X-Original-To: alpine-aports@lists.alpinelinux.org Received: from mail-oi0-f68.google.com (mail-oi0-f68.google.com [209.85.218.68]) by lists.alpinelinux.org (Postfix) with ESMTP id E8CD25C4888 for ; Sun, 11 Sep 2016 19:38:17 +0000 (GMT) Received: by mail-oi0-f68.google.com with SMTP id y2so14783591oie.0 for ; Sun, 11 Sep 2016 12:38:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:to:subject:date:message-id:in-reply-to:references; bh=9p5N7mxKDHYFZhR29zLqPFcrEjWTs05HRsEF6lSxh08=; b=b14G6rxxnV6weylHXHcPf+iDYjTKTJJ1DIyf8if9ARLfuiZ6VEPY7bQykxSsHxZDZ9 evtmanozfQNhv1G0DHXQXweeEmT4tXnIGcwZ4EwP/7Wb+CIZyTSpLxXcr2/P0LM7dfXo 06/QkK1DP8m6FChEjyAm6vs08AbVFImnRxdNKYFEKluVRQQTu3csmPQ1cIo6YIw00P/N t7EGIl/lThCCEiR2+tdtz5GjKVr4ci+03JQDYdPY+99Yg8pwolldPxFD6cNqLN2TXREA wq862sCwhSkQbBiWG9YaDtksmnptqUAvYMLVEmFeS5y3BU/KBGRWfLMi70Z8jGMBRPTg UzBQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references; bh=9p5N7mxKDHYFZhR29zLqPFcrEjWTs05HRsEF6lSxh08=; b=G5kWWzUkqcC060AFpAUevYbQDEhJdk7UB34jG5MDd/uLd/x44QbrVZJc4iUxRk8rdz 9bwy+qoC/jj5AG3cMdrrh1z83DeYJ8xhlg82m5GPysYKzdXoc8+7vhlRrSEaYb5tIyHs 2/0bq38V7m9iRoT4fZitF//+wSawKCJsLaBuiulrrPdbDL2Vs1xe5DefDo6svTrnOPmd ZeFGeRuirnB8HAeFpxipvjXW14vzgpkKdNTqK2f6tkN1D49/LmV/kE6/oAfgKAh3IL7f ImnROdHXbHehRveuClrDBWwb23gte1FPOQ9qCZOMQW3tQ9aptaY9R1faWrR8yg/cFD++ iOwA== X-Gm-Message-State: AE9vXwPDa0PBAeK7xOz8hma1Ssd8EsgmwNP+rrWMgjWAFfIWJGUG0uYDMRasRP+dj6ejcg== X-Received: by 10.157.41.104 with SMTP id d95mr1697928otb.7.1473622696798; Sun, 11 Sep 2016 12:38:16 -0700 (PDT) Received: from alp.my.domain (ip72-196-114-247.ga.at.cox.net. [72.196.114.247]) by smtp.gmail.com with ESMTPSA id k23sm4823979otd.30.2016.09.11.12.38.15 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sun, 11 Sep 2016 12:38:16 -0700 (PDT) From: Daniel Sabogal To: alpine-aports@lists.alpinelinux.org Subject: [alpine-aports] [PATCH] main/gnutls: security upgrade to 3.4.15 (GNUTLS-SA-2016-3) Date: Sun, 11 Sep 2016 15:38:03 -0400 Message-Id: <20160911193804.5434-3-dsabogalcc@gmail.com> X-Mailer: git-send-email 2.10.0 In-Reply-To: <20160911193804.5434-1-dsabogalcc@gmail.com> References: <20160911193804.5434-1-dsabogalcc@gmail.com> X-Mailinglist: alpine-aports Precedence: list List-Id: Alpine Development List-Unsubscribe: List-Post: List-Help: List-Subscribe: Remove unused patches --- main/gnutls/APKBUILD | 32 +- main/gnutls/avoid-using-error_h.patch | 3170 --------------------------------- main/gnutls/libgmp.patch | 11 - 3 files changed, 11 insertions(+), 3202 deletions(-) delete mode 100644 main/gnutls/avoid-using-error_h.patch delete mode 100644 main/gnutls/libgmp.patch diff --git a/main/gnutls/APKBUILD b/main/gnutls/APKBUILD index e622a4e..9e65409 100644 --- a/main/gnutls/APKBUILD +++ b/main/gnutls/APKBUILD @@ -2,16 +2,15 @@ # Contributor: Michael Mason # Maintainer: Natanael Copa pkgname=gnutls -pkgver=3.4.14 -pkgrel=1 +pkgver=3.4.15 +pkgrel=0 pkgdesc="A TLS protocol implementation" url="http://www.gnutls.org/" arch="all" license="GPL" -depends= +depends="" depends_dev="nettle-dev zlib-dev libtasn1-dev p11-kit-dev" makedepends="$depends_dev texinfo" -install= subpackages="$pkgname-dbg $pkgname-doc $pkgname-dev $pkgname-utils $pkgname-c++:xx" _v=${pkgver%.*} case $pkgver in @@ -20,19 +19,10 @@ esac source="ftp://ftp.gnutls.org/gcrypt/gnutls/v${_v}/$pkgname-$pkgver.tar.xz " -_builddir="$srcdir/$pkgname-$pkgver" - -prepare() { - cd "$_builddir" - for i in $source; do - case $i in - *.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;; - esac - done -} +builddir="$srcdir/$pkgname-$pkgver" build() { - cd "$_builddir" + cd "$builddir" LIBS="-lgmp" ./configure \ --build=$CBUILD \ --host=$CHOST \ @@ -46,12 +36,12 @@ build() { --disable-guile \ --disable-valgrind-tests \ || return 1 - make + make || return 1 } package() { - cd "$_builddir" - make -j1 DESTDIR="$pkgdir" install + make -j1 DESTDIR="$pkgdir" \ + -C "$builddir" install } utils() { @@ -66,6 +56,6 @@ xx() { mv "$pkgdir"/usr/lib/lib*xx.so.* "$subpkgdir"/usr/lib/ } -md5sums="ad3e269a6793424d5d21c9626e1c9ef1 gnutls-3.4.14.tar.xz" -sha256sums="35deddf2779b76ac11057de38bf380b8066c05de21b94263ad5b6dfa75dfbb23 gnutls-3.4.14.tar.xz" -sha512sums="d75f6b4dea2dc742cd7f60ee0ee540d41b69991aaa937ca0138cfdf4a1e0dfaaa3863464303bfa5799e14ee02de252f71c59a7a9e57b96ff8af653e419edfd4e gnutls-3.4.14.tar.xz" +md5sums="4ea5b239bd8bf1b734dda02997b36459 gnutls-3.4.15.tar.xz" +sha256sums="eb2a013905f5f2a0cbf7bcc1d20c85a50065063ee87bd33b496c4e19815e3498 gnutls-3.4.15.tar.xz" +sha512sums="03157f2da22890ecd080ad58144a9aabe933382c0b7e969b7b194a0248bb5e6e25207078c0a92755650d0004970eb1c0cf0140dbdbf2e615808f9978e965a5e5 gnutls-3.4.15.tar.xz" diff --git a/main/gnutls/avoid-using-error_h.patch b/main/gnutls/avoid-using-error_h.patch deleted file mode 100644 index b9e0c49..0000000 --- a/main/gnutls/avoid-using-error_h.patch +++ /dev/null @@ -1,3170 +0,0 @@ -From 1df1b0f7b28c733bf01e5d1faa2f8ccdb3db1665 Mon Sep 17 00:00:00 2001 -From: Nikos Mavrogiannopoulos -Date: Mon, 2 Sep 2013 13:47:18 +0300 -Subject: [PATCH] Avoid using gnulib's error() - ---- - src/certtool-common.c | 180 +++++++++--- - src/certtool-extras.c | 21 +- - src/certtool.c | 763 +++++++++++++++++++++++++++++++++++++++---------- - src/danetool.c | 97 +++++-- - src/ocsptool-common.c | 48 +++- - src/ocsptool.c | 171 +++++++++--- - src/p11tool.c | 16 +- - src/pkcs11.c | 1 - - src/serv.c | 2 + - src/tpmtool.c | 41 ++- - 10 files changed, 1055 insertions(+), 285 deletions(-) - -diff --git a/src/certtool-common.c b/src/certtool-common.c -index cca7c49..1799250 100644 ---- a/src/certtool-common.c -+++ b/src/certtool-common.c -@@ -37,7 +37,6 @@ - #include - #include - #include --#include - #include - #include "certtool-common.h" - #include "certtool-args.h" -@@ -86,7 +85,10 @@ load_secret_key (int mand, common_info_st * info) - if (info->secret_key == NULL) - { - if (mand) -- error (EXIT_FAILURE, 0, "missing --secret-key"); -+ { -+ fprintf (stderr, "missing --secret-key"); -+ exit(1); -+ } - else - return NULL; - } -@@ -96,7 +98,10 @@ load_secret_key (int mand, common_info_st * info) - - ret = gnutls_hex_decode (&hex_key, raw_key, &raw_key_size); - if (ret < 0) -- error (EXIT_FAILURE, 0, "hex_decode: %s", gnutls_strerror (ret)); -+ { -+ fprintf (stderr, "hex_decode: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - key.data = (void*)raw_key; - key.size = raw_key_size; -@@ -135,7 +140,10 @@ const char* pass; - - ret = gnutls_privkey_init (&key); - if (ret < 0) -- error (EXIT_FAILURE, 0, "privkey_init: %s", gnutls_strerror (ret)); -+ { -+ fprintf (stderr, "privkey_init: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - ret = gnutls_privkey_import_x509_raw (key, dat, info->incert_format, NULL, 0); - if (ret == GNUTLS_E_DECRYPTION_FAILED) -@@ -146,14 +154,18 @@ const char* pass; - - if (ret == GNUTLS_E_BASE64_UNEXPECTED_HEADER_ERROR) - { -- error (EXIT_FAILURE, 0, -+ fprintf (stderr, - "import error: could not find a valid PEM header; " - "check if your key is PKCS #12 encoded"); -+ exit(1); - } - - if (ret < 0) -- error (EXIT_FAILURE, 0, "importing --load-privkey: %s: %s", -+ { -+ fprintf (stderr, "importing --load-privkey: %s: %s", - info->privkey, gnutls_strerror (ret)); -+ exit(1); -+ } - - return key; - } -@@ -165,12 +177,18 @@ gnutls_privkey_t key; - - ret = gnutls_privkey_init (&key); - if (ret < 0) -- error (EXIT_FAILURE, 0, "privkey_init: %s", gnutls_strerror (ret)); -+ { -+ fprintf (stderr, "privkey_init: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - ret = gnutls_privkey_import_url(key, url, 0); - if (ret < 0) -- error (EXIT_FAILURE, 0, "importing key: %s: %s", -+ { -+ fprintf (stderr, "importing key: %s: %s", - url, gnutls_strerror (ret)); -+ exit(1); -+ } - - return key; - } -@@ -214,7 +232,10 @@ load_private_key (int mand, common_info_st * info) - return NULL; - - if (info->privkey == NULL) -- error (EXIT_FAILURE, 0, "missing --load-privkey"); -+ { -+ fprintf (stderr, "missing --load-privkey"); -+ exit(1); -+ } - - if (gnutls_url_is_supported(info->privkey) != 0) - return _load_url_privkey(info->privkey); -@@ -223,7 +244,10 @@ load_private_key (int mand, common_info_st * info) - dat.size = size; - - if (!dat.data) -- error (EXIT_FAILURE, errno, "reading --load-privkey: %s", info->privkey); -+ { -+ fprintf (stderr, "reading --load-privkey: %s", info->privkey); -+ exit(1); -+ } - - key = _load_privkey(&dat, info); - -@@ -249,17 +273,26 @@ load_x509_private_key (int mand, common_info_st * info) - return NULL; - - if (info->privkey == NULL) -- error (EXIT_FAILURE, 0, "missing --load-privkey"); -+ { -+ fprintf (stderr, "missing --load-privkey"); -+ exit(1); -+ } - - ret = gnutls_x509_privkey_init (&key); - if (ret < 0) -- error (EXIT_FAILURE, 0, "privkey_init: %s", gnutls_strerror (ret)); -+ { -+ fprintf( stderr, "privkey_init: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - dat.data = (void*)read_binary_file (info->privkey, &size); - dat.size = size; - - if (!dat.data) -- error (EXIT_FAILURE, errno, "reading --load-privkey: %s", info->privkey); -+ { -+ fprintf (stderr, "reading --load-privkey: %s", info->privkey); -+ exit(1); -+ } - - if (info->pkcs8) - { -@@ -282,14 +315,18 @@ load_x509_private_key (int mand, common_info_st * info) - - if (ret == GNUTLS_E_BASE64_UNEXPECTED_HEADER_ERROR) - { -- error (EXIT_FAILURE, 0, -+ fprintf (stderr, - "import error: could not find a valid PEM header; " -- "check if your key is PKCS #12 encoded"); -+ "check if your key is PEM encoded"); -+ exit(1); - } - - if (ret < 0) -- error (EXIT_FAILURE, 0, "importing --load-privkey: %s: %s", -+ { -+ fprintf( stderr, "importing --load-privkey: %s: %s", - info->privkey, gnutls_strerror (ret)); -+ exit(1); -+ } - - return key; - } -@@ -332,14 +369,20 @@ load_cert_list (int mand, size_t * crt_size, common_info_st * info) - if (info->cert == NULL) - { - if (mand) -- error (EXIT_FAILURE, 0, "missing --load-certificate"); -+ { -+ fprintf (stderr, "missing --load-certificate"); -+ exit(1); -+ } - else - return NULL; - } - - fd = fopen (info->cert, "r"); - if (fd == NULL) -- error (EXIT_FAILURE, errno, "%s", info->cert); -+ { -+ fprintf (stderr, "%s", info->cert); -+ exit(1); -+ } - - size = fread (buffer, 1, sizeof (buffer) - 1, fd); - buffer[size] = 0; -@@ -353,7 +396,10 @@ load_cert_list (int mand, size_t * crt_size, common_info_st * info) - { - ret = gnutls_x509_crt_init (&crt[i]); - if (ret < 0) -- error (EXIT_FAILURE, 0, "crt_init: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "crt_init: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - dat.data = (void*)ptr; - dat.size = ptr_size; -@@ -362,7 +408,10 @@ load_cert_list (int mand, size_t * crt_size, common_info_st * info) - if (ret < 0 && *crt_size > 0) - break; - if (ret < 0) -- error (EXIT_FAILURE, 0, "crt_import: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "crt_import: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - ptr = strstr (ptr, "---END"); - if (ptr == NULL) -@@ -399,26 +448,35 @@ load_request (common_info_st * info) - - ret = gnutls_x509_crq_init (&crq); - if (ret < 0) -- error (EXIT_FAILURE, 0, "crq_init: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "crq_init: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - dat.data = (void*)read_binary_file (info->request, &size); - dat.size = size; - - if (!dat.data) -- error (EXIT_FAILURE, errno, "reading --load-request: %s", info->request); -+ { -+ fprintf (stderr, "reading --load-request: %s", info->request); -+ exit(1); -+ } - - ret = gnutls_x509_crq_import (crq, &dat, info->incert_format); - if (ret == GNUTLS_E_BASE64_UNEXPECTED_HEADER_ERROR) - { -- error (EXIT_FAILURE, 0, -+ fprintf(stderr, - "import error: could not find a valid PEM header"); -+ exit(1); - } - - free (dat.data); - if (ret < 0) -- error (EXIT_FAILURE, 0, "importing --load-request: %s: %s", -- info->request, gnutls_strerror (ret)); -- -+ { -+ fprintf(stderr, "importing --load-request: %s: %s", -+ info->request, gnutls_strerror (ret)); -+ exit(1); -+ } - return crq; - } - -@@ -432,7 +490,10 @@ load_ca_private_key (common_info_st * info) - size_t size; - - if (info->ca_privkey == NULL) -- error (EXIT_FAILURE, 0, "missing --load-ca-privkey"); -+ { -+ fprintf(stderr, "missing --load-ca-privkey"); -+ exit(1); -+ } - - if (gnutls_url_is_supported(info->ca_privkey) != 0) - return _load_url_privkey(info->ca_privkey); -@@ -441,8 +502,11 @@ load_ca_private_key (common_info_st * info) - dat.size = size; - - if (!dat.data) -- error (EXIT_FAILURE, errno, "reading --load-ca-privkey: %s", -+ { -+ fprintf (stderr, "reading --load-ca-privkey: %s", - info->ca_privkey); -+ exit(1); -+ } - - key = _load_privkey(&dat, info); - -@@ -462,24 +526,36 @@ load_ca_cert (common_info_st * info) - size_t size; - - if (info->ca == NULL) -- error (EXIT_FAILURE, 0, "missing --load-ca-certificate"); -+ { -+ fprintf(stderr, "missing --load-ca-certificate"); -+ exit(1); -+ } - - ret = gnutls_x509_crt_init (&crt); - if (ret < 0) -- error (EXIT_FAILURE, 0, "crt_init: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "crt_init: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - dat.data = (void*)read_binary_file (info->ca, &size); - dat.size = size; - - if (!dat.data) -- error (EXIT_FAILURE, errno, "reading --load-ca-certificate: %s", -+ { -+ fprintf( stderr, "reading --load-ca-certificate: %s", - info->ca); -+ exit(1); -+ } - - ret = gnutls_x509_crt_import (crt, &dat, info->incert_format); - free (dat.data); - if (ret < 0) -- error (EXIT_FAILURE, 0, "importing --load-ca-certificate: %s: %s", -- info->ca, gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "importing --load-ca-certificate: %s: %s", -+ info->ca, gnutls_strerror (ret)); -+ exit(1); -+ } - - return crt; - } -@@ -499,20 +575,29 @@ load_pubkey (int mand, common_info_st * info) - return NULL; - - if (info->pubkey == NULL) -- error (EXIT_FAILURE, 0, "missing --load-pubkey"); -+ { -+ fprintf(stderr, "missing --load-pubkey"); -+ exit(1); -+ } - - if (gnutls_url_is_supported(info->pubkey) != 0) - return _load_url_pubkey(info->pubkey); - - ret = gnutls_pubkey_init (&key); - if (ret < 0) -- error (EXIT_FAILURE, 0, "privkey_init: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "privkey_init: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - dat.data = (void*)read_binary_file (info->pubkey, &size); - dat.size = size; - - if (!dat.data) -- error (EXIT_FAILURE, errno, "reading --load-pubkey: %s", info->pubkey); -+ { -+ fprintf( stderr, "reading --load-pubkey: %s", info->pubkey); -+ exit(1); -+ } - - ret = gnutls_pubkey_import (key, &dat, info->incert_format); - -@@ -520,14 +605,18 @@ load_pubkey (int mand, common_info_st * info) - - if (ret == GNUTLS_E_BASE64_UNEXPECTED_HEADER_ERROR) - { -- error (EXIT_FAILURE, 0, -+ fprintf(stderr, - "import error: could not find a valid PEM header; " - "check if your key has the PUBLIC KEY header"); -+ exit(1); - } - - if (ret < 0) -- error (EXIT_FAILURE, 0, "importing --load-pubkey: %s: %s", -+ { -+ fprintf(stderr, "importing --load-pubkey: %s: %s", - info->pubkey, gnutls_strerror (ret)); -+ exit(1); -+ } - - return key; - } -@@ -539,8 +628,11 @@ int ret; - - ret = gnutls_pubkey_init(&pubkey); - if (ret < 0) -- error (EXIT_FAILURE, 0, "gnutls_pubkey_init: %s", -+ { -+ fprintf(stderr, "gnutls_pubkey_init: %s", - gnutls_strerror (ret)); -+ exit(1); -+ } - - if (!privkey || (ret = gnutls_pubkey_import_privkey(pubkey, privkey, 0, 0)) < 0) - { /* could not get (e.g. on PKCS #11 */ -@@ -747,7 +839,10 @@ size_t size; - - ret = gnutls_pubkey_print(pubkey, format, &data); - if (ret < 0) -- error (EXIT_FAILURE, 0, "pubkey_print error: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "pubkey_print error: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - fprintf (outfile, "%s\n", data.data); - gnutls_free (data.data); -@@ -755,7 +850,10 @@ size_t size; - size = buffer_size; - ret = gnutls_pubkey_export (pubkey, GNUTLS_X509_FMT_PEM, buffer, &size); - if (ret < 0) -- error (EXIT_FAILURE, 0, "export error: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "export error: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - fprintf (outfile, "\n%s\n", buffer); - } -diff --git a/src/certtool-extras.c b/src/certtool-extras.c -index 1422188..ee89434 100644 ---- a/src/certtool-extras.c -+++ b/src/certtool-extras.c -@@ -38,7 +38,6 @@ - #include - #include - #include --#include - #include "certtool-common.h" - #include "certtool-cfg.h" - -@@ -64,14 +63,20 @@ load_privkey_list (int mand, size_t * privkey_size, common_info_st * info) - if (info->privkey == NULL) - { - if (mand) -- error (EXIT_FAILURE, 0, "missing --load-privkey"); -+ { -+ fprintf( stderr, "missing --load-privkey"); -+ exit(1); -+ } - else - return NULL; - } - - ret = gnutls_load_file(info->privkey, &file_data); - if (ret < 0) -- error (EXIT_FAILURE, errno, "%s", info->privkey); -+ { -+ fprintf (stderr, "%s", info->privkey); -+ exit(1); -+ } - - ptr = (void*)file_data.data; - ptr_size = file_data.size; -@@ -80,7 +85,10 @@ load_privkey_list (int mand, size_t * privkey_size, common_info_st * info) - { - ret = gnutls_x509_privkey_init (&key[i]); - if (ret < 0) -- error (EXIT_FAILURE, 0, "privkey_init: %s", gnutls_strerror (ret)); -+ { -+ fprintf( stderr, "privkey_init: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - dat.data = (void*)ptr; - dat.size = ptr_size; -@@ -95,7 +103,10 @@ load_privkey_list (int mand, size_t * privkey_size, common_info_st * info) - if (ret < 0 && *privkey_size > 0) - break; - if (ret < 0) -- error (EXIT_FAILURE, 0, "privkey_import: %s", gnutls_strerror (ret)); -+ { -+ fprintf( stderr, "privkey_import: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - (*privkey_size)++; - -diff --git a/src/certtool.c b/src/certtool.c -index 2a1a668..0ea52e8 100644 ---- a/src/certtool.c -+++ b/src/certtool.c -@@ -38,7 +38,6 @@ - #include - #include - #include --#include - - /* Gnulib portability files. */ - #include -@@ -109,7 +108,10 @@ generate_private_key_int (common_info_st * cinfo) - - ret = gnutls_x509_privkey_init (&key); - if (ret < 0) -- error (EXIT_FAILURE, 0, "privkey_init: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "privkey_init: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - bits = get_bits (key_type, cinfo->bits, cinfo->sec_param, 1); - -@@ -122,11 +124,17 @@ generate_private_key_int (common_info_st * cinfo) - - ret = gnutls_x509_privkey_generate (key, key_type, bits, 0); - if (ret < 0) -- error (EXIT_FAILURE, 0, "privkey_generate: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "privkey_generate: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - ret = gnutls_x509_privkey_verify_params (key); - if (ret < 0) -- error (EXIT_FAILURE, 0, "privkey_verify_params: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "privkey_verify_params: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - return key; - } -@@ -167,8 +175,8 @@ cipher_to_flags (const char *cipher) - return GNUTLS_PKCS_USE_PKCS12_RC2_40; - } - -- error (EXIT_FAILURE, 0, "unknown cipher %s\n", cipher); -- return -1; -+ fprintf(stderr, "unknown cipher %s\n", cipher); -+ exit(1); - } - - -@@ -190,7 +198,10 @@ print_private_key (common_info_st* cinfo, gnutls_x509_privkey_t key) - ret = gnutls_x509_privkey_export (key, outcert_format, - buffer, &size); - if (ret < 0) -- error (EXIT_FAILURE, 0, "privkey_export: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "privkey_export: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - } - else - { -@@ -205,8 +216,11 @@ print_private_key (common_info_st* cinfo, gnutls_x509_privkey_t key) - gnutls_x509_privkey_export_pkcs8 (key, outcert_format, pass, - flags, buffer, &size); - if (ret < 0) -- error (EXIT_FAILURE, 0, "privkey_export_pkcs8: %s", -+ { -+ fprintf(stderr, "privkey_export_pkcs8: %s", - gnutls_strerror (ret)); -+ exit(1); -+ } - } - - fwrite (buffer, 1, size, outfile); -@@ -244,7 +258,10 @@ generate_certificate (gnutls_privkey_t * ret_key, - - ret = gnutls_x509_crt_init (&crt); - if (ret < 0) -- error (EXIT_FAILURE, 0, "crt_init: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "crt_init: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - crq = load_request (cinfo); - -@@ -266,8 +283,11 @@ generate_certificate (gnutls_privkey_t * ret_key, - { - result = gnutls_x509_crt_set_proxy_dn (crt, ca_crt, 0, NULL, 0); - if (result < 0) -- error (EXIT_FAILURE, 0, "set_proxy_dn: %s", -+ { -+ fprintf(stderr, "set_proxy_dn: %s", - gnutls_strerror (result)); -+ exit(1); -+ } - - get_dn_crt_set (crt); - get_cn_crt_set (crt); -@@ -297,13 +317,19 @@ generate_certificate (gnutls_privkey_t * ret_key, - - result = gnutls_x509_crt_set_pubkey (crt, pubkey); - if (result < 0) -- error (EXIT_FAILURE, 0, "set_key: %s", gnutls_strerror (result)); -+ { -+ fprintf(stderr, "set_key: %s", gnutls_strerror (result)); -+ exit(1); -+ } - } - else - { - result = gnutls_x509_crt_set_crq (crt, crq); - if (result < 0) -- error (EXIT_FAILURE, 0, "set_crq: %s", gnutls_strerror (result)); -+ { -+ fprintf(stderr, "set_crq: %s", gnutls_strerror (result)); -+ exit(1); -+ } - } - - -@@ -319,7 +345,10 @@ generate_certificate (gnutls_privkey_t * ret_key, - - result = gnutls_x509_crt_set_serial (crt, bin_serial, 5); - if (result < 0) -- error (EXIT_FAILURE, 0, "serial: %s", gnutls_strerror (result)); -+ { -+ fprintf(stderr, "serial: %s", gnutls_strerror (result)); -+ exit(1); -+ } - } - - if (!batch) -@@ -339,7 +368,10 @@ generate_certificate (gnutls_privkey_t * ret_key, - result = - gnutls_x509_crt_set_expiration_time (crt, secs); - if (result < 0) -- error (EXIT_FAILURE, 0, "set_expiration: %s", gnutls_strerror (result)); -+ { -+ fprintf(stderr, "set_expiration: %s", gnutls_strerror (result)); -+ exit(1); -+ } - - if (!batch) - fprintf (stderr, "\n\nExtensions.