Since the random number generator no longer allows being seeded, remove
support for parsing the unused -rand option and the unused random buffer
variables. Better to fail than to be surprised when the RNG seed does not
function as expected.
This fixes compiler warnings about unused random seed variables.
---
src/apps/cms.c | 9 ---------
src/apps/dgst.c | 8 ++------
src/apps/dhparam.c | 10 +---------
src/apps/dsaparam.c | 7 +------
src/apps/ecparam.c | 9 +--------
src/apps/gendh.c | 10 +---------
src/apps/gendsa.c | 11 ++---------
src/apps/genrsa.c | 9 ---------
src/apps/pkcs12.c | 10 ----------
src/apps/rand.c | 10 +---------
src/apps/req.c | 9 ---------
src/apps/s_client.c | 8 +-------
src/apps/s_server.c | 7 -------
src/apps/smime.c | 10 ----------
src/apps/ts.c | 7 +------
15 files changed, 11 insertions(+), 123 deletions(-)
diff --git a/src/apps/cms.c b/src/apps/cms.c
index 56a7c95..76178b4 100644
--- a/src/apps/cms.c
+++ b/src/apps/cms.c
@@ -127,7 +127,6 @@ cms_main(int argc, char **argv)
char *to = NULL, *from = NULL, *subject = NULL;
char *CAfile = NULL, *CApath = NULL;
char *passargin = NULL, *passin = NULL;
- char *inrand = NULL;
const EVP_MD *sign_md = NULL;
int informat = FORMAT_SMIME, outformat = FORMAT_SMIME;
int rctformat = FORMAT_SMIME, keyform = FORMAT_PEM;
@@ -315,11 +314,6 @@ cms_main(int argc, char **argv)
BIO_printf(bio_err, "Invalid OID %s\n", *args);
goto argerr;
}
- } else if (!strcmp(*args, "-rand")) {
- if (!args[1])
- goto argerr;
- args++;
- inrand = *args;
}
#ifndef OPENSSL_NO_ENGINE
else if (!strcmp(*args, "-engine")) {
@@ -553,9 +547,6 @@ argerr:
BIO_printf(bio_err, "-engine e use engine e, possibly a
hardware device.\n");
#endif
BIO_printf(bio_err, "-passin arg input file pass phrase
source\n");
- BIO_printf(bio_err, "-rand file:file:...\n");
- BIO_printf(bio_err, " load the file (or the files
in the directory) into\n");
- BIO_printf(bio_err, " the random number
generator\n");
BIO_printf(bio_err, "cert.pem recipient certificate(s)
for encryption\n");
goto end;
}
diff --git a/src/apps/dgst.c b/src/apps/dgst.c
index 23b7d40..a862da9 100644
--- a/src/apps/dgst.c
+++ b/src/apps/dgst.c
@@ -116,7 +116,7 @@ dgst_main(int argc, char **argv)
int debug = 0;
int keyform = FORMAT_PEM;
const char *outfile = NULL, *keyfile = NULL;
- const char *sigfile = NULL, *randfile = NULL;
+ const char *sigfile = NULL;
int out_bin = -1, want_pub = 0, do_verify = 0;
EVP_PKEY *sigkey = NULL;
unsigned char *sigbuf = NULL;
@@ -151,11 +151,7 @@ dgst_main(int argc, char **argv)
separator = 1;
else if (strcmp(*argv, "-r") == 0)
separator = 2;
- else if (strcmp(*argv, "-rand") == 0) {
- if (--argc < 1)
- break;
- randfile = *(++argv);
- } else if (strcmp(*argv, "-out") == 0) {
+ else if (strcmp(*argv, "-out") == 0) {
if (--argc < 1)
break;
outfile = *(++argv);
diff --git a/src/apps/dhparam.c b/src/apps/dhparam.c
index 3245e69..c35f902 100644
--- a/src/apps/dhparam.c
+++ b/src/apps/dhparam.c
@@ -159,7 +159,6 @@ dhparam_main(int argc, char **argv)
