openssl
/
openssl
mirror of https://github.com/openssl/openssl
1
0
Fork 0
Code Issues Releases Wiki Activity

APPS: Improve diagnostics on missing/extra args and unknown cipher/digest 

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16450)
This commit is contained in:
Dr. David von Oheimb 2021-08-27 15:33:18 +02:00 committed by Dr. David von Oheimb
parent b0be101326
commit d9f073575f
45 changed files with 134 additions and 147 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
apps/asn1parse.c
View File

@ -159,8 +159,7 @@ int asn1parse_main(int argc, char **argv)
}
/* No extra args. */
argc = opt_num_rest();
if (argc != 0)
if (!opt_check_rest_arg(NULL))
goto opthelp;
if (oidfile != NULL) {

5
apps/ciphers.c
View File

@ -174,10 +174,9 @@ int ciphers_main(int argc, char **argv)
/* Optional arg is cipher name. */
argv = opt_rest();
argc = opt_num_rest();
if (argc == 1)
if (opt_num_rest() == 1)
ciphers = argv[0];
else if (argc != 0)
else if (!opt_check_rest_arg(NULL))
goto opthelp;
if (convert != NULL) {

4
apps/cmp.c
View File

@ -2552,9 +2552,7 @@ static int get_opts(int argc, char **argv)
}
/* No extra args. */
argc = opt_num_rest();
argv = opt_rest();
if (argc != 0)
if (!opt_check_rest_arg(NULL))
goto opthelp;
return 1;
}

6
apps/cms.c
View File

@ -697,10 +697,8 @@ int cms_main(int argc, char **argv)
if (!opt_md(digestname, &sign_md))
goto end;
}
if (ciphername != NULL) {
if (!opt_cipher_any(ciphername, &cipher))
goto end;
}
if (!opt_cipher_any(ciphername, &cipher))
goto end;
if (wrapname != NULL) {
if (!opt_cipher_any(wrapname, &wrap_cipher))
goto end;

9
apps/crl.c
View File

@ -209,14 +209,11 @@ int crl_main(int argc, char **argv)
}
/* No remaining args. */
argc = opt_num_rest();
if (argc != 0)
if (!opt_check_rest_arg(NULL))
goto opthelp;
if (digestname != NULL) {
if (!opt_md(digestname, &digest))
goto opthelp;
}
if (!opt_md(digestname, &digest))
goto opthelp;
x = load_crl(infile, informat, 1, "CRL");
if (x == NULL)
goto end;

3
apps/crl2pkcs7.c
View File

@ -104,8 +104,7 @@ int crl2pkcs7_main(int argc, char **argv)
}
/* No remaining args. */
argc = opt_num_rest();
if (argc != 0)
if (!opt_check_rest_arg(NULL))
goto opthelp;
if (!nocrl) {

2
apps/dhparam.c
View File

@ -155,7 +155,7 @@ int dhparam_main(int argc, char **argv)
if (argc == 1) {
if (!opt_int(argv[0], &num) || num <= 0)
goto opthelp;
} else if (argc != 0) {
} else if (!opt_check_rest_arg(NULL)) {
goto opthelp;
}
if (!app_RAND_load())

9
apps/dsa.c
View File

@ -161,14 +161,11 @@ int dsa_main(int argc, char **argv)
}
/* No extra args. */
argc = opt_num_rest();
if (argc != 0)
if (!opt_check_rest_arg(NULL))
goto opthelp;
if (ciphername != NULL) {
if (!opt_cipher(ciphername, &enc))
goto end;
}
if (!opt_cipher(ciphername, &enc))
goto end;
private = pubin || pubout ? 0 : 1;
if (text && !pubin)
private = 1;

2
apps/dsaparam.c
View File

@ -133,7 +133,7 @@ int dsaparam_main(int argc, char **argv)
if (argc == 1) {
if (!opt_int(argv[0], &num) || num < 0)
goto opthelp;
} else if (argc != 0) {
} else if (!opt_check_rest_arg(NULL)) {
goto opthelp;
}
if (!app_RAND_load())

