Workaround for some CMS signature formats.

[openssl.git] / apps / apps.c

diff --git a/apps/apps.c b/apps/apps.c
index 7f057fb4b2303b491e2f806ce440294bb02b556b..b99996e944cd7e4c69f33677506c46157a9baac5 100644 (file)
--- a/apps/apps.c
+++ b/apps/apps.c
@@ -118,7 +118,7 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
-#if !defined(OPENSSL_SYSNAME_WIN32) && !defined(NETWARE_CLIB)
+#if !defined(OPENSSL_SYSNAME_WIN32) && !defined(OPENSSL_SYSNAME_WINCE) && !defined(NETWARE_CLIB)
 #include <strings.h>
 #endif
 #include <sys/types.h>
@@ -2527,6 +2527,8 @@ int args_verify(char ***pargs, int *pargc,
                flags |= X509_V_FLAG_SUITEB_128_LOS;
        else if (!strcmp(arg, "-suiteB_192"))
                flags |= X509_V_FLAG_SUITEB_192_LOS;
+       else if (!strcmp(arg, "-partial_chain"))
+               flags |= X509_V_FLAG_PARTIAL_CHAIN;
        else
                return 0;
 
@@ -2862,6 +2864,9 @@ void jpake_client_auth(BIO *out, BIO *conn, const char *secret)
 
        BIO_puts(out, "JPAKE authentication succeeded, setting PSK\n");
 
+       if (psk_key)
+               OPENSSL_free(psk_key);
+
        psk_key = BN_bn2hex(JPAKE_get_shared_key(ctx));
 
        BIO_pop(bconn);
@@ -2891,6 +2896,9 @@ void jpake_server_auth(BIO *out, BIO *conn, const char *secret)
 
        BIO_puts(out, "JPAKE authentication succeeded, setting PSK\n");
 
+       if (psk_key)
+               OPENSSL_free(psk_key);
+
        psk_key = BN_bn2hex(JPAKE_get_shared_key(ctx));
 
        BIO_pop(bconn);
@@ -2901,7 +2909,7 @@ void jpake_server_auth(BIO *out, BIO *conn, const char *secret)
 
 #endif
 
-#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
+#ifndef OPENSSL_NO_TLSEXT
 /* next_protos_parse parses a comma separated list of strings into a string
  * in a format suitable for passing to SSL_CTX_set_next_protos_advertised.
  *   outlen: (output) set to the length of the resulting buffer on success.
@@ -2943,7 +2951,7 @@ unsigned char *next_protos_parse(unsigned short *outlen, const char *in)
        *outlen = len + 1;
        return out;
        }
-#endif  /* !OPENSSL_NO_TLSEXT && !OPENSSL_NO_NEXTPROTONEG */
+#endif  /* ndef OPENSSL_NO_TLSEXT */
 
 void print_cert_checks(BIO *bio, X509 *x,
                                const unsigned char *checkhost,
@@ -3125,7 +3133,7 @@ double app_tminterval(int stop,int usertime)
 
        if (proc==NULL)
                {
-               if (GetVersion() < 0x80000000)
+               if (check_winnt())
                        proc = OpenProcess(PROCESS_QUERY_INFORMATION,FALSE,
                                                GetCurrentProcessId());
                if (proc==NULL) proc = (HANDLE)-1;