PR: 2710

[openssl.git] / apps / apps.c

diff --git a/apps/apps.c b/apps/apps.c
index 3edb76c8719dccb79a2b799858898699e91444bb..9eff4efb50b6ac97e6b03cdd3b26aa9bdce73381 100644 (file)
--- a/apps/apps.c
+++ b/apps/apps.c
@@ -257,6 +257,8 @@ int args_from_file(char *file, int *argc, char **argv[])
 
 int str2fmt(char *s)
        {
+       if (s == NULL)
+               return FORMAT_UNDEF;
        if      ((*s == 'D') || (*s == 'd'))
                return(FORMAT_ASN1);
        else if ((*s == 'T') || (*s == 't'))
@@ -377,13 +379,12 @@ void program_name(char *in, char *out, int size)
 
 int chopup_args(ARGS *arg, char *buf, int *argc, char **argv[])
        {
-       int num,len,i;
+       int num,i;
        char *p;
 
        *argc=0;
        *argv=NULL;
 
-       len=strlen(buf);
        i=0;
        if (arg->count == 0)
                {
@@ -797,7 +798,9 @@ X509 *load_cert(BIO *err, const char *file, int format,
        if (file == NULL)
                {
 #ifdef _IONBF
+# ifndef OPENSSL_NO_SETVBUF_IONBF
                setvbuf(stdin, NULL, _IONBF, 0);
+# endif /* ndef OPENSSL_NO_SETVBUF_IONBF */
 #endif
                BIO_set_fp(cert,stdin,BIO_NOCLOSE);
                }
@@ -875,10 +878,17 @@ EVP_PKEY *load_key(BIO *err, const char *file, int format, int maybe_stdin,
        if (format == FORMAT_ENGINE)
                {
                if (!e)
-                       BIO_printf(bio_err,"no engine specified\n");
+                       BIO_printf(err,"no engine specified\n");
                else
+                       {
                        pkey = ENGINE_load_private_key(e, file,
                                ui_method, &cb_data);
+                       if (!pkey) 
+                               {
+                               BIO_printf(err,"cannot load %s from engine\n",key_descrip);
+                               ERR_print_errors(err);
+                               }       
+                       }
                goto end;
                }
 #endif
@@ -891,7 +901,9 @@ EVP_PKEY *load_key(BIO *err, const char *file, int format, int maybe_stdin,
        if (file == NULL && maybe_stdin)
                {
 #ifdef _IONBF
+# ifndef OPENSSL_NO_SETVBUF_IONBF
                setvbuf(stdin, NULL, _IONBF, 0);
+# endif /* ndef OPENSSL_NO_SETVBUF_IONBF */
 #endif
                BIO_set_fp(key,stdin,BIO_NOCLOSE);
                }
@@ -923,7 +935,7 @@ EVP_PKEY *load_key(BIO *err, const char *file, int format, int maybe_stdin,
                                &pkey, NULL, NULL))
                        goto end;
                }
-#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DSA)
+#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DSA) && !defined (OPENSSL_NO_RC4)
        else if (format == FORMAT_MSBLOB)
                pkey = b2i_PrivateKey_bio(key);
        else if (format == FORMAT_PVK)
@@ -937,8 +949,11 @@ EVP_PKEY *load_key(BIO *err, const char *file, int format, int maybe_stdin,
                }
  end:
        if (key != NULL) BIO_free(key);
-       if (pkey == NULL)
+       if (pkey == NULL) 
+               {
                BIO_printf(err,"unable to load %s\n", key_descrip);
+               ERR_print_errors(err);
+               }       
        return(pkey);
        }
 
@@ -977,7 +992,9 @@ EVP_PKEY *load_pubkey(BIO *err, const char *file, int format, int maybe_stdin,
        if (file == NULL && maybe_stdin)
                {
 #ifdef _IONBF
+# ifndef OPENSSL_NO_SETVBUF_IONBF
                setvbuf(stdin, NULL, _IONBF, 0);
+# endif /* ndef OPENSSL_NO_SETVBUF_IONBF */
 #endif
                BIO_set_fp(key,stdin,BIO_NOCLOSE);
                }
@@ -1198,7 +1215,8 @@ STACK_OF(X509) *load_certs(BIO *err, const char *file, int format,
        const char *pass, ENGINE *e, const char *desc)
        {
        STACK_OF(X509) *certs;
-       load_certs_crls(err, file, format, pass, e, desc, &certs, NULL);
+       if (!load_certs_crls(err, file, format, pass, e, desc, &certs, NULL))
+               return NULL;
        return certs;
        }       
 
