2016-05-18 02:18:30 +08:00
|
|
|
/*
|
2023-09-07 16:59:15 +08:00
|
|
|
* Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
|
2000-12-16 00:40:35 +08:00
|
|
|
*
|
2018-12-06 20:00:26 +08:00
|
|
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
2016-05-18 02:18:30 +08:00
|
|
|
* this file except in compliance with the License. You can obtain a copy
|
|
|
|
|
* in the file LICENSE in the source distribution or at
|
|
|
|
|
* https://www.openssl.org/source/license.html
|
2000-12-16 00:40:35 +08:00
|
|
|
*/
|
|
|
|
|
|
2021-02-21 07:10:52 +08:00
|
|
|
#include "internal/e_os.h"
|
|
|
|
|
|
1998-12-21 18:52:47 +08:00
|
|
|
#include <stdio.h>
|
|
|
|
|
#include <stdlib.h>
|
2021-06-24 17:13:51 +08:00
|
|
|
#include "internal/common.h"
|
1999-04-24 06:13:45 +08:00
|
|
|
#include <openssl/bio.h>
|
|
|
|
|
#include <openssl/crypto.h>
|
2018-12-14 22:48:53 +08:00
|
|
|
#include <openssl/trace.h>
|
1999-04-24 06:13:45 +08:00
|
|
|
#include <openssl/lhash.h>
|
|
|
|
|
#include <openssl/conf.h>
|
|
|
|
|
#include <openssl/x509.h>
|
|
|
|
|
#include <openssl/pem.h>
|
|
|
|
|
#include <openssl/ssl.h>
|
2003-01-31 01:39:26 +08:00
|
|
|
#ifndef OPENSSL_NO_ENGINE
|
2001-09-12 10:39:06 +08:00
|
|
|
# include <openssl/engine.h>
|
2003-01-31 01:39:26 +08:00
|
|
|
#endif
|
1999-04-24 06:13:45 +08:00
|
|
|
#include <openssl/err.h>
|
2015-05-02 22:01:33 +08:00
|
|
|
/* Needed to get the other O_xxx flags. */
|
|
|
|
|
#ifdef OPENSSL_SYS_VMS
|
|
|
|
|
# include <unixio.h>
|
|
|
|
|
#endif
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
#include "apps.h"
|
2018-01-31 18:13:10 +08:00
|
|
|
#include "progs.h"
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
|
2000-12-09 04:02:01 +08:00
|
|
|
/*
|
|
|
|
|
* The LHASH callbacks ("hash" & "cmp") have been replaced by functions with
|
|
|
|
|
* the base prototypes (we cast each variable inside the function to the
|
|
|
|
|
* required type of "FUNCTION*"). This removes the necessity for
|
|
|
|
|
* macro-generated wrapper functions.
|
|
|
|
|
*/
|
2008-05-26 19:24:29 +08:00
|
|
|
static LHASH_OF(FUNCTION) *prog_init(void);
|
|
|
|
|
static int do_cmd(LHASH_OF(FUNCTION) *prog, int argc, char *argv[]);
|
1998-12-21 18:52:47 +08:00
|
|
|
char *default_config_file = NULL;
|
|
|
|
|
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
BIO *bio_in = NULL;
|
|
|
|
|
BIO *bio_out = NULL;
|
1998-12-21 18:52:47 +08:00
|
|
|
BIO *bio_err = NULL;
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
|
2020-03-05 08:06:29 +08:00
|
|
|
static void warn_deprecated(const FUNCTION *fp)
|
2020-02-05 09:27:23 +08:00
|
|
|
{
|
2020-03-05 08:06:29 +08:00
|
|
|
if (fp->deprecated_version != NULL)
|
|
|
|
|
BIO_printf(bio_err, "The command %s was deprecated in version %s.",
|
|
|
|
|
fp->name, fp->deprecated_version);
|
|
|
|
|
else
|
|
|
|
|
BIO_printf(bio_err, "The command %s is deprecated.", fp->name);
|
|
|
|
|
if (strcmp(fp->deprecated_alternative, DEPRECATED_NO_ALTERNATIVE) != 0)
|
|
|
|
|
BIO_printf(bio_err, " Use '%s' instead.", fp->deprecated_alternative);
|
2020-02-05 09:27:23 +08:00
|
|
|
BIO_printf(bio_err, "\n");
|
|
|
|
|
}
|
|
|
|
|
|
2018-05-09 23:09:50 +08:00
|
|
|
static int apps_startup(void)
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
{
|
2020-07-23 15:40:40 +08:00
|
|
|
const char *use_libctx = NULL;
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
#ifdef SIGPIPE
|
|
|
|
|
signal(SIGPIPE, SIG_IGN);
|
|
|
|
|
#endif
|
2015-10-12 19:40:15 +08:00
|
|
|
|
2016-02-09 00:44:58 +08:00
|
|
|
/* Set non-default library initialisation settings */
|
2017-11-25 19:08:47 +08:00
|
|
|
if (!OPENSSL_init_ssl(OPENSSL_INIT_ENGINE_ALL_BUILTIN
|
|
|
|
|
| OPENSSL_INIT_LOAD_CONFIG, NULL))
|
2016-02-10 21:59:15 +08:00
|
|
|
return 0;
|
2015-10-12 19:40:15 +08:00
|
|
|
|
2020-08-04 16:11:02 +08:00
|
|
|
(void)setup_ui_method();
|
2018-10-12 23:02:58 +08:00
|
|
|
(void)setup_engine_loader();
|
2016-02-09 00:44:58 +08:00
|
|
|
|
2020-07-23 15:40:40 +08:00
|
|
|
/*
|
|
|
|
|
* NOTE: This is an undocumented feature required for testing only.
