Remove unused parameters from internal functions
Reviewed-by: Richard Levitte <levitte@openssl.org>
diff --git a/apps/apps.c b/apps/apps.c
index d4a4d23..34fd391 100644
--- a/apps/apps.c
+++ b/apps/apps.c
@@ -674,8 +674,7 @@
return rv;
}
-X509 *load_cert(const char *file, int format,
- const char *pass, ENGINE *e, const char *cert_descrip)
+X509 *load_cert(const char *file, int format, const char *cert_descrip)
{
X509 *x = NULL;
BIO *cert;
@@ -904,7 +903,7 @@
}
static int load_certs_crls(const char *file, int format,
- const char *pass, ENGINE *e, const char *desc,
+ const char *pass, const char *desc,
STACK_OF(X509) **pcerts,
STACK_OF(X509_CRL) **pcrls)
{
@@ -1002,18 +1001,18 @@
* Initialize or extend, if *certs != NULL, a certificate stack.
*/
int load_certs(const char *file, STACK_OF(X509) **certs, int format,
- const char *pass, ENGINE *e, const char *desc)
+ const char *pass, const char *desc)
{
- return load_certs_crls(file, format, pass, e, desc, certs, NULL);
+ return load_certs_crls(file, format, pass, desc, certs, NULL);
}
/*
* Initialize or extend, if *crls != NULL, a certificate stack.
*/
int load_crls(const char *file, STACK_OF(X509_CRL) **crls, int format,
- const char *pass, ENGINE *e, const char *desc)
+ const char *pass, const char *desc)
{
- return load_certs_crls(file, format, pass, e, desc, NULL, crls);
+ return load_certs_crls(file, format, pass, desc, NULL, crls);
}
#define X509V3_EXT_UNKNOWN_MASK (0xfL << 16)
@@ -1300,7 +1299,7 @@
#ifndef OPENSSL_NO_ENGINE
/* Try to load an engine in a shareable library */
-static ENGINE *try_load_engine(const char *engine, int debug)
+static ENGINE *try_load_engine(const char *engine)
{
ENGINE *e = ENGINE_by_id("dynamic");
if (e) {
@@ -1324,7 +1323,7 @@
return NULL;
}
if ((e = ENGINE_by_id(engine)) == NULL
- && (e = try_load_engine(engine, debug)) == NULL) {
+ && (e = try_load_engine(engine)) == NULL) {
BIO_printf(bio_err, "invalid engine \"%s\"\n", engine);
ERR_print_errors(bio_err);
return NULL;
diff --git a/apps/apps.h b/apps/apps.h
index 9e66056..617c1f7 100644
--- a/apps/apps.h
+++ b/apps/apps.h
@@ -475,8 +475,7 @@
int copy_extensions(X509 *x, X509_REQ *req, int copy_type);
int app_passwd(char *arg1, char *arg2, char **pass1, char **pass2);
int add_oid_section(CONF *conf);
-X509 *load_cert(const char *file, int format,
- const char *pass, ENGINE *e, const char *cert_descrip);
+X509 *load_cert(const char *file, int format, const char *cert_descrip);
X509_CRL *load_crl(const char *infile, int format);
int load_cert_crl_http(const char *url, X509 **pcert, X509_CRL **pcrl);
EVP_PKEY *load_key(const char *file, int format, int maybe_stdin,
@@ -484,9 +483,9 @@
EVP_PKEY *load_pubkey(const char *file, int format, int maybe_stdin,
const char *pass, ENGINE *e, const char *key_descrip);
int load_certs(const char *file, STACK_OF(X509) **certs, int format,
- const char *pass, ENGINE *e, const char *cert_descrip);
+ const char *pass, const char *cert_descrip);
