Centralise loading default apps config file

Loading the config file after processing command line options can
cause problems, e.g. where an engine provides new ciphers/digests
these are not then recoginised on the command line. Move the
default config file loading to before the command line option
processing. Whilst we're doing this we might as well centralise
this instead of doing it individually for each application. Finally
if we do it before the OpenSSL_add_ssl_algorithms() call then
ciphersuites provided by an engine (e.g. GOST) can be available to
the apps.

RT#4085
RT#4086

Reviewed-by: Richard Levitte <levitte@openssl.org>
This commit is contained in:
Matt Caswell 2015-10-12 12:40:15 +01:00
parent d175e8a6c2
commit a0a82324f9
38 changed files with 19 additions and 114 deletions

View File

@ -186,9 +186,6 @@ int asn1parse_main(int argc, char **argv)
argc = opt_num_rest();
argv = opt_rest();
if (!app_load_modules(NULL))
goto end;
if (oidfile != NULL) {
in = bio_open_default(oidfile, 'r', FORMAT_TEXT);
if (in == NULL)

View File

@ -484,10 +484,13 @@ end_of_options:
argv = opt_rest();
BIO_printf(bio_err, "Using configuration from %s\n", configfile);
/* We already loaded the default config file */
if (configfile != default_config_file) {
if ((conf = app_load_config(configfile)) == NULL)
goto end;
if (!app_load_modules(conf))
goto end;
}
/* Lets get the config section we are using */
if (section == NULL) {

View File

@ -144,9 +144,6 @@ int ciphers_main(int argc, char **argv)
else if (argc != 0)
goto opthelp;
if (!app_load_modules(NULL))
goto end;
ctx = SSL_CTX_new(meth);
if (ctx == NULL)
goto err;

View File

@ -684,9 +684,6 @@ int cms_main(int argc, char **argv)
goto end;
}
if (!app_load_modules(NULL))
goto end;
if (need_rand) {
app_RAND_load_file(NULL, (inrand != NULL));
if (inrand != NULL)

View File

@ -232,9 +232,6 @@ int crl_main(int argc, char **argv)
if (!nmflag_set)
nmflag = XN_FLAG_ONELINE;
if (!app_load_modules(NULL))
goto end;
x = load_crl(infile, informat);
if (x == NULL)
goto end;

View File

@ -148,9 +148,6 @@ int crl2pkcs7_main(int argc, char **argv)
argc = opt_num_rest();
argv = opt_rest();
if (!app_load_modules(NULL))
goto end;
if (!nocrl) {
in = bio_open_default(infile, 'r', informat);
if (in == NULL)

View File

@ -236,9 +236,6 @@ int dgst_main(int argc, char **argv)
argc = opt_num_rest();
argv = opt_rest();
if (!app_load_modules(NULL))
goto end;
if (do_verify && !sigfile) {
BIO_printf(bio_err,
"No signature to verify: use the -signature option\n");

View File

@ -230,9 +230,6 @@ int dhparam_main(int argc, char **argv)
argc = opt_num_rest();
argv = opt_rest();
if (!app_load_modules(NULL))
goto end;
if (argv[0] && (!opt_int(argv[0], &num) || num <= 0))
goto end;

View File

@ -202,9 +202,6 @@ int dsa_main(int argc, char **argv)
goto end;
}
if (!app_load_modules(NULL))
goto end;
BIO_printf(bio_err, "read DSA key\n");
{
EVP_PKEY *pkey;

View File

@ -183,9 +183,6 @@ int dsaparam_main(int argc, char **argv)
argc = opt_num_rest();
argv = opt_rest();
if (!app_load_modules(NULL))
goto end;
if (argc == 1) {
if (!opt_int(argv[0], &num))
goto end;

View File

@ -202,9 +202,6 @@ int ec_main(int argc, char **argv)
goto end;
}
if (!app_load_modules(NULL))
goto end;
in = bio_open_default(infile, 'r', informat);
if (in == NULL)
goto end;

View File

@ -220,9 +220,6 @@ int ecparam_main(int argc, char **argv)
argv = opt_rest();
private = genkey ? 1 : 0;
if (!app_load_modules(NULL))
goto end;
in = bio_open_default(infile, 'r', informat);
if (in == NULL)
goto end;

