Browse Source

APPS: make apps strict on app_RAND_load() and app_RAND_write() failure

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14840)
master
Dr. David von Oheimb 2 years ago
committed by Dr. David von Oheimb
parent
commit
3ad6030948
28 changed files with 75 additions and 32 deletions
  1. +2
    -1
      apps/ca.c
  2. +2
    -0
      apps/cmp.c
  3. +3
    -1
      apps/cms.c
  4. +3
    -1
      apps/dgst.c
  5. +2
    -2
      apps/dhparam.c
  6. +2
    -1
      apps/dsaparam.c
  7. +3
    -1
      apps/ecparam.c
  8. +2
    -1
      apps/enc.c
  9. +3
    -1
      apps/gendsa.c
  10. +3
    -1
      apps/genrsa.c
  11. +1
    -1
      apps/include/apps.h
  12. +1
    -1
      apps/include/opt.h
  13. +6
    -5
      apps/lib/app_rand.c
  14. +2
    -1
      apps/openssl.c
  15. +3
    -1
      apps/passwd.c
  16. +3
    -1
      apps/pkcs12.c
  17. +3
    -1
      apps/pkcs8.c
  18. +2
    -1
      apps/pkeyutl.c
  19. +3
    -1
      apps/rand.c
  20. +3
    -1
      apps/req.c
  21. +3
    -1
      apps/rsautl.c
  22. +2
    -1
      apps/s_client.c
  23. +3
    -1
      apps/s_server.c
  24. +3
    -1
      apps/smime.c
  25. +3
    -1
      apps/speed.c
  26. +3
    -1
      apps/srp.c
  27. +3
    -1
      apps/ts.c
  28. +3
    -1
      apps/x509.c

+ 2
- 1
apps/ca.c View File

@ -521,7 +521,8 @@ end_of_options:
goto end;
app_RAND_load_conf(conf, BASE_SECTION);
app_RAND_load();
if (!app_RAND_load())
goto end;
f = NCONF_get_string(conf, section, STRING_MASK);
if (f == NULL)


+ 2
- 0
apps/cmp.c View File

@ -2603,6 +2603,8 @@ int cmp_main(int argc, char **argv)
if (ret <= 0)
goto err;
ret = 0;
if (!app_RAND_load())
goto err;
if (opt_batch)
set_base_ui_method(UI_null());


+ 3
- 1
apps/cms.c View File

@ -697,7 +697,9 @@ int cms_main(int argc, char **argv)
break;
}
}
app_RAND_load();
if (!app_RAND_load())
goto end;
if (digestname != NULL) {
if (!opt_md(digestname, &sign_md))
goto end;


+ 3
- 1
apps/dgst.c View File

@ -225,7 +225,9 @@ int dgst_main(int argc, char **argv)
BIO_printf(bio_err, "%s: Can only sign or verify one file.\n", prog);
goto end;
}
app_RAND_load();
if (!app_RAND_load())
goto end;
if (digestname != NULL) {
if (!opt_md(digestname, &md))
goto opthelp;


+ 2
- 2
apps/dhparam.c View File

@ -158,8 +158,8 @@ int dhparam_main(int argc, char **argv)
} else if (argc != 0) {
goto opthelp;
}
app_RAND_load();
if (!app_RAND_load())
goto end;
if (g && !num)
num = DEFBITS;


+ 2
- 1
apps/dsaparam.c View File

@ -135,7 +135,8 @@ int dsaparam_main(int argc, char **argv)
} else if (argc != 0) {
goto opthelp;
}
app_RAND_load();
if (!app_RAND_load())
goto end;
/* generate a key */
numbits = num;


+ 3
- 1
apps/ecparam.c View File

@ -190,7 +190,9 @@ int ecparam_main(int argc, char **argv)
if (argc != 0)
goto opthelp;
app_RAND_load();
if (!app_RAND_load())
goto end;
private = genkey ? 1 : 0;
in = bio_open_default(infile, 'r', informat);


