From: doug Date: Sat, 17 Oct 2015 15:00:11 +0000 (+0000) Subject: Exit if a pledge call fails in non-interactive mode. X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=e370f0ee6f236c0592572cc43c6d4260e43c9f5d;p=openbsd Exit if a pledge call fails in non-interactive mode. ok semarie@ --- diff --git a/usr.bin/openssl/asn1pars.c b/usr.bin/openssl/asn1pars.c index 2ce9d1a3bad..4fbae558610 100644 --- a/usr.bin/openssl/asn1pars.c +++ b/usr.bin/openssl/asn1pars.c @@ -1,4 +1,4 @@ -/* $OpenBSD: asn1pars.c,v 1.5 2015/10/10 22:28:51 doug Exp $ */ +/* $OpenBSD: asn1pars.c,v 1.6 2015/10/17 15:00:11 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -248,8 +248,10 @@ asn1parse_main(int argc, char **argv) ASN1_TYPE *at = NULL; if (single_execution) { - if (pledge("stdio rpath wpath cpath", NULL) == -1) + if (pledge("stdio rpath wpath cpath", NULL) == -1) { perror("pledge"); + exit(1); + } } memset(&asn1pars_config, 0, sizeof(asn1pars_config)); diff --git a/usr.bin/openssl/ca.c b/usr.bin/openssl/ca.c index d97410b5563..8727d9c3389 100644 --- a/usr.bin/openssl/ca.c +++ b/usr.bin/openssl/ca.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ca.c,v 1.18 2015/10/17 07:51:10 semarie Exp $ */ +/* $OpenBSD: ca.c,v 1.19 2015/10/17 15:00:11 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -287,8 +287,10 @@ ca_main(int argc, char **argv) DB_ATTR db_attr; if (single_execution) { - if (pledge("stdio rpath wpath cpath tty", NULL) == -1) + if (pledge("stdio rpath wpath cpath tty", NULL) == -1) { perror("pledge"); + exit(1); + } } conf = NULL; diff --git a/usr.bin/openssl/certhash.c b/usr.bin/openssl/certhash.c index bd0ac54ecfc..70aa7b99318 100644 --- a/usr.bin/openssl/certhash.c +++ b/usr.bin/openssl/certhash.c @@ -650,8 +650,10 @@ certhash_main(int argc, char **argv) int i, cwdfd, ret = 0; if (single_execution) { - if (pledge("stdio rpath wpath cpath", NULL) == -1) + if (pledge("stdio rpath wpath cpath", NULL) == -1) { perror("pledge"); + exit(1); + } } memset(&certhash_config, 0, sizeof(certhash_config)); diff --git a/usr.bin/openssl/ciphers.c b/usr.bin/openssl/ciphers.c index caa40854ea8..72e12a3aae1 100644 --- a/usr.bin/openssl/ciphers.c +++ b/usr.bin/openssl/ciphers.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ciphers.c,v 1.7 2015/10/10 22:28:51 doug Exp $ */ +/* $OpenBSD: ciphers.c,v 1.8 2015/10/17 15:00:11 doug Exp $ */ /* * Copyright (c) 2014 Joel Sing * @@ -82,8 +82,10 @@ ciphers_main(int argc, char **argv) char *desc; if (single_execution) { - if (pledge("stdio rpath", NULL) == -1) + if (pledge("stdio rpath", NULL) == -1) { perror("pledge"); + exit(1); + } } memset(&ciphers_config, 0, sizeof(ciphers_config)); diff --git a/usr.bin/openssl/cms.c b/usr.bin/openssl/cms.c index 4174960d7ad..a1d8bc13ab2 100644 --- a/usr.bin/openssl/cms.c +++ b/usr.bin/openssl/cms.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cms.c,v 1.5 2015/10/17 07:51:10 semarie Exp $ */ +/* $OpenBSD: cms.c,v 1.6 2015/10/17 15:00:11 doug Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project. */ @@ -136,8 +136,10 @@ cms_main(int argc, char **argv) X509_VERIFY_PARAM *vpm = NULL; if (single_execution) { - if (pledge("stdio rpath wpath cpath tty", NULL) == -1) + if (pledge("stdio rpath wpath cpath tty", NULL) == -1) { perror("pledge"); + exit(1); + } } args = argv + 1; diff --git a/usr.bin/openssl/crl.c b/usr.bin/openssl/crl.c index 47173ec5edd..9c9efa02a0b 100644 --- a/usr.bin/openssl/crl.c +++ b/usr.bin/openssl/crl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: crl.c,v 1.8 2015/10/10 22:28:51 doug Exp $ */ +/* $OpenBSD: crl.c,v 1.9 2015/10/17 15:00:11 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -231,8 +231,10 @@ crl_main(int argc, char **argv) char *digest_name = NULL; if (single_execution) { - if (pledge("stdio rpath wpath cpath", NULL) == -1) + if (pledge("stdio rpath wpath cpath", NULL) == -1) { perror("pledge"); + exit(1); + } } if (bio_out == NULL) { diff --git a/usr.bin/openssl/crl2p7.c b/usr.bin/openssl/crl2p7.c index 3935bd18e05..5ce4e97c608 100644 --- a/usr.bin/openssl/crl2p7.c +++ b/usr.bin/openssl/crl2p7.c @@ -1,4 +1,4 @@ -/* $OpenBSD: crl2p7.c,v 1.5 2015/10/10 22:28:51 doug Exp $ */ +/* $OpenBSD: crl2p7.c,v 1.6 2015/10/17 15:00:11 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -170,8 +170,10 @@ crl2pkcs7_main(int argc, char **argv) int ret = 1; if (single_execution) { - if (pledge("stdio rpath wpath cpath", NULL) == -1) + if (pledge("stdio rpath wpath cpath", NULL) == -1) { perror("pledge"); + exit(1); + } } memset(&crl2p7_config, 0, sizeof(crl2p7_config)); diff --git a/usr.bin/openssl/dgst.c b/usr.bin/openssl/dgst.c index 432f3100306..a03409e212e 100644 --- a/usr.bin/openssl/dgst.c +++ b/usr.bin/openssl/dgst.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dgst.c,v 1.8 2015/10/17 07:51:10 semarie Exp $ */ +/* $OpenBSD: dgst.c,v 1.9 2015/10/17 15:00:11 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -124,8 +124,10 @@ dgst_main(int argc, char **argv) STACK_OF(OPENSSL_STRING) * sigopts = NULL, *macopts = NULL; if (single_execution) { - if (pledge("stdio rpath wpath cpath tty", NULL) == -1) + if (pledge("stdio rpath wpath cpath tty", NULL) == -1) { perror("pledge"); + exit(1); + } } if ((buf = malloc(BUFSIZE)) == NULL) { diff --git a/usr.bin/openssl/dh.c b/usr.bin/openssl/dh.c index 7e8d65d1f62..e3d8eca5f9c 100644 --- a/usr.bin/openssl/dh.c +++ b/usr.bin/openssl/dh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dh.c,v 1.7 2015/10/10 22:28:51 doug Exp $ */ +/* $OpenBSD: dh.c,v 1.8 2015/10/17 15:00:11 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -159,8 +159,10 @@ dh_main(int argc, char **argv) int ret = 1; if (single_execution) { - if (pledge("stdio rpath wpath cpath", NULL) == -1) + if (pledge("stdio rpath wpath cpath", NULL) == -1) { perror("pledge"); + exit(1); + } } memset(&dh_config, 0, sizeof(dh_config)); diff --git a/usr.bin/openssl/dhparam.c b/usr.bin/openssl/dhparam.c index 55b75663b31..1f8bdaed2a5 100644 --- a/usr.bin/openssl/dhparam.c +++ b/usr.bin/openssl/dhparam.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dhparam.c,v 1.7 2015/10/10 22:28:51 doug Exp $ */ +/* $OpenBSD: dhparam.c,v 1.8 2015/10/17 15:00:11 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -244,8 +244,10 @@ dhparam_main(int argc, char **argv) int i; if (single_execution) { - if (pledge("stdio rpath wpath cpath", NULL) == -1) + if (pledge("stdio rpath wpath cpath", NULL) == -1) { perror("pledge"); + exit(1); + } } memset(&dhparam_config, 0, sizeof(dhparam_config)); diff --git a/usr.bin/openssl/dsa.c b/usr.bin/openssl/dsa.c index 6a774ee545e..3ca174a1e98 100644 --- a/usr.bin/openssl/dsa.c +++ b/usr.bin/openssl/dsa.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dsa.c,v 1.7 2015/10/17 07:51:10 semarie Exp $ */ +/* $OpenBSD: dsa.c,v 1.8 2015/10/17 15:00:11 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -241,8 +241,10 @@ dsa_main(int argc, char **argv) char *passin = NULL, *passout = NULL; if (single_execution) { - if (pledge("stdio rpath wpath cpath tty", NULL) == -1) + if (pledge("stdio rpath wpath cpath tty", NULL) == -1) { perror("pledge"); + exit(1); + } } memset(&dsa_config, 0, sizeof(dsa_config)); diff --git a/usr.bin/openssl/dsaparam.c b/usr.bin/openssl/dsaparam.c index 73249498fca..37b9a68693a 100644 --- a/usr.bin/openssl/dsaparam.c +++ b/usr.bin/openssl/dsaparam.