-/* $OpenBSD: apps.h,v 1.16 2015/09/13 12:41:01 bcook Exp $ */
+/* $OpenBSD: apps.h,v 1.17 2015/10/10 22:28:51 doug Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/ocsp.h>
#endif
+#include <unistd.h>
+extern int single_execution;
+
extern CONF *config;
extern char *default_config_file;
extern BIO *bio_err;
-/* $OpenBSD: asn1pars.c,v 1.4 2015/08/19 18:25:31 deraadt Exp $ */
+/* $OpenBSD: asn1pars.c,v 1.5 2015/10/10 22:28:51 doug Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
BUF_MEM *buf = NULL;
ASN1_TYPE *at = NULL;
+ if (single_execution) {
+ if (pledge("stdio rpath wpath cpath", NULL) == -1)
+ perror("pledge");
+ }
+
memset(&asn1pars_config, 0, sizeof(asn1pars_config));
asn1pars_config.informat = FORMAT_PEM;
-/* $OpenBSD: ca.c,v 1.16 2015/09/21 13:31:26 bcook Exp $ */
+/* $OpenBSD: ca.c,v 1.17 2015/10/10 22:28:51 doug Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
const char *errstr = NULL;
DB_ATTR db_attr;
+ if (single_execution) {
+ if (pledge("stdio rpath wpath cpath", NULL) == -1)
+ perror("pledge");
+ }
+
conf = NULL;
key = NULL;
section = NULL;
int argsused;
int i, cwdfd, ret = 0;
+ if (single_execution) {
+ if (pledge("stdio rpath wpath cpath", NULL) == -1)
+ perror("pledge");
+ }
+
memset(&certhash_config, 0, sizeof(certhash_config));
if (options_parse(argc, argv, certhash_options, NULL, &argsused) != 0) {
-/* $OpenBSD: ciphers.c,v 1.6 2015/08/19 18:25:31 deraadt Exp $ */
+/* $OpenBSD: ciphers.c,v 1.7 2015/10/10 22:28:51 doug Exp $ */
/*
* Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
*
int i, rv = 0;
char *desc;
+ if (single_execution) {
+ if (pledge("stdio rpath", NULL) == -1)
+ perror("pledge");
+ }
+
memset(&ciphers_config, 0, sizeof(ciphers_config));
if (options_parse(argc, argv, ciphers_options, &cipherlist,
-/* $OpenBSD: cms.c,v 1.3 2015/09/11 14:30:23 bcook Exp $ */
+/* $OpenBSD: cms.c,v 1.4 2015/10/10 22:28:51 doug Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project.
*/
X509_VERIFY_PARAM *vpm = NULL;
+ if (single_execution) {
+ if (pledge("stdio rpath wpath cpath", NULL) == -1)
+ perror("pledge");
+ }
+
args = argv + 1;
ret = 1;
-/* $OpenBSD: crl.c,v 1.7 2015/08/22 16:36:05 jsing Exp $ */
+/* $OpenBSD: crl.c,v 1.8 2015/10/10 22:28:51 doug Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
const EVP_MD *digest;
char *digest_name = NULL;
+ if (single_execution) {
+ if (pledge("stdio rpath wpath cpath", NULL) == -1)
+ perror("pledge");
+ }
+
if (bio_out == NULL) {
if ((bio_out = BIO_new(BIO_s_file())) != NULL) {
BIO_set_fp(bio_out, stdout, BIO_NOCLOSE);
-/* $OpenBSD: crl2p7.c,v 1.4 2015/08/22 16:36:05 jsing Exp $ */
+/* $OpenBSD: crl2p7.c,v 1.5 2015/10/10 22:28:51 doug Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
STACK_OF(X509) *cert_stack = NULL;
int ret = 1;
+ if (single_execution) {
