Centralise loading default apps config file

Loading the config file after processing command line options can
cause problems, e.g. where an engine provides new ciphers/digests
these are not then recoginised on the command line. Move the
default config file loading to before the command line option
processing. Whilst we're doing this we might as well centralise
this instead of doing it individually for each application. Finally
if we do it before the OpenSSL_add_ssl_algorithms() call then
ciphersuites provided by an engine (e.g. GOST) can be available to
the apps.

RT#4085
RT#4086

Reviewed-by: Richard Levitte <levitte@openssl.org>

diff --git a/apps/asn1pars.c b/apps/asn1pars.c
index 574b03f559364cf728c6f2c541dea3f6d0ee3b68..6f88a1dca4b61bd4a7f3c153ad2c33e7cac86b85 100644 (file)
--- a/apps/asn1pars.c
+++ b/apps/asn1pars.c
@@ -186,9 +186,6 @@ int asn1parse_main(int argc, char **argv)
     argc = opt_num_rest();
     argv = opt_rest();
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     if (oidfile != NULL) {
         in = bio_open_default(oidfile, 'r', FORMAT_TEXT);
         if (in == NULL)

diff --git a/apps/ca.c b/apps/ca.c
index defbf007f6732ed1537feb92b2673fd6f190b427..586fbe4b5689a4b92f47f42a65931cc4bc5fd8f6 100644 (file)
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -484,10 +484,13 @@ end_of_options:
     argv = opt_rest();
 
     BIO_printf(bio_err, "Using configuration from %s\n", configfile);
-    if ((conf = app_load_config(configfile)) == NULL)
-        goto end;
-    if (!app_load_modules(conf))
-        goto end;
+    /* We already loaded the default config file */
+    if (configfile != default_config_file) {
+        if ((conf = app_load_config(configfile)) == NULL)
+            goto end;
+        if (!app_load_modules(conf))
+            goto end;
+    }
 
     /* Lets get the config section we are using */
     if (section == NULL) {

diff --git a/apps/ciphers.c b/apps/ciphers.c
index a2ccf2842d81e417e7724f6a3a433385954c4192..bf3c20499e1f35db9b3340ac72a0e440c888045c 100644 (file)
--- a/apps/ciphers.c
+++ b/apps/ciphers.c
@@ -144,9 +144,6 @@ int ciphers_main(int argc, char **argv)
     else if (argc != 0)
         goto opthelp;
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     ctx = SSL_CTX_new(meth);
     if (ctx == NULL)
         goto err;

diff --git a/apps/cms.c b/apps/cms.c
index 6ed9338685c0f8739130b8783ba8e09c0a53ab83..fef34034bc073c81e3779026517a2f3a19414c98 100644 (file)
--- a/apps/cms.c
+++ b/apps/cms.c
@@ -684,9 +684,6 @@ int cms_main(int argc, char **argv)
         goto end;
     }
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     if (need_rand) {
         app_RAND_load_file(NULL, (inrand != NULL));
         if (inrand != NULL)

diff --git a/apps/crl.c b/apps/crl.c
index 253f7a5b75c7bf7e709205ae2923a849583bd1f1..b2a5d7f54db30c49d49ebbb71a030b582baa2491 100644 (file)
--- a/apps/crl.c
+++ b/apps/crl.c
@@ -232,9 +232,6 @@ int crl_main(int argc, char **argv)
     if (!nmflag_set)
         nmflag = XN_FLAG_ONELINE;
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     x = load_crl(infile, informat);
     if (x == NULL)
         goto end;

diff --git a/apps/crl2p7.c b/apps/crl2p7.c
index 8cc1b62efe0485553ede7928b2a448e24b8261a8..930875ac84e4b306211a38f8112f920bbdda3192 100644 (file)
--- a/apps/crl2p7.c
+++ b/apps/crl2p7.c
@@ -148,9 +148,6 @@ int crl2pkcs7_main(int argc, char **argv)
     argc = opt_num_rest();
     argv = opt_rest();
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     if (!nocrl) {
         in = bio_open_default(infile, 'r', informat);
         if (in == NULL)

diff --git a/apps/dgst.c b/apps/dgst.c
index 1e3a72ccb46314e12df66dc1e5ca0ebc58d3de42..e62a8de4133ce98930c5114cddac857c94123d23 100644 (file)
--- a/apps/dgst.c
+++ b/apps/dgst.c
@@ -236,9 +236,6 @@ int dgst_main(int argc, char **argv)
     argc = opt_num_rest();
     argv = opt_rest();
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     if (do_verify && !sigfile) {
         BIO_printf(bio_err,
                    "No signature to verify: use the -signature option\n");