|
|
|
|
|
* There are no guarantees that it will exist in future builds.
|
|
|
|
|
*/
|
|
|
|
|
use_libctx = getenv("OPENSSL_TEST_LIBCTX");
|
|
|
|
|
if (use_libctx != NULL) {
|
|
|
|
|
/* Set this to "1" to create a global libctx */
|
|
|
|
|
if (strcmp(use_libctx, "1") == 0) {
|
|
|
|
|
if (app_create_libctx() == NULL)
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2015-10-12 19:40:15 +08:00
|
|
|
return 1;
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
}
|
|
|
|
|
|
2018-05-09 23:09:50 +08:00
|
|
|
static void apps_shutdown(void)
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
{
|
2020-07-23 15:40:40 +08:00
|
|
|
app_providers_cleanup();
|
2020-10-15 17:55:50 +08:00
|
|
|
OSSL_LIB_CTX_free(app_get0_libctx());
|
2018-10-12 23:02:58 +08:00
|
|
|
destroy_engine_loader();
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
destroy_ui_method();
|
|
|
|
|
}
|
|
|
|
|
|
2019-03-19 15:53:35 +08:00
|
|
|
|
|
|
|
|
#ifndef OPENSSL_NO_TRACE
|
2018-12-14 22:48:53 +08:00
|
|
|
typedef struct tracedata_st {
|
|
|
|
|
BIO *bio;
|
|
|
|
|
unsigned int ingroup:1;
|
|
|
|
|
} tracedata;
|
|
|
|
|
|
|
|
|
|
static size_t internal_trace_cb(const char *buf, size_t cnt,
|
|
|
|
|
int category, int cmd, void *vdata)
|
|
|
|
|
{
|
2019-03-13 06:04:14 +08:00
|
|
|
int ret = 0;
|
2018-12-14 22:48:53 +08:00
|
|
|
tracedata *trace_data = vdata;
|
2019-06-20 09:24:17 +08:00
|
|
|
char buffer[256], *hex;
|
|
|
|
|
CRYPTO_THREAD_ID tid;
|
2018-12-14 22:48:53 +08:00
|
|
|
|
|
|
|
|
switch (cmd) {
|
|
|
|
|
case OSSL_TRACE_CTRL_BEGIN:
|
2020-09-30 18:17:55 +08:00
|
|
|
if (trace_data->ingroup) {
|
|
|
|
|
BIO_printf(bio_err, "ERROR: tracing already started\n");
|
2019-03-13 07:14:55 +08:00
|
|
|
return 0;
|
2020-09-30 18:17:55 +08:00
|
|
|
}
|
2018-12-14 22:48:53 +08:00
|
|
|
trace_data->ingroup = 1;
|
|
|
|
|
|
2019-06-20 09:24:17 +08:00
|
|
|
tid = CRYPTO_THREAD_get_current_id();
|
|
|
|
|
hex = OPENSSL_buf2hexstr((const unsigned char *)&tid, sizeof(tid));
|
|
|
|
|
BIO_snprintf(buffer, sizeof(buffer), "TRACE[%s]:%s: ",
|
2019-11-27 01:15:20 +08:00
|
|
|
hex == NULL ? "<null>" : hex,
|
|
|
|
|
OSSL_trace_get_category_name(category));
|
2019-06-20 09:24:17 +08:00
|
|
|
OPENSSL_free(hex);
|
2019-11-27 23:13:12 +08:00
|
|
|
BIO_set_prefix(trace_data->bio, buffer);
|
2019-03-13 06:04:14 +08:00
|
|
|
break;
|
|
|
|
|
case OSSL_TRACE_CTRL_WRITE:
|
2020-09-30 18:17:55 +08:00
|
|
|
if (!trace_data->ingroup) {
|
|
|
|
|
BIO_printf(bio_err, "ERROR: writing when tracing not started\n");
|
2019-03-13 07:14:55 +08:00
|
|
|
return 0;
|
2020-09-30 18:17:55 +08:00
|
|
|
}
|
2025-06-18 02:08:49 +08:00
|
|
|
if (cnt > INT_MAX)
|
|
|
|
|
cnt = INT_MAX;
|
2019-03-13 07:14:55 +08:00
|
|
|
|
2025-06-18 02:08:49 +08:00