+ if (pledge("stdio rpath wpath cpath", NULL) == -1)
+ perror("pledge");
+ }
+
memset(&crl2p7_config, 0, sizeof(crl2p7_config));
crl2p7_config.informat = FORMAT_PEM;
-/* $OpenBSD: dgst.c,v 1.6 2015/09/11 14:30:23 bcook Exp $ */
+/* $OpenBSD: dgst.c,v 1.7 2015/10/10 22:28:51 doug Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
char *mac_name = NULL;
STACK_OF(OPENSSL_STRING) * sigopts = NULL, *macopts = NULL;
+ if (single_execution) {
+ if (pledge("stdio rpath wpath cpath", NULL) == -1)
+ perror("pledge");
+ }
+
if ((buf = malloc(BUFSIZE)) == NULL) {
BIO_printf(bio_err, "out of memory\n");
goto end;
-/* $OpenBSD: dh.c,v 1.6 2015/09/11 14:30:23 bcook Exp $ */
+/* $OpenBSD: dh.c,v 1.7 2015/10/10 22:28:51 doug Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
BIO *in = NULL, *out = NULL;
int ret = 1;
+ if (single_execution) {
+ if (pledge("stdio rpath wpath cpath", NULL) == -1)
+ perror("pledge");
+ }
+
memset(&dh_config, 0, sizeof(dh_config));
dh_config.informat = FORMAT_PEM;
-/* $OpenBSD: dhparam.c,v 1.6 2015/09/11 14:30:23 bcook Exp $ */
+/* $OpenBSD: dhparam.c,v 1.7 2015/10/10 22:28:51 doug Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
int ret = 1;
int i;
+ if (single_execution) {
+ if (pledge("stdio rpath wpath cpath", NULL) == -1)
+ perror("pledge");
+ }
+
memset(&dhparam_config, 0, sizeof(dhparam_config));
dhparam_config.informat = FORMAT_PEM;
-/* $OpenBSD: dsa.c,v 1.5 2015/09/11 14:30:23 bcook Exp $ */
+/* $OpenBSD: dsa.c,v 1.6 2015/10/10 22:28:51 doug Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
BIO *in = NULL, *out = NULL;
char *passin = NULL, *passout = NULL;
+ if (single_execution) {
+ if (pledge("stdio rpath wpath cpath", NULL) == -1)
+ perror("pledge");
+ }
+
memset(&dsa_config, 0, sizeof(dsa_config));
dsa_config.pvk_encr = 2;
-/* $OpenBSD: dsaparam.c,v 1.5 2015/09/11 14:30:23 bcook Exp $ */
+/* $OpenBSD: dsaparam.c,v 1.6 2015/10/10 22:28:51 doug Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
int numbits = -1;
char *strbits = NULL;
+ if (single_execution) {
+ if (pledge("stdio rpath wpath cpath", NULL) == -1)
+ perror("pledge");
+ }
+
memset(&dsaparam_config, 0, sizeof(dsaparam_config));
dsaparam_config.informat = FORMAT_PEM;
-/* $OpenBSD: ec.c,v 1.5 2015/09/11 14:30:23 bcook Exp $ */
+/* $OpenBSD: ec.c,v 1.6 2015/10/10 22:28:51 doug Exp $ */
/*
* Written by Nils Larsch for the OpenSSL project.
*/
BIO *in = NULL, *out = NULL;
char *passin = NULL, *passout = NULL;
+ if (single_execution) {
+ if (pledge("stdio rpath wpath cpath", NULL) == -1)
+ perror("pledge");
+ }
+
memset(&ec_config, 0, sizeof(ec_config));
ec_config.asn1_flag = OPENSSL_EC_NAMED_CURVE;
-/* $OpenBSD: ecparam.c,v 1.13 2015/09/11 14:30:23 bcook Exp $ */
+/* $OpenBSD: ecparam.c,v 1.14 2015/10/10 22:28:51 doug Exp $ */
/*
* Written by Nils Larsch for the OpenSSL project.
