aboutsummaryrefslogtreecommitdiffstats
path: root/main/gnutls
diff options
context:
space:
mode:
authorTimo Teräs <timo.teras@iki.fi>2013-09-27 14:10:02 +0000
committerTimo Teräs <timo.teras@iki.fi>2013-09-27 14:22:24 +0000
commit447e3ad633a27422ae2ad67685cbb6b952b09db4 (patch)
treedd1fa5bcc8dfafdd96facf03ae6be649075337ab /main/gnutls
parent672b5f205c4118b1e0b68bc6e90e7b1cb84157b7 (diff)
main/gnutls: cherry-pick upstream commit to not use error.h
this fixes build on musl.
Diffstat (limited to 'main/gnutls')
-rw-r--r--main/gnutls/APKBUILD6
-rw-r--r--main/gnutls/avoid-using-error_h.patch3170
2 files changed, 3175 insertions, 1 deletions
diff --git a/main/gnutls/APKBUILD b/main/gnutls/APKBUILD
index fa742f153d0..72153783319 100644
--- a/main/gnutls/APKBUILD
+++ b/main/gnutls/APKBUILD
@@ -2,7 +2,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=gnutls
pkgver=3.2.4
-pkgrel=0
+pkgrel=1
pkgdesc="A TLS protocol implementation"
url="http://www.gnutls.org/"
arch="all"
@@ -13,6 +13,7 @@ makedepends="$depends_dev texinfo"
install=
subpackages="$pkgname-doc $pkgname-dev $pkgname-utils $pkgname-c++:xx"
source="ftp://ftp.gnutls.org/gcrypt/gnutls/v${pkgver%.*}/$pkgname-$pkgver.tar.xz
+ avoid-using-error_h.patch
libgmp.patch
"
@@ -64,8 +65,11 @@ xx() {
}
md5sums="79ef8538d65128b7ed47046649b98c27 gnutls-3.2.4.tar.xz
+33a330fe28ee87ef14c61109ef7af117 avoid-using-error_h.patch
3ce8fb390345afbd490cd9ac487dabbd libgmp.patch"
sha256sums="119570af3eb83b411252bf617688b9b9143e4349f48657b7ebaea57d90ff707f gnutls-3.2.4.tar.xz
+122ee40895b1693124cdbb190d4f07ee8274b287086c62cf728af30ef6140e09 avoid-using-error_h.patch
39b49c5166819cd4c57ec7d1b42e0470c5d1bde3bebb4b9fbb465d1ef2eb7d2d libgmp.patch"
sha512sums="d0ae82e34421b74cca42f14e9564d52324c1becfeeef0fb3e301fe3919bff4186e13661c93156a3f0515be544be3a34db10887efef59c6a3c74512d2f14351a7 gnutls-3.2.4.tar.xz
+ac95c24e79431b47078b8389bfa9d2a08498e4af5936b1e16e21fd99613278df6d2fdc71c921b43360ac7f7545f9a7fc0a0aa23e796db5c7366fd226a653fbae avoid-using-error_h.patch
1c02594d6bf288561ffd1f0828089a8eaa5129eac1fb2631340370ea94099762bcb883aec188bb31bffe22c0ddeee7abad5e3926b1f64dc22c916760ead16a74 libgmp.patch"
diff --git a/main/gnutls/avoid-using-error_h.patch b/main/gnutls/avoid-using-error_h.patch
new file mode 100644
index 00000000000..b9e0c49ddb8
--- /dev/null
+++ b/main/gnutls/avoid-using-error_h.patch
@@ -0,0 +1,3170 @@
+From 1df1b0f7b28c733bf01e5d1faa2f8ccdb3db1665 Mon Sep 17 00:00:00 2001
+From: Nikos Mavrogiannopoulos <nmav@gnutls.org>
+Date: Mon, 2 Sep 2013 13:47:18 +0300
+Subject: [PATCH] Avoid using gnulib's error()
+
+---
+ src/certtool-common.c | 180 +++++++++---
+ src/certtool-extras.c | 21 +-
+ src/certtool.c | 763 +++++++++++++++++++++++++++++++++++++++----------
+ src/danetool.c | 97 +++++--
+ src/ocsptool-common.c | 48 +++-
+ src/ocsptool.c | 171 +++++++++---
+ src/p11tool.c | 16 +-
+ src/pkcs11.c | 1 -
+ src/serv.c | 2 +
+ src/tpmtool.c | 41 ++-
+ 10 files changed, 1055 insertions(+), 285 deletions(-)
+
+diff --git a/src/certtool-common.c b/src/certtool-common.c
+index cca7c49..1799250 100644
+--- a/src/certtool-common.c
++++ b/src/certtool-common.c
+@@ -37,7 +37,6 @@
+ #include <sys/types.h>
+ #include <sys/stat.h>
+ #include <fcntl.h>
+-#include <error.h>
+ #include <common.h>
+ #include "certtool-common.h"
+ #include "certtool-args.h"
+@@ -86,7 +85,10 @@ load_secret_key (int mand, common_info_st * info)
+ if (info->secret_key == NULL)
+ {
+ if (mand)
+- error (EXIT_FAILURE, 0, "missing --secret-key");
++ {
++ fprintf (stderr, "missing --secret-key");
++ exit(1);
++ }
+ else
+ return NULL;
+ }
+@@ -96,7 +98,10 @@ load_secret_key (int mand, common_info_st * info)
+
+ ret = gnutls_hex_decode (&hex_key, raw_key, &raw_key_size);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "hex_decode: %s", gnutls_strerror (ret));
++ {
++ fprintf (stderr, "hex_decode: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ key.data = (void*)raw_key;
+ key.size = raw_key_size;
+@@ -135,7 +140,10 @@ const char* pass;
+
+ ret = gnutls_privkey_init (&key);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "privkey_init: %s", gnutls_strerror (ret));
++ {
++ fprintf (stderr, "privkey_init: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ ret = gnutls_privkey_import_x509_raw (key, dat, info->incert_format, NULL, 0);
+ if (ret == GNUTLS_E_DECRYPTION_FAILED)
+@@ -146,14 +154,18 @@ const char* pass;
+
+ if (ret == GNUTLS_E_BASE64_UNEXPECTED_HEADER_ERROR)
+ {
+- error (EXIT_FAILURE, 0,
++ fprintf (stderr,
+ "import error: could not find a valid PEM header; "
+ "check if your key is PKCS #12 encoded");
++ exit(1);
+ }
+
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "importing --load-privkey: %s: %s",
++ {
++ fprintf (stderr, "importing --load-privkey: %s: %s",
+ info->privkey, gnutls_strerror (ret));
++ exit(1);
++ }
+
+ return key;
+ }
+@@ -165,12 +177,18 @@ gnutls_privkey_t key;
+
+ ret = gnutls_privkey_init (&key);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "privkey_init: %s", gnutls_strerror (ret));
++ {
++ fprintf (stderr, "privkey_init: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ ret = gnutls_privkey_import_url(key, url, 0);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "importing key: %s: %s",
++ {
++ fprintf (stderr, "importing key: %s: %s",
+ url, gnutls_strerror (ret));
++ exit(1);
++ }
+
+ return key;
+ }
+@@ -214,7 +232,10 @@ load_private_key (int mand, common_info_st * info)
+ return NULL;
+
+ if (info->privkey == NULL)
+- error (EXIT_FAILURE, 0, "missing --load-privkey");
++ {
++ fprintf (stderr, "missing --load-privkey");
++ exit(1);
++ }
+
+ if (gnutls_url_is_supported(info->privkey) != 0)
+ return _load_url_privkey(info->privkey);
+@@ -223,7 +244,10 @@ load_private_key (int mand, common_info_st * info)
+ dat.size = size;
+
+ if (!dat.data)
+- error (EXIT_FAILURE, errno, "reading --load-privkey: %s", info->privkey);
++ {
++ fprintf (stderr, "reading --load-privkey: %s", info->privkey);
++ exit(1);
++ }
+
+ key = _load_privkey(&dat, info);
+
+@@ -249,17 +273,26 @@ load_x509_private_key (int mand, common_info_st * info)
+ return NULL;
+
+ if (info->privkey == NULL)
+- error (EXIT_FAILURE, 0, "missing --load-privkey");
++ {
++ fprintf (stderr, "missing --load-privkey");
++ exit(1);
++ }
+
+ ret = gnutls_x509_privkey_init (&key);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "privkey_init: %s", gnutls_strerror (ret));
++ {
++ fprintf( stderr, "privkey_init: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ dat.data = (void*)read_binary_file (info->privkey, &size);
+ dat.size = size;
+
+ if (!dat.data)
+- error (EXIT_FAILURE, errno, "reading --load-privkey: %s", info->privkey);
++ {
++ fprintf (stderr, "reading --load-privkey: %s", info->privkey);
++ exit(1);
++ }
+
+ if (info->pkcs8)
+ {
+@@ -282,14 +315,18 @@ load_x509_private_key (int mand, common_info_st * info)
+
+ if (ret == GNUTLS_E_BASE64_UNEXPECTED_HEADER_ERROR)
+ {
+- error (EXIT_FAILURE, 0,
++ fprintf (stderr,
+ "import error: could not find a valid PEM header; "
+- "check if your key is PKCS #12 encoded");
++ "check if your key is PEM encoded");
++ exit(1);
+ }
+
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "importing --load-privkey: %s: %s",
++ {
++ fprintf( stderr, "importing --load-privkey: %s: %s",
+ info->privkey, gnutls_strerror (ret));
++ exit(1);
++ }
+
+ return key;
+ }
+@@ -332,14 +369,20 @@ load_cert_list (int mand, size_t * crt_size, common_info_st * info)
+ if (info->cert == NULL)
+ {
+ if (mand)
+- error (EXIT_FAILURE, 0, "missing --load-certificate");
++ {
++ fprintf (stderr, "missing --load-certificate");
++ exit(1);
++ }
+ else
+ return NULL;
+ }
+
+ fd = fopen (info->cert, "r");
+ if (fd == NULL)
+- error (EXIT_FAILURE, errno, "%s", info->cert);
++ {
++ fprintf (stderr, "%s", info->cert);
++ exit(1);
++ }
+
+ size = fread (buffer, 1, sizeof (buffer) - 1, fd);
+ buffer[size] = 0;
+@@ -353,7 +396,10 @@ load_cert_list (int mand, size_t * crt_size, common_info_st * info)
+ {
+ ret = gnutls_x509_crt_init (&crt[i]);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "crt_init: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "crt_init: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ dat.data = (void*)ptr;
+ dat.size = ptr_size;
+@@ -362,7 +408,10 @@ load_cert_list (int mand, size_t * crt_size, common_info_st * info)
+ if (ret < 0 && *crt_size > 0)
+ break;
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "crt_import: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "crt_import: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ ptr = strstr (ptr, "---END");
+ if (ptr == NULL)
+@@ -399,26 +448,35 @@ load_request (common_info_st * info)
+
+ ret = gnutls_x509_crq_init (&crq);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "crq_init: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "crq_init: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ dat.data = (void*)read_binary_file (info->request, &size);
+ dat.size = size;
+
+ if (!dat.data)
+- error (EXIT_FAILURE, errno, "reading --load-request: %s", info->request);
++ {
++ fprintf (stderr, "reading --load-request: %s", info->request);
++ exit(1);
++ }
+
+ ret = gnutls_x509_crq_import (crq, &dat, info->incert_format);
+ if (ret == GNUTLS_E_BASE64_UNEXPECTED_HEADER_ERROR)
+ {
+- error (EXIT_FAILURE, 0,
++ fprintf(stderr,
+ "import error: could not find a valid PEM header");
++ exit(1);
+ }
+
+ free (dat.data);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "importing --load-request: %s: %s",
+- info->request, gnutls_strerror (ret));
+-
++ {
++ fprintf(stderr, "importing --load-request: %s: %s",
++ info->request, gnutls_strerror (ret));
++ exit(1);
++ }
+ return crq;
+ }
+
+@@ -432,7 +490,10 @@ load_ca_private_key (common_info_st * info)
+ size_t size;
+
+ if (info->ca_privkey == NULL)
+- error (EXIT_FAILURE, 0, "missing --load-ca-privkey");
++ {
++ fprintf(stderr, "missing --load-ca-privkey");
++ exit(1);
++ }
+
+ if (gnutls_url_is_supported(info->ca_privkey) != 0)
+ return _load_url_privkey(info->ca_privkey);
+@@ -441,8 +502,11 @@ load_ca_private_key (common_info_st * info)
+ dat.size = size;
+
+ if (!dat.data)
+- error (EXIT_FAILURE, errno, "reading --load-ca-privkey: %s",
++ {
++ fprintf (stderr, "reading --load-ca-privkey: %s",
+ info->ca_privkey);
++ exit(1);
++ }
+
+ key = _load_privkey(&dat, info);
+
+@@ -462,24 +526,36 @@ load_ca_cert (common_info_st * info)
+ size_t size;
+
+ if (info->ca == NULL)
+- error (EXIT_FAILURE, 0, "missing --load-ca-certificate");
++ {
++ fprintf(stderr, "missing --load-ca-certificate");
++ exit(1);
++ }
+
+ ret = gnutls_x509_crt_init (&crt);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "crt_init: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "crt_init: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ dat.data = (void*)read_binary_file (info->ca, &size);
+ dat.size = size;
+
+ if (!dat.data)
+- error (EXIT_FAILURE, errno, "reading --load-ca-certificate: %s",
++ {
++ fprintf( stderr, "reading --load-ca-certificate: %s",
+ info->ca);
++ exit(1);
++ }
+
+ ret = gnutls_x509_crt_import (crt, &dat, info->incert_format);
+ free (dat.data);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "importing --load-ca-certificate: %s: %s",
+- info->ca, gnutls_strerror (ret));
++ {
++ fprintf(stderr, "importing --load-ca-certificate: %s: %s",
++ info->ca, gnutls_strerror (ret));
++ exit(1);
++ }
+
+ return crt;
+ }
+@@ -499,20 +575,29 @@ load_pubkey (int mand, common_info_st * info)
+ return NULL;
+
