summaryrefslogtreecommitdiffstats
path: root/apps/cmp.c
diff options
context:
space:
mode:
authorVladimĂ­r Kotal <vladimir.kotal@oracle.com>2023-06-01 19:55:54 +0200
committerPauli <pauli@openssl.org>2023-06-06 03:05:02 +0200
commit3ca28c9e81fae36b0b44dc39beecd2b5a7561975 (patch)
tree4d1028ff958edec00915ef4b962c31c1c232ca9a /apps/cmp.c
parentdoc: note that out ChaCha20 isn't standard compliant. (diff)
downloadopenssl-3ca28c9e81fae36b0b44dc39beecd2b5a7561975.tar.xz
openssl-3ca28c9e81fae36b0b44dc39beecd2b5a7561975.zip
allow to disable http
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21108)
Diffstat (limited to 'apps/cmp.c')
-rw-r--r--apps/cmp.c66
1 files changed, 33 insertions, 33 deletions
diff --git a/apps/cmp.c b/apps/cmp.c
index fa2f49585f..72acabcb6f 100644
--- a/apps/cmp.c
+++ b/apps/cmp.c
@@ -68,7 +68,7 @@ typedef enum {
} cmp_cmd_t;
/* message transfer */
-#ifndef OPENSSL_NO_SOCK
+#if !defined(OPENSSL_NO_SOCK) && !defined(OPENSSL_NO_HTTP)
static char *opt_server = NULL;
static char *opt_proxy = NULL;
static char *opt_no_proxy = NULL;
@@ -141,7 +141,7 @@ static int opt_keyform = FORMAT_UNDEF;
static char *opt_otherpass = NULL;
static char *opt_engine = NULL;
-#ifndef OPENSSL_NO_SOCK
+#if !defined(OPENSSL_NO_SOCK) && !defined(OPENSSL_NO_HTTP)
/* TLS connection */
static int opt_tls_used = 0;
static char *opt_tls_cert = NULL;
@@ -164,7 +164,7 @@ static char *opt_rspout = NULL;
static int opt_use_mock_srv = 0;
/* mock server */
-#ifndef OPENSSL_NO_SOCK
+#if !defined(OPENSSL_NO_SOCK) && !defined(OPENSSL_NO_HTTP)
static char *opt_port = NULL;
static int opt_max_msgs = 0;
#endif
@@ -213,7 +213,7 @@ typedef enum OPTION_choice {
OPT_OLDCERT, OPT_REVREASON,
-#ifndef OPENSSL_NO_SOCK
+#if !defined(OPENSSL_NO_SOCK) && !defined(OPENSSL_NO_HTTP)
OPT_SERVER, OPT_PROXY, OPT_NO_PROXY,
#endif
OPT_RECIPIENT, OPT_PATH,
@@ -236,7 +236,7 @@ typedef enum OPTION_choice {
OPT_PROV_ENUM,
OPT_R_ENUM,
-#ifndef OPENSSL_NO_SOCK
+#if !defined(OPENSSL_NO_SOCK) && !defined(OPENSSL_NO_HTTP)
OPT_TLS_USED, OPT_TLS_CERT, OPT_TLS_KEY,
OPT_TLS_KEYPASS,
OPT_TLS_EXTRA, OPT_TLS_TRUSTED, OPT_TLS_HOST,
@@ -246,7 +246,7 @@ typedef enum OPTION_choice {
OPT_REQIN, OPT_REQIN_NEW_TID, OPT_REQOUT, OPT_RSPIN, OPT_RSPOUT,
OPT_USE_MOCK_SRV,
-#ifndef OPENSSL_NO_SOCK
+#if !defined(OPENSSL_NO_SOCK) && !defined(OPENSSL_NO_HTTP)
OPT_PORT, OPT_MAX_MSGS,
#endif
OPT_SRV_REF, OPT_SRV_SECRET,
@@ -346,9 +346,9 @@ const OPTIONS cmp_options[] = {
"0..6, 8..10 (see RFC5280, 5.3.1) or -1. Default -1 = none included"},
OPT_SECTION("Message transfer"),
-#ifdef OPENSSL_NO_SOCK
+#if defined(OPENSSL_NO_SOCK) || defined(OPENSSL_NO_HTTP)
{OPT_MORE_STR, 0, 0,
- "NOTE: -server, -proxy, and -no_proxy not supported due to no-sock build"},
+ "NOTE: -server, -proxy, and -no_proxy not supported due to no-sock/no-http build"},
#else
{"server", OPT_SERVER, 's',
"[http[s]://]address[:port][/path] of CMP server. Default port 80 or 443."},
@@ -441,9 +441,9 @@ const OPTIONS cmp_options[] = {
OPT_R_OPTIONS,
OPT_SECTION("TLS connection"),
-#ifdef OPENSSL_NO_SOCK