BIO *in = NULL, *out = NULL;
int informat, outformat, check = 0, noout = 0, C = 0, ret = 1;
char *infile, *outfile, *prog;
- char *inrand = NULL;
#ifndef OPENSSL_NO_ENGINE
char *engine = NULL;
#endif
@@ -217,11 +216,7 @@ dhparam_main(int argc, char **argv)
g = 2;
else if (strcmp(*argv, "-5") == 0)
g = 5;
- else if (strcmp(*argv, "-rand") == 0) {
- if (--argc < 1)
- goto bad;
- inrand = *(++argv);
- } else if (((sscanf(*argv, "%d", &num) == 0) || (num <= 0)))
+ else if (((sscanf(*argv, "%d", &num) == 0) || (num <= 0)))
goto bad;
argv++;
argc--;
@@ -247,9 +242,6 @@ bad:
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err, " -engine e use engine e, possibly a
hardware device.\n");
#endif
- BIO_printf(bio_err, " -rand file:file:...\n");
- BIO_printf(bio_err, " - load the file (or the
files in the directory) into\n");
- BIO_printf(bio_err, " the random number
generator\n");
BIO_printf(bio_err, " -noout no output\n");
goto end;
}
diff --git a/src/apps/dsaparam.c b/src/apps/dsaparam.c
index a4eb5b5..15f022d 100644
--- a/src/apps/dsaparam.c
+++ b/src/apps/dsaparam.c
@@ -117,7 +117,7 @@ dsaparam_main(int argc, char **argv)
int i, badops = 0, text = 0;
BIO *in = NULL, *out = NULL;
int informat, outformat, noout = 0, C = 0, ret = 1;
- char *infile, *outfile, *prog, *inrand = NULL;
+ char *infile, *outfile, *prog;
int numbits = -1, num, genkey = 0;
#ifndef OPENSSL_NO_ENGINE
char *engine = NULL;
@@ -175,10 +175,6 @@ dsaparam_main(int argc, char **argv)
C = 1;
else if (strcmp(*argv, "-genkey") == 0) {
genkey = 1;
- } else if (strcmp(*argv, "-rand") == 0) {
- if (--argc < 1)
- goto bad;
- inrand = *(++argv);
} else if (strcmp(*argv, "-noout") == 0)
noout = 1;
else if (sscanf(*argv, "%d", &num) == 1) {
@@ -205,7 +201,6 @@ bad:
BIO_printf(bio_err, " -C Output C code\n");
BIO_printf(bio_err, " -noout no output\n");
BIO_printf(bio_err, " -genkey generate a DSA key\n");
- BIO_printf(bio_err, " -rand files to use for random
number input\n");
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err, " -engine e use engine e, possibly a
hardware device.\n");
#endif
diff --git a/src/apps/ecparam.c b/src/apps/ecparam.c
index e5c26c3..70824e5 100644
--- a/src/apps/ecparam.c
+++ b/src/apps/ecparam.c
@@ -107,7 +107,6 @@
* explicit
* -no_seed - if 'explicit' parameters are chosen do not use the seed
* -genkey - generate ec key
- * -rand file - files to use for random number input
* -engine e - use engine e, possibly a hardware device
*/
@@ -124,7 +123,7 @@ ecparam_main(int argc, char **argv)
int new_form = 0;
int asn1_flag = OPENSSL_EC_NAMED_CURVE;
int new_asn1_flag = 0;
- char *curve_name = NULL, *inrand = NULL;
+ char *curve_name = NULL;
int list_curves = 0, no_seed = 0, check = 0, badops = 0, text = 0,
i, genkey = 0;
char *infile = NULL, *outfile = NULL, *prog;
@@ -204,10 +203,6 @@ ecparam_main(int argc, char **argv)
noout = 1;
else if (strcmp(*argv, "-genkey") == 0) {
genkey = 1;
- } else if (strcmp(*argv, "-rand") == 0) {
- if (--argc < 1)
- goto bad;
- inrand = *(++argv);
