aboutsummaryrefslogtreecommitdiffstats
path: root/apps
diff options
context:
space:
mode:
authorJung-uk Kim <jkim@FreeBSD.org>2018-03-27 17:03:01 +0000
committerJung-uk Kim <jkim@FreeBSD.org>2018-03-27 17:03:01 +0000
commit02be298e504b8554caca6dc85af450e1ea44d19d (patch)
treeb4870fcd2c2663fedd44997d4bb5ad13dcd50293 /apps
parent4f94f84d8491a2455678402b5c7c92e692a272bc (diff)
downloadsrc-02be298e504b8554caca6dc85af450e1ea44d19d.tar.gz
src-02be298e504b8554caca6dc85af450e1ea44d19d.zip
Import OpenSSL 1.0.2o.vendor/openssl/1.0.2o
Notes
Notes: svn path=/vendor-crypto/openssl/dist/; revision=331625 svn path=/vendor-crypto/openssl/1.0.2o/; revision=331626; tag=vendor/openssl/1.0.2o
Diffstat (limited to 'apps')
-rw-r--r--apps/app_rand.c4
-rw-r--r--apps/apps.c62
-rw-r--r--apps/ca.c237
-rw-r--r--apps/ciphers.c2
-rw-r--r--apps/cms.c10
-rw-r--r--apps/dgst.c2
-rw-r--r--apps/dsaparam.c3
-rw-r--r--apps/ecparam.c8
-rw-r--r--apps/enc.c24
-rw-r--r--apps/errstr.c2
-rw-r--r--apps/ocsp.c2
-rw-r--r--apps/openssl.c6
-rw-r--r--apps/passwd.c14
-rw-r--r--apps/pkcs12.c10
-rw-r--r--apps/pkcs8.c4
-rw-r--r--apps/rand.c2
-rw-r--r--apps/req.c36
-rw-r--r--apps/s_client.c10
-rw-r--r--apps/s_server.c10
-rw-r--r--apps/s_socket.c6
-rw-r--r--apps/s_time.c6
-rw-r--r--apps/speed.c12
-rw-r--r--apps/x509.c4
23 files changed, 252 insertions, 224 deletions
diff --git a/apps/app_rand.c b/apps/app_rand.c
index 7f40bba76468..0bbf342e7e1a 100644
--- a/apps/app_rand.c
+++ b/apps/app_rand.c
@@ -128,7 +128,7 @@ int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn)
#endif
if (file == NULL)
- file = RAND_file_name(buffer, sizeof buffer);
+ file = RAND_file_name(buffer, sizeof(buffer));
else if (RAND_egd(file) > 0) {
/*
* we try if the given filename is an EGD socket. if it is, we don't
@@ -203,7 +203,7 @@ int app_RAND_write_file(const char *file, BIO *bio_e)
return 0;
if (file == NULL)
- file = RAND_file_name(buffer, sizeof buffer);
+ file = RAND_file_name(buffer, sizeof(buffer));
if (file == NULL || !RAND_write_file(file)) {
BIO_printf(bio_e, "unable to write 'random state'\n");
return 0;
diff --git a/apps/apps.c b/apps/apps.c
index 29de1b75dd60..c5a515229556 100644
--- a/apps/apps.c
+++ b/apps/apps.c
@@ -1738,9 +1738,9 @@ int save_serial(char *serialfile, char *suffix, BIGNUM *serial,
BUF_strlcpy(buf[0], serialfile, BSIZE);
else {
#ifndef OPENSSL_SYS_VMS
- j = BIO_snprintf(buf[0], sizeof buf[0], "%s.%s", serialfile, suffix);
+ j = BIO_snprintf(buf[0], sizeof(buf[0]), "%s.%s", serialfile, suffix);
#else
- j = BIO_snprintf(buf[0], sizeof buf[0], "%s-%s", serialfile, suffix);
+ j = BIO_snprintf(buf[0], sizeof(buf[0]), "%s-%s", serialfile, suffix);
#endif
}
#ifdef RL_DEBUG
@@ -1789,14 +1789,14 @@ int rotate_serial(char *serialfile, char *new_suffix, char *old_suffix)
goto err;
}
#ifndef OPENSSL_SYS_VMS
- j = BIO_snprintf(buf[0], sizeof buf[0], "%s.%s", serialfile, new_suffix);
+ j = BIO_snprintf(buf[0], sizeof(buf[0]), "%s.%s", serialfile, new_suffix);
#else
- j = BIO_snprintf(buf[0], sizeof buf[0], "%s-%s", serialfile, new_suffix);
+ j = BIO_snprintf(buf[0], sizeof(buf[0]), "%s-%s", serialfile, new_suffix);
#endif
#ifndef OPENSSL_SYS_VMS
- j = BIO_snprintf(buf[1], sizeof buf[1], "%s.%s", serialfile, old_suffix);
+ j = BIO_snprintf(buf[1], sizeof(buf[1]), "%s.%s", serialfile, old_suffix);
#else
- j = BIO_snprintf(buf[1], sizeof buf[1], "%s-%s", serialfile, old_suffix);
+ j = BIO_snprintf(buf[1], sizeof(buf[1]), "%s-%s", serialfile, old_suffix);
#endif
#ifdef RL_DEBUG
BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
@@ -1877,9 +1877,9 @@ CA_DB *load_index(char *dbfile, DB_ATTR *db_attr)
goto err;
#ifndef OPENSSL_SYS_VMS
- BIO_snprintf(buf[0], sizeof buf[0], "%s.attr", dbfile);
+ BIO_snprintf(buf[0], sizeof(buf[0]), "%s.attr", dbfile);
#else
- BIO_snprintf(buf[0], sizeof buf[0], "%s-attr", dbfile);
+ BIO_snprintf(buf[0], sizeof(buf[0]), "%s-attr", dbfile);
#endif
dbattr_conf = NCONF_new(NULL);
if (NCONF_load(dbattr_conf, buf[0], &errorline) <= 0) {
@@ -1967,19 +1967,19 @@ int save_index(const char *dbfile, const char *suffix, CA_DB *db)
goto err;
}
#ifndef OPENSSL_SYS_VMS
- j = BIO_snprintf(buf[2], sizeof buf[2], "%s.attr", dbfile);
+ j = BIO_snprintf(buf[2], sizeof(buf[2]), "%s.attr", dbfile);
#else
- j = BIO_snprintf(buf[2], sizeof buf[2], "%s-attr", dbfile);
+ j = BIO_snprintf(buf[2], sizeof(buf[2]), "%s-attr", dbfile);
#endif
#ifndef OPENSSL_SYS_VMS
- j = BIO_snprintf(buf[1], sizeof buf[1], "%s.attr.%s", dbfile, suffix);
+ j = BIO_snprintf(buf[1], sizeof(buf[1]), "%s.attr.%s", dbfile, suffix);
#else
- j = BIO_snprintf(buf[1], sizeof buf[1], "%s-attr-%s", dbfile, suffix);
+ j = BIO_snprintf(buf[1], sizeof(buf[1]), "%s-attr-%s", dbfile, suffix);
#endif
#ifndef OPENSSL_SYS_VMS
- j = BIO_snprintf(buf[0], sizeof buf[0], "%s.%s", dbfile, suffix);
+ j = BIO_snprintf(buf[0], sizeof(buf[0]), "%s.%s", dbfile, suffix);
#else