|
|
|
ret = BIO_write(trace_data->bio, buf, (int)cnt);
|
2019-03-13 06:04:14 +08:00
|
|
|
break;
|
|
|
|
|
case OSSL_TRACE_CTRL_END:
|
2020-09-30 18:17:55 +08:00
|
|
|
if (!trace_data->ingroup) {
|
|
|
|
|
BIO_printf(bio_err, "ERROR: finishing when tracing not started\n");
|
2019-03-13 07:14:55 +08:00
|
|
|
return 0;
|
2020-09-30 18:17:55 +08:00
|
|
|
}
|
2019-03-13 06:04:14 +08:00
|
|
|
trace_data->ingroup = 0;
|
|
|
|
|
|
2019-11-27 23:13:12 +08:00
|
|
|
BIO_set_prefix(trace_data->bio, NULL);
|
2019-03-13 06:04:14 +08:00
|
|
|
|
|
|
|
|
break;
|
2018-12-14 22:48:53 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return ret < 0 ? 0 : ret;
|
|
|
|
|
}
|
|
|
|
|
|
2019-02-10 22:16:20 +08:00
|
|
|
DEFINE_STACK_OF(tracedata)
|
|
|
|
|
static STACK_OF(tracedata) *trace_data_stack;
|
|
|
|
|
|
|
|
|
|
static void tracedata_free(tracedata *data)
|
|
|
|
|
{
|
|
|
|
|
BIO_free_all(data->bio);
|
|
|
|
|
OPENSSL_free(data);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void cleanup_trace(void)
|
|
|
|
|
{
|
|
|
|
|
sk_tracedata_pop_free(trace_data_stack, tracedata_free);
|
|
|
|
|
}
|
|
|
|
|
|
2019-03-22 01:27:50 +08:00
|
|
|
static void setup_trace_category(int category)
|
|
|
|
|
{
|
|
|
|
|
BIO *channel;
|
|
|
|
|
tracedata *trace_data;
|
2021-09-01 11:33:34 +08:00
|
|
|
BIO *bio = NULL;
|
2019-03-22 01:27:50 +08:00
|
|
|
|
|
|
|
|
if (OSSL_trace_enabled(category))
|
|
|
|
|
return;
|
|
|
|
|
|
2021-09-01 11:33:34 +08:00
|
|
|
bio = BIO_new(BIO_f_prefix());
|
|
|
|
|
channel = BIO_push(bio, dup_bio_err(FORMAT_TEXT));
|
2019-03-22 01:27:50 +08:00
|
|
|
trace_data = OPENSSL_zalloc(sizeof(*trace_data));
|
|
|
|
|
|
|
|
|
|
if (trace_data == NULL
|
2021-09-01 11:33:34 +08:00
|
|
|
|| bio == NULL
|
2019-03-22 01:27:50 +08:00
|
|
|
|| (trace_data->bio = channel) == NULL
|
|
|
|
|
|| OSSL_trace_set_callback(category, internal_trace_cb,
|
|
|
|
|
trace_data) == 0
|
|
|
|
|
|| sk_tracedata_push(trace_data_stack, trace_data) == 0) {
|
|
|
|
|
|
|
|
|
|
fprintf(stderr,
|
|
|
|
|
"warning: unable to setup trace callback for category '%s'.\n",
|
|
|
|
|
OSSL_trace_get_category_name(category));
|
|
|
|
|
|
|
|
|
|
OSSL_trace_set_callback(category, NULL, NULL);
|
|
|
|
|
BIO_free_all(channel);
|
2025-06-27 01:00:55 +08:00
|
|
|
OPENSSL_free(trace_data);
|
2019-03-22 01:27:50 +08:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2018-12-14 22:48:53 +08:00
|
|
|
static void setup_trace(const char *str)
|
|
|
|
|
{
|
|
|
|
|
char *val;
|
|
|
|
|
|
2019-06-20 16:38:46 +08:00
|
|
|
/*
|
|
|
|
|
* We add this handler as early as possible to ensure it's executed
|
|
|
|
|
* as late as possible, i.e. after the TRACE code has done its cleanup
|
|
|
|
|
* (which happens last in OPENSSL_cleanup).