} else if (strcmp(*argv, "-engine") == 0) {
if (--argc < 1)
goto bad;
@@ -266,8 +261,6 @@ bad:
" use the seed\n");
BIO_printf(bio_err, " -genkey generate ec"
" key\n");
- BIO_printf(bio_err, " -rand file files to use for"
- " random number input\n");
BIO_printf(bio_err, " -engine e use engine e, "
"possibly a hardware device\n");
goto end;
diff --git a/src/apps/gendh.c b/src/apps/gendh.c
index 53b0998..337529d 100644
--- a/src/apps/gendh.c
+++ b/src/apps/gendh.c
@@ -97,7 +97,6 @@ gendh_main(int argc, char **argv)
int ret = 1, num = DEFBITS;
int g = 2;
char *outfile = NULL;
- char *inrand = NULL;
#ifndef OPENSSL_NO_ENGINE
char *engine = NULL;
#endif
@@ -131,11 +130,7 @@ gendh_main(int argc, char **argv)
engine = *(++argv);
}
#endif
- else if (strcmp(*argv, "-rand") == 0) {
- if (--argc < 1)
- goto bad;
- inrand = *(++argv);
- } else
+ else
break;
argv++;
argc--;
@@ -153,9 +148,6 @@ bad:
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err, " -engine e - use engine e, possibly a
hardware device.\n");
#endif
- BIO_printf(bio_err, " -rand file:file:...\n");
- BIO_printf(bio_err, " - load the file (or the files
in the directory) into\n");
- BIO_printf(bio_err, " the random number
generator\n");
goto end;
}
#ifndef OPENSSL_NO_ENGINE
diff --git a/src/apps/gendsa.c b/src/apps/gendsa.c
index 86e03ed..14576c7 100644
--- a/src/apps/gendsa.c
+++ b/src/apps/gendsa.c
@@ -85,7 +85,7 @@ gendsa_main(int argc, char **argv)
DSA *dsa = NULL;
int ret = 1;
char *outfile = NULL;
- char *inrand = NULL, *dsaparams = NULL;
+ char *dsaparams = NULL;
char *passargout = NULL, *passout = NULL;
BIO *out = NULL, *in = NULL;
const EVP_CIPHER *enc = NULL;
@@ -117,11 +117,7 @@ gendsa_main(int argc, char **argv)
engine = *(++argv);
}
#endif
- else if (strcmp(*argv, "-rand") == 0) {
- if (--argc < 1)
- goto bad;
- inrand = *(++argv);
- } else if (strcmp(*argv, "-") == 0)
+ else if (strcmp(*argv, "-") == 0)
goto bad;
#ifndef OPENSSL_NO_DES
else if (strcmp(*argv, "-des") == 0)
@@ -179,9 +175,6 @@ bad:
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err, " -engine e - use engine e, possibly a
hardware device.\n");
#endif
- BIO_printf(bio_err, " -rand file:file:...\n");
- BIO_printf(bio_err, " - load the file (or the files
in the directory) into\n");
- BIO_printf(bio_err, " the random number
generator\n");
BIO_printf(bio_err, " dsaparam-file\n");
BIO_printf(bio_err, " - a DSA parameter file as
generated by the dsaparam command\n");
goto end;
diff --git a/src/apps/genrsa.c b/src/apps/genrsa.c
index 300b4b0..9481dc4 100644
--- a/src/apps/genrsa.c
+++ b/src/apps/genrsa.c
@@ -106,7 +106,6 @@ genrsa_main(int argc, char **argv)
#ifndef OPENSSL_NO_ENGINE
char *engine = NULL;
#endif
- char *inrand = NULL;
BIO *out = NULL;
BIGNUM *bn = BN_new();
RSA *rsa = NULL;
@@ -143,11 +142,6 @@ genrsa_main(int argc, char **argv)
engine = *(++argv);
}
#endif
- else if (strcmp(*argv, "-rand") == 0) {
- if (--argc < 1)
- goto bad;
- inrand = *(++argv);
- }
#ifndef OPENSSL_NO_DES
else if (strcmp(*argv, "-des") == 0)
