Fix broken build
[openssl.git] / apps / smime.c
index a76e88d..94c2884 100644 (file)
@@ -1,5 +1,5 @@
 /* smime.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project.
  */
 /* ====================================================================
@@ -93,7 +93,7 @@ int MAIN(int argc, char **argv)
        const char *inmode = "r", *outmode = "w";
        char *infile = NULL, *outfile = NULL;
        char *signerfile = NULL, *recipfile = NULL;
-       STACK *sksigners = NULL, *skkeys = NULL;
+       STACK_OF(OPENSSL_STRING) *sksigners = NULL, *skkeys = NULL;
        char *certfile = NULL, *keyfile = NULL, *contfile=NULL;
        const EVP_CIPHER *cipher = NULL;
        PKCS7 *p7 = NULL;
@@ -260,13 +260,13 @@ int MAIN(int argc, char **argv)
                        if (signerfile)
                                {
                                if (!sksigners)
-                                       sksigners = sk_new_null();
-                               sk_push(sksigners, signerfile);
+                                       sksigners = sk_OPENSSL_STRING_new_null();
+                               sk_OPENSSL_STRING_push(sksigners, signerfile);
                                if (!keyfile)
                                        keyfile = signerfile;
                                if (!skkeys)
-                                       skkeys = sk_new_null();
-                               sk_push(skkeys, keyfile);
+                                       skkeys = sk_OPENSSL_STRING_new_null();
+                               sk_OPENSSL_STRING_push(skkeys, keyfile);
                                keyfile = NULL;
                                }
                        signerfile = *++args;
@@ -302,12 +302,12 @@ int MAIN(int argc, char **argv)
                                        goto argerr;
                                        }
                                if (!sksigners)
-                                       sksigners = sk_new_null();
-                               sk_push(sksigners, signerfile);
+                                       sksigners = sk_OPENSSL_STRING_new_null();
+                               sk_OPENSSL_STRING_push(sksigners, signerfile);
                                signerfile = NULL;
                                if (!skkeys)
-                                       skkeys = sk_new_null();
-                               sk_push(skkeys, keyfile);
+                                       skkeys = sk_OPENSSL_STRING_new_null();
+                               sk_OPENSSL_STRING_push(skkeys, keyfile);
                                }
                        keyfile = *++args;
                        }
@@ -389,13 +389,13 @@ int MAIN(int argc, char **argv)
                if (signerfile)
                        {
                        if (!sksigners)
-                               sksigners = sk_new_null();
-                       sk_push(sksigners, signerfile);
+                               sksigners = sk_OPENSSL_STRING_new_null();
+                       sk_OPENSSL_STRING_push(sksigners, signerfile);
                        if (!skkeys)
-                               skkeys = sk_new_null();
+                               skkeys = sk_OPENSSL_STRING_new_null();
                        if (!keyfile)
                                keyfile = signerfile;
-                       sk_push(skkeys, keyfile);
+                       sk_OPENSSL_STRING_push(skkeys, keyfile);
                        }
                if (!sksigners)
                        {
@@ -479,6 +479,7 @@ int MAIN(int argc, char **argv)
                BIO_printf (bio_err, "-text          include or delete text MIME headers\n");
                BIO_printf (bio_err, "-CApath dir    trusted certificates directory\n");
                BIO_printf (bio_err, "-CAfile file   trusted certificates file\n");
+               BIO_printf (bio_err, "-trusted_first use locally trusted CA's first when building trust chain\n");
                BIO_printf (bio_err, "-crl_check     check revocation status of signer's certificate using CRLs\n");
                BIO_printf (bio_err, "-crl_check_all check revocation status of signer's certificate chain using CRLs\n");
 #ifndef OPENSSL_NO_ENGINE
@@ -541,8 +542,8 @@ int MAIN(int argc, char **argv)
                {
                if (!cipher)
                        {
-#ifndef OPENSSL_NO_RC2                 
-                       cipher = EVP_rc2_40_cbc();
+#ifndef OPENSSL_NO_DES                 
+                       cipher = EVP_des_ede3_cbc();
 #else
                        BIO_printf(bio_err, "No cipher selected\n");
                        goto end;
@@ -671,7 +672,7 @@ int MAIN(int argc, char **argv)
                {
                if (!(store = setup_verify(bio_err, CAfile, CApath)))
                        goto end;
-               X509_STORE_set_verify_cb_func(store, smime_cb);
+               X509_STORE_set_verify_cb(store, smime_cb);
                if (vpm)
                        X509_STORE_set1_param(store, vpm);
                }
@@ -688,22 +689,37 @@ int MAIN(int argc, char **argv)
        else if (operation & SMIME_SIGNERS)
                {
                int i;
-               /* If detached data and SMIME output enable partial
-                * signing.
+               /* If detached data content we only enable streaming if
+                * S/MIME output format.
                 */
                if (operation == SMIME_SIGN)
                        {
-                       if (indef || (flags & PKCS7_DETACHED))
+                       if (flags & PKCS7_DETACHED)
+                               {
+                               if (outformat == FORMAT_SMIME)
+                                       flags |= PKCS7_STREAM;
+                               }
+                       else if (indef)
                                flags |= PKCS7_STREAM;
                        flags |= PKCS7_PARTIAL;
                        p7 = PKCS7_sign(NULL, NULL, other, in, flags);
+                       if (!p7)
+                               goto end;
+                       if (flags & PKCS7_NOCERTS)
+                               {
+                               for (i = 0; i < sk_X509_num(other); i++)
+                                       {
+                                       X509 *x = sk_X509_value(other, i);
+                                       PKCS7_add_certificate(p7, x);
+                                       }
+                               }
                        }
                else
                        flags |= PKCS7_REUSE_DIGEST;
-               for (i = 0; i < sk_num(sksigners); i++)
+               for (i = 0; i < sk_OPENSSL_STRING_num(sksigners); i++)
                        {
-                       signerfile = sk_value(sksigners, i);
-                       keyfile = sk_value(skkeys, i);
+                       signerfile = sk_OPENSSL_STRING_value(sksigners, i);
+                       keyfile = sk_OPENSSL_STRING_value(skkeys, i);
                        signer = load_cert(bio_err, signerfile,FORMAT_PEM, NULL,
                                        e, "signer certificate");
                        if (!signer)
@@ -800,9 +816,9 @@ end:
        if (vpm)
                X509_VERIFY_PARAM_free(vpm);
        if (sksigners)
-               sk_free(sksigners);
+               sk_OPENSSL_STRING_free(sksigners);
        if (skkeys)
-               sk_free(skkeys);
+               sk_OPENSSL_STRING_free(skkeys);
        X509_STORE_free(store);
        X509_free(cert);
        X509_free(recip);