Centralise loading default apps config file

Loading the config file after processing command line options can
cause problems, e.g. where an engine provides new ciphers/digests
these are not then recoginised on the command line. Move the
default config file loading to before the command line option
processing. Whilst we're doing this we might as well centralise
this instead of doing it individually for each application. Finally
if we do it before the OpenSSL_add_ssl_algorithms() call then
ciphersuites provided by an engine (e.g. GOST) can be available to
the apps.

RT#4085
RT#4086
Reviewed-by: NRichard Levitte <levitte@openssl.org>

apps/asn1pars.c

@@ -186,9 +186,6 @@ int asn1parse_main(int argc, char **argv)
     argc = opt_num_rest();
     argv = opt_rest();
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     if (oidfile != NULL) {
         in = bio_open_default(oidfile, 'r', FORMAT_TEXT);
         if (in == NULL)

apps/ca.c

@@ -484,10 +484,13 @@ end_of_options:
     argv = opt_rest();
 
     BIO_printf(bio_err, "Using configuration from %s\n", configfile);
-    if ((conf = app_load_config(configfile)) == NULL)
-        goto end;
-    if (!app_load_modules(conf))
-        goto end;
+    /* We already loaded the default config file */
+    if (configfile != default_config_file) {
+        if ((conf = app_load_config(configfile)) == NULL)
+            goto end;
+        if (!app_load_modules(conf))
+            goto end;
+    }
 
     /* Lets get the config section we are using */
     if (section == NULL) {

apps/ciphers.c

@@ -144,9 +144,6 @@ int ciphers_main(int argc, char **argv)
     else if (argc != 0)
         goto opthelp;
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     ctx = SSL_CTX_new(meth);
     if (ctx == NULL)
         goto err;

apps/cms.c

@@ -684,9 +684,6 @@ int cms_main(int argc, char **argv)
         goto end;
     }
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     if (need_rand) {
         app_RAND_load_file(NULL, (inrand != NULL));
         if (inrand != NULL)

apps/crl.c

@@ -232,9 +232,6 @@ int crl_main(int argc, char **argv)
     if (!nmflag_set)
         nmflag = XN_FLAG_ONELINE;
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     x = load_crl(infile, informat);
     if (x == NULL)
         goto end;

apps/crl2p7.c

@@ -148,9 +148,6 @@ int crl2pkcs7_main(int argc, char **argv)
     argc = opt_num_rest();
     argv = opt_rest();
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     if (!nocrl) {
         in = bio_open_default(infile, 'r', informat);
         if (in == NULL)

apps/dgst.c

@@ -236,9 +236,6 @@ int dgst_main(int argc, char **argv)
     argc = opt_num_rest();
     argv = opt_rest();
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     if (do_verify && !sigfile) {
         BIO_printf(bio_err,
                    "No signature to verify: use the -signature option\n");

apps/dhparam.c

@@ -230,9 +230,6 @@ int dhparam_main(int argc, char **argv)
     argc = opt_num_rest();
     argv = opt_rest();
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     if (argv[0] && (!opt_int(argv[0], &num) || num <= 0))
         goto end;
 

apps/dsa.c

@@ -202,9 +202,6 @@ int dsa_main(int argc, char **argv)
         goto end;
     }
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     BIO_printf(bio_err, "read DSA key\n");
     {
         EVP_PKEY *pkey;

apps/dsaparam.c

@@ -183,9 +183,6 @@ int dsaparam_main(int argc, char **argv)
     argc = opt_num_rest();
     argv = opt_rest();
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     if (argc == 1) {
         if (!opt_int(argv[0], &num))
             goto end;

apps/ec.c

@@ -202,9 +202,6 @@ int ec_main(int argc, char **argv)
         goto end;
     }
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     in = bio_open_default(infile, 'r', informat);
     if (in == NULL)
         goto end;

apps/ecparam.c

@@ -220,9 +220,6 @@ int ecparam_main(int argc, char **argv)
     argv = opt_rest();
     private = genkey ? 1 : 0;
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     in = bio_open_default(infile, 'r', informat);
     if (in == NULL)
         goto end;

apps/enc.c

@@ -295,9 +295,6 @@ int enc_main(int argc, char **argv)
     argc = opt_num_rest();
     argv = opt_rest();
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     if (cipher && EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) {
         BIO_printf(bio_err, "%s: AEAD ciphers not supported\n", prog);
         goto end;