*/
BIO *in = NULL, *out = NULL;
int i, ret = 1;
+ if (single_execution) {
+ if (pledge("stdio rpath wpath cpath", NULL) == -1)
+ perror("pledge");
+ }
+
memset(&ecparam_config, 0, sizeof(ecparam_config));
ecparam_config.asn1_flag = OPENSSL_EC_NAMED_CURVE;
ecparam_config.form = POINT_CONVERSION_UNCOMPRESSED;
-/* $OpenBSD: enc.c,v 1.7 2015/09/11 14:30:23 bcook Exp $ */
+/* $OpenBSD: enc.c,v 1.8 2015/10/10 22:28:51 doug Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
char pname[PROG_NAME_SIZE + 1];
int i;
+ if (single_execution) {
+ if (pledge("stdio rpath wpath cpath", NULL) == -1)
+ perror("pledge");
+ }
+
memset(&enc_config, 0, sizeof(enc_config));
enc_config.enc = 1;
-/* $OpenBSD: errstr.c,v 1.4 2015/08/22 16:36:05 jsing Exp $ */
+/* $OpenBSD: errstr.c,v 1.5 2015/10/10 22:28:51 doug Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
char buf[256];
int ret = 0;
+ if (single_execution) {
+ if (pledge("stdio rpath", NULL) == -1)
+ perror("pledge");
+ }
+
memset(&errstr_config, 0, sizeof(errstr_config));
if (options_parse(argc, argv, errstr_options, NULL, &argsused) != 0) {
-/* $OpenBSD: gendh.c,v 1.5 2015/09/11 14:30:23 bcook Exp $ */
+/* $OpenBSD: gendh.c,v 1.6 2015/10/10 22:28:51 doug Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
BIO *out = NULL;
char *strbits = NULL;
+ if (single_execution) {
+ if (pledge("stdio rpath wpath cpath", NULL) == -1)
+ perror("pledge");
+ }
+
BN_GENCB_set(&cb, dh_cb, bio_err);
memset(&gendh_config, 0, sizeof(gendh_config));
-/* $OpenBSD: gendsa.c,v 1.4 2015/09/11 14:30:23 bcook Exp $ */
+/* $OpenBSD: gendsa.c,v 1.5 2015/10/10 22:28:51 doug Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
BIO *out = NULL, *in = NULL;
const EVP_CIPHER *enc = NULL;
+ if (single_execution) {
+ if (pledge("stdio rpath wpath cpath", NULL) == -1)
+ perror("pledge");
+ }
+
argv++;
argc--;
for (;;) {
-/* $OpenBSD: genpkey.c,v 1.5 2015/09/11 14:30:23 bcook Exp $ */
+/* $OpenBSD: genpkey.c,v 1.6 2015/10/10 22:28:51 doug Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2006
*/
int do_param = 0;
+ if (single_execution) {
+ if (pledge("stdio rpath wpath cpath", NULL) == -1)
+ perror("pledge");
+ }
+
outformat = FORMAT_PEM;
args = argv + 1;
-/* $OpenBSD: genrsa.c,v 1.5 2015/09/11 14:30:23 bcook Exp $ */
+/* $OpenBSD: genrsa.c,v 1.6 2015/10/10 22:28:51 doug Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
BIGNUM *bn = BN_new();
RSA *rsa = NULL;
+ if (single_execution) {
+ if (pledge("stdio rpath wpath cpath", NULL) == -1)
+ perror("pledge");
+ }
+
if (!bn)
goto err;
-/* $OpenBSD: nseq.c,v 1.4 2015/08/22 16:36:05 jsing Exp $ */
+/* $OpenBSD: nseq.c,v 1.5 2015/10/10 22:28:51 doug Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 1999.
*/
NETSCAPE_CERT_SEQUENCE *seq = NULL;
int i, ret = 1;
+ if (single_execution) {
+ if (pledge("stdio rpath wpath cpath", NULL) == -1)
+ perror("pledge");
+ }
+
memset(&nseq_config, 0, sizeof(nseq_config));
if (options_parse(argc, argv, nseq_options, NULL, NULL) != 0) {
-/* $OpenBSD: ocsp.c,v 1.5 2015/10/03 03:39:19 deraadt Exp $ */
+/* $OpenBSD: ocsp.c,v 1.6 2015/10/10 22:28:51 doug Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2000.