9
apps/ec.c
View File

@ -157,14 +157,11 @@ int ec_main(int argc, char **argv)
}
/* No extra arguments. */
argc = opt_num_rest();
if (argc != 0)
if (!opt_check_rest_arg(NULL))
goto opthelp;
if (ciphername != NULL) {
if (!opt_cipher(ciphername, &enc))
goto opthelp;
}
if (!opt_cipher(ciphername, &enc))
goto opthelp;
private = param_out || pubin || pubout ? 0 : 1;
if (text && !pubin)
private = 1;

3
apps/ecparam.c
View File

@ -186,8 +186,7 @@ int ecparam_main(int argc, char **argv)
}
/* No extra args. */
argc = opt_num_rest();
if (argc != 0)
if (!opt_check_rest_arg(NULL))
goto opthelp;
if (!app_RAND_load())

9
apps/enc.c
View File

@ -289,17 +289,14 @@ int enc_main(int argc, char **argv)
}
/* No extra arguments. */
argc = opt_num_rest();
if (argc != 0)
if (!opt_check_rest_arg(NULL))
goto opthelp;
if (!app_RAND_load())
goto end;
/* Get the cipher name, either from progname (if set) or flag. */
if (ciphername != NULL) {
if (!opt_cipher(ciphername, &cipher))
goto opthelp;
}
if (!opt_cipher(ciphername, &cipher))
goto opthelp;
if (digestname != NULL) {
if (!opt_md(digestname, &dgst))
goto opthelp;

7
apps/fipsinstall.c
View File

@ -382,9 +382,12 @@ opthelp:
}
/* No extra arguments. */
argc = opt_num_rest();
if (argc != 0 || (verify && in_fname == NULL))
if (!opt_check_rest_arg(NULL))
goto opthelp;
if (verify && in_fname == NULL) {
BIO_printf(bio_err, "Missing -in option for -verify\n");
goto opthelp;
}
if (parent_config != NULL) {
/* Test that a parent config can load the module */

11
apps/gendsa.c
View File

@ -101,19 +101,16 @@ int gendsa_main(int argc, char **argv)
}
/* One argument, the params file. */
argc = opt_num_rest();
argv = opt_rest();
if (argc != 1)
if (!opt_check_rest_arg("params file"))
goto opthelp;
argv = opt_rest();
dsaparams = argv[0];
if (!app_RAND_load())
goto end;
if (ciphername != NULL) {
if (!opt_cipher(ciphername, &enc))
goto end;
}
if (!opt_cipher(ciphername, &enc))
goto end;
private = 1;
if (!app_passwd(NULL, passoutarg, NULL, &passout)) {

12
apps/genpkey.c
View File

@ -139,8 +139,7 @@ int genpkey_main(int argc, char **argv)
}
/* No extra arguments. */
argc = opt_num_rest();
if (argc != 0)
if (!opt_check_rest_arg(NULL))
goto opthelp;
/* Fetch cipher, etc. */
@ -163,9 +162,12 @@ int genpkey_main(int argc, char **argv)
goto end;
}
}
if (ciphername != NULL)
if (!opt_cipher(ciphername, &cipher) || do_param == 1)
goto opthelp;
if (!opt_cipher(ciphername, &cipher))
goto opthelp;
if (ciphername != NULL && do_param == 1) {
BIO_printf(bio_err, "Cannot use cipher with -genparam option\n");
goto opthelp;
}
private = do_param ? 0 : 1;

9
apps/genrsa.c
View File

@ -157,8 +157,7 @@ opthelp:
"Warning: It is not recommended to use more than %d bit for RSA keys.\n"
" Your key size is %d! Larger key size may behave not as expected.\n",
OPENSSL_RSA_MAX_MODULUS_BITS, num);
} else if (argc > 0) {
BIO_printf(bio_err, "Extra arguments given.\n");
} else if (!opt_check_rest_arg(NULL)) {
goto opthelp;
}
@ -166,10 +165,8 @@ opthelp:
goto end;
private = 1;
if (ciphername != NULL) {
if (!opt_cipher(ciphername, &enc))
goto end;
}
if (!opt_cipher(ciphername, &enc))
goto end;
if (!app_passwd(NULL, passoutarg, NULL, &passout)) {
BIO_printf(bio_err, "Error getting password\n");
goto end;