int load_crls(const char *file, STACK_OF(X509_CRL) **crls, int format,
- const char *pass, ENGINE *e, const char *cert_descrip);
+ const char *pass, const char *cert_descrip);
X509_STORE *setup_verify(char *CAfile, char *CApath,
int noCAfile, int noCApath);
int ctx_set_verify_locations(SSL_CTX *ctx, const char *CAfile,
diff --git a/apps/ca.c b/apps/ca.c
index 716df02..4cd4aa1 100644
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -153,8 +153,7 @@
int multirdn, int email_dn, char *startdate,
char *enddate, long days, int batch, char *ext_sect,
CONF *conf, int verbose, unsigned long certopt,
- unsigned long nameopt, int default_op, int ext_copy,
- ENGINE *e);
+ unsigned long nameopt, int default_op, int ext_copy);
static int certify_spkac(X509 **xret, char *infile, EVP_PKEY *pkey,
X509 *x509, const EVP_MD *dgst,
STACK_OF(OPENSSL_STRING) *sigopts,
@@ -607,7 +606,7 @@
lookup_fail(section, ENV_CERTIFICATE);
goto end;
}
- x509 = load_cert(certfile, FORMAT_PEM, NULL, e, "CA certificate");
+ x509 = load_cert(certfile, FORMAT_PEM, "CA certificate");
if (x509 == NULL)
goto end;
@@ -964,7 +963,7 @@
db, serial, subj, chtype, multirdn, email_dn,
startdate, enddate, days, batch, extensions,
conf, verbose, certopt, nameopt, default_op,
- ext_copy, e);
+ ext_copy);
if (j < 0)
goto end;
if (j > 0) {
@@ -1265,7 +1264,7 @@
goto end;
} else {
X509 *revcert;
- revcert = load_cert(infile, FORMAT_PEM, NULL, e, infile);
+ revcert = load_cert(infile, FORMAT_PEM, infile);
if (revcert == NULL)
goto end;
if (dorevoke == 2)
@@ -1391,15 +1390,14 @@
int multirdn, int email_dn, char *startdate,
char *enddate, long days, int batch, char *ext_sect,
CONF *lconf, int verbose, unsigned long certopt,
- unsigned long nameopt, int default_op, int ext_copy,
- ENGINE *e)
+ unsigned long nameopt, int default_op, int ext_copy)
{
X509 *req = NULL;
X509_REQ *rreq = NULL;
EVP_PKEY *pktmp = NULL;
int ok = -1, i;
- if ((req = load_cert(infile, FORMAT_PEM, NULL, e, infile)) == NULL)
+ if ((req = load_cert(infile, FORMAT_PEM, infile)) == NULL)
goto end;
if (verbose)
X509_print(bio_err, req);
diff --git a/apps/cms.c b/apps/cms.c
index e732757..1f0e192 100644
--- a/apps/cms.c
+++ b/apps/cms.c
@@ -550,7 +550,7 @@
if (operation == SMIME_ENCRYPT) {
if (encerts == NULL && (encerts = sk_X509_new_null()) == NULL)
goto end;
- cert = load_cert(opt_arg(), FORMAT_PEM, NULL, e,
+ cert = load_cert(opt_arg(), FORMAT_PEM,
"recipient certificate file");
if (cert == NULL)
goto end;
@@ -725,7 +725,7 @@
if ((encerts = sk_X509_new_null()) == NULL)
goto end;
while (*argv) {
- if ((cert = load_cert(*argv, FORMAT_PEM, NULL, e,
+ if ((cert = load_cert(*argv, FORMAT_PEM,
"recipient certificate file")) == NULL)
goto end;
sk_X509_push(encerts, cert);
@@ -735,7 +735,7 @@
}
if (certfile) {
- if (!load_certs(certfile, &other, FORMAT_PEM, NULL, e,
+ if (!load_certs(certfile, &other, FORMAT_PEM, NULL,
"certificate file")) {
ERR_print_errors(bio_err);
goto end;
@@ -743,7 +743,7 @@
}