*/
const EVP_MD *cert_id_md = NULL;
const char *errstr = NULL;
+ if (single_execution) {
+ if (pledge("stdio inet rpath wpath cpath", NULL) == -1)
+ perror("pledge");
+ }
+
args = argv + 1;
reqnames = sk_OPENSSL_STRING_new_null();
ids = sk_OCSP_CERTID_new_null();
-/* $OpenBSD: openssl.c,v 1.16 2015/10/10 20:18:30 deraadt Exp $ */
+/* $OpenBSD: openssl.c,v 1.17 2015/10/10 22:28:51 doug Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#define FUNC_TYPE_MD_ALG 5
#define FUNC_TYPE_CIPHER_ALG 6
+int single_execution = 0;
+
typedef struct {
int type;
const char *name;
fp = lh_FUNCTION_retrieve(prog, &f);
if (fp != NULL) {
argv[0] = pname;
+
+ single_execution = 1;
ret = fp->func(argc, argv);
goto end;
}
if (argc != 1) {
argc--;
argv++;
+
+ single_execution = 1;
ret = do_cmd(prog, argc, argv);
if (ret < 0)
ret = 0;
-/* $OpenBSD: passwd.c,v 1.4 2015/08/22 16:36:05 jsing Exp $ */
+/* $OpenBSD: passwd.c,v 1.5 2015/10/10 22:28:51 doug Exp $ */
#if defined OPENSSL_NO_MD5
#define NO_MD5CRYPT_1
int argsused;
int ret = 1;
+ if (single_execution) {
+ if (pledge("stdio rpath", NULL) == -1)
+ perror("pledge");
+ }
+
memset(&passwd_config, 0, sizeof(passwd_config));
if (options_parse(argc, argv, passwd_options, NULL, &argsused) != 0) {
-/* $OpenBSD: pkcs12.c,v 1.4 2015/09/11 14:30:23 bcook Exp $ */
+/* $OpenBSD: pkcs12.c,v 1.5 2015/10/10 22:28:51 doug Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project.
*/
char *macalg = NULL;
char *CApath = NULL, *CAfile = NULL;
+ if (single_execution) {
+ if (pledge("stdio rpath wpath cpath", NULL) == -1)
+ perror("pledge");
+ }
+
cert_pbe = NID_pbe_WithSHA1And40BitRC2_CBC;
enc = EVP_des_ede3_cbc();
-/* $OpenBSD: pkcs7.c,v 1.6 2015/09/11 14:30:23 bcook Exp $ */
+/* $OpenBSD: pkcs7.c,v 1.7 2015/10/10 22:28:51 doug Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
int ret = 1;
int i;
+ if (single_execution) {
+ if (pledge("stdio rpath wpath cpath", NULL) == -1)
+ perror("pledge");
+ }
+
memset(&pkcs7_config, 0, sizeof(pkcs7_config));
pkcs7_config.informat = FORMAT_PEM;
-/* $OpenBSD: pkcs8.c,v 1.6 2015/09/11 14:30:23 bcook Exp $ */
+/* $OpenBSD: pkcs8.c,v 1.7 2015/10/10 22:28:51 doug Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 1999-2004.
*/
char pass[50], *passin = NULL, *passout = NULL, *p8pass = NULL;
int ret = 1;
+ if (single_execution) {
+ if (pledge("stdio rpath wpath cpath", NULL) == -1)
+ perror("pledge");
+ }
+
memset(&pkcs8_config, 0, sizeof(pkcs8_config));
pkcs8_config.iter = PKCS12_DEFAULT_ITER;
-/* $OpenBSD: pkey.c,v 1.5 2015/09/11 14:30:23 bcook Exp $ */
+/* $OpenBSD: pkey.c,v 1.6 2015/10/10 22:28:51 doug Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2006
*/
int badarg = 0;
int ret = 1;
+ if (single_execution) {
+ if (pledge("stdio rpath wpath cpath", NULL) == -1)
+ perror("pledge");
+ }
+
informat = FORMAT_PEM;
outformat = FORMAT_PEM;
-/* $OpenBSD: pkeyparam.c,v 1.7 2015/09/11 14:30:23 bcook Exp $ */
+/* $OpenBSD: pkeyparam.c,v 1.8 2015/10/10 22:28:51 doug Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2006
*/
EVP_PKEY *pkey = NULL;
int ret = 1;
+ if (single_execution) {
+ if (pledge("stdio rpath wpath cpath", NULL) == -1)
+ perror("pledge");
+ }
+
memset(&pkeyparam_config, 0, sizeof(pkeyparam_config));
if (options_parse(argc, argv, pkeyparam_options, NULL, NULL) != 0) {
-/* $OpenBSD: pkeyutl.c,v 1.7 2015/09/11 14:30:23 bcook Exp $ */
+/* $OpenBSD: pkeyutl.c,v 1.8 2015/10/10 22:28:51 doug Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2006.
*/
int ret = 1, rv = -1;
+ if (single_execution) {
+ if (pledge("stdio rpath wpath cpath", NULL) == -1)
+ perror("pledge");
+ }
+
argc--;
argv++;
-/* $OpenBSD: prime.c,v 1.8 2015/09/12 15:04:06 lteo Exp $ */
+/* $OpenBSD: prime.c,v 1.9 2015/10/10 22:28:51 doug Exp $ */
/* ====================================================================
* Copyright (c) 2004 The OpenSSL Project. All rights reserved.