View File

@ -295,9 +295,6 @@ int enc_main(int argc, char **argv)
argc = opt_num_rest();
argv = opt_rest();
if (!app_load_modules(NULL))
goto end;
if (cipher && EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) {
BIO_printf(bio_err, "%s: AEAD ciphers not supported\n", prog);
goto end;

View File

@ -369,9 +369,6 @@ int engine_main(int argc, char **argv)
}
}
if (!app_load_modules(NULL))
goto end;
for (i = 0; i < sk_OPENSSL_STRING_num(engines); i++) {
const char *id = sk_OPENSSL_STRING_value(engines, i);
if ((e = ENGINE_by_id(id)) != NULL) {

View File

@ -144,9 +144,6 @@ int gendsa_main(int argc, char **argv)
goto end;
}
if (!app_load_modules(NULL))
goto end;
in = bio_open_default(dsaparams, 'r', FORMAT_PEM);
if (in == NULL)
goto end2;

View File

@ -181,9 +181,6 @@ int genpkey_main(int argc, char **argv)
goto end;
}
if (!app_load_modules(NULL))
goto end;
out = bio_open_owner(outfile, outformat, private);
if (out == NULL)
goto end;

View File

@ -169,9 +169,6 @@ int genrsa_main(int argc, char **argv)
goto end;
}
if (!app_load_modules(NULL))
goto end;
out = bio_open_owner(outfile, FORMAT_PEM, private);
if (out == NULL)
goto end;

View File

@ -109,9 +109,6 @@ int nseq_main(int argc, char **argv)
argc = opt_num_rest();
argv = opt_rest();
if (!app_load_modules(NULL))
goto end;
in = bio_open_default(infile, 'r', FORMAT_PEM);
if (in == NULL)
goto end;

View File

@ -494,9 +494,6 @@ int ocsp_main(int argc, char **argv)
if (!req && !reqin && !respin && !(port && ridx_filename))
goto opthelp;
if (!app_load_modules(NULL))
goto end;
out = bio_open_default(outfile, 'w', FORMAT_TEXT);
if (out == NULL)
goto end;

View File

@ -166,7 +166,7 @@ BIO *bio_in = NULL;
BIO *bio_out = NULL;
BIO *bio_err = NULL;
static void apps_startup()
static int apps_startup()
{
#ifdef SIGPIPE
signal(SIGPIPE, SIG_IGN);
@ -174,6 +174,13 @@ static void apps_startup()
CRYPTO_malloc_init();
ERR_load_crypto_strings();
ERR_load_SSL_strings();
if (!app_load_modules(NULL)) {
ERR_print_errors(bio_err);
BIO_printf(bio_err, "Error loading default configuration\n");
return 0;
}
OpenSSL_add_all_algorithms();
OpenSSL_add_ssl_algorithms();
OPENSSL_load_builtin_modules();
@ -182,6 +189,7 @@ static void apps_startup()
#ifndef OPENSSL_NO_ENGINE
ENGINE_load_builtin_engines();
#endif
return 1;
}
static void apps_shutdown()
@ -328,7 +336,9 @@ int main(int argc, char *argv[])
#endif
}
apps_startup();
if (!apps_startup())
goto end;
prog = prog_init();
pname = opt_progname(argv[0]);

View File

@ -201,9 +201,6 @@ int passwd_main(int argc, char **argv)
goto opthelp;
# endif
if (!app_load_modules(NULL))
goto end;
if (infile && in_stdin) {
BIO_printf(bio_err, "%s: Can't combine -in and -stdin\n", prog);
goto end;

View File

@ -354,9 +354,6 @@ int pkcs12_main(int argc, char **argv)
mpass = macpass;
}
if (!app_load_modules(NULL))
goto end;
if (export_cert || inrand) {
app_RAND_load_file(NULL, (inrand != NULL));
if (inrand != NULL)

View File

@ -193,9 +193,6 @@ int pkcs7_main(int argc, char **argv)
argc = opt_num_rest();
argv = opt_rest();
if (!app_load_modules(NULL))
goto end;
in = bio_open_default(infile, 'r', informat);
if (in == NULL)
goto end;

View File

@ -233,9 +233,6 @@ int pkcs8_main(int argc, char **argv)
goto end;
}
if (!app_load_modules(NULL))
goto end;
if ((pbe_nid == -1) && !cipher)
pbe_nid = NID_pbeWithMD5AndDES_CBC;