- j = BIO_snprintf(buf[0], sizeof buf[0], "%s-%s", dbfile, suffix);
+ j = BIO_snprintf(buf[0], sizeof(buf[0]), "%s-%s", dbfile, suffix);
#endif
#ifdef RL_DEBUG
BIO_printf(bio_err, "DEBUG: writing \"%s\"\n", buf[0]);
@@ -2028,29 +2028,29 @@ int rotate_index(const char *dbfile, const char *new_suffix,
goto err;
}
#ifndef OPENSSL_SYS_VMS
- j = BIO_snprintf(buf[4], sizeof buf[4], "%s.attr", dbfile);
+ j = BIO_snprintf(buf[4], sizeof(buf[4]), "%s.attr", dbfile);
#else
- j = BIO_snprintf(buf[4], sizeof buf[4], "%s-attr", dbfile);
+ j = BIO_snprintf(buf[4], sizeof(buf[4]), "%s-attr", dbfile);
#endif
#ifndef OPENSSL_SYS_VMS
- j = BIO_snprintf(buf[2], sizeof buf[2], "%s.attr.%s", dbfile, new_suffix);
+ j = BIO_snprintf(buf[2], sizeof(buf[2]), "%s.attr.%s", dbfile, new_suffix);
#else
- j = BIO_snprintf(buf[2], sizeof buf[2], "%s-attr-%s", dbfile, new_suffix);
+ j = BIO_snprintf(buf[2], sizeof(buf[2]), "%s-attr-%s", dbfile, new_suffix);
#endif
#ifndef OPENSSL_SYS_VMS
- j = BIO_snprintf(buf[0], sizeof buf[0], "%s.%s", dbfile, new_suffix);
+ j = BIO_snprintf(buf[0], sizeof(buf[0]), "%s.%s", dbfile, new_suffix);
#else
- j = BIO_snprintf(buf[0], sizeof buf[0], "%s-%s", dbfile, new_suffix);
+ j = BIO_snprintf(buf[0], sizeof(buf[0]), "%s-%s", dbfile, new_suffix);
#endif
#ifndef OPENSSL_SYS_VMS
- j = BIO_snprintf(buf[1], sizeof buf[1], "%s.%s", dbfile, old_suffix);
+ j = BIO_snprintf(buf[1], sizeof(buf[1]), "%s.%s", dbfile, old_suffix);
#else
- j = BIO_snprintf(buf[1], sizeof buf[1], "%s-%s", dbfile, old_suffix);
+ j = BIO_snprintf(buf[1], sizeof(buf[1]), "%s-%s", dbfile, old_suffix);
#endif
#ifndef OPENSSL_SYS_VMS
- j = BIO_snprintf(buf[3], sizeof buf[3], "%s.attr.%s", dbfile, old_suffix);
+ j = BIO_snprintf(buf[3], sizeof(buf[3]), "%s.attr.%s", dbfile, old_suffix);
#else
- j = BIO_snprintf(buf[3], sizeof buf[3], "%s-attr-%s", dbfile, old_suffix);
+ j = BIO_snprintf(buf[3], sizeof(buf[3]), "%s-attr-%s", dbfile, old_suffix);
#endif
#ifdef RL_DEBUG
BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n", dbfile, buf[1]);
@@ -2604,7 +2604,7 @@ static void jpake_send_step3a(BIO *bconn, JPAKE_CTX *ctx)
JPAKE_STEP3A_init(&s3a);
JPAKE_STEP3A_generate(&s3a, ctx);
- BIO_write(bconn, s3a.hhk, sizeof s3a.hhk);
+ BIO_write(bconn, s3a.hhk, sizeof(s3a.hhk));
(void)BIO_flush(bconn);
JPAKE_STEP3A_release(&s3a);
}
@@ -2615,7 +2615,7 @@ static void jpake_send_step3b(BIO *bconn, JPAKE_CTX *ctx)
JPAKE_STEP3B_init(&s3b);
JPAKE_STEP3B_generate(&s3b, ctx);
- BIO_write(bconn, s3b.hk, sizeof s3b.hk);
+ BIO_write(bconn, s3b.hk, sizeof(s3b.hk));
(void)BIO_flush(bconn);
JPAKE_STEP3B_release(&s3b);
}
@@ -2625,7 +2625,7 @@ static void readbn(BIGNUM **bn, BIO *bconn)
char buf[10240];
int l;
- l = BIO_gets(bconn, buf, sizeof buf);
+ l = BIO_gets(bconn, buf, sizeof(buf));
assert(l > 0);
assert(buf[l - 1] == '\n');
buf[l - 1] = '\0';
@@ -2672,8 +2672,8 @@ static void jpake_receive_step3a(JPAKE_CTX *ctx, BIO *bconn)
int l;
JPAKE_STEP3A_init(&s3a);
- l = BIO_read(bconn, s3a.hhk, sizeof s3a.hhk);
- assert(l == sizeof s3a.hhk);
+ l = BIO_read(bconn, s3a.hhk, sizeof(s3a.hhk));
+ assert(l == sizeof(s3a.hhk));
if (!JPAKE_STEP3A_process(ctx, &s3a)) {
ERR_print_errors(bio_err);
exit(1);
@@ -2687,8 +2687,8 @@ static void jpake_receive_step3b(JPAKE_CTX *ctx, BIO *bconn)
int l;
JPAKE_STEP3B_init(&s3b);
- l = BIO_read(bconn, s3b.hk, sizeof s3b.hk);
- assert(l == sizeof s3b.hk);
+ l = BIO_read(bconn, s3b.hk, sizeof(s3b.hk));
+ assert(l == sizeof(s3b.hk));
if (!JPAKE_STEP3B_process(ctx, &s3b)) {
ERR_print_errors(bio_err);
exit(1);
diff --git a/apps/ca.c b/apps/ca.c
index 9a839969a204..4f9de5492148 100644
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -1628,8 +1628,7 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509,
CONF *lconf, unsigned long certopt, unsigned long nameopt,
int default_op, int ext_copy, int selfsign)
{
- X509_NAME *name = NULL, *CAname = NULL, *subject = NULL, *dn_subject =
- NULL;
+ X509_NAME *name = NULL, *CAname = NULL, *subject = NULL;
ASN1_UTCTIME *tm, *tmptm;
ASN1_STRING *str, *str2;
ASN1_OBJECT *obj;
@@ -1817,8 +1816,6 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509,
if (push != NULL) {
if (!X509_NAME_add_entry(subject, push, -1, 0)) {
- if (push != NULL)
- X509_NAME_ENTRY_free(push);
BIO_printf(bio_err, "Memory allocation failure\n");
goto err;
}
@@ -1836,104 +1833,6 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509,
goto err;
}
- if (verbose)
- BIO_printf(bio_err,
- "The subject name appears to be ok, checking data base for clashes\n");
-
- /* Build the correct Subject if no e-mail is wanted in the subject */
- /*
- * and add it later on because of the method extensions are added
- * (altName)
- */
-
- if (email_dn)
- dn_subject = subject;
- else {
- X509_NAME_ENTRY *tmpne;
- /*
- * Its best to dup the subject DN and then delete any email addresses
- * because this retains its structure.