enc = EVP_des_cbc();
@@ -206,9 +200,6 @@ bad:
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err, " -engine e use engine e, possibly a
hardware device.\n");
#endif
- BIO_printf(bio_err, " -rand file:file:...\n");
- BIO_printf(bio_err, " load the file (or the
files in the directory) into\n");
- BIO_printf(bio_err, " the random number
generator\n");
goto err;
}
ERR_load_crypto_strings();
diff --git a/src/apps/pkcs12.c b/src/apps/pkcs12.c
index f2f1e05..45cf59c 100644
--- a/src/apps/pkcs12.c
+++ b/src/apps/pkcs12.c
@@ -124,7 +124,6 @@ pkcs12_main(int argc, char **argv)
char *cpass = NULL, *mpass = NULL;
char *passargin = NULL, *passargout = NULL, *passarg = NULL;
char *passin = NULL, *passout = NULL;
- char *inrand = NULL;
char *macalg = NULL;
char *CApath = NULL, *CAfile = NULL;
#ifndef OPENSSL_NO_ENGINE
@@ -214,12 +213,6 @@ pkcs12_main(int argc, char **argv)
} else if (!strcmp(*args, "-keypbe")) {
if (!set_pbe(bio_err, &key_pbe, *++args))
badarg = 1;
- } else if (!strcmp(*args, "-rand")) {
- if (args[1]) {
- args++;
- inrand = *args;
- } else
- badarg = 1;
} else if (!strcmp(*args, "-inkey")) {
if (args[1]) {
args++;
@@ -364,9 +357,6 @@ pkcs12_main(int argc, char **argv)
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err, "-engine e use engine e, possibly a
hardware device.\n");
#endif
- BIO_printf(bio_err, "-rand file:file:...\n");
- BIO_printf(bio_err, " load the file (or the files
in the directory) into\n");
- BIO_printf(bio_err, " the random number
generator\n");
BIO_printf(bio_err, "-CSP name Microsoft CSP name\n");
BIO_printf(bio_err, "-LMK Add local machine keyset
attribute to private key\n");
goto end;
diff --git a/src/apps/rand.c b/src/apps/rand.c
index 8606e0a..422dcef 100644
--- a/src/apps/rand.c
+++ b/src/apps/rand.c
@@ -64,7 +64,6 @@
#include <openssl/rand.h>
/* -out file - write to file
- * -rand file:file - PRNG seed files
* -base64 - base64 encode output
* -hex - hex encode output
* num - write 'num' bytes
@@ -78,7 +77,6 @@ rand_main(int argc, char **argv)
int i, r, ret = 1;
int badopt;
char *outfile = NULL;
- char *inrand = NULL;
int base64 = 0;
int hex = 0;
BIO *out = NULL;
@@ -107,12 +105,7 @@ rand_main(int argc, char **argv)
badopt = 1;
}
#endif
- else if (strcmp(argv[i], "-rand") == 0) {
- if ((argv[i + 1] != NULL) && (inrand == NULL))
- inrand = argv[++i];
- else
- badopt = 1;
- } else if (strcmp(argv[i], "-base64") == 0) {
+ else if (strcmp(argv[i], "-base64") == 0) {
if (!base64)
base64 = 1;
else
@@ -146,7 +139,6 @@ rand_main(int argc, char **argv)
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err, "-engine e - use engine e,
possibly a hardware device.\n");
#endif
- BIO_printf(bio_err, "-rand file:file:... - seed PRNG from
files\n");
BIO_printf(bio_err, "-base64 - base64 encode
output\n");
BIO_printf(bio_err, "-hex - hex encode
output\n");
goto err;
diff --git a/src/apps/req.c b/src/apps/req.c
index 855f112..2e9154b 100644
--- a/src/apps/req.c
+++ b/src/apps/req.c
@@ -115,7 +115,6 @@
* -config file - Load configuration file.