2
apps/include/opt.h
View File

@ -368,6 +368,7 @@ char *opt_unknown(void);
int opt_cipher(const char *name, EVP_CIPHER **cipherp);
int opt_cipher_any(const char *name, EVP_CIPHER **cipherp);
int opt_cipher_silent(const char *name, EVP_CIPHER **cipherp);
int opt_check_md(const char *name);
int opt_md(const char *name, EVP_MD **mdp);
int opt_md_silent(const char *name, EVP_MD **mdp);
@ -392,6 +393,7 @@ int opt_provider_option_given(void);
char **opt_rest(void);
int opt_num_rest(void);
int opt_check_rest_arg(const char *expected);
/* Returns non-zero if legacy paths are still available */
int opt_legacy_okay(void);

2
apps/info.c
View File

@ -86,7 +86,7 @@ opthelp:
break;
}
}
if (opt_num_rest() != 0)
if (!opt_check_rest_arg(NULL))
goto opthelp;
if (dirty > 1) {
BIO_printf(bio_err, "%s: Only one item allowed\n", prog);

40
apps/lib/opt.c
View File

@ -399,8 +399,10 @@ int opt_cipher_any(const char *name, EVP_CIPHER **cipherp)
{
int ret;
if (name == NULL)
return 1;
if ((ret = opt_cipher_silent(name, cipherp)) == 0)
opt_printf_stderr("%s: Unknown cipher: %s\n", prog, name);
opt_printf_stderr("%s: Unknown option or cipher: %s\n", prog, name);
return ret;
}
@ -410,6 +412,8 @@ int opt_cipher(const char *name, EVP_CIPHER **cipherp)
unsigned long int flags;
EVP_CIPHER *c = NULL;
if (name == NULL)
return 1;
if (opt_cipher_any(name, &c)) {
mode = EVP_CIPHER_get_mode(c);
flags = EVP_CIPHER_get_flags(c);
@ -454,12 +458,22 @@ int opt_md(const char *name, EVP_MD **mdp)
{
int ret;
if (name == NULL)
return 1;
if ((ret = opt_md_silent(name, mdp)) == 0)
opt_printf_stderr("%s: Unknown option or message digest: %s\n", prog,
name != NULL ? name : "\"\"");
opt_printf_stderr("%s: Unknown option or message digest: %s\n",
prog, name);
return ret;
}
int opt_check_md(const char *name)
{
if (opt_md(name, NULL))
return 1;
ERR_clear_error();
return 0;
}
/* Look through a list of name/value pairs. */
int opt_pair(const char *name, const OPT_PAIR* pairs, int *result)
{
@ -1013,6 +1027,26 @@ int opt_num_rest(void)
return i;
}
int opt_check_rest_arg(const char *expected)
{
char *opt = *opt_rest();
if (opt == NULL || *opt == '\0') {
if (expected == NULL)
return 1;
opt_printf_stderr("%s: Missing argument: %s\n", prog, expected);
return 0;
} else if (expected != NULL) {
return 1;
}
if (opt_unknown() == NULL)
opt_printf_stderr("%s: Extra option: \"%s\"\n", prog, opt);
else
opt_printf_stderr("%s: Extra (unknown) options: \"%s\" \"%s\"\n",
prog, opt_unknown(), opt != NULL ? opt : "");
return 0;
}
/* Return a string describing the parameter type. */
static const char *valtype2param(const OPTIONS *o)
{

2
apps/list.c
View File

@ -1647,7 +1647,7 @@ opthelp:
}
/* No extra arguments. */
if (opt_num_rest() != 0)
if (!opt_check_rest_arg(NULL))
goto opthelp;
if (todo.commands)