- */
- if (!(dn_subject = X509_NAME_dup(subject))) {
- BIO_printf(bio_err, "Memory allocation failure\n");
- goto err;
- }
- while ((i = X509_NAME_get_index_by_NID(dn_subject,
- NID_pkcs9_emailAddress,
- -1)) >= 0) {
- tmpne = X509_NAME_get_entry(dn_subject, i);
- X509_NAME_delete_entry(dn_subject, i);
- X509_NAME_ENTRY_free(tmpne);
- }
- }
-
- if (BN_is_zero(serial))
- row[DB_serial] = BUF_strdup("00");
- else
- row[DB_serial] = BN_bn2hex(serial);
- if (row[DB_serial] == NULL) {
- BIO_printf(bio_err, "Memory allocation failure\n");
- goto err;
- }
-
- if (db->attributes.unique_subject) {
- OPENSSL_STRING *crow = row;
-
- rrow = TXT_DB_get_by_index(db->db, DB_name, crow);
- if (rrow != NULL) {
- BIO_printf(bio_err,
- "ERROR:There is already a certificate for %s\n",
- row[DB_name]);
- }
- }
- if (rrow == NULL) {
- rrow = TXT_DB_get_by_index(db->db, DB_serial, row);
- if (rrow != NULL) {
- BIO_printf(bio_err,
- "ERROR:Serial number %s has already been issued,\n",
- row[DB_serial]);
- BIO_printf(bio_err,
- " check the database/serial_file for corruption\n");
- }
- }
-
- if (rrow != NULL) {
- BIO_printf(bio_err, "The matching entry has the following details\n");
- if (rrow[DB_type][0] == 'E')
- p = "Expired";
- else if (rrow[DB_type][0] == 'R')
- p = "Revoked";
- else if (rrow[DB_type][0] == 'V')
- p = "Valid";
- else
- p = "\ninvalid type, Data base error\n";
- BIO_printf(bio_err, "Type :%s\n", p);;
- if (rrow[DB_type][0] == 'R') {
- p = rrow[DB_exp_date];
- if (p == NULL)
- p = "undef";
- BIO_printf(bio_err, "Was revoked on:%s\n", p);
- }
- p = rrow[DB_exp_date];
- if (p == NULL)
- p = "undef";
- BIO_printf(bio_err, "Expires on :%s\n", p);
- p = rrow[DB_serial];
- if (p == NULL)
- p = "undef";
- BIO_printf(bio_err, "Serial Number :%s\n", p);
- p = rrow[DB_file];
- if (p == NULL)
- p = "undef";
- BIO_printf(bio_err, "File name :%s\n", p);
- p = rrow[DB_name];
- if (p == NULL)
- p = "undef";
- BIO_printf(bio_err, "Subject Name :%s\n", p);
- ok = -1; /* This is now a 'bad' error. */
- goto err;
- }
-
/* We are now totally happy, lets make and sign the certificate */
if (verbose)
BIO_printf(bio_err,
@@ -2056,10 +1955,124 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509,
goto err;
}
- /* Set the right value for the noemailDN option */
- if (email_dn == 0) {
- if (!X509_set_subject_name(ret, dn_subject))
+ if (verbose)
+ BIO_printf(bio_err,
+ "The subject name appears to be ok, checking data base for clashes\n");
+
+ /* Build the correct Subject if no e-mail is wanted in the subject */
+
+ if (!email_dn) {
+ X509_NAME_ENTRY *tmpne;
+ X509_NAME *dn_subject;
+
+ /*
+ * Its best to dup the subject DN and then delete any email addresses
+ * because this retains its structure.
+ */
+ if (!(dn_subject = X509_NAME_dup(subject))) {
+ BIO_printf(bio_err, "Memory allocation failure\n");
+ goto err;
+ }
+ while ((i = X509_NAME_get_index_by_NID(dn_subject,
+ NID_pkcs9_emailAddress,
+ -1)) >= 0) {
+ tmpne = X509_NAME_get_entry(dn_subject, i);
+ X509_NAME_delete_entry(dn_subject, i);
+ X509_NAME_ENTRY_free(tmpne);
+ }
+
+ if (!X509_set_subject_name(ret, dn_subject)) {
+ X509_NAME_free(dn_subject);
+ goto err;
+ }
+ X509_NAME_free(dn_subject);
+ }
+
+ row[DB_name] = X509_NAME_oneline(X509_get_subject_name(ret), NULL, 0);
+ if (row[DB_name] == NULL) {
+ BIO_printf(bio_err, "Memory allocation failure\n");
+ goto err;
+ }
+
+ if (BN_is_zero(serial))
+ row[DB_serial] = BUF_strdup("00");
+ else
+ row[DB_serial] = BN_bn2hex(serial);
+ if (row[DB_serial] == NULL) {
+ BIO_printf(bio_err, "Memory allocation failure\n");
+ goto err;
+ }
+
+ if (row[DB_name][0] == '\0') {
+ /*
+ * An empty subject! We'll use the serial number instead. If
+ * unique_subject is in use then we don't want different entries with
+ * empty subjects matching each other.