* -key file - make a request using key in file (or use it for verification).
* -keyform arg - key file format.
- * -rand file(s) - load the file(s) into the PRNG.
* -newkey - make a key and a request.
* -modulus - print RSA modulus.
* -pubkey - output Public Key.
@@ -179,7 +178,6 @@ req_main(int argc, char **argv)
const EVP_CIPHER *cipher = NULL;
ASN1_INTEGER *serial = NULL;
int modulus = 0;
- char *inrand = NULL;
char *passargin = NULL, *passargout = NULL;
char *passin = NULL, *passout = NULL;
char *p;
@@ -262,10 +260,6 @@ req_main(int argc, char **argv)
if (--argc < 1)
goto bad;
passargout = *(++argv);
- } else if (strcmp(*argv, "-rand") == 0) {
- if (--argc < 1)
- goto bad;
- inrand = *(++argv);
} else if (strcmp(*argv, "-newkey") == 0) {
if (--argc < 1)
goto bad;
@@ -381,9 +375,6 @@ bad:
BIO_printf(bio_err, " -key file use the private key
contained in file\n");
BIO_printf(bio_err, " -keyform arg key file format\n");
BIO_printf(bio_err, " -keyout arg file to send the key
to\n");
- BIO_printf(bio_err, " -rand file:file:...\n");
- BIO_printf(bio_err, " load the file (or the
files in the directory) into\n");
- BIO_printf(bio_err, " the random number
generator\n");
BIO_printf(bio_err, " -newkey rsa:bits generate a new RSA key
of 'bits' in size\n");
BIO_printf(bio_err, " -newkey dsa:file generate a new DSA key,
parameters taken from CA in 'file'\n");
#ifndef OPENSSL_NO_ECDSA
diff --git a/src/apps/s_client.c b/src/apps/s_client.c
index 0720dc9..33e4d2a 100644
--- a/src/apps/s_client.c
+++ b/src/apps/s_client.c
@@ -316,7 +316,6 @@ sc_usage(void)
#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err, " -engine id - Initialise and use the specified
engine\n");
#endif
- BIO_printf(bio_err, " -rand file:file:...\n");
BIO_printf(bio_err, " -sess_out arg - file to write SSL session to\n");
BIO_printf(bio_err, " -sess_in arg - file to read SSL session from\n");
#ifndef OPENSSL_NO_TLSEXT
@@ -437,7 +436,6 @@ s_client_main(int argc, char **argv)
const SSL_METHOD *meth = NULL;
int socket_type = SOCK_STREAM;
BIO *sbio;
- char *inrand = NULL;
int mbuf_len = 0;
struct timeval timeout, *timeoutp;
#ifndef OPENSSL_NO_ENGINE
@@ -692,11 +690,7 @@ s_client_main(int argc, char **argv)
ssl_client_engine_id = *(++argv);
}
#endif
- else if (strcmp(*argv, "-rand") == 0) {
- if (--argc < 1)
- goto bad;
- inrand = *(++argv);
- } else if (strcmp(*argv, "-4") == 0) {
+ else if (strcmp(*argv, "-4") == 0) {
af = AF_INET;
} else if (strcmp(*argv, "-6") == 0) {
af = AF_INET6;
diff --git a/src/apps/s_server.c b/src/apps/s_server.c
index fb28489..c81a69b 100644
--- a/src/apps/s_server.c
+++ b/src/apps/s_server.c
@@ -455,7 +455,6 @@ sv_usage(void)
BIO_printf(bio_err, " -engine id - Initialise and use the specified
engine\n");
#endif
BIO_printf(bio_err, " -id_prefix arg - Generate SSL/TLS session IDs
prefixed by 'arg'\n");
- BIO_printf(bio_err, " -rand file:file:...\n");