+#if defined(OPENSSL_NO_SOCK) || defined(OPENSSL_NO_HTTP)
{OPT_MORE_STR, 0, 0,
- "NOTE: -tls_used and all other TLS options not supported due to no-sock build"},
+ "NOTE: -tls_used and all other TLS options not supported due to no-sock/no-http build"},
#else
{"tls_used", OPT_TLS_USED, '-',
"Enable using TLS (also when other TLS options are not set)"},
@@ -482,9 +482,9 @@ const OPTIONS cmp_options[] = {
"Use internal mock server at API level, bypassing socket-based HTTP"},
OPT_SECTION("Mock server"),
-#ifdef OPENSSL_NO_SOCK
+#if defined(OPENSSL_NO_SOCK) || defined(OPENSSL_NO_HTTP)
{OPT_MORE_STR, 0, 0,
- "NOTE: -port and -max_msgs not supported due to no-sock build"},
+ "NOTE: -port and -max_msgs not supported due to no-sock/no-http build"},
#else
{"port", OPT_PORT, 's',
"Act as HTTP-based mock server listening on given port"},
@@ -571,7 +571,7 @@ static varref cmp_vars[] = { /* must be in same order as enumerated above! */
{&opt_oldcert}, {(char **)&opt_revreason},
-#ifndef OPENSSL_NO_SOCK
+#if !defined(OPENSSL_NO_SOCK) && !defined(OPENSSL_NO_HTTP)
{&opt_server}, {&opt_proxy}, {&opt_no_proxy},
#endif
{&opt_recipient}, {&opt_path}, {(char **)&opt_keep_alive},
@@ -593,7 +593,7 @@ static varref cmp_vars[] = { /* must be in same order as enumerated above! */
{&opt_engine},
#endif
-#ifndef OPENSSL_NO_SOCK
+#if !defined(OPENSSL_NO_SOCK) && !defined(OPENSSL_NO_HTTP)
{(char **)&opt_tls_used}, {&opt_tls_cert}, {&opt_tls_key},
{&opt_tls_keypass},
{&opt_tls_extra}, {&opt_tls_trusted}, {&opt_tls_host},
@@ -604,7 +604,7 @@ static varref cmp_vars[] = { /* must be in same order as enumerated above! */
{&opt_reqout}, {&opt_rspin}, {&opt_rspout},
{(char **)&opt_use_mock_srv},
-#ifndef OPENSSL_NO_SOCK
+#if !defined(OPENSSL_NO_SOCK) && !defined(OPENSSL_NO_HTTP)
{&opt_port}, {(char **)&opt_max_msgs},
#endif
{&opt_srv_ref}, {&opt_srv_secret},
@@ -807,7 +807,7 @@ static OSSL_CMP_MSG *read_write_req_resp(OSSL_CMP_CTX *ctx,
CMP_warn("too few -rspin filename arguments; resorting to using mock server");
res = OSSL_CMP_CTX_server_perform(ctx, actual_req);
} else {
-#ifndef OPENSSL_NO_SOCK
+#if !defined(OPENSSL_NO_SOCK) && !defined(OPENSSL_NO_HTTP)
if (opt_server == NULL) {
CMP_err("missing -server or -use_mock_srv option, or too few -rspin filename arguments");
goto err;
@@ -816,7 +816,7 @@ static OSSL_CMP_MSG *read_write_req_resp(OSSL_CMP_CTX *ctx,
CMP_warn("too few -rspin filename arguments; resorting to contacting server");
res = OSSL_CMP_MSG_http_perform(ctx, actual_req);
#else
- CMP_err("-server not supported on no-sock build; missing -use_mock_srv option or too few -rspin filename arguments");
+ CMP_err("-server not supported on no-sock/no-http build; missing -use_mock_srv option or too few -rspin filename arguments");
#endif
}
rspin_in_use = 0;
@@ -1232,7 +1232,7 @@ static int setup_verification_ctx(OSSL_CMP_CTX *ctx)
return 1;
}
-#ifndef OPENSSL_NO_SOCK
+#if !defined(OPENSSL_NO_SOCK) && !defined(OPENSSL_NO_HTTP)
/*
* set up ssl_ctx for the OSSL_CMP_CTX based on options from config file/CLI.
