (password_callback(password, 1024, 1, &cb_tmp) > 0) {
+ len = password_callback(password, sizeof(password)-1, 1, &cb_tmp);
+ if (len > 0) {
+ password[len] = 0;
VERBOSE BIO_printf(bio,
"Creating\n user=\"%s\"\n g=\"%s\"\n N=\"%s\"\n",
user, g, N);
- if (!
- (gNid =
- SRP_create_verifier(user, password, &salt, srp_verifier, N,
- g))) {
+ if (!(gNid = SRP_create_verifier(user, password, &salt,
+ srp_verifier, N, g))) {
BIO_printf(bio, "Internal error creating SRP verifier\n");
- } else
+ } else {
*srp_usersalt = salt;
+ }
+ OPENSSL_cleanse(password, len);
VVERBOSE BIO_printf(bio, "gNid=%s salt =\"%s\"\n verifier =\"%s\"\n",
gNid, salt, *srp_verifier);
@@ -314,9 +321,9 @@ int MAIN(int argc, char **argv)
argc--;
argv++;
while (argc >= 1 && badops == 0) {
- if (strcmp(*argv, "-verbose") == 0)
+ if (strcmp(*argv, "-verbose") == 0) {
verbose++;
- else if (strcmp(*argv, "-config") == 0) {
+ } else if (strcmp(*argv, "-config") == 0) {
if (--argc < 1)
goto bad;
configfile = *(++argv);
@@ -328,15 +335,15 @@ int MAIN(int argc, char **argv)
if (--argc < 1)
goto bad;
dbfile = *(++argv);
- } else if (strcmp(*argv, "-add") == 0)
+ } else if (strcmp(*argv, "-add") == 0) {
add_user = 1;
- else if (strcmp(*argv, "-delete") == 0)
+ } else if (strcmp(*argv, "-delete") == 0) {
delete_user = 1;
- else if (strcmp(*argv, "-modify") == 0)
+ } else if (strcmp(*argv, "-modify") == 0) {
modify_user = 1;
- else if (strcmp(*argv, "-list") == 0)
+ } else if (strcmp(*argv, "-list") == 0) {
list_user = 1;
- else if (strcmp(*argv, "-gn") == 0) {
+ } else if (strcmp(*argv, "-gn") == 0) {
if (--argc < 1)
goto bad;
gN = *(++argv);
@@ -366,8 +373,9 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err, "unknown option %s\n", *argv);
badops = 1;
break;
- } else
+ } else {
break;
+ }
argc--;
argv++;
@@ -388,7 +396,7 @@ int MAIN(int argc, char **argv)
"Need at least one user for options -add, -delete, -modify. \n");
badops = 1;
}
- if ((passin || passout) && argc != 1) {
+ if ((passargin || passargout) && argc != 1) {
BIO_printf(bio_err,
"-passin, -passout arguments only valid with one user.\n");
badops = 1;
@@ -706,9 +714,9 @@ int MAIN(int argc, char **argv)
doupdatedb = 1;
}
}
- if (--argc > 0)
+ if (--argc > 0) {
user = *(argv++);
- else {
+ } else {
user = NULL;
list_user = 0;
}
diff --git a/deps/openssl/openssl/apps/tsget b/deps/openssl/openssl/apps/tsget
index 0d54e9fc9a..0fca99f438 100644
--- a/deps/openssl/openssl/apps/tsget
+++ b/deps/openssl/openssl/apps/tsget
@@ -193,4 +193,3 @@ REQUEST: foreach (@ARGV) {
STDERR->printflush(", $output written.\n") if $options{v};
}
$curl->cleanup();
-WWW::Curl::Easy::global_cleanup();
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-25 09:44:25 +0000