From 1ae56f2f43d36618e54cbb8dd47a7107b74505b6 Mon Sep 17 00:00:00 2001 From: Rich Salz Date: Wed, 4 Mar 2020 16:52:22 -0500 Subject: [PATCH] Don't compile commands if disabled Rather than wrapping whole files in "ifndef OPENSSL_NO_xxx" we handle the changes in build.info Reviewed-by: Paul Dale Reviewed-by: Bernd Edlinger (Merged from https://github.com/openssl/openssl/pull/11250) --- apps/build.info | 35 ++++++++++-- apps/dhparam.c | 62 ++++++++++---------- apps/dsa.c | 52 ++++++++--------- apps/dsaparam.c | 32 +++++------ apps/ec.c | 26 ++++----- apps/ecparam.c | 35 +++++------- apps/engine.c | 24 ++++---- apps/gendsa.c | 34 +++++------ apps/genrsa.c | 44 +++++++-------- apps/ocsp.c | 147 +++++++++++++++++++++++------------------------- apps/pkcs12.c | 51 ++++++++--------- apps/rsa.c | 56 +++++++++--------- apps/rsautl.c | 34 +++++------ apps/srp.c | 38 ++++++------- apps/ts.c | 46 +++++++-------- 15 files changed, 341 insertions(+), 375 deletions(-) diff --git a/apps/build.info b/apps/build.info index 2186de3a27..06b5ca46d8 100644 --- a/apps/build.info +++ b/apps/build.info @@ -13,15 +13,40 @@ ENDIF $OPENSSLSRC=\ openssl.c progs.c \ asn1pars.c ca.c ciphers.c cms.c crl.c crl2p7.c dgst.c \ - ec.c ecparam.c enc.c engine.c errstr.c \ - genpkey.c kdf.c mac.c nseq.c ocsp.c passwd.c pkcs12.c pkcs7.c \ + enc.c errstr.c \ + genpkey.c kdf.c mac.c nseq.c passwd.c pkcs7.c \ pkcs8.c pkey.c pkeyparam.c pkeyutl.c prime.c rand.c req.c \ s_client.c s_server.c s_time.c sess_id.c smime.c speed.c \ - spkac.c srp.c ts.c verify.c version.c x509.c rehash.c storeutl.c \ + spkac.c verify.c version.c x509.c rehash.c storeutl.c \ list.c info.c provider.c fipsinstall.c +IF[{- !$disabled{'des'} -}] + $OPENSSLSRC=$OPENSSLSRC pkcs12.c +ENDIF +IF[{- !$disabled{'ec'} -}] + $OPENSSLSRC=$OPENSSLSRC ec.c ecparam.c +ENDIF +IF[{- !$disabled{'ocsp'} -}] + $OPENSSLSRC=$OPENSSLSRC ocsp.c +ENDIF +IF[{- !$disabled{'srp'} -}] + $OPENSSLSRC=$OPENSSLSRC srp.c +ENDIF +IF[{- !$disabled{'ts'} -}] + $OPENSSLSRC=$OPENSSLSRC ts.c +ENDIF IF[{- !$disabled{'deprecated-3.0'} -}] - $OPENSSLSRC=$OPENSSLSRC \ - dhparam.c dsa.c dsaparam.c gendsa.c rsa.c rsautl.c genrsa.c + IF[{- !$disabled{'dh'} -}] + $OPENSSLSRC=$OPENSSLSRC dhparam.c + ENDIF + IF[{- !$disabled{'dsa'} -}] + $OPENSSLSRC=$OPENSSLSRC dsa.c dsaparam.c gendsa.c + ENDIF + IF[{- !$disabled{'engine'} -}] + $OPENSSLSRC=$OPENSSLSRC engine.c + ENDIF + IF[{- !$disabled{'rsa'} -}] + $OPENSSLSRC=$OPENSSLSRC rsa.c rsautl.c genrsa.c + ENDIF ENDIF IF[{- !$disabled{'cmp'} -}] $OPENSSLSRC=$OPENSSLSRC cmp_mock_srv.c diff --git a/apps/dhparam.c b/apps/dhparam.c index 3f694c5a35..019a7ce8ab 100644 --- a/apps/dhparam.c +++ b/apps/dhparam.c @@ -11,28 +11,25 @@ #define OPENSSL_SUPPRESS_DEPRECATED #include -#ifdef OPENSSL_NO_DH -NON_EMPTY_TRANSLATION_UNIT -#else - -# include -# include -# include -# include -# include "apps.h" -# include "progs.h" -# include -# include -# include -# include -# include -# include - -# ifndef OPENSSL_NO_DSA -# include -# endif - -# define DEFBITS 2048 + +#include +#include +#include +#include +#include "apps.h" +#include "progs.h" +#include +#include +#include +#include +#include +#include + +#ifndef OPENSSL_NO_DSA +# include +#endif + +#define DEFBITS 2048 static int dh_cb(int p, int n, BN_GENCB *cb); @@ -50,13 +47,13 @@ const OPTIONS dhparam_options[] = { OPT_SECTION("General"), {"help", OPT_HELP, '-', "Display this summary"}, {"check", OPT_CHECK, '-', "Check the DH parameters"}, -# ifndef OPENSSL_NO_DSA +#ifndef OPENSSL_NO_DSA {"dsaparam", OPT_DSAPARAM, '-', "Read or generate DSA parameters, convert to DH"}, -# endif -# ifndef OPENSSL_NO_ENGINE +#endif +#ifndef OPENSSL_NO_ENGINE {"engine", OPT_ENGINE, 's', "Use engine e, possibly a hardware device"}, -# endif +#endif OPT_SECTION("Input"), {"in", OPT_IN, '<', "Input file"}, @@ -167,13 +164,13 @@ int dhparam_main(int argc, char **argv) if (g && !num) num = DEFBITS; -# ifndef OPENSSL_NO_DSA +#ifndef OPENSSL_NO_DSA