|
|
|
|
|
*/
|
|
|
|
|
atexit(cleanup_trace);
|
|
|
|
|
|
2019-02-10 22:16:20 +08:00
|
|
|
trace_data_stack = sk_tracedata_new_null();
|
2018-12-14 22:48:53 +08:00
|
|
|
val = OPENSSL_strdup(str);
|
|
|
|
|
|
|
|
|
|
if (val != NULL) {
|
|
|
|
|
char *valp = val;
|
|
|
|
|
char *item;
|
|
|
|
|
|
|
|
|
|
for (valp = val; (item = strtok(valp, ",")) != NULL; valp = NULL) {
|
|
|
|
|
int category = OSSL_trace_get_category_num(item);
|
|
|
|
|
|
2019-03-22 01:59:13 +08:00
|
|
|
if (category == OSSL_TRACE_CATEGORY_ALL) {
|
2019-03-22 01:27:50 +08:00
|
|
|
while (++category < OSSL_TRACE_CATEGORY_NUM)
|
|
|
|
|
setup_trace_category(category);
|
|
|
|
|
break;
|
|
|
|
|
} else if (category > 0) {
|
|
|
|
|
setup_trace_category(category);
|
2018-12-14 22:48:53 +08:00
|
|
|
} else {
|
|
|
|
|
fprintf(stderr,
|
2019-03-22 01:27:50 +08:00
|
|
|
"warning: unknown trace category: '%s'.\n", item);
|
2018-12-14 22:48:53 +08:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
OPENSSL_free(val);
|
|
|
|
|
}
|
2019-03-19 15:53:35 +08:00
|
|
|
#endif /* OPENSSL_NO_TRACE */
|
2018-12-14 22:48:53 +08:00
|
|
|
|
2020-06-24 18:21:15 +08:00
|
|
|
static char *help_argv[] = { "help", NULL };
|
2023-05-11 06:48:00 +08:00
|
|
|
static char *version_argv[] = { "version", NULL };
|
2020-06-06 18:55:59 +08:00
|
|
|
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
int main(int argc, char *argv[])
|
1998-12-21 18:52:47 +08:00
|
|
|
{
|
|
|
|
|
FUNCTION f, *fp;
|
2008-05-26 19:24:29 +08:00
|
|
|
LHASH_OF(FUNCTION) *prog = NULL;
|
2020-06-03 16:49:50 +08:00
|
|
|
char *pname;
|
2021-01-07 16:00:02 +08:00
|
|
|
const char *fname;
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
ARGS arg;
|
2021-01-07 17:16:12 +08:00
|
|
|
int global_help = 0;
|
2023-05-11 06:48:00 +08:00
|
|
|
int global_version = 0;
|
2020-06-03 16:49:50 +08:00
|
|
|
int ret = 0;
|
2025-07-14 21:01:24 +08:00
|
|
|
char *sec_mem_char = NULL;
|
|
|
|
|
#ifndef OPENSSL_NO_SECURE_MEMORY
|
|
|
|
|
char *sec_mem_minsize_char = NULL;
|
|
|
|
|
#endif
|
2011-03-20 21:15:33 +08:00
|
|
|
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
arg.argv = NULL;
|
|
|
|
|
arg.size = 0;
|
|
|
|
|
|
2015-06-05 02:26:55 +08:00
|
|
|
/* Set up some of the environment. */
|
2015-09-06 18:20:12 +08:00
|
|
|
bio_in = dup_bio_in(FORMAT_TEXT);
|
|
|
|
|
bio_out = dup_bio_out(FORMAT_TEXT);
|
2016-03-22 01:30:30 +08:00
|
|
|
bio_err = dup_bio_err(FORMAT_TEXT);
|
2015-06-05 02:26:55 +08:00
|
|
|
|
2016-04-01 18:36:51 +08:00
|
|
|
#if defined(OPENSSL_SYS_VMS) && defined(__DECC)
|
2019-03-03 17:20:37 +08:00
|
|
|
argv = copy_argv(&argc, argv);
|
2016-07-17 05:21:39 +08:00
|
|
|
#elif defined(_WIN32)
|
2021-01-07 16:00:02 +08:00
|
|
|
/* Replace argv[] with UTF-8 encoded strings. */
|
2016-07-17 05:21:39 +08:00
|
|
|
win32_utf8argv(&argc, &argv);
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
#endif
|
|
|
|
|
|
2019-03-19 15:53:35 +08:00
|
|
|
#ifndef OPENSSL_NO_TRACE
|
2018-12-14 22:48:53 +08:00
|
|
|
setup_trace(getenv("OPENSSL_TRACE"));
|
2019-03-19 15:53:35 +08:00
|
|
|
#endif
|
2018-12-14 22:48:53 +08:00
|
|
|
|
2025-07-14 21:01:24 +08:00
|
|
|
sec_mem_char = getenv("OPENSSL_SEC_MEM");
|
|
|
|
|
if (sec_mem_char != NULL) {
|
|
|
|
|
#ifndef OPENSSL_NO_SECURE_MEMORY
|
|
|
|
|
long sec_mem = 0;
|
|
|
|
|
long sec_mem_minsize = 0;
|
|
|
|
|
char *end = NULL;
|
|
|
|
|
|
|
|
|
|
errno = 0;
|
|
|
|
|
sec_mem = strtol(sec_mem_char, &end, 0);
|
|
|
|
|
if (errno != 0 || *end != 0 || end == sec_mem_char) {
|
|
|
|
|
BIO_printf(bio_err,
|
|
|
|
|
"FATAL: could not convert OPENSSL_SEC_MEM (%s) to number\n",
|
|
|
|
|
sec_mem_char);
|
|
|
|
|
ret = EXIT_FAILURE;
|
|
|
|
|
goto end;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Try to fetch the minsize if given, if not use the default value.