5
apps/mac.c
View File

@ -137,10 +137,9 @@ opthelp:
}
/* One argument, the MAC name. */
argc = opt_num_rest();
argv = opt_rest();
if (argc != 1)
if (!opt_check_rest_arg("MAC name"))
goto opthelp;
argv = opt_rest();
mac = EVP_MAC_fetch(app_get0_libctx(), argv[0], app_get0_propq());
if (mac == NULL) {

3
apps/nseq.c
View File

@ -73,8 +73,7 @@ int nseq_main(int argc, char **argv)
}
/* No extra arguments. */
argc = opt_num_rest();
if (argc != 0)
if (!opt_check_rest_arg(NULL))
goto opthelp;
in = bio_open_default(infile, 'r', FORMAT_PEM);

3
apps/ocsp.c
View File

@ -535,8 +535,7 @@ int ocsp_main(int argc, char **argv)
}
/* No extra arguments. */
argc = opt_num_rest();
if (argc != 0)
if (!opt_check_rest_arg(NULL))
goto opthelp;
if (trailing_md) {

2
apps/openssl.c
View File

@ -357,7 +357,7 @@ int help_main(int argc, char **argv)
new_argv[2] = NULL;
return do_cmd(prog_init(), 2, new_argv);
}
if (opt_num_rest() != 0) {
if (!opt_check_rest_arg(NULL)) {
BIO_printf(bio_err, "Usage: %s\n", prog);
return 1;
}

9
apps/pkcs12.c
View File

@ -356,17 +356,14 @@ int pkcs12_main(int argc, char **argv)
}
/* No extra arguments. */
argc = opt_num_rest();
if (argc != 0)
if (!opt_check_rest_arg(NULL))
goto opthelp;
if (!app_RAND_load())
goto end;
if (ciphername != NULL) {
if (!opt_cipher_any(ciphername, &enc))
goto opthelp;
}
if (!opt_cipher_any(ciphername, &enc))
goto opthelp;
if (export_pkcs12) {
if ((options & INFO) != 0)
WARN_EXPORT("info");

3
apps/pkcs7.c
View File

@ -111,8 +111,7 @@ int pkcs7_main(int argc, char **argv)
}
/* No extra arguments. */
argc = opt_num_rest();
if (argc != 0)
if (!opt_check_rest_arg(NULL))
goto opthelp;
in = bio_open_default(infile, 'r', informat);

3
apps/pkcs8.c
View File

@ -193,8 +193,7 @@ int pkcs8_main(int argc, char **argv)
}
/* No extra arguments. */
argc = opt_num_rest();
if (argc != 0)
if (!opt_check_rest_arg(NULL))
goto opthelp;
private = 1;

9
apps/pkey.c
View File

@ -171,8 +171,7 @@ int pkey_main(int argc, char **argv)
}
/* No extra arguments. */
argc = opt_num_rest();
if (argc != 0)
if (!opt_check_rest_arg(NULL))
goto opthelp;
if (text && text_pub)
@ -190,10 +189,8 @@ int pkey_main(int argc, char **argv)
private = (!noout && !pubout) || (text && !text_pub);
if (ciphername != NULL) {
if (!opt_cipher(ciphername, &cipher))
goto opthelp;
}
if (!opt_cipher(ciphername, &cipher))
goto opthelp;
if (cipher == NULL) {
if (passoutarg != NULL)
BIO_printf(bio_err,

3
apps/pkeyparam.c
View File

@ -91,8 +91,7 @@ int pkeyparam_main(int argc, char **argv)
}
/* No extra arguments. */
argc = opt_num_rest();
if (argc != 0)
if (!opt_check_rest_arg(NULL))
goto opthelp;
in = bio_open_default(infile, 'r', FORMAT_PEM);

3
apps/pkeyutl.c
View File

@ -253,8 +253,7 @@ int pkeyutl_main(int argc, char **argv)
}
/* No extra arguments. */
argc = opt_num_rest();
if (argc != 0)
if (!opt_check_rest_arg(NULL))
goto opthelp;
if (!app_RAND_load())