+ */
+ OPENSSL_free(row[DB_name]);
+ row[DB_name] = OPENSSL_strdup(row[DB_serial]);
+ if (row[DB_name] == NULL) {
+ BIO_printf(bio_err, "Memory allocation failure\n");
goto err;
+ }
+ }
+
+ if (db->attributes.unique_subject) {
+ OPENSSL_STRING *crow = row;
+
+ rrow = TXT_DB_get_by_index(db->db, DB_name, crow);
+ if (rrow != NULL) {
+ BIO_printf(bio_err,
+ "ERROR:There is already a certificate for %s\n",
+ row[DB_name]);
+ }
+ }
+ if (rrow == NULL) {
+ rrow = TXT_DB_get_by_index(db->db, DB_serial, row);
+ if (rrow != NULL) {
+ BIO_printf(bio_err,
+ "ERROR:Serial number %s has already been issued,\n",
+ row[DB_serial]);
+ BIO_printf(bio_err,
+ " check the database/serial_file for corruption\n");
+ }
+ }
+
+ if (rrow != NULL) {
+ BIO_printf(bio_err, "The matching entry has the following details\n");
+ if (rrow[DB_type][0] == 'E')
+ p = "Expired";
+ else if (rrow[DB_type][0] == 'R')
+ p = "Revoked";
+ else if (rrow[DB_type][0] == 'V')
+ p = "Valid";
+ else
+ p = "\ninvalid type, Data base error\n";
+ BIO_printf(bio_err, "Type :%s\n", p);;
+ if (rrow[DB_type][0] == 'R') {
+ p = rrow[DB_exp_date];
+ if (p == NULL)
+ p = "undef";
+ BIO_printf(bio_err, "Was revoked on:%s\n", p);
+ }
+ p = rrow[DB_exp_date];
+ if (p == NULL)
+ p = "undef";
+ BIO_printf(bio_err, "Expires on :%s\n", p);
+ p = rrow[DB_serial];
+ if (p == NULL)
+ p = "undef";
+ BIO_printf(bio_err, "Serial Number :%s\n", p);
+ p = rrow[DB_file];
+ if (p == NULL)
+ p = "undef";
+ BIO_printf(bio_err, "File name :%s\n", p);
+ p = rrow[DB_name];
+ if (p == NULL)
+ p = "undef";
+ BIO_printf(bio_err, "Subject Name :%s\n", p);
+ ok = -1; /* This is now a 'bad' error. */
+ goto err;
}
if (!default_op) {
@@ -2110,10 +2123,9 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509,
row[DB_exp_date] = OPENSSL_malloc(tm->length + 1);
row[DB_rev_date] = OPENSSL_malloc(1);
row[DB_file] = OPENSSL_malloc(8);
- row[DB_name] = X509_NAME_oneline(X509_get_subject_name(ret), NULL, 0);
if ((row[DB_type] == NULL) || (row[DB_exp_date] == NULL) ||
(row[DB_rev_date] == NULL) ||
- (row[DB_file] == NULL) || (row[DB_name] == NULL)) {
+ (row[DB_file] == NULL)) {
BIO_printf(bio_err, "Memory allocation failure\n");
goto err;
}
@@ -2143,18 +2155,16 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509,
irow = NULL;
ok = 1;
err:
- if (irow != NULL) {
+ if (ok != 1) {
for (i = 0; i < DB_NUMBER; i++)
OPENSSL_free(row[i]);
- OPENSSL_free(irow);
}
+ OPENSSL_free(irow);
if (CAname != NULL)
X509_NAME_free(CAname);
if (subject != NULL)
X509_NAME_free(subject);
- if ((dn_subject != NULL) && !email_dn)
- X509_NAME_free(dn_subject);
if (tmptm != NULL)
ASN1_UTCTIME_free(tmptm);
if (ok <= 0) {
@@ -2357,6 +2367,11 @@ static int do_revoke(X509 *x509, CA_DB *db, int type, char *value)
else
row[DB_serial] = BN_bn2hex(bn);
BN_free(bn);
+ if (row[DB_name] != NULL && row[DB_name][0] == '\0') {
+ /* Entries with empty Subjects actually use the serial number instead */
+ OPENSSL_free(row[DB_name]);
+ row[DB_name] = OPENSSL_strdup(row[DB_serial]);
+ }
if ((row[DB_name] == NULL) || (row[DB_serial] == NULL)) {
BIO_printf(bio_err, "Memory allocation failure\n");
goto err;
diff --git a/apps/ciphers.c b/apps/ciphers.c
index 66636d2dfd18..4856141f6f2b 100644
--- a/apps/ciphers.c
+++ b/apps/ciphers.c
@@ -217,7 +217,7 @@ int MAIN(int argc, char **argv)
BIO_printf(STDout, "%s - ", nm);
}
#endif
- BIO_puts(STDout, SSL_CIPHER_description(c, buf, sizeof buf));
+ BIO_puts(STDout, SSL_CIPHER_description(c, buf, sizeof(buf)));
}
}
diff --git a/apps/cms.c b/apps/cms.c
index f9a63bc0d096..de4ba136e8fa 100644
--- a/apps/cms.c
+++ b/apps/cms.c
@@ -4,7 +4,7 @@
* project.
*/
/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 2008-2018 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -977,12 +977,16 @@ int MAIN(int argc, char **argv)
signer = load_cert(bio_err, signerfile, FORMAT_PEM, NULL,
e, "signer certificate");
- if (!signer)
+ if (!signer) {
+ ret = 2;
goto end;
+ }
key = load_key(bio_err, keyfile, keyform, 0, passin, e,
"signing key file");
- if (!key)
+ if (!key) {
+ ret = 2;
goto end;
+ }
for (kparam = key_first; kparam; kparam = kparam->next) {
if (kparam->idx == i) {
tflags |= CMS_KEY_PARAM;
diff --git a/apps/dgst.c b/apps/dgst.c
index bc2601e452ef..686fe344fbf5 100644
--- a/apps/dgst.c
+++ b/apps/dgst.c
@@ -145,7 +145,7 @@ int MAIN(int argc, char **argv)
goto end;
/* first check the program name */
- program_name(argv[0], pname, sizeof pname);
+ program_name(argv[0], pname, sizeof(pname));
md = EVP_get_digestbyname(pname);
diff --git a/apps/dsaparam.c b/apps/dsaparam.c
index f2cf553db3ff..3a4a123846c4 100644
--- a/apps/dsaparam.c
+++ b/apps/dsaparam.c
@@ -382,6 +382,9 @@ int MAIN(int argc, char **argv)
printf("\treturn(dsa);\n\t}\n");
}
+ if (outformat == FORMAT_ASN1 && genkey)
+ noout = 1;
+
if (!noout) {
if (outformat == FORMAT_ASN1)
i = i2d_DSAparams_bio(out, dsa);
diff --git a/apps/ecparam.c b/apps/ecparam.c
index a9bf489cdd4c..8d5b7044489c 100644
--- a/apps/ecparam.c
+++ b/apps/ecparam.c
@@ -3,7 +3,7 @@
* Written by Nils Larsch for the OpenSSL project.