#ifndef OPENSSL_NO_TLSEXT
BIO_printf(bio_err, " -servername host - servername for HostName TLS
extension\n");
BIO_printf(bio_err, " -servername_fatal - on mismatch send fatal alert
(default warning alert)\n");
@@ -696,7 +695,6 @@ s_server_main(int argc, char *argv[])
const SSL_METHOD *meth = NULL;
int socket_type = SOCK_STREAM;
ENGINE *e = NULL;
- char *inrand = NULL;
int s_cert_format = FORMAT_PEM, s_key_format = FORMAT_PEM;
char *passarg = NULL, *pass = NULL;
char *dpassarg = NULL, *dpass = NULL;
@@ -969,11 +967,6 @@ s_server_main(int argc, char *argv[])
engine_id = *(++argv);
}
#endif
- else if (strcmp(*argv, "-rand") == 0) {
- if (--argc < 1)
- goto bad;
- inrand = *(++argv);
- }
#ifndef OPENSSL_NO_TLSEXT
else if (strcmp(*argv, "-servername") == 0) {
if (--argc < 1)
diff --git a/src/apps/smime.c b/src/apps/smime.c
index fe5d0f5..3c3fa9d 100644
--- a/src/apps/smime.c
+++ b/src/apps/smime.c
@@ -108,7 +108,6 @@ smime_main(int argc, char **argv)
char *to = NULL, *from = NULL, *subject = NULL;
char *CAfile = NULL, *CApath = NULL;
char *passargin = NULL, *passin = NULL;
- char *inrand = NULL;
int indef = 0;
const EVP_MD *sign_md = NULL;
int informat = FORMAT_SMIME, outformat = FORMAT_SMIME;
@@ -198,12 +197,6 @@ smime_main(int argc, char **argv)
flags |= PKCS7_NOOLDMIMETYPE;
else if (!strcmp(*args, "-crlfeol"))
flags |= PKCS7_CRLFEOL;
- else if (!strcmp(*args, "-rand")) {
- if (!args[1])
- goto argerr;
- args++;
- inrand = *args;
- }
#ifndef OPENSSL_NO_ENGINE
else if (!strcmp(*args, "-engine")) {
if (!args[1])
@@ -412,9 +405,6 @@ argerr:
BIO_printf(bio_err, "-engine e use engine e, possibly a
hardware device.\n");
#endif
BIO_printf(bio_err, "-passin arg input file pass phrase
source\n");
- BIO_printf(bio_err, "-rand file:file:...\n");
- BIO_printf(bio_err, " load the file (or the files
in the directory) into\n");
- BIO_printf(bio_err, " the random number
generator\n");
BIO_printf(bio_err, "cert.pem recipient certificate(s)
for encryption\n");
goto end;
}
diff --git a/src/apps/ts.c b/src/apps/ts.c
index df2e179..403e99b 100644
--- a/src/apps/ts.c
+++ b/src/apps/ts.c
@@ -133,7 +133,6 @@ ts_main(int argc, char **argv)
char *data = NULL;
char *digest = NULL;
const EVP_MD *md = NULL;
- char *rnd = NULL;
char *policy = NULL;
int no_nonce = 0;
int cert = 0;
@@ -181,10 +180,6 @@ ts_main(int argc, char **argv)
if (argc-- < 1)
goto usage;
digest = *++argv;
- } else if (strcmp(*argv, "-rand") == 0) {
- if (argc-- < 1)
- goto usage;
- rnd = *++argv;
} else if (strcmp(*argv, "-policy") == 0) {
if (argc-- < 1)
goto usage;
@@ -315,7 +310,7 @@ ts_main(int argc, char **argv)
usage:
BIO_printf(bio_err, "usage:\n"
- "ts -query [-rand file:file:...] [-config configfile] "
+ "ts -query [-config configfile] "
"[-data file_to_hash] [-digest digest_bytes]"
"[-md2|-md4|-md5|-sha|-sha1|-mdc2|-ripemd160] "
"[-policy object_id] [-no_nonce] [-cert] "
--
1.9.3
