Few cleanups in s_client, s_server apps.

Discard useless static engine_id
Add a const qualifier
Fix some spelling

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

diff --git a/apps/apps.c b/apps/apps.c
index cca42ac30756e65e68e358aa733d8ff88569fb12..b41acced7b5cf6df7ee0ba0ff2d6364a29283523 100644 (file)
--- a/apps/apps.c
+++ b/apps/apps.c
@@ -1413,7 +1413,7 @@ int save_serial(char *serialfile, char *suffix, BIGNUM *serial,
 
 int rotate_serial(char *serialfile, char *new_suffix, char *old_suffix)
 {
-    char buf[5][BSIZE];
+    char buf[2][BSIZE];
     int i, j;
 
     i = strlen(serialfile) + strlen(old_suffix);
@@ -1782,6 +1782,7 @@ int bio_to_mem(unsigned char **out, int maxlen, BIO *in)
     BIO *mem;
     int len, ret;
     unsigned char tbuf[1024];
+
     mem = BIO_new(BIO_s_mem());
     if (mem == NULL)
         return -1;

diff --git a/apps/s_client.c b/apps/s_client.c
index f12c378d94bb0e5a963c00480585d1431124de25..01d1036209e2c32bd471e1b110ac9b76259d6a6f 100644 (file)
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -242,7 +242,7 @@ typedef struct srp_arg_st {
     int msg;                    /* copy from c_msg */
     int debug;                  /* copy from c_debug */
     int amp;                    /* allow more groups */
-    int strength /* minimal size for N */ ;
+    int strength;               /* minimal size for N */
 } SRP_ARG;
 
 # define SRP_NUMBER_ITERATIONS_FOR_PRIME 64
@@ -276,7 +276,7 @@ static int srp_Verify_N_and_g(const BIGNUM *N, const BIGNUM *g)
  * The callback is only called for a non default group.
  *
  * An application does not need the call back at all if
- * only the stanard groups are used.  In real life situations,
+ * only the standard groups are used.  In real life situations,
  * client and server already share well known groups,
  * thus there is no need to verify them.
  * Furthermore, in case that a server actually proposes a group that
@@ -549,8 +549,14 @@ typedef enum OPTION_choice {
     OPT_DEBUG, OPT_TLSEXTDEBUG, OPT_STATUS, OPT_WDEBUG,
     OPT_MSG, OPT_MSGFILE, OPT_ENGINE, OPT_TRACE, OPT_SECURITY_DEBUG,
     OPT_SECURITY_DEBUG_VERBOSE, OPT_SHOWCERTS, OPT_NBIO_TEST, OPT_STATE,
-    OPT_PSK_IDENTITY, OPT_PSK, OPT_SRPUSER, OPT_SRPPASS, OPT_SRP_STRENGTH,
-    OPT_SRP_LATEUSER, OPT_SRP_MOREGROUPS, OPT_SSL3, OPT_SSL_CONFIG,
+#ifndef OPENSSL_NO_PSK
+    OPT_PSK_IDENTITY, OPT_PSK,
+#endif
+#ifndef OPENSSL_NO_SRP
+    OPT_SRPUSER, OPT_SRPPASS, OPT_SRP_STRENGTH, OPT_SRP_LATEUSER,
+    OPT_SRP_MOREGROUPS,
+#endif
+    OPT_SSL3, OPT_SSL_CONFIG,
     OPT_TLS1_2, OPT_TLS1_1, OPT_TLS1, OPT_DTLS, OPT_DTLS1,
     OPT_DTLS1_2, OPT_TIMEOUT, OPT_MTU, OPT_KEYFORM, OPT_PASS,
     OPT_CERT_CHAIN, OPT_CAPATH, OPT_NOCAPATH, OPT_CHAINCAPATH, OPT_VERIFYCAPATH,
@@ -711,7 +717,7 @@ OPTIONS s_client_options[] = {
     {"psk", OPT_PSK, 's', "PSK in hex (without 0x)"},
 #endif
 #ifndef OPENSSL_NO_SRP
-    {"srpuser", OPT_SRPUSER, 's', "SRP authentification for 'user'"},
+    {"srpuser", OPT_SRPUSER, 's', "SRP authentication for 'user'"},
     {"srppass", OPT_SRPPASS, 's', "Password for 'user'"},
     {"srp_lateuser", OPT_SRP_LATEUSER, '-',
      "SRP username into second ClientHello message"},
@@ -733,7 +739,7 @@ OPTIONS s_client_options[] = {
     {"noct", OPT_NOCT, '-', "Do not request or parse SCTs (default)"},
     {"ctlogfile", OPT_CTLOG_FILE, '<', "CT log list CONF file"},
 #endif
-    {NULL}
+    {NULL, OPT_EOF, 0x00, NULL}
 };
 
 typedef enum PROTOCOL_choice {
@@ -749,7 +755,7 @@ typedef enum PROTOCOL_choice {
     PROTO_IRC
 } PROTOCOL_CHOICE;
 