*/
/* ====================================================================
- * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1998-2018 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -546,6 +546,9 @@ int MAIN(int argc, char **argv)
BIO_printf(out, "\treturn(group);\n\t}\n");
}
+ if (outformat == FORMAT_ASN1 && genkey)
+ noout = 1;
+
if (!noout) {
if (outformat == FORMAT_ASN1)
i = i2d_ECPKParameters_bio(out, group);
@@ -582,6 +585,9 @@ int MAIN(int argc, char **argv)
if (EC_KEY_set_group(eckey, group) == 0)
goto end;
+ if (new_form)
+ EC_KEY_set_conv_form(eckey, form);
+
if (!EC_KEY_generate_key(eckey)) {
EC_KEY_free(eckey);
goto end;
diff --git a/apps/enc.c b/apps/enc.c
index 66145b3be770..3b7e1eea3d83 100644
--- a/apps/enc.c
+++ b/apps/enc.c
@@ -114,7 +114,7 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
static const char magic[] = "Salted__";
- char mbuf[sizeof magic - 1];
+ char mbuf[sizeof(magic) - 1];
char *strbuf = NULL;
unsigned char *buff = NULL, *bufsize = NULL;
int bsize = BSIZE, verbose = 0;
@@ -154,7 +154,7 @@ int MAIN(int argc, char **argv)
goto end;
/* first check the program name */
- program_name(argv[0], pname, sizeof pname);
+ program_name(argv[0], pname, sizeof(pname));
if (strcmp(pname, "base64") == 0)
base64 = 1;
#ifdef ZLIB
@@ -247,7 +247,7 @@ int MAIN(int argc, char **argv)
goto bad;
}
buf[0] = '\0';
- if (!fgets(buf, sizeof buf, infile)) {
+ if (!fgets(buf, sizeof(buf), infile)) {
BIO_printf(bio_err, "unable to read key from '%s'\n", file);
goto bad;
}
@@ -432,7 +432,7 @@ int MAIN(int argc, char **argv)
for (;;) {
char buf[200];
- BIO_snprintf(buf, sizeof buf, "enter %s %s password:",
+ BIO_snprintf(buf, sizeof(buf), "enter %s %s password:",
OBJ_nid2ln(EVP_CIPHER_nid(cipher)),
(enc) ? "encryption" : "decryption");
strbuf[0] = '\0';
@@ -517,31 +517,31 @@ int MAIN(int argc, char **argv)
else {
if (enc) {
if (hsalt) {
- if (!set_hex(hsalt, salt, sizeof salt)) {
+ if (!set_hex(hsalt, salt, sizeof(salt))) {
BIO_printf(bio_err, "invalid hex salt value\n");
goto end;
}
- } else if (RAND_bytes(salt, sizeof salt) <= 0)
+ } else if (RAND_bytes(salt, sizeof(salt)) <= 0)
goto end;
/*
* If -P option then don't bother writing
*/
if ((printkey != 2)
&& (BIO_write(wbio, magic,
- sizeof magic - 1) != sizeof magic - 1
+ sizeof(magic) - 1) != sizeof(magic) - 1
|| BIO_write(wbio,
(char *)salt,
- sizeof salt) != sizeof salt)) {
+ sizeof(salt)) != sizeof(salt))) {
BIO_printf(bio_err, "error writing output file\n");
goto end;
}
- } else if (BIO_read(rbio, mbuf, sizeof mbuf) != sizeof mbuf
+ } else if (BIO_read(rbio, mbuf, sizeof(mbuf)) != sizeof(mbuf)
|| BIO_read(rbio,
(unsigned char *)salt,
- sizeof salt) != sizeof salt) {
+ sizeof(salt)) != sizeof(salt)) {
BIO_printf(bio_err, "error reading input file\n");
goto end;
- } else if (memcmp(mbuf, magic, sizeof magic - 1)) {
+ } else if (memcmp(mbuf, magic, sizeof(magic) - 1)) {
BIO_printf(bio_err, "bad magic number\n");
goto end;
}
@@ -564,7 +564,7 @@ int MAIN(int argc, char **argv)
int siz = EVP_CIPHER_iv_length(cipher);
if (siz == 0) {
BIO_printf(bio_err, "warning: iv not use by this cipher\n");
- } else if (!set_hex(hiv, iv, sizeof iv)) {
+ } else if (!set_hex(hiv, iv, sizeof(iv))) {
BIO_printf(bio_err, "invalid hex iv value\n");
goto end;
}
diff --git a/apps/errstr.c b/apps/errstr.c
index c2d4fdec35ad..c3fef610fc2d 100644
--- a/apps/errstr.c
+++ b/apps/errstr.c
@@ -108,7 +108,7 @@ int MAIN(int argc, char **argv)
for (i = 1; i < argc; i++) {
if (sscanf(argv[i], "%lx", &l)) {
- ERR_error_string_n(l, buf, sizeof buf);
+ ERR_error_string_n(l, buf, sizeof(buf));
printf("%s\n", buf);
} else {
printf("%s: bad error code\n", argv[i]);
diff --git a/apps/ocsp.c b/apps/ocsp.c
index 5da51df5148c..654eebcbfc15 100644
--- a/apps/ocsp.c
+++ b/apps/ocsp.c
@@ -1195,7 +1195,7 @@ static int do_responder(OCSP_REQUEST **preq, BIO **pcbio, BIO *acbio,
*pcbio = cbio;
for (;;) {
- len = BIO_gets(cbio, inbuf, sizeof inbuf);
+ len = BIO_gets(cbio, inbuf, sizeof(inbuf));
if (len <= 0)
return 1;
/* Look for "POST" signalling start of query */
diff --git a/apps/openssl.c b/apps/openssl.c
index 687314522319..c3da5d6cd0e9 100644
--- a/apps/openssl.c
+++ b/apps/openssl.c
@@ -351,7 +351,7 @@ int main(int Argc, char *ARGV[])
prog = prog_init();
/* first check the program name */
- program_name(Argv[0], pname, sizeof pname);
+ program_name(Argv[0], pname, sizeof(pname));
f.name = pname;
fp = lh_FUNCTION_retrieve(prog, &f);
@@ -379,7 +379,7 @@ int main(int Argc, char *ARGV[])
for (;;) {
ret = 0;
p = buf;
- n = sizeof buf;
+ n = sizeof(buf);
i = 0;
for (;;) {
p[0] = '\0';
@@ -685,7 +685,7 @@ static LHASH_OF(FUNCTION) *prog_init(void)
/* Purely so it looks nice when the user hits ? */
for (i = 0, f = functions; f->name != NULL; ++f, ++i) ;
- qsort(functions, i, sizeof *functions, SortFnByName);
+ qsort(functions, i, sizeof(*functions), SortFnByName);
if ((ret = lh_FUNCTION_new()) == NULL)
return (NULL);
diff --git a/apps/passwd.c b/apps/passwd.c
index 798a6d593616..56e10ad3d8f1 100644
--- a/apps/passwd.c
+++ b/apps/passwd.c
@@ -252,7 +252,7 @@ int MAIN(int argc, char **argv)
/* ignore rest of line */