diff --git a/apps/dhparam.c b/apps/dhparam.c
index 334a129b1bf80c98d1ae00de92c2597f5e0b375e..17c0b5b42002d018c54c01dca6a0063e099ad33d 100644 (file)
--- a/apps/dhparam.c
+++ b/apps/dhparam.c
@@ -230,9 +230,6 @@ int dhparam_main(int argc, char **argv)
     argc = opt_num_rest();
     argv = opt_rest();
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     if (argv[0] && (!opt_int(argv[0], &num) || num <= 0))
         goto end;
 

diff --git a/apps/dsa.c b/apps/dsa.c
index d829f980fa4b55b5eaced7539486157ab1ce8ebe..9dcc75e88ab438878610a94029c7b81bab8abff8 100644 (file)
--- a/apps/dsa.c
+++ b/apps/dsa.c
@@ -202,9 +202,6 @@ int dsa_main(int argc, char **argv)
         goto end;
     }
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     BIO_printf(bio_err, "read DSA key\n");
     {
         EVP_PKEY *pkey;

diff --git a/apps/dsaparam.c b/apps/dsaparam.c
index 1ba93e603f7a2bc39fc6c1cb0d664e974c78e970..a0a3372f80b13eaa380633b53e4479b78816e312 100644 (file)
--- a/apps/dsaparam.c
+++ b/apps/dsaparam.c
@@ -183,9 +183,6 @@ int dsaparam_main(int argc, char **argv)
     argc = opt_num_rest();
     argv = opt_rest();
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     if (argc == 1) {
         if (!opt_int(argv[0], &num))
             goto end;

diff --git a/apps/ec.c b/apps/ec.c
index a30d3f0a40db4a31d518245e79992a93036cc844..3c38e6157bc44f28e53bab9862cc5df18f5abbaa 100644 (file)
--- a/apps/ec.c
+++ b/apps/ec.c
@@ -202,9 +202,6 @@ int ec_main(int argc, char **argv)
         goto end;
     }
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     in = bio_open_default(infile, 'r', informat);
     if (in == NULL)
         goto end;

diff --git a/apps/ecparam.c b/apps/ecparam.c
index 5a98f454fb5f035d6cef3f70bb9d3a55c6ee71cc..9d13447283a6d4c643fa8ae95da43f2b9f516704 100644 (file)
--- a/apps/ecparam.c
+++ b/apps/ecparam.c
@@ -220,9 +220,6 @@ int ecparam_main(int argc, char **argv)
     argv = opt_rest();
     private = genkey ? 1 : 0;
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     in = bio_open_default(infile, 'r', informat);
     if (in == NULL)
         goto end;

diff --git a/apps/enc.c b/apps/enc.c
index 5ffb1f030c3a55bf81ddedbff6b445658752042c..b0c82d6a34eba452c85ce736d9de1c1b70697862 100644 (file)
--- a/apps/enc.c
+++ b/apps/enc.c
@@ -295,9 +295,6 @@ int enc_main(int argc, char **argv)
     argc = opt_num_rest();
     argv = opt_rest();
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     if (cipher && EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) {
         BIO_printf(bio_err, "%s: AEAD ciphers not supported\n", prog);
         goto end;

diff --git a/apps/engine.c b/apps/engine.c
index b1c13715287831aae676e8537ab57a87ca106dfb..b4da23ee8915297e971e6db7c05a211c8b93410c 100644 (file)
--- a/apps/engine.c
+++ b/apps/engine.c
@@ -369,9 +369,6 @@ int engine_main(int argc, char **argv)
         }
     }
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     for (i = 0; i < sk_OPENSSL_STRING_num(engines); i++) {
         const char *id = sk_OPENSSL_STRING_value(engines, i);
         if ((e = ENGINE_by_id(id)) != NULL) {

diff --git a/apps/gendsa.c b/apps/gendsa.c
index f1e1f54b8a463f3f8d845b262d5041129151b586..5d5cb5efddc8fb7697fed94588394229c65869f4 100644 (file)
--- a/apps/gendsa.c
+++ b/apps/gendsa.c
@@ -144,9 +144,6 @@ int gendsa_main(int argc, char **argv)
         goto end;
     }
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     in = bio_open_default(dsaparams, 'r', FORMAT_PEM);
     if (in == NULL)
         goto end2;