*
char *s;
int ret = 1;
+ if (single_execution) {
+ if (pledge("stdio rpath", NULL) == -1)
+ perror("pledge");
+ }
+
memset(&prime_config, 0, sizeof(prime_config));
/* Default iterations for Miller-Rabin probabilistic primality test. */
-/* $OpenBSD: rand.c,v 1.8 2015/09/11 14:30:23 bcook Exp $ */
+/* $OpenBSD: rand.c,v 1.9 2015/10/10 22:28:51 doug Exp $ */
/* ====================================================================
* Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
*
int i, r;
BIO *out = NULL;
+ if (single_execution) {
+ if (pledge("stdio rpath wpath cpath", NULL) == -1)
+ perror("pledge");
+ }
+
memset(&rand_config, 0, sizeof(rand_config));
if (options_parse(argc, argv, rand_options, &num_bytes, NULL) != 0) {
-/* $OpenBSD: req.c,v 1.9 2015/09/14 01:45:03 doug Exp $ */
+/* $OpenBSD: req.c,v 1.10 2015/10/10 22:28:51 doug Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
const EVP_MD *md_alg = NULL, *digest = NULL;
unsigned long chtype = MBSTRING_ASC;
+ if (single_execution) {
+ if (pledge("stdio rpath wpath cpath", NULL) == -1)
+ perror("pledge");
+ }
+
req_conf = NULL;
cipher = EVP_aes_256_cbc();
digest = EVP_sha256();
-/* $OpenBSD: rsa.c,v 1.5 2015/09/11 14:30:23 bcook Exp $ */
+/* $OpenBSD: rsa.c,v 1.6 2015/10/10 22:28:51 doug Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
BIO *out = NULL;
char *passin = NULL, *passout = NULL;
+ if (single_execution) {
+ if (pledge("stdio rpath wpath cpath", NULL) == -1)
+ perror("pledge");
+ }
+
memset(&rsa_config, 0, sizeof(rsa_config));
rsa_config.pvk_encr = 2;
rsa_config.informat = FORMAT_PEM;
-/* $OpenBSD: rsautl.c,v 1.7 2015/09/11 14:30:23 bcook Exp $ */
+/* $OpenBSD: rsautl.c,v 1.8 2015/10/10 22:28:51 doug Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2000.
*/
int ret = 1;
+ if (single_execution) {
+ if (pledge("stdio rpath wpath cpath", NULL) == -1)
+ perror("pledge");
+ }
+
argc--;
argv++;
-/* $OpenBSD: s_client.c,v 1.20 2015/10/06 03:29:49 deraadt Exp $ */
+/* $OpenBSD: s_client.c,v 1.21 2015/10/10 22:28:51 doug Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
int enable_timeouts = 0;
long socket_mtu = 0;
+ if (single_execution) {
+ if (pledge("stdio inet rpath wpath cpath", NULL) == -1)
+ perror("pledge");
+ }
+
meth = SSLv23_client_method();
c_Pause = 0;
-/* $OpenBSD: s_server.c,v 1.19 2015/10/06 03:29:49 deraadt Exp $ */
+/* $OpenBSD: s_server.c,v 1.20 2015/10/10 22:28:51 doug Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
tlsextnextprotoctx next_proto = { NULL, 0 };
const char *alpn_in = NULL;
tlsextalpnctx alpn_ctx = { NULL, 0 };
+
+ if (single_execution) {
+ if (pledge("stdio inet rpath", NULL) == -1)
+ perror("pledge");
+ }
+
meth = SSLv23_server_method();
local_argc = argc;
-/* $OpenBSD: s_time.c,v 1.12 2015/09/11 14:43:57 lteo Exp $ */
+/* $OpenBSD: s_time.c,v 1.13 2015/10/10 22:28:51 doug Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
char buf[1024 * 8];
int ver;
+ if (single_execution) {
+ if (pledge("stdio inet rpath", NULL) == -1)
+ perror("pledge");
+ }
+
s_time_meth = SSLv23_client_method();
verify_depth = 0;
-/* $OpenBSD: sess_id.c,v 1.5 2015/08/19 18:25:31 deraadt Exp $ */
+/* $OpenBSD: sess_id.c,v 1.6 2015/10/10 22:28:51 doug Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
int ret = 1, i;
BIO *out = NULL;
+ if (single_execution) {
+ if (pledge("stdio rpath wpath cpath", NULL) == -1)
+ perror("pledge");
+ }
+
memset(&sess_id_config, 0, sizeof(sess_id_config));
sess_id_config.informat = FORMAT_PEM;
-/* $OpenBSD: smime.c,v 1.4 2015/09/11 14:30:23 bcook Exp $ */
+/* $OpenBSD: smime.c,v 1.5 2015/10/10 22:28:51 doug Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project.