if (recipfile && (operation == SMIME_DECRYPT)) {
- if ((recip = load_cert(recipfile, FORMAT_PEM, NULL, e,
+ if ((recip = load_cert(recipfile, FORMAT_PEM,
"recipient certificate file")) == NULL) {
ERR_print_errors(bio_err);
goto end;
@@ -751,7 +751,7 @@
}
if (operation == SMIME_SIGN_RECEIPT) {
- if ((signer = load_cert(signerfile, FORMAT_PEM, NULL, e,
+ if ((signer = load_cert(signerfile, FORMAT_PEM,
"receipt signer certificate file")) == NULL) {
ERR_print_errors(bio_err);
goto end;
@@ -968,8 +968,7 @@
signerfile = sk_OPENSSL_STRING_value(sksigners, i);
keyfile = sk_OPENSSL_STRING_value(skkeys, i);
- signer = load_cert(signerfile, FORMAT_PEM, NULL,
- e, "signer certificate");
+ signer = load_cert(signerfile, FORMAT_PEM, "signer certificate");
if (!signer)
goto end;
key = load_key(keyfile, keyform, 0, passin, e, "signing key file");
diff --git a/apps/dgst.c b/apps/dgst.c
index cab8485..bebaaf5 100644
--- a/apps/dgst.c
+++ b/apps/dgst.c
@@ -73,7 +73,7 @@
int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
EVP_PKEY *key, unsigned char *sigin, int siglen,
const char *sig_name, const char *md_name,
- const char *file, BIO *bmd);
+ const char *file);
typedef enum OPTION_choice {
OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
@@ -403,7 +403,7 @@
if (argc == 0) {
BIO_set_fp(in, stdin, BIO_NOCLOSE);
ret = do_fp(out, buf, inp, separator, out_bin, sigkey, sigbuf,
- siglen, NULL, NULL, "stdin", bmd);
+ siglen, NULL, NULL, "stdin");
} else {
const char *md_name = NULL, *sig_name = NULL;
if (!out_bin) {
@@ -426,7 +426,7 @@
continue;
} else
r = do_fp(out, buf, inp, separator, out_bin, sigkey, sigbuf,
- siglen, sig_name, md_name, argv[i], bmd);
+ siglen, sig_name, md_name, argv[i]);
if (r)
ret = r;
(void)BIO_reset(bmd);
@@ -448,7 +448,7 @@
int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
EVP_PKEY *key, unsigned char *sigin, int siglen,
const char *sig_name, const char *md_name,
- const char *file, BIO *bmd)
+ const char *file)
{
size_t len;
int i;
diff --git a/apps/ocsp.c b/apps/ocsp.c
index e26afe1..dc2a11f 100644
--- a/apps/ocsp.c
+++ b/apps/ocsp.c
@@ -115,8 +115,7 @@
static char **lookup_serial(CA_DB *db, ASN1_INTEGER *ser);
static BIO *init_responder(const char *port);
-static int do_responder(OCSP_REQUEST **preq, BIO **pcbio, BIO *acbio,
- const char *port);
+static int do_responder(OCSP_REQUEST **preq, BIO **pcbio, BIO *acbio);
static int send_ocsp_response(BIO *cbio, OCSP_RESPONSE *resp);
static OCSP_RESPONSE *query_responder(BIO *cbio, const char *host,
const char *path,
@@ -406,8 +405,7 @@
path = opt_arg();
break;
case OPT_ISSUER:
- issuer = load_cert(opt_arg(), FORMAT_PEM,
- NULL, NULL, "issuer certificate");
+ issuer = load_cert(opt_arg(), FORMAT_PEM, "issuer certificate");
if (issuer == NULL)
goto end;
if (issuers == NULL) {
@@ -418,8 +416,7 @@
break;
case OPT_CERT:
X509_free(cert);
- cert = load_cert(opt_arg(), FORMAT_PEM,
- NULL, NULL, "certificate");
+ cert = load_cert(opt_arg(), FORMAT_PEM, "certificate");
if (cert == NULL)