+ if (info->pubkey == NULL)
+- error (EXIT_FAILURE, 0, "missing --load-pubkey");
++ {
++ fprintf(stderr, "missing --load-pubkey");
++ exit(1);
++ }
+
+ if (gnutls_url_is_supported(info->pubkey) != 0)
+ return _load_url_pubkey(info->pubkey);
+
+ ret = gnutls_pubkey_init (&key);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "privkey_init: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "privkey_init: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ dat.data = (void*)read_binary_file (info->pubkey, &size);
+ dat.size = size;
+
+ if (!dat.data)
+- error (EXIT_FAILURE, errno, "reading --load-pubkey: %s", info->pubkey);
++ {
++ fprintf( stderr, "reading --load-pubkey: %s", info->pubkey);
++ exit(1);
++ }
+
+ ret = gnutls_pubkey_import (key, &dat, info->incert_format);
+
+@@ -520,14 +605,18 @@ load_pubkey (int mand, common_info_st * info)
+
+ if (ret == GNUTLS_E_BASE64_UNEXPECTED_HEADER_ERROR)
+ {
+- error (EXIT_FAILURE, 0,
++ fprintf(stderr,
+ "import error: could not find a valid PEM header; "
+ "check if your key has the PUBLIC KEY header");
++ exit(1);
+ }
+
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "importing --load-pubkey: %s: %s",
++ {
++ fprintf(stderr, "importing --load-pubkey: %s: %s",
+ info->pubkey, gnutls_strerror (ret));
++ exit(1);
++ }
+
+ return key;
+ }
+@@ -539,8 +628,11 @@ int ret;
+
+ ret = gnutls_pubkey_init(&pubkey);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "gnutls_pubkey_init: %s",
++ {
++ fprintf(stderr, "gnutls_pubkey_init: %s",
+ gnutls_strerror (ret));
++ exit(1);
++ }
+
+ if (!privkey || (ret = gnutls_pubkey_import_privkey(pubkey, privkey, 0, 0)) < 0)
+ { /* could not get (e.g. on PKCS #11 */
+@@ -747,7 +839,10 @@ size_t size;
+
+ ret = gnutls_pubkey_print(pubkey, format, &data);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "pubkey_print error: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "pubkey_print error: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ fprintf (outfile, "%s\n", data.data);
+ gnutls_free (data.data);
+@@ -755,7 +850,10 @@ size_t size;
+ size = buffer_size;
+ ret = gnutls_pubkey_export (pubkey, GNUTLS_X509_FMT_PEM, buffer, &size);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "export error: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "export error: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ fprintf (outfile, "\n%s\n", buffer);
+ }
+diff --git a/src/certtool-extras.c b/src/certtool-extras.c
+index 1422188..ee89434 100644
+--- a/src/certtool-extras.c
++++ b/src/certtool-extras.c
+@@ -38,7 +38,6 @@
+ #include <sys/types.h>
+ #include <sys/stat.h>
+ #include <fcntl.h>
+-#include <error.h>
+ #include "certtool-common.h"
+ #include "certtool-cfg.h"
+
+@@ -64,14 +63,20 @@ load_privkey_list (int mand, size_t * privkey_size, common_info_st * info)
+ if (info->privkey == NULL)
+ {
+ if (mand)
+- error (EXIT_FAILURE, 0, "missing --load-privkey");
++ {
++ fprintf( stderr, "missing --load-privkey");
++ exit(1);
++ }
+ else
+ return NULL;
+ }
+
+ ret = gnutls_load_file(info->privkey, &file_data);
+ if (ret < 0)
+- error (EXIT_FAILURE, errno, "%s", info->privkey);
++ {
++ fprintf (stderr, "%s", info->privkey);
++ exit(1);
++ }
+
+ ptr = (void*)file_data.data;
+ ptr_size = file_data.size;
+@@ -80,7 +85,10 @@ load_privkey_list (int mand, size_t * privkey_size, common_info_st * info)
+ {
+ ret = gnutls_x509_privkey_init (&key[i]);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "privkey_init: %s", gnutls_strerror (ret));
++ {
++ fprintf( stderr, "privkey_init: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ dat.data = (void*)ptr;
+ dat.size = ptr_size;
+@@ -95,7 +103,10 @@ load_privkey_list (int mand, size_t * privkey_size, common_info_st * info)
+ if (ret < 0 && *privkey_size > 0)
+ break;
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "privkey_import: %s", gnutls_strerror (ret));
++ {
++ fprintf( stderr, "privkey_import: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ (*privkey_size)++;
+
+diff --git a/src/certtool.c b/src/certtool.c
+index 2a1a668..0ea52e8 100644
+--- a/src/certtool.c
++++ b/src/certtool.c
+@@ -38,7 +38,6 @@
+ #include <sys/types.h>
+ #include <sys/stat.h>
+ #include <fcntl.h>
+-#include <error.h>
+
+ /* Gnulib portability files. */
+ #include <read-file.h>
+@@ -109,7 +108,10 @@ generate_private_key_int (common_info_st * cinfo)
+
+ ret = gnutls_x509_privkey_init (&key);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "privkey_init: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "privkey_init: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ bits = get_bits (key_type, cinfo->bits, cinfo->sec_param, 1);
+
+@@ -122,11 +124,17 @@ generate_private_key_int (common_info_st * cinfo)
+
+ ret = gnutls_x509_privkey_generate (key, key_type, bits, 0);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "privkey_generate: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "privkey_generate: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ ret = gnutls_x509_privkey_verify_params (key);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "privkey_verify_params: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "privkey_verify_params: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ return key;
+ }
+@@ -167,8 +175,8 @@ cipher_to_flags (const char *cipher)
+ return GNUTLS_PKCS_USE_PKCS12_RC2_40;
+ }
+
+- error (EXIT_FAILURE, 0, "unknown cipher %s\n", cipher);
+- return -1;
++ fprintf(stderr, "unknown cipher %s\n", cipher);
++ exit(1);
+ }
+
+
+@@ -190,7 +198,10 @@ print_private_key (common_info_st* cinfo, gnutls_x509_privkey_t key)
+ ret = gnutls_x509_privkey_export (key, outcert_format,
+ buffer, &size);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "privkey_export: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "privkey_export: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+ }
+ else
+ {
+@@ -205,8 +216,11 @@ print_private_key (common_info_st* cinfo, gnutls_x509_privkey_t key)
+ gnutls_x509_privkey_export_pkcs8 (key, outcert_format, pass,
+ flags, buffer, &size);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "privkey_export_pkcs8: %s",
++ {
++ fprintf(stderr, "privkey_export_pkcs8: %s",
+ gnutls_strerror (ret));
++ exit(1);
++ }
+ }
+
+ fwrite (buffer, 1, size, outfile);
+@@ -244,7 +258,10 @@ generate_certificate (gnutls_privkey_t * ret_key,
+
+ ret = gnutls_x509_crt_init (&crt);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "crt_init: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "crt_init: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ crq = load_request (cinfo);
+
+@@ -266,8 +283,11 @@ generate_certificate (gnutls_privkey_t * ret_key,
+ {
+ result = gnutls_x509_crt_set_proxy_dn (crt, ca_crt, 0, NULL, 0);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "set_proxy_dn: %s",
++ {
++ fprintf(stderr, "set_proxy_dn: %s",
+ gnutls_strerror (result));
++ exit(1);
++ }
+
+ get_dn_crt_set (crt);
+ get_cn_crt_set (crt);
+@@ -297,13 +317,19 @@ generate_certificate (gnutls_privkey_t * ret_key,
+
+ result = gnutls_x509_crt_set_pubkey (crt, pubkey);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "set_key: %s", gnutls_strerror (result));
++ {
++ fprintf(stderr, "set_key: %s", gnutls_strerror (result));
++ exit(1);
++ }
+ }
+ else
+ {
+ result = gnutls_x509_crt_set_crq (crt, crq);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "set_crq: %s", gnutls_strerror (result));
++ {
++ fprintf(stderr, "set_crq: %s", gnutls_strerror (result));
++ exit(1);
++ }
+ }
+
+
+@@ -319,7 +345,10 @@ generate_certificate (gnutls_privkey_t * ret_key,
+
+ result = gnutls_x509_crt_set_serial (crt, bin_serial, 5);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "serial: %s", gnutls_strerror (result));
++ {
++ fprintf(stderr, "serial: %s", gnutls_strerror (result));
++ exit(1);
++ }
+ }
+
+ if (!batch)
+@@ -339,7 +368,10 @@ generate_certificate (gnutls_privkey_t * ret_key,
+ result =
+ gnutls_x509_crt_set_expiration_time (crt, secs);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "set_expiration: %s", gnutls_strerror (result));
++ {
++ fprintf(stderr, "set_expiration: %s", gnutls_strerror (result));
++ exit(1);
++ }
+
+ if (!batch)
+ fprintf (stderr, "\n\nExtensions.\n");
+@@ -349,7 +381,10 @@ generate_certificate (gnutls_privkey_t * ret_key,
+ {
+ result = gnutls_x509_crt_set_crq_extensions (crt, crq);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "set_crq: %s", gnutls_strerror (result));
++ {
++ fprintf(stderr, "set_crq: %s", gnutls_strerror (result));
++ exit(1);
++ }
+ }
+
+ /* append additional extensions */
+@@ -375,8 +410,11 @@ generate_certificate (gnutls_privkey_t * ret_key,
+ gnutls_x509_crt_set_proxy (crt, proxypathlen, policylanguage,
+ policy, policylen);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "set_proxy: %s",
++ {
++ fprintf(stderr, "set_proxy: %s",
+ gnutls_strerror (result));
++ exit(1);
++ }
+ }
+
+ if (!proxy)
+@@ -389,8 +427,11 @@ generate_certificate (gnutls_privkey_t * ret_key,
+ result =
+ gnutls_x509_crt_set_basic_constraints (crt, ca_status, path_len);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "basic_constraints: %s",
++ {
++ fprintf(stderr, "basic_constraints: %s",
+ gnutls_strerror (result));
++ exit(1);
++ }
+
+ client = get_tls_client_status ();
+ if (client != 0)
+@@ -399,7 +440,10 @@ generate_certificate (gnutls_privkey_t * ret_key,
+ GNUTLS_KP_TLS_WWW_CLIENT,
+ 0);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "key_kp: %s", gnutls_strerror (result));
++ {
++ fprintf(stderr, "key_kp: %s", gnutls_strerror (result));
++ exit(1);
++ }
+ }
+
+ is_ike = get_ipsec_ike_status ();
+@@ -418,7 +462,10 @@ generate_certificate (gnutls_privkey_t * ret_key,
+ gnutls_x509_crt_set_key_purpose_oid (crt,
+ GNUTLS_KP_TLS_WWW_SERVER, 0);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "key_kp: %s", gnutls_strerror (result));
++ {
++ fprintf(stderr, "key_kp: %s", gnutls_strerror (result));
++ exit(1);
++ }
+ }
+ else if (!proxy)
+ {
+@@ -451,8 +498,11 @@ generate_certificate (gnutls_privkey_t * ret_key,
+ gnutls_x509_crt_set_key_purpose_oid (crt,
+ GNUTLS_KP_IPSEC_IKE, 0);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "key_kp: %s",
++ {
++ fprintf(stderr, "key_kp: %s",
+ gnutls_strerror (result));
++ exit(1);
++ }
+ }
+ }
+
+@@ -475,8 +525,11 @@ generate_certificate (gnutls_privkey_t * ret_key,
+ GNUTLS_KP_CODE_SIGNING,
+ 0);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "key_kp: %s",
++ {
++ fprintf(stderr, "key_kp: %s",
+ gnutls_strerror (result));
++ exit(1);
++ }
+ }
+
+ result = get_ocsp_sign_status ();
+@@ -487,8 +540,11 @@ generate_certificate (gnutls_privkey_t * ret_key,
+ GNUTLS_KP_OCSP_SIGNING,
+ 0);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "key_kp: %s",
++ {
++ fprintf(stderr, "key_kp: %s",
+ gnutls_strerror (result));
++ exit(1);
++ }
+ }
+
+ result = get_time_stamp_status ();
+@@ -499,8 +555,11 @@ generate_certificate (gnutls_privkey_t * ret_key,
+ GNUTLS_KP_TIME_STAMPING,
+ 0);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "key_kp: %s",
++ {
++ fprintf(stderr, "key_kp: %s",
+ gnutls_strerror (result));
++ exit(1);
++ }
+ }
+ }
+ get_ocsp_issuer_set(crt);
+@@ -515,8 +574,11 @@ generate_certificate (gnutls_privkey_t * ret_key,
+ usage |= GNUTLS_KEY_NON_REPUDIATION;
+ result = gnutls_x509_crt_set_key_usage (crt, usage);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "key_usage: %s",
++ {
++ fprintf(stderr, "key_usage: %s",
+ gnutls_strerror (result));
++ exit(1);
++ }
+ }
+
+ /* Subject Key ID.