\n"); -@@ -349,7 +381,10 @@ generate_certificate (gnutls_privkey_t * ret_key, - { - result = gnutls_x509_crt_set_crq_extensions (crt, crq); - if (result < 0) -- error (EXIT_FAILURE, 0, "set_crq: %s", gnutls_strerror (result)); -+ { -+ fprintf(stderr, "set_crq: %s", gnutls_strerror (result)); -+ exit(1); -+ } - } - - /* append additional extensions */ -@@ -375,8 +410,11 @@ generate_certificate (gnutls_privkey_t * ret_key, - gnutls_x509_crt_set_proxy (crt, proxypathlen, policylanguage, - policy, policylen); - if (result < 0) -- error (EXIT_FAILURE, 0, "set_proxy: %s", -+ { -+ fprintf(stderr, "set_proxy: %s", - gnutls_strerror (result)); -+ exit(1); -+ } - } - - if (!proxy) -@@ -389,8 +427,11 @@ generate_certificate (gnutls_privkey_t * ret_key, - result = - gnutls_x509_crt_set_basic_constraints (crt, ca_status, path_len); - if (result < 0) -- error (EXIT_FAILURE, 0, "basic_constraints: %s", -+ { -+ fprintf(stderr, "basic_constraints: %s", - gnutls_strerror (result)); -+ exit(1); -+ } - - client = get_tls_client_status (); - if (client != 0) -@@ -399,7 +440,10 @@ generate_certificate (gnutls_privkey_t * ret_key, - GNUTLS_KP_TLS_WWW_CLIENT, - 0); - if (result < 0) -- error (EXIT_FAILURE, 0, "key_kp: %s", gnutls_strerror (result)); -+ { -+ fprintf(stderr, "key_kp: %s", gnutls_strerror (result)); -+ exit(1); -+ } - } - - is_ike = get_ipsec_ike_status (); -@@ -418,7 +462,10 @@ generate_certificate (gnutls_privkey_t * ret_key, - gnutls_x509_crt_set_key_purpose_oid (crt, - GNUTLS_KP_TLS_WWW_SERVER, 0); - if (result < 0) -- error (EXIT_FAILURE, 0, "key_kp: %s", gnutls_strerror (result)); -+ { -+ fprintf(stderr, "key_kp: %s", gnutls_strerror (result)); -+ exit(1); -+ } - } - else if (!proxy) - { -@@ -451,8 +498,11 @@ generate_certificate (gnutls_privkey_t * ret_key, - gnutls_x509_crt_set_key_purpose_oid (crt, - GNUTLS_KP_IPSEC_IKE, 0); - if (result < 0) -- error (EXIT_FAILURE, 0, "key_kp: %s", -+ { -+ fprintf(stderr, "key_kp: %s", - gnutls_strerror (result)); -+ exit(1); -+ } - } - } - -@@ -475,8 +525,11 @@ generate_certificate (gnutls_privkey_t * ret_key, - GNUTLS_KP_CODE_SIGNING, - 0); - if (result < 0) -- error (EXIT_FAILURE, 0, "key_kp: %s", -+ { -+ fprintf(stderr, "key_kp: %s", - gnutls_strerror (result)); -+ exit(1); -+ } - } - - result = get_ocsp_sign_status (); -@@ -487,8 +540,11 @@ generate_certificate (gnutls_privkey_t * ret_key, - GNUTLS_KP_OCSP_SIGNING, - 0); - if (result < 0) -- error (EXIT_FAILURE, 0, "key_kp: %s", -+ { -+ fprintf(stderr, "key_kp: %s", - gnutls_strerror (result)); -+ exit(1); -+ } - } - - result = get_time_stamp_status (); -@@ -499,8 +555,11 @@ generate_certificate (gnutls_privkey_t * ret_key, - GNUTLS_KP_TIME_STAMPING, - 0); - if (result < 0) -- error (EXIT_FAILURE, 0, "key_kp: %s", -+ { -+ fprintf(stderr, "key_kp: %s", - gnutls_strerror (result)); -+ exit(1); -+ } - } - } - get_ocsp_issuer_set(crt); -@@ -515,8 +574,11 @@ generate_certificate (gnutls_privkey_t * ret_key, - usage |= GNUTLS_KEY_NON_REPUDIATION; - result = gnutls_x509_crt_set_key_usage (crt, usage); - if (result < 0) -- error (EXIT_FAILURE, 0, "key_usage: %s", -+ { -+ fprintf(stderr, "key_usage: %s", - gnutls_strerror (result)); -+ exit(1); -+ } - } - - /* Subject Key ID. -@@ -527,8 +589,11 @@ generate_certificate (gnutls_privkey_t * ret_key, - { - result = gnutls_x509_crt_set_subject_key_id (crt, buffer, size); - if (result < 0) -- error (EXIT_FAILURE, 0, "set_subject_key_id: %s", -+ { -+ fprintf(stderr, "set_subject_key_id: %s", - gnutls_strerror (result)); -+ exit(1); -+ } - } - - /* Authority Key ID. -@@ -548,8 +613,11 @@ generate_certificate (gnutls_privkey_t * ret_key, - result = - gnutls_x509_crt_set_authority_key_id (crt, buffer, size); - if (result < 0) -- error (EXIT_FAILURE, 0, "set_authority_key_id: %s", -+ { -+ fprintf(stderr, "set_authority_key_id: %s", - gnutls_strerror (result)); -+ exit(1); -+ } - } - } - } -@@ -562,7 +630,10 @@ generate_certificate (gnutls_privkey_t * ret_key, - vers = 3; - result = gnutls_x509_crt_set_version (crt, vers); - if (result < 0) -- error (EXIT_FAILURE, 0, "set_version: %s", gnutls_strerror (result)); -+ { -+ fprintf(stderr, "set_version: %s", gnutls_strerror (result)); -+ exit(1); -+ } - - *ret_key = key; - return crt; -@@ -581,7 +652,10 @@ generate_crl (gnutls_x509_crt_t ca_crt, common_info_st * cinfo) - - result = gnutls_x509_crl_init (&crl); - if (result < 0) -- error (EXIT_FAILURE, 0, "crl_init: %s", gnutls_strerror (result)); -+ { -+ fprintf(stderr, "crl_init: %s", gnutls_strerror (result)); -+ exit(1); -+ } - - crts = load_cert_list (0, &size, cinfo); - -@@ -589,23 +663,35 @@ generate_crl (gnutls_x509_crt_t ca_crt, common_info_st * cinfo) - { - result = gnutls_x509_crl_set_crt (crl, crts[i], now); - if (result < 0) -- error (EXIT_FAILURE, 0, "crl_set_crt: %s", gnutls_strerror (result)); -+ { -+ fprintf(stderr, "crl_set_crt: %s", gnutls_strerror (result)); -+ exit(1); -+ } - } - - result = gnutls_x509_crl_set_this_update (crl, now); - if (result < 0) -- error (EXIT_FAILURE, 0, "this_update: %s", gnutls_strerror (result)); -+ { -+ fprintf(stderr, "this_update: %s", gnutls_strerror (result)); -+ exit(1); -+ } - - fprintf (stderr, "Update times.\n"); - days = get_crl_next_update (); - - result = gnutls_x509_crl_set_next_update (crl, now + days * 24 * 60 * 60); - if (result < 0) -- error (EXIT_FAILURE, 0, "next_update: %s", gnutls_strerror (result)); -+ { -+ fprintf(stderr, "next_update: %s", gnutls_strerror (result)); -+ exit(1); -+ } - - result = gnutls_x509_crl_set_version (crl, 2); - if (result < 0) -- error (EXIT_FAILURE, 0, "set_version: %s", gnutls_strerror (result)); -+ { -+ fprintf(stderr, "set_version: %s", gnutls_strerror (result)); -+ exit(1); -+ } - - /* Authority Key ID. - */ -@@ -623,8 +709,12 @@ generate_crl (gnutls_x509_crt_t ca_crt, common_info_st * cinfo) - { - result = gnutls_x509_crl_set_authority_key_id (crl, buffer, size); - if (result < 0) -- error (EXIT_FAILURE, 0, "set_authority_key_id: %s", -+ { -+ fprintf(stderr, "set_authority_key_id: %s", - gnutls_strerror (result)); -+ exit(1); -+ } -+ - } - } - -@@ -640,7 +730,10 @@ generate_crl (gnutls_x509_crt_t ca_crt, common_info_st * cinfo) - - result = gnutls_x509_crl_set_number (crl, bin_number, 5); - if (result < 0) -- error (EXIT_FAILURE, 0, "set_number: %s", gnutls_strerror (result)); -+ { -+ fprintf(stderr, "set_number: %s", gnutls_strerror (result)); -+ exit(1); -+ } - } - - return crl; -@@ -656,8 +749,11 @@ get_dig_for_pub (gnutls_pubkey_t pubkey) - result = gnutls_pubkey_get_preferred_hash_algorithm (pubkey, &dig, &mand); - if (result < 0) - { -- error (EXIT_FAILURE, 0, "crt_get_preferred_hash_algorithm: %s", -+ { -+ fprintf(stderr, "crt_get_preferred_hash_algorithm: %s", - gnutls_strerror (result)); -+ exit(1); -+ } - } - - /* if algorithm allows alternatives */ -@@ -679,8 +775,11 @@ get_dig (gnutls_x509_crt_t crt) - result = gnutls_pubkey_import_x509(pubkey, crt, 0); - if (result < 0) - { -- error (EXIT_FAILURE, 0, "gnutls_pubkey_import_x509: %s", -+ { -+ fprintf(stderr, "gnutls_pubkey_import_x509: %s", - gnutls_strerror (result)); -+ exit(1); -+ } - } - - dig = get_dig_for_pub (pubkey); -@@ -713,8 +812,11 @@ generate_self_signed (common_info_st * cinfo) - uri, - 0 /* all reasons */ ); - if (result < 0) -- error (EXIT_FAILURE, 0, "crl_dist_points: %s", -+ { -+ fprintf(stderr, "crl_dist_points: %s", - gnutls_strerror (result)); -+ exit(1); -+ } - } - - print_certificate_info (crt, stderr, 0); -@@ -723,12 +825,18 @@ generate_self_signed (common_info_st * cinfo) - - result = gnutls_x509_crt_privkey_sign (crt, crt, key, get_dig (crt), 0); - if (result < 0) -- error (EXIT_FAILURE, 0, "crt_sign: %s", gnutls_strerror (result)); -+ { -+ fprintf(stderr, "crt_sign: %s", gnutls_strerror (result)); -+ exit(1); -+ } - - size = buffer_size; - result = gnutls_x509_crt_export (crt, outcert_format, buffer, &size); - if (result < 0) -- error (EXIT_FAILURE, 0, "crt_export: %s", gnutls_strerror (result)); -+ { -+ fprintf(stderr, "crt_export: %s", gnutls_strerror (result)); -+ exit(1); -+ } - - fwrite (buffer, 1, size, outfile); - -@@ -765,12 +873,18 @@ generate_signed_certificate (common_info_st * cinfo) - - result = gnutls_x509_crt_privkey_sign (crt, ca_crt, ca_key, get_dig (ca_crt), 0); - if (result < 0) -- error (EXIT_FAILURE, 0, "crt_sign: %s", gnutls_strerror (result)); -+ { -+ fprintf(stderr, "crt_sign: %s", gnutls_strerror (result)); -+ exit(1); -+ } - - size = buffer_size; - result = gnutls_x509_crt_export (crt, outcert_format, buffer, &size); - if (result < 0) -- error (EXIT_FAILURE, 0, "crt_export: %s", gnutls_strerror (result)); -+ { -+ fprintf(stderr, "crt_export: %s", gnutls_strerror (result)); -+ exit(1); -+ } - - fwrite (buffer, 1, size, outfile); - -@@ -800,12 +914,18 @@ generate_proxy_certificate (common_info_st * cinfo) - - result = gnutls_x509_crt_privkey_sign (crt, eecrt, eekey, get_dig (eecrt), 0); - if (result < 0) -- error (EXIT_FAILURE, 0, "crt_sign: %s", gnutls_strerror (result)); -+ { -+ fprintf(stderr, "crt_sign: %s", gnutls_strerror (result)); -+ exit(1); -+ } - - size = buffer_size; - result = gnutls_x509_crt_export (crt, outcert_format, buffer, &size); - if (result < 0) -- error (EXIT_FAILURE, 0, "crt_export: %s", gnutls_strerror (result)); -+ { -+ fprintf(stderr, "crt_export: %s", gnutls_strerror (result)); -+ exit(1); -+ } - - fwrite (buffer, 1, size, outfile); - -@@ -832,7 +952,10 @@ generate_signed_crl (common_info_st * cinfo) - fprintf (stderr, "\n"); - result = gnutls_x509_crl_privkey_sign(crl, ca_crt, ca_key, get_dig (ca_crt), 0); - if (result < 0) -- error (EXIT_FAILURE, 0, "crl_privkey_sign: %s", gnutls_strerror (result)); -+ { -+ fprintf(stderr, "crl_privkey_sign: %s", gnutls_strerror (result)); -+ exit(1); -+ } - - print_crl_info (crl, stderr); - -@@ -865,18 +988,27 @@ update_signed_certificate (common_info_st * cinfo) - result = - gnutls_x509_crt_set_expiration_time (crt, tim + ((time_t) days) * 24 * 60 * 60); - if (result < 0) -- error (EXIT_FAILURE, 0, "set_expiration: %s", gnutls_strerror (result)); -+ { -+ fprintf(stderr, "set_expiration: %s", gnutls_strerror (result)); -+ exit(1); -+ } - - fprintf (stderr, "\n\nSigning certificate...\n"); - - result = gnutls_x509_crt_privkey_sign (crt, ca_crt, ca_key, get_dig (ca_crt), 0); - if (result < 0) -- error (EXIT_FAILURE, 0, "crt_sign: %s", gnutls_strerror (result)); -+ { -+ fprintf(stderr, "crt_sign: %s", gnutls_strerror (result)); -+ exit(1); -+ } - - size = buffer_size; - result = gnutls_x509_crt_export (crt, outcert_format, buffer, &size); - if (result < 0) -- error (EXIT_FAILURE, 0, "crt_export: %s", gnutls_strerror (result)); -+ { -+ fprintf(stderr, "crt_export: %s", gnutls_strerror (result)); -+ exit(1); -+ } - - fwrite (buffer, 1, size, outfile); - -@@ -902,7 +1034,10 @@ cmd_parser (int argc, char **argv) - { - outfile = safe_open_rw (OPT_ARG(OUTFILE), privkey_op); - if (outfile == NULL) -- error (EXIT_FAILURE, errno, "%s", OPT_ARG(OUTFILE)); -+ { -+ fprintf(stderr, "%s", OPT_ARG(OUTFILE)); -+ exit(1); -+ } - } - else - outfile = stdout; -@@ -911,7 +1046,10 @@ cmd_parser (int argc, char **argv) - { - infile = fopen (OPT_ARG(INFILE), "rb"); - if (infile == NULL) -- error (EXIT_FAILURE, errno, "%s", OPT_ARG(INFILE)); -+ { -+ fprintf(stderr, "%s", OPT_ARG(INFILE)); -+ exit(1); -+ } - } - else - infile = stdin; -@@ -955,7 +1093,10 @@ cmd_parser (int argc, char **argv) - else if (strcasecmp (OPT_ARG(HASH), "rmd160") == 0) - default_dig = GNUTLS_DIG_RMD160; - else -- error (EXIT_FAILURE, 0, "invalid hash: %s", OPT_ARG(HASH)); -+ { -+ fprintf(stderr, "invalid hash: %s", OPT_ARG(HASH)); -+ exit(1); -+ } - } - - batch = 0; -@@ -974,7 +1115,10 @@ cmd_parser (int argc, char **argv) - } - - if ((ret = gnutls_global_init ()) < 0) -- error (EXIT_FAILURE, 0, "global_init: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "global_init: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - #ifdef ENABLE_PKCS11 - pkcs11_common(); -@@ -1124,14 +1268,17 @@ certificate_info (int pubkey, common_info_st * cinfo) - GNUTLS_X509_CRT_LIST_IMPORT_FAIL_IF_EXCEED); - if (ret == GNUTLS_E_SHORT_MEMORY_BUFFER) - { -- error (0, 0, "too many certificates (%d); " -+ fprintf( stderr, "too many certificates (%d); " - "will only read the first %d", crt_num, MAX_CRTS); - crt_num = MAX_CRTS; - ret = gnutls_x509_crt_list_import (crt, &crt_num, &pem, - incert_format, 0); - } - if (ret < 0) -- error (EXIT_FAILURE, 0, "import error: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "import error: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - free (pem.data); - -@@ -1139,7 +1286,7 @@ certificate_info (int pubkey, common_info_st * cinfo) - - if (count > 1 && outcert_format == GNUTLS_X509_FMT_DER) - { -- error (0, 0, "cannot output multiple certificates in DER format; " -+ fprintf( stderr, "cannot output multiple certificates in DER