8
apps/prime.c
View File

@ -83,12 +83,12 @@ opthelp:
}
/* Optional arguments are numbers to check. */
if (generate && !opt_check_rest_arg(NULL))
goto opthelp;
argc = opt_num_rest();
argv = opt_rest();
if (generate) {
if (argc != 0)
goto opthelp;
} else if (argc == 0) {
if (!generate && argc == 0) {
BIO_printf(bio_err, "Missing number (s) to check\n");
goto opthelp;
}

2
apps/rand.c
View File

@ -95,7 +95,7 @@ int rand_main(int argc, char **argv)
if (argc == 1) {
if (!opt_int(argv[0], &num) || num <= 0)
goto opthelp;
} else if (argc != 0) {
} else if (!opt_check_rest_arg(NULL)) {
goto opthelp;
}

9
apps/req.c
View File

@ -241,7 +241,6 @@ int req_main(int argc, char **argv)
X509 *new_x509 = NULL, *CAcert = NULL;
X509_REQ *req = NULL;
EVP_CIPHER *cipher = NULL;
EVP_MD *md = NULL;
int ext_copy = EXT_COPY_UNSET;
BIO *addext_bio = NULL;
char *extsect = NULL;
@ -473,8 +472,7 @@ int req_main(int argc, char **argv)
}
/* No extra arguments. */
argc = opt_num_rest();
if (argc != 0)
if (!opt_check_rest_arg(NULL))
goto opthelp;
if (!app_RAND_load())
@ -533,11 +531,8 @@ int req_main(int argc, char **argv)
/* Check that any specified digest is fetchable */
if (digest != NULL) {
if (!opt_md(digest, &md)) {
ERR_clear_error();
if (!opt_check_md(digest))
goto opthelp;
}
EVP_MD_free(md);
} else {
/* No digest specified, default to configuration */
p = NCONF_get_string(req_conf, section, "default_md");

9
apps/rsa.c
View File

@ -217,14 +217,11 @@ int rsa_main(int argc, char **argv)
}
/* No extra arguments. */
argc = opt_num_rest();
if (argc != 0)
if (!opt_check_rest_arg(NULL))
goto opthelp;
if (ciphername != NULL) {
if (!opt_cipher(ciphername, &enc))
goto opthelp;
}
if (!opt_cipher(ciphername, &enc))
goto opthelp;
private = (text && !pubin) || (!pubout && !noout) ? 1 : 0;
if (!app_passwd(passinarg, passoutarg, &passin, &passout)) {

3
apps/rsautl.c
View File

@ -169,8 +169,7 @@ int rsautl_main(int argc, char **argv)
}
/* No extra arguments. */
argc = opt_num_rest();
if (argc != 0)
if (!opt_check_rest_arg(NULL))
goto opthelp;
if (!app_RAND_load())

5
apps/s_client.c
View File

@ -1473,8 +1473,7 @@ int s_client_main(int argc, char **argv)
}
/* Optional argument is connect string if -connect not used. */
argc = opt_num_rest();
if (argc == 1) {
if (opt_num_rest() == 1) {
/* Don't allow -connect and a separate argument. */
if (connectstr != NULL) {
BIO_printf(bio_err,
@ -1484,7 +1483,7 @@ int s_client_main(int argc, char **argv)
}
connect_type = use_inet;
freeandcopy(&connectstr, *opt_rest());
} else if (argc != 0) {
} else if (!opt_check_rest_arg(NULL)) {
goto opthelp;
}
if (!app_RAND_load())

3
apps/s_server.c
View File

@ -1648,8 +1648,7 @@ int s_server_main(int argc, char *argv[])
}
/* No extra arguments. */
argc = opt_num_rest();
if (argc != 0)
if (!opt_check_rest_arg(NULL))
goto opthelp;
if (!app_RAND_load())

