X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=apps%2Fts.c;h=ae7604cc698c63457d565e8e320cc41c5e22a85d;hp=f0923360a7bfbd7978fd86bd2f795cf6744a2f80;hb=1769dfab06dcf93a1c310ca7ea9531afcc448d0a;hpb=b4e88ccb2875b414c3882759a1f1c6a4a07df389

diff --git a/apps/ts.c b/apps/ts.c
index f0923360a7..ae7604cc69 100644
--- a/apps/ts.c
+++ b/apps/ts.c
@@ -65,6 +65,7 @@
 #include <openssl/pem.h>
 #include <openssl/rand.h>
 #include <openssl/ts.h>
+#include <openssl/bn.h>
 
 #undef PROG
 #define PROG	ts_main
@@ -164,6 +165,9 @@ int MAIN(int argc, char **argv)
 		BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
 		}
 
+	if (!load_config(bio_err, NULL))
+		goto cleanup;
+
 	for (argc--, argv++; argc > 0; argc--, argv++)
 		{
 		if (strcmp(*argv, "-config") == 0)
@@ -597,6 +601,8 @@ static int create_digest(BIO *input, char *digest, const EVP_MD *md,
 	int md_value_len;
 
 	md_value_len = EVP_MD_size(md);
+	if (md_value_len < 0)
+	    goto err;
 	if (input)
 		{
 		/* Digest must be computed from an input file. */
@@ -612,7 +618,8 @@ static int create_digest(BIO *input, char *digest, const EVP_MD *md,
 			{
 			EVP_DigestUpdate(&md_ctx, buffer, length);
 			}
-		EVP_DigestFinal(&md_ctx, *md_value, NULL);
+		if (!EVP_DigestFinal(&md_ctx, *md_value, NULL))
+			return 0;
 		}
 	else
 		{
@@ -643,7 +650,7 @@ static ASN1_INTEGER *create_nonce(int bits)
 
 	/* Generating random byte sequence. */
 	if (len > (int)sizeof(buf)) goto err;
-	if (!RAND_bytes(buf, len)) goto err;
+	if (RAND_bytes(buf, len) <= 0) goto err;
 
 	/* Find the first non-zero byte and creating ASN1_INTEGER object. */
 	for (i = 0; i < len && !buf[i]; ++i);
@@ -812,9 +819,10 @@ static TS_RESP *create_response(CONF *conf, const char *section, char *engine,
 
 	/* Setting serial number provider callback. */
 	if (!TS_CONF_set_serial(conf, section, serial_cb, resp_ctx)) goto end;
-
+#ifndef OPENSSL_NO_ENGINE
 	/* Setting default OpenSSL engine. */
 	if (!TS_CONF_set_crypto_device(conf, section, engine)) goto end;
+#endif
 
 	/* Setting TSA signer certificate. */
 	if (!TS_CONF_set_signer_cert(conf, section, signer, resp_ctx)) goto end;
@@ -1076,7 +1084,7 @@ static X509_STORE *create_cert_store(char *ca_path, char *ca_file)
 	cert_ctx = X509_STORE_new();
 
 	/* Setting the callback for certificate chain verification. */
-	X509_STORE_set_verify_cb_func(cert_ctx, verify_cb);
+	X509_STORE_set_verify_cb(cert_ctx, verify_cb);
 
 	/* Adding a trusted certificate directory source. */
 	if (ca_path)