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dsaparam.c,v 1.6 2015/10/10 22:28:51 doug Exp $ */ +/* $OpenBSD: dsaparam.c,v 1.7 2015/10/17 15:00:11 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -169,8 +169,10 @@ dsaparam_main(int argc, char **argv) char *strbits = NULL; if (single_execution) { - if (pledge("stdio rpath wpath cpath", NULL) == -1) + if (pledge("stdio rpath wpath cpath", NULL) == -1) { perror("pledge"); + exit(1); + } } memset(&dsaparam_config, 0, sizeof(dsaparam_config)); diff --git a/usr.bin/openssl/ec.c b/usr.bin/openssl/ec.c index b376d434047..fe58e1357de 100644 --- a/usr.bin/openssl/ec.c +++ b/usr.bin/openssl/ec.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ec.c,v 1.7 2015/10/17 07:51:10 semarie Exp $ */ +/* $OpenBSD: ec.c,v 1.8 2015/10/17 15:00:11 doug Exp $ */ /* * Written by Nils Larsch for the OpenSSL project. */ @@ -278,8 +278,10 @@ ec_main(int argc, char **argv) char *passin = NULL, *passout = NULL; if (single_execution) { - if (pledge("stdio rpath wpath cpath tty", NULL) == -1) + if (pledge("stdio rpath wpath cpath tty", NULL) == -1) { perror("pledge"); + exit(1); + } } memset(&ec_config, 0, sizeof(ec_config)); diff --git a/usr.bin/openssl/ecparam.c b/usr.bin/openssl/ecparam.c index bd0c5b8cc0c..a4a400f88a8 100644 --- a/usr.bin/openssl/ecparam.c +++ b/usr.bin/openssl/ecparam.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ecparam.c,v 1.14 2015/10/10 22:28:51 doug Exp $ */ +/* $OpenBSD: ecparam.c,v 1.15 2015/10/17 15:00:11 doug Exp $ */ /* * Written by Nils Larsch for the OpenSSL project. */ @@ -260,8 +260,10 @@ ecparam_main(int argc, char **argv) int i, ret = 1; if (single_execution) { - if (pledge("stdio rpath wpath cpath", NULL) == -1) + if (pledge("stdio rpath wpath cpath", NULL) == -1) { perror("pledge"); + exit(1); + } } memset(&ecparam_config, 0, sizeof(ecparam_config)); diff --git a/usr.bin/openssl/enc.c b/usr.bin/openssl/enc.c index 296024c68ff..8dcaf0bd7ca 100644 --- a/usr.bin/openssl/enc.c +++ b/usr.bin/openssl/enc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: enc.c,v 1.9 2015/10/17 07:51:10 semarie Exp $ */ +/* $OpenBSD: enc.c,v 1.10 2015/10/17 15:00:11 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -339,8 +339,10 @@ enc_main(int argc, char **argv) int i; if (single_execution) { - if (pledge("stdio rpath wpath cpath tty", NULL) == -1) + if (pledge("stdio rpath wpath cpath tty", NULL) == -1) { perror("pledge"); + exit(1); + } } memset(&enc_config, 0, sizeof(enc_config)); diff --git a/usr.bin/openssl/errstr.c b/usr.bin/openssl/errstr.c index 7bd97d99b04..0d31d4fc85a 100644 --- a/usr.bin/openssl/errstr.c +++ b/usr.bin/openssl/errstr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: errstr.c,v 1.5 2015/10/10 22:28:51 doug Exp $ */ +/* $OpenBSD: errstr.c,v 1.6 2015/10/17 15:00:11 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -99,8 +99,10 @@ errstr_main(int argc, char **argv) int ret = 0; if (single_execution) { - if (pledge("stdio rpath", NULL) == -1) + if (pledge("stdio rpath", NULL) == -1) { perror("pledge"); + exit(1); + } } memset(&errstr_config, 0, sizeof(errstr_config)); diff --git a/usr.bin/openssl/gendh.c b/usr.bin/openssl/gendh.c index ceea237be13..235fbdee389 100644 --- a/usr.bin/openssl/gendh.c +++ b/usr.bin/openssl/gendh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: gendh.c,v 1.6 2015/10/10 22:28:51 doug Exp $ */ +/* $OpenBSD: gendh.c,v 1.7 2015/10/17 15:00:11 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -135,8 +135,10 @@ gendh_main(int argc, char **argv) char *strbits = NULL; if (single_execution) { - if (pledge("stdio rpath wpath cpath", NULL) == -1) + if (pledge("stdio rpath wpath cpath", NULL) == -1) { perror("pledge"); + exit(1); + } } BN_GENCB_set(&cb, dh_cb, bio_err); diff --git a/usr.bin/openssl/gendsa.c b/usr.bin/openssl/gendsa.c index 3e027aaf268..c73aa34399b 100644 --- a/usr.bin/openssl/gendsa.c +++ b/usr.bin/openssl/gendsa.c @@ -1,4 +1,4 @@ -/* $OpenBSD: gendsa.c,v 1.6 2015/10/17 07:51:10 semarie Exp $ */ +/* $OpenBSD: gendsa.c,v 1.7 2015/10/17 15:00:11 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -86,8 +86,10 @@ gendsa_main(int argc, char **argv) const EVP_CIPHER *enc = NULL; if (single_execution) { - if (pledge("stdio rpath wpath cpath tty", NULL) == -1) + if (pledge("stdio rpath wpath cpath tty", NULL) == -1) { perror("pledge"); + exit(1); + } } argv++; diff --git a/usr.bin/openssl/genpkey.c b/usr.bin/openssl/genpkey.c index 995d66f14da..174ca5e4ba4 100644 --- a/usr.bin/openssl/genpkey.c +++ b/usr.bin/openssl/genpkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: genpkey.c,v 1.7 2015/10/17 07:51:10 semarie Exp $ */ +/* $OpenBSD: genpkey.c,v 1.8 2015/10/17 15:00:11 doug Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2006 */ @@ -87,8 +87,10 @@ genpkey_main(int argc, char **argv) int do_param = 0; if (single_execution) { - if (pledge("stdio rpath wpath cpath tty", NULL) == -1) + if (pledge("stdio rpath wpath cpath tty", NULL) == -1) { perror("pledge"); + exit(1); + } } outformat = FORMAT_PEM; diff --git a/usr.bin/openssl/genrsa.c b/usr.bin/openssl/genrsa.c index 35e6d602b0e..951da4c7a7e 100644 --- a/usr.bin/openssl/genrsa.c +++ b/usr.bin/openssl/genrsa.c @@ -1,4 +1,4 @@ -/* $OpenBSD: genrsa.c,v 1.7 2015/10/17 07:51:10 semarie Exp $ */ +/* $OpenBSD: genrsa.c,v 1.8 2015/10/17 15:00:11 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -101,8 +101,10 @@ genrsa_main(int argc, char **argv) RSA *rsa = NULL; if (single_execution) { - if (pledge("stdio rpath wpath cpath tty", NULL) == -1) + if (pledge("stdio rpath wpath cpath tty", NULL) == -1) { perror("pledge"); + exit(1); + } } if (!bn) diff --git a/usr.bin/openssl/nseq.c b/usr.bin/openssl/nseq.c index 15df3ffd40b..be64668da0a 100644 --- a/usr.bin/openssl/nseq.c +++ b/usr.bin/openssl/nseq.c @@ -1,4 +1,4 @@ -/* $OpenBSD: nseq.c,v 1.5 2015/10/10 22:28:51 doug Exp $ */ +/* $OpenBSD: nseq.c,v 1.6 2015/10/17 15:00:11 doug Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ @@ -110,8 +110,10 @@ nseq_main(int argc, char **argv) int i, ret = 1; if (single_execution) { - if (pledge("stdio rpath wpath cpath", NULL) == -1) + if (pledge("stdio rpath wpath cpath", NULL) == -1) { perror("pledge"); + exit(1); + } } memset(&nseq_config, 0, sizeof(nseq_config)); diff --git a/usr.bin/openssl/ocsp.c b/usr.bin/openssl/ocsp.c index c3b1b168ba7..70dddb4f098 100644 --- a/usr.bin/openssl/ocsp.c +++ b/usr.bin/openssl/ocsp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ocsp.c,v 1.6 2015/10/10 22:28:51 doug Exp $ */ +/* $OpenBSD: ocsp.c,v 1.7 2015/10/17 15:00:11 doug Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2000. */ @@ -147,8 +147,10 @@ ocsp_main(int argc, char **argv) const char *errstr = NULL; if (single_execution) { - if (pledge("stdio inet rpath wpath cpath", NULL) == -1) + if (pledge("stdio inet rpath wpath cpath", NULL) == -1) { perror("pledge"); + exit(1); + } } args = argv + 1; diff --git a/usr.bin/openssl/passwd.c b/usr.bin/openssl/passwd.c index 7ef7ef456c7..04da52ee68b 100644 --- a/usr.bin/openssl/passwd.c +++ b/usr.bin/openssl/passwd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: passwd.c,v 1.6 2015/10/17 07:51:10 semarie Exp $ */ +/* $OpenBSD: passwd.c,v 1.7 2015/10/17 15:00:11 doug Exp $ */ #if defined OPENSSL_NO_MD5 #define NO_MD5CRYPT_1 @@ -146,8 +146,10 @@ passwd_main(int argc, char **argv) int ret = 1; if (single_execution) { - if (pledge("stdio rpath wpath cpath tty", NULL) == -1) + if (pledge("stdio rpath wpath cpath tty", NULL) == -1) { perror("pledge"); + exit(1); + } } memset(&passwd_config, 0, sizeof(passwd_config)); diff --git a/usr.bin/openssl/pkcs12.c b/usr.bin/openssl/pkcs12.c index 2eb04a58b70..0cd1ed7893a 100644 --- a/usr.bin/openssl/pkcs12.c +++ b/usr.bin/openssl/pkcs12.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pkcs12.c,v 1.6 2015/10/17 07:51:10 semarie Exp $ */ +/* $OpenBSD: pkcs12.c,v 1.7 2015/10/17 15:00:11 doug Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project. */ @@ -125,8 +125,10 @@ pkcs12_main(int argc, char **argv) char *CApath = NULL, *CAfile = NULL; if (single_execution) { - if (pledge("stdio rpath wpath cpath tty", NULL) == -1) + if (pledge("stdio rpath wpath cpath tty", NULL) == -1) { perror("pledge"); + exit(1); + } } cert_pbe = NID_pbe_WithSHA1And40BitRC2_CBC; diff --git a/usr.bin/openssl/pkcs7.c b/usr.bin/openssl/pkcs7.c index c29a9c8df27..382a8bfa2ce 100644 --- a/usr.bin/openssl/pkcs7.c +++ b/usr.bin/openssl/pkcs7.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pkcs7.c,v 1.7 2015/10/10 22:28:51 doug Exp $ */ +/* $OpenBSD: pkcs7.c,v 1.8 2015/10/17 15:00:11 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -155,8 +155,10 @@ pkcs7_main(int argc, char **argv) int i; if (single_execution) { - if (pledge("stdio rpath wpath cpath", NULL) == -1) + if (pledge("stdio rpath wpath cpath", NULL) == -1) { perror("pledge"); + exit(1); + } } memset(&pkcs7_config, 0, sizeof(pkcs7_config)); diff --git a/usr.bin/openssl/pkcs8.c b/usr.bin/openssl/pkcs8.c index 5b54cbfb989..9c620c8619e 100644 --- a/usr.bin/openssl/pkcs8.c +++ b/usr.bin/openssl/pkcs8.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pkcs8.c,v 1.8 2015/10/17 07:51:10 semarie Exp $ */ +/* $OpenBSD: pkcs8.c,v 1.9 2015/10/17 15:00:11 doug Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999-2004. */ @@ -227,8 +227,10 @@ pkcs8_main(int argc, char **argv) int ret = 1; if (single_execution) { - if (pledge("stdio rpath wpath cpath tty", NULL) == -1) + if (pledge("stdio rpath wpath cpath tty", NULL) == -1) { perror("pledge"); + exit(1); + } } memset(&pkcs8_config, 0, sizeof(pkcs8_config)); diff --git a/usr.bin/openssl/pkey.c b/usr.bin/openssl/pkey.c index 0a0590ccb65..9c38d0ee3c5 100644 --- a/usr.bin/openssl/pkey.c +++ b/usr.bin/openssl/pkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pkey.c,v 1.7 2015/10/17 07:51:10 semarie Exp $ */ +/* $OpenBSD: pkey.c,v 1.8 2015/10/17 15:00:11 doug Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2006 */ @@ -80,8 +80,10 @@ pkey_main(int argc, char **argv) int ret = 1; if (single_execution) { - if (pledge("stdio rpath wpath cpath tty", NULL) == -1) + if (pledge("stdio rpath wpath cpath tty", NULL) == -1) { perror("pledge"); + exit(1); + } } informat = FORMAT_PEM; diff --git a/usr.bin/openssl/pkeyparam.c b/usr.bin/openssl/pkeyparam.c index cb40fbb3ed6..a8a40d2b4f2 100644 --- a/usr.bin/openssl/pkeyparam.c +++ b/usr.bin/openssl/pkeyparam.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pkeyparam.c,v 1.8 2015/10/10 22:28:51 doug Exp $ */ +/* $OpenBSD: pkeyparam.c,v 1.9 2015/10/17 15:00:11 doug Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2006 */ @@ -119,8 +119,10 @@ pkeyparam_main(int argc, char **argv) int ret = 1; if (single_execution) { - if (pledge("stdio rpath wpath cpath", NULL) == -1) + if (pledge("stdio rpath wpath cpath", NULL) == -1) { perror("pledge"); + exit(1); + } } memset(&pkeyparam_config, 0, sizeof(pkeyparam_config)); diff --git a/usr.bin/openssl/pkeyutl.c b/usr.bin/openssl/pkeyutl.c index bf3fcf1b920..4bfb5420f90 100644 --- a/usr.bin/openssl/pkeyutl.c +++ b/usr.bin/openssl/pkeyutl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pkeyutl.c,v 1.9 2015/10/17 07:51:10 semarie Exp $ */ +/* $OpenBSD: pkeyutl.c,v 1.10 2015/10/17 15:00:11 doug Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2006. */ @@ -101,8 +101,10 @@ pkeyutl_main(int argc, char **argv) int ret = 1, rv = -1; if (single_execution) { - if (pledge("stdio rpath wpath cpath tty", NULL) == -1) + if (pledge("stdio rpath wpath cpath tty", NULL) == -1) { perror("pledge"); + exit(1); + } } argc--; diff --git a/usr.bin/openssl/prime.c b/usr.bin/openssl/prime.c index 13398b01b04..c9bf33bff94 100644 --- a/usr.bin/openssl/prime.c +++ b/usr.bin/openssl/prime.c @@ -1,4 +1,4 @@ -/* $OpenBSD: prime.c,v 1.9 2015/10/10 22:28:51 doug Exp $ */ +/* $OpenBSD: prime.c,v 1.10 2015/10/17 15:00:11 doug Exp $ */ /* ==================================================================== * Copyright (c) 2004 The OpenSSL Project. All rights reserved. * @@ -119,8 +119,10 @@ prime_main(int argc, char **argv) int ret = 1; if (single_execution) { - if (pledge("stdio rpath", NULL) == -1) + if (pledge("stdio rpath", NULL) == -1) { perror("pledge"); + exit(1); + } } memset(&prime_config, 0, sizeof(prime_config)); diff --git a/usr.bin/openssl/rand.c b/usr.bin/openssl/rand.c index 2377c6e72be..5f21bbc11c8 100644 --- a/usr.bin/openssl/rand.c +++ b/usr.bin/openssl/rand.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rand.c,v 1.9 2015/10/10 22:28:51 doug Exp $ */ +/* $OpenBSD: rand.c,v 1.10 2015/10/17 15:00:11 doug Exp $ */ /* ==================================================================== * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. * @@ -110,8 +110,10 @@ rand_main(int argc, char **argv) BIO *out = NULL; if (single_execution) { - if (pledge("stdio rpath wpath cpath", NULL) == -1) + if (pledge("stdio rpath wpath cpath", NULL) == -1) { perror("pledge"); + exit(1); + } } memset(&rand_config, 0, sizeof(rand_config)); diff --git a/usr.bin/openssl/req.c b/usr.bin/openssl/req.c index c2f20ae757c..3a52f588310 100644 --- a/usr.bin/openssl/req.c +++ b/usr.bin/openssl/req.c @@ -1,4 +1,4 @@ -/* $OpenBSD: req.c,v 1.11 2015/10/17 07:51:10 semarie Exp $ */ +/* $OpenBSD: req.c,v 1.12 2015/10/17 15:00:11 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -177,8 +177,10 @@ req_main(int argc, char **argv) unsigned long chtype = MBSTRING_ASC; if (single_execution) { - if (pledge("stdio rpath wpath cpath tty", NULL) == -1) + if (pledge("stdio rpath wpath cpath tty", NULL) == -1) { perror("pledge"); + exit(1); + } } req_conf = NULL; diff --git a/usr.bin/openssl/rsa.c b/usr.bin/openssl/rsa.c index 06d3ca1b423..54482ab9f01 100644 --- a/usr.bin/openssl/rsa.c +++ b/usr.bin/openssl/rsa.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rsa.c,v 1.7 2015/10/17 07:51:10 semarie Exp $ */ +/* $OpenBSD: rsa.c,v 1.8 2015/10/17 15:00:11 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -269,8 +269,10 @@ rsa_main(int argc, char **argv) char *passin = NULL, *passout = NULL; if (single_execution) { - if (pledge("stdio rpath wpath cpath tty", NULL) == -1) + if (pledge("stdio rpath wpath cpath tty", NULL) == -1) { perror("pledge"); + exit(1); + } } memset(&rsa_config, 0, sizeof(rsa_config)); diff --git a/usr.bin/openssl/rsautl.c b/usr.bin/openssl/rsautl.c index a6106e03130..3a5290845a5 100644 --- a/usr.bin/openssl/rsautl.c +++ b/usr.bin/openssl/rsautl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rsautl.c,v 1.9 2015/10/17 07:51:10 semarie Exp $ */ +/* $OpenBSD: rsautl.c,v 1.10 2015/10/17 15:00:11 doug Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2000. */ @@ -99,8 +99,10 @@ rsautl_main(int argc, char **argv) int ret = 1; if (single_execution) { - if (pledge("stdio rpath wpath cpath tty", NULL) == -1) + if (pledge("stdio rpath wpath cpath tty", NULL) == -1) { perror("pledge"); + exit(1); + } } argc--; diff --git a/usr.bin/openssl/s_client.c b/usr.bin/openssl/s_client.c index 6bc66ac5fb3..ed7ecfa714a 100644 --- a/usr.bin/openssl/s_client.c +++ b/usr.bin/openssl/s_client.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s_client.c,v 1.22 2015/10/17 07:51:10 semarie Exp $ */ +/* $OpenBSD: s_client.c,v 1.23 2015/10/17 15:00:11 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -365,8 +365,10 @@ s_client_main(int argc, char **argv) long socket_mtu = 0; if (single_execution) { - if (pledge("stdio inet rpath wpath cpath tty", NULL) == -1) + if (pledge("stdio inet rpath wpath cpath tty", NULL) == -1) { perror("pledge"); + exit(1); + } } meth = SSLv23_client_method(); diff --git a/usr.bin/openssl/s_server.c b/usr.bin/openssl/s_server.c index 33765eeedbf..a2dd1f0b75c 100644 --- a/usr.bin/openssl/s_server.c +++ b/usr.bin/openssl/s_server.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s_server.c,v 1.21 2015/10/17 07:51:10 semarie Exp $ */ +/* $OpenBSD: s_server.c,v 1.22 2015/10/17 15:00:11 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -605,8 +605,10 @@ s_server_main(int argc, char *argv[]) tlsextalpnctx alpn_ctx = { NULL, 0 }; if (single_execution) { - if (pledge("stdio inet rpath tty", NULL) == -1) + if (pledge("stdio inet rpath tty", NULL) == -1) { perror("pledge"); + exit(1); + } } meth = SSLv23_server_method(); diff --git a/usr.bin/openssl/s_time.c b/usr.bin/openssl/s_time.c index 417ff81f3fd..8e6788d76dd 100644 --- a/usr.bin/openssl/s_time.c +++ b/usr.bin/openssl/s_time.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s_time.c,v 1.13 2015/10/10 22:28:51 doug Exp $ */ +/* $OpenBSD: s_time.c,v 1.14 2015/10/17 15:00:11 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -259,8 +259,10 @@ s_time_main(int argc, char **argv) int ver; if (single_execution) { - if (pledge("stdio inet rpath", NULL) == -1) + if (pledge("stdio inet rpath", NULL) == -1) { perror("pledge"); + exit(1); + } } s_time_meth = SSLv23_client_method(); diff --git a/usr.bin/openssl/sess_id.c b/usr.bin/openssl/sess_id.c index 7bf14adbea2..d0f367d4b76 100644 --- a/usr.bin/openssl/sess_id.c +++ b/usr.bin/openssl/sess_id.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sess_id.c,v 1.6 2015/10/10 22:28:51 doug Exp $ */ +/* $OpenBSD: sess_id.c,v 1.7 2015/10/17 15:00:11 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -159,8 +159,10 @@ sess_id_main(int argc, char **argv) BIO *out = NULL; if (single_execution) { - if (pledge("stdio rpath wpath cpath", NULL) == -1) + if (pledge("stdio rpath wpath cpath", NULL) == -1) { perror("pledge"); + exit(1); + } } memset(&sess_id_config, 0, sizeof(sess_id_config)); diff --git a/usr.bin/openssl/smime.c b/usr.bin/openssl/smime.c index 53e2a94a544..92027ba99a5 100644 --- a/usr.bin/openssl/smime.c +++ b/usr.bin/openssl/smime.c @@ -1,4 +1,4 @@ -/* $OpenBSD: smime.c,v 1.6 2015/10/17 07:51:10 semarie Exp $ */ +/* $OpenBSD: smime.c,v 1.7 2015/10/17 15:00:11 doug Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project. */ @@ -113,8 +113,10 @@ smime_main(int argc, char **argv) X509_VERIFY_PARAM *vpm = NULL; if (single_execution) { - if (pledge("stdio rpath wpath cpath tty", NULL) == -1) + if (pledge("stdio rpath wpath cpath tty", NULL) == -1) { perror("pledge"); + exit(1); + } } args = argv + 1; diff --git a/usr.bin/openssl/speed.c b/usr.bin/openssl/speed.c index cc555afe8ce..52ab5c6db3e 100644 --- a/usr.bin/openssl/speed.c +++ b/usr.bin/openssl/speed.c @@ -1,4 +1,4 @@ -/* $OpenBSD: speed.c,v 1.17 2015/10/10 22:28:51 doug Exp $ */ +/* $OpenBSD: speed.c,v 1.18 2015/10/17 15:00:11 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -470,8 +470,10 @@ speed_main(int argc, char **argv) const char *errstr = NULL; if (single_execution) { - if (pledge("stdio proc", NULL) == -1) + if (pledge("stdio proc", NULL) == -1) { perror("pledge"); + exit(1); + } } usertime = -1; diff --git a/usr.bin/openssl/spkac.c b/usr.bin/openssl/spkac.c index 7eff70b5e6d..426ea134314 100644 --- a/usr.bin/openssl/spkac.c +++ b/usr.bin/openssl/spkac.c @@ -1,4 +1,4 @@ -/* $OpenBSD: spkac.c,v 1.7 2015/10/17 07:51:10 semarie Exp $ */ +/* $OpenBSD: spkac.c,v 1.8 2015/10/17 15:00:11 doug Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. Based on an original idea by Massimiliano Pala * (madwolf@openca.org). @@ -182,8 +182,10 @@ spkac_main(int argc, char **argv) EVP_PKEY *pkey = NULL; if (single_execution) { - if (pledge("stdio rpath wpath cpath tty", NULL) == -1) + if (pledge("stdio rpath wpath cpath tty", NULL) == -1) { perror("pledge"); + exit(1); + } } memset(&spkac_config, 0, sizeof(spkac_config)); diff --git a/usr.bin/openssl/ts.c b/usr.bin/openssl/ts.c index 60b8f02bac2..781ab33368c 100644 --- a/usr.bin/openssl/ts.c +++ b/usr.bin/openssl/ts.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ts.c,v 1.12 2015/10/17 07:51:10 semarie Exp $ */ +/* $OpenBSD: ts.c,v 1.13 2015/10/17 15:00:11 doug Exp $ */ /* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL * project 2002. */ @@ -150,8 +150,10 @@ ts_main(int argc, char **argv) int token_out = 0; if (single_execution) { - if (pledge("stdio rpath wpath cpath tty", NULL) == -1) + if (pledge("stdio rpath wpath cpath tty", NULL) == -1) { perror("pledge"); + exit(1); + } } for (argc--, argv++; argc > 0; argc--, argv++) { diff --git a/usr.bin/openssl/verify.c b/usr.bin/openssl/verify.c index 4975ad5b6e1..d9b5ef97954 100644 --- a/usr.bin/openssl/verify.c +++ b/usr.bin/openssl/verify.c @@ -1,4 +1,4 @@ -/* $OpenBSD: verify.c,v 1.5 2015/10/10 22:28:51 doug Exp $ */ +/* $OpenBSD: verify.c,v 1.6 2015/10/17 15:00:11 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -86,8 +86,10 @@ verify_main(int argc, char **argv) X509_VERIFY_PARAM *vpm = NULL; if (single_execution) { - if (pledge("stdio rpath", NULL) == -1) + if (pledge("stdio rpath", NULL) == -1) { perror("pledge"); + exit(1); + } } cert_ctx = X509_STORE_new(); diff --git a/usr.bin/openssl/version.c b/usr.bin/openssl/version.c index e096f899699..7e570044d27 100644 --- a/usr.bin/openssl/version.c +++ b/usr.bin/openssl/version.c @@ -1,4 +1,4 @@ -/* $OpenBSD: version.c,v 1.7 2015/10/10 22:28:51 doug Exp $ */ +/* $OpenBSD: version.c,v 1.8 2015/10/17 15:00:11 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -214,8 +214,10 @@ int version_main(int argc, char **argv) { if (single_execution) { - if (pledge("stdio", NULL) == -1) + if (pledge("stdio", NULL) == -1) { perror("pledge"); + exit(1); + } } memset(&version_config, 0, sizeof(version_config)); diff --git a/usr.bin/openssl/x509.c b/usr.bin/openssl/x509.c index 08b39e5db6b..da5f2c37ea8 100644 --- a/usr.bin/openssl/x509.c +++ b/usr.bin/openssl/x509.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509.c,v 1.11 2015/10/17 07:51:10 semarie Exp $ */ +/* $OpenBSD: x509.c,v 1.12 2015/10/17 15:00:11 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -199,8 +199,10 @@ x509_main(int argc, char **argv) const char *errstr = NULL; if (single_execution) { - if (pledge("stdio rpath wpath cpath tty", NULL) == -1) + if (pledge("stdio rpath wpath cpath tty", NULL) == -1) { perror("pledge"); + exit(1); + } } reqfile = 0;