+@@ -527,8 +589,11 @@ generate_certificate (gnutls_privkey_t * ret_key,
+ {
+ result = gnutls_x509_crt_set_subject_key_id (crt, buffer, size);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "set_subject_key_id: %s",
++ {
++ fprintf(stderr, "set_subject_key_id: %s",
+ gnutls_strerror (result));
++ exit(1);
++ }
+ }
+
+ /* Authority Key ID.
+@@ -548,8 +613,11 @@ generate_certificate (gnutls_privkey_t * ret_key,
+ result =
+ gnutls_x509_crt_set_authority_key_id (crt, buffer, size);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "set_authority_key_id: %s",
++ {
++ fprintf(stderr, "set_authority_key_id: %s",
+ gnutls_strerror (result));
++ exit(1);
++ }
+ }
+ }
+ }
+@@ -562,7 +630,10 @@ generate_certificate (gnutls_privkey_t * ret_key,
+ vers = 3;
+ result = gnutls_x509_crt_set_version (crt, vers);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "set_version: %s", gnutls_strerror (result));
++ {
++ fprintf(stderr, "set_version: %s", gnutls_strerror (result));
++ exit(1);
++ }
+
+ *ret_key = key;
+ return crt;
+@@ -581,7 +652,10 @@ generate_crl (gnutls_x509_crt_t ca_crt, common_info_st * cinfo)
+
+ result = gnutls_x509_crl_init (&crl);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "crl_init: %s", gnutls_strerror (result));
++ {
++ fprintf(stderr, "crl_init: %s", gnutls_strerror (result));
++ exit(1);
++ }
+
+ crts = load_cert_list (0, &size, cinfo);
+
+@@ -589,23 +663,35 @@ generate_crl (gnutls_x509_crt_t ca_crt, common_info_st * cinfo)
+ {
+ result = gnutls_x509_crl_set_crt (crl, crts[i], now);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "crl_set_crt: %s", gnutls_strerror (result));
++ {
++ fprintf(stderr, "crl_set_crt: %s", gnutls_strerror (result));
++ exit(1);
++ }
+ }
+
+ result = gnutls_x509_crl_set_this_update (crl, now);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "this_update: %s", gnutls_strerror (result));
++ {
++ fprintf(stderr, "this_update: %s", gnutls_strerror (result));
++ exit(1);
++ }
+
+ fprintf (stderr, "Update times.\n");
+ days = get_crl_next_update ();
+
+ result = gnutls_x509_crl_set_next_update (crl, now + days * 24 * 60 * 60);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "next_update: %s", gnutls_strerror (result));
++ {
++ fprintf(stderr, "next_update: %s", gnutls_strerror (result));
++ exit(1);
++ }
+
+ result = gnutls_x509_crl_set_version (crl, 2);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "set_version: %s", gnutls_strerror (result));
++ {
++ fprintf(stderr, "set_version: %s", gnutls_strerror (result));
++ exit(1);
++ }
+
+ /* Authority Key ID.
+ */
+@@ -623,8 +709,12 @@ generate_crl (gnutls_x509_crt_t ca_crt, common_info_st * cinfo)
+ {
+ result = gnutls_x509_crl_set_authority_key_id (crl, buffer, size);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "set_authority_key_id: %s",
++ {
++ fprintf(stderr, "set_authority_key_id: %s",
+ gnutls_strerror (result));
++ exit(1);
++ }
++
+ }
+ }
+
+@@ -640,7 +730,10 @@ generate_crl (gnutls_x509_crt_t ca_crt, common_info_st * cinfo)
+
+ result = gnutls_x509_crl_set_number (crl, bin_number, 5);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "set_number: %s", gnutls_strerror (result));
++ {
++ fprintf(stderr, "set_number: %s", gnutls_strerror (result));
++ exit(1);
++ }
+ }
+
+ return crl;
+@@ -656,8 +749,11 @@ get_dig_for_pub (gnutls_pubkey_t pubkey)
+ result = gnutls_pubkey_get_preferred_hash_algorithm (pubkey, &dig, &mand);
+ if (result < 0)
+ {
+- error (EXIT_FAILURE, 0, "crt_get_preferred_hash_algorithm: %s",
++ {
++ fprintf(stderr, "crt_get_preferred_hash_algorithm: %s",
+ gnutls_strerror (result));
++ exit(1);
++ }
+ }
+
+ /* if algorithm allows alternatives */
+@@ -679,8 +775,11 @@ get_dig (gnutls_x509_crt_t crt)
+ result = gnutls_pubkey_import_x509(pubkey, crt, 0);
+ if (result < 0)
+ {
+- error (EXIT_FAILURE, 0, "gnutls_pubkey_import_x509: %s",
++ {
++ fprintf(stderr, "gnutls_pubkey_import_x509: %s",
+ gnutls_strerror (result));
++ exit(1);
++ }
+ }
+
+ dig = get_dig_for_pub (pubkey);
+@@ -713,8 +812,11 @@ generate_self_signed (common_info_st * cinfo)
+ uri,
+ 0 /* all reasons */ );
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "crl_dist_points: %s",
++ {
++ fprintf(stderr, "crl_dist_points: %s",
+ gnutls_strerror (result));
++ exit(1);
++ }
+ }
+
+ print_certificate_info (crt, stderr, 0);
+@@ -723,12 +825,18 @@ generate_self_signed (common_info_st * cinfo)
+
+ result = gnutls_x509_crt_privkey_sign (crt, crt, key, get_dig (crt), 0);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "crt_sign: %s", gnutls_strerror (result));
++ {
++ fprintf(stderr, "crt_sign: %s", gnutls_strerror (result));
++ exit(1);
++ }
+
+ size = buffer_size;
+ result = gnutls_x509_crt_export (crt, outcert_format, buffer, &size);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "crt_export: %s", gnutls_strerror (result));
++ {
++ fprintf(stderr, "crt_export: %s", gnutls_strerror (result));
++ exit(1);
++ }
+
+ fwrite (buffer, 1, size, outfile);
+
+@@ -765,12 +873,18 @@ generate_signed_certificate (common_info_st * cinfo)
+
+ result = gnutls_x509_crt_privkey_sign (crt, ca_crt, ca_key, get_dig (ca_crt), 0);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "crt_sign: %s", gnutls_strerror (result));
++ {
++ fprintf(stderr, "crt_sign: %s", gnutls_strerror (result));
++ exit(1);
++ }
+
+ size = buffer_size;
+ result = gnutls_x509_crt_export (crt, outcert_format, buffer, &size);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "crt_export: %s", gnutls_strerror (result));
++ {
++ fprintf(stderr, "crt_export: %s", gnutls_strerror (result));
++ exit(1);
++ }
+
+ fwrite (buffer, 1, size, outfile);
+
+@@ -800,12 +914,18 @@ generate_proxy_certificate (common_info_st * cinfo)
+
+ result = gnutls_x509_crt_privkey_sign (crt, eecrt, eekey, get_dig (eecrt), 0);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "crt_sign: %s", gnutls_strerror (result));
++ {
++ fprintf(stderr, "crt_sign: %s", gnutls_strerror (result));
++ exit(1);
++ }
+
+ size = buffer_size;
+ result = gnutls_x509_crt_export (crt, outcert_format, buffer, &size);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "crt_export: %s", gnutls_strerror (result));
++ {
++ fprintf(stderr, "crt_export: %s", gnutls_strerror (result));
++ exit(1);
++ }
+
+ fwrite (buffer, 1, size, outfile);
+
+@@ -832,7 +952,10 @@ generate_signed_crl (common_info_st * cinfo)
+ fprintf (stderr, "\n");
+ result = gnutls_x509_crl_privkey_sign(crl, ca_crt, ca_key, get_dig (ca_crt), 0);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "crl_privkey_sign: %s", gnutls_strerror (result));
++ {
++ fprintf(stderr, "crl_privkey_sign: %s", gnutls_strerror (result));
++ exit(1);
++ }
+
+ print_crl_info (crl, stderr);
+
+@@ -865,18 +988,27 @@ update_signed_certificate (common_info_st * cinfo)
+ result =
+ gnutls_x509_crt_set_expiration_time (crt, tim + ((time_t) days) * 24 * 60 * 60);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "set_expiration: %s", gnutls_strerror (result));
++ {
++ fprintf(stderr, "set_expiration: %s", gnutls_strerror (result));
++ exit(1);
++ }
+
+ fprintf (stderr, "\n\nSigning certificate...\n");
+
+ result = gnutls_x509_crt_privkey_sign (crt, ca_crt, ca_key, get_dig (ca_crt), 0);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "crt_sign: %s", gnutls_strerror (result));
++ {
++ fprintf(stderr, "crt_sign: %s", gnutls_strerror (result));
++ exit(1);
++ }
+
+ size = buffer_size;
+ result = gnutls_x509_crt_export (crt, outcert_format, buffer, &size);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "crt_export: %s", gnutls_strerror (result));
++ {
++ fprintf(stderr, "crt_export: %s", gnutls_strerror (result));
++ exit(1);
++ }
+
+ fwrite (buffer, 1, size, outfile);
+
+@@ -902,7 +1034,10 @@ cmd_parser (int argc, char **argv)
+ {
+ outfile = safe_open_rw (OPT_ARG(OUTFILE), privkey_op);
+ if (outfile == NULL)
+- error (EXIT_FAILURE, errno, "%s", OPT_ARG(OUTFILE));
++ {
++ fprintf(stderr, "%s", OPT_ARG(OUTFILE));
++ exit(1);
++ }
+ }
+ else
+ outfile = stdout;
+@@ -911,7 +1046,10 @@ cmd_parser (int argc, char **argv)
+ {
+ infile = fopen (OPT_ARG(INFILE), "rb");
+ if (infile == NULL)
+- error (EXIT_FAILURE, errno, "%s", OPT_ARG(INFILE));
++ {
++ fprintf(stderr, "%s", OPT_ARG(INFILE));
++ exit(1);
++ }
+ }
+ else
+ infile = stdin;
+@@ -955,7 +1093,10 @@ cmd_parser (int argc, char **argv)
+ else if (strcasecmp (OPT_ARG(HASH), "rmd160") == 0)
+ default_dig = GNUTLS_DIG_RMD160;
+ else
+- error (EXIT_FAILURE, 0, "invalid hash: %s", OPT_ARG(HASH));
++ {
++ fprintf(stderr, "invalid hash: %s", OPT_ARG(HASH));
++ exit(1);
++ }
+ }
+
+ batch = 0;
+@@ -974,7 +1115,10 @@ cmd_parser (int argc, char **argv)
+ }
+
+ if ((ret = gnutls_global_init ()) < 0)
+- error (EXIT_FAILURE, 0, "global_init: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "global_init: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ #ifdef ENABLE_PKCS11
+ pkcs11_common();
+@@ -1124,14 +1268,17 @@ certificate_info (int pubkey, common_info_st * cinfo)
+ GNUTLS_X509_CRT_LIST_IMPORT_FAIL_IF_EXCEED);
+ if (ret == GNUTLS_E_SHORT_MEMORY_BUFFER)
+ {
+- error (0, 0, "too many certificates (%d); "
++ fprintf( stderr, "too many certificates (%d); "
+ "will only read the first %d", crt_num, MAX_CRTS);
+ crt_num = MAX_CRTS;
+ ret = gnutls_x509_crt_list_import (crt, &crt_num, &pem,
+ incert_format, 0);
+ }
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "import error: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "import error: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ free (pem.data);
+
+@@ -1139,7 +1286,7 @@ certificate_info (int pubkey, common_info_st * cinfo)
+
+ if (count > 1 && outcert_format == GNUTLS_X509_FMT_DER)
+ {
+- error (0, 0, "cannot output multiple certificates in DER format; "
++ fprintf( stderr, "cannot output multiple certificates in DER format; "
+ "using PEM instead");
+ outcert_format = GNUTLS_X509_FMT_PEM;
+ }
+@@ -1160,7 +1307,10 @@ certificate_info (int pubkey, common_info_st * cinfo)
+ ret = gnutls_x509_crt_export (crt[i], outcert_format, buffer,
+ &size);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "export error: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "export error: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ fwrite (buffer, 1, size, outfile);
+ }
+@@ -1185,12 +1335,18 @@ pgp_certificate_info (void)
+
+ ret = gnutls_openpgp_crt_init (&crt);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "openpgp_crt_init: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "openpgp_crt_init: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ ret = gnutls_openpgp_crt_import (crt, &pem, incert_format);
+
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "import error: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "import error: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ free (pem.data);
+
+@@ -1209,8 +1365,11 @@ pgp_certificate_info (void)
+ ret = gnutls_openpgp_crt_verify_self (crt, 0, &verify_status);
+ if (ret < 0)
+ {
+- error (EXIT_FAILURE, 0, "verify signature error: %s",