goto end;
if (cert_id_md == NULL)
@@ -526,16 +523,14 @@
if (rsignfile) {
if (!rkeyfile)
rkeyfile = rsignfile;
- rsigner = load_cert(rsignfile, FORMAT_PEM,
- NULL, NULL, "responder certificate");
+ rsigner = load_cert(rsignfile, FORMAT_PEM, "responder certificate");
if (!rsigner) {
BIO_printf(bio_err, "Error loading responder certificate\n");
goto end;
}
- rca_cert = load_cert(rca_filename, FORMAT_PEM,
- NULL, NULL, "CA certificate");
+ rca_cert = load_cert(rca_filename, FORMAT_PEM, "CA certificate");
if (rcertfile) {
- if (!load_certs(rcertfile, &rother, FORMAT_PEM, NULL, NULL,
+ if (!load_certs(rcertfile, &rother, FORMAT_PEM, NULL,
"responder other certificates"))
goto end;
}
@@ -550,7 +545,7 @@
redo_accept:
if (acbio) {
- if (!do_responder(&req, &cbio, acbio, port))
+ if (!do_responder(&req, &cbio, acbio))
goto end;
if (!req) {
resp =
@@ -572,14 +567,13 @@
if (signfile) {
if (!keyfile)
keyfile = signfile;
- signer = load_cert(signfile, FORMAT_PEM,
- NULL, NULL, "signer certificate");
+ signer = load_cert(signfile, FORMAT_PEM, "signer certificate");
if (!signer) {
BIO_printf(bio_err, "Error loading signer certificate\n");
goto end;
}
if (sign_certfile) {
- if (!load_certs(sign_certfile, &sign_other, FORMAT_PEM, NULL, NULL,
+ if (!load_certs(sign_certfile, &sign_other, FORMAT_PEM, NULL,
"signer certificates"))
goto end;
}
@@ -702,7 +696,7 @@
if (vpmtouched)
X509_STORE_set1_param(store, vpm);
if (verify_certfile) {
- if (!load_certs(verify_certfile, &verify_other, FORMAT_PEM, NULL, NULL,
+ if (!load_certs(verify_certfile, &verify_other, FORMAT_PEM, NULL,
"validator certificate"))
goto end;
}
@@ -1078,8 +1072,7 @@
return (int)(out - save);
}
-static int do_responder(OCSP_REQUEST **preq, BIO **pcbio, BIO *acbio,
- const char *port)
+static int do_responder(OCSP_REQUEST **preq, BIO **pcbio, BIO *acbio)
{
int len;
OCSP_REQUEST *req = NULL;
diff --git a/apps/pkcs12.c b/apps/pkcs12.c
index e8df499..b4aabb2 100644
--- a/apps/pkcs12.c
+++ b/apps/pkcs12.c
@@ -397,7 +397,7 @@
/* Load in all certs in input file */
if (!(options & NOCERTS)) {
- if (!load_certs(infile, &certs, FORMAT_PEM, NULL, e,
+ if (!load_certs(infile, &certs, FORMAT_PEM, NULL,
"certificates"))
goto export_end;
@@ -426,7 +426,7 @@
/* Add any more certificates asked for */
if (certfile) {
- if (!load_certs(certfile, &certs, FORMAT_PEM, NULL, e,
+ if (!load_certs(certfile, &certs, FORMAT_PEM, NULL,
"certificates from certfile"))
goto export_end;
}
diff --git a/apps/pkeyutl.c b/apps/pkeyutl.c
index 8e11777..91ef8d7 100644
--- a/apps/pkeyutl.c
+++ b/apps/pkeyutl.c
@@ -390,7 +390,7 @@
break;
case KEY_CERT:
- x = load_cert(keyfile, keyform, NULL, e, "Certificate");
+ x = load_cert(keyfile, keyform, "Certificate");
if (x) {
pkey = X509_get_pubkey(x);
X509_free(x);
diff --git a/apps/rsautl.c b/apps/rsautl.c
index 08e4d56..728352c 100644
--- a/apps/rsautl.c
+++ b/apps/rsautl.c
@@ -231,7 +231,7 @@
break;
case KEY_CERT:
- x = load_cert(keyfile, keyformat, NULL, e, "Certificate");