* Returns pointer on success, NULL on error
@@ -1854,7 +1854,7 @@ static int setup_client_ctx(OSSL_CMP_CTX *ctx, ENGINE *engine)
{
int ret = 0;
char *host = NULL, *port = NULL, *path = NULL, *used_path = opt_path;
-#ifndef OPENSSL_NO_SOCK
+#if !defined(OPENSSL_NO_SOCK) && !defined(OPENSSL_NO_HTTP)
int portnum, use_ssl;
static char server_port[32] = { '\0' };
const char *proxy_host = NULL;
@@ -1863,7 +1863,7 @@ static int setup_client_ctx(OSSL_CMP_CTX *ctx, ENGINE *engine)
char proxy_buf[200] = "";
if (!opt_use_mock_srv && opt_rspin == NULL) { /* note: -port is not given */
-#ifndef OPENSSL_NO_SOCK
+#if !defined(OPENSSL_NO_SOCK) && !defined(OPENSSL_NO_HTTP)
if (opt_server == NULL) {
CMP_err("missing -server or -use_mock_srv or -rspin option");
goto err;
@@ -1873,7 +1873,7 @@ static int setup_client_ctx(OSSL_CMP_CTX *ctx, ENGINE *engine)
goto err;
#endif
}
-#ifndef OPENSSL_NO_SOCK
+#if !defined(OPENSSL_NO_SOCK) && !defined(OPENSSL_NO_HTTP)
if (opt_server == NULL) {
if (opt_proxy != NULL)
CMP_warn("ignoring -proxy option since -server is not given");
@@ -1967,7 +1967,7 @@ static int setup_client_ctx(OSSL_CMP_CTX *ctx, ENGINE *engine)
|| opt_rspin != NULL || opt_rspout != NULL || opt_use_mock_srv)
(void)OSSL_CMP_CTX_set_transfer_cb(ctx, read_write_req_resp);
-#ifndef OPENSSL_NO_SOCK
+#if !defined(OPENSSL_NO_SOCK) && !defined(OPENSSL_NO_HTTP)
if (opt_tls_used) {
APP_HTTP_TLS_INFO *info;
@@ -2404,7 +2404,7 @@ static int get_opts(int argc, char **argv)
if (!set_verbosity(opt_int_arg()))
goto opthelp;
break;
-#ifndef OPENSSL_NO_SOCK
+#if !defined(OPENSSL_NO_SOCK) && !defined(OPENSSL_NO_HTTP)
case OPT_SERVER:
opt_server = opt_str();
break;
@@ -2434,7 +2434,7 @@ static int get_opts(int argc, char **argv)
case OPT_TOTAL_TIMEOUT:
opt_total_timeout = opt_int_arg();
break;
-#ifndef OPENSSL_NO_SOCK
+#if !defined(OPENSSL_NO_SOCK) && !defined(OPENSSL_NO_HTTP)
case OPT_TLS_USED:
opt_tls_used = 1;
break;
@@ -2650,7 +2650,7 @@ static int get_opts(int argc, char **argv)
opt_use_mock_srv = 1;
break;
-#ifndef OPENSSL_NO_SOCK
+#if !defined(OPENSSL_NO_SOCK) && !defined(OPENSSL_NO_HTTP)
case OPT_PORT:
opt_port = opt_str();
break;
@@ -2739,7 +2739,7 @@ static int get_opts(int argc, char **argv)
return 1;
}
-#ifndef OPENSSL_NO_SOCK