++ {
++ fprintf(stderr, "verify signature error: %s",
+ gnutls_strerror (ret));
++ exit(1);
++ }
+ }
+
+ if (verify_status & GNUTLS_CERT_INVALID)
+@@ -1227,8 +1386,8 @@ pgp_certificate_info (void)
+ ret = gnutls_openpgp_crt_export (crt, outcert_format, buffer, &size);
+ if (ret < 0)
+ {
+- error (EXIT_FAILURE, 0, "export error: %s", gnutls_strerror (ret));
+- fwrite (buffer, 1, size, outfile);
++ fprintf(stderr, "export error: %s", gnutls_strerror (ret));
++ exit(1);
+ }
+
+ fprintf (outfile, "%s\n", buffer);
+@@ -1257,14 +1416,20 @@ pgp_privkey_info (void)
+ NULL, 0);
+
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "import error: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "import error: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ /* Public key algorithm
+ */
+ subkeys = gnutls_openpgp_privkey_get_subkey_count (key);
+ if (subkeys < 0)
+- error (EXIT_FAILURE, 0, "privkey_get_subkey_count: %s",
++ {
++ fprintf(stderr, "privkey_get_subkey_count: %s",
+ gnutls_strerror (subkeys));
++ exit(1);
++ }
+
+ for (i = -1; i < subkeys; i++)
+ {
+@@ -1378,7 +1543,10 @@ pgp_privkey_info (void)
+ ret = gnutls_openpgp_privkey_export (key, GNUTLS_OPENPGP_FMT_BASE64,
+ NULL, 0, buffer, &size);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "export error: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "export error: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ fprintf (outfile, "\n%s\n", buffer);
+
+@@ -1399,13 +1567,19 @@ pgp_ring_info (void)
+
+ ret = gnutls_openpgp_keyring_init (&ring);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "openpgp_keyring_init: %s",
++ {
++ fprintf(stderr, "openpgp_keyring_init: %s",
+ gnutls_strerror (ret));
++ exit(1);
++ }
+
+ ret = gnutls_openpgp_keyring_import (ring, &pem, incert_format);
+
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "import error: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "import error: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ free (pem.data);
+
+@@ -1413,19 +1587,28 @@ pgp_ring_info (void)
+ if (count >= 0)
+ fprintf (outfile, "Keyring contains %d OpenPGP certificates\n\n", count);
+ else
+- error (EXIT_FAILURE, 0, "keyring error: %s", gnutls_strerror (count));
++ {
++ fprintf(stderr, "keyring error: %s", gnutls_strerror (count));
++ exit(1);
++ }
+
+ for (i = 0; i < count; i++)
+ {
+ ret = gnutls_openpgp_keyring_get_crt (ring, i, &crt);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "export error: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "export error: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ size = buffer_size;
+ ret = gnutls_openpgp_crt_export (crt, outcert_format,
+ buffer, &size);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "export error: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "export error: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ fwrite (buffer, 1, size, outfile);
+ fprintf (outfile, "\n\n");
+@@ -1475,7 +1658,10 @@ print_crl_info (gnutls_x509_crl_t crl, FILE * out)
+
+ ret = gnutls_x509_crl_print (crl, full_format, &data);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "crl_print: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "crl_print: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ fprintf (out, "%s\n", data.data);
+
+@@ -1484,7 +1670,10 @@ print_crl_info (gnutls_x509_crl_t crl, FILE * out)
+ size = buffer_size;
+ ret = gnutls_x509_crl_export (crl, GNUTLS_X509_FMT_PEM, buffer, &size);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "crl_export: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "crl_export: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ fwrite (buffer, 1, size, outfile);
+ }
+@@ -1499,20 +1688,29 @@ crl_info (void)
+
+ ret = gnutls_x509_crl_init (&crl);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "crl_init: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "crl_init: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ pem.data = (void*)fread_file (infile, &size);
+ pem.size = size;
+
+ if (!pem.data)
+- error (EXIT_FAILURE, errno, "%s", infile ? "file" :
++ {
++ fprintf(stderr, "%s", infile ? "file" :
+ "standard input");
++ exit(1);
++ }
+
+ ret = gnutls_x509_crl_import (crl, &pem, incert_format);
+
+ free (pem.data);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "import error: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "import error: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ print_crl_info (crl, outfile);
+
+@@ -1530,7 +1728,10 @@ print_crq_info (gnutls_x509_crq_t crq, FILE * out)
+ {
+ ret = gnutls_x509_crq_print (crq, full_format, &data);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "crq_print: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "crq_print: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ fprintf (out, "%s\n", data.data);
+
+@@ -1550,7 +1751,10 @@ print_crq_info (gnutls_x509_crq_t crq, FILE * out)
+ size = buffer_size;
+ ret = gnutls_x509_crq_export (crq, outcert_format, buffer, &size);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "crq_export: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "crq_export: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ fwrite (buffer, 1, size, outfile);
+ }
+@@ -1565,20 +1769,29 @@ crq_info (void)
+
+ ret = gnutls_x509_crq_init (&crq);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "crq_init: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "crq_init: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ pem.data = (void*)fread_file (infile, &size);
+ pem.size = size;
+
+ if (!pem.data)
+- error (EXIT_FAILURE, errno, "%s", infile ? "file" :
++ {
++ fprintf(stderr, "%s", infile ? "file" :
+ "standard input");
++ exit(1);
++ }
+
+ ret = gnutls_x509_crq_import (crq, &pem, incert_format);
+
+ free (pem.data);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "import error: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "import error: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ print_crq_info (crq, outfile);
+
+@@ -1724,7 +1937,10 @@ privkey_info (common_info_st* cinfo)
+ incert_format, pass, flags);
+ }
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "import error: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "import error: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ if (outcert_format == GNUTLS_X509_FMT_PEM)
+ privkey_info_int (cinfo, key);
+@@ -1736,7 +1952,10 @@ privkey_info (common_info_st* cinfo)
+ size = buffer_size;
+ ret = gnutls_x509_privkey_export (key, outcert_format, buffer, &size);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "export error: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "export error: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ fwrite (buffer, 1, size, outfile);
+
+@@ -1761,7 +1980,10 @@ generate_request (common_info_st * cinfo)
+
+ ret = gnutls_x509_crq_init (&crq);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "crq_init: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "crq_init: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+
+ /* Load the private key.
+@@ -1771,7 +1993,10 @@ generate_request (common_info_st * cinfo)
+ {
+ ret = gnutls_privkey_init (&pkey);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "privkey_init: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "privkey_init: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ xkey = generate_private_key_int (cinfo);
+
+@@ -1779,7 +2004,10 @@ generate_request (common_info_st * cinfo)
+
+ ret = gnutls_privkey_import_x509(pkey, xkey, GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "privkey_import_x509: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "privkey_import_x509: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+ }
+
+ pubkey = load_public_key_or_import (1, pkey, cinfo);
+@@ -1812,7 +2040,10 @@ generate_request (common_info_st * cinfo)
+ {
+ ret = gnutls_x509_crq_set_challenge_password (crq, pass);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "set_pass: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "set_pass: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+ }
+
+ if (cinfo->crq_extensions != 0)
+@@ -1825,8 +2056,11 @@ generate_request (common_info_st * cinfo)
+
+ ret = gnutls_x509_crq_set_basic_constraints (crq, ca_status, path_len);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "set_basic_constraints: %s",
++ {
++ fprintf(stderr, "set_basic_constraints: %s",
+ gnutls_strerror (ret));
++ exit(1);
++ }
+
+ if (pk == GNUTLS_PK_RSA)
+ {
+@@ -1861,7 +2095,10 @@ generate_request (common_info_st * cinfo)
+ ret = gnutls_x509_crq_set_key_purpose_oid
+ (crq, GNUTLS_KP_CODE_SIGNING, 0);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "key_kp: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "key_kp: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+ }
+
+ ret = get_ocsp_sign_status ();
+@@ -1870,7 +2107,10 @@ generate_request (common_info_st * cinfo)
+ ret = gnutls_x509_crq_set_key_purpose_oid
+ (crq, GNUTLS_KP_OCSP_SIGNING, 0);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "key_kp: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "key_kp: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+ }
+
+ ret = get_time_stamp_status ();
+@@ -1879,7 +2119,10 @@ generate_request (common_info_st * cinfo)
+ ret = gnutls_x509_crq_set_key_purpose_oid
+ (crq, GNUTLS_KP_TIME_STAMPING, 0);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "key_kp: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "key_kp: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+ }
+
+ ret = get_ipsec_ike_status ();
+@@ -1888,13 +2131,19 @@ generate_request (common_info_st * cinfo)
+ ret = gnutls_x509_crq_set_key_purpose_oid
+ (crq, GNUTLS_KP_IPSEC_IKE, 0);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "key_kp: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "key_kp: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+ }
+ }
+
+ ret = gnutls_x509_crq_set_key_usage (crq, usage);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "key_usage: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "key_usage: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ ret = get_tls_client_status ();
+ if (ret != 0)
+@@ -1902,7 +2151,10 @@ generate_request (common_info_st * cinfo)
+ ret = gnutls_x509_crq_set_key_purpose_oid
+ (crq, GNUTLS_KP_TLS_WWW_CLIENT, 0);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "key_kp: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "key_kp: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+ }
+
+ ret = get_tls_server_status ();
+@@ -1911,7 +2163,10 @@ generate_request (common_info_st * cinfo)
+ ret = gnutls_x509_crq_set_key_purpose_oid
+ (crq, GNUTLS_KP_TLS_WWW_SERVER, 0);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "key_kp: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "key_kp: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+ }
+
+ get_key_purpose_set (TYPE_CRQ, crq);
+@@ -1919,11 +2174,17 @@ generate_request (common_info_st * cinfo)
+