+ x = load_cert(keyfile, keyformat, "Certificate");
if (x) {
pkey = X509_get_pubkey(x);
X509_free(x);
diff --git a/apps/s_apps.h b/apps/s_apps.h
index 4357415..c000aa1 100644
--- a/apps/s_apps.h
+++ b/apps/s_apps.h
@@ -149,11 +149,11 @@
#define PORT "4433"
#define PROTOCOL "tcp"
+typedef int (*do_server_cb)(int s, int stype, unsigned char *context);
int do_server(int *accept_sock, const char *host, const char *port,
int family, int type,
- int (*cb) (const char *hostname, int s, int stype,
- unsigned char *context), unsigned char *context,
- int naccept);
+ do_server_cb cb,
+ unsigned char *context, int naccept);
#ifdef HEADER_X509_H
int verify_callback(int ok, X509_STORE_CTX *ctx);
#endif
diff --git a/apps/s_cb.c b/apps/s_cb.c
index a463dac..b74d682 100644
--- a/apps/s_cb.c
+++ b/apps/s_cb.c
@@ -972,7 +972,7 @@
return 0;
}
exc->cert = load_cert(exc->certfile, exc->certform,
- NULL, NULL, "Server Certificate");
+ "Server Certificate");
if (!exc->cert)
return 0;
if (exc->keyfile) {
@@ -986,7 +986,7 @@
return 0;
if (exc->chainfile) {
if (!load_certs(exc->chainfile, &exc->chain, FORMAT_PEM, NULL,
- NULL, "Server Chain"))
+ "Server Chain"))
return 0;
}
}
diff --git a/apps/s_client.c b/apps/s_client.c
index b533780..9889cb0 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -1432,8 +1432,7 @@
}
if (cert_file) {
- cert = load_cert(cert_file, cert_format,
- NULL, e, "client certificate file");
+ cert = load_cert(cert_file, cert_format, "client certificate file");
if (cert == NULL) {
ERR_print_errors(bio_err);
goto end;
@@ -1441,7 +1440,7 @@
}
if (chain_file) {
- if (!load_certs(chain_file, &chain, FORMAT_PEM, NULL, e,
+ if (!load_certs(chain_file, &chain, FORMAT_PEM, NULL,
"client certificate chain"))
goto end;
}
diff --git a/apps/s_server.c b/apps/s_server.c
index 3c5b422..074c763 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -191,12 +191,9 @@
#endif
static int not_resumable_sess_cb(SSL *s, int is_forward_secure);
-static int sv_body(const char *hostname, int s, int stype,
- unsigned char *context);
-static int www_body(const char *hostname, int s, int stype,
- unsigned char *context);
-static int rev_body(const char *hostname, int s, int stype,
- unsigned char *context);
+static int sv_body(int s, int stype, unsigned char *context);
+static int www_body(int s, int stype, unsigned char *context);
+static int rev_body(int s, int stype, unsigned char *context);
static void close_accept_socket(void);
static int init_ssl_connection(SSL *s);
static void print_stats(BIO *bp, SSL_CTX *ctx);
@@ -1027,8 +1024,7 @@
#ifdef AF_UNIX
int unlink_unix_path = 0;
#endif
- int (*server_cb) (const char *hostname, int s, int stype,
- unsigned char *context);
+ do_server_cb server_cb;
int vpmtouched = 0, build_chain = 0, no_cache = 0, ext_cache = 0;
#ifndef OPENSSL_NO_DH
int no_dhe = 0;
@@ -1557,14 +1553,14 @@
}
s_cert = load_cert(s_cert_file, s_cert_format,
- NULL, e, "server certificate file");
+ "server certificate file");