char trash[BUFSIZ];
do
- r = BIO_gets(in, trash, sizeof trash);
+ r = BIO_gets(in, trash, sizeof(trash));
while ((r > 0) && (!strchr(trash, '\n')));
}
@@ -329,8 +329,8 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt)
EVP_DigestUpdate(&md2, passwd, passwd_len);
EVP_DigestFinal_ex(&md2, buf, NULL);
- for (i = passwd_len; i > sizeof buf; i -= sizeof buf)
- EVP_DigestUpdate(&md, buf, sizeof buf);
+ for (i = passwd_len; i > sizeof(buf); i -= sizeof(buf))
+ EVP_DigestUpdate(&md, buf, sizeof(buf));
EVP_DigestUpdate(&md, buf, i);
n = passwd_len;
@@ -343,13 +343,13 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt)
for (i = 0; i < 1000; i++) {
EVP_DigestInit_ex(&md2, EVP_md5(), NULL);
EVP_DigestUpdate(&md2, (i & 1) ? (unsigned const char *)passwd : buf,
- (i & 1) ? passwd_len : sizeof buf);
+ (i & 1) ? passwd_len : sizeof(buf));
if (i % 3)
EVP_DigestUpdate(&md2, salt_out, salt_len);
if (i % 7)
EVP_DigestUpdate(&md2, passwd, passwd_len);
EVP_DigestUpdate(&md2, (i & 1) ? buf : (unsigned const char *)passwd,
- (i & 1) ? sizeof buf : passwd_len);
+ (i & 1) ? sizeof(buf) : passwd_len);
EVP_DigestFinal_ex(&md2, buf, NULL);
}
EVP_MD_CTX_cleanup(&md2);
@@ -357,7 +357,7 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt)
{
/* transform buf into output string */
- unsigned char buf_perm[sizeof buf];
+ unsigned char buf_perm[sizeof(buf)];
int dest, source;
char *output;
@@ -369,7 +369,7 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt)
buf_perm[15] = buf[11];
# ifndef PEDANTIC /* Unfortunately, this generates a "no
* effect" warning */
- assert(16 == sizeof buf_perm);
+ assert(16 == sizeof(buf_perm));
# endif
output = salt_out + salt_len;
diff --git a/apps/pkcs12.c b/apps/pkcs12.c
index d0bd97af0eee..0ba4c9a8076a 100644
--- a/apps/pkcs12.c
+++ b/apps/pkcs12.c
@@ -481,7 +481,7 @@ int MAIN(int argc, char **argv)
CRYPTO_push_info("read MAC password");
# endif
if (EVP_read_pw_string
- (macpass, sizeof macpass, "Enter MAC Password:", export_cert)) {
+ (macpass, sizeof(macpass), "Enter MAC Password:", export_cert)) {
BIO_printf(bio_err, "Can't read Password\n");
goto end;
}
@@ -629,13 +629,13 @@ int MAIN(int argc, char **argv)
# endif
if (!noprompt &&
- EVP_read_pw_string(pass, sizeof pass, "Enter Export Password:",
+ EVP_read_pw_string(pass, sizeof(pass), "Enter Export Password:",
1)) {
BIO_printf(bio_err, "Can't read Password\n");
goto export_end;
}
if (!twopass)
- BUF_strlcpy(macpass, pass, sizeof macpass);
+ BUF_strlcpy(macpass, pass, sizeof(macpass));
# ifdef CRYPTO_MDEBUG
CRYPTO_pop_info();
@@ -698,7 +698,7 @@ int MAIN(int argc, char **argv)
CRYPTO_push_info("read import password");
# endif
if (!noprompt
- && EVP_read_pw_string(pass, sizeof pass, "Enter Import Password:",
+ && EVP_read_pw_string(pass, sizeof(pass), "Enter Import Password:",
0)) {
BIO_printf(bio_err, "Can't read Password\n");
goto end;
@@ -708,7 +708,7 @@ int MAIN(int argc, char **argv)
# endif
if (!twopass)
- BUF_strlcpy(macpass, pass, sizeof macpass);
+ BUF_strlcpy(macpass, pass, sizeof(macpass));
if ((options & INFO) && p12->mac)
BIO_printf(bio_err, "MAC Iteration %ld\n",
diff --git a/apps/pkcs8.c b/apps/pkcs8.c
index 71e31689df08..d7f0720ca128 100644
--- a/apps/pkcs8.c
+++ b/apps/pkcs8.c
@@ -277,7 +277,7 @@ int MAIN(int argc, char **argv)
else {
p8pass = pass;
if (EVP_read_pw_string
- (pass, sizeof pass, "Enter Encryption Password:", 1))
+ (pass, sizeof(pass), "Enter Encryption Password:", 1))
goto end;
}
app_RAND_load_file(NULL, bio_err, 0);
@@ -331,7 +331,7 @@ int MAIN(int argc, char **argv)
p8pass = passin;
else {
p8pass = pass;
- EVP_read_pw_string(pass, sizeof pass, "Enter Password:", 0);
+ EVP_read_pw_string(pass, sizeof(pass), "Enter Password:", 0);
}
p8inf = PKCS8_decrypt(p8, p8pass, strlen(p8pass));
}
diff --git a/apps/rand.c b/apps/rand.c
index 96dcb7273a4d..eddb8af8d70a 100644
--- a/apps/rand.c
+++ b/apps/rand.c
@@ -198,7 +198,7 @@ int MAIN(int argc, char **argv)
chunk = num;
if (chunk > (int)sizeof(buf))
- chunk = sizeof buf;
+ chunk = sizeof(buf);
r = RAND_bytes(buf, chunk);
if (r <= 0)
goto err;
diff --git a/apps/req.c b/apps/req.c
index ede1d32cae62..7fcab18cd1c9 100644
--- a/apps/req.c
+++ b/apps/req.c
@@ -1193,7 +1193,7 @@ static int prompt_info(X509_REQ *req,
/* If OBJ not recognised ignore it */
if ((nid = OBJ_txt2nid(type)) == NID_undef)
goto start;
- if (BIO_snprintf(buf, sizeof buf, "%s_default", v->name)
+ if (BIO_snprintf(buf, sizeof(buf), "%s_default", v->name)
>= (int)sizeof(buf)) {
BIO_printf(bio_err, "Name '%s' too long\n", v->name);
return 0;
@@ -1204,19 +1204,19 @@ static int prompt_info(X509_REQ *req,
def = "";
}
- BIO_snprintf(buf, sizeof buf, "%s_value", v->name);
+ BIO_snprintf(buf, sizeof(buf), "%s_value", v->name);
if ((value = NCONF_get_string(req_conf, dn_sect, buf)) == NULL) {
ERR_clear_error();
value = NULL;
}
- BIO_snprintf(buf, sizeof buf, "%s_min", v->name);
+ BIO_snprintf(buf, sizeof(buf), "%s_min", v->name);
if (!NCONF_get_number(req_conf, dn_sect, buf, &n_min)) {
ERR_clear_error();
n_min = -1;
}
- BIO_snprintf(buf, sizeof buf, "%s_max", v->name);
+ BIO_snprintf(buf, sizeof(buf), "%s_max", v->name);