+ ret = gnutls_x509_crq_set_pubkey (crq, pubkey);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "set_key: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "set_key: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ ret = gnutls_x509_crq_privkey_sign (crq, pkey, get_dig_for_pub (pubkey), 0);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "sign: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "sign: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ print_crq_info (crq, outfile);
+
+@@ -1950,13 +2211,19 @@ static int detailed_verification(gnutls_x509_crt_t cert,
+ ret =
+ gnutls_x509_crt_get_issuer_dn (cert, issuer_name, &issuer_name_size);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "gnutls_x509_crt_get_issuer_dn: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "gnutls_x509_crt_get_issuer_dn: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ name_size = sizeof (name);
+ ret =
+ gnutls_x509_crt_get_dn (cert, name, &name_size);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "gnutls_x509_crt_get_dn: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "gnutls_x509_crt_get_dn: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ fprintf (outfile, "\tSubject: %s\n", name);
+ fprintf (outfile, "\tIssuer: %s\n", issuer_name);
+@@ -1967,7 +2234,10 @@ static int detailed_verification(gnutls_x509_crt_t cert,
+ ret =
+ gnutls_x509_crt_get_dn (issuer, issuer_name, &issuer_name_size);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "gnutls_x509_crt_get_issuer_dn: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "gnutls_x509_crt_get_issuer_dn: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ fprintf (outfile, "\tChecked against: %s\n", issuer_name);
+ }
+@@ -1980,7 +2250,10 @@ static int detailed_verification(gnutls_x509_crt_t cert,
+ ret =
+ gnutls_x509_crl_get_issuer_dn (crl, issuer_name, &issuer_name_size);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "gnutls_x509_crl_get_issuer_dn: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "gnutls_x509_crl_get_issuer_dn: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ name_size = sizeof(tmp);
+ ret = gnutls_x509_crl_get_number(crl, tmp, &name_size, NULL);
+@@ -1994,7 +2267,10 @@ static int detailed_verification(gnutls_x509_crt_t cert,
+ name_size = sizeof(name);
+ ret = gnutls_hex_encode(&data, name, &name_size);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "gnutls_hex_encode: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "gnutls_hex_encode: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+ }
+ fprintf (outfile, "\tChecked against CRL[%s] of: %s\n", name, issuer_name);
+ }
+@@ -2025,8 +2301,11 @@ _verify_x509_mem (const void *cert, int cert_size, const void* ca, int ca_size)
+
+ ret = gnutls_x509_trust_list_init(&list, 0);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "gnutls_x509_trust_list_init: %s",
++ {
++ fprintf(stderr, "gnutls_x509_trust_list_init: %s",
+ gnutls_strerror (ret));
++ exit(1);
++ }
+
+ if (ca == NULL)
+ {
+@@ -2042,8 +2321,11 @@ _verify_x509_mem (const void *cert, int cert_size, const void* ca, int ca_size)
+ ret = gnutls_x509_crt_list_import2( &x509_ca_list, &x509_ncas, &tmp,
+ GNUTLS_X509_FMT_PEM, 0);
+ if (ret < 0 || x509_ncas < 1)
+- error (EXIT_FAILURE, 0, "error parsing CAs: %s",
++ {
++ fprintf(stderr, "error parsing CAs: %s",
+ gnutls_strerror (ret));
++ exit(1);
++ }
+ }
+
+ ret = gnutls_x509_crl_list_import2( &x509_crl_list, &x509_ncrls, &tmp,
+@@ -2061,8 +2343,11 @@ _verify_x509_mem (const void *cert, int cert_size, const void* ca, int ca_size)
+ ret = gnutls_x509_crt_list_import2( &x509_cert_list, &x509_ncerts, &tmp,
+ GNUTLS_X509_FMT_PEM, 0);
+ if (ret < 0 || x509_ncerts < 1)
+- error (EXIT_FAILURE, 0, "error parsing CRTs: %s",
++ {
++ fprintf(stderr, "error parsing CRTs: %s",
+ gnutls_strerror (ret));
++ exit(1);
++ }
+
+ if (ca == NULL)
+ {
+@@ -2075,13 +2360,19 @@ _verify_x509_mem (const void *cert, int cert_size, const void* ca, int ca_size)
+
+ ret = gnutls_x509_trust_list_add_cas(list, x509_ca_list, x509_ncas, 0);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "gnutls_x509_trust_add_cas: %s",
++ {
++ fprintf(stderr, "gnutls_x509_trust_add_cas: %s",
+ gnutls_strerror (ret));
++ exit(1);
++ }
+
+ ret = gnutls_x509_trust_list_add_crls(list, x509_crl_list, x509_ncrls, 0, 0);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "gnutls_x509_trust_add_crls: %s",
++ {
++ fprintf(stderr, "gnutls_x509_trust_add_crls: %s",
+ gnutls_strerror (ret));
++ exit(1);
++ }
+
+ gnutls_free(x509_crl_list);
+
+@@ -2089,8 +2380,11 @@ _verify_x509_mem (const void *cert, int cert_size, const void* ca, int ca_size)
+ GNUTLS_VERIFY_DO_NOT_ALLOW_SAME|GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT, &output,
+ detailed_verification);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "gnutls_x509_trusted_list_verify_crt: %s",
++ {
++ fprintf(stderr, "gnutls_x509_trusted_list_verify_crt: %s",
+ gnutls_strerror (ret));
++ exit(1);
++ }
+
+ fprintf (outfile, "Chain verification output: ");
+ print_verification_res(outfile, output);
+@@ -2140,7 +2434,10 @@ verify_chain (void)
+
+ buf = (void*)fread_file (infile, &size);
+ if (buf == NULL)
+- error (EXIT_FAILURE, errno, "reading chain");
++ {
++ fprintf(stderr, "reading chain");
++ exit(1);
++ }
+
+ buf[size] = 0;
+
+@@ -2157,17 +2454,26 @@ verify_certificate (common_info_st * cinfo)
+ FILE * ca_file = fopen(cinfo->ca, "r");
+
+ if (ca_file == NULL)
+- error (EXIT_FAILURE, errno, "opening CA file");
++ {
++ fprintf(stderr, "opening CA file");
++ exit(1);
++ }
+
+ cert = (void*)fread_file (infile, &cert_size);
+ if (cert == NULL)
+- error (EXIT_FAILURE, errno, "reading certificate chain");
++ {
++ fprintf(stderr, "reading certificate chain");
++ exit(1);
++ }
+
+ cert[cert_size] = 0;
+
+ cas = (void*)fread_file (ca_file, &ca_size);
+ if (cas == NULL)
+- error (EXIT_FAILURE, errno, "reading CA list");
++ {
++ fprintf(stderr, "reading CA list");
++ exit(1);
++ }
+
+ cas[ca_size] = 0;
+ fclose(ca_file);
+@@ -2195,13 +2501,19 @@ verify_crl (common_info_st * cinfo)
+ dn_size = sizeof (dn);
+ ret = gnutls_x509_crt_get_dn (issuer, dn, &dn_size);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "crt_get_dn: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "crt_get_dn: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ fprintf (outfile, "\tSubject: %s\n\n", dn);
+
+ ret = gnutls_x509_crl_init (&crl);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "crl_init: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "crl_init: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ pem.data = (void*)fread_file (infile, &size);
+ pem.size = size;
+@@ -2209,14 +2521,20 @@ verify_crl (common_info_st * cinfo)
+ ret = gnutls_x509_crl_import (crl, &pem, incert_format);
+ free (pem.data);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "import error: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "import error: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ print_crl_info (crl, outfile);
+
+ fprintf (outfile, "Verification output: ");
+ ret = gnutls_x509_crl_verify (crl, &issuer, 1, 0, &output);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "verification error: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "verification error: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ if (output)
+ {
+@@ -2265,7 +2583,10 @@ generate_pkcs8 (common_info_st * cinfo)
+ password, flags, buffer, &size);
+
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "key_export: %s", gnutls_strerror (result));
++ {
++ fprintf(stderr, "key_export: %s", gnutls_strerror (result));
++ exit(1);
++ }
+
+ fwrite (buffer, 1, size, outfile);
+
+@@ -2302,7 +2623,10 @@ generate_pkcs12 (common_info_st * cinfo)
+
+ result = gnutls_pkcs12_init (&pkcs12);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "pkcs12_init: %s", gnutls_strerror (result));
++ {
++ fprintf(stderr, "pkcs12_init: %s", gnutls_strerror (result));
++ exit(1);
++ }
+
+ pass = get_password(cinfo, &flags, 1);
+ flags |= cipher_to_flags (cinfo->pkcs_cipher);
+@@ -2313,12 +2637,18 @@ generate_pkcs12 (common_info_st * cinfo)
+
+ result = gnutls_pkcs12_bag_init (&bag);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "bag_init: %s", gnutls_strerror (result));
++ {
++ fprintf(stderr, "bag_init: %s", gnutls_strerror (result));
++ exit(1);
++ }
+
+ result = gnutls_pkcs12_bag_set_crt (bag, crts[i]);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "set_crt[%d]: %s", i,
++ {
++ fprintf(stderr, "set_crt[%d]: %s", i,
+ gnutls_strerror (result));
++ exit(1);
++ }
+
+ indx = result;
+
+@@ -2326,31 +2656,46 @@ generate_pkcs12 (common_info_st * cinfo)
+ {
+ result = gnutls_pkcs12_bag_set_friendly_name (bag, indx, name);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "bag_set_friendly_name: %s",
++ {
++ fprintf(stderr, "bag_set_friendly_name: %s",
+ gnutls_strerror (result));
++ exit(1);
++ }
+ }
+
+ size = sizeof (_key_id);
+ result = gnutls_x509_crt_get_key_id (crts[i], 0, _key_id, &size);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "key_id[%d]: %s", i,
++ {
++ fprintf(stderr, "key_id[%d]: %s", i,
+ gnutls_strerror (result));
++ exit(1);
++ }
+
+ key_id.data = _key_id;
+ key_id.size = size;
+
+ result = gnutls_pkcs12_bag_set_key_id (bag, indx, &key_id);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "bag_set_key_id: %s",
++ {
++ fprintf(stderr, "bag_set_key_id: %s",
+ gnutls_strerror (result));
++ exit(1);
++ }
+
+ result = gnutls_pkcs12_bag_encrypt (bag, pass, flags);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "bag_encrypt: %s", gnutls_strerror (result));
++ {
++ fprintf(stderr, "bag_encrypt: %s", gnutls_strerror (result));
++ exit(1);
++ }
+
+ result = gnutls_pkcs12_set_bag (pkcs12, bag);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "set_bag: %s", gnutls_strerror (result));
++ {
++ fprintf(stderr, "set_bag: %s", gnutls_strerror (result));
++ exit(1);
++ }
+ }
+
+ for (i = 0; i < nkeys; i++)
+@@ -2359,14 +2704,20 @@ generate_pkcs12 (common_info_st * cinfo)
+
+ result = gnutls_pkcs12_bag_init (&kbag);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "bag_init: %s", gnutls_strerror (result));
++ {
++ fprintf(stderr, "bag_init: %s", gnutls_strerror (result));
++ exit(1);
++ }
+
+ size = buffer_size;
+ result =
+ gnutls_x509_privkey_export_pkcs8 (keys[i], GNUTLS_X509_FMT_DER,
+ pass, flags, buffer, &size);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "key_export[%d]: %s", i, gnutls_strerror (result));
++ {
++ fprintf(stderr, "key_export[%d]: %s", i, gnutls_strerror (result));
++ exit(1);
++ }
+
+ data.data = buffer;
+ data.size = size;
+@@ -2374,41 +2725,62 @@ generate_pkcs12 (common_info_st * cinfo)
+ gnutls_pkcs12_bag_set_data (kbag,
+ GNUTLS_BAG_PKCS8_ENCRYPTED_KEY, &data);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "bag_set_data: %s", gnutls_strerror (result));
++ {
++ fprintf(stderr, "bag_set_data: %s", gnutls_strerror (result));
++ exit(1);
++ }
+
+ indx = result;
+