*/
X509_VERIFY_PARAM *vpm = NULL;
+ if (single_execution) {
+ if (pledge("stdio rpath wpath cpath", NULL) == -1)
+ perror("pledge");
+ }
+
args = argv + 1;
ret = 1;
-/* $OpenBSD: speed.c,v 1.16 2015/09/20 13:39:13 miod Exp $ */
+/* $OpenBSD: speed.c,v 1.17 2015/10/10 22:28:51 doug Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
int multi = 0;
const char *errstr = NULL;
+ if (single_execution) {
+ if (pledge("stdio proc", NULL) == -1)
+ perror("pledge");
+ }
+
usertime = -1;
memset(results, 0, sizeof(results));
-/* $OpenBSD: spkac.c,v 1.5 2015/09/11 14:30:23 bcook Exp $ */
+/* $OpenBSD: spkac.c,v 1.6 2015/10/10 22:28:51 doug Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 1999. Based on an original idea by Massimiliano Pala
* (madwolf@openca.org).
NETSCAPE_SPKI *spki = NULL;
EVP_PKEY *pkey = NULL;
+ if (single_execution) {
+ if (pledge("stdio rpath wpath cpath", NULL) == -1)
+ perror("pledge");
+ }
+
memset(&spkac_config, 0, sizeof(spkac_config));
spkac_config.spkac = "SPKAC";
spkac_config.spksect = "default";
-/* $OpenBSD: ts.c,v 1.10 2015/09/21 13:13:06 bcook Exp $ */
+/* $OpenBSD: ts.c,v 1.11 2015/10/10 22:28:51 doug Exp $ */
/* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL
* project 2002.
*/
/* Output is ContentInfo instead of TimeStampResp. */
int token_out = 0;
+ if (single_execution) {
+ if (pledge("stdio rpath wpath cpath", NULL) == -1)
+ perror("pledge");
+ }
+
for (argc--, argv++; argc > 0; argc--, argv++) {
if (strcmp(*argv, "-config") == 0) {
if (argc-- < 1)
-/* $OpenBSD: verify.c,v 1.4 2015/09/11 14:30:23 bcook Exp $ */
+/* $OpenBSD: verify.c,v 1.5 2015/10/10 22:28:51 doug Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
X509_LOOKUP *lookup = NULL;
X509_VERIFY_PARAM *vpm = NULL;
+ if (single_execution) {
+ if (pledge("stdio rpath", NULL) == -1)
+ perror("pledge");
+ }
+
cert_ctx = X509_STORE_new();
if (cert_ctx == NULL)
goto end;
-/* $OpenBSD: version.c,v 1.6 2015/08/22 16:36:05 jsing Exp $ */
+/* $OpenBSD: version.c,v 1.7 2015/10/10 22:28:51 doug Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
int
version_main(int argc, char **argv)
{
+ if (single_execution) {
+ if (pledge("stdio", NULL) == -1)
+ perror("pledge");
+ }
+
memset(&version_config, 0, sizeof(version_config));
if (options_parse(argc, argv, version_options, NULL, NULL) != 0) {
-/* $OpenBSD: x509.c,v 1.9 2015/10/01 06:31:21 jsing Exp $ */
+/* $OpenBSD: x509.c,v 1.10 2015/10/10 22:28:51 doug Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
unsigned long nmflag = 0, certflag = 0;
const char *errstr = NULL;
+ if (single_execution) {
+ if (pledge("stdio rpath wpath cpath", NULL) == -1)
+ perror("pledge");
+ }
+
reqfile = 0;
STDout = BIO_new_fp(stdout, BIO_NOCLOSE);
projects / openbsd / commitdiff