|
|
|
|
|
*/
|
|
|
|
|
sec_mem_minsize_char = getenv("OPENSSL_SEC_MEM_MINSIZE");
|
|
|
|
|
if (sec_mem_minsize_char != NULL) {
|
|
|
|
|
errno = 0;
|
|
|
|
|
sec_mem_minsize = strtol(sec_mem_minsize_char, &end, 0);
|
|
|
|
|
if (errno != 0 || *end != 0 || end == sec_mem_minsize_char) {
|
|
|
|
|
BIO_printf(bio_err,
|
|
|
|
|
"FATAL: could not convert OPENSSL_SEC_MEM_MINSIZE (%s) to number\n",
|
|
|
|
|
sec_mem_minsize_char);
|
|
|
|
|
ret = 1;
|
|
|
|
|
goto end;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ret = CRYPTO_secure_malloc_init(sec_mem, sec_mem_minsize);
|
|
|
|
|
if (ret != 1) {
|
|
|
|
|
BIO_printf(bio_err,
|
|
|
|
|
"FATAL: could not initialize secure memory\n");
|
|
|
|
|
ERR_print_errors(bio_err);
|
|
|
|
|
ret = 1;
|
|
|
|
|
goto end;
|
|
|
|
|
}
|
|
|
|
|
#else
|
|
|
|
|
BIO_printf(bio_err,
|
|
|
|
|
"FATAL: OPENSSL_SEC_MEM environment variable was set, but "
|
|
|
|
|
"openssl was compiled without secure memory support.\n");
|
|
|
|
|
#endif
|
|
|
|
|
}
|
|
|
|
|
|
2021-01-07 16:00:02 +08:00
|
|
|
if ((fname = "apps_startup", !apps_startup())
|
|
|
|
|
|| (fname = "prog_init", (prog = prog_init()) == NULL)) {
|
2019-11-21 11:50:03 +08:00
|
|
|
BIO_printf(bio_err,
|
2021-01-07 16:00:02 +08:00
|
|
|
"FATAL: Startup failure (dev note: %s()) for %s\n",
|
|
|
|
|
fname, argv[0]);
|
2019-11-21 11:50:03 +08:00
|
|
|
ERR_print_errors(bio_err);
|
|
|
|
|
ret = 1;
|
|
|
|
|
goto end;
|
|
|
|
|
}
|
2016-04-01 18:36:51 +08:00
|
|
|
pname = opt_progname(argv[0]);
|
2015-01-22 11:40:55 +08:00
|
|
|
|
2020-05-28 19:53:48 +08:00
|
|
|
default_config_file = CONF_get1_default_config_file();
|
|
|
|
|
if (default_config_file == NULL)
|
|
|
|
|
app_bail_out("%s: could not get default config file\n", pname);
|
|
|
|
|
|
1998-12-21 18:52:47 +08:00
|
|
|
/* first check the program name */
|
|
|
|
|
f.name = pname;
|
2008-05-26 19:24:29 +08:00
|
|
|
fp = lh_FUNCTION_retrieve(prog, &f);
|
2020-06-03 16:49:50 +08:00
|
|
|
if (fp == NULL) {
|
2021-01-07 17:16:12 +08:00
|
|
|
/* We assume we've been called as 'openssl ...' */
|
|
|
|
|
global_help = argc > 1
|
|
|
|
|
&& (strcmp(argv[1], "-help") == 0 || strcmp(argv[1], "--help") == 0
|
|
|
|
|
|| strcmp(argv[1], "-h") == 0 || strcmp(argv[1], "--h") == 0);
|
2023-05-11 06:48:00 +08:00
|
|
|
global_version = argc > 1
|
|
|
|
|
&& (strcmp(argv[1], "-version") == 0 || strcmp(argv[1], "--version") == 0
|
|
|
|
|
|| strcmp(argv[1], "-v") == 0 || strcmp(argv[1], "--v") == 0);
|
|
|
|
|
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
argc--;
|
2016-04-01 18:36:51 +08:00
|
|
|
argv++;
|
2023-05-11 06:48:00 +08:00
|
|
|
opt_appname(argc == 1 || global_help ? "help" : global_version ? "version" : argv[0]);
|
2021-01-07 16:00:02 +08:00
|
|
|
} else {
|
|
|
|
|
argv[0] = pname;
|
1998-12-21 18:52:47 +08:00
|
|
|
}
|
2015-01-22 11:40:55 +08:00
|
|
|
|
2023-05-11 06:48:00 +08:00
|
|
|
/*
|
|
|
|
|
* If there's no command, assume "help". If there's an override for help
|
|
|
|
|
* or version run those, otherwise run the command given.