3
apps/s_time.c
View File

@ -234,8 +234,7 @@ int s_time_main(int argc, char **argv)
}
/* No extra arguments. */
argc = opt_num_rest();
if (argc != 0)
if (!opt_check_rest_arg(NULL))
goto opthelp;
if (cipher == NULL)

3
apps/sess_id.c
View File

@ -98,8 +98,7 @@ int sess_id_main(int argc, char **argv)
}
/* No extra arguments. */
argc = opt_num_rest();
if (argc != 0)
if (!opt_check_rest_arg(NULL))
goto opthelp;
x = load_sess_id(infile, informat);

4
apps/smime.c
View File

@ -366,10 +366,8 @@ int smime_main(int argc, char **argv)
if (!opt_md(digestname, &sign_md))
goto opthelp;
}
if (ciphername != NULL) {
if (!opt_cipher_any(ciphername, &cipher))
if (!opt_cipher_any(ciphername, &cipher))
goto opthelp;
}
if (!(operation & SMIME_SIGNERS) && (skkeys != NULL || sksigners != NULL)) {
BIO_puts(bio_err, "Multiple signers or keys not allowed\n");
goto opthelp;

3
apps/spkac.c
View File

@ -133,8 +133,7 @@ int spkac_main(int argc, char **argv)
}
/* No extra arguments. */
argc = opt_num_rest();
if (argc != 0)
if (!opt_check_rest_arg(NULL))
goto opthelp;
if (!app_passwd(passinarg, NULL, &passin, NULL)) {

11
apps/storeutl.c
View File

@ -258,15 +258,12 @@ int storeutl_main(int argc, char *argv[])
}
/* One argument, the URI */
argc = opt_num_rest();
argv = opt_rest();
if (argc != 1)
if (!opt_check_rest_arg("URI"))
goto opthelp;
argv = opt_rest();
if (digestname != NULL) {
if (!opt_md(digestname, &digest))
goto opthelp;
}
if (!opt_md(digestname, &digest))
goto opthelp;
if (criterion != 0) {
switch (criterion) {

17
apps/ts.c
View File

@ -204,8 +204,10 @@ int ts_main(int argc, char **argv)
case OPT_QUERY:
case OPT_REPLY:
case OPT_VERIFY:
if (mode != OPT_ERR)
if (mode != OPT_ERR) {
BIO_printf(bio_err, "%s: Must give only one of -query, -reply, or -verify\n", prog);
goto opthelp;
}
mode = o;
break;
case OPT_DATA:
@ -288,17 +290,18 @@ int ts_main(int argc, char **argv)
}
/* No extra arguments. */
argc = opt_num_rest();
if (argc != 0 || mode == OPT_ERR)
if (!opt_check_rest_arg(NULL))
goto opthelp;
if (mode == OPT_ERR) {
BIO_printf(bio_err, "%s: Must give one of -query, -reply, or -verify\n", prog);
goto opthelp;
}
if (!app_RAND_load())
goto end;
if (digestname != NULL) {
if (!opt_md(digestname, &md))
goto opthelp;
}
if (!opt_md(digestname, &md))
goto opthelp;
if (mode == OPT_REPLY && passin &&
!app_passwd(passin, NULL, &password, NULL)) {
BIO_printf(bio_err, "Error getting password.\n");

3
apps/version.c
View File

@ -99,8 +99,7 @@ opthelp:
}
/* No extra arguments. */
argc = opt_num_rest();
if (argc != 0)
if (!opt_check_rest_arg(NULL))
goto opthelp;
if (!dirty)

6
apps/x509.c
View File

@ -594,13 +594,15 @@ int x509_main(int argc, char **argv)
}
/* No extra arguments. */
argc = opt_num_rest();
if (argc != 0)
if (!opt_check_rest_arg(NULL))
goto opthelp;
if (!app_RAND_load())
goto end;
if (!opt_check_md(digest))
goto opthelp;
if (preserve_dates && days != UNSET_DAYS) {
BIO_printf(bio_err, "Cannot use -preserve_dates with -days option\n");
goto err;