diff --git a/apps/genpkey.c b/apps/genpkey.c
index d80983350a86b5e3ee86d08a1747a2cc2049f3bd..333cea92d26a6317e4c1132a2efa2add01073bc0 100644 (file)
--- a/apps/genpkey.c
+++ b/apps/genpkey.c
@@ -181,9 +181,6 @@ int genpkey_main(int argc, char **argv)
         goto end;
     }
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     out = bio_open_owner(outfile, outformat, private);
     if (out == NULL)
         goto end;

diff --git a/apps/genrsa.c b/apps/genrsa.c
index 54484b5273c0d8af02d478716eabe2b4edfe8656..b0e5e19b7e1e2cd2a6540823134d65a6b81214d3 100644 (file)
--- a/apps/genrsa.c
+++ b/apps/genrsa.c
@@ -169,9 +169,6 @@ int genrsa_main(int argc, char **argv)
         goto end;
     }
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     out = bio_open_owner(outfile, FORMAT_PEM, private);
     if (out == NULL)
         goto end;

diff --git a/apps/nseq.c b/apps/nseq.c
index 06893c82ce6647a41e9c220593d9954cdbbe8f3e..e8cf69dac9ea59299b6d338a5deedd11910a0dd5 100644 (file)
--- a/apps/nseq.c
+++ b/apps/nseq.c
@@ -109,9 +109,6 @@ int nseq_main(int argc, char **argv)
     argc = opt_num_rest();
     argv = opt_rest();
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     in = bio_open_default(infile, 'r', FORMAT_PEM);
     if (in == NULL)
         goto end;

diff --git a/apps/ocsp.c b/apps/ocsp.c
index 960b77681afad82ff366e2ded01553f850bbb75d..0f8ddcc33ffe8e9211449908ef0b039aa4a05425 100644 (file)
--- a/apps/ocsp.c
+++ b/apps/ocsp.c
@@ -494,9 +494,6 @@ int ocsp_main(int argc, char **argv)
     if (!req && !reqin && !respin && !(port && ridx_filename))
         goto opthelp;
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     out = bio_open_default(outfile, 'w', FORMAT_TEXT);
     if (out == NULL)
         goto end;

diff --git a/apps/openssl.c b/apps/openssl.c
index 81a37629d1727aed1ad5837aca0f0c33ae94ec62..565903f9f70af822917bf93c61eb443432cc3ade 100644 (file)
--- a/apps/openssl.c
+++ b/apps/openssl.c
@@ -166,7 +166,7 @@ BIO *bio_in = NULL;
 BIO *bio_out = NULL;
 BIO *bio_err = NULL;
 
-static void apps_startup()
+static int apps_startup()
 {
 #ifdef SIGPIPE
     signal(SIGPIPE, SIG_IGN);
@@ -174,6 +174,13 @@ static void apps_startup()
     CRYPTO_malloc_init();
     ERR_load_crypto_strings();
     ERR_load_SSL_strings();
+
+    if (!app_load_modules(NULL)) {
+        ERR_print_errors(bio_err);
+        BIO_printf(bio_err, "Error loading default configuration\n");
+        return 0;
+    }
+
     OpenSSL_add_all_algorithms();
     OpenSSL_add_ssl_algorithms();
     OPENSSL_load_builtin_modules();
@@ -182,6 +189,7 @@ static void apps_startup()
 #ifndef OPENSSL_NO_ENGINE
     ENGINE_load_builtin_engines();
 #endif
+    return 1;
 }
 
 static void apps_shutdown()
@@ -328,7 +336,9 @@ int main(int argc, char *argv[])
 #endif
     }
 
-    apps_startup();
+    if (!apps_startup())
+        goto end;
+
     prog = prog_init();
     pname = opt_progname(argv[0]);
 

diff --git a/apps/passwd.c b/apps/passwd.c
index 898831337563488b4e40d2f1f0e867f9ba2a7437..372e0e804e7ee714873b8d31163b3fa30b87d59d 100644 (file)
--- a/apps/passwd.c
+++ b/apps/passwd.c
@@ -201,9 +201,6 @@ int passwd_main(int argc, char **argv)
         goto opthelp;
 # endif
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     if (infile && in_stdin) {
         BIO_printf(bio_err, "%s: Can't combine -in and -stdin\n", prog);
         goto end;

diff --git a/apps/pkcs12.c b/apps/pkcs12.c
index e1f663a058adcaabf9d4b81d30ab742817e19fe7..11930e9e16e283f3624940d25c5a0bad2be01208 100644 (file)
--- a/apps/pkcs12.c
+++ b/apps/pkcs12.c
@@ -354,9 +354,6 @@ int pkcs12_main(int argc, char **argv)
         mpass = macpass;
     }
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     if (export_cert || inrand) {
         app_RAND_load_file(NULL, (inrand != NULL));
         if (inrand != NULL)