|
|
|
|
|
*/
|
|
|
|
|
ret = (argc == 0) || global_help
|
|
|
|
|
? do_cmd(prog, 1, help_argv)
|
|
|
|
|
: global_version
|
|
|
|
|
? do_cmd(prog, 1, version_argv)
|
|
|
|
|
: do_cmd(prog, argc, argv);
|
2015-04-27 11:45:12 +08:00
|
|
|
|
1998-12-21 18:52:47 +08:00
|
|
|
end:
|
2015-05-29 01:52:55 +08:00
|
|
|
OPENSSL_free(default_config_file);
|
2015-05-02 02:37:16 +08:00
|
|
|
lh_FUNCTION_free(prog);
|
2015-05-01 22:02:07 +08:00
|
|
|
OPENSSL_free(arg.argv);
|
2021-04-03 18:53:51 +08:00
|
|
|
if (!app_RAND_write())
|
|
|
|
|
ret = EXIT_FAILURE;
|
2015-01-22 11:40:55 +08:00
|
|
|
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
BIO_free(bio_in);
|
|
|
|
|
BIO_free_all(bio_out);
|
2014-12-08 05:25:39 +08:00
|
|
|
apps_shutdown();
|
2022-10-20 01:11:16 +08:00
|
|
|
BIO_free_all(bio_err);
|
2025-07-14 21:01:24 +08:00
|
|
|
#ifndef OPENSSL_NO_SECURE_MEMORY
|
|
|
|
|
CRYPTO_secure_malloc_done();
|
|
|
|
|
#endif
|
2016-01-14 00:04:19 +08:00
|
|
|
EXIT(ret);
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
}
|
|
|
|
|
|
2016-08-31 01:31:18 +08:00
|
|
|
typedef enum HELP_CHOICE {
|
|
|
|
|
OPT_hERR = -1, OPT_hEOF = 0, OPT_hHELP
|
|
|
|
|
} HELP_CHOICE;
|
|
|
|
|
|
2016-03-13 21:07:50 +08:00
|
|
|
const OPTIONS help_options[] = {
|
2019-09-20 09:33:17 +08:00
|
|
|
{OPT_HELP_STR, 1, '-', "Usage: help [options] [command]\n"},
|
2019-11-08 04:08:30 +08:00
|
|
|
|
|
|
|
|
OPT_SECTION("General"),
|
2016-08-31 01:31:18 +08:00
|
|
|
{"help", OPT_hHELP, '-', "Display this summary"},
|
2019-09-20 09:33:17 +08:00
|
|
|
|
|
|
|
|
OPT_PARAMETERS(),
|
|
|
|
|
{"command", 0, 0, "Name of command to display help (optional)"},
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
{NULL}
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
int help_main(int argc, char **argv)
|
|
|
|
|
{
|
|
|
|
|
FUNCTION *fp;
|
|
|
|
|
int i, nl;
|
|
|
|
|
FUNC_TYPE tp;
|
|
|
|
|
char *prog;
|
2016-08-31 01:31:18 +08:00
|
|
|
HELP_CHOICE o;
|
2017-08-15 12:41:34 +08:00
|
|
|
DISPLAY_COLUMNS dc;
|
2020-06-18 07:03:32 +08:00
|
|
|
char *new_argv[3];
|
|
|
|
|
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
prog = opt_init(argc, argv, help_options);
|
2016-08-31 01:31:18 +08:00
|
|
|
while ((o = opt_next()) != OPT_hEOF) {
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
switch (o) {
|
2016-08-31 01:31:18 +08:00
|
|
|
case OPT_hERR:
|
|
|
|
|
case OPT_hEOF:
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
|
|
|
|
|
return 1;
|
2016-08-31 01:31:18 +08:00
|
|
|
case OPT_hHELP:
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
opt_help(help_options);
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2020-11-29 05:12:58 +08:00
|
|
|
/* One optional argument, the command to get help for. */
|
2017-12-31 15:44:26 +08:00
|
|
|
if (opt_num_rest() == 1) {
|
|
|
|
|
new_argv[0] = opt_rest()[0];
|
|
|
|
|
new_argv[1] = "--help";
|
|
|
|
|
new_argv[2] = NULL;
|
|
|
|
|
return do_cmd(prog_init(), 2, new_argv);
|
|
|
|
|
}
|
2021-08-27 21:33:18 +08:00
|
|
|
if (!opt_check_rest_arg(NULL)) {
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
BIO_printf(bio_err, "Usage: %s\n", prog);
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
2019-07-11 02:25:03 +08:00
|
|
|