+#if !defined(OPENSSL_NO_SOCK) && !defined(OPENSSL_NO_HTTP)
static int cmp_server(OSSL_CMP_CTX *srv_cmp_ctx)
{
BIO *acbio;
@@ -2827,7 +2827,7 @@ static void print_status(void)
OSSL_CMP_CTX_snprint_PKIStatus(cmp_ctx, buf, OSSL_CMP_PKISI_BUFLEN);
const char *from = "", *server = "";
-#ifndef OPENSSL_NO_SOCK
+#if !defined(OPENSSL_NO_SOCK) && !defined(OPENSSL_NO_HTTP)
if (opt_server != NULL) {
from = " from ";
server = opt_server;
@@ -3006,7 +3006,7 @@ int cmp_main(int argc, char **argv)
goto err;
}
-#ifndef OPENSSL_NO_SOCK
+#if !defined(OPENSSL_NO_SOCK) && !defined(OPENSSL_NO_HTTP)
if (opt_tls_cert == NULL && opt_tls_key == NULL && opt_tls_keypass == NULL
&& opt_tls_extra == NULL && opt_tls_trusted == NULL
&& opt_tls_host == NULL) {
@@ -3040,7 +3040,7 @@ int cmp_main(int argc, char **argv)
#endif
if (opt_use_mock_srv
-#ifndef OPENSSL_NO_SOCK
+#if !defined(OPENSSL_NO_SOCK) && !defined(OPENSSL_NO_HTTP)
|| opt_port != NULL
#endif
) {
@@ -3057,7 +3057,7 @@ int cmp_main(int argc, char **argv)
OSSL_CMP_CTX_set_log_verbosity(srv_cmp_ctx, opt_verbosity);
}
-#ifndef OPENSSL_NO_SOCK
+#if !defined(OPENSSL_NO_SOCK) && !defined(OPENSSL_NO_HTTP)
if (opt_tls_used && (opt_use_mock_srv || opt_server == NULL)) {
CMP_warn("ignoring -tls_used option since -use_mock_srv is given or -server is not given");
opt_tls_used = 0;
@@ -3145,7 +3145,7 @@ int cmp_main(int argc, char **argv)
cleanse(opt_keypass);
cleanse(opt_newkeypass);
cleanse(opt_otherpass);
-#ifndef OPENSSL_NO_SOCK
+#if !defined(OPENSSL_NO_SOCK) && !defined(OPENSSL_NO_HTTP)
cleanse(opt_tls_keypass);
#endif
cleanse(opt_secret);
@@ -3156,7 +3156,7 @@ int cmp_main(int argc, char **argv)
OSSL_CMP_CTX_print_errors(cmp_ctx);
if (cmp_ctx != NULL) {
-#ifndef OPENSSL_NO_SOCK
+#if !defined(OPENSSL_NO_SOCK) && !defined(OPENSSL_NO_HTTP)
APP_HTTP_TLS_INFO *info = OSSL_CMP_CTX_get_http_cb_arg(cmp_ctx);
(void)OSSL_CMP_CTX_set_http_cb_arg(cmp_ctx, NULL);
@@ -3165,7 +3165,7 @@ int cmp_main(int argc, char **argv)
X509_STORE_free(OSSL_CMP_CTX_get_certConf_cb_arg(cmp_ctx));
/* cannot free info already here, as it may be used indirectly by: */
OSSL_CMP_CTX_free(cmp_ctx);
-#ifndef OPENSSL_NO_SOCK
+#if !defined(OPENSSL_NO_SOCK) && !defined(OPENSSL_NO_HTTP)
if (info != NULL) {
OPENSSL_free((char *)info->server);
OPENSSL_free((char *)info->port);