format; " - "using PEM instead"); - outcert_format = GNUTLS_X509_FMT_PEM; - } -@@ -1160,7 +1307,10 @@ certificate_info (int pubkey, common_info_st * cinfo) - ret = gnutls_x509_crt_export (crt[i], outcert_format, buffer, - &size); - if (ret < 0) -- error (EXIT_FAILURE, 0, "export error: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "export error: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - fwrite (buffer, 1, size, outfile); - } -@@ -1185,12 +1335,18 @@ pgp_certificate_info (void) - - ret = gnutls_openpgp_crt_init (&crt); - if (ret < 0) -- error (EXIT_FAILURE, 0, "openpgp_crt_init: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "openpgp_crt_init: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - ret = gnutls_openpgp_crt_import (crt, &pem, incert_format); - - if (ret < 0) -- error (EXIT_FAILURE, 0, "import error: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "import error: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - free (pem.data); - -@@ -1209,8 +1365,11 @@ pgp_certificate_info (void) - ret = gnutls_openpgp_crt_verify_self (crt, 0, &verify_status); - if (ret < 0) - { -- error (EXIT_FAILURE, 0, "verify signature error: %s", -+ { -+ fprintf(stderr, "verify signature error: %s", - gnutls_strerror (ret)); -+ exit(1); -+ } - } - - if (verify_status & GNUTLS_CERT_INVALID) -@@ -1227,8 +1386,8 @@ pgp_certificate_info (void) - ret = gnutls_openpgp_crt_export (crt, outcert_format, buffer, &size); - if (ret < 0) - { -- error (EXIT_FAILURE, 0, "export error: %s", gnutls_strerror (ret)); -- fwrite (buffer, 1, size, outfile); -+ fprintf(stderr, "export error: %s", gnutls_strerror (ret)); -+ exit(1); - } - - fprintf (outfile, "%s\n", buffer); -@@ -1257,14 +1416,20 @@ pgp_privkey_info (void) - NULL, 0); - - if (ret < 0) -- error (EXIT_FAILURE, 0, "import error: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "import error: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - /* Public key algorithm - */ - subkeys = gnutls_openpgp_privkey_get_subkey_count (key); - if (subkeys < 0) -- error (EXIT_FAILURE, 0, "privkey_get_subkey_count: %s", -+ { -+ fprintf(stderr, "privkey_get_subkey_count: %s", - gnutls_strerror (subkeys)); -+ exit(1); -+ } - - for (i = -1; i < subkeys; i++) - { -@@ -1378,7 +1543,10 @@ pgp_privkey_info (void) - ret = gnutls_openpgp_privkey_export (key, GNUTLS_OPENPGP_FMT_BASE64, - NULL, 0, buffer, &size); - if (ret < 0) -- error (EXIT_FAILURE, 0, "export error: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "export error: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - fprintf (outfile, "\n%s\n", buffer); - -@@ -1399,13 +1567,19 @@ pgp_ring_info (void) - - ret = gnutls_openpgp_keyring_init (&ring); - if (ret < 0) -- error (EXIT_FAILURE, 0, "openpgp_keyring_init: %s", -+ { -+ fprintf(stderr, "openpgp_keyring_init: %s", - gnutls_strerror (ret)); -+ exit(1); -+ } - - ret = gnutls_openpgp_keyring_import (ring, &pem, incert_format); - - if (ret < 0) -- error (EXIT_FAILURE, 0, "import error: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "import error: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - free (pem.data); - -@@ -1413,19 +1587,28 @@ pgp_ring_info (void) - if (count >= 0) - fprintf (outfile, "Keyring contains %d OpenPGP certificates\n\n", count); - else -- error (EXIT_FAILURE, 0, "keyring error: %s", gnutls_strerror (count)); -+ { -+ fprintf(stderr, "keyring error: %s", gnutls_strerror (count)); -+ exit(1); -+ } - - for (i = 0; i < count; i++) - { - ret = gnutls_openpgp_keyring_get_crt (ring, i, &crt); - if (ret < 0) -- error (EXIT_FAILURE, 0, "export error: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "export error: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - size = buffer_size; - ret = gnutls_openpgp_crt_export (crt, outcert_format, - buffer, &size); - if (ret < 0) -- error (EXIT_FAILURE, 0, "export error: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "export error: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - fwrite (buffer, 1, size, outfile); - fprintf (outfile, "\n\n"); -@@ -1475,7 +1658,10 @@ print_crl_info (gnutls_x509_crl_t crl, FILE * out) - - ret = gnutls_x509_crl_print (crl, full_format, &data); - if (ret < 0) -- error (EXIT_FAILURE, 0, "crl_print: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "crl_print: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - fprintf (out, "%s\n", data.data); - -@@ -1484,7 +1670,10 @@ print_crl_info (gnutls_x509_crl_t crl, FILE * out) - size = buffer_size; - ret = gnutls_x509_crl_export (crl, GNUTLS_X509_FMT_PEM, buffer, &size); - if (ret < 0) -- error (EXIT_FAILURE, 0, "crl_export: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "crl_export: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - fwrite (buffer, 1, size, outfile); - } -@@ -1499,20 +1688,29 @@ crl_info (void) - - ret = gnutls_x509_crl_init (&crl); - if (ret < 0) -- error (EXIT_FAILURE, 0, "crl_init: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "crl_init: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - pem.data = (void*)fread_file (infile, &size); - pem.size = size; - - if (!pem.data) -- error (EXIT_FAILURE, errno, "%s", infile ? "file" : -+ { -+ fprintf(stderr, "%s", infile ? "file" : - "standard input"); -+ exit(1); -+ } - - ret = gnutls_x509_crl_import (crl, &pem, incert_format); - - free (pem.data); - if (ret < 0) -- error (EXIT_FAILURE, 0, "import error: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "import error: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - print_crl_info (crl, outfile); - -@@ -1530,7 +1728,10 @@ print_crq_info (gnutls_x509_crq_t crq, FILE * out) - { - ret = gnutls_x509_crq_print (crq, full_format, &data); - if (ret < 0) -- error (EXIT_FAILURE, 0, "crq_print: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "crq_print: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - fprintf (out, "%s\n", data.data); - -@@ -1550,7 +1751,10 @@ print_crq_info (gnutls_x509_crq_t crq, FILE * out) - size = buffer_size; - ret = gnutls_x509_crq_export (crq, outcert_format, buffer, &size); - if (ret < 0) -- error (EXIT_FAILURE, 0, "crq_export: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "crq_export: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - fwrite (buffer, 1, size, outfile); - } -@@ -1565,20 +1769,29 @@ crq_info (void) - - ret = gnutls_x509_crq_init (&crq); - if (ret < 0) -- error (EXIT_FAILURE, 0, "crq_init: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "crq_init: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - pem.data = (void*)fread_file (infile, &size); - pem.size = size; - - if (!pem.data) -- error (EXIT_FAILURE, errno, "%s", infile ? "file" : -+ { -+ fprintf(stderr, "%s", infile ? "file" : - "standard input"); -+ exit(1); -+ } - - ret = gnutls_x509_crq_import (crq, &pem, incert_format); - - free (pem.data); - if (ret < 0) -- error (EXIT_FAILURE, 0, "import error: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "import error: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - print_crq_info (crq, outfile); - -@@ -1724,7 +1937,10 @@ privkey_info (common_info_st* cinfo) - incert_format, pass, flags); - } - if (ret < 0) -- error (EXIT_FAILURE, 0, "import error: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "import error: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - if (outcert_format == GNUTLS_X509_FMT_PEM) - privkey_info_int (cinfo, key); -@@ -1736,7 +1952,10 @@ privkey_info (common_info_st* cinfo) - size = buffer_size; - ret = gnutls_x509_privkey_export (key, outcert_format, buffer, &size); - if (ret < 0) -- error (EXIT_FAILURE, 0, "export error: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "export error: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - fwrite (buffer, 1, size, outfile); - -@@ -1761,7 +1980,10 @@ generate_request (common_info_st * cinfo) - - ret = gnutls_x509_crq_init (&crq); - if (ret < 0) -- error (EXIT_FAILURE, 0, "crq_init: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "crq_init: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - - /* Load the private key. -@@ -1771,7 +1993,10 @@ generate_request (common_info_st * cinfo) - { - ret = gnutls_privkey_init (&pkey); - if (ret < 0) -- error (EXIT_FAILURE, 0, "privkey_init: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "privkey_init: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - xkey = generate_private_key_int (cinfo); - -@@ -1779,7 +2004,10 @@ generate_request (common_info_st * cinfo) - - ret = gnutls_privkey_import_x509(pkey, xkey, GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE); - if (ret < 0) -- error (EXIT_FAILURE, 0, "privkey_import_x509: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "privkey_import_x509: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - } - - pubkey = load_public_key_or_import (1, pkey, cinfo); -@@ -1812,7 +2040,10 @@ generate_request (common_info_st * cinfo) - { - ret = gnutls_x509_crq_set_challenge_password (crq, pass); - if (ret < 0) -- error (EXIT_FAILURE, 0, "set_pass: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "set_pass: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - } - - if (cinfo->crq_extensions != 0) -@@ -1825,8 +2056,11 @@ generate_request (common_info_st * cinfo) - - ret = gnutls_x509_crq_set_basic_constraints (crq, ca_status, path_len); - if (ret < 0) -- error (EXIT_FAILURE, 0, "set_basic_constraints: %s", -+ { -+ fprintf(stderr, "set_basic_constraints: %s", - gnutls_strerror (ret)); -+ exit(1); -+ } - - if (pk == GNUTLS_PK_RSA) - { -@@ -1861,7 +2095,10 @@ generate_request (common_info_st * cinfo) - ret = gnutls_x509_crq_set_key_purpose_oid - (crq, GNUTLS_KP_CODE_SIGNING, 0); - if (ret < 0) -- error (EXIT_FAILURE, 0, "key_kp: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "key_kp: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - } - - ret = get_ocsp_sign_status (); -@@ -1870,7 +2107,10 @@ generate_request (common_info_st * cinfo) - ret = gnutls_x509_crq_set_key_purpose_oid - (crq, GNUTLS_KP_OCSP_SIGNING, 0); - if (ret < 0) -- error (EXIT_FAILURE, 0, "key_kp: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "key_kp: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - } - - ret = get_time_stamp_status (); -@@ -1879,7 +2119,10 @@ generate_request (common_info_st * cinfo) - ret = gnutls_x509_crq_set_key_purpose_oid - (crq, GNUTLS_KP_TIME_STAMPING, 0); - if (ret < 0) -- error (EXIT_FAILURE, 0, "key_kp: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "key_kp: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - } - - ret = get_ipsec_ike_status (); -@@ -1888,13 +2131,19 @@ generate_request (common_info_st * cinfo) - ret = gnutls_x509_crq_set_key_purpose_oid - (crq, GNUTLS_KP_IPSEC_IKE, 0); - if (ret < 0) -- error (EXIT_FAILURE, 0, "key_kp: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "key_kp: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - } - } - - ret = gnutls_x509_crq_set_key_usage (crq, usage); - if (ret < 0) -- error (EXIT_FAILURE, 0, "key_usage: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "key_usage: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - ret = get_tls_client_status (); - if (ret != 0) -@@ -1902,7 +2151,10 @@ generate_request (common_info_st * cinfo) - ret = gnutls_x509_crq_set_key_purpose_oid - (crq, GNUTLS_KP_TLS_WWW_CLIENT, 0); - if (ret < 0) -- error (EXIT_FAILURE, 0, "key_kp: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "key_kp: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - } - - ret = get_tls_server_status (); -@@ -1911,7 +2163,10 @@ generate_request (common_info_st * cinfo) - ret = gnutls_x509_crq_set_key_purpose_oid - (crq, GNUTLS_KP_TLS_WWW_SERVER, 0); - if (ret < 0) -- error (EXIT_FAILURE, 0, "key_kp: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "key_kp: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - } - - get_key_purpose_set (TYPE_CRQ, crq); -@@ -1919,11 +2174,17 @@ generate_request (common_info_st * cinfo) - - ret = gnutls_x509_crq_set_pubkey (crq, pubkey); - if (ret < 0) -- error (EXIT_FAILURE, 0, "set_key: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "set_key: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - ret = gnutls_x509_crq_privkey_sign (crq, pkey, get_dig_for_pub (pubkey), 0); - if (ret < 0) -- error (EXIT_FAILURE, 0, "sign: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "sign: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - print_crq_info (crq, outfile); - -@@ -1950,13 +2211,19 @@ static int detailed_verification(gnutls_x509_crt_t cert, - ret = - gnutls_x509_crt_get_issuer_dn (cert, issuer_name, &issuer_name_size); - if (ret < 0) -- error (EXIT_FAILURE, 0, "gnutls_x509_crt_get_issuer_dn: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "gnutls_x509_crt_get_issuer_dn: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - name_size = sizeof (name); - ret = - gnutls_x509_crt_get_dn (cert, name, &name_size); - if (ret < 0) -- error (EXIT_FAILURE, 0, "gnutls_x509_crt_get_dn: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "gnutls_x509_crt_get_dn: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - fprintf (outfile, "\tSubject: %s\n", name); - fprintf (outfile, "\tIssuer: %s\n", issuer_name); -@@ -1967,7 +2234,10 @@ static int detailed_verification(gnutls_x509_crt_t cert, - ret = - gnutls_x509_crt_get_dn (issuer, issuer_name, &issuer_name_size); - if (ret < 0) -- error (EXIT_FAILURE, 0, "gnutls_x509_crt_get_issuer_dn: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "gnutls_x509_crt_get_issuer_dn: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - fprintf (outfile, "\tChecked against: %s\n", issuer_name); - } -@@ -1980,7 +2250,10 @@ static int detailed_verification(gnutls_x509_crt_t cert, - ret = - gnutls_x509_crl_get_issuer_dn (crl, issuer_name, &issuer_name_size); - if (ret < 0) -- error (EXIT_FAILURE, 0, "gnutls_x509_crl_get_issuer_dn: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "gnutls_x509_crl_get_issuer_dn: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - name_size = sizeof(tmp); - ret = gnutls_x509_crl_get_number(crl, tmp, &name_size, NULL); -@@ -1994,7 +2267,10 @@ static int detailed_verification(gnutls_x509_crt_t cert, - name_size = sizeof(name); - ret = gnutls_hex_encode(&data, name, &name_size); - if (ret < 0) -- error (EXIT_FAILURE, 0, "gnutls_hex_encode: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "gnutls_hex_encode: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - } - fprintf (outfile, "\tChecked against CRL[%s] of: %s\n", name, issuer_name); - } -@@ -2025,8 +2301,11 @@ _verify_x509_mem (const void *cert, int cert_size, const void* ca, int ca_size) - - ret = gnutls_x509_trust_list_init(&list, 0); - if (ret < 0) -- error (EXIT_FAILURE, 0, "gnutls_x509_trust_list_init: %s", -+ { -+ fprintf(stderr, "gnutls_x509_trust_list_init: %s", - gnutls_strerror (ret)); -+ exit(1); -+ } - - if (ca == NULL) - { -@@ -2042,8 +2321,11 @@ _verify_x509_mem (const void *cert, int cert_size, const void* ca, int ca_size) - ret = gnutls_x509_crt_list_import2( &x509_ca_list, &x509_ncas, &tmp, - GNUTLS_X509_FMT_PEM, 0); - if (ret < 0 || x509_ncas < 1) -- error (EXIT_FAILURE, 0, "error parsing CAs: %s", -+ { -+ fprintf(stderr, "error parsing CAs: %s", - gnutls_strerror (ret)); -+ exit(1); -+ } - } - - ret = gnutls_x509_crl_list_import2( &x509_crl_list, &x509_ncrls, &tmp, -@@ -2061,8 +2343,11 @@ _verify_x509_mem (const void *cert, int cert_size, const void* ca, int ca_size) - ret = gnutls_x509_crt_list_import2( &x509_cert_list, &x509_ncerts, &tmp, - GNUTLS_X509_FMT_PEM, 0); - if (ret < 0 || x509_ncerts < 1) -- error (EXIT_FAILURE, 0, "error parsing CRTs: %s", -+ { -+ fprintf(stderr, "error parsing CRTs: %s", - gnutls_strerror (ret)); -+ exit(1); -+ } - - if (ca == NULL) - { -@@ -2075,13 +2360,19 @@ _verify_x509_mem (const void *cert, int cert_size, const void* ca, int ca_size) - - ret = gnutls_x509_trust_list_add_cas(list, x509_ca_list, x509_ncas, 0); - if (ret < 0) -- error (EXIT_FAILURE, 0, "gnutls_x509_trust_add_cas: %s", -+ { -+ fprintf(stderr, "gnutls_x509_trust_add_cas: %s", - gnutls_strerror (ret)); -+ exit(1); -+ } - - ret = gnutls_x509_trust_list_add_crls(list, x509_crl_list, x509_ncrls, 0, 0); - if (ret < 0) -- error (EXIT_FAILURE, 0, "gnutls_x509_trust_add_crls: %s", -+ { -+ fprintf(stderr, "gnutls_x509_trust_add_crls: %s", - gnutls_strerror (ret)); -+ exit(1); -+ } - - gnutls_free(x509_crl_list); - -@@ -2089,8 +2380,11 @@ _verify_x509_mem (const void *cert, int cert_size, const void* ca, int ca_size) - GNUTLS_VERIFY_DO_NOT_ALLOW_SAME|GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT, &output, - detailed_verification); - if (ret < 0) -- error (EXIT_FAILURE, 0, "gnutls_x509_trusted_list_verify_crt: %s", -+ { -+ fprintf(stderr, "gnutls_x509_trusted_list_verify_crt: %s", - gnutls_strerror (ret)); -+ exit(1); -+ } - - fprintf (outfile, "Chain verification output: "); - print_verification_res(outfile, output); -@@ -2140,7 +2434,10 @@ verify_chain (void) - - buf = (void*)fread_file (infile, &size); - if (buf == NULL) -- error (EXIT_FAILURE, errno, "reading chain"); -+ { -+ fprintf(stderr, "reading chain"); -+ exit(1); -+ } - - buf[size] = 0; - -@@ -2157,17 +2454,26 @@ verify_certificate (common_info_st * cinfo) - FILE * ca_file = fopen(cinfo->ca, "r"); - - if (ca_file == NULL) -- error (EXIT_FAILURE, errno, "opening CA file"); -+ { -+ fprintf(stderr, "opening CA file"); -+ exit(1); -+ } - - cert = (void*)fread_file (infile, &cert_size); - if (cert == NULL) -- error (EXIT_FAILURE, errno, "reading certificate chain"); -+ { -+ fprintf(stderr, "reading certificate chain"); -+ exit(1); -+ } - - cert[cert_size] = 0; - - cas = (void*)fread_file (ca_file, &ca_size); - if (cas == NULL) -- error (EXIT_FAILURE, errno, "reading CA list"); -+ { -+ fprintf(stderr, "reading CA list"); -+ exit(1); -+ } - - cas[ca_size] = 0; - fclose(ca_file); -@@ -2195,13 +2501,19 @@ verify_crl (common_info_st * cinfo) - dn_size = sizeof (dn); - ret = gnutls_x509_crt_get_dn (issuer, dn, &dn_size); - if (ret < 0) -- error (EXIT_FAILURE, 0, "crt_get_dn: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "crt_get_dn: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - fprintf (outfile, "\tSubject: %s\n\n", dn); - - ret = gnutls_x509_crl_init (&crl); - if (ret < 0) -- error (EXIT_FAILURE, 0, "crl_init: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "crl_init: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - pem.data = (void*)fread_file (infile, &size); - pem.size = size; -@@ -2209,14 +2521,20 @@ verify_crl (common_info_st * cinfo) - ret = gnutls_x509_crl_import (crl, &pem, incert_format); - free (pem.data); - if (ret < 0) -- error (EXIT_FAILURE, 0, "import error: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "import error: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - print_crl_info (crl, outfile); - - fprintf (outfile, "Verification output: "); - ret = gnutls_x509_crl_verify (crl, &issuer, 1, 0, &output); - if (ret < 0) -- error (EXIT_FAILURE, 0, "verification error: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "verification error: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - if (output) - { -@@ -2265,7 +2583,10 @@ generate_pkcs8 (common_info_st * cinfo) - password, flags, buffer, &size); - - if (result < 0) -- error (EXIT_FAILURE, 0, "key_export: %s", gnutls_strerror (result)); -+ { -+ fprintf(stderr, "key_export: %s", gnutls_strerror (result)); -+ exit(1); -+ } - - fwrite (buffer, 1, size, outfile); - -@@ -2302,7 +2623,10 @@ generate_pkcs12 (common_info_st * cinfo) - - result = gnutls_pkcs12_init (&pkcs12); - if (result < 0) -- error (EXIT_FAILURE, 0, "pkcs12_init: %s", gnutls_strerror (result)); -+ { -+ fprintf(stderr, "pkcs12_init: %s", gnutls_strerror (result)); -+ exit(1); -+ } - - pass = get_password(cinfo, &flags, 1); - flags |= cipher_to_flags (cinfo->pkcs_cipher); -@@ -2313,12 +2637,18 @@ generate_pkcs12 (common_info_st * cinfo) - - result = gnutls_pkcs12_bag_init (&bag); - if (result < 0) -- error (EXIT_FAILURE, 0, "bag_init: %s", gnutls_strerror (result)); -+ { -+ fprintf(stderr, "bag_init: %s", gnutls_strerror (result)); -+ exit(1); -+ } - - result = gnutls_pkcs12_bag_set_crt (bag, crts[i]); - if (result < 0) -- error (EXIT_FAILURE, 0, "set_crt[%d]: %s", i, -+ { -+ fprintf(stderr, "set_crt[%d]: %s", i, - gnutls_strerror (result)); -+ exit(1); -+ } - - indx = result; - -@@ -2326,31 +2656,46 @@ generate_pkcs12 (common_info_st * cinfo) - { - result = gnutls_pkcs12_bag_set_friendly_name (bag, indx, name); - if (result < 0) -- error (EXIT_FAILURE, 0, "bag_set_friendly_name: %s", -+ { -+ fprintf(stderr, "bag_set_friendly_name: %s", - gnutls_strerror (result)); -+ exit(1); -+ } - } - - size = sizeof (_key_id); - result = gnutls_x509_crt_get_key_id (crts[i], 0, _key_id, &size); - if (result < 0) -- error (EXIT_FAILURE, 0, "key_id[%d]: %s", i, -+ { -+ fprintf(stderr, "key_id[%d]: %s", i, - gnutls_strerror (result)); -+ exit(1); -+ } - - key_id.data = _key_id; - key_id.size = size; - - result = gnutls_pkcs12_bag_set_key_id (bag, indx, &key_id); - if (result < 0) -- error (EXIT_FAILURE, 0, "bag_set_key_id: %s", -+ { -+ fprintf(stderr, "bag_set_key_id: %s", - gnutls_strerror (result)); -+ exit(1); -+ } - - result = gnutls_pkcs12_bag_encrypt (bag, pass, flags); - if (result < 0) -- error (EXIT_FAILURE, 0, "bag_encrypt: %s", gnutls_strerror (result)); -+ { -+ fprintf(stderr, "bag_encrypt: %s", gnutls_strerror (result)); -+ exit(1); -+ } - - result = gnutls_pkcs12_set_bag (pkcs12, bag); - if (result < 0) -- error (EXIT_FAILURE, 0, "set_bag: %s", gnutls_strerror (result)); -+ { -+ fprintf(stderr, "set_bag: %s", gnutls_strerror (result)); -+ exit(1); -+ } - } - - for (i = 0; i < nkeys; i++) -@@ -2359,14 +2704,20 @@ generate_pkcs12 (common_info_st * cinfo) - - result = gnutls_pkcs12_bag_init (&kbag); - if (result < 0) -- error (EXIT_FAILURE, 0, "bag_init: %s", gnutls_strerror (result)); -+ { -+ fprintf(stderr, "bag_init: %s", gnutls_strerror (result)); -+ exit(1); -+ } - - size = buffer_size; - result = - gnutls_x509_privkey_export_pkcs8 (keys[i], GNUTLS_X509_FMT_DER, - pass, flags, buffer, &size); - if (result < 0) -- error (EXIT_FAILURE, 0, "key_export[%d]: %s", i, gnutls_strerror (result)); -+ { -+ fprintf(stderr, "key_export[%d]: %s", i, gnutls_strerror (result)); -+ exit(1); -+ } - - data.data = buffer; - data.size = size; -@@ -2374,41 +2725,62 @@ generate_pkcs12 (common_info_st * cinfo) - gnutls_pkcs12_bag_set_data (kbag, - GNUTLS_BAG_PKCS8_ENCRYPTED_KEY, &data); - if (result < 0) -- error (EXIT_FAILURE, 0, "bag_set_data: %s", gnutls_strerror (result)); -+ { -+ fprintf(stderr, "bag_set_data: %s", gnutls_strerror (result)); -+ exit(1); -+ } - - indx = result; - - result = gnutls_pkcs12_bag_set_friendly_name (kbag, indx, name); - if (result < 0) -- error (EXIT_FAILURE, 0, "bag_set_friendly_name: %s", -+ { -+ fprintf(stderr, "bag_set_friendly_name: %s", - gnutls_strerror (result)); -+ exit(1); -+ } - - size = sizeof (_key_id); - result = gnutls_x509_privkey_get_key_id (keys[i], 0, _key_id, &size); - if (result < 0) -- error (EXIT_FAILURE, 0, "key_id[%d]: %s", i, gnutls_strerror (result)); -+ { -+ fprintf(stderr, "key_id[%d]: %s", i, gnutls_strerror (result)); -+ exit(1); -+ } - - key_id.data = _key_id; - key_id.size = size; - - result = gnutls_pkcs12_bag_set_key_id (kbag, indx, &key_id); - if (result < 0) -- error (EXIT_FAILURE, 0, "bag_set_key_id: %s", -+ { -+ fprintf(stderr, "bag_set_key_id: %s", - gnutls_strerror (result)); -+ exit(1); -+ } - - result = gnutls_pkcs12_set_bag (pkcs12, kbag); - if (result < 0) -- error (EXIT_FAILURE, 0, "set_bag: %s", gnutls_strerror (result)); -+ { -+ fprintf(stderr, "set_bag: %s", gnutls_strerror (result)); -+ exit(1); -+ } - } - - result = gnutls_pkcs12_generate_mac (pkcs12, pass); - if (result < 0) -- error (EXIT_FAILURE, 0, "generate_mac: %s", gnutls_strerror (result)); -+ { -+ fprintf(stderr, "generate_mac: %s", gnutls_strerror (result)); -+ exit(1); -+ } - - size = buffer_size; - result = gnutls_pkcs12_export (pkcs12, outcert_format, buffer, &size); - if (result < 0) -- error (EXIT_FAILURE, 0, "pkcs12_export: %s", gnutls_strerror (result)); -+ { -+ fprintf(stderr, "pkcs12_export: %s", gnutls_strerror (result)); -+ exit(1); -+ } - - fwrite (buffer, 1, size, outfile); - -@@ -2449,7 +2821,10 @@ print_bag_data (gnutls_pkcs12_bag_t bag) - - count = gnutls_pkcs12_bag_get_count (bag); - if (count < 0) -- error (EXIT_FAILURE, 0, "get_count: %s", gnutls_strerror (count)); -+ { -+ fprintf(stderr, "get_count: %s", gnutls_strerror (count)); -+ exit(1); -+ } - - fprintf (outfile, "\tElements: %d\n", count); - -@@ -2457,15 +2832,22 @@ print_bag_data (gnutls_pkcs12_bag_t bag) - { - type = gnutls_pkcs12_bag_get_type (bag, i); - if (type < 0) -- error (EXIT_FAILURE, 0, "get_type: %s", gnutls_strerror (type)); -+ { -+ fprintf(stderr, "get_type: %s", gnutls_strerror (type)); -+ exit(1); -+ } - - fprintf (stderr, "\tType: %s\n", BAGTYPE (type)); - - name = NULL; - result = gnutls_pkcs12_bag_get_friendly_name (bag, i, (char **) &name); - if (result < 0) -- error (EXIT_FAILURE, 0, "get_friendly_name: %s", -+ { -+ fprintf(stderr, "get_friendly_name: %s", - gnutls_strerror (type)); -+ exit(1); -+ } -+ - if (name) - fprintf (outfile, "\tFriendly name: %s\n", name); - -@@ -2473,13 +2855,20 @@ print_bag_data (gnutls_pkcs12_bag_t bag) - id.size = 0; - result = gnutls_pkcs12_bag_get_key_id (bag, i, &id); - if (result < 0) -- error (EXIT_FAILURE, 0, "get_key_id: %s", gnutls_strerror (type)); -+ { -+ fprintf(stderr, "get_key_id: %s", gnutls_strerror (type)); -+ exit(1); -+ } -+ - if (id.size > 0) - fprintf (outfile, "\tKey ID: %s\n", raw_to_string (id.data, id.size)); - - result = gnutls_pkcs12_bag_get_data (bag, i, &cdata); - if (result < 0) -- error (EXIT_FAILURE, 0, "get_data: %s", gnutls_strerror (result)); -+ { -+ fprintf(stderr, "get_data: %s", gnutls_strerror (result)); -+ exit(1); -+ } - - switch (type) - { -@@ -2525,7 +2914,10 @@ pkcs12_info (common_info_st* cinfo) - - result = gnutls_pkcs12_init (&pkcs12); - if (result < 0) -- error (EXIT_FAILURE, 0, "p12_init: %s", gnutls_strerror (result)); -+ { -+ fprintf(stderr, "p12_init: %s", gnutls_strerror (result)); -+ exit(1); -+ } - - data.data = (void*)fread_file (infile, &size); - data.size = size; -@@ -2533,7 +2925,10 @@ pkcs12_info (common_info_st* cinfo) - result = gnutls_pkcs12_import (pkcs12, &data, incert_format, 0); - free (data.data); - if (result < 0) -- error (EXIT_FAILURE, 0, "p12_import: %s", gnutls_strerror (result)); -+ { -+ fprintf(stderr, "p12_import: %s", gnutls_strerror (result)); -+ exit(1); -+ } - - pass = get_password(cinfo, NULL, 0); - -@@ -2541,14 +2936,17 @@ pkcs12_info (common_info_st* cinfo) - if (result < 0) - { - fail = 1; -- error (0, 0, "verify_mac: %s", gnutls_strerror (result)); -+ fprintf (stderr, "verify_mac: %s", gnutls_strerror (result)); - } - - for (indx = 0;; indx++) - { - result = gnutls_pkcs12_bag_init (&bag); - if (result < 0) -- error (EXIT_FAILURE, 0, "bag_init: %s", gnutls_strerror (result)); -+ { -+ fprintf(stderr, "bag_init: %s", gnutls_strerror (result)); -+ exit(1); -+ } - - result = gnutls_pkcs12_get_bag (pkcs12, indx, bag); - if (result < 0) -@@ -2556,13 +2954,19 @@ pkcs12_info (common_info_st* cinfo) - - result = gnutls_pkcs12_bag_get_count (bag); - if (result < 0) -- error (EXIT_FAILURE, 0, "bag_count: %s", gnutls_strerror (result)); -+ { -+ fprintf(stderr, "bag_count: %s", gnutls_strerror (result)); -+ exit(1); -+ } - - fprintf (outfile, "BAG #%d\n", indx); - - result = gnutls_pkcs12_bag_get_type (bag, 0); - if (result < 0) -- error (EXIT_FAILURE, 0, "bag_init: %s", gnutls_strerror (result)); -+ { -+ fprintf(stderr, "bag_init: %s", gnutls_strerror (result)); -+ exit(1); -+ } - - if (result == GNUTLS_BAG_ENCRYPTED) - { -@@ -2574,14 +2978,17 @@ pkcs12_info (common_info_st* cinfo) - if (result < 0) - { - fail = 1; -- error (0, 0, "bag_decrypt: %s", gnutls_strerror (result)); -+ fprintf(stderr, "bag_decrypt: %s", gnutls_strerror (result)); - continue; - } - - result = gnutls_pkcs12_bag_get_count (bag); - if (result < 0) -- error (EXIT_FAILURE, 0, "encrypted bag_count: %s", -+ { -+ fprintf(stderr, "encrypted bag_count: %s", - gnutls_strerror (result)); -+ exit(1); -+ } - } - - print_bag_data (bag); -@@ -2590,7 +2997,10 @@ pkcs12_info (common_info_st* cinfo) - } - - if (fail) -- error (EXIT_FAILURE, 0, "There were errors parsing the structure\n"); -+ { -+ fprintf(stderr, "There were errors parsing the structure\n"); -+ exit(1); -+ } - } - - void -@@ -2604,7 +3014,10 @@ pkcs7_info (void) - - result = gnutls_pkcs7_init (&pkcs7); - if (result < 0) -- error (EXIT_FAILURE, 0, "p7_init: %s", gnutls_strerror (result)); -+ { -+ fprintf(stderr, "p7_init: %s", gnutls_strerror (result)); -+ exit(1); -+ } - - data.data = (void*)fread_file (infile, &size); - data.size = size; -@@ -2612,13 +3025,19 @@ pkcs7_info (void) - result = gnutls_pkcs7_import (pkcs7, &data, incert_format); - free (data.data); - if (result < 0) -- error (EXIT_FAILURE, 0, "import error: %s", gnutls_strerror (result)); -+ { -+ fprintf(stderr, "import error: %s", gnutls_strerror (result)); -+ exit(1); -+ } - - /* Read and print the certificates. - */ - result = gnutls_pkcs7_get_crt_count (pkcs7); - if (result < 0) -- error (EXIT_FAILURE, 0, "p7_crt_count: %s", gnutls_strerror (result)); -+ { -+ fprintf(stderr, "p7_crt_count: %s", gnutls_strerror (result)); -+ exit(1); -+ } - - count = result; - -@@ -2639,7 +3058,10 @@ pkcs7_info (void) - - result = gnutls_pem_base64_encode_alloc ("CERTIFICATE", &data, &b64); - if (result < 0) -- error (EXIT_FAILURE, 0, "encoding: %s", gnutls_strerror (result)); -+ { -+ fprintf(stderr, "encoding: %s", gnutls_strerror (result)); -+ exit(1); -+ } - - fputs ((void*)b64.data, outfile); - gnutls_free (b64.data); -@@ -2649,7 +3071,10 @@ pkcs7_info (void) - */ - result = gnutls_pkcs7_get_crl_count (pkcs7); - if (result < 0) -- error (EXIT_FAILURE, 0, "p7_crl_count: %s", gnutls_strerror (result)); -+ { -+ fprintf(stderr, "p7_crl_count: %s", gnutls_strerror (result)); -+ exit(1); -+ } - - count = result; - -@@ -2670,7 +3095,10 @@ pkcs7_info (void) - - result = gnutls_pem_base64_encode_alloc ("X509 CRL", &data, &b64); - if (result < 0) -- error (EXIT_FAILURE, 0, "encoding: %s", gnutls_strerror (result)); -+ { -+ fprintf(stderr, "encoding: %s", gnutls_strerror (result)); -+ exit(1); -+ } - - fputs ((void*)b64.data, outfile); - gnutls_free (b64.data); -@@ -2690,7 +3118,10 @@ smime_to_pkcs7 (void) - { - len = getline (&lineptr, &linesize, infile); - if (len == -1) -- error (EXIT_FAILURE, 0, "cannot find RFC 2822 header/body separator"); -+ { -+ fprintf(stderr, "cannot find RFC 2822 header/body separator"); -+ exit(1); -+ } - } - while (strcmp (lineptr, "\r\n") != 0 && strcmp (lineptr, "\n") != 0); - -@@ -2698,7 +3129,10 @@ smime_to_pkcs7 (void) - { - len = getline (&lineptr, &linesize, infile); - if (len == -1) -- error (EXIT_FAILURE, 0, "message has RFC 2822 header but no body"); -+ { -+ fprintf(stderr, "message has RFC 2822 header but no body"); -+ exit(1); -+ } - } - while (strcmp (lineptr, "\r\n") == 0 && strcmp (lineptr, "\n") == 0); - -@@ -2733,7 +3167,8 @@ pubkey_info (gnutls_x509_crt_t crt, common_info_st * cinfo) - ret = gnutls_pubkey_init (&pubkey); - if (ret < 0) - { -- error (EXIT_FAILURE, 0, "pubkey_init: %s", gnutls_strerror (ret)); -+ fprintf(stderr, "pubkey_init: %s", gnutls_strerror (ret)); -+ exit(1); - } - - if (crt == NULL) -@@ -2750,15 +3185,21 @@ pubkey_info (gnutls_x509_crt_t crt, common_info_st * cinfo) - { - ret = gnutls_pubkey_import_x509 (pubkey, crt, 0); - if (ret < 0) -- error (EXIT_FAILURE, 0, "pubkey_import_x509: %s", -+ { -+ fprintf(stderr, "pubkey_import_x509: %s", - gnutls_strerror (ret)); -+ exit(1); -+ } - } - else if (crq != NULL) - { - ret = gnutls_pubkey_import_x509_crq (pubkey, crq, 0); - if (ret < 0) -- error (EXIT_FAILURE, 0, "pubkey_import_x509_crq: %s", -+ { -+ fprintf(stderr, "pubkey_import_x509_crq: %s", - gnutls_strerror (ret)); -+ exit(1); -+ } - } - else - { -@@ -2768,8 +3209,11 @@ pubkey_info (gnutls_x509_crt_t crt, common_info_st * cinfo) - { - ret = gnutls_pubkey_import_privkey(pubkey, privkey, 0, 0); - if (ret < 0) -- error (EXIT_FAILURE, 0, "pubkey_import_privkey: %s", -+ { -+ fprintf(stderr, "pubkey_import_privkey: %s", - gnutls_strerror (ret)); -+ exit(1); -+ } - } - else - { -@@ -2783,7 +3227,10 @@ pubkey_info (gnutls_x509_crt_t crt, common_info_st * cinfo) - size = buffer_size; - ret = gnutls_pubkey_export (pubkey, outcert_format, buffer, &size); - if (ret < 0) -- error (EXIT_FAILURE, 0, "export error: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "export error: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - fwrite (buffer, 1, size, outfile); - -diff --git a/src/danetool.c b/src/danetool.c -index 5c27321..07921c9 100644 ---- a/src/danetool.c -+++ b/src/danetool.c -@@ -42,7 +42,6 @@ - #include - #include - #include --#include - - /* Gnulib portability files. */ - #include -@@ -95,7 +94,10 @@ cmd_parser (int argc, char **argv) - { - outfile = safe_open_rw (OPT_ARG(OUTFILE), privkey_op); - if (outfile == NULL) -- error (EXIT_FAILURE, errno, "%s", OPT_ARG(OUTFILE)); -+ { -+ fprintf (stderr, "%s", OPT_ARG(OUTFILE)); -+ exit(1); -+ } - } - else - outfile = stdout; -@@ -122,7 +124,10 @@ cmd_parser (int argc, char **argv) - else if (strcasecmp (OPT_ARG(HASH), "rmd160") == 0) - default_dig = GNUTLS_DIG_RMD160; - else -- error (EXIT_FAILURE, 0, "invalid hash: %s", OPT_ARG(HASH)); -+ { -+ fprintf (stderr, "invalid hash: %s", OPT_ARG(HASH)); -+ exit(1); -+ } - } - - gnutls_global_set_log_function (tls_log_func); -@@ -134,7 +139,10 @@ cmd_parser (int argc, char **argv) - } - - if ((ret = gnutls_global_init ()) < 0) -- error (EXIT_FAILURE, 0, "global_init: %s", gnutls_strerror (ret)); -+ { -+ fprintf (stderr, "global_init: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - #ifdef ENABLE_PKCS11 - pkcs11_common(); -@@ -207,31 +215,46 @@ unsigned vflags = DANE_VFLAG_FAIL_IF_NOT_CHECKED; - printf("Querying %s (%s:%d)...