if (!s_cert) {
ERR_print_errors(bio_err);
goto end;
}
if (s_chain_file) {
- if (!load_certs(s_chain_file, &s_chain, FORMAT_PEM, NULL, e,
+ if (!load_certs(s_chain_file, &s_chain, FORMAT_PEM, NULL,
"server certificate chain"))
goto end;
}
@@ -1578,7 +1574,7 @@
}
s_cert2 = load_cert(s_cert_file2, s_cert_format,
- NULL, e, "second server certificate file");
+ "second server certificate file");
if (!s_cert2) {
ERR_print_errors(bio_err);
@@ -1636,14 +1632,14 @@
}
s_dcert = load_cert(s_dcert_file, s_dcert_format,
- NULL, e, "second server certificate file");
+ "second server certificate file");
if (!s_dcert) {
ERR_print_errors(bio_err);
goto end;
}
if (s_dchain_file) {
- if (!load_certs(s_dchain_file, &s_dchain, FORMAT_PEM, NULL, e,
+ if (!load_certs(s_dchain_file, &s_dchain, FORMAT_PEM, NULL,
"second server certificate chain"))
goto end;
}
@@ -2054,8 +2050,7 @@
SSL_CTX_sess_get_cache_size(ssl_ctx));
}
-static int sv_body(const char *hostname, int s, int stype,
- unsigned char *context)
+static int sv_body(int s, int stype, unsigned char *context)
{
char *buf = NULL;
fd_set readfds;
@@ -2644,8 +2639,7 @@
}
#endif
-static int www_body(const char *hostname, int s, int stype,
- unsigned char *context)
+static int www_body(int s, int stype, unsigned char *context)
{
char *buf = NULL;
int ret = 1;
@@ -3032,8 +3026,7 @@
return (ret);
}
-static int rev_body(const char *hostname, int s, int stype,
- unsigned char *context)
+static int rev_body(int s, int stype, unsigned char *context)
{
char *buf = NULL;
int i;
diff --git a/apps/s_socket.c b/apps/s_socket.c
index 6d781f4..5d66ab9 100644
--- a/apps/s_socket.c
+++ b/apps/s_socket.c
@@ -221,10 +221,8 @@
* 0 on failure, something other on success.
*/
int do_server(int *accept_sock, const char *host, const char *port,
- int family, int type,
- int (*cb) (const char *hostname, int s, int stype,
- unsigned char *context), unsigned char *context,
- int naccept)
+ int family, int type, do_server_cb cb,
+ unsigned char *context, int naccept)
{
int asock = 0;
int sock;
@@ -258,50 +256,26 @@
}
BIO_ADDRINFO_free(res);
+ res = NULL;
- if (accept_sock != NULL) {
+ if (accept_sock != NULL)
*accept_sock = asock;
- }
for (;;) {
- BIO_ADDR *accepted_addr = NULL;
- char *name = NULL;
if (type == SOCK_STREAM) {
- if ((accepted_addr = BIO_ADDR_new()) == NULL) {
- BIO_closesocket(asock);
- return 0;
- }
- redoit:
- sock = BIO_accept_ex(asock, accepted_addr, 0);
+ do {
+ sock = BIO_accept_ex(asock, NULL, 0);
+ } while (sock < 0 && BIO_sock_should_retry(ret));
if (sock < 0) {
- if (BIO_sock_should_retry(ret)) {
- goto redoit;
- } else {
- ERR_print_errors(bio_err);
- BIO_ADDR_free(accepted_addr);
- SHUTDOWN(asock);
- break;
- }
+ ERR_print_errors(bio_err);
+ SHUTDOWN(asock);
+ break;
}
+ i = (*cb)(sock, type, context);
+ SHUTDOWN2(sock);
} else {
- sock = asock;
+ i = (*cb)(asock, type, context);
}
- /* accepted_addr is NULL if we're dealing with SOCK_DGRAM
- * this means that for SOCK_DGRAM, name will be NULL