diff --git a/apps/pkcs7.c b/apps/pkcs7.c
index fff14dc95958ac9e62055d7f5a6b0c37ad6c3159..1ed0b013395b95f33c8ca0ba150cee6057177f65 100644 (file)
--- a/apps/pkcs7.c
+++ b/apps/pkcs7.c
@@ -193,9 +193,6 @@ int pkcs7_main(int argc, char **argv)
     argc = opt_num_rest();
     argv = opt_rest();
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     in = bio_open_default(infile, 'r', informat);
     if (in == NULL)
         goto end;

diff --git a/apps/pkcs8.c b/apps/pkcs8.c
index 765744ffbe23047a33e57ea4e4a017e0913a447b..3d7282eabbcce304f2f77b5d0d4c2c9e300f800e 100644 (file)
--- a/apps/pkcs8.c
+++ b/apps/pkcs8.c
@@ -233,9 +233,6 @@ int pkcs8_main(int argc, char **argv)
         goto end;
     }
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     if ((pbe_nid == -1) && !cipher)
         pbe_nid = NID_pbeWithMD5AndDES_CBC;
 

diff --git a/apps/pkey.c b/apps/pkey.c
index d2a66eb4a0e22c719cbc5f77d35ed3841f50e186..694cdd12c7e04232b1d3daabd16f46f83ecd16cf 100644 (file)
--- a/apps/pkey.c
+++ b/apps/pkey.c
@@ -169,9 +169,6 @@ int pkey_main(int argc, char **argv)
         goto end;
     }
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     out = bio_open_owner(outfile, outformat, private);
     if (out == NULL)
         goto end;

diff --git a/apps/pkeyparam.c b/apps/pkeyparam.c
index 215611eb347d2a4243d7fd389cd208bc4070a65c..abb40d1ab29c98133d5cfe13d155ce7bb0974058 100644 (file)
--- a/apps/pkeyparam.c
+++ b/apps/pkeyparam.c
@@ -118,9 +118,6 @@ int pkeyparam_main(int argc, char **argv)
     argc = opt_num_rest();
     argv = opt_rest();
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     in = bio_open_default(infile, 'r', FORMAT_PEM);
     if (in == NULL)
         goto end;

diff --git a/apps/pkeyutl.c b/apps/pkeyutl.c
index c3e18895a78db01a96ae4af53abc5d71256cf63d..82ebdeee9ecca0e3612b3b3305dd45f76c098b34 100644 (file)
--- a/apps/pkeyutl.c
+++ b/apps/pkeyutl.c
@@ -230,9 +230,6 @@ int pkeyutl_main(int argc, char **argv)
     if (ctx == NULL)
         goto opthelp;
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     if (sigfile && (pkey_op != EVP_PKEY_OP_VERIFY)) {
         BIO_printf(bio_err,
                    "%s: Signature file specified for non verify\n", prog);

diff --git a/apps/prime.c b/apps/prime.c
index 2ce4e94f8988ceadd8e2c33e9b3605fd5df8773f..b6c5ad58b8fb91429fff58be4adfc8a06190f956 100644 (file)
--- a/apps/prime.c
+++ b/apps/prime.c
@@ -109,9 +109,6 @@ int prime_main(int argc, char **argv)
     argc = opt_num_rest();
     argv = opt_rest();
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     if (argc == 0 && !generate) {
         BIO_printf(bio_err, "%s: No prime specified\n", prog);
         goto end;

diff --git a/apps/rand.c b/apps/rand.c
index 315e6be02f6819e47c85c18b4c33d2f3e21ab48c..150eef4fb15cf4f0ad2134975bec5cc4fb567c8c 100644 (file)
--- a/apps/rand.c
+++ b/apps/rand.c
@@ -126,9 +126,6 @@ int rand_main(int argc, char **argv)
     if (sscanf(argv[0], "%d", &num) != 1 || num < 0)
         goto opthelp;
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     app_RAND_load_file(NULL, (inrand != NULL));
     if (inrand != NULL)
         BIO_printf(bio_err, "%ld semi-random bytes loaded\n",