\n", host, proto, port); - ret = dane_state_init(&s, flags); - if (ret < 0) -- error (EXIT_FAILURE, 0, "dane_state_init: %s", dane_strerror (ret)); -+ { -+ fprintf (stderr, "dane_state_init: %s", dane_strerror (ret)); -+ exit(1); -+ } - - if (HAVE_OPT(DLV)) - { - ret = dane_state_set_dlv_file(s, OPT_ARG(DLV)); - if (ret < 0) -- error (EXIT_FAILURE, 0, "dane_state_set_dlv_file: %s", dane_strerror (ret)); -+ { -+ fprintf (stderr, "dane_state_set_dlv_file: %s", dane_strerror (ret)); -+ exit(1); -+ } - } - - ret = dane_query_tlsa(s, &q, host, proto, port); - if (ret < 0) -- error (EXIT_FAILURE, 0, "dane_query_tlsa: %s", dane_strerror (ret)); -+ { -+ fprintf (stderr, "dane_query_tlsa: %s", dane_strerror (ret)); -+ exit(1); -+ } - - entries = dane_query_entries(q); - for (i=0;i 1) printf("\nEntry %d:\n", i+1); - -@@ -249,11 +272,17 @@ unsigned vflags = DANE_VFLAG_FAIL_IF_NOT_CHECKED; - - ret = gnutls_load_file(cinfo->cert, &file); - if (ret < 0) -- error (EXIT_FAILURE, 0, "gnutls_load_file: %s", gnutls_strerror (ret)); -+ { -+ fprintf (stderr, "gnutls_load_file: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - ret = gnutls_x509_crt_list_import2( &clist, &clist_size, &file, cinfo->incert_format, 0); - if (ret < 0) -- error (EXIT_FAILURE, 0, "gnutls_x509_crt_list_import2: %s", gnutls_strerror (ret)); -+ { -+ fprintf (stderr, "gnutls_x509_crt_list_import2: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - if (clist_size > 0) - { -@@ -265,17 +294,26 @@ unsigned vflags = DANE_VFLAG_FAIL_IF_NOT_CHECKED; - { - ret = gnutls_x509_crt_export2( clist[i], GNUTLS_X509_FMT_DER, &certs[i]); - if (ret < 0) -- error (EXIT_FAILURE, 0, "gnutls_x509_crt_export2: %s", gnutls_strerror (ret)); -+ { -+ fprintf (stderr, "gnutls_x509_crt_export2: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - } - - ret = dane_verify_crt( s, certs, clist_size, GNUTLS_CRT_X509, - host, proto, port, 0, vflags, &status); - if (ret < 0) -- error (EXIT_FAILURE, 0, "dane_verify_crt: %s", dane_strerror (ret)); -+ { -+ fprintf (stderr, "dane_verify_crt: %s", dane_strerror (ret)); -+ exit(1); -+ } - - ret = dane_verification_status_print(status, &out, 0); - if (ret < 0) -- error (EXIT_FAILURE, 0, "dane_verification_status_print: %s", dane_strerror (ret)); -+ { -+ fprintf( stderr, "dane_verification_status_print: %s", dane_strerror (ret)); -+ exit(1); -+ } - - printf("\nVerification: %s\n", out.data); - gnutls_free(out.data); -@@ -331,7 +369,10 @@ static void dane_info(const char* host, const char* proto, unsigned int port, - size = buffer_size; - ret = gnutls_x509_crt_export (crt, GNUTLS_X509_FMT_DER, buffer, &size); - if (ret < 0) -- error (EXIT_FAILURE, 0, "export error: %s", gnutls_strerror (ret)); -+ { -+ fprintf( stderr, "export error: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - gnutls_x509_crt_deinit (crt); - } -@@ -341,7 +382,10 @@ static void dane_info(const char* host, const char* proto, unsigned int port, - - ret = gnutls_pubkey_init (&pubkey); - if (ret < 0) -- error (EXIT_FAILURE, 0, "pubkey_init: %s", gnutls_strerror (ret)); -+ { -+ fprintf (stderr, "pubkey_init: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - if (crt != NULL) - { -@@ -349,16 +393,18 @@ static void dane_info(const char* host, const char* proto, unsigned int port, - ret = gnutls_pubkey_import_x509 (pubkey, crt, 0); - if (ret < 0) - { -- error (EXIT_FAILURE, 0, "pubkey_import_x509: %s", -+ fprintf (stderr, "pubkey_import_x509: %s", - gnutls_strerror (ret)); -+ exit(1); - } - - size = buffer_size; - ret = gnutls_pubkey_export (pubkey, GNUTLS_X509_FMT_DER, buffer, &size); - if (ret < 0) - { -- error (EXIT_FAILURE, 0, "pubkey_export: %s", -+ fprintf( stderr, "pubkey_export: %s", - gnutls_strerror (ret)); -+ exit(1); - } - - gnutls_x509_crt_deinit(crt); -@@ -370,7 +416,10 @@ static void dane_info(const char* host, const char* proto, unsigned int port, - size = buffer_size; - ret = gnutls_pubkey_export (pubkey, GNUTLS_X509_FMT_DER, buffer, &size); - if (ret < 0) -- error (EXIT_FAILURE, 0, "export error: %s", gnutls_strerror (ret)); -+ { -+ fprintf (stderr, "export error: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - } - - gnutls_pubkey_deinit (pubkey); -@@ -384,7 +433,10 @@ static void dane_info(const char* host, const char* proto, unsigned int port, - - ret = gnutls_hash_fast(default_dig, buffer, size, digest); - if (ret < 0) -- error (EXIT_FAILURE, 0, "hash error: %s", gnutls_strerror (ret)); -+ { -+ fprintf( stderr, "hash error: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - if (default_dig == GNUTLS_DIG_SHA256) - type = 1; -@@ -408,7 +460,10 @@ static void dane_info(const char* host, const char* proto, unsigned int port, - size = buffer_size; - ret = gnutls_hex_encode(&t, (void*)buffer, &size); - if (ret < 0) -- error (EXIT_FAILURE, 0, "hex encode error: %s", gnutls_strerror (ret)); -+ { -+ fprintf (stderr, "hex encode error: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - fprintf(outfile, "_%u._%s.%s. IN TLSA ( %.2x %.2x %.2x %s )\n", port, proto, host, usage, selector, type, buffer); - -diff --git a/src/ocsptool-common.c b/src/ocsptool-common.c -index 060f114..4bc3f59 100644 ---- a/src/ocsptool-common.c -+++ b/src/ocsptool-common.c -@@ -31,7 +31,6 @@ - #include - - /* Gnulib portability files. */ --#include - #include - #include - -@@ -83,12 +82,18 @@ _generate_request (gnutls_x509_crt_t cert, gnutls_x509_crt_t issuer, - - ret = gnutls_ocsp_req_init (&req); - if (ret < 0) -- error (EXIT_FAILURE, 0, "ocsp_req_init: %s", gnutls_strerror (ret)); -+ { -+ fprintf( stderr, "ocsp_req_init: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - ret = gnutls_ocsp_req_add_cert (req, GNUTLS_DIG_SHA1, - issuer, cert); - if (ret < 0) -- error (EXIT_FAILURE, 0, "ocsp_req_add_cert: %s", gnutls_strerror (ret)); -+ { -+ fprintf( stderr, "ocsp_req_add_cert: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - if (nonce) - { -@@ -97,17 +102,26 @@ _generate_request (gnutls_x509_crt_t cert, gnutls_x509_crt_t issuer, - - ret = gnutls_rnd (GNUTLS_RND_RANDOM, nonce.data, nonce.size); - if (ret < 0) -- error (EXIT_FAILURE, 0, "gnutls_rnd: %s", gnutls_strerror (ret)); -+ { -+ fprintf( stderr, "gnutls_rnd: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - ret = gnutls_ocsp_req_set_nonce (req, 0, &nonce); - if (ret < 0) -- error (EXIT_FAILURE, 0, "ocsp_req_set_nonce: %s", -+ { -+ fprintf( stderr, "ocsp_req_set_nonce: %s", - gnutls_strerror (ret)); -+ exit(1); -+ } - } - - ret = gnutls_ocsp_req_export (req, rdata); - if (ret != 0) -- error (EXIT_FAILURE, 0, "ocsp_req_export: %s", gnutls_strerror (ret)); -+ { -+ fprintf( stderr, "ocsp_req_export: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - gnutls_ocsp_req_deinit (req); - return; -@@ -321,11 +335,17 @@ check_ocsp_response (gnutls_x509_crt_t cert, - - ret = gnutls_ocsp_resp_init (&resp); - if (ret < 0) -- error (EXIT_FAILURE, 0, "ocsp_resp_init: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "ocsp_resp_init: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - ret = gnutls_ocsp_resp_import (resp, data); - if (ret < 0) -- error (EXIT_FAILURE, 0, "importing response: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "importing response: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - ret = gnutls_ocsp_resp_check_crt(resp, 0, cert); - if (ret < 0) -@@ -337,8 +357,11 @@ check_ocsp_response (gnutls_x509_crt_t cert, - - ret = gnutls_ocsp_resp_verify_direct( resp, issuer, &status, 0); - if (ret < 0) -- error (EXIT_FAILURE, 0, "gnutls_ocsp_resp_verify_direct: %s", -- gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "gnutls_ocsp_resp_verify_direct: %s", -+ gnutls_strerror (ret)); -+ exit(1); -+ } - - if (status != 0) - { -@@ -357,7 +380,10 @@ check_ocsp_response (gnutls_x509_crt_t cert, - ret = gnutls_ocsp_resp_get_single(resp, 0, NULL, NULL, NULL, NULL, - &cert_status, &vtime, &ntime, &rtime, NULL); - if (ret < 0) -- error (EXIT_FAILURE, 0, "reading response: %s", gnutls_strerror (ret)); -+ { -+ fprintf(stderr, "reading response: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - if (cert_status == GNUTLS_OCSP_CERT_REVOKED) - { -diff --git a/src/ocsptool.c b/src/ocsptool.c -index ffbb051..cd92c1d 100644 ---- a/src/ocsptool.c -+++ b/src/ocsptool.c -@@ -31,7 +31,6 @@ - #include - - /* Gnulib portability files. */ --#include - #include - #include - -@@ -59,24 +58,36 @@ request_info (void) - - ret = gnutls_ocsp_req_init (&req); - if (ret < 0) -- error (EXIT_FAILURE, 0, "ocsp_req_init: %s", gnutls_strerror (ret)); -+ { -+ fprintf (stderr, "ocsp_req_init: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - if (HAVE_OPT(LOAD_REQUEST)) - dat.data = (void*)read_binary_file (OPT_ARG(LOAD_REQUEST), &size); - else - dat.data = (void*)fread_file (infile, &size); - if (dat.data == NULL) -- error (EXIT_FAILURE, errno, "reading request"); -+ { -+ fprintf (stderr, "reading request"); -+ exit(1); -+ } - dat.size = size; - - ret = gnutls_ocsp_req_import (req, &dat); - free (dat.data); - if (ret < 0) -- error (EXIT_FAILURE, 0, "importing request: %s", gnutls_strerror (ret)); -+ { -+ fprintf (stderr, "importing request: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - ret = gnutls_ocsp_req_print (req, GNUTLS_OCSP_PRINT_FULL, &dat); - if (ret != 0) -- error (EXIT_FAILURE, 0, "ocsp_req_print: %s", gnutls_strerror (ret)); -+ { -+ fprintf (stderr, "ocsp_req_print: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - printf ("%.*s", dat.size, dat.data); - gnutls_free (dat.data); -@@ -93,18 +104,27 @@ _response_info (const gnutls_datum_t* data) - - ret = gnutls_ocsp_resp_init (&resp); - if (ret < 0) -- error (EXIT_FAILURE, 0, "ocsp_resp_init: %s", gnutls_strerror (ret)); -+ { -+ fprintf (stderr, "ocsp_resp_init: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - ret = gnutls_ocsp_resp_import (resp, data); - if (ret < 0) -- error (EXIT_FAILURE, 0, "importing response: %s", gnutls_strerror (ret)); -+ { -+ fprintf (stderr, "importing response: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - if (ENABLED_OPT(VERBOSE)) - ret = gnutls_ocsp_resp_print (resp, GNUTLS_OCSP_PRINT_FULL, &buf); - else - ret = gnutls_ocsp_resp_print (resp, GNUTLS_OCSP_PRINT_COMPACT, &buf); - if (ret != 0) -- error (EXIT_FAILURE, 0, "ocsp_resp_print: %s", gnutls_strerror (ret)); -+ { -+ fprintf (stderr, "ocsp_resp_print: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - printf ("%.