calculate_columns(functions, &dc);
|
2021-01-07 16:00:02 +08:00
|
|
|
BIO_printf(bio_err, "%s:\n\nStandard commands", prog);
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
i = 0;
|
|
|
|
|
tp = FT_none;
|
|
|
|
|
for (fp = functions; fp->name != NULL; fp++) {
|
|
|
|
|
nl = 0;
|
2017-08-15 12:41:34 +08:00
|
|
|
if (i++ % dc.columns == 0) {
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
BIO_printf(bio_err, "\n");
|
|
|
|
|
nl = 1;
|
|
|
|
|
}
|
|
|
|
|
if (fp->type != tp) {
|
|
|
|
|
tp = fp->type;
|
|
|
|
|
if (!nl)
|
|
|
|
|
BIO_printf(bio_err, "\n");
|
|
|
|
|
if (tp == FT_md) {
|
|
|
|
|
i = 1;
|
|
|
|
|
BIO_printf(bio_err,
|
|
|
|
|
"\nMessage Digest commands (see the `dgst' command for more details)\n");
|
|
|
|
|
} else if (tp == FT_cipher) {
|
|
|
|
|
i = 1;
|
|
|
|
|
BIO_printf(bio_err,
|
|
|
|
|
"\nCipher commands (see the `enc' command for more details)\n");
|
|
|
|
|
}
|
|
|
|
|
}
|
2017-08-15 12:41:34 +08:00
|
|
|
BIO_printf(bio_err, "%-*s", dc.width, fp->name);
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
}
|
|
|
|
|
BIO_printf(bio_err, "\n\n");
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
2014-12-08 05:25:39 +08:00
|
|
|
|
2008-05-26 19:24:29 +08:00
|
|
|
static int do_cmd(LHASH_OF(FUNCTION) *prog, int argc, char *argv[])
|
1998-12-21 18:52:47 +08:00
|
|
|
{
|
|
|
|
|
FUNCTION f, *fp;
|
2015-01-22 11:40:55 +08:00
|
|
|
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
if (argc <= 0 || argv[0] == NULL)
|
2017-10-17 22:04:09 +08:00
|
|
|
return 0;
|
2021-09-30 06:03:13 +08:00
|
|
|
memset(&f, 0, sizeof(f));
|
1998-12-21 18:52:47 +08:00
|
|
|
f.name = argv[0];
|
2008-05-26 19:24:29 +08:00
|
|
|
fp = lh_FUNCTION_retrieve(prog, &f);
|
2009-03-30 19:31:50 +08:00
|
|
|
if (fp == NULL) {
|
|
|
|
|
if (EVP_get_digestbyname(argv[0])) {
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
f.type = FT_md;
|
2009-03-30 19:31:50 +08:00
|
|
|
f.func = dgst_main;
|
|
|
|
|
fp = &f;
|
|
|
|
|
} else if (EVP_get_cipherbyname(argv[0])) {
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
f.type = FT_cipher;
|
2009-03-30 19:31:50 +08:00
|
|
|
f.func = enc_main;
|
|
|
|
|
fp = &f;
|
|
|
|
|
}
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
1998-12-21 18:52:47 +08:00
|
|
|
if (fp != NULL) {
|
2020-02-05 09:27:23 +08:00
|
|
|
if (fp->deprecated_alternative != NULL)
|
2020-03-05 08:06:29 +08:00
|
|
|
warn_deprecated(fp);
|
2017-10-17 22:04:09 +08:00
|
|
|
return fp->func(argc, argv);
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
}
|
2021-06-21 14:55:50 +08:00
|
|
|
f.name = argv[0];
|
|
|
|
|
if (CHECK_AND_SKIP_PREFIX(f.name, "no-")) {
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
/*
|
|
|
|
|
* User is asking if foo is unsupported, by trying to "run" the
|
|
|
|
|
* no-foo command. Strange.
|
|
|
|
|
*/
|
|
|
|
|
if (lh_FUNCTION_retrieve(prog, &f) == NULL) {
|
|
|
|
|
BIO_printf(bio_out, "%s\n", argv[0]);
|
2017-10-17 22:04:09 +08:00
|
|
|
return 0;
|
On VMS, stdout may very well lead to a file that is written to in a
record-oriented fashion. That means that every write() will write a
separate record, which will be read separately by the programs trying
to read from it. This can be very confusing.