View File

@ -169,9 +169,6 @@ int pkey_main(int argc, char **argv)
goto end;
}
if (!app_load_modules(NULL))
goto end;
out = bio_open_owner(outfile, outformat, private);
if (out == NULL)
goto end;

View File

@ -118,9 +118,6 @@ int pkeyparam_main(int argc, char **argv)
argc = opt_num_rest();
argv = opt_rest();
if (!app_load_modules(NULL))
goto end;
in = bio_open_default(infile, 'r', FORMAT_PEM);
if (in == NULL)
goto end;

View File

@ -230,9 +230,6 @@ int pkeyutl_main(int argc, char **argv)
if (ctx == NULL)
goto opthelp;
if (!app_load_modules(NULL))
goto end;
if (sigfile && (pkey_op != EVP_PKEY_OP_VERIFY)) {
BIO_printf(bio_err,
"%s: Signature file specified for non verify\n", prog);

View File

@ -109,9 +109,6 @@ int prime_main(int argc, char **argv)
argc = opt_num_rest();
argv = opt_rest();
if (!app_load_modules(NULL))
goto end;
if (argc == 0 && !generate) {
BIO_printf(bio_err, "%s: No prime specified\n", prog);
goto end;

View File

@ -126,9 +126,6 @@ int rand_main(int argc, char **argv)
if (sscanf(argv[0], "%d", &num) != 1 || num < 0)
goto opthelp;
if (!app_load_modules(NULL))
goto end;
app_RAND_load_file(NULL, (inrand != NULL));
if (inrand != NULL)
BIO_printf(bio_err, "%ld semi-random bytes loaded\n",

View File

@ -256,10 +256,6 @@ int rsa_main(int argc, char **argv)
BIO_printf(bio_err, "Error getting passwords\n");
goto end;
}
if (!app_load_modules(NULL))
goto end;
if (check && pubin) {
BIO_printf(bio_err, "Only private keys can be checked\n");
goto end;

View File

@ -214,9 +214,6 @@ int rsautl_main(int argc, char **argv)
goto end;
}
if (!app_load_modules(NULL))
goto end;
/* FIXME: seed PRNG only if needed */
app_RAND_load_file(NULL, 0);

View File

@ -1063,9 +1063,6 @@ int s_client_main(int argc, char **argv)
argc = opt_num_rest();
argv = opt_rest();
if (!app_load_modules(NULL))
goto end;
if (proxystr) {
if (connectstr == NULL) {
BIO_printf(bio_err, "%s: -proxy requires use of -connect\n", prog);

View File

@ -1475,9 +1475,6 @@ int s_server_main(int argc, char *argv[])
goto end;
}
if (!app_load_modules(NULL))
goto end;
if (s_key_file == NULL)
s_key_file = s_cert_file;

View File

@ -422,9 +422,6 @@ int smime_main(int argc, char **argv)
goto end;
}
if (!app_load_modules(NULL))
goto end;
if (need_rand) {
app_RAND_load_file(NULL, (inrand != NULL));
if (inrand != NULL)

View File

@ -850,9 +850,6 @@ int speed_main(int argc, char **argv)
argc = opt_num_rest();
argv = opt_rest();
if (!app_load_modules(NULL))
goto end;
/* Remaining arguments are algorithms. */
for ( ; *argv; argv++) {
if (found(*argv, doit_choices, &i)) {

View File

@ -186,8 +186,6 @@ int spkac_main(int argc, char **argv)
if ((conf = app_load_config(infile)) == NULL)
goto end;
if (!app_load_modules(conf))
goto end;
spkstr = NCONF_get_string(conf, spksect, spkac);

View File

@ -198,9 +198,6 @@ int verify_main(int argc, char **argv)
goto end;
}
if (!app_load_modules(NULL))
goto end;
if ((store = setup_verify(CAfile, CApath, noCAfile, noCApath)) == NULL)
goto end;
X509_STORE_set_verify_cb(store, cb);

View File

@ -493,9 +493,6 @@ int x509_main(int argc, char **argv)
if (!nmflag_set)
nmflag = XN_FLAG_ONELINE;
if (!app_load_modules(NULL))
goto end;
out = bio_open_default(outfile, 'w', outformat);
if (out == NULL)
goto end;