if (!NCONF_get_number(req_conf, dn_sect, buf, &n_max)) {
ERR_clear_error();
n_max = -1;
@@ -1252,7 +1252,7 @@ static int prompt_info(X509_REQ *req,
if ((nid = OBJ_txt2nid(type)) == NID_undef)
goto start2;
- if (BIO_snprintf(buf, sizeof buf, "%s_default", type)
+ if (BIO_snprintf(buf, sizeof(buf), "%s_default", type)
>= (int)sizeof(buf)) {
BIO_printf(bio_err, "Name '%s' too long\n", v->name);
return 0;
@@ -1264,20 +1264,20 @@ static int prompt_info(X509_REQ *req,
def = "";
}
- BIO_snprintf(buf, sizeof buf, "%s_value", type);
+ BIO_snprintf(buf, sizeof(buf), "%s_value", type);
if ((value = NCONF_get_string(req_conf, attr_sect, buf))
== NULL) {
ERR_clear_error();
value = NULL;
}
- BIO_snprintf(buf, sizeof buf, "%s_min", type);
+ BIO_snprintf(buf, sizeof(buf), "%s_min", type);
if (!NCONF_get_number(req_conf, attr_sect, buf, &n_min)) {
ERR_clear_error();
n_min = -1;
}
- BIO_snprintf(buf, sizeof buf, "%s_max", type);
+ BIO_snprintf(buf, sizeof(buf), "%s_max", type);
if (!NCONF_get_number(req_conf, attr_sect, buf, &n_max)) {
ERR_clear_error();
n_max = -1;
@@ -1372,13 +1372,13 @@ static int add_DN_object(X509_NAME *n, char *text, const char *def,
BIO_printf(bio_err, "%s [%s]:", text, def);
(void)BIO_flush(bio_err);
if (value != NULL) {
- BUF_strlcpy(buf, value, sizeof buf);
- BUF_strlcat(buf, "\n", sizeof buf);
+ BUF_strlcpy(buf, value, sizeof(buf));
+ BUF_strlcat(buf, "\n", sizeof(buf));
BIO_printf(bio_err, "%s\n", value);
} else {
buf[0] = '\0';
if (!batch) {
- if (!fgets(buf, sizeof buf, stdin))
+ if (!fgets(buf, sizeof(buf), stdin))
return 0;
} else {
buf[0] = '\n';
@@ -1391,8 +1391,8 @@ static int add_DN_object(X509_NAME *n, char *text, const char *def,
else if (buf[0] == '\n') {
if ((def == NULL) || (def[0] == '\0'))
return (1);
- BUF_strlcpy(buf, def, sizeof buf);
- BUF_strlcat(buf, "\n", sizeof buf);
+ BUF_strlcpy(buf, def, sizeof(buf));
+ BUF_strlcat(buf, "\n", sizeof(buf));
} else if ((buf[0] == '.') && (buf[1] == '\n'))
return (1);
@@ -1431,13 +1431,13 @@ static int add_attribute_object(X509_REQ *req, char *text, const char *def,
BIO_printf(bio_err, "%s [%s]:", text, def);
(void)BIO_flush(bio_err);
if (value != NULL) {
- BUF_strlcpy(buf, value, sizeof buf);
- BUF_strlcat(buf, "\n", sizeof buf);
+ BUF_strlcpy(buf, value, sizeof(buf));
+ BUF_strlcat(buf, "\n", sizeof(buf));
BIO_printf(bio_err, "%s\n", value);
} else {
buf[0] = '\0';
if (!batch) {
- if (!fgets(buf, sizeof buf, stdin))
+ if (!fgets(buf, sizeof(buf), stdin))
return 0;
} else {
buf[0] = '\n';
@@ -1450,8 +1450,8 @@ static int add_attribute_object(X509_REQ *req, char *text, const char *def,
else if (buf[0] == '\n') {
if ((def == NULL) || (def[0] == '\0'))
return (1);
- BUF_strlcpy(buf, def, sizeof buf);
- BUF_strlcat(buf, "\n", sizeof buf);
+ BUF_strlcpy(buf, def, sizeof(buf));
+ BUF_strlcat(buf, "\n", sizeof(buf));
} else if ((buf[0] == '.') && (buf[1] == '\n'))
return (1);
diff --git a/apps/s_client.c b/apps/s_client.c
index 2a0ead7beffb..c85566855fef 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -2166,10 +2166,10 @@ static void print_stuff(BIO *bio, SSL *s, int full)
BIO_printf(bio, "---\nCertificate chain\n");
for (i = 0; i < sk_X509_num(sk); i++) {
X509_NAME_oneline(X509_get_subject_name(sk_X509_value(sk, i)),
- buf, sizeof buf);
+ buf, sizeof(buf));
BIO_printf(bio, "%2d s:%s\n", i, buf);
X509_NAME_oneline(X509_get_issuer_name(sk_X509_value(sk, i)),
- buf, sizeof buf);
+ buf, sizeof(buf));
BIO_printf(bio, " i:%s\n", buf);
if (c_showcerts)
PEM_write_bio_X509(bio, sk_X509_value(sk, i));
@@ -2184,9 +2184,9 @@ static void print_stuff(BIO *bio, SSL *s, int full)
/* Redundant if we showed the whole chain */
if (!(c_showcerts && got_a_chain))
PEM_write_bio_X509(bio, peer);
- X509_NAME_oneline(X509_get_subject_name(peer), buf, sizeof buf);
+ X509_NAME_oneline(X509_get_subject_name(peer), buf, sizeof(buf));
BIO_printf(bio, "subject=%s\n", buf);
- X509_NAME_oneline(X509_get_issuer_name(peer), buf, sizeof buf);
+ X509_NAME_oneline(X509_get_issuer_name(peer), buf, sizeof(buf));
BIO_printf(bio, "issuer=%s\n", buf);
} else
BIO_printf(bio, "no peer certificate available\n");
@@ -2203,7 +2203,7 @@ static void print_stuff(BIO *bio, SSL *s, int full)
} else {
BIO_printf(bio, "---\nNo client certificate CA names sent\n");
}
- p = SSL_get_shared_ciphers(s, buf, sizeof buf);
+ p = SSL_get_shared_ciphers(s, buf, sizeof(buf));
if (p != NULL) {
/*
* This works only for SSL 2. In later protocol versions, the
diff --git a/apps/s_server.c b/apps/s_server.c
index 98ffc09314a3..83918fb6d39a 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -2008,7 +2008,7 @@ int MAIN(int argc, char *argv[])
SSL_CTX_set_verify(ctx, s_server_verify, verify_callback);
SSL_CTX_set_session_id_context(ctx, (void *)&s_server_session_id_context,
- sizeof s_server_session_id_context);
+ sizeof(s_server_session_id_context));
/* Set DTLS cookie generation and verification callbacks */
SSL_CTX_set_cookie_generate_cb(ctx, generate_cookie_callback);
@@ -2019,7 +2019,7 @@ int MAIN(int argc, char *argv[])
SSL_CTX_set_verify(ctx2, s_server_verify, verify_callback);
SSL_CTX_set_session_id_context(ctx2,
(void *)&s_server_session_id_context,