apps/engine.c

@@ -369,9 +369,6 @@ int engine_main(int argc, char **argv)
         }
     }
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     for (i = 0; i < sk_OPENSSL_STRING_num(engines); i++) {
         const char *id = sk_OPENSSL_STRING_value(engines, i);
         if ((e = ENGINE_by_id(id)) != NULL) {

apps/gendsa.c

@@ -144,9 +144,6 @@ int gendsa_main(int argc, char **argv)
         goto end;
     }
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     in = bio_open_default(dsaparams, 'r', FORMAT_PEM);
     if (in == NULL)
         goto end2;

apps/genpkey.c

@@ -181,9 +181,6 @@ int genpkey_main(int argc, char **argv)
         goto end;
     }
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     out = bio_open_owner(outfile, outformat, private);
     if (out == NULL)
         goto end;

apps/genrsa.c

@@ -169,9 +169,6 @@ int genrsa_main(int argc, char **argv)
         goto end;
     }
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     out = bio_open_owner(outfile, FORMAT_PEM, private);
     if (out == NULL)
         goto end;

apps/nseq.c

@@ -109,9 +109,6 @@ int nseq_main(int argc, char **argv)
     argc = opt_num_rest();
     argv = opt_rest();
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     in = bio_open_default(infile, 'r', FORMAT_PEM);
     if (in == NULL)
         goto end;

apps/ocsp.c

@@ -494,9 +494,6 @@ int ocsp_main(int argc, char **argv)
     if (!req && !reqin && !respin && !(port && ridx_filename))
         goto opthelp;
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     out = bio_open_default(outfile, 'w', FORMAT_TEXT);
     if (out == NULL)
         goto end;

apps/openssl.c

@@ -166,7 +166,7 @@ BIO *bio_in = NULL;
 BIO *bio_out = NULL;
 BIO *bio_err = NULL;
 
-static void apps_startup()
+static int apps_startup()
 {
 #ifdef SIGPIPE
     signal(SIGPIPE, SIG_IGN);
@@ -174,6 +174,13 @@ static void apps_startup()
     CRYPTO_malloc_init();
     ERR_load_crypto_strings();
     ERR_load_SSL_strings();
+
+    if (!app_load_modules(NULL)) {
+        ERR_print_errors(bio_err);
+        BIO_printf(bio_err, "Error loading default configuration\n");
+        return 0;
+    }
+
     OpenSSL_add_all_algorithms();
     OpenSSL_add_ssl_algorithms();
     OPENSSL_load_builtin_modules();
@@ -182,6 +189,7 @@ static void apps_startup()
 #ifndef OPENSSL_NO_ENGINE
     ENGINE_load_builtin_engines();
 #endif
+    return 1;
 }
 
 static void apps_shutdown()
@@ -328,7 +336,9 @@ int main(int argc, char *argv[])
 #endif
     }
 
-    apps_startup();
+    if (!apps_startup())
+        goto end;
+
     prog = prog_init();
     pname = opt_progname(argv[0]);
 

apps/passwd.c

@@ -201,9 +201,6 @@ int passwd_main(int argc, char **argv)
         goto opthelp;
 # endif
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     if (infile && in_stdin) {
         BIO_printf(bio_err, "%s: Can't combine -in and -stdin\n", prog);
         goto end;

apps/pkcs12.c

@@ -354,9 +354,6 @@ int pkcs12_main(int argc, char **argv)
         mpass = macpass;
     }
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     if (export_cert || inrand) {
         app_RAND_load_file(NULL, (inrand != NULL));
         if (inrand != NULL)

apps/pkcs7.c

@@ -193,9 +193,6 @@ int pkcs7_main(int argc, char **argv)
     argc = opt_num_rest();
     argv = opt_rest();
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     in = bio_open_default(infile, 'r', informat);
     if (in == NULL)
         goto end;

apps/pkcs8.c

@@ -233,9 +233,6 @@ int pkcs8_main(int argc, char **argv)
         goto end;
     }
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     if ((pbe_nid == -1) && !cipher)
         pbe_nid = NID_pbeWithMD5AndDES_CBC;
 