if (dsaparam && g) { BIO_printf(bio_err, "generator may not be chosen for DSA parameters\n"); goto end; } -# endif +#endif out = bio_open_default(outfile, 'w', outformat); if (out == NULL) @@ -194,7 +191,7 @@ int dhparam_main(int argc, char **argv) BN_GENCB_set(cb, dh_cb, bio_err); -# ifndef OPENSSL_NO_DSA +#ifndef OPENSSL_NO_DSA if (dsaparam) { DSA *dsa = DSA_new(); @@ -217,7 +214,7 @@ int dhparam_main(int argc, char **argv) goto end; } } else -# endif +#endif { dh = DH_new(); BIO_printf(bio_err, @@ -238,7 +235,7 @@ int dhparam_main(int argc, char **argv) if (in == NULL) goto end; -# ifndef OPENSSL_NO_DSA +#ifndef OPENSSL_NO_DSA if (dsaparam) { DSA *dsa; @@ -260,7 +257,7 @@ int dhparam_main(int argc, char **argv) goto end; } } else -# endif +#endif { if (informat == FORMAT_ASN1) { /* @@ -397,4 +394,3 @@ static int dh_cb(int p, int n, BN_GENCB *cb) (void)BIO_flush(BN_GENCB_get_arg(cb)); return 1; } -#endif diff --git a/apps/dsa.c b/apps/dsa.c index 082aa96476..200e959fb0 100644 --- a/apps/dsa.c +++ b/apps/dsa.c @@ -11,23 +11,20 @@ #define OPENSSL_SUPPRESS_DEPRECATED #include -#ifdef OPENSSL_NO_DSA -NON_EMPTY_TRANSLATION_UNIT -#else -# include -# include -# include -# include -# include "apps.h" -# include "progs.h" -# include -# include -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include "apps.h" +#include "progs.h" +#include +#include +#include +#include +#include +#include +#include typedef enum OPTION_choice { OPT_ERR = -1, OPT_EOF = 0, OPT_HELP, @@ -43,14 +40,14 @@ const OPTIONS dsa_options[] = { OPT_SECTION("General"), {"help", OPT_HELP, '-', "Display this summary"}, {"", OPT_CIPHER, '-', "Any supported cipher"}, -# ifndef OPENSSL_NO_RC4 +#ifndef OPENSSL_NO_RC4 {"pvk-strong", OPT_PVK_STRONG, '-', "Enable 'Strong' PVK encoding level (default)"}, {"pvk-weak", OPT_PVK_WEAK, '-', "Enable 'Weak' PVK encoding level"}, {"pvk-none", OPT_PVK_NONE, '-', "Don't enforce PVK encoding"}, -# endif -# ifndef OPENSSL_NO_ENGINE +#endif +#ifndef OPENSSL_NO_ENGINE {"engine", OPT_ENGINE, 's', "Use engine e, possibly a hardware device"}, -# endif +#endif OPT_SECTION("Input"), {"in", OPT_IN, 's', "Input key"}, @@ -82,9 +79,9 @@ int dsa_main(int argc, char **argv) OPTION_CHOICE o; int informat = FORMAT_PEM, outformat = FORMAT_PEM, text = 0, noout = 0; int i, modulus = 0, pubin = 0, pubout = 0, ret = 1; -# ifndef OPENSSL_NO_RC4 +#ifndef OPENSSL_NO_RC4 int pvk_encr = 2; -# endif +#endif int private = 0; prog = opt_init(argc, argv, dsa_options); @@ -230,7 +227,7 @@ int dsa_main(int argc, char **argv) i = PEM_write_bio_DSAPrivateKey(out, dsa, enc, NULL, 0, NULL, passout); } -# ifndef OPENSSL_NO_RSA +#ifndef OPENSSL_NO_RSA } else if (outformat == FORMAT_MSBLOB || outformat == FORMAT_PVK) { EVP_PKEY *pk; pk = EVP_PKEY_new(); @@ -245,13 +242,13 @@ int dsa_main(int argc, char **argv) goto end; } assert(private); -# ifdef OPENSSL_NO_RC4 +# ifdef OPENSSL_NO_RC4 BIO_printf(bio_err, "PVK format not supported\n"); EVP_PKEY_free(pk); goto end; -# else +# else i = i2b_PVK_bio(out, pk, pvk_encr, 0, passout); -# endif +# endif } else if (pubin || pubout) { i = i2b_PublicKey_bio(out, pk); } else { @@ -259,7 +256,7 @@ int dsa_main(int argc, char **argv) i = i2b_PrivateKey_bio(out, pk); } EVP_PKEY_free(pk); -# endif +#endif } else { BIO_printf(bio_err, "bad output format specified for outfile\n"); goto end; @@ -278,4 +275,3 @@ int dsa_main(int argc, char **argv) OPENSSL_free(passout); return ret; } -#endif diff --git a/apps/dsaparam.c b/apps/dsaparam.c index 04e09e7950..11f47b44c4 100644 --- a/apps/dsaparam.c +++ b/apps/dsaparam.c @@ -11,22 +11,19 @@ #define OPENSSL_SUPPRESS_DEPRECATED #include -#ifdef OPENSSL_NO_DSA -NON_EMPTY_TRANSLATION_UNIT -#else -# include -# include -# include -# include -# include "apps.h" -# include "progs.h" -# include -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include "apps.h" +#include "progs.h" +#include +#include +#include +#include +#include +#include static int verbose = 0; @@ -44,9 +41,9 @@ const OPTIONS dsaparam_options[] = { OPT_SECTION("General"), {"help", OPT_HELP, '-', "Display this summary"}, -# ifndef OPENSSL_NO_ENGINE +#ifndef OPENSSL_NO_ENGINE {"engine", OPT_ENGINE, 's', "Use engine e, possibly a hardware device"}, -# endif +#endif OPT_SECTION("Input"), {"in", OPT_IN, '<', "Input file"}, @@ -286,4 +283,3 @@ static int dsa_cb(int p, int n, BN_GENCB *cb) (void)BIO_flush(BN_GENCB_get_arg(cb)); return 1; } -#endif diff --git a/apps/ec.c b/apps/ec.c index 6a3879922c..ba37d8067f 100644 --- a/apps/ec.c +++ b/apps/ec.c @@ -8,19 +8,16 @@ */ #include -#ifdef OPENSSL_NO_EC -NON_EMPTY_TRANSLATION_UNIT -#else -# include -# include -# include -# include "apps.h" -# include "progs.h" -# include -# include -# include -# include +#include +#include +#include +#include "apps.h" +#include "progs.h" +#include +#include +#include +#include static OPT_PAIR conv_forms[] = { {"compressed", POINT_CONVERSION_COMPRESSED}, @@ -46,9 +43,9 @@ typedef enum OPTION_choice { const OPTIONS ec_options[] = { OPT_SECTION("General"), {"help", OPT_HELP, '-', "Display this summary"}, -# ifndef OPENSSL_NO_ENGINE +#ifndef OPENSSL_NO_ENGINE {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"}, -# endif +#endif OPT_SECTION("Input"), {"in", OPT_IN, 's', "Input file"}, @@ -291,4 +288,3 @@ int ec_main(int argc, char **argv) OPENSSL_free(passout); return ret; } -#endif diff --git a/apps/ecparam.c b/apps/ecparam.c index ed4f4f1fd8..b93c2fa086 100644 --- a/apps/ecparam.c +++ b/apps/ecparam.c @@ -9,22 +9,19 @@ */ #include -#ifdef OPENSSL_NO_EC -NON_EMPTY_TRANSLATION_UNIT -#else - -# include -# include -# include -# include -# include "apps.h" -# include "progs.h" -# include -# include -# include -# include -# include -# include + +#include +#include +#include +#include +#include "apps.h" +#include "progs.h" +#include +#include +#include +#include +#include +#include typedef enum OPTION_choice { OPT_ERR = -1, OPT_EOF = 0, OPT_HELP, @@ -39,9 +36,9 @@ const OPTIONS ecparam_options[] = { {"help", OPT_HELP, '-', "Display this summary"}, {"list_curves", OPT_LIST_CURVES, '-', "Prints a list of all curve 'short names'"}, -# ifndef OPENSSL_NO_ENGINE +#ifndef OPENSSL_NO_ENGINE {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"}, -# endif +#endif {"genkey", OPT_GENKEY, '-', "Generate ec key"}, {"in", OPT_IN, '<', "Input file - default stdin"}, @@ -473,5 +470,3 @@ int ecparam_main(int argc, char **argv) BIO_free_all(out); return ret; } - -#endif diff --git a/apps/engine.c b/apps/engine.c index a71e111016..c070f1f8b2 100644 --- a/apps/engine.c +++ b/apps/engine.c @@ -8,19 +8,16 @@ */ #include -#ifdef OPENSSL_NO_ENGINE -NON_EMPTY_TRANSLATION_UNIT -#else - -# include "apps.h" -# include "progs.h" -# include -# include -# include -# include -# include -# include -# include + +#include "apps.h" +#include "progs.h" +#include +#include +#include +#include +#include +#include +#include typedef enum OPTION_choice { OPT_ERR = -1, OPT_EOF = 0, OPT_HELP, @@ -491,4 +488,3 @@ int engine_main(int argc, char **argv) BIO_free_all(out); return ret; } -#endif diff --git a/apps/gendsa.c b/apps/gendsa.c index cf24416bd7..56939c56d1 100644 --- a/apps/gendsa.c +++ b/apps/gendsa.c @@ -11,22 +11,19 @@ #define OPENSSL_SUPPRESS_DEPRECATED #include -#ifdef OPENSSL_NO_DSA -NON_EMPTY_TRANSLATION_UNIT -#else - -# include -# include -# include -# include -# include "apps.h" -# include "progs.h" -# include -# include -# include -# include -# include -# include + +#include +#include +#include +#include +#include "apps.h" +#include "progs.h" +#include +#include +#include +#include +#include +#include typedef enum OPTION_choice { OPT_ERR = -1, OPT_EOF = 0, OPT_HELP, @@ -39,9 +36,9 @@ const OPTIONS gendsa_options[] = { OPT_SECTION("General"), {"help", OPT_HELP, '-', "Display this summary"}, -# ifndef OPENSSL_NO_ENGINE +#ifndef OPENSSL_NO_ENGINE {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"}, -# endif +#endif