- */
- if (accepted_addr != NULL) {
-#ifdef AF_UNIX
- if (family == AF_UNIX)
- name = BIO_ADDR_path_string(accepted_addr);
- else
-#endif
- name = BIO_ADDR_hostname_string(accepted_addr, 0);
- }
- i = (*cb) (name, sock, type, context);
- OPENSSL_free(name);
- BIO_ADDR_free(accepted_addr);
- if (type == SOCK_STREAM)
- SHUTDOWN2(sock);
if (naccept != -1)
naccept--;
if (i < 0 || naccept == 0) {
diff --git a/apps/smime.c b/apps/smime.c
index 024e83b..60daeb4 100644
--- a/apps/smime.c
+++ b/apps/smime.c
@@ -458,7 +458,7 @@
goto end;
while (*argv) {
cert = load_cert(*argv, FORMAT_PEM,
- NULL, e, "recipient certificate file");
+ "recipient certificate file");
if (cert == NULL)
goto end;
sk_X509_push(encerts, cert);
@@ -468,7 +468,7 @@
}
if (certfile) {
- if (!load_certs(certfile, &other, FORMAT_PEM, NULL, e,
+ if (!load_certs(certfile, &other, FORMAT_PEM, NULL,
"certificate file")) {
ERR_print_errors(bio_err);
goto end;
@@ -476,8 +476,8 @@
}
if (recipfile && (operation == SMIME_DECRYPT)) {
- if ((recip = load_cert(recipfile, FORMAT_PEM, NULL,
- e, "recipient certificate file")) == NULL) {
+ if ((recip = load_cert(recipfile, FORMAT_PEM,
+ "recipient certificate file")) == NULL) {
ERR_print_errors(bio_err);
goto end;
}
@@ -572,8 +572,8 @@
for (i = 0; i < sk_OPENSSL_STRING_num(sksigners); i++) {
signerfile = sk_OPENSSL_STRING_value(sksigners, i);
keyfile = sk_OPENSSL_STRING_value(skkeys, i);
- signer = load_cert(signerfile, FORMAT_PEM, NULL,
- e, "signer certificate");
+ signer = load_cert(signerfile, FORMAT_PEM,
+ "signer certificate");
if (!signer)
goto end;
key = load_key(keyfile, keyform, 0, passin, e, "signing key file");
diff --git a/apps/speed.c b/apps/speed.c
index a0decd7..64faef5 100644
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -1781,7 +1781,7 @@
/* DSA_generate_key(dsa_key[j]); */
/* DSA_sign_setup(dsa_key[j],NULL); */
- st = DSA_sign(EVP_PKEY_DSA, buf, 20, buf2, &kk, dsa_key[j]);
+ st = DSA_sign(0, buf, 20, buf2, &kk, dsa_key[j]);
if (st == 0) {
BIO_printf(bio_err,
"DSA sign failure. No DSA sign will be done.\n");
@@ -1792,7 +1792,7 @@
dsa_c[j][0], dsa_bits[j], DSA_SECONDS);
Time_F(START);
for (count = 0, run = 1; COND(dsa_c[j][0]); count++) {
- st = DSA_sign(EVP_PKEY_DSA, buf, 20, buf2, &kk, dsa_key[j]);
+ st = DSA_sign(0, buf, 20, buf2, &kk, dsa_key[j]);
if (st == 0) {
BIO_printf(bio_err, "DSA sign failure\n");
ERR_print_errors(bio_err);
@@ -1809,7 +1809,7 @@
rsa_count = count;
}
- st = DSA_verify(EVP_PKEY_DSA, buf, 20, buf2, kk, dsa_key[j]);
+ st = DSA_verify(0, buf, 20, buf2, kk, dsa_key[j]);
if (st <= 0) {
BIO_printf(bio_err,
"DSA verify failure. No DSA verify will be done.\n");
@@ -1820,7 +1820,7 @@
dsa_c[j][1], dsa_bits[j], DSA_SECONDS);
Time_F(START);
for (count = 0, run = 1; COND(dsa_c[j][1]); count++) {
- st = DSA_verify(EVP_PKEY_DSA, buf, 20, buf2, kk, dsa_key[j]);
+ st = DSA_verify(0, buf, 20, buf2, kk, dsa_key[j]);
if (st <= 0) {
BIO_printf(bio_err, "DSA verify failure\n");