diff --git a/apps/rsa.c b/apps/rsa.c
index f8a0deceb6511a949a218cc44ac1d45552c20f38..0640ba4fad47084a230ca3f92bf891097a281e89 100644 (file)
--- a/apps/rsa.c
+++ b/apps/rsa.c
@@ -256,10 +256,6 @@ int rsa_main(int argc, char **argv)
         BIO_printf(bio_err, "Error getting passwords\n");
         goto end;
     }
-
-    if (!app_load_modules(NULL))
-        goto end;
-
     if (check && pubin) {
         BIO_printf(bio_err, "Only private keys can be checked\n");
         goto end;

diff --git a/apps/rsautl.c b/apps/rsautl.c
index 84a1de1ae96a71557efa715a5f71609f503f40f1..5d6bdc024225ba6ce165f8338a8999d678a1f9c0 100644 (file)
--- a/apps/rsautl.c
+++ b/apps/rsautl.c
@@ -214,9 +214,6 @@ int rsautl_main(int argc, char **argv)
         goto end;
     }
 
-    if (!app_load_modules(NULL))
-        goto end;
-
 /* FIXME: seed PRNG only if needed */
     app_RAND_load_file(NULL, 0);
 

diff --git a/apps/s_client.c b/apps/s_client.c
index d76f921db6cfc6766fe823f59d6426f8ec7bb5db..9bad1b51cf06bdc51efcf9a3e446198a7d4ba3ce 100644 (file)
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -1063,9 +1063,6 @@ int s_client_main(int argc, char **argv)
     argc = opt_num_rest();
     argv = opt_rest();
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     if (proxystr) {
         if (connectstr == NULL) {
             BIO_printf(bio_err, "%s: -proxy requires use of -connect\n", prog);

diff --git a/apps/s_server.c b/apps/s_server.c
index aa43541501b4eb56c63f4be3f54df4a1173c9480..bfc8b1fcd28e24bf62add053d01a0901420fa65c 100644 (file)
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -1475,9 +1475,6 @@ int s_server_main(int argc, char *argv[])
         goto end;
     }
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     if (s_key_file == NULL)
         s_key_file = s_cert_file;
 

diff --git a/apps/smime.c b/apps/smime.c
index db645d0e16848291bc8e65d016cf0630a7328c6e..551a8fd44d6e12b43bab764f99a5778acecb5dc9 100644 (file)
--- a/apps/smime.c
+++ b/apps/smime.c
@@ -422,9 +422,6 @@ int smime_main(int argc, char **argv)
         goto end;
     }
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     if (need_rand) {
         app_RAND_load_file(NULL, (inrand != NULL));
         if (inrand != NULL)

diff --git a/apps/speed.c b/apps/speed.c
index 046c0b2614971fbbb7d63bf905186a8781626ff1..faa3e159ae1582a9c6bbf9138b545ea81b730cf4 100644 (file)
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -850,9 +850,6 @@ int speed_main(int argc, char **argv)
     argc = opt_num_rest();
     argv = opt_rest();
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     /* Remaining arguments are algorithms. */
     for ( ; *argv; argv++) {
         if (found(*argv, doit_choices, &i)) {

diff --git a/apps/spkac.c b/apps/spkac.c
index 180f80fcb7b88084c6268ad39188002f40057c99..eaeb3c15d036a5a34dca3fb19fe2a064267fe2d3 100644 (file)
--- a/apps/spkac.c
+++ b/apps/spkac.c
@@ -186,8 +186,6 @@ int spkac_main(int argc, char **argv)
 
     if ((conf = app_load_config(infile)) == NULL)
         goto end;
-    if (!app_load_modules(conf))
-        goto end;
 
     spkstr = NCONF_get_string(conf, spksect, spkac);
 

diff --git a/apps/verify.c b/apps/verify.c
index 61f8cf7579415761c861d3887a7d151bc52720d4..bd4ed05065082f40c36678d67f6e60915fb45acd 100644 (file)
--- a/apps/verify.c
+++ b/apps/verify.c
@@ -198,9 +198,6 @@ int verify_main(int argc, char **argv)
         goto end;
     }
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     if ((store = setup_verify(CAfile, CApath, noCAfile, noCApath)) == NULL)
         goto end;
     X509_STORE_set_verify_cb(store, cb);

diff --git a/apps/x509.c b/apps/x509.c
index 9472b68da5226594616e8c4ba14a5e8fd49c40d4..ff1e8cbe82119e08b2adcf94110cf9946dccf8ad 100644 (file)
--- a/apps/x509.c
+++ b/apps/x509.c
@@ -493,9 +493,6 @@ int x509_main(int argc, char **argv)
     if (!nmflag_set)
         nmflag = XN_FLAG_ONELINE;
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     out = bio_open_default(outfile, 'w', outformat);
     if (out == NULL)
         goto end;