OPT_SECTION("Output"), {"out", OPT_OUT, '>', "Output the key to the specified file"}, @@ -162,4 +159,3 @@ int gendsa_main(int argc, char **argv) OPENSSL_free(passout); return ret; } -#endif diff --git a/apps/genrsa.c b/apps/genrsa.c index 3f76d9bada..deeac112b1 100644 --- a/apps/genrsa.c +++ b/apps/genrsa.c @@ -11,27 +11,24 @@ #define OPENSSL_SUPPRESS_DEPRECATED #include -#ifdef OPENSSL_NO_RSA -NON_EMPTY_TRANSLATION_UNIT -#else - -# include -# include -# include -# include -# include "apps.h" -# include "progs.h" -# include -# include -# include -# include -# include -# include -# include -# include - -# define DEFBITS 2048 -# define DEFPRIMES 2 + +#include +#include +#include +#include +#include "apps.h" +#include "progs.h" +#include +#include +#include +#include +#include +#include +#include +#include + +#define DEFBITS 2048 +#define DEFPRIMES 2 static int verbose = 0; @@ -49,9 +46,9 @@ const OPTIONS genrsa_options[] = { OPT_SECTION("General"), {"help", OPT_HELP, '-', "Display this summary"}, -# ifndef OPENSSL_NO_ENGINE +#ifndef OPENSSL_NO_ENGINE {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"}, -# endif +#endif OPT_SECTION("Input"), {"3", OPT_3, '-', "Use 3 for the E value"}, @@ -227,4 +224,3 @@ static int genrsa_cb(int p, int n, BN_GENCB *cb) (void)BIO_flush(BN_GENCB_get_arg(cb)); return 1; } -#endif diff --git a/apps/ocsp.c b/apps/ocsp.c index 411f605814..3fa10797fc 100644 --- a/apps/ocsp.c +++ b/apps/ocsp.c @@ -9,32 +9,29 @@ #include -#ifdef OPENSSL_NO_OCSP -NON_EMPTY_TRANSLATION_UNIT -#else -# ifdef OPENSSL_SYS_VMS -# define _XOPEN_SOURCE_EXTENDED/* So fd_set and friends get properly defined - * on OpenVMS */ -# endif +#ifdef OPENSSL_SYS_VMS + /* So fd_set and friends get properly defined on OpenVMS */ +# define _XOPEN_SOURCE_EXTENDED +#endif -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include /* Needs to be included before the openssl headers */ -# include "apps.h" -# include "progs.h" -# include "internal/sockets.h" -# include -# include -# include -# include -# include -# include -# include -# include +#include "apps.h" +#include "progs.h" +#include "internal/sockets.h" +#include +#include +#include +#include +#include +#include +#include +#include #ifndef HAVE_FORK # if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS) @@ -50,24 +47,24 @@ NON_EMPTY_TRANSLATION_UNIT # define NO_FORK #endif -# if !defined(NO_FORK) && !defined(OPENSSL_NO_SOCK) \ +#if !defined(NO_FORK) && !defined(OPENSSL_NO_SOCK) \ && !defined(OPENSSL_NO_POSIX_IO) -# define OCSP_DAEMON -# include -# include -# include -# include -# define MAXERRLEN 1000 /* limit error text sent to syslog to 1000 bytes */ -# else -# undef LOG_INFO -# undef LOG_WARNING -# undef LOG_ERR -# define LOG_INFO 0 -# define LOG_WARNING 1 -# define LOG_ERR 2 -# endif +# define OCSP_DAEMON +# include +# include +# include +# include +# define MAXERRLEN 1000 /* limit error text sent to syslog to 1000 bytes */ +#else +# undef LOG_INFO +# undef LOG_WARNING +# undef LOG_ERR +# define LOG_INFO 0 +# define LOG_WARNING 1 +# define LOG_ERR 2 +#endif -# if defined(OPENSSL_SYS_VXWORKS) +#if defined(OPENSSL_SYS_VXWORKS) /* not supported */ int setpgid(pid_t pid, pid_t pgid) { @@ -80,9 +77,9 @@ pid_t fork(void) errno = ENOSYS; return (pid_t) -1; } -# endif +#endif /* Maximum leeway in validity period: default 5 minutes */ -# define MAX_VALIDITY_PERIOD (5 * 60) +#define MAX_VALIDITY_PERIOD (5 * 60) static int add_ocsp_cert(OCSP_REQUEST **req, X509 *cert, const EVP_MD *cert_id_md, X509 *issuer, @@ -110,13 +107,13 @@ static void log_message(int level, const char *fmt, ...); static char *prog; static int multi = 0; -# ifdef OCSP_DAEMON +#ifdef OCSP_DAEMON static int acfd = (int) INVALID_SOCKET; static int index_changed(CA_DB *); static void spawn_loop(void); static int print_syslog(const char *str, size_t len, void *levPtr); static void socket_timeout(int signum); -# endif +#endif typedef enum OPTION_choice { OPT_ERR = -1, OPT_EOF = 0, OPT_HELP, @@ -160,9 +157,9 @@ const OPTIONS ocsp_options[] = { "Connection timeout (in seconds) to the OCSP responder"}, {"resp_no_certs", OPT_RESP_NO_CERTS, '-', "Don't include any certificates in response"}, -# ifdef OCSP_DAEMON +#ifdef OCSP_DAEMON {"multi", OPT_MULTI, 'p', "run multiple responder processes"}, -# endif +#endif {"no_certs", OPT_NO_CERTS, '-', "Don't include any certificates in signed request"}, {"badsig", OPT_BADSIG, '-', @@ -538,9 +535,9 @@ int ocsp_main(int argc, char **argv) trailing_md = 1; break; case OPT_MULTI: -# ifdef OCSP_DAEMON +#ifdef OCSP_DAEMON multi = atoi(opt_arg()); -# endif +#endif break; case OPT_PROV_CASES: if (!opt_provider(o)) @@ -628,7 +625,7 @@ int ocsp_main(int argc, char **argv) } } -# ifdef OCSP_DAEMON +#ifdef OCSP_DAEMON if (multi && acbio != NULL) spawn_loop(); if (acbio != NULL && req_timeout > 0) @@ -641,7 +638,7 @@ int ocsp_main(int argc, char **argv) redo_accept: if (acbio != NULL) { -# ifdef OCSP_DAEMON +#ifdef OCSP_DAEMON if (index_changed(rdb)) { CA_DB *newrdb = load_index(ridx_filename, NULL); @@ -654,7 +651,7 @@ redo_accept: ridx_filename); } } -# endif +#endif req = NULL; if (!do_responder(&req, &cbio, acbio, req_timeout)) @@ -724,16 +721,16 @@ redo_accept: if (cbio != NULL) send_ocsp_response(cbio, resp); } else if (host != NULL) { -# ifndef OPENSSL_NO_SOCK +#ifndef OPENSSL_NO_SOCK resp = process_responder(req, host, path, port, use_ssl, headers, req_timeout); if (resp == NULL) goto end; -# else +#else BIO_printf(bio_err, "Error creating connect BIO - sockets not supported.\n"); goto end; -# endif +#endif } else if (respin != NULL) { derbio = bio_open_default(respin, 'r', FORMAT_ASN1); if (derbio == NULL) @@ -877,7 +874,7 @@ log_message(int level, const char *fmt, ...) va_list ap; va_start(ap, fmt); -# ifdef OCSP_DAEMON +#ifdef OCSP_DAEMON if (multi) { char buf[1024]; if (vsnprintf(buf, sizeof(buf), fmt, ap) > 0) { @@ -886,7 +883,7 @@ log_message(int level, const char *fmt, ...) if (level >= LOG_ERR) ERR_print_errors_cb(print_syslog, &level); } -# endif +#endif if (!multi) { BIO_printf(bio_err, "%s: ", prog); BIO_vprintf(bio_err, fmt, ap); @@ -895,7 +892,7 @@ log_message(int level, const char *fmt, ...) va_end(ap); } -# ifdef OCSP_DAEMON +#ifdef OCSP_DAEMON static int print_syslog(const char *str, size_t len, void *levPtr) { @@ -1048,7 +1045,7 @@ static void spawn_loop(void) syslog(LOG_INFO, "terminating on signal: %d", termsig); killall(0, kidpids); } -# endif +#endif static int add_ocsp_cert(OCSP_REQUEST **req, X509 *cert, const EVP_MD *cert_id_md, X509 *issuer, @@ -1338,11 +1335,11 @@ static char **lookup_serial(CA_DB *db, ASN1_INTEGER *ser) static BIO *init_responder(const char *port) { -# ifdef OPENSSL_NO_SOCK +#ifdef OPENSSL_NO_SOCK BIO_printf(bio_err, "Error setting up accept BIO - sockets not supported.\n"); return NULL; -# else +#else BIO *acbio = NULL, *bufbio = NULL; bufbio = BIO_new(BIO_f_buffer()); @@ -1369,10 +1366,10 @@ static BIO *init_responder(const char *port) BIO_free_all(acbio); BIO_free(bufbio); return NULL; -# endif +#endif } -# ifndef OPENSSL_NO_SOCK +#ifndef OPENSSL_NO_SOCK /* * Decode %xx URL-decoding in-place. Ignores mal-formed sequences. */ @@ -1396,22 +1393,22 @@ static int urldecode(char *p) *out = '\0'; return (int)(out - save); } -# endif +#endif -# ifdef OCSP_DAEMON +#ifdef OCSP_DAEMON static void socket_timeout(int signum) { if (acfd != (int)INVALID_SOCKET) (void)shutdown(acfd, SHUT_RD); } -# endif +#endif static int do_responder(OCSP_REQUEST **preq, BIO **pcbio, BIO *acbio, int timeout) { -# ifdef OPENSSL_NO_SOCK +#ifdef OPENSSL_NO_SOCK return 0; -# else +#else int len; OCSP_REQUEST *req = NULL; char inbuf[2048], reqbuf[2048]; @@ -1429,12 +1426,12 @@ static int do_responder(OCSP_REQUEST **preq, BIO **pcbio, BIO *acbio, *pcbio = cbio; client = BIO_get_peer_name(cbio); -# ifdef OCSP_DAEMON +# ifdef OCSP_DAEMON if (timeout > 0) { (void) BIO_get_fd(cbio, &acfd); alarm(timeout); } -# endif +# endif /* Read the request line. */ len = BIO_gets(cbio, reqbuf, sizeof(reqbuf)); @@ -1497,11 +1494,11 @@ static int do_responder(OCSP_REQUEST **preq, BIO **pcbio, BIO *acbio, break; } -# ifdef OCSP_DAEMON +# ifdef OCSP_DAEMON /* Clear alarm before we close the client socket */ alarm(0); timeout = 0; -# endif +# endif /* Try to read OCSP request */ if (getbio != NULL) { @@ -1517,13 +1514,13 @@ static int do_responder(OCSP_REQUEST **preq, BIO **pcbio, BIO *acbio, *preq = req; out: -# ifdef OCSP_DAEMON +# ifdef OCSP_DAEMON if (timeout > 0) alarm(0); acfd = (int)INVALID_SOCKET; -# endif - return 1; # endif + return 1; +#endif } static int send_ocsp_response(BIO *cbio, OCSP_RESPONSE *resp) @@ -1539,7 +1536,7 @@ static int send_ocsp_response(BIO *cbio, OCSP_RESPONSE *resp) return 1; } -# ifndef OPENSSL_NO_SOCK +#ifndef OPENSSL_NO_SOCK OCSP_RESPONSE *process_responder(OCSP_REQUEST *req, const char *host, const char *path, const char *port, int use_ssl, @@ -1571,6 +1568,4 @@ OCSP_RESPONSE *process_responder(OCSP_REQUEST *req, SSL_CTX_free(ctx); return resp; } -# endif - #endif diff --git a/apps/pkcs12.c b/apps/pkcs12.c index c2448a74f5..f5ad949872 100644 --- a/apps/pkcs12.c +++ b/apps/pkcs12.c @@ -8,25 +8,22 @@ */ #include -#if defined(OPENSSL_NO_DES) -NON_EMPTY_TRANSLATION_UNIT -#else -# include -# include -# include -# include "apps.h" -# include "progs.h" -# include -# include -# include -# include - -# define NOKEYS 0x1 -# define NOCERTS 0x2 -# define INFO 0x4 -# define CLCERTS 0x8 -# define CACERTS 0x10 +#include +#include +#include +#include "apps.h" +#include "progs.h" +#include +#include +#include +#include + +#define NOKEYS 0x1 +#define NOCERTS 0x2 +#define INFO 0x4 +#define CLCERTS 0x8 +#define CACERTS 0x10 #define PASSWD_BUF_SIZE 2048 @@ -64,9 +61,9 @@ typedef enum OPTION_choice { const OPTIONS pkcs12_options[] = { OPT_SECTION("General"), {"help", OPT_HELP, '-', "Display this summary"}, -# ifndef OPENSSL_NO_ENGINE +#ifndef OPENSSL_NO_ENGINE {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"}, -# endif +#endif OPT_SECTION("CA"), {"CApath", OPT_CAPATH, '/', "PEM-format directory of CA's"}, @@ -112,15 +109,15 @@ const OPTIONS pkcs12_options[] = { {"keysig", OPT_KEYSIG, '-', "Set MS key signature type"}, OPT_SECTION("Encryption"), -# ifndef OPENSSL_NO_RC2 +#ifndef OPENSSL_NO_RC2 {"descert", OPT_DESCERT, '-', "Encrypt output with 3DES (default RC2-40)"}, {"certpbe", OPT_CERTPBE, 's', "Certificate PBE algorithm (default RC2-40)"}, -# else +#else {"descert", OPT_DESCERT, '-', "Encrypt output with 3DES (the default)"}, {"certpbe", OPT_CERTPBE, 's', "Certificate PBE algorithm (default 3DES)"}, -# endif +#endif {"iter", OPT_ITER, 'p', "Specify the iteration count for encryption key and MAC"}, {"noiter", OPT_NOITER, '-', "Don't use encryption key iteration"}, {"maciter", OPT_MACITER, '-', "Unused, kept for backwards compatibility"}, @@ -141,11 +138,11 @@ int pkcs12_main(int argc, char **argv) char pass[PASSWD_BUF_SIZE] = "", macpass[PASSWD_BUF_SIZE] = ""; int export_cert = 0, options = 0, chain = 0, twopass = 0, keytype = 0; int iter = PKCS12_DEFAULT_ITER, maciter = PKCS12_DEFAULT_ITER; -# ifndef OPENSSL_NO_RC2 +#ifndef OPENSSL_NO_RC2 int cert_pbe = NID_pbe_WithSHA1And40BitRC2_CBC; -# else +#else int cert_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; -# endif +#endif int key_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; int ret = 1, macver = 1, add_lmk = 0, private = 0; int noprompt = 0; @@ -1008,5 +1005,3 @@ static int set_pbe(int *ppbe, const char *str) } return 1; } - -#endif diff --git a/apps/rsa.c b/apps/rsa.c index d626bbb31a..25cc6266f8 100644 --- a/apps/rsa.c +++ b/apps/rsa.c @@ -11,23 +11,20 @@ #define OPENSSL_SUPPRESS_DEPRECATED #include -#ifdef OPENSSL_NO_RSA -NON_EMPTY_TRANSLATION_UNIT -#else -# include -# include -# include -# include -# include "apps.h" -# include "progs.h" -# include -# include -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include "apps.h" +#include "progs.h" +#include +#include +#include +#include +#include +#include +#include typedef enum OPTION_choice { OPT_ERR = -1, OPT_EOF = 0, OPT_HELP, @@ -45,9 +42,9 @@ const OPTIONS rsa_options[] = { {"help", OPT_HELP, '-', "Display this summary"}, {"check", OPT_CHECK, '-', "Verify key consistency"}, {"", OPT_CIPHER, '-', "Any supported cipher"}, -# ifndef OPENSSL_NO_ENGINE +#ifndef OPENSSL_NO_ENGINE {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"}, -# endif +#endif OPT_SECTION("Input"), {"in", OPT_IN, 's', "Input file"}, @@ -66,14 +63,14 @@ const OPTIONS rsa_options[] = { {"text", OPT_TEXT, '-', "Print the key in text"}, {"modulus", OPT_MODULUS, '-', "Print the RSA key modulus"}, -# if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_RC4) +#if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_RC4) OPT_SECTION("PVK"), {"pvk-strong", OPT_PVK_STRONG, '-', "Enable 'Strong' PVK encoding level (default)"}, {"pvk-weak", OPT_PVK_WEAK, '-', "Enable 'Weak' PVK encoding level"}, {"pvk-none", OPT_PVK_NONE, '-', "Don't enforce PVK encoding"}, -# endif OPT_PROV_OPTIONS, +#endif {NULL} }; @@ -88,9 +85,9 @@ int rsa_main(int argc, char **argv) int i, private = 0; int informat = FORMAT_PEM, outformat = FORMAT_PEM, text = 0, check = 0; int noout = 0, modulus = 0, pubin = 0, pubout = 0, ret = 1; -# if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_RC4) +#if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_RC4) int pvk_encr = 2; -# endif +#endif OPTION_CHOICE o; prog = opt_init(argc, argv, rsa_options); @@ -143,9 +140,9 @@ int rsa_main(int argc, char **argv) case OPT_PVK_STRONG: /* pvk_encr:= 2 */ case OPT_PVK_WEAK: /* pvk_encr:= 1 */ case OPT_PVK_NONE: /* pvk_encr:= 0 */ -# if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_RC4) +#if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_RC4) pvk_encr = (o - OPT_PVK_NONE); -# endif +#endif break; case OPT_NOOUT: noout = 1; @@ -281,7 +278,7 @@ int rsa_main(int argc, char **argv) i = PEM_write_bio_RSAPrivateKey(out, rsa, enc, NULL, 0, NULL, passout); } -# ifndef OPENSSL_NO_DSA +#ifndef OPENSSL_NO_DSA } else if (outformat == FORMAT_MSBLOB || outformat == FORMAT_PVK) { EVP_PKEY *pk; pk = EVP_PKEY_new(); @@ -296,13 +293,13 @@ int rsa_main(int argc, char **argv) goto end; } assert(private); -# ifdef OPENSSL_NO_RC4 +# ifdef OPENSSL_NO_RC4 BIO_printf(bio_err, "PVK format not supported\n"); EVP_PKEY_free(pk); goto end; -# else +# else i = i2b_PVK_bio(out, pk, pvk_encr, 0, passout); -# endif +# endif } else if (pubin || pubout) { i = i2b_PublicKey_bio(out, pk); } else { @@ -310,7 +307,7 @@ int rsa_main(int argc, char **argv) i = i2b_PrivateKey_bio(out, pk); } EVP_PKEY_free(pk); -# endif +#endif } else { BIO_printf(bio_err, "bad output format specified for outfile\n"); goto end; @@ -329,4 +326,3 @@ int rsa_main(int argc, char **argv) OPENSSL_free(passout); return ret; } -#endif diff --git a/apps/rsautl.c b/apps/rsautl.c index b72f527ce4..48d8296c01 100644 --- a/apps/rsautl.c +++ b/apps/rsautl.c @@ -11,25 +11,22 @@ #define OPENSSL_SUPPRESS_DEPRECATED #include -#ifdef OPENSSL_NO_RSA -NON_EMPTY_TRANSLATION_UNIT -#else -# include "apps.h" -# include "progs.h" -# include -# include -# include -# include +#include "apps.h" +#include "progs.h" +#include +#include +#include +#include -# define RSA_SIGN 1 -# define RSA_VERIFY 2 -# define RSA_ENCRYPT 3 -# define RSA_DECRYPT 4 +#define RSA_SIGN 1 +#define RSA_VERIFY 2 +#define RSA_ENCRYPT 3 +#define RSA_DECRYPT 4 -# define KEY_PRIVKEY 1 -# define KEY_PUBKEY 2 -# define KEY_CERT 3 +#define KEY_PRIVKEY 1 +#define KEY_PUBKEY 2 +#define KEY_CERT 3 typedef enum OPTION_choice { OPT_ERR = -1, OPT_EOF = 0, OPT_HELP, @@ -47,9 +44,9 @@ const OPTIONS rsautl_options[] = { {"verify", OPT_VERIFY, '-', "Verify with public key"}, {"encrypt", OPT_ENCRYPT, '-', "Encrypt with public key"}, {"decrypt", OPT_DECRYPT, '-', "Decrypt with private key"}, -# ifndef OPENSSL_NO_ENGINE +#ifndef OPENSSL_NO_ENGINE {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"}, -# endif +#endif OPT_SECTION("Input"), {"in", OPT_IN, '<', "Input file"}, @@ -293,4 +290,3 @@ int rsautl_main(int argc, char **argv) OPENSSL_free(passin); return ret; } -#endif diff --git a/apps/srp.c b/apps/srp.c index 646e86f11a..8fb325feab 100644 --- a/apps/srp.c +++ b/apps/srp.c @@ -12,28 +12,25 @@ */ #include -#ifdef OPENSSL_NO_SRP -NON_EMPTY_TRANSLATION_UNIT -#else -# include -# include -# include -# include -# include -# include -# include -# include -# include -# include "apps.h" -# include "progs.