+ 2
- 1
apps/enc.c View File

@ -293,7 +293,8 @@ int enc_main(int argc, char **argv)
argc = opt_num_rest();
if (argc != 0)
goto opthelp;
app_RAND_load();
if (!app_RAND_load())
goto end;
/* Get the cipher name, either from progname (if set) or flag. */
if (ciphername != NULL) {


+ 3
- 1
apps/gendsa.c View File

@ -107,7 +107,9 @@ int gendsa_main(int argc, char **argv)
goto opthelp;
dsaparams = argv[0];
app_RAND_load();
if (!app_RAND_load())
goto end;
if (ciphername != NULL) {
if (!opt_cipher(ciphername, &enc))
goto end;


+ 3
- 1
apps/genrsa.c View File

@ -163,7 +163,9 @@ opthelp:
goto opthelp;
}
app_RAND_load();
if (!app_RAND_load())
goto end;
private = 1;
if (ciphername != NULL) {
if (!opt_cipher(ciphername, &enc))


+ 1
- 1
apps/include/apps.h View File

@ -46,7 +46,7 @@
# define _UC(c) ((unsigned char)(c))
void app_RAND_load_conf(CONF *c, const char *section);
void app_RAND_write(void);
int app_RAND_write(void);
int app_RAND_load(void);
extern char *default_config_file; /* may be "" */


+ 1
- 1
apps/include/opt.h View File

@ -258,7 +258,7 @@
# define OPT_R_OPTIONS \
OPT_SECTION("Random state"), \
{"rand", OPT_R_RAND, 's', "Load the file(s) into the random number generator"}, \
{"rand", OPT_R_RAND, 's', "Load the given file(s) into the random number generator"}, \
{"writerand", OPT_R_WRITERAND, '>', "Write random data to the specified file"}
# define OPT_R_CASES \


+ 6
- 5
apps/lib/app_rand.c View File

@ -63,9 +63,6 @@ int app_RAND_load(void)
char *p;
int i, ret = 1;
if (randfiles == NULL)
return 1;
for (i = 0; i < sk_OPENSSL_STRING_num(randfiles); i++) {
p = sk_OPENSSL_STRING_value(randfiles, i);
if (!loadfiles(p))
@ -75,16 +72,20 @@ int app_RAND_load(void)
return ret;
}
void app_RAND_write(void)
int app_RAND_write(void)
{
int ret = 1;
if (save_rand_file == NULL)
return;
return 1;
if (RAND_write_file(save_rand_file) == -1) {
BIO_printf(bio_err, "Cannot write random bytes:\n");
ERR_print_errors(bio_err);
ret = 0;
}
OPENSSL_free(save_rand_file);
save_rand_file = NULL;
return ret;
}


+ 2
- 1
apps/openssl.c View File

@ -298,7 +298,8 @@ int main(int argc, char *argv[])
OPENSSL_free(default_config_file);
lh_FUNCTION_free(prog);
OPENSSL_free(arg.argv);
app_RAND_write();
if (!app_RAND_write())
ret = EXIT_FAILURE;
BIO_free(bio_in);
BIO_free_all(bio_out);


+ 3
- 1
apps/passwd.c View File

@ -195,7 +195,9 @@ int passwd_main(int argc, char **argv)
passwds = argv;
}
app_RAND_load();
if (!app_RAND_load())
goto end;
if (mode == passwd_unset) {
/* use default */
mode = passwd_md5;


+ 3
- 1
apps/pkcs12.c View File

@ -345,7 +345,9 @@ int pkcs12_main(int argc, char **argv)
if (argc != 0)
goto opthelp;
app_RAND_load();
if (!app_RAND_load())
goto end;
if (ciphername != NULL) {
if (!opt_cipher(ciphername, &enc))
goto opthelp;


+ 3
- 1
apps/pkcs8.c View File

@ -199,7 +199,9 @@ int pkcs8_main(int argc, char **argv)
goto opthelp;
private = 1;
app_RAND_load();
if (!app_RAND_load())
goto end;
if (ciphername != NULL) {
if (!opt_cipher(ciphername, &cipher))
goto opthelp;