@@ -1206,7 +1224,8 @@ STACK_OF(X509_CRL) *load_crls(BIO *err, const char *file, int format,
        const char *pass, ENGINE *e, const char *desc)
        {
        STACK_OF(X509_CRL) *crls;
-       load_certs_crls(err, file, format, pass, e, desc, NULL, &crls);
+       if (!load_certs_crls(err, file, format, pass, e, desc, NULL, &crls))
+               return NULL;
        return crls;
        }       
 
@@ -2240,6 +2259,7 @@ int args_verify(char ***pargs, int *pargc,
        char **oldargs = *pargs;
        char *arg = **pargs, *argn = (*pargs)[1];
        const X509_VERIFY_PARAM *vpm = NULL;
+       time_t at_time = 0;
        if (!strcmp(arg, "-policy"))
                {
                if (!argn)
@@ -2307,6 +2327,26 @@ int args_verify(char ***pargs, int *pargc,
                        }
                (*pargs)++;
                }
+       else if (strcmp(arg,"-attime") == 0)
+               {
+               if (!argn)
+                       *badarg = 1;
+               else
+                       {
+                       long timestamp;
+                       /* interpret argument as seconds since Epoch */
+                       if (sscanf(argn, "%li", &timestamp) != 1)
+                               {
+                               BIO_printf(bio_err,
+                                               "Error parsing timestamp %s\n",
+                                               argn);
+                               *badarg = 1;
+                               }
+                       /* on some platforms time_t may be a float */
+                       at_time = (time_t) timestamp;
+                       }
+               (*pargs)++;
+               }
        else if (!strcmp(arg, "-ignore_critical"))
                flags |= X509_V_FLAG_IGNORE_CRITICAL;
        else if (!strcmp(arg, "-issuer_checks"))
@@ -2366,6 +2406,9 @@ int args_verify(char ***pargs, int *pargc,
        if (depth >= 0)
                X509_VERIFY_PARAM_set_depth(*pm, depth);
 
+       if (at_time) 
+               X509_VERIFY_PARAM_set_time(*pm, at_time);
+
        end:
 
        (*pargs)++;
@@ -3022,3 +3065,46 @@ int raw_write_stdout(const void *buf,int siz)
 int raw_write_stdout(const void *buf,int siz)
        {       return write(fileno(stdout),buf,siz);   }
 #endif
+
+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
+/* next_protos_parse parses a comma separated list of strings into a string
+ * in a format suitable for passing to SSL_CTX_set_next_protos_advertised.
+ *   outlen: (output) set to the length of the resulting buffer on success.
+ *   in: a NUL termianted string like "abc,def,ghi"
+ *
+ *   returns: a malloced buffer or NULL on failure.
+ */
+unsigned char *next_protos_parse(unsigned short *outlen, const char *in)
+       {
+       size_t len;
+       unsigned char *out;
+       size_t i, start = 0;
+
+       len = strlen(in);
+       if (len >= 65535)
+               return NULL;
+
+       out = OPENSSL_malloc(strlen(in) + 1);
+       if (!out)
+               return NULL;
+
+       for (i = 0; i <= len; ++i)
+               {
+               if (i == len || in[i] == ',')
+                       {
+                       if (i - start > 255)
+                               {
+                               OPENSSL_free(out);
+                               return NULL;
+                               }
+                       out[start] = i - start;
+                       start = i + 1;
+                       }
+               else
+                       out[i+1] = in[i];
+               }
+
+       *outlen = len + 1;
+       return out;
+       }
+#endif  /* !OPENSSL_NO_TLSEXT && !OPENSSL_NO_NEXTPROTONEG */