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include "apps.h" +#include "progs.h" -# define BASE_SECTION "srp" -# define CONFIG_FILE "openssl.cnf" +#define BASE_SECTION "srp" +#define CONFIG_FILE "openssl.cnf" -# define ENV_DATABASE "srpvfile" -# define ENV_DEFAULT_SRP "default_srp" +#define ENV_DATABASE "srpvfile" +#define ENV_DEFAULT_SRP "default_srp" static int get_index(CA_DB *db, char *id, char type) { @@ -204,9 +201,9 @@ const OPTIONS srp_options[] = { {"verbose", OPT_VERBOSE, '-', "Talk a lot while doing things"}, {"config", OPT_CONFIG, '<', "A config file"}, {"name", OPT_NAME, 's', "The particular srp definition to use"}, -# ifndef OPENSSL_NO_ENGINE +#ifndef OPENSSL_NO_ENGINE {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"}, -# endif +#endif OPT_SECTION("Action"), {"add", OPT_ADD, '-', "Add a user and srp verifier"}, @@ -625,4 +622,3 @@ int srp_main(int argc, char **argv) release_engine(e); return ret; } -#endif diff --git a/apps/ts.c b/apps/ts.c index 3d380bebf0..2f21433a6b 100644 --- a/apps/ts.c +++ b/apps/ts.c @@ -8,29 +8,26 @@ */ #include -#ifdef OPENSSL_NO_TS -NON_EMPTY_TRANSLATION_UNIT -#else -# include -# include -# include -# include "apps.h" -# include "progs.h" -# include -# include -# include -# include -# include -# include +#include +#include +#include +#include "apps.h" +#include "progs.h" +#include +#include +#include +#include +#include +#include /* Request nonce length, in bits (must be a multiple of 8). */ -# define NONCE_LENGTH 64 +#define NONCE_LENGTH 64 /* Name of config entry that defines the OID file. */ -# define ENV_OID_FILE "oid_file" +#define ENV_OID_FILE "oid_file" /* Is |EXACTLY_ONE| of three pointers set? */ -# define EXACTLY_ONE(a, b, c) \ +#define EXACTLY_ONE(a, b, c) \ (( a && !b && !c) || \ ( b && !a && !c) || \ ( c && !a && !b)) @@ -94,9 +91,9 @@ const OPTIONS ts_options[] = { {"help", OPT_HELP, '-', "Display this summary"}, {"config", OPT_CONFIG, '<', "Configuration file"}, {"section", OPT_SECTION, 's', "Section to use within config file"}, -# ifndef OPENSSL_NO_ENGINE +#ifndef OPENSSL_NO_ENGINE {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"}, -# endif +#endif {"inkey", OPT_INKEY, 's', "File with private key for reply"}, {"signer", OPT_SIGNER, 's', "Signer certificate file"}, {"chain", OPT_CHAIN, '<', "File with signer CA chain"}, @@ -146,11 +143,11 @@ static char* opt_helplist[] = { " [-signer tsa_cert.pem] [-inkey private_key.pem]", " [-chain certs_file.pem] [-tspolicy oid]", " [-in file] [-token_in] [-out file] [-token_out]", -# ifndef OPENSSL_NO_ENGINE +#ifndef OPENSSL_NO_ENGINE " [-text] [-engine id]", -# else +#else " [-text]", -# endif +#endif "", " openssl ts -verify -CApath dir -CAfile file.pem -CAstore uri", " -untrusted file.pem [-data file] [-digest hexstring]", @@ -699,10 +696,10 @@ static TS_RESP *create_response(CONF *conf, const char *section, const char *eng goto end; if (!TS_CONF_set_serial(conf, section, serial_cb, resp_ctx)) goto end; -# ifndef OPENSSL_NO_ENGINE +#ifndef OPENSSL_NO_ENGINE if (!TS_CONF_set_crypto_device(conf, section, engine)) goto end; -# endif +#endif if (!TS_CONF_set_signer_cert(conf, section, signer, resp_ctx)) goto end; if (!TS_CONF_set_certs(conf, section, chain, resp_ctx)) @@ -1013,4 +1010,3 @@ static int verify_cb(int ok, X509_STORE_CTX *ctx) { return ok; } -#endif /* ndef OPENSSL_NO_TS */ -- 2.25.1