Follow on from CVE-2014-3571. This fixes the code that was the original source

[oweals/openssl.git] / apps / dsa.c

diff --git a/apps/dsa.c b/apps/dsa.c
index 5911f11873dae01d57eb00b9c43eb71eb7569bc3..03599be49d8f8ba8a89fea3786a6b7aa9e731ac7 100644 (file)
--- a/apps/dsa.c
+++ b/apps/dsa.c
@@ -74,7 +74,8 @@
 #undef PROG
 #define PROG   dsa_main
 
-/* -inform arg - input format - default PEM (one of DER, NET or PEM)
+/*-
+ * -inform arg - input format - default PEM (one of DER, NET or PEM)
  * -outform arg - output format - default PEM
  * -in arg     - input file - default stdin
  * -out arg    - output file - default stdout
@@ -334,6 +335,7 @@ bad:
                        i=PEM_write_bio_DSA_PUBKEY(out,dsa);
                else i=PEM_write_bio_DSAPrivateKey(out,dsa,enc,
                                                        NULL,0,NULL, passout);
+#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_RC4)
        } else if (outformat == FORMAT_MSBLOB || outformat == FORMAT_PVK) {
                EVP_PKEY *pk;
                pk = EVP_PKEY_new();
@@ -345,11 +347,12 @@ bad:
                else
                        i = i2b_PrivateKey_bio(out, pk);
                EVP_PKEY_free(pk);
+#endif
        } else {
                BIO_printf(bio_err,"bad output format specified for outfile\n");
                goto end;
                }
-       if (!i)
+       if (i <= 0)
                {
                BIO_printf(bio_err,"unable to write private key\n");
                ERR_print_errors(bio_err);
@@ -365,4 +368,10 @@ end:
        apps_shutdown();
        OPENSSL_EXIT(ret);
        }
+#else /* !OPENSSL_NO_DSA */
+
+# if PEDANTIC
+static void *dummy=&dummy;
+# endif
+
 #endif