The branch OpenSSL_1_0_2-stable has been updated via 8788fb97a89181a538032af361343195f81e4f1e (commit) via 6fa6a6628514dbf892c68442fab54f7476f3c703 (commit) via a2a29f702ac35746cb3c3c6c36b46fbbde5f83a1 (commit) via 8259ccb44d1a25f5a9dcba4fea93068db8ddb1e1 (commit) via ad81ca9061506482bf40c9dd17097814c3ce75b2 (commit) via d65a8d0b7e4b95e79c65972eaa05ba776c5af462 (commit) from 75fdee04827a2e7bd809dc9cc086389e856947b9 (commit)
- Log ----------------------------------------------------------------- commit 8788fb97a89181a538032af361343195f81e4f1e Author: Mouse <mouse...@gmail.com> Date: Tue Jan 12 09:09:48 2016 -0500 Root cause discovered and fixed, this fix became unnecessary Reviewed-by: Rich Salz <rs...@openssl.org> Reviewed-by: Richard Levitte <levi...@openssl.org> commit 6fa6a6628514dbf892c68442fab54f7476f3c703 Author: Uri Blumenthal <u...@ll.mit.edu> Date: Mon Jan 11 15:23:15 2016 -0500 Changed help output Reviewed-by: Rich Salz <rs...@openssl.org> Reviewed-by: Richard Levitte <levi...@openssl.org> commit a2a29f702ac35746cb3c3c6c36b46fbbde5f83a1 Author: Mouse <mouse...@gmail.com> Date: Mon Jan 4 23:49:00 2016 -0500 Pass engine=NULL to EVP_PKEY_CTX_new(), unless "-engine_impl" was given Reviewed-by: Rich Salz <rs...@openssl.org> Reviewed-by: Richard Levitte <levi...@openssl.org> commit 8259ccb44d1a25f5a9dcba4fea93068db8ddb1e1 Author: Mouse <mouse...@gmail.com> Date: Sun Jan 3 18:47:57 2016 -0500 Remove unnecessary debugging fprintf Reviewed-by: Rich Salz <rs...@openssl.org> Reviewed-by: Richard Levitte <levi...@openssl.org> commit ad81ca9061506482bf40c9dd17097814c3ce75b2 Author: Mouse <mouse...@gmail.com> Date: Fri Jan 1 23:30:02 2016 -0500 Fixed crash (SIGSEGV) when freeing of ex_data stumbles upon a NULL-pointer. Reviewed-by: Rich Salz <rs...@openssl.org> Reviewed-by: Richard Levitte <levi...@openssl.org> commit d65a8d0b7e4b95e79c65972eaa05ba776c5af462 Author: Mouse <mouse...@gmail.com> Date: Fri Jan 1 23:27:49 2016 -0500 Fixed a bug preventing pkeyutl from accessing keys directly on the token via engine_pkcs11 Reviewed-by: Rich Salz <rs...@openssl.org> Reviewed-by: Richard Levitte <levi...@openssl.org> ----------------------------------------------------------------------- Summary of changes: apps/pkeyutl.c | 26 +++++++++++++++++++------- 1 file changed, 19 insertions(+), 7 deletions(-) diff --git a/apps/pkeyutl.c b/apps/pkeyutl.c index aaa9074..070cf33 100644 --- a/apps/pkeyutl.c +++ b/apps/pkeyutl.c @@ -74,7 +74,8 @@ static void usage(void); static EVP_PKEY_CTX *init_ctx(int *pkeysize, char *keyfile, int keyform, int key_type, - char *passargin, int pkey_op, ENGINE *e); + char *passargin, int pkey_op, ENGINE *e, + int impl); static int setup_peer(BIO *err, EVP_PKEY_CTX *ctx, int peerform, const char *file); @@ -97,6 +98,7 @@ int MAIN(int argc, char **argv) EVP_PKEY_CTX *ctx = NULL; char *passargin = NULL; int keysize = -1; + int engine_impl = 0; unsigned char *buf_in = NULL, *buf_out = NULL, *sig = NULL; size_t buf_outlen; @@ -137,7 +139,7 @@ int MAIN(int argc, char **argv) else { ctx = init_ctx(&keysize, *(++argv), keyform, key_type, - passargin, pkey_op, e); + passargin, pkey_op, e, engine_impl); if (!ctx) { BIO_puts(bio_err, "Error initializing context\n"); ERR_print_errors(bio_err); @@ -171,6 +173,8 @@ int MAIN(int argc, char **argv) badarg = 1; else e = setup_engine(bio_err, *(++argv), 0); + } else if (!strcmp(*argv, "-engine_impl")) { + engine_impl = 1; } #endif else if (!strcmp(*argv, "-pubin")) @@ -368,7 +372,8 @@ static void usage() BIO_printf(bio_err, "-hexdump hex dump output\n"); #ifndef OPENSSL_NO_ENGINE BIO_printf(bio_err, - "-engine e use engine e, possibly a hardware device.\n"); + "-engine e use engine e, maybe a hardware device, for loading keys.\n"); + BIO_printf(bio_err, "-engine_impl also use engine given by -engine for crypto operations\n"); #endif BIO_printf(bio_err, "-passin arg pass phrase source\n"); @@ -376,10 +381,12 @@ static void usage() static EVP_PKEY_CTX *init_ctx(int *pkeysize, char *keyfile, int keyform, int key_type, - char *passargin, int pkey_op, ENGINE *e) + char *passargin, int pkey_op, ENGINE *e, + int engine_impl) { EVP_PKEY *pkey = NULL; EVP_PKEY_CTX *ctx = NULL; + ENGINE *impl = NULL; char *passin = NULL; int rv = -1; X509 *x; @@ -418,9 +425,14 @@ static EVP_PKEY_CTX *init_ctx(int *pkeysize, if (!pkey) goto end; - - ctx = EVP_PKEY_CTX_new(pkey, e); - + +#ifndef OPENSSL_NO_ENGINE + if (engine_impl) + impl = e; +#endif + + ctx = EVP_PKEY_CTX_new(pkey, impl); + EVP_PKEY_free(pkey); if (!ctx) _____ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits