diff --git a/apps/apps.c b/apps/apps.c index ff17b35820..c9f02163b0 100644 --- a/apps/apps.c +++ b/apps/apps.c @@ -1564,12 +1564,16 @@ ENGINE *setup_engine(BIO *err, const char *engine, int debug) } BIO_printf(err, "engine \"%s\" set.\n", ENGINE_get_id(e)); - - /* Free our "structural" reference. */ - ENGINE_free(e); } return e; } + +void release_engine(ENGINE *e) +{ + if (e != NULL) + /* Free our "structural" reference. */ + ENGINE_free(e); +} #endif int load_config(BIO *err, CONF *cnf) diff --git a/apps/apps.h b/apps/apps.h index c6c3881f31..47af0fa175 100644 --- a/apps/apps.h +++ b/apps/apps.h @@ -261,6 +261,7 @@ STACK_OF(X509_CRL) *load_crls(BIO *err, const char *file, int format, X509_STORE *setup_verify(BIO *bp, char *CAfile, char *CApath); # ifndef OPENSSL_NO_ENGINE ENGINE *setup_engine(BIO *err, const char *engine, int debug); +void release_engine(ENGINE *e); # endif # ifndef OPENSSL_NO_OCSP diff --git a/apps/ca.c b/apps/ca.c index a0ec5838fa..673c641424 100644 --- a/apps/ca.c +++ b/apps/ca.c @@ -1485,6 +1485,10 @@ int MAIN(int argc, char **argv) X509_CRL_free(crl); NCONF_free(conf); NCONF_free(extconf); +#ifndef OPENSSL_NO_ENGINE + if (e != NULL) + release_engine(e); +#endif OBJ_cleanup(); apps_shutdown(); OPENSSL_EXIT(ret); diff --git a/apps/cms.c b/apps/cms.c index 60479374cd..f62175bc94 100644 --- a/apps/cms.c +++ b/apps/cms.c @@ -1170,6 +1170,10 @@ int MAIN(int argc, char **argv) EVP_PKEY_free(key); CMS_ContentInfo_free(cms); CMS_ContentInfo_free(rcms); +#ifndef OPENSSL_NO_ENGINE + if (e != NULL) + release_engine(e); +#endif BIO_free(rctin); BIO_free(in); BIO_free(indata); diff --git a/apps/dgst.c b/apps/dgst.c index 26afcd7b30..3eda7d743b 100644 --- a/apps/dgst.c +++ b/apps/dgst.c @@ -537,6 +537,10 @@ int MAIN(int argc, char **argv) OPENSSL_free(sigbuf); if (bmd != NULL) BIO_free(bmd); +#ifndef OPENSSL_NO_ENGINE + if (e != NULL) + release_engine(e); +#endif apps_shutdown(); OPENSSL_EXIT(err); } diff --git a/apps/dhparam.c b/apps/dhparam.c index 57199a8d2a..0ab16e8d2f 100644 --- a/apps/dhparam.c +++ b/apps/dhparam.c @@ -161,6 +161,7 @@ int MAIN(int argc, char **argv) char *inrand = NULL; # ifndef OPENSSL_NO_ENGINE char *engine = NULL; + ENGINE *e = NULL; # endif int num = 0, g = 0; @@ -271,7 +272,7 @@ int MAIN(int argc, char **argv) ERR_load_crypto_strings(); # ifndef OPENSSL_NO_ENGINE - setup_engine(bio_err, engine, 0); + e = setup_engine(bio_err, engine, 0); # endif if (g && !num) @@ -512,6 +513,10 @@ int MAIN(int argc, char **argv) BIO_free_all(out); if (dh != NULL) DH_free(dh); +# ifndef OPENSSL_NO_ENGINE + if (e != NULL) + release_engine(e); +# endif apps_shutdown(); OPENSSL_EXIT(ret); } diff --git a/apps/dsa.c b/apps/dsa.c index dedf8e174a..6978927e42 100644 --- a/apps/dsa.c +++ b/apps/dsa.c @@ -358,6 +358,10 @@ int MAIN(int argc, char **argv) BIO_free_all(out); if (dsa != NULL) DSA_free(dsa); +# ifndef OPENSSL_NO_ENGINE + if (e != NULL) + release_engine(e); +# endif if (passin) OPENSSL_free(passin); if (passout) diff --git a/apps/dsaparam.c b/apps/dsaparam.c index 824a595c37..a3a0a6ae53 100644 --- a/apps/dsaparam.c +++ b/apps/dsaparam.c @@ -123,6 +123,7 @@ int MAIN(int argc, char **argv) int need_rand = 0; # ifndef OPENSSL_NO_ENGINE char *engine = NULL; + ENGINE *e = NULL; # endif # ifdef GENCB_TEST int timebomb = 0; @@ -264,7 +265,7 @@ int MAIN(int argc, char **argv) } # ifndef OPENSSL_NO_ENGINE - setup_engine(bio_err, engine, 0); + e = setup_engine(bio_err, engine, 0); # endif if (need_rand) { @@ -433,6 +434,10 @@ int MAIN(int argc, char **argv) BIO_free_all(out); if (dsa != NULL) DSA_free(dsa); +#ifndef OPENSSL_NO_ENGINE + if (e != NULL) + release_engine(e); +#endif apps_shutdown(); OPENSSL_EXIT(ret); } diff --git a/apps/ec.c b/apps/ec.c index b04dadaf18..93fb98911c 100644 --- a/apps/ec.c +++ b/apps/ec.c @@ -95,6 +95,9 @@ int MAIN(int argc, char **argv) int informat, outformat, text = 0, noout = 0; int pubin = 0, pubout = 0, param_out = 0; char *infile, *outfile, *prog, *engine; +# ifndef OPENSSL_NO_ENGINE + ENGINE *e = NULL; +# endif char *passargin = NULL, *passargout = NULL; char *passin = NULL, *passout = NULL; point_conversion_form_t form = POINT_CONVERSION_UNCOMPRESSED; @@ -236,7 +239,7 @@ int MAIN(int argc, char **argv) ERR_load_crypto_strings(); # ifndef OPENSSL_NO_ENGINE - setup_engine(bio_err, engine, 0); + e = setup_engine(bio_err, engine, 0); # endif if (!app_passwd(bio_err, passargin, passargout, &passin, &passout)) { @@ -349,6 +352,10 @@ int MAIN(int argc, char **argv) BIO_free_all(out); if (eckey) EC_KEY_free(eckey); +# ifndef OPENSSL_NO_ENGINE + if (e != NULL) + release_engine(e); +# endif if (passin) OPENSSL_free(passin); if (passout) diff --git a/apps/ecparam.c b/apps/ecparam.c index 71b67f435c..4d57ca4446 100644 --- a/apps/ecparam.c +++ b/apps/ecparam.c @@ -131,6 +131,9 @@ int MAIN(int argc, char **argv) BIO *in = NULL, *out = NULL; int informat, outformat, noout = 0, C = 0, ret = 1; char *engine = NULL; +# ifndef OPENSSL_NO_ENGINE + ENGINE *e = NULL; +# endif BIGNUM *ec_p = NULL, *ec_a = NULL, *ec_b = NULL, *ec_gen = NULL, *ec_order = NULL, *ec_cofactor = NULL; @@ -312,7 +315,7 @@ int MAIN(int argc, char **argv) } # ifndef OPENSSL_NO_ENGINE - setup_engine(bio_err, engine, 0); + e = setup_engine(bio_err, engine, 0); # endif if (list_curves) { @@ -620,12 +623,16 @@ int MAIN(int argc, char **argv) BN_free(ec_cofactor); if (buffer) OPENSSL_free(buffer); + if (group != NULL) + EC_GROUP_free(group); +# ifndef OPENSSL_NO_ENGINE + if (e != NULL) + release_engine(e); +# endif if (in != NULL) BIO_free(in); if (out != NULL) BIO_free_all(out); - if (group != NULL) - EC_GROUP_free(group); apps_shutdown(); OPENSSL_EXIT(ret); } diff --git a/apps/enc.c b/apps/enc.c index 8e2ef27aca..513f5641b8 100644 --- a/apps/enc.c +++ b/apps/enc.c @@ -128,6 +128,7 @@ int MAIN(int argc, char **argv) char pname[PROG_NAME_SIZE + 1]; #ifndef OPENSSL_NO_ENGINE char *engine = NULL; + ENGINE *e = NULL; #endif const EVP_MD *dgst = NULL; int non_fips_allow = 0; @@ -323,7 +324,7 @@ int MAIN(int argc, char **argv) } #ifndef OPENSSL_NO_ENGINE - setup_engine(bio_err, engine, 0); + e = setup_engine(bio_err, engine, 0); #endif if (cipher && EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) { @@ -673,6 +674,10 @@ int MAIN(int argc, char **argv) #ifdef ZLIB if (bzl != NULL) BIO_free(bzl); +#endif +#ifndef OPENSSL_NO_ENGINE + if (e != NULL) + release_engine(e); #endif if (pass) OPENSSL_free(pass); diff --git a/apps/gendsa.c b/apps/gendsa.c index fd1360acd5..c9cc9c40d2 100644 --- a/apps/gendsa.c +++ b/apps/gendsa.c @@ -87,6 +87,7 @@ int MAIN(int argc, char **argv) const EVP_CIPHER *enc = NULL; # ifndef OPENSSL_NO_ENGINE char *engine = NULL; + ENGINE *e = NULL; # endif apps_startup(); @@ -207,7 +208,7 @@ int MAIN(int argc, char **argv) goto end; } # ifndef OPENSSL_NO_ENGINE - setup_engine(bio_err, engine, 0); + e = setup_engine(bio_err, engine, 0); # endif if (!app_passwd(bio_err, NULL, passargout, NULL, &passout)) { @@ -273,6 +274,10 @@ int MAIN(int argc, char **argv) BIO_free_all(out); if (dsa != NULL) DSA_free(dsa); +# ifndef OPENSSL_NO_ENGINE + if (e != NULL) + release_engine(e); +# endif if (passout) OPENSSL_free(passout); apps_shutdown(); diff --git a/apps/genpkey.c b/apps/genpkey.c index fef21dc7ae..16715cf387 100644 --- a/apps/genpkey.c +++ b/apps/genpkey.c @@ -275,9 +275,12 @@ int MAIN(int argc, char **argv) if (out) BIO_free_all(out); BIO_free(in); +#ifndef OPENSSL_NO_ENGINE + if (e != NULL) + release_engine(e); +#endif if (pass) OPENSSL_free(pass); - return ret; } diff --git a/apps/genrsa.c b/apps/genrsa.c index 91e6550a57..cd4490c25e 100644 --- a/apps/genrsa.c +++ b/apps/genrsa.c @@ -314,6 +314,10 @@ int MAIN(int argc, char **argv) RSA_free(rsa); if (out) BIO_free_all(out); +# ifndef OPENSSL_NO_ENGINE + if (e != NULL) + release_engine(e); +# endif if (passout) OPENSSL_free(passout); if (ret != 0) diff --git a/apps/pkcs12.c b/apps/pkcs12.c index 4e7de438a7..e38d8b947e 100644 --- a/apps/pkcs12.c +++ b/apps/pkcs12.c @@ -755,6 +755,10 @@ int MAIN(int argc, char **argv) app_RAND_write_file(NULL, bio_err); # ifdef CRYPTO_MDEBUG CRYPTO_remove_all_info(); +# endif +# ifndef OPENSSL_NO_ENGINE + if (e != NULL) + release_engine(e); # endif BIO_free(in); BIO_free_all(out); diff --git a/apps/pkcs7.c b/apps/pkcs7.c index b677633183..a189290a12 100644 --- a/apps/pkcs7.c +++ b/apps/pkcs7.c @@ -92,6 +92,7 @@ int MAIN(int argc, char **argv) int ret = 1; #ifndef OPENSSL_NO_ENGINE char *engine = NULL; + ENGINE *e = NULL; #endif apps_startup(); @@ -176,7 +177,7 @@ int MAIN(int argc, char **argv) ERR_load_crypto_strings(); #ifndef OPENSSL_NO_ENGINE - setup_engine(bio_err, engine, 0); + e = setup_engine(bio_err, engine, 0); #endif in = BIO_new(BIO_s_file()); @@ -303,6 +304,10 @@ int MAIN(int argc, char **argv) end: if (p7 != NULL) PKCS7_free(p7); +#ifndef OPENSSL_NO_ENGINE + if (e != NULL) + release_engine(e); +#endif if (in != NULL) BIO_free(in); if (out != NULL) diff --git a/apps/pkcs8.c b/apps/pkcs8.c index 5099e18417..1f1de0053d 100644 --- a/apps/pkcs8.c +++ b/apps/pkcs8.c @@ -391,6 +391,10 @@ int MAIN(int argc, char **argv) X509_SIG_free(p8); PKCS8_PRIV_KEY_INFO_free(p8inf); EVP_PKEY_free(pkey); +#ifndef OPENSSL_NO_ENGINE + if (e != NULL) + release_engine(e); +#endif BIO_free_all(out); BIO_free(in); if (passin) diff --git a/apps/pkey.c b/apps/pkey.c index e848049c3a..94853af4c3 100644 --- a/apps/pkey.c +++ b/apps/pkey.c @@ -240,6 +240,10 @@ int MAIN(int argc, char **argv) end: EVP_PKEY_free(pkey); +#ifndef OPENSSL_NO_ENGINE + if (e != NULL) + release_engine(e); +#endif BIO_free_all(out); BIO_free(in); if (passin) diff --git a/apps/pkeyparam.c b/apps/pkeyparam.c index a148a6621a..6b15065004 100644 --- a/apps/pkeyparam.c +++ b/apps/pkeyparam.c @@ -76,6 +76,7 @@ int MAIN(int argc, char **argv) int badarg = 0; #ifndef OPENSSL_NO_ENGINE char *engine = NULL; + ENGINE *e = NULL; #endif int ret = 1; @@ -135,7 +136,7 @@ int MAIN(int argc, char **argv) return 1; } #ifndef OPENSSL_NO_ENGINE - setup_engine(bio_err, engine, 0); + e = setup_engine(bio_err, engine, 0); #endif if (infile) { @@ -178,6 +179,10 @@ int MAIN(int argc, char **argv) end: EVP_PKEY_free(pkey); +#ifndef OPENSSL_NO_ENGINE + if (e != NULL) + release_engine(e); +#endif BIO_free_all(out); BIO_free(in); diff --git a/apps/pkeyutl.c b/apps/pkeyutl.c index e47206c40a..665d72402e 100644 --- a/apps/pkeyutl.c +++ b/apps/pkeyutl.c @@ -357,6 +357,10 @@ int MAIN(int argc, char **argv) end: if (ctx) EVP_PKEY_CTX_free(ctx); +#ifndef OPENSSL_NO_ENGINE + if (e != NULL) + release_engine(e); +#endif BIO_free(in); BIO_free_all(out); if (buf_in != NULL) diff --git a/apps/rand.c b/apps/rand.c index e159da37be..c112531fb9 100644 --- a/apps/rand.c +++ b/apps/rand.c @@ -87,6 +87,7 @@ int MAIN(int argc, char **argv) BIO *out = NULL; int num = -1; #ifndef OPENSSL_NO_ENGINE + ENGINE *e = NULL; char *engine = NULL; #endif @@ -163,7 +164,7 @@ int MAIN(int argc, char **argv) goto err; } #ifndef OPENSSL_NO_ENGINE - setup_engine(bio_err, engine, 0); + e = setup_engine(bio_err, engine, 0); #endif app_RAND_load_file(NULL, bio_err, (inrand != NULL)); @@ -222,6 +223,10 @@ int MAIN(int argc, char **argv) err: ERR_print_errors(bio_err); +#ifndef OPENSSL_NO_ENGINE + if (e != NULL) + release_engine(e); +#endif if (out) BIO_free_all(out); apps_shutdown(); diff --git a/apps/req.c b/apps/req.c index d1411c91bb..4b57443ca3 100644 --- a/apps/req.c +++ b/apps/req.c @@ -1040,6 +1040,10 @@ int MAIN(int argc, char **argv) X509_REQ_free(req); X509_free(x509ss); ASN1_INTEGER_free(serial); +#ifndef OPENSSL_NO_ENGINE + if (e != NULL) + release_engine(e); +#endif if (passargin && passin) OPENSSL_free(passin); if (passargout && passout) diff --git a/apps/rsa.c b/apps/rsa.c index e13c14fbc8..bd1ec9ea66 100644 --- a/apps/rsa.c +++ b/apps/rsa.c @@ -419,6 +419,10 @@ int MAIN(int argc, char **argv) } else ret = 0; end: +# ifndef OPENSSL_NO_ENGINE + if (e != NULL) + release_engine(e); +# endif if (out != NULL) BIO_free_all(out); if (rsa != NULL) diff --git a/apps/rsautl.c b/apps/rsautl.c index 5b6f849ea7..1d5557ad9b 100644 --- a/apps/rsautl.c +++ b/apps/rsautl.c @@ -327,6 +327,10 @@ int MAIN(int argc, char **argv) BIO_write(out, rsa_out, rsa_outlen); end: RSA_free(rsa); +# ifndef OPENSSL_NO_ENGINE + if (e != NULL) + release_engine(e); +# endif BIO_free(in); BIO_free_all(out); if (rsa_in) diff --git a/apps/s_client.c b/apps/s_client.c index 41a326fbb8..876689b42a 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -2123,6 +2123,10 @@ int MAIN(int argc, char **argv) OPENSSL_cleanse(mbuf, BUFSIZZ); OPENSSL_free(mbuf); } +#ifndef OPENSSL_NO_ENGINE + if (e != NULL) + release_engine(e); +#endif if (bio_c_out != NULL) { BIO_free(bio_c_out); bio_c_out = NULL; diff --git a/apps/s_server.c b/apps/s_server.c index 857a70e3e4..9adbea03c8 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -2128,6 +2128,10 @@ int MAIN(int argc, char *argv[]) #ifndef OPENSSL_NO_JPAKE if (jpake_secret && psk_key) OPENSSL_free(psk_key); +#endif +#ifndef OPENSSL_NO_ENGINE + if (e != NULL) + release_engine(e); #endif if (bio_s_out != NULL) { BIO_free(bio_s_out); diff --git a/apps/smime.c b/apps/smime.c index 6044ccf5f5..f1f57aae49 100644 --- a/apps/smime.c +++ b/apps/smime.c @@ -736,6 +736,10 @@ int MAIN(int argc, char **argv) X509_free(signer); EVP_PKEY_free(key); PKCS7_free(p7); +#ifndef OPENSSL_NO_ENGINE + if (e != NULL) + release_engine(e); +#endif BIO_free(in); BIO_free(indata); BIO_free_all(out); diff --git a/apps/speed.c b/apps/speed.c index b862868eac..0c3d63f736 100644 --- a/apps/speed.c +++ b/apps/speed.c @@ -372,6 +372,9 @@ int MAIN(int, char **); int MAIN(int argc, char **argv) { +# ifndef OPENSSL_NO_ENGINE + ENGINE *e = NULL; +#endif unsigned char *buf = NULL, *buf2 = NULL; int mret = 1; long count = 0, save_count = 0; @@ -749,7 +752,7 @@ int MAIN(int argc, char **argv) BIO_printf(bio_err, "no engine given\n"); goto end; } - setup_engine(bio_err, *argv, 0); + e = setup_engine(bio_err, *argv, 0); /* * j will be increased again further down. We just don't want * speed to confuse an engine with an algorithm, especially when @@ -2526,6 +2529,10 @@ int MAIN(int argc, char **argv) } # endif +#ifndef OPENSSL_NO_ENGINE + if (e != NULL) + release_engine(e); +#endif apps_shutdown(); OPENSSL_EXIT(mret); } diff --git a/apps/spkac.c b/apps/spkac.c index 8b06ec4d6e..c3792f91c4 100644 --- a/apps/spkac.c +++ b/apps/spkac.c @@ -305,6 +305,10 @@ int MAIN(int argc, char **argv) BIO_free(in); BIO_free_all(out); EVP_PKEY_free(pkey); +#ifndef OPENSSL_NO_ENGINE + if (e != NULL) + release_engine(e); +#endif if (passin) OPENSSL_free(passin); apps_shutdown(); diff --git a/apps/srp.c b/apps/srp.c index c75052f38d..f10df5f224 100644 --- a/apps/srp.c +++ b/apps/srp.c @@ -294,6 +294,7 @@ int MAIN(int argc, char **argv) long errorline = -1; char *randfile = NULL; # ifndef OPENSSL_NO_ENGINE + ENGINE *e = NULL; char *engine = NULL; # endif char *tofree = NULL; @@ -412,7 +413,7 @@ int MAIN(int argc, char **argv) ERR_load_crypto_strings(); # ifndef OPENSSL_NO_ENGINE - setup_engine(bio_err, engine, 0); + e = setup_engine(bio_err, engine, 0); # endif if (!app_passwd(bio_err, passargin, passargout, &passin, &passout)) { @@ -760,6 +761,10 @@ int MAIN(int argc, char **argv) if (db) free_index(db); +#ifndef OPENSSL_NO_ENGINE + if (e != NULL) + release_engine(e); +#endif OBJ_cleanup(); apps_shutdown(); OPENSSL_EXIT(ret); diff --git a/apps/verify.c b/apps/verify.c index b5ae6b370e..266d07896e 100644 --- a/apps/verify.c +++ b/apps/verify.c @@ -255,6 +255,10 @@ int MAIN(int argc, char **argv) sk_X509_pop_free(untrusted, X509_free); sk_X509_pop_free(trusted, X509_free); sk_X509_CRL_pop_free(crls, X509_CRL_free); +#ifndef OPENSSL_NO_ENGINE + if (e != NULL) + release_engine(e); +#endif apps_shutdown(); OPENSSL_EXIT(ret < 0 ? 2 : ret); } diff --git a/apps/x509.c b/apps/x509.c index 17cb62da72..8bf0a7aba0 100644 --- a/apps/x509.c +++ b/apps/x509.c @@ -1040,6 +1040,10 @@ int MAIN(int argc, char **argv) ASN1_INTEGER_free(sno); sk_ASN1_OBJECT_pop_free(trust, ASN1_OBJECT_free); sk_ASN1_OBJECT_pop_free(reject, ASN1_OBJECT_free); +#ifndef OPENSSL_NO_ENGINE + if (e != NULL) + release_engine(e); +#endif if (passin) OPENSSL_free(passin); apps_shutdown();