+ 2
- 1
apps/pkeyutl.c View File

@ -255,7 +255,8 @@ int pkeyutl_main(int argc, char **argv)
if (argc != 0)
goto opthelp;
app_RAND_load();
if (!app_RAND_load())
goto end;
if (rawin && pkey_op != EVP_PKEY_OP_SIGN && pkey_op != EVP_PKEY_OP_VERIFY) {
BIO_printf(bio_err,


+ 3
- 1
apps/rand.c View File

@ -99,7 +99,9 @@ int rand_main(int argc, char **argv)
goto opthelp;
}
app_RAND_load();
if (!app_RAND_load())
goto end;
out = bio_open_default(outfile, 'w', format);
if (out == NULL)
goto end;


+ 3
- 1
apps/req.c View File

@ -478,7 +478,9 @@ int req_main(int argc, char **argv)
if (argc != 0)
goto opthelp;
app_RAND_load();
if (!app_RAND_load())
goto end;
if (digestname != NULL) {
if (!opt_md(digestname, &md_alg))
goto opthelp;


+ 3
- 1
apps/rsautl.c View File

@ -173,7 +173,9 @@ int rsautl_main(int argc, char **argv)
if (argc != 0)
goto opthelp;
app_RAND_load();
if (!app_RAND_load())
goto end;
if (need_priv && (key_type != KEY_PRIVKEY)) {
BIO_printf(bio_err, "A private key is needed for this operation\n");
goto end;


+ 2
- 1
apps/s_client.c View File

@ -1475,7 +1475,8 @@ int s_client_main(int argc, char **argv)
} else if (argc != 0) {
goto opthelp;
}
app_RAND_load();
if (!app_RAND_load())
goto end;
if (count4or6 >= 2) {
BIO_printf(bio_err, "%s: Can't use both -4 and -6\n", prog);


+ 3
- 1
apps/s_server.c View File

@ -1610,7 +1610,9 @@ int s_server_main(int argc, char *argv[])
if (argc != 0)
goto opthelp;
app_RAND_load();
if (!app_RAND_load())
goto end;
#ifndef OPENSSL_NO_NEXTPROTONEG
if (min_version == TLS1_3_VERSION && next_proto_neg_in != NULL) {
BIO_printf(bio_err, "Cannot supply -nextprotoneg with TLSv1.3\n");


+ 3
- 1
apps/smime.c View File

@ -359,7 +359,9 @@ int smime_main(int argc, char **argv)
argc = opt_num_rest();
argv = opt_rest();
app_RAND_load();
if (!app_RAND_load())
goto end;
if (digestname != NULL) {
if (!opt_md(digestname, &sign_md))
goto opthelp;


+ 3
- 1
apps/speed.c View File

@ -1648,7 +1648,9 @@ int speed_main(int argc, char **argv)
argc = opt_num_rest();
argv = opt_rest();
app_RAND_load();
if (!app_RAND_load())
goto end;
for (; *argv; argv++) {
const char *algo = *argv;


+ 3
- 1
apps/srp.c View File

@ -309,7 +309,9 @@ int srp_main(int argc, char **argv)
argc = opt_num_rest();
argv = opt_rest();
app_RAND_load();
if (!app_RAND_load())
goto end;
if (srpvfile != NULL && configfile != NULL) {
BIO_printf(bio_err,
"-srpvfile and -configfile cannot be specified together.\n");


+ 3
- 1
apps/ts.c View File

@ -292,7 +292,9 @@ int ts_main(int argc, char **argv)
if (argc != 0 || mode == OPT_ERR)
goto opthelp;
app_RAND_load();
if (!app_RAND_load())
goto end;
if (digestname != NULL) {
if (!opt_md(digestname, &md))
goto opthelp;


+ 3
- 1
apps/x509.c View File

@ -578,7 +578,9 @@ int x509_main(int argc, char **argv)
if (argc != 0)
goto opthelp;
app_RAND_load();
if (!app_RAND_load())
goto end;
if (digestname != NULL) {
if (!opt_md(digestname, &digest))
goto opthelp;


Loading…
Cancel
Save