+ result = gnutls_pkcs12_bag_set_friendly_name (kbag, indx, name);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "bag_set_friendly_name: %s",
++ {
++ fprintf(stderr, "bag_set_friendly_name: %s",
+ gnutls_strerror (result));
++ exit(1);
++ }
+
+ size = sizeof (_key_id);
+ result = gnutls_x509_privkey_get_key_id (keys[i], 0, _key_id, &size);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "key_id[%d]: %s", i, gnutls_strerror (result));
++ {
++ fprintf(stderr, "key_id[%d]: %s", i, gnutls_strerror (result));
++ exit(1);
++ }
+
+ key_id.data = _key_id;
+ key_id.size = size;
+
+ result = gnutls_pkcs12_bag_set_key_id (kbag, indx, &key_id);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "bag_set_key_id: %s",
++ {
++ fprintf(stderr, "bag_set_key_id: %s",
+ gnutls_strerror (result));
++ exit(1);
++ }
+
+ result = gnutls_pkcs12_set_bag (pkcs12, kbag);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "set_bag: %s", gnutls_strerror (result));
++ {
++ fprintf(stderr, "set_bag: %s", gnutls_strerror (result));
++ exit(1);
++ }
+ }
+
+ result = gnutls_pkcs12_generate_mac (pkcs12, pass);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "generate_mac: %s", gnutls_strerror (result));
++ {
++ fprintf(stderr, "generate_mac: %s", gnutls_strerror (result));
++ exit(1);
++ }
+
+ size = buffer_size;
+ result = gnutls_pkcs12_export (pkcs12, outcert_format, buffer, &size);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "pkcs12_export: %s", gnutls_strerror (result));
++ {
++ fprintf(stderr, "pkcs12_export: %s", gnutls_strerror (result));
++ exit(1);
++ }
+
+ fwrite (buffer, 1, size, outfile);
+
+@@ -2449,7 +2821,10 @@ print_bag_data (gnutls_pkcs12_bag_t bag)
+
+ count = gnutls_pkcs12_bag_get_count (bag);
+ if (count < 0)
+- error (EXIT_FAILURE, 0, "get_count: %s", gnutls_strerror (count));
++ {
++ fprintf(stderr, "get_count: %s", gnutls_strerror (count));
++ exit(1);
++ }
+
+ fprintf (outfile, "\tElements: %d\n", count);
+
+@@ -2457,15 +2832,22 @@ print_bag_data (gnutls_pkcs12_bag_t bag)
+ {
+ type = gnutls_pkcs12_bag_get_type (bag, i);
+ if (type < 0)
+- error (EXIT_FAILURE, 0, "get_type: %s", gnutls_strerror (type));
++ {
++ fprintf(stderr, "get_type: %s", gnutls_strerror (type));
++ exit(1);
++ }
+
+ fprintf (stderr, "\tType: %s\n", BAGTYPE (type));
+
+ name = NULL;
+ result = gnutls_pkcs12_bag_get_friendly_name (bag, i, (char **) &name);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "get_friendly_name: %s",
++ {
++ fprintf(stderr, "get_friendly_name: %s",
+ gnutls_strerror (type));
++ exit(1);
++ }
++
+ if (name)
+ fprintf (outfile, "\tFriendly name: %s\n", name);
+
+@@ -2473,13 +2855,20 @@ print_bag_data (gnutls_pkcs12_bag_t bag)
+ id.size = 0;
+ result = gnutls_pkcs12_bag_get_key_id (bag, i, &id);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "get_key_id: %s", gnutls_strerror (type));
++ {
++ fprintf(stderr, "get_key_id: %s", gnutls_strerror (type));
++ exit(1);
++ }
++
+ if (id.size > 0)
+ fprintf (outfile, "\tKey ID: %s\n", raw_to_string (id.data, id.size));
+
+ result = gnutls_pkcs12_bag_get_data (bag, i, &cdata);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "get_data: %s", gnutls_strerror (result));
++ {
++ fprintf(stderr, "get_data: %s", gnutls_strerror (result));
++ exit(1);
++ }
+
+ switch (type)
+ {
+@@ -2525,7 +2914,10 @@ pkcs12_info (common_info_st* cinfo)
+
+ result = gnutls_pkcs12_init (&pkcs12);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "p12_init: %s", gnutls_strerror (result));
++ {
++ fprintf(stderr, "p12_init: %s", gnutls_strerror (result));
++ exit(1);
++ }
+
+ data.data = (void*)fread_file (infile, &size);
+ data.size = size;
+@@ -2533,7 +2925,10 @@ pkcs12_info (common_info_st* cinfo)
+ result = gnutls_pkcs12_import (pkcs12, &data, incert_format, 0);
+ free (data.data);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "p12_import: %s", gnutls_strerror (result));
++ {
++ fprintf(stderr, "p12_import: %s", gnutls_strerror (result));
++ exit(1);
++ }
+
+ pass = get_password(cinfo, NULL, 0);
+
+@@ -2541,14 +2936,17 @@ pkcs12_info (common_info_st* cinfo)
+ if (result < 0)
+ {
+ fail = 1;
+- error (0, 0, "verify_mac: %s", gnutls_strerror (result));
++ fprintf (stderr, "verify_mac: %s", gnutls_strerror (result));
+ }
+
+ for (indx = 0;; indx++)
+ {
+ result = gnutls_pkcs12_bag_init (&bag);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "bag_init: %s", gnutls_strerror (result));
++ {
++ fprintf(stderr, "bag_init: %s", gnutls_strerror (result));
++ exit(1);
++ }
+
+ result = gnutls_pkcs12_get_bag (pkcs12, indx, bag);
+ if (result < 0)
+@@ -2556,13 +2954,19 @@ pkcs12_info (common_info_st* cinfo)
+
+ result = gnutls_pkcs12_bag_get_count (bag);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "bag_count: %s", gnutls_strerror (result));
++ {
++ fprintf(stderr, "bag_count: %s", gnutls_strerror (result));
++ exit(1);
++ }
+
+ fprintf (outfile, "BAG #%d\n", indx);
+
+ result = gnutls_pkcs12_bag_get_type (bag, 0);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "bag_init: %s", gnutls_strerror (result));
++ {
++ fprintf(stderr, "bag_init: %s", gnutls_strerror (result));
++ exit(1);
++ }
+
+ if (result == GNUTLS_BAG_ENCRYPTED)
+ {
+@@ -2574,14 +2978,17 @@ pkcs12_info (common_info_st* cinfo)
+ if (result < 0)
+ {
+ fail = 1;
+- error (0, 0, "bag_decrypt: %s", gnutls_strerror (result));
++ fprintf(stderr, "bag_decrypt: %s", gnutls_strerror (result));
+ continue;
+ }
+
+ result = gnutls_pkcs12_bag_get_count (bag);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "encrypted bag_count: %s",
++ {
++ fprintf(stderr, "encrypted bag_count: %s",
+ gnutls_strerror (result));
++ exit(1);
++ }
+ }
+
+ print_bag_data (bag);
+@@ -2590,7 +2997,10 @@ pkcs12_info (common_info_st* cinfo)
+ }
+
+ if (fail)
+- error (EXIT_FAILURE, 0, "There were errors parsing the structure\n");
++ {
++ fprintf(stderr, "There were errors parsing the structure\n");
++ exit(1);
++ }
+ }
+
+ void
+@@ -2604,7 +3014,10 @@ pkcs7_info (void)
+
+ result = gnutls_pkcs7_init (&pkcs7);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "p7_init: %s", gnutls_strerror (result));
++ {
++ fprintf(stderr, "p7_init: %s", gnutls_strerror (result));
++ exit(1);
++ }
+
+ data.data = (void*)fread_file (infile, &size);
+ data.size = size;
+@@ -2612,13 +3025,19 @@ pkcs7_info (void)
+ result = gnutls_pkcs7_import (pkcs7, &data, incert_format);
+ free (data.data);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "import error: %s", gnutls_strerror (result));
++ {
++ fprintf(stderr, "import error: %s", gnutls_strerror (result));
++ exit(1);
++ }
+
+ /* Read and print the certificates.
+ */
+ result = gnutls_pkcs7_get_crt_count (pkcs7);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "p7_crt_count: %s", gnutls_strerror (result));
++ {
++ fprintf(stderr, "p7_crt_count: %s", gnutls_strerror (result));
++ exit(1);
++ }
+
+ count = result;
+
+@@ -2639,7 +3058,10 @@ pkcs7_info (void)
+
+ result = gnutls_pem_base64_encode_alloc ("CERTIFICATE", &data, &b64);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "encoding: %s", gnutls_strerror (result));
++ {
++ fprintf(stderr, "encoding: %s", gnutls_strerror (result));
++ exit(1);
++ }
+
+ fputs ((void*)b64.data, outfile);
+ gnutls_free (b64.data);
+@@ -2649,7 +3071,10 @@ pkcs7_info (void)
+ */
+ result = gnutls_pkcs7_get_crl_count (pkcs7);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "p7_crl_count: %s", gnutls_strerror (result));
++ {
++ fprintf(stderr, "p7_crl_count: %s", gnutls_strerror (result));
++ exit(1);
++ }
+
+ count = result;
+
+@@ -2670,7 +3095,10 @@ pkcs7_info (void)
+
+ result = gnutls_pem_base64_encode_alloc ("X509 CRL", &data, &b64);
+ if (result < 0)
+- error (EXIT_FAILURE, 0, "encoding: %s", gnutls_strerror (result));
++ {
++ fprintf(stderr, "encoding: %s", gnutls_strerror (result));
++ exit(1);
++ }
+
+ fputs ((void*)b64.data, outfile);
+ gnutls_free (b64.data);
+@@ -2690,7 +3118,10 @@ smime_to_pkcs7 (void)
+ {
+ len = getline (&lineptr, &linesize, infile);
+ if (len == -1)
+- error (EXIT_FAILURE, 0, "cannot find RFC 2822 header/body separator");
++ {
++ fprintf(stderr, "cannot find RFC 2822 header/body separator");
++ exit(1);
++ }
+ }
+ while (strcmp (lineptr, "\r\n") != 0 && strcmp (lineptr, "\n") != 0);
+
+@@ -2698,7 +3129,10 @@ smime_to_pkcs7 (void)
+ {
+ len = getline (&lineptr, &linesize, infile);
+ if (len == -1)
+- error (EXIT_FAILURE, 0, "message has RFC 2822 header but no body");
++ {
++ fprintf(stderr, "message has RFC 2822 header but no body");
++ exit(1);
++ }
+ }
+ while (strcmp (lineptr, "\r\n") == 0 && strcmp (lineptr, "\n") == 0);
+
+@@ -2733,7 +3167,8 @@ pubkey_info (gnutls_x509_crt_t crt, common_info_st * cinfo)
+ ret = gnutls_pubkey_init (&pubkey);
+ if (ret < 0)
+ {
+- error (EXIT_FAILURE, 0, "pubkey_init: %s", gnutls_strerror (ret));
++ fprintf(stderr, "pubkey_init: %s", gnutls_strerror (ret));
++ exit(1);
+ }
+
+ if (crt == NULL)
+@@ -2750,15 +3185,21 @@ pubkey_info (gnutls_x509_crt_t crt, common_info_st * cinfo)
+ {
+ ret = gnutls_pubkey_import_x509 (pubkey, crt, 0);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "pubkey_import_x509: %s",
++ {
++ fprintf(stderr, "pubkey_import_x509: %s",
+ gnutls_strerror (ret));
++ exit(1);
++ }
+ }
+ else if (crq != NULL)
+ {
+ ret = gnutls_pubkey_import_x509_crq (pubkey, crq, 0);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "pubkey_import_x509_crq: %s",
++ {
++ fprintf(stderr, "pubkey_import_x509_crq: %s",
+ gnutls_strerror (ret));
++ exit(1);
++ }
+ }
+ else
+ {
+@@ -2768,8 +3209,11 @@ pubkey_info (gnutls_x509_crt_t crt, common_info_st * cinfo)
+ {
+ ret = gnutls_pubkey_import_privkey(pubkey, privkey, 0, 0);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "pubkey_import_privkey: %s",
++ {
++ fprintf(stderr, "pubkey_import_privkey: %s",
+ gnutls_strerror (ret));
++ exit(1);
++ }
+ }
+ else
+ {
+@@ -2783,7 +3227,10 @@ pubkey_info (gnutls_x509_crt_t crt, common_info_st * cinfo)
+ size = buffer_size;
+ ret = gnutls_pubkey_export (pubkey, outcert_format, buffer, &size);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "export error: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "export error: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ fwrite (buffer, 1, size, outfile);
+
+diff --git a/src/danetool.c b/src/danetool.c
+index 5c27321..07921c9 100644
+--- a/src/danetool.c
++++ b/src/danetool.c
+@@ -42,7 +42,6 @@
+ #include <sys/types.h>
+ #include <sys/stat.h>
+ #include <fcntl.h>
+-#include <error.h>
+
+ /* Gnulib portability files. */
+ #include <read-file.h>
+@@ -95,7 +94,10 @@ cmd_parser (int argc, char **argv)
+ {
+ outfile = safe_open_rw (OPT_ARG(OUTFILE), privkey_op);
+ if (outfile == NULL)
+- error (EXIT_FAILURE, errno, "%s", OPT_ARG(OUTFILE));
++ {
++ fprintf (stderr, "%s", OPT_ARG(OUTFILE));
++ exit(1);
++ }
+ }
+ else
+ outfile = stdout;
+@@ -122,7 +124,10 @@ cmd_parser (int argc, char **argv)
+ else if (strcasecmp (OPT_ARG(HASH), "rmd160") == 0)
+ default_dig = GNUTLS_DIG_RMD160;
+ else
+- error (EXIT_FAILURE, 0, "invalid hash: %s", OPT_ARG(HASH));