ERR_print_errors(bio_err);
diff --git a/apps/verify.c b/apps/verify.c
index 1585044..58a48c7 100644
--- a/apps/verify.c
+++ b/apps/verify.c
@@ -68,7 +68,7 @@
static int cb(int ok, X509_STORE_CTX *ctx);
static int check(X509_STORE *ctx, char *file,
STACK_OF(X509) *uchain, STACK_OF(X509) *tchain,
- STACK_OF(X509_CRL) *crls, ENGINE *e, int show_chain);
+ STACK_OF(X509_CRL) *crls, int show_chain);
static int v_verbose = 0, vflags = 0;
typedef enum OPTION_choice {
@@ -108,7 +108,6 @@
int verify_main(int argc, char **argv)
{
- ENGINE *e = NULL;
STACK_OF(X509) *untrusted = NULL, *trusted = NULL;
STACK_OF(X509_CRL) *crls = NULL;
X509_STORE *store = NULL;
@@ -167,7 +166,7 @@
break;
case OPT_UNTRUSTED:
/* Zero or more times */
- if (!load_certs(opt_arg(), &untrusted, FORMAT_PEM, NULL, e,
+ if (!load_certs(opt_arg(), &untrusted, FORMAT_PEM, NULL,
"untrusted certificates"))
goto end;
break;
@@ -175,26 +174,28 @@
/* Zero or more times */
noCAfile = 1;
noCApath = 1;
- if (!load_certs(opt_arg(), &trusted, FORMAT_PEM, NULL, e,
+ if (!load_certs(opt_arg(), &trusted, FORMAT_PEM, NULL,
"trusted certificates"))
goto end;
break;
case OPT_CRLFILE:
/* Zero or more times */
- if (!load_crls(opt_arg(), &crls, FORMAT_PEM, NULL, e,
+ if (!load_crls(opt_arg(), &crls, FORMAT_PEM, NULL,
"other CRLs"))
goto end;
break;
case OPT_CRL_DOWNLOAD:
crl_download = 1;
break;
+ case OPT_ENGINE:
+ if (setup_engine(opt_arg(), 0) == NULL) {
+ /* Failure message already displayed */
+ goto end;
+ }
+ break;
case OPT_SHOW_CHAIN:
show_chain = 1;
break;
- case OPT_ENGINE:
- /* Specify *before* -trusted/-untrusted/-CRLfile */
- e = setup_engine(opt_arg(), 0);
- break;
case OPT_VERBOSE:
v_verbose = 1;
break;
@@ -223,11 +224,11 @@
ret = 0;
if (argc < 1) {
- if (check(store, NULL, untrusted, trusted, crls, e, show_chain) != 1)
+ if (check(store, NULL, untrusted, trusted, crls, show_chain) != 1)
ret = -1;
} else {
for (i = 0; i < argc; i++)
- if (check(store, argv[i], untrusted, trusted, crls, e,
+ if (check(store, argv[i], untrusted, trusted, crls,
show_chain) != 1)
ret = -1;
}
@@ -243,7 +244,7 @@
static int check(X509_STORE *ctx, char *file,
STACK_OF(X509) *uchain, STACK_OF(X509) *tchain,
- STACK_OF(X509_CRL) *crls, ENGINE *e, int show_chain)
+ STACK_OF(X509_CRL) *crls, int show_chain)
{
X509 *x = NULL;
int i = 0, ret = 0;
@@ -251,7 +252,7 @@
STACK_OF(X509) *chain = NULL;
int num_untrusted;
- x = load_cert(file, FORMAT_PEM, NULL, e, "certificate file");
+ x = load_cert(file, FORMAT_PEM, "certificate file");
if (x == NULL)
goto end;
diff --git a/apps/x509.c b/apps/x509.c
index 2b9cb25..66dd2ff 100644
--- a/apps/x509.c
+++ b/apps/x509.c
@@ -612,12 +612,12 @@
EVP_PKEY_free(pkey);
}
} else
- x = load_cert(infile, informat, NULL, e, "Certificate");
+ x = load_cert(infile, informat, "Certificate");
if (x == NULL)
goto end;
if (CA_flag) {
- xca = load_cert(CAfile, CAformat, NULL, e, "CA Certificate");
+ xca = load_cert(CAfile, CAformat, "CA Certificate");
if (xca == NULL)
goto end;
}