apps/pkey.c

@@ -169,9 +169,6 @@ int pkey_main(int argc, char **argv)
         goto end;
     }
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     out = bio_open_owner(outfile, outformat, private);
     if (out == NULL)
         goto end;

apps/pkeyparam.c

@@ -118,9 +118,6 @@ int pkeyparam_main(int argc, char **argv)
     argc = opt_num_rest();
     argv = opt_rest();
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     in = bio_open_default(infile, 'r', FORMAT_PEM);
     if (in == NULL)
         goto end;

apps/pkeyutl.c

@@ -230,9 +230,6 @@ int pkeyutl_main(int argc, char **argv)
     if (ctx == NULL)
         goto opthelp;
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     if (sigfile && (pkey_op != EVP_PKEY_OP_VERIFY)) {
         BIO_printf(bio_err,
                    "%s: Signature file specified for non verify\n", prog);

apps/prime.c

@@ -109,9 +109,6 @@ int prime_main(int argc, char **argv)
     argc = opt_num_rest();
     argv = opt_rest();
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     if (argc == 0 && !generate) {
         BIO_printf(bio_err, "%s: No prime specified\n", prog);
         goto end;

apps/rand.c

@@ -126,9 +126,6 @@ int rand_main(int argc, char **argv)
     if (sscanf(argv[0], "%d", &num) != 1 || num < 0)
         goto opthelp;
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     app_RAND_load_file(NULL, (inrand != NULL));
     if (inrand != NULL)
         BIO_printf(bio_err, "%ld semi-random bytes loaded\n",

apps/rsa.c

@@ -256,10 +256,6 @@ int rsa_main(int argc, char **argv)
         BIO_printf(bio_err, "Error getting passwords\n");
         goto end;
     }
-
-    if (!app_load_modules(NULL))
-        goto end;
-
     if (check && pubin) {
         BIO_printf(bio_err, "Only private keys can be checked\n");
         goto end;

apps/rsautl.c

@@ -214,9 +214,6 @@ int rsautl_main(int argc, char **argv)
         goto end;
     }
 
-    if (!app_load_modules(NULL))
-        goto end;
-
 /* FIXME: seed PRNG only if needed */
     app_RAND_load_file(NULL, 0);
 

apps/s_client.c

@@ -1063,9 +1063,6 @@ int s_client_main(int argc, char **argv)
     argc = opt_num_rest();
     argv = opt_rest();
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     if (proxystr) {
         if (connectstr == NULL) {
             BIO_printf(bio_err, "%s: -proxy requires use of -connect\n", prog);

apps/s_server.c

@@ -1475,9 +1475,6 @@ int s_server_main(int argc, char *argv[])
         goto end;
     }
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     if (s_key_file == NULL)
         s_key_file = s_cert_file;
 

apps/smime.c

@@ -422,9 +422,6 @@ int smime_main(int argc, char **argv)
         goto end;
     }
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     if (need_rand) {
         app_RAND_load_file(NULL, (inrand != NULL));
         if (inrand != NULL)

apps/speed.c

@@ -850,9 +850,6 @@ int speed_main(int argc, char **argv)
     argc = opt_num_rest();
     argv = opt_rest();
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     /* Remaining arguments are algorithms. */
     for ( ; *argv; argv++) {
         if (found(*argv, doit_choices, &i)) {

apps/spkac.c

@@ -186,8 +186,6 @@ int spkac_main(int argc, char **argv)
 
     if ((conf = app_load_config(infile)) == NULL)
         goto end;
-    if (!app_load_modules(conf))
-        goto end;
 
     spkstr = NCONF_get_string(conf, spksect, spkac);
 

apps/verify.c

@@ -198,9 +198,6 @@ int verify_main(int argc, char **argv)
         goto end;
     }
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     if ((store = setup_verify(CAfile, CApath, noCAfile, noCApath)) == NULL)
         goto end;
     X509_STORE_set_verify_cb(store, cb);

apps/x509.c

@@ -493,9 +493,6 @@ int x509_main(int argc, char **argv)
     if (!nmflag_set)
         nmflag = XN_FLAG_ONELINE;
 
-    if (!app_load_modules(NULL))
-        goto end;
-
     out = bio_open_default(outfile, 'w', outformat);
     if (out == NULL)
         goto end;