++ {
++ fprintf (stderr, "invalid hash: %s", OPT_ARG(HASH));
++ exit(1);
++ }
+ }
+
+ gnutls_global_set_log_function (tls_log_func);
+@@ -134,7 +139,10 @@ cmd_parser (int argc, char **argv)
+ }
+
+ if ((ret = gnutls_global_init ()) < 0)
+- error (EXIT_FAILURE, 0, "global_init: %s", gnutls_strerror (ret));
++ {
++ fprintf (stderr, "global_init: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ #ifdef ENABLE_PKCS11
+ pkcs11_common();
+@@ -207,31 +215,46 @@ unsigned vflags = DANE_VFLAG_FAIL_IF_NOT_CHECKED;
+ printf("Querying %s (%s:%d)...\n", host, proto, port);
+ ret = dane_state_init(&s, flags);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "dane_state_init: %s", dane_strerror (ret));
++ {
++ fprintf (stderr, "dane_state_init: %s", dane_strerror (ret));
++ exit(1);
++ }
+
+ if (HAVE_OPT(DLV))
+ {
+ ret = dane_state_set_dlv_file(s, OPT_ARG(DLV));
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "dane_state_set_dlv_file: %s", dane_strerror (ret));
++ {
++ fprintf (stderr, "dane_state_set_dlv_file: %s", dane_strerror (ret));
++ exit(1);
++ }
+ }
+
+ ret = dane_query_tlsa(s, &q, host, proto, port);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "dane_query_tlsa: %s", dane_strerror (ret));
++ {
++ fprintf (stderr, "dane_query_tlsa: %s", dane_strerror (ret));
++ exit(1);
++ }
+
+ entries = dane_query_entries(q);
+ for (i=0;i<entries;i++)
+ {
+ ret = dane_query_data(q, i, &usage, &type, &match, &data);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "dane_query_data: %s", dane_strerror (ret));
++ {
++ fprintf (stderr, "dane_query_data: %s", dane_strerror (ret));
++ exit(1);
++ }
+
+
+ size = buffer_size;
+ ret = gnutls_hex_encode(&data, (void*)buffer, &size);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "gnutls_hex_encode: %s", dane_strerror (ret));
++ {
++ fprintf (stderr, "gnutls_hex_encode: %s", dane_strerror (ret));
++ exit(1);
++ }
+
+ if (entries > 1) printf("\nEntry %d:\n", i+1);
+
+@@ -249,11 +272,17 @@ unsigned vflags = DANE_VFLAG_FAIL_IF_NOT_CHECKED;
+
+ ret = gnutls_load_file(cinfo->cert, &file);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "gnutls_load_file: %s", gnutls_strerror (ret));
++ {
++ fprintf (stderr, "gnutls_load_file: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ ret = gnutls_x509_crt_list_import2( &clist, &clist_size, &file, cinfo->incert_format, 0);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "gnutls_x509_crt_list_import2: %s", gnutls_strerror (ret));
++ {
++ fprintf (stderr, "gnutls_x509_crt_list_import2: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ if (clist_size > 0)
+ {
+@@ -265,17 +294,26 @@ unsigned vflags = DANE_VFLAG_FAIL_IF_NOT_CHECKED;
+ {
+ ret = gnutls_x509_crt_export2( clist[i], GNUTLS_X509_FMT_DER, &certs[i]);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "gnutls_x509_crt_export2: %s", gnutls_strerror (ret));
++ {
++ fprintf (stderr, "gnutls_x509_crt_export2: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+ }
+
+ ret = dane_verify_crt( s, certs, clist_size, GNUTLS_CRT_X509,
+ host, proto, port, 0, vflags, &status);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "dane_verify_crt: %s", dane_strerror (ret));
++ {
++ fprintf (stderr, "dane_verify_crt: %s", dane_strerror (ret));
++ exit(1);
++ }
+
+ ret = dane_verification_status_print(status, &out, 0);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "dane_verification_status_print: %s", dane_strerror (ret));
++ {
++ fprintf( stderr, "dane_verification_status_print: %s", dane_strerror (ret));
++ exit(1);
++ }
+
+ printf("\nVerification: %s\n", out.data);
+ gnutls_free(out.data);
+@@ -331,7 +369,10 @@ static void dane_info(const char* host, const char* proto, unsigned int port,
+ size = buffer_size;
+ ret = gnutls_x509_crt_export (crt, GNUTLS_X509_FMT_DER, buffer, &size);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "export error: %s", gnutls_strerror (ret));
++ {
++ fprintf( stderr, "export error: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ gnutls_x509_crt_deinit (crt);
+ }
+@@ -341,7 +382,10 @@ static void dane_info(const char* host, const char* proto, unsigned int port,
+
+ ret = gnutls_pubkey_init (&pubkey);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "pubkey_init: %s", gnutls_strerror (ret));
++ {
++ fprintf (stderr, "pubkey_init: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ if (crt != NULL)
+ {
+@@ -349,16 +393,18 @@ static void dane_info(const char* host, const char* proto, unsigned int port,
+ ret = gnutls_pubkey_import_x509 (pubkey, crt, 0);
+ if (ret < 0)
+ {
+- error (EXIT_FAILURE, 0, "pubkey_import_x509: %s",
++ fprintf (stderr, "pubkey_import_x509: %s",
+ gnutls_strerror (ret));
++ exit(1);
+ }
+
+ size = buffer_size;
+ ret = gnutls_pubkey_export (pubkey, GNUTLS_X509_FMT_DER, buffer, &size);
+ if (ret < 0)
+ {
+- error (EXIT_FAILURE, 0, "pubkey_export: %s",
++ fprintf( stderr, "pubkey_export: %s",
+ gnutls_strerror (ret));
++ exit(1);
+ }
+
+ gnutls_x509_crt_deinit(crt);
+@@ -370,7 +416,10 @@ static void dane_info(const char* host, const char* proto, unsigned int port,
+ size = buffer_size;
+ ret = gnutls_pubkey_export (pubkey, GNUTLS_X509_FMT_DER, buffer, &size);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "export error: %s", gnutls_strerror (ret));
++ {
++ fprintf (stderr, "export error: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+ }
+
+ gnutls_pubkey_deinit (pubkey);
+@@ -384,7 +433,10 @@ static void dane_info(const char* host, const char* proto, unsigned int port,
+
+ ret = gnutls_hash_fast(default_dig, buffer, size, digest);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "hash error: %s", gnutls_strerror (ret));
++ {
++ fprintf( stderr, "hash error: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ if (default_dig == GNUTLS_DIG_SHA256)
+ type = 1;
+@@ -408,7 +460,10 @@ static void dane_info(const char* host, const char* proto, unsigned int port,
+ size = buffer_size;
+ ret = gnutls_hex_encode(&t, (void*)buffer, &size);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "hex encode error: %s", gnutls_strerror (ret));
++ {
++ fprintf (stderr, "hex encode error: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ fprintf(outfile, "_%u._%s.%s. IN TLSA ( %.2x %.2x %.2x %s )\n", port, proto, host, usage, selector, type, buffer);
+
+diff --git a/src/ocsptool-common.c b/src/ocsptool-common.c
+index 060f114..4bc3f59 100644
+--- a/src/ocsptool-common.c
++++ b/src/ocsptool-common.c
+@@ -31,7 +31,6 @@
+ #include <gnutls/crypto.h>
+
+ /* Gnulib portability files. */
+-#include <error.h>
+ #include <read-file.h>
+ #include <socket.h>
+
+@@ -83,12 +82,18 @@ _generate_request (gnutls_x509_crt_t cert, gnutls_x509_crt_t issuer,
+
+ ret = gnutls_ocsp_req_init (&req);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "ocsp_req_init: %s", gnutls_strerror (ret));
++ {
++ fprintf( stderr, "ocsp_req_init: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ ret = gnutls_ocsp_req_add_cert (req, GNUTLS_DIG_SHA1,
+ issuer, cert);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "ocsp_req_add_cert: %s", gnutls_strerror (ret));
++ {
++ fprintf( stderr, "ocsp_req_add_cert: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ if (nonce)
+ {
+@@ -97,17 +102,26 @@ _generate_request (gnutls_x509_crt_t cert, gnutls_x509_crt_t issuer,
+
+ ret = gnutls_rnd (GNUTLS_RND_RANDOM, nonce.data, nonce.size);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "gnutls_rnd: %s", gnutls_strerror (ret));
++ {
++ fprintf( stderr, "gnutls_rnd: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ ret = gnutls_ocsp_req_set_nonce (req, 0, &nonce);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "ocsp_req_set_nonce: %s",
++ {
++ fprintf( stderr, "ocsp_req_set_nonce: %s",
+ gnutls_strerror (ret));
++ exit(1);
++ }
+ }
+
+ ret = gnutls_ocsp_req_export (req, rdata);
+ if (ret != 0)
+- error (EXIT_FAILURE, 0, "ocsp_req_export: %s", gnutls_strerror (ret));
++ {
++ fprintf( stderr, "ocsp_req_export: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ gnutls_ocsp_req_deinit (req);
+ return;
+@@ -321,11 +335,17 @@ check_ocsp_response (gnutls_x509_crt_t cert,
+
+ ret = gnutls_ocsp_resp_init (&resp);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "ocsp_resp_init: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "ocsp_resp_init: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ ret = gnutls_ocsp_resp_import (resp, data);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "importing response: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "importing response: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ ret = gnutls_ocsp_resp_check_crt(resp, 0, cert);
+ if (ret < 0)
+@@ -337,8 +357,11 @@ check_ocsp_response (gnutls_x509_crt_t cert,
+
+ ret = gnutls_ocsp_resp_verify_direct( resp, issuer, &status, 0);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "gnutls_ocsp_resp_verify_direct: %s",
+- gnutls_strerror (ret));
++ {
++ fprintf(stderr, "gnutls_ocsp_resp_verify_direct: %s",
++ gnutls_strerror (ret));
++ exit(1);
++ }
+
+ if (status != 0)
+ {
+@@ -357,7 +380,10 @@ check_ocsp_response (gnutls_x509_crt_t cert,
+ ret = gnutls_ocsp_resp_get_single(resp, 0, NULL, NULL, NULL, NULL,
+ &cert_status, &vtime, &ntime, &rtime, NULL);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "reading response: %s", gnutls_strerror (ret));
++ {
++ fprintf(stderr, "reading response: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ if (cert_status == GNUTLS_OCSP_CERT_REVOKED)
+ {
+diff --git a/src/ocsptool.c b/src/ocsptool.c
+index ffbb051..cd92c1d 100644
+--- a/src/ocsptool.c
++++ b/src/ocsptool.c
+@@ -31,7 +31,6 @@
+ #include <gnutls/crypto.h>
+
+ /* Gnulib portability files. */
+-#include <error.h>
+ #include <read-file.h>
+ #include <socket.h>
+
+@@ -59,24 +58,36 @@ request_info (void)
+
+ ret = gnutls_ocsp_req_init (&req);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "ocsp_req_init: %s", gnutls_strerror (ret));
++ {
++ fprintf (stderr, "ocsp_req_init: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ if (HAVE_OPT(LOAD_REQUEST))
+ dat.data = (void*)read_binary_file (OPT_ARG(LOAD_REQUEST), &size);
+ else
+ dat.data = (void*)fread_file (infile, &size);
+ if (dat.data == NULL)
+- error (EXIT_FAILURE, errno, "reading request");
++ {
++ fprintf (stderr, "reading request");
++ exit(1);
++ }
+ dat.size = size;
+
+ ret = gnutls_ocsp_req_import (req, &dat);
+ free (dat.data);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "importing request: %s", gnutls_strerror (ret));
++ {
++ fprintf (stderr, "importing request: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ ret = gnutls_ocsp_req_print (req, GNUTLS_OCSP_PRINT_FULL, &dat);
+ if (ret != 0)
+- error (EXIT_FAILURE, 0, "ocsp_req_print: %s", gnutls_strerror (ret));
++ {
++ fprintf (stderr, "ocsp_req_print: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ printf ("%.*s", dat.size, dat.data);
+ gnutls_free (dat.data);
+@@ -93,18 +104,27 @@ _response_info (const gnutls_datum_t* data)
+