- sizeof s_server_session_id_context);
+ sizeof(s_server_session_id_context));
tlsextcbp.biodebug = bio_s_out;
SSL_CTX_set_tlsext_servername_callback(ctx2, ssl_servername_cb);
@@ -2666,14 +2666,14 @@ static int init_ssl_connection(SSL *con)
if (peer != NULL) {
BIO_printf(bio_s_out, "Client certificate\n");
PEM_write_bio_X509(bio_s_out, peer);
- X509_NAME_oneline(X509_get_subject_name(peer), buf, sizeof buf);
+ X509_NAME_oneline(X509_get_subject_name(peer), buf, sizeof(buf));
BIO_printf(bio_s_out, "subject=%s\n", buf);
- X509_NAME_oneline(X509_get_issuer_name(peer), buf, sizeof buf);
+ X509_NAME_oneline(X509_get_issuer_name(peer), buf, sizeof(buf));
BIO_printf(bio_s_out, "issuer=%s\n", buf);
X509_free(peer);
}
- if (SSL_get_shared_ciphers(con, buf, sizeof buf) != NULL)
+ if (SSL_get_shared_ciphers(con, buf, sizeof(buf)) != NULL)
BIO_printf(bio_s_out, "Shared ciphers:%s\n", buf);
str = SSL_CIPHER_get_name(SSL_get_current_cipher(con));
ssl_print_sigalgs(bio_s_out, con);
diff --git a/apps/s_socket.c b/apps/s_socket.c
index 77a7688f8d0c..83624ca84f15 100644
--- a/apps/s_socket.c
+++ b/apps/s_socket.c
@@ -235,7 +235,7 @@ int init_client(int *sock, char *host, int port, int type)
{
unsigned char ip[4];
- memset(ip, '\0', sizeof ip);
+ memset(ip, '\0', sizeof(ip));
if (!host_ip(host, &(ip[0])))
return 0;
return init_client_ip(sock, ip, port, type);
@@ -360,7 +360,7 @@ static int init_server_long(int *sock, int port, char *ip, int type)
# if defined SOL_SOCKET && defined SO_REUSEADDR
{
int j = 1;
- setsockopt(s, SOL_SOCKET, SO_REUSEADDR, (void *)&j, sizeof j);
+ setsockopt(s, SOL_SOCKET, SO_REUSEADDR, (void *)&j, sizeof(j));
}
# endif
if (bind(s, (struct sockaddr *)&server, sizeof(server)) == -1) {
@@ -595,7 +595,7 @@ static struct hostent *GetHostByName(char *name)
if (ret == NULL)
return (NULL);
/* else add to cache */
- if (strlen(name) < sizeof ghbn_cache[0].name) {
+ if (strlen(name) < sizeof(ghbn_cache[0].name)) {
strcpy(ghbn_cache[lowi].name, name);
memcpy((char *)&(ghbn_cache[lowi].ent), ret,
sizeof(struct hostent));
diff --git a/apps/s_time.c b/apps/s_time.c
index 38788f7130c7..0bb2f8cc2aa1 100644
--- a/apps/s_time.c
+++ b/apps/s_time.c
@@ -422,7 +422,7 @@ int MAIN(int argc, char **argv)
goto end;
if (s_www_path != NULL) {
- BIO_snprintf(buf, sizeof buf, "GET %s HTTP/1.0\r\n\r\n",
+ BIO_snprintf(buf, sizeof(buf), "GET %s HTTP/1.0\r\n\r\n",
s_www_path);
SSL_write(scon, buf, strlen(buf));
while ((i = SSL_read(scon, buf, sizeof(buf))) > 0)
@@ -481,7 +481,7 @@ int MAIN(int argc, char **argv)
}
if (s_www_path != NULL) {
- BIO_snprintf(buf, sizeof buf, "GET %s HTTP/1.0\r\n\r\n", s_www_path);
+ BIO_snprintf(buf, sizeof(buf), "GET %s HTTP/1.0\r\n\r\n", s_www_path);
SSL_write(scon, buf, strlen(buf));
while (SSL_read(scon, buf, sizeof(buf)) > 0) ;
}
@@ -517,7 +517,7 @@ int MAIN(int argc, char **argv)
goto end;
if (s_www_path) {
- BIO_snprintf(buf, sizeof buf, "GET %s HTTP/1.0\r\n\r\n",
+ BIO_snprintf(buf, sizeof(buf), "GET %s HTTP/1.0\r\n\r\n",
s_www_path);
SSL_write(scon, buf, strlen(buf));
while ((i = SSL_read(scon, buf, sizeof(buf))) > 0)
diff --git a/apps/speed.c b/apps/speed.c
index 5383678b9864..aaa982ee1f74 100644
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -2091,7 +2091,7 @@ int MAIN(int argc, char **argv)
RAND_pseudo_bytes(buf, 20);
# ifndef OPENSSL_NO_DSA
if (RAND_status() != 1) {
- RAND_seed(rnd_seed, sizeof rnd_seed);
+ RAND_seed(rnd_seed, sizeof(rnd_seed));
rnd_fake = 1;
}
for (j = 0; j < DSA_NUM; j++) {
@@ -2170,7 +2170,7 @@ int MAIN(int argc, char **argv)
# ifndef OPENSSL_NO_ECDSA
if (RAND_status() != 1) {
- RAND_seed(rnd_seed, sizeof rnd_seed);
+ RAND_seed(rnd_seed, sizeof(rnd_seed));
rnd_fake = 1;
}
for (j = 0; j < EC_NUM; j++) {
@@ -2265,7 +2265,7 @@ int MAIN(int argc, char **argv)
# ifndef OPENSSL_NO_ECDH
if (RAND_status() != 1) {
- RAND_seed(rnd_seed, sizeof rnd_seed);
+ RAND_seed(rnd_seed, sizeof(rnd_seed));
rnd_fake = 1;
}
for (j = 0; j < EC_NUM; j++) {
@@ -2588,7 +2588,7 @@ static char *sstrsep(char **string, const char *delim)
if (**string == 0)
return NULL;
- memset(isdelim, 0, sizeof isdelim);
+ memset(isdelim, 0, sizeof(isdelim));
isdelim[0] = 1;
while (*delim) {
@@ -2615,7 +2615,7 @@ static int do_multi(int multi)
int *fds;
static char sep[] = ":";
- fds = malloc(multi * sizeof *fds);
+ fds = malloc(multi * sizeof(*fds));
if (fds == NULL) {
fprintf(stderr, "Out of memory in speed (do_multi)\n");
exit(1);
@@ -2653,7 +2653,7 @@ static int do_multi(int multi)
char *p;
f = fdopen(fds[n], "r");
- while (fgets(buf, sizeof buf, f)) {
+ while (fgets(buf, sizeof(buf), f)) {
p = strchr(buf, '\n');
if (p)
*p = '\0';
diff --git a/apps/x509.c b/apps/x509.c
index ad9fc98edfb9..add74d556d68 100644
--- a/apps/x509.c
+++ b/apps/x509.c
@@ -817,10 +817,10 @@ int MAIN(int argc, char **argv)
char *m;
int y, z;
- X509_NAME_oneline(X509_get_subject_name(x), buf, sizeof buf);
+ X509_NAME_oneline(X509_get_subject_name(x), buf, sizeof(buf));
BIO_printf(STDout, "/* subject:%s */\n", buf);
m = X509_NAME_oneline(X509_get_issuer_name(x), buf,
- sizeof buf);
+ sizeof(buf));
BIO_printf(STDout, "/* issuer :%s */\n", buf);
z = i2d_X509(x, NULL);