The solution is to put a BIO filter in the way that will buffer text
until a linefeed is reached, and then write everything a line at a
time, so every record written will be an actual line, not chunks of
lines and not (usually doesn't happen, but I've seen it once) several
lines in one record. Voila, BIO_f_linebuffer() is born.
Since we're so close to release time, I'm making this VMS-only for
now, just to make sure no code is needlessly broken by this. After
the release, this BIO method will be enabled on all other platforms as
well.
2000-09-20 21:55:50 +08:00
|
|
|
}
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
BIO_printf(bio_out, "%s\n", argv[0] + 3);
|
|
|
|
|
return 1;
|
1999-01-10 03:15:59 +08:00
|
|
|
}
|
2015-01-22 11:40:55 +08:00
|
|
|
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
BIO_printf(bio_err, "Invalid command '%s'; type \"help\" for a list.\n",
|
|
|
|
|
argv[0]);
|
2017-10-09 19:05:58 +08:00
|
|
|
return 1;
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
1999-01-10 03:15:59 +08:00
|
|
|
|
2023-07-17 02:03:40 +08:00
|
|
|
static int function_cmp(const FUNCTION *a, const FUNCTION *b)
|
2008-05-26 19:24:29 +08:00
|
|
|
{
|
|
|
|
|
return strncmp(a->name, b->name, 8);
|
|
|
|
|
}
|
1999-01-10 03:15:59 +08:00
|
|
|
|
2023-07-17 02:03:40 +08:00
|
|
|
static unsigned long function_hash(const FUNCTION *a)
|
2015-01-22 11:40:55 +08:00
|
|
|
{
|
2016-05-20 22:46:29 +08:00
|
|
|
return OPENSSL_LH_strhash(a->name);
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
1998-12-21 18:52:47 +08:00
|
|
|
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
static int SortFnByName(const void *_f1, const void *_f2)
|
|
|
|
|
{
|
|
|
|
|
const FUNCTION *f1 = _f1;
|
|
|
|
|
const FUNCTION *f2 = _f2;
|
|
|
|
|
|
|
|
|
|
if (f1->type != f2->type)
|
|
|
|
|
return f1->type - f2->type;
|
|
|
|
|
return strcmp(f1->name, f2->name);
|
|
|
|
|
}
|
|
|
|
|
|
2008-05-26 19:24:29 +08:00
|
|
|
static LHASH_OF(FUNCTION) *prog_init(void)
|
2015-01-22 11:40:55 +08:00
|
|
|
{
|
2017-12-31 15:44:12 +08:00
|
|
|
static LHASH_OF(FUNCTION) *ret = NULL;
|
|
|
|
|
static int prog_inited = 0;
|
1998-12-21 18:52:47 +08:00
|
|
|
FUNCTION *f;
|
2005-04-06 03:11:19 +08:00
|
|
|
size_t i;
|
2015-01-22 11:40:55 +08:00
|
|
|
|
2017-12-31 15:44:12 +08:00
|
|
|
if (prog_inited)
|
|
|
|
|
return ret;
|
|
|
|
|
|
|
|
|
|
prog_inited = 1;
|
|
|
|
|
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
/* Sort alphabetically within category. For nicer help displays. */
|
2017-12-31 15:44:12 +08:00
|
|
|
for (i = 0, f = functions; f->name != NULL; ++f, ++i)
|
|
|
|
|
;
|
2015-05-02 11:10:31 +08:00
|
|
|
qsort(functions, i, sizeof(*functions), SortFnByName);
|
2015-01-22 11:40:55 +08:00
|
|
|
|
2015-12-24 23:51:23 +08:00
|
|
|
if ((ret = lh_FUNCTION_new(function_hash, function_cmp)) == NULL)
|
2017-10-17 22:04:09 +08:00
|
|
|
return NULL;
|
2015-01-22 11:40:55 +08:00
|
|
|
|
1999-01-10 03:15:59 +08:00
|
|
|
for (f = functions; f->name != NULL; f++)
|
2008-07-05 07:12:52 +08:00
|
|
|
(void)lh_FUNCTION_insert(ret, f);
|
2017-08-15 12:41:34 +08:00
|
|
|
return ret;
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