-static OPT_PAIR services[] = {
+static const OPT_PAIR services[] = {
     {"smtp", PROTO_SMTP},
     {"pop3", PROTO_POP3},
     {"imap", PROTO_IMAP},
@@ -758,7 +764,7 @@ static OPT_PAIR services[] = {
     {"xmpp-server", PROTO_XMPP_SERVER},
     {"telnet", PROTO_TELNET},
     {"irc", PROTO_IRC},
-    {NULL}
+    {NULL, 0}
 };
 
 int s_client_main(int argc, char **argv)
@@ -1034,7 +1040,6 @@ int s_client_main(int argc, char **argv)
                 BIO_printf(bio_err, "Error getting client auth engine\n");
                 goto opthelp;
             }
-            break;
 #endif
             break;
         case OPT_RAND:
@@ -1098,10 +1103,6 @@ int s_client_main(int argc, char **argv)
                 goto end;
             }
             break;
-#else
-        case OPT_PSK_IDENTITY:
-        case OPT_PSK:
-            break;
 #endif
 #ifndef OPENSSL_NO_SRP
         case OPT_SRPUSER:
@@ -1131,13 +1132,6 @@ int s_client_main(int argc, char **argv)
             if (min_version < TLS1_VERSION)
                 min_version = TLS1_VERSION;
             break;
-#else
-        case OPT_SRPUSER:
-        case OPT_SRPPASS:
-        case OPT_SRP_STRENGTH:
-        case OPT_SRP_LATEUSER:
-        case OPT_SRP_MOREGROUPS:
-            break;
 #endif
         case OPT_SSL_CONFIG:
             ssl_config = opt_arg();
@@ -1700,9 +1694,9 @@ int s_client_main(int argc, char **argv)
             goto end;
         }
     } else if (dane_tlsa_rrset != NULL) {
-            BIO_printf(bio_err, "%s: DANE TLSA authentication requires the "
-                       "-dane_tlsa_domain option.\n", prog);
-            goto end;
+        BIO_printf(bio_err, "%s: DANE TLSA authentication requires the "
+                   "-dane_tlsa_domain option.\n", prog);
+        goto end;
     }
 
  re_start:
@@ -2572,6 +2566,7 @@ static void print_stuff(BIO *bio, SSL *s, int full)
                SSL_CIPHER_get_version(c), SSL_CIPHER_get_name(c));
     if (peer != NULL) {
         EVP_PKEY *pktmp;
+
         pktmp = X509_get0_pubkey(peer);
         BIO_printf(bio, "Server public key is %d bit\n",
                    EVP_PKEY_bits(pktmp));

diff --git a/apps/s_server.c b/apps/s_server.c
index 3e1e1ae68685e44acb13b4e03155eec4f15456c1..dd1247586950067acbaafba8d369a918b44c6d6b 100644 (file)
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -146,9 +146,6 @@ static int async = 0;
 static unsigned int split_send_fragment = 0;
 static unsigned int max_pipelines = 0;
 
-#ifndef OPENSSL_NO_ENGINE
-static char *engine_id = NULL;
-#endif
 static const char *session_id_prefix = NULL;
 
 #ifndef OPENSSL_NO_DTLS
@@ -305,9 +302,6 @@ static void s_server_init(void)
     async = 0;
     split_send_fragment = 0;
     max_pipelines = 0;
-#ifndef OPENSSL_NO_ENGINE
-    engine_id = NULL;
-#endif
 }
 
 static int local_argc = 0;
@@ -919,12 +913,12 @@ OPTIONS s_server_options[] = {
 #ifndef OPENSSL_NO_ENGINE
     {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
 #endif
-    {NULL}
+    {NULL, OPT_EOF, 0, NULL}
 };
 
 int s_server_main(int argc, char *argv[])
 {
-    ENGINE *e = NULL;
+    ENGINE *engine = NULL;
     EVP_PKEY *s_key = NULL, *s_dkey = NULL;
     SSL_CONF_CTX *cctx = NULL;
     const SSL_METHOD *meth = TLS_server_method();
@@ -1396,7 +1390,7 @@ int s_server_main(int argc, char *argv[])
             session_id_prefix = opt_arg();
             break;
         case OPT_ENGINE:
-            e = setup_engine(opt_arg(), 1);
+            engine = setup_engine(opt_arg(), 1);
             break;
         case OPT_RAND:
             inrand = opt_arg();
@@ -1502,7 +1496,7 @@ int s_server_main(int argc, char *argv[])
         goto end;
 
     if (nocert == 0) {
-        s_key = load_key(s_key_file, s_key_format, 0, pass, e,
+        s_key = load_key(s_key_file, s_key_format, 0, pass, engine,
                          "server certificate private key file");
         if (!s_key) {
             ERR_print_errors(bio_err);
@@ -1523,7 +1517,7 @@ int s_server_main(int argc, char *argv[])
         }
 
         if (tlsextcbp.servername) {
-            s_key2 = load_key(s_key_file2, s_key_format, 0, pass, e,
+            s_key2 = load_key(s_key_file2, s_key_format, 0, pass, engine,
                               "second server certificate private key file");
             if (!s_key2) {
                 ERR_print_errors(bio_err);
@@ -1582,7 +1576,7 @@ int s_server_main(int argc, char *argv[])
             s_dkey_file = s_dcert_file;
 
         s_dkey = load_key(s_dkey_file, s_dkey_format,
-                          0, dpass, e, "second certificate private key file");
+                          0, dpass, engine, "second certificate private key file");
         if (!s_dkey) {
             ERR_print_errors(bio_err);
             goto end;