Avoid warnings for no-engine and PEDANTIC

[oweals/openssl.git] / apps / pkcs12.c

diff --git a/apps/pkcs12.c b/apps/pkcs12.c
index a42421803412261963a954820b6db6f7a1b23448..5136acdc5759c8e32038a33b3bff10596277c705 100644 (file)
--- a/apps/pkcs12.c
+++ b/apps/pkcs12.c
@@ -120,13 +120,18 @@ int MAIN(int argc, char **argv)
     char *passin = NULL, *passout = NULL;
     char *inrand = NULL;
     char *CApath = NULL, *CAfile = NULL;
+#ifndef OPENSSL_NO_ENGINE
     char *engine=NULL;
+#endif
 
     apps_startup();
 
     enc = EVP_des_ede3_cbc();
     if (bio_err == NULL ) bio_err = BIO_new_fp (stderr, BIO_NOCLOSE);
 
+       if (!load_config(bio_err, NULL))
+               goto end;
+
     args = argv + 1;
 
 
@@ -152,9 +157,9 @@ int MAIN(int argc, char **argv)
 #endif
                else if (!strcmp (*args, "-des3")) enc = EVP_des_ede3_cbc();
 #ifndef OPENSSL_NO_AES
-               else if (!strcmp(*argv,"-aes128")) enc=EVP_aes_128_cbc();
-               else if (!strcmp(*argv,"-aes192")) enc=EVP_aes_192_cbc();
-               else if (!strcmp(*argv,"-aes256")) enc=EVP_aes_256_cbc();
+               else if (!strcmp(*args,"-aes128")) enc=EVP_aes_128_cbc();
+               else if (!strcmp(*args,"-aes192")) enc=EVP_aes_192_cbc();
+               else if (!strcmp(*args,"-aes256")) enc=EVP_aes_256_cbc();
 #endif
                else if (!strcmp (*args, "-noiter")) iter = 1;
                else if (!strcmp (*args, "-maciter"))
@@ -249,11 +254,13 @@ int MAIN(int argc, char **argv)
                        args++; 
                        CAfile = *args;
                    } else badarg = 1;
+#ifndef OPENSSL_NO_ENGINE
                } else if (!strcmp(*args,"-engine")) {
                    if (args[1]) {
                        args++; 
                        engine = *args;
                    } else badarg = 1;
+#endif
                } else badarg = 1;
 
        } else badarg = 1;
@@ -301,14 +308,18 @@ int MAIN(int argc, char **argv)
        BIO_printf (bio_err, "-password p   set import/export password source\n");
        BIO_printf (bio_err, "-passin p     input file pass phrase source\n");
        BIO_printf (bio_err, "-passout p    output file pass phrase source\n");
+#ifndef OPENSSL_NO_ENGINE
        BIO_printf (bio_err, "-engine e     use engine e, possibly a hardware device.\n");
+#endif
        BIO_printf(bio_err,  "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
        BIO_printf(bio_err,  "              load the file (or the files in the directory) into\n");
        BIO_printf(bio_err,  "              the random number generator\n");
        goto end;
     }
 
+#ifndef OPENSSL_NO_ENGINE
     e = setup_engine(bio_err, engine, 0);
+#endif
 
     if(passarg) {
        if(export_cert) passargout = passarg;
@@ -396,7 +407,7 @@ int MAIN(int argc, char **argv)
 #ifdef CRYPTO_MDEBUG
     CRYPTO_push_info("read MAC password");
 #endif
-       if(EVP_read_pw_string (macpass, 50, "Enter MAC Password:", export_cert))
+       if(EVP_read_pw_string (macpass, sizeof macpass, "Enter MAC Password:", export_cert))
        {
            BIO_printf (bio_err, "Can't read Password\n");
            goto end;
@@ -424,7 +435,7 @@ int MAIN(int argc, char **argv)
        CRYPTO_push_info("process -export_cert");
        CRYPTO_push_info("reading private key");
 #endif
-       key = load_key(bio_err, keyname ? keyname : infile, FORMAT_PEM,
+       key = load_key(bio_err, keyname ? keyname : infile, FORMAT_PEM, 1,
                passin, e, "private key");
        if (!key) {
                goto export_end;
@@ -505,9 +516,10 @@ int MAIN(int argc, char **argv)
                    /* Exclude verified certificate */
                    for (i = 1; i < sk_X509_num (chain2) ; i++) 
                        sk_X509_push(certs, sk_X509_value (chain2, i));
-               }
-               sk_X509_free(chain2);
-               if (vret) {
+                   /* Free first certificate */
+                   X509_free(sk_X509_value(chain2, 0));
+                   sk_X509_free(chain2);
+               } else {
                        BIO_printf (bio_err, "Error %s getting chain.\n",
                                        X509_verify_cert_error_string(vret));
                        goto export_end;
@@ -534,8 +546,6 @@ int MAIN(int argc, char **argv)
        }
        sk_X509_pop_free(certs, X509_free);
        certs = NULL;
-       /* ucert is part of certs so it is already freed */
-       ucert = NULL;
 
 #ifdef CRYPTO_MDEBUG
        CRYPTO_pop_info();
@@ -543,7 +553,7 @@ int MAIN(int argc, char **argv)
 #endif
 
        if(!noprompt &&
-               EVP_read_pw_string(pass, 50, "Enter Export Password:", 1)) {
+               EVP_read_pw_string(pass, sizeof pass, "Enter Export Password:", 1)) {
            BIO_printf (bio_err, "Can't read Password\n");
            goto export_end;
         }
@@ -624,7 +634,6 @@ int MAIN(int argc, char **argv)
        if (certs) sk_X509_pop_free(certs, X509_free);
        if (safes) sk_PKCS7_pop_free(safes, PKCS7_free);
        if (bags) sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
-       if (ucert) X509_free(ucert);
 
 #ifdef CRYPTO_MDEBUG
        CRYPTO_pop_info();
@@ -641,7 +650,7 @@ int MAIN(int argc, char **argv)
 #ifdef CRYPTO_MDEBUG
     CRYPTO_push_info("read import password");
 #endif
-    if(!noprompt && EVP_read_pw_string(pass, 50, "Enter Import Password:", 0)) {
+    if(!noprompt && EVP_read_pw_string(pass, sizeof pass, "Enter Import Password:", 0)) {
        BIO_printf (bio_err, "Can't read Password\n");
        goto end;
     }
@@ -695,7 +704,7 @@ int MAIN(int argc, char **argv)
     if(passin) OPENSSL_free(passin);
     if(passout) OPENSSL_free(passout);
     apps_shutdown();
-    EXIT(ret);
+    OPENSSL_EXIT(ret);
 }
 
 int dump_certs_keys_p12 (BIO *out, PKCS12 *p12, char *pass,
@@ -776,7 +785,10 @@ int dump_certs_pkeys_bag (BIO *out, PKCS12_SAFEBAG *bag, char *pass,
                print_attribs (out, bag->attrib, "Bag Attributes");
                if (!(p8 = PKCS12_decrypt_skey(bag, pass, passlen)))
                                return 0;
-               if (!(pkey = EVP_PKCS82PKEY (p8))) return 0;
+               if (!(pkey = EVP_PKCS82PKEY (p8))) {
+                       PKCS8_PRIV_KEY_INFO_free(p8);
+                       return 0;
+               }
                print_attribs (out, p8->attributes, "Key Attributes");
                PKCS8_PRIV_KEY_INFO_free(p8);
                PEM_write_bio_PrivateKey (out, pkey, enc, NULL, 0, NULL, pempass);