*s", buf.size, buf.data); - gnutls_free (buf.data); -@@ -123,7 +143,10 @@ response_info (void) - else - dat.data = (void*)fread_file (infile, &size); - if (dat.data == NULL) -- error (EXIT_FAILURE, errno, "reading response"); -+ { -+ fprintf (stderr, "reading response"); -+ exit(1); -+ } - dat.size = size; - - _response_info(&dat); -@@ -139,23 +162,35 @@ load_issuer (void) - size_t size; - - if (!HAVE_OPT(LOAD_ISSUER)) -- error (EXIT_FAILURE, 0, "missing --load-issuer"); -+ { -+ fprintf( stderr, "missing --load-issuer"); -+ exit(1); -+ } - - ret = gnutls_x509_crt_init (&crt); - if (ret < 0) -- error (EXIT_FAILURE, 0, "crt_init: %s", gnutls_strerror (ret)); -+ { -+ fprintf (stderr, "crt_init: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - dat.data = (void*)read_binary_file (OPT_ARG(LOAD_ISSUER), &size); - dat.size = size; - - if (!dat.data) -- error (EXIT_FAILURE, errno, "reading --load-issuer: %s", OPT_ARG(LOAD_ISSUER)); -+ { -+ fprintf (stderr, "reading --load-issuer: %s", OPT_ARG(LOAD_ISSUER)); -+ exit(1); -+ } - - ret = gnutls_x509_crt_import (crt, &dat, encoding); - free (dat.data); - if (ret < 0) -- error (EXIT_FAILURE, 0, "importing --load-issuer: %s: %s", -+ { -+ fprintf (stderr, "importing --load-issuer: %s: %s", - OPT_ARG(LOAD_ISSUER), gnutls_strerror (ret)); -+ exit(1); -+ } - - return crt; - } -@@ -169,23 +204,35 @@ load_cert (void) - size_t size; - - if (!HAVE_OPT(LOAD_CERT)) -- error (EXIT_FAILURE, 0, "missing --load-cert"); -+ { -+ fprintf (stderr, "missing --load-cert"); -+ exit(1); -+ } - - ret = gnutls_x509_crt_init (&crt); - if (ret < 0) -- error (EXIT_FAILURE, 0, "crt_init: %s", gnutls_strerror (ret)); -+ { -+ fprintf (stderr, "crt_init: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - dat.data = (void*)read_binary_file (OPT_ARG(LOAD_CERT), &size); - dat.size = size; - - if (!dat.data) -- error (EXIT_FAILURE, errno, "reading --load-cert: %s", OPT_ARG(LOAD_CERT)); -+ { -+ fprintf (stderr, "reading --load-cert: %s", OPT_ARG(LOAD_CERT)); -+ exit(1); -+ } - - ret = gnutls_x509_crt_import (crt, &dat, encoding); - free (dat.data); - if (ret < 0) -- error (EXIT_FAILURE, 0, "importing --load-cert: %s: %s", -+ { -+ fprintf (stderr, "importing --load-cert: %s: %s", - OPT_ARG(LOAD_CERT), gnutls_strerror (ret)); -+ exit(1); -+ } - - return crt; - } -@@ -218,29 +265,44 @@ _verify_response (gnutls_datum_t *data) - - ret = gnutls_ocsp_resp_init (&resp); - if (ret < 0) -- error (EXIT_FAILURE, 0, "ocsp_resp_init: %s", gnutls_strerror (ret)); -+ { -+ fprintf (stderr, "ocsp_resp_init: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - ret = gnutls_ocsp_resp_import (resp, data); - if (ret < 0) -- error (EXIT_FAILURE, 0, "importing response: %s", gnutls_strerror (ret)); -+ { -+ fprintf (stderr, "importing response: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - if (HAVE_OPT(LOAD_TRUST)) - { - dat.data = (void*)read_binary_file (OPT_ARG(LOAD_TRUST), &size); - if (dat.data == NULL) -- error (EXIT_FAILURE, errno, "reading --load-trust: %s", OPT_ARG(LOAD_TRUST)); -+ { -+ fprintf (stderr, "reading --load-trust: %s", OPT_ARG(LOAD_TRUST)); -+ exit(1); -+ } - dat.size = size; - - ret = gnutls_x509_trust_list_init (&list, 0); - if (ret < 0) -- error (EXIT_FAILURE, 0, "gnutls_x509_trust_list_init: %s", -+ { -+ fprintf (stderr, "gnutls_x509_trust_list_init: %s", - gnutls_strerror (ret)); -+ exit(1); -+ } - - ret = gnutls_x509_crt_list_import2 (&x509_ca_list, &x509_ncas, &dat, - GNUTLS_X509_FMT_PEM, 0); - if (ret < 0 || x509_ncas < 1) -- error (EXIT_FAILURE, 0, "error parsing CAs: %s", -+ { -+ fprintf (stderr, "error parsing CAs: %s", - gnutls_strerror (ret)); -+ exit(1); -+ } - - if (HAVE_OPT(VERBOSE)) - { -@@ -253,8 +315,11 @@ _verify_response (gnutls_datum_t *data) - ret = gnutls_x509_crt_print (x509_ca_list[i], - GNUTLS_CRT_PRINT_ONELINE, &out); - if (ret < 0) -- error (EXIT_FAILURE, 0, "gnutls_x509_crt_print: %s", -+ { -+ fprintf (stderr, "gnutls_x509_crt_print: %s", - gnutls_strerror (ret)); -+ exit(1); -+ } - - printf ("%d: %.*s\n", i, out.size, out.data); - gnutls_free (out.data); -@@ -264,33 +329,48 @@ _verify_response (gnutls_datum_t *data) - - ret = gnutls_x509_trust_list_add_cas (list, x509_ca_list, x509_ncas, 0); - if (ret < 0) -- error (EXIT_FAILURE, 0, "gnutls_x509_trust_add_cas: %s", -+ { -+ fprintf (stderr, "gnutls_x509_trust_add_cas: %s", - gnutls_strerror (ret)); -+ exit(1); -+ } - - if (HAVE_OPT(VERBOSE)) - fprintf (stdout, "Loaded %d trust anchors\n", x509_ncas); - - ret = gnutls_ocsp_resp_verify (resp, list, &verify, 0); - if (ret < 0) -- error (EXIT_FAILURE, 0, "gnutls_ocsp_resp_verify: %s", -+ { -+ fprintf (stderr, "gnutls_ocsp_resp_verify: %s", - gnutls_strerror (ret)); -+ exit(1); -+ } - } - else if (HAVE_OPT(LOAD_SIGNER)) - { - ret = gnutls_x509_crt_init (&signer); - if (ret < 0) -- error (EXIT_FAILURE, 0, "crt_init: %s", gnutls_strerror (ret)); -+ { -+ fprintf (stderr, "crt_init: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - dat.data = (void*)read_binary_file (OPT_ARG(LOAD_SIGNER), &size); - if (dat.data == NULL) -- error (EXIT_FAILURE, errno, "reading --load-signer: %s", OPT_ARG(LOAD_SIGNER)); -+ { -+ fprintf (stderr, "reading --load-signer: %s", OPT_ARG(LOAD_SIGNER)); -+ exit(1); -+ } - dat.size = size; - - ret = gnutls_x509_crt_import (signer, &dat, encoding); - free (dat.data); - if (ret < 0) -- error (EXIT_FAILURE, 0, "importing --load-signer: %s: %s", -+ { -+ fprintf (stderr, "importing --load-signer: %s: %s", - OPT_ARG(LOAD_SIGNER), gnutls_strerror (ret)); -+ exit(1); -+ } - - if (HAVE_OPT(VERBOSE)) - { -@@ -298,8 +378,11 @@ _verify_response (gnutls_datum_t *data) - - ret = gnutls_x509_crt_print (signer, GNUTLS_CRT_PRINT_ONELINE, &out); - if (ret < 0) -- error (EXIT_FAILURE, 0, "gnutls_x509_crt_print: %s", -+ { -+ fprintf (stderr, "gnutls_x509_crt_print: %s", - gnutls_strerror (ret)); -+ exit(1); -+ } - - printf ("Signer: %.*s\n", out.size, out.data); - gnutls_free (out.data); -@@ -308,11 +391,17 @@ _verify_response (gnutls_datum_t *data) - - ret = gnutls_ocsp_resp_verify_direct (resp, signer, &verify, 0); - if (ret < 0) -- error (EXIT_FAILURE, 0, "gnutls_ocsp_resp_verify_direct: %s", -+ { -+ fprintf (stderr, "gnutls_ocsp_resp_verify_direct: %s", - gnutls_strerror (ret)); -+ exit(1); -+ } - } - else -- error (EXIT_FAILURE, 0, "missing --load-trust or --load-signer"); -+ { -+ fprintf (stderr, "missing --load-trust or --load-signer"); -+ exit(1); -+ } - - printf ("Verifying OCSP Response: "); - print_ocsp_verify_res (verify); -@@ -334,7 +423,10 @@ verify_response (void) - else - dat.data = (void*)fread_file (infile, &size); - if (dat.data == NULL) -- error (EXIT_FAILURE, errno, "reading response"); -+ { -+ fprintf (stderr, "reading response"); -+ exit(1); -+ } - dat.size = size; - - _verify_response(&dat); -@@ -381,7 +473,10 @@ main (int argc, char **argv) - int ret; - - if ((ret = gnutls_global_init ()) < 0) -- error (EXIT_FAILURE, 0, "global_init: %s", gnutls_strerror (ret)); -+ { -+ fprintf( stderr, "global_init: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - optionProcess( &ocsptoolOptions, argc, argv); - -@@ -392,7 +487,10 @@ main (int argc, char **argv) - { - outfile = fopen (OPT_ARG(OUTFILE), "wb"); - if (outfile == NULL) -- error (EXIT_FAILURE, errno, "%s", OPT_ARG(OUTFILE)); -+ { -+ fprintf( stderr, "%s", OPT_ARG(OUTFILE)); -+ exit(1); -+ } - } - else - outfile = stdout; -@@ -401,7 +499,10 @@ main (int argc, char **argv) - { - infile = fopen (OPT_ARG(INFILE), "rb"); - if (infile == NULL) -- error (EXIT_FAILURE, errno, "%s", OPT_ARG(INFILE)); -+ { -+ fprintf( stderr, "%s", OPT_ARG(INFILE)); -+ exit(1); -+ } - } - else - infile = stdin; -diff --git a/src/p11tool.c b/src/p11tool.c -index 924f6bb..19ca1fd 100644 ---- a/src/p11tool.c -+++ b/src/p11tool.c -@@ -39,7 +39,6 @@ - #include - #include - #include --#include - - /* Gnulib portability files. */ - #include -@@ -97,7 +96,10 @@ cmd_parser (int argc, char **argv) - printf ("Setting log level to %d\n", debug); - - if ((ret = gnutls_global_init ()) < 0) -- error (EXIT_FAILURE, 0, "global_init: %s", gnutls_strerror (ret)); -+ { -+ fprintf (stderr, "global_init: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - if (HAVE_OPT(PROVIDER)) - { -@@ -108,8 +110,11 @@ cmd_parser (int argc, char **argv) - { - ret = gnutls_pkcs11_add_provider (OPT_ARG(PROVIDER), NULL); - if (ret < 0) -- error (EXIT_FAILURE, 0, "pkcs11_add_provider: %s", -+ { -+ fprintf (stderr, "pkcs11_add_provider: %s", - gnutls_strerror (ret)); -+ exit(1); -+ } - } - } - else -@@ -123,7 +128,10 @@ cmd_parser (int argc, char **argv) - { - outfile = safe_open_rw (OPT_ARG(OUTFILE), 0); - if (outfile == NULL) -- error (EXIT_FAILURE, errno, "%s", OPT_ARG(OUTFILE)); -+ { -+ fprintf (stderr, "%s", OPT_ARG(OUTFILE)); -+ exit(1); -+ } - } - else - outfile = stdout; -diff --git a/src/pkcs11.c b/src/pkcs11.c -index 9759892..5290f63 100644 ---- a/src/pkcs11.c -+++ b/src/pkcs11.c -@@ -75,7 +75,6 @@ pkcs11_list (FILE * outfile, const char *url, int type, unsigned int login, - unsigned int detailed, common_info_st * info) - { - gnutls_pkcs11_obj_t *crt_list; -- gnutls_x509_crt_t xcrt; - unsigned int crt_list_size = 0, i; - int ret, otype; - char *output; -diff --git a/src/serv.c b/src/serv.c -index 5650658..d420cb8 100644 ---- a/src/serv.c -+++ b/src/serv.c -@@ -1216,6 +1216,8 @@ main (int argc, char **argv) - udp_server (name, port, mtu); - else - tcp_server (name, port); -+ -+ return 0; - } - - static void -diff --git a/src/tpmtool.c b/src/tpmtool.c -index 0c81d34..9b2168e 100644 ---- a/src/tpmtool.c -+++ b/src/tpmtool.c -@@ -39,7 +39,6 @@ - #include - #include - #include --#include - - /* Gnulib portability files. */ - #include -@@ -130,13 +129,19 @@ cmd_parser (int argc, char **argv) - printf ("Setting log level to %d\n", debug); - - if ((ret = gnutls_global_init ()) < 0) -- error (EXIT_FAILURE, 0, "global_init: %s", gnutls_strerror (ret)); -+ { -+ fprintf (stderr, "global_init: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - if (HAVE_OPT(OUTFILE)) - { - outfile = safe_open_rw (OPT_ARG(OUTFILE), 0); - if (outfile == NULL) -- error (EXIT_FAILURE, errno, "%s", OPT_ARG(OUTFILE)); -+ { -+ fprintf (stderr, "%s", OPT_ARG(OUTFILE)); -+ exit(1); -+ } - } - else - outfile = stdout; -@@ -145,7 +150,10 @@ cmd_parser (int argc, char **argv) - { - infile = fopen (OPT_ARG(INFILE), "rb"); - if (infile == NULL) -- error (EXIT_FAILURE, errno, "%s", OPT_ARG(INFILE)); -+ { -+ fprintf (stderr, "%s", OPT_ARG(INFILE)); -+ exit(1); -+ } - } - else - infile = stdin; -@@ -210,7 +218,10 @@ static void tpm_generate(FILE* outfile, unsigned int key_type, unsigned int bits - free(srk_pass); - - if (ret < 0) -- error (EXIT_FAILURE, 0, "gnutls_tpm_privkey_generate: %s", gnutls_strerror (ret)); -+ { -+ fprintf (stderr, "gnutls_tpm_privkey_generate: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - /* fwrite (pubkey.data, 1, pubkey.size, outfile); - fputs ("\n", outfile);*/ -@@ -230,7 +241,10 @@ static void tpm_delete(const char* url, FILE* outfile) - - ret = gnutls_tpm_privkey_delete(url, srk_pass); - if (ret < 0) -- error (EXIT_FAILURE, 0, "gnutls_tpm_privkey_delete: %s", gnutls_strerror (ret)); -+ { -+ fprintf (stderr, "gnutls_tpm_privkey_delete: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - fprintf (outfile, "Key %s deleted\n", url); - } -@@ -244,7 +258,10 @@ static void tpm_list(FILE* outfile) - - ret = gnutls_tpm_get_registered (&list); - if (ret < 0) -- error (EXIT_FAILURE, 0, "gnutls_tpm_get_registered: %s", gnutls_strerror (ret)); -+ { -+ fprintf (stderr, "gnutls_tpm_get_registered: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - fprintf(outfile, "Available keys:\n"); - for (i=0;;i++) -@@ -253,7 +270,10 @@ static void tpm_list(FILE* outfile) - if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) - break; - else if (ret < 0) -- error (EXIT_FAILURE, 0, "gnutls_tpm_key_list_get_url: %s", gnutls_strerror (ret)); -+ { -+ fprintf (stderr, "gnutls_tpm_key_list_get_url: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - fprintf(outfile, "\t%u: %s\n", i, url); - gnutls_free(url); -@@ -279,7 +299,10 @@ static void tpm_pubkey(const char* url, FILE* outfile) - free(srk_pass); - - if (ret < 0) -- error (EXIT_FAILURE, 0, "gnutls_pubkey_import_tpm_url: %s", gnutls_strerror (ret)); -+ { -+ fprintf (stderr, "gnutls_pubkey_import_tpm_url: %s", gnutls_strerror (ret)); -+ exit(1); -+ } - - _pubkey_info(outfile, GNUTLS_CRT_PRINT_FULL, pubkey); - --- -1.7.1 - diff --git a/main/gnutls/libgmp.patch b/main/gnutls/libgmp.patch deleted file mode 100644 index c6e2617..0000000 --- a/main/gnutls/libgmp.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- ./lib/nettle/Makefile.in.orig 2013-06-10 17:39:26.019517541 +0000 -+++ ./lib/nettle/Makefile.in 2013-06-10 17:39:38.629643690 +0000 -@@ -214,7 +214,7 @@ - CONFIG_CLEAN_FILES = - CONFIG_CLEAN_VPATH_FILES = - LTLIBRARIES = $(noinst_LTLIBRARIES) --libcrypto_la_LIBADD = -+libcrypto_la_LIBADD = -lgmp - am_libcrypto_la_OBJECTS = pk.lo mpi.lo mac.lo cipher.lo rnd.lo init.lo \ - egd.lo - libcrypto_la_OBJECTS = $(am_libcrypto_la_OBJECTS) -- 2.10.0 --- Unsubscribe: alpine-aports+unsubscribe@lists.alpinelinux.org Help: alpine-aports+help@lists.alpinelinux.org ---