summaryrefslogtreecommitdiff
path: root/main/openssl/apps
diff options
context:
space:
mode:
Diffstat (limited to 'main/openssl/apps')
-rw-r--r--main/openssl/apps/enc.c6
-rw-r--r--main/openssl/apps/ocsp.c22
-rw-r--r--main/openssl/apps/req.c15
-rw-r--r--main/openssl/apps/s_cb.c4
-rw-r--r--main/openssl/apps/s_socket.c5
-rw-r--r--main/openssl/apps/smime.c4
6 files changed, 45 insertions, 11 deletions
diff --git a/main/openssl/apps/enc.c b/main/openssl/apps/enc.c
index 719acc32..19ea3df9 100644
--- a/main/openssl/apps/enc.c
+++ b/main/openssl/apps/enc.c
@@ -331,6 +331,12 @@ bad:
setup_engine(bio_err, engine, 0);
#endif
+ if (cipher && EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER)
+ {
+ BIO_printf(bio_err, "AEAD ciphers not supported by the enc utility\n");
+ goto end;
+ }
+
if (md && (dgst=EVP_get_digestbyname(md)) == NULL)
{
BIO_printf(bio_err,"%s is an unsupported message digest type\n",md);
diff --git a/main/openssl/apps/ocsp.c b/main/openssl/apps/ocsp.c
index 83c5a767..767f12c6 100644
--- a/main/openssl/apps/ocsp.c
+++ b/main/openssl/apps/ocsp.c
@@ -127,6 +127,7 @@ int MAIN(int argc, char **argv)
ENGINE *e = NULL;
char **args;
char *host = NULL, *port = NULL, *path = "/";
+ char *thost = NULL, *tport = NULL, *tpath = NULL;
char *reqin = NULL, *respin = NULL;
char *reqout = NULL, *respout = NULL;
char *signfile = NULL, *keyfile = NULL;
@@ -204,6 +205,12 @@ int MAIN(int argc, char **argv)
}
else if (!strcmp(*args, "-url"))
{
+ if (thost)
+ OPENSSL_free(thost);
+ if (tport)
+ OPENSSL_free(tport);
+ if (tpath)
+ OPENSSL_free(tpath);
if (args[1])
{
args++;
@@ -212,6 +219,9 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err, "Error parsing URL\n");
badarg = 1;
}
+ thost = host;
+ tport = port;
+ tpath = path;
}
else badarg = 1;
}
@@ -920,12 +930,12 @@ end:
sk_X509_pop_free(verify_other, X509_free);
sk_CONF_VALUE_pop_free(headers, X509V3_conf_free);
- if (use_ssl != -1)
- {
- OPENSSL_free(host);
- OPENSSL_free(port);
- OPENSSL_free(path);
- }
+ if (thost)
+ OPENSSL_free(thost);
+ if (tport)
+ OPENSSL_free(tport);
+ if (tpath)
+ OPENSSL_free(tpath);
OPENSSL_EXIT(ret);
}
diff --git a/main/openssl/apps/req.c b/main/openssl/apps/req.c
index 5e034a85..d41385d7 100644
--- a/main/openssl/apps/req.c
+++ b/main/openssl/apps/req.c
@@ -1489,7 +1489,13 @@ start:
#ifdef CHARSET_EBCDIC
ebcdic2ascii(buf, buf, i);
#endif
- if(!req_check_len(i, n_min, n_max)) goto start;
+ if(!req_check_len(i, n_min, n_max))
+ {
+ if (batch || value)
+ return 0;
+ goto start;
+ }
+
if (!X509_NAME_add_entry_by_NID(n,nid, chtype,
(unsigned char *) buf, -1,-1,mval)) goto err;
ret=1;
@@ -1548,7 +1554,12 @@ start:
#ifdef CHARSET_EBCDIC
ebcdic2ascii(buf, buf, i);
#endif
- if(!req_check_len(i, n_min, n_max)) goto start;
+ if(!req_check_len(i, n_min, n_max))
+ {
+ if (batch || value)
+ return 0;
+ goto start;
+ }
if(!X509_REQ_add1_attr_by_NID(req, nid, chtype,
(unsigned char *)buf, -1)) {
diff --git a/main/openssl/apps/s_cb.c b/main/openssl/apps/s_cb.c
index 84c3b447..146a9607 100644
--- a/main/openssl/apps/s_cb.c
+++ b/main/openssl/apps/s_cb.c
@@ -747,6 +747,10 @@ void MS_CALLBACK tlsext_cb(SSL *s, int client_server, int type,
break;
#endif
+ case TLSEXT_TYPE_padding:
+ extname = "TLS padding";
+ break;
+
default:
extname = "unknown";
break;
diff --git a/main/openssl/apps/s_socket.c b/main/openssl/apps/s_socket.c
index 380efdb1..94eb40f3 100644
--- a/main/openssl/apps/s_socket.c
+++ b/main/openssl/apps/s_socket.c
@@ -274,7 +274,7 @@ static int init_client_ip(int *sock, unsigned char ip[4], int port, int type)
{
i=0;
i=setsockopt(s,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i));
- if (i < 0) { perror("keepalive"); return(0); }
+ if (i < 0) { closesocket(s); perror("keepalive"); return(0); }
}
#endif
@@ -450,6 +450,7 @@ redoit:
if ((*host=(char *)OPENSSL_malloc(strlen(h1->h_name)+1)) == NULL)
{
perror("OPENSSL_malloc");
+ closesocket(ret);
return(0);
}
BUF_strlcpy(*host,h1->h_name,strlen(h1->h_name)+1);
@@ -458,11 +459,13 @@ redoit:
if (h2 == NULL)
{
BIO_printf(bio_err,"gethostbyname failure\n");
+ closesocket(ret);
return(0);
}
if (h2->h_addrtype != AF_INET)
{
BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n");
+ closesocket(ret);
return(0);
}
}
diff --git a/main/openssl/apps/smime.c b/main/openssl/apps/smime.c
index c583f8a0..d1fe32d3 100644
--- a/main/openssl/apps/smime.c
+++ b/main/openssl/apps/smime.c
@@ -541,8 +541,8 @@ int MAIN(int argc, char **argv)
{
if (!cipher)
{
-#ifndef OPENSSL_NO_RC2
- cipher = EVP_rc2_40_cbc();
+#ifndef OPENSSL_NO_DES
+ cipher = EVP_des_ede3_cbc();
#else
BIO_printf(bio_err, "No cipher selected\n");
goto end;