+ ret = gnutls_ocsp_resp_init (&resp);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "ocsp_resp_init: %s", gnutls_strerror (ret));
++ {
++ fprintf (stderr, "ocsp_resp_init: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ ret = gnutls_ocsp_resp_import (resp, data);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "importing response: %s", gnutls_strerror (ret));
++ {
++ fprintf (stderr, "importing response: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ if (ENABLED_OPT(VERBOSE))
+ ret = gnutls_ocsp_resp_print (resp, GNUTLS_OCSP_PRINT_FULL, &buf);
+ else
+ ret = gnutls_ocsp_resp_print (resp, GNUTLS_OCSP_PRINT_COMPACT, &buf);
+ if (ret != 0)
+- error (EXIT_FAILURE, 0, "ocsp_resp_print: %s", gnutls_strerror (ret));
++ {
++ fprintf (stderr, "ocsp_resp_print: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ printf ("%.*s", buf.size, buf.data);
+ gnutls_free (buf.data);
+@@ -123,7 +143,10 @@ response_info (void)
+ else
+ dat.data = (void*)fread_file (infile, &size);
+ if (dat.data == NULL)
+- error (EXIT_FAILURE, errno, "reading response");
++ {
++ fprintf (stderr, "reading response");
++ exit(1);
++ }
+ dat.size = size;
+
+ _response_info(&dat);
+@@ -139,23 +162,35 @@ load_issuer (void)
+ size_t size;
+
+ if (!HAVE_OPT(LOAD_ISSUER))
+- error (EXIT_FAILURE, 0, "missing --load-issuer");
++ {
++ fprintf( stderr, "missing --load-issuer");
++ exit(1);
++ }
+
+ ret = gnutls_x509_crt_init (&crt);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "crt_init: %s", gnutls_strerror (ret));
++ {
++ fprintf (stderr, "crt_init: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ dat.data = (void*)read_binary_file (OPT_ARG(LOAD_ISSUER), &size);
+ dat.size = size;
+
+ if (!dat.data)
+- error (EXIT_FAILURE, errno, "reading --load-issuer: %s", OPT_ARG(LOAD_ISSUER));
++ {
++ fprintf (stderr, "reading --load-issuer: %s", OPT_ARG(LOAD_ISSUER));
++ exit(1);
++ }
+
+ ret = gnutls_x509_crt_import (crt, &dat, encoding);
+ free (dat.data);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "importing --load-issuer: %s: %s",
++ {
++ fprintf (stderr, "importing --load-issuer: %s: %s",
+ OPT_ARG(LOAD_ISSUER), gnutls_strerror (ret));
++ exit(1);
++ }
+
+ return crt;
+ }
+@@ -169,23 +204,35 @@ load_cert (void)
+ size_t size;
+
+ if (!HAVE_OPT(LOAD_CERT))
+- error (EXIT_FAILURE, 0, "missing --load-cert");
++ {
++ fprintf (stderr, "missing --load-cert");
++ exit(1);
++ }
+
+ ret = gnutls_x509_crt_init (&crt);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "crt_init: %s", gnutls_strerror (ret));
++ {
++ fprintf (stderr, "crt_init: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ dat.data = (void*)read_binary_file (OPT_ARG(LOAD_CERT), &size);
+ dat.size = size;
+
+ if (!dat.data)
+- error (EXIT_FAILURE, errno, "reading --load-cert: %s", OPT_ARG(LOAD_CERT));
++ {
++ fprintf (stderr, "reading --load-cert: %s", OPT_ARG(LOAD_CERT));
++ exit(1);
++ }
+
+ ret = gnutls_x509_crt_import (crt, &dat, encoding);
+ free (dat.data);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "importing --load-cert: %s: %s",
++ {
++ fprintf (stderr, "importing --load-cert: %s: %s",
+ OPT_ARG(LOAD_CERT), gnutls_strerror (ret));
++ exit(1);
++ }
+
+ return crt;
+ }
+@@ -218,29 +265,44 @@ _verify_response (gnutls_datum_t *data)
+
+ ret = gnutls_ocsp_resp_init (&resp);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "ocsp_resp_init: %s", gnutls_strerror (ret));
++ {
++ fprintf (stderr, "ocsp_resp_init: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ ret = gnutls_ocsp_resp_import (resp, data);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "importing response: %s", gnutls_strerror (ret));
++ {
++ fprintf (stderr, "importing response: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ if (HAVE_OPT(LOAD_TRUST))
+ {
+ dat.data = (void*)read_binary_file (OPT_ARG(LOAD_TRUST), &size);
+ if (dat.data == NULL)
+- error (EXIT_FAILURE, errno, "reading --load-trust: %s", OPT_ARG(LOAD_TRUST));
++ {
++ fprintf (stderr, "reading --load-trust: %s", OPT_ARG(LOAD_TRUST));
++ exit(1);
++ }
+ dat.size = size;
+
+ ret = gnutls_x509_trust_list_init (&list, 0);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "gnutls_x509_trust_list_init: %s",
++ {
++ fprintf (stderr, "gnutls_x509_trust_list_init: %s",
+ gnutls_strerror (ret));
++ exit(1);
++ }
+
+ ret = gnutls_x509_crt_list_import2 (&x509_ca_list, &x509_ncas, &dat,
+ GNUTLS_X509_FMT_PEM, 0);
+ if (ret < 0 || x509_ncas < 1)
+- error (EXIT_FAILURE, 0, "error parsing CAs: %s",
++ {
++ fprintf (stderr, "error parsing CAs: %s",
+ gnutls_strerror (ret));
++ exit(1);
++ }
+
+ if (HAVE_OPT(VERBOSE))
+ {
+@@ -253,8 +315,11 @@ _verify_response (gnutls_datum_t *data)
+ ret = gnutls_x509_crt_print (x509_ca_list[i],
+ GNUTLS_CRT_PRINT_ONELINE, &out);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "gnutls_x509_crt_print: %s",
++ {
++ fprintf (stderr, "gnutls_x509_crt_print: %s",
+ gnutls_strerror (ret));
++ exit(1);
++ }
+
+ printf ("%d: %.*s\n", i, out.size, out.data);
+ gnutls_free (out.data);
+@@ -264,33 +329,48 @@ _verify_response (gnutls_datum_t *data)
+
+ ret = gnutls_x509_trust_list_add_cas (list, x509_ca_list, x509_ncas, 0);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "gnutls_x509_trust_add_cas: %s",
++ {
++ fprintf (stderr, "gnutls_x509_trust_add_cas: %s",
+ gnutls_strerror (ret));
++ exit(1);
++ }
+
+ if (HAVE_OPT(VERBOSE))
+ fprintf (stdout, "Loaded %d trust anchors\n", x509_ncas);
+
+ ret = gnutls_ocsp_resp_verify (resp, list, &verify, 0);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "gnutls_ocsp_resp_verify: %s",
++ {
++ fprintf (stderr, "gnutls_ocsp_resp_verify: %s",
+ gnutls_strerror (ret));
++ exit(1);
++ }
+ }
+ else if (HAVE_OPT(LOAD_SIGNER))
+ {
+ ret = gnutls_x509_crt_init (&signer);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "crt_init: %s", gnutls_strerror (ret));
++ {
++ fprintf (stderr, "crt_init: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ dat.data = (void*)read_binary_file (OPT_ARG(LOAD_SIGNER), &size);
+ if (dat.data == NULL)
+- error (EXIT_FAILURE, errno, "reading --load-signer: %s", OPT_ARG(LOAD_SIGNER));
++ {
++ fprintf (stderr, "reading --load-signer: %s", OPT_ARG(LOAD_SIGNER));
++ exit(1);
++ }
+ dat.size = size;
+
+ ret = gnutls_x509_crt_import (signer, &dat, encoding);
+ free (dat.data);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "importing --load-signer: %s: %s",
++ {
++ fprintf (stderr, "importing --load-signer: %s: %s",
+ OPT_ARG(LOAD_SIGNER), gnutls_strerror (ret));
++ exit(1);
++ }
+
+ if (HAVE_OPT(VERBOSE))
+ {
+@@ -298,8 +378,11 @@ _verify_response (gnutls_datum_t *data)
+
+ ret = gnutls_x509_crt_print (signer, GNUTLS_CRT_PRINT_ONELINE, &out);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "gnutls_x509_crt_print: %s",
++ {
++ fprintf (stderr, "gnutls_x509_crt_print: %s",
+ gnutls_strerror (ret));
++ exit(1);
++ }
+
+ printf ("Signer: %.*s\n", out.size, out.data);
+ gnutls_free (out.data);
+@@ -308,11 +391,17 @@ _verify_response (gnutls_datum_t *data)
+
+ ret = gnutls_ocsp_resp_verify_direct (resp, signer, &verify, 0);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "gnutls_ocsp_resp_verify_direct: %s",
++ {
++ fprintf (stderr, "gnutls_ocsp_resp_verify_direct: %s",
+ gnutls_strerror (ret));
++ exit(1);
++ }
+ }
+ else
+- error (EXIT_FAILURE, 0, "missing --load-trust or --load-signer");
++ {
++ fprintf (stderr, "missing --load-trust or --load-signer");
++ exit(1);
++ }
+
+ printf ("Verifying OCSP Response: ");
+ print_ocsp_verify_res (verify);
+@@ -334,7 +423,10 @@ verify_response (void)
+ else
+ dat.data = (void*)fread_file (infile, &size);
+ if (dat.data == NULL)
+- error (EXIT_FAILURE, errno, "reading response");
++ {
++ fprintf (stderr, "reading response");
++ exit(1);
++ }
+ dat.size = size;
+
+ _verify_response(&dat);
+@@ -381,7 +473,10 @@ main (int argc, char **argv)
+ int ret;
+
+ if ((ret = gnutls_global_init ()) < 0)
+- error (EXIT_FAILURE, 0, "global_init: %s", gnutls_strerror (ret));
++ {
++ fprintf( stderr, "global_init: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ optionProcess( &ocsptoolOptions, argc, argv);
+
+@@ -392,7 +487,10 @@ main (int argc, char **argv)
+ {
+ outfile = fopen (OPT_ARG(OUTFILE), "wb");
+ if (outfile == NULL)
+- error (EXIT_FAILURE, errno, "%s", OPT_ARG(OUTFILE));
++ {
++ fprintf( stderr, "%s", OPT_ARG(OUTFILE));
++ exit(1);
++ }
+ }
+ else
+ outfile = stdout;
+@@ -401,7 +499,10 @@ main (int argc, char **argv)
+ {
+ infile = fopen (OPT_ARG(INFILE), "rb");
+ if (infile == NULL)
+- error (EXIT_FAILURE, errno, "%s", OPT_ARG(INFILE));
++ {
++ fprintf( stderr, "%s", OPT_ARG(INFILE));
++ exit(1);
++ }
+ }
+ else
+ infile = stdin;
+diff --git a/src/p11tool.c b/src/p11tool.c
+index 924f6bb..19ca1fd 100644
+--- a/src/p11tool.c
++++ b/src/p11tool.c
+@@ -39,7 +39,6 @@
+ #include <sys/types.h>
+ #include <sys/stat.h>
+ #include <fcntl.h>
+-#include <error.h>
+
+ /* Gnulib portability files. */
+ #include <read-file.h>
+@@ -97,7 +96,10 @@ cmd_parser (int argc, char **argv)
+ printf ("Setting log level to %d\n", debug);
+
+ if ((ret = gnutls_global_init ()) < 0)
+- error (EXIT_FAILURE, 0, "global_init: %s", gnutls_strerror (ret));
++ {
++ fprintf (stderr, "global_init: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ if (HAVE_OPT(PROVIDER))
+ {
+@@ -108,8 +110,11 @@ cmd_parser (int argc, char **argv)
+ {
+ ret = gnutls_pkcs11_add_provider (OPT_ARG(PROVIDER), NULL);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "pkcs11_add_provider: %s",
++ {
++ fprintf (stderr, "pkcs11_add_provider: %s",
+ gnutls_strerror (ret));
++ exit(1);
++ }
+ }
+ }
+ else
+@@ -123,7 +128,10 @@ cmd_parser (int argc, char **argv)
+ {
+ outfile = safe_open_rw (OPT_ARG(OUTFILE), 0);
+ if (outfile == NULL)
+- error (EXIT_FAILURE, errno, "%s", OPT_ARG(OUTFILE));
++ {
++ fprintf (stderr, "%s", OPT_ARG(OUTFILE));
++ exit(1);
++ }
+ }
+ else
+ outfile = stdout;
+diff --git a/src/pkcs11.c b/src/pkcs11.c
+index 9759892..5290f63 100644
+--- a/src/pkcs11.c
++++ b/src/pkcs11.c
+@@ -75,7 +75,6 @@ pkcs11_list (FILE * outfile, const char *url, int type, unsigned int login,
+ unsigned int detailed, common_info_st * info)
+ {
+ gnutls_pkcs11_obj_t *crt_list;
+- gnutls_x509_crt_t xcrt;
+ unsigned int crt_list_size = 0, i;
+ int ret, otype;
+ char *output;
+diff --git a/src/serv.c b/src/serv.c
+index 5650658..d420cb8 100644
+--- a/src/serv.c
++++ b/src/serv.c
+@@ -1216,6 +1216,8 @@ main (int argc, char **argv)
+ udp_server (name, port, mtu);
+ else
+ tcp_server (name, port);
++
++ return 0;
+ }
+
+ static void
+diff --git a/src/tpmtool.c b/src/tpmtool.c
+index 0c81d34..9b2168e 100644
+--- a/src/tpmtool.c
++++ b/src/tpmtool.c
+@@ -39,7 +39,6 @@
+ #include <sys/types.h>
+ #include <sys/stat.h>
+ #include <fcntl.h>
+-#include <error.h>
+
+ /* Gnulib portability files. */
+ #include <read-file.h>
+@@ -130,13 +129,19 @@ cmd_parser (int argc, char **argv)
+ printf ("Setting log level to %d\n", debug);
+
+ if ((ret = gnutls_global_init ()) < 0)
+- error (EXIT_FAILURE, 0, "global_init: %s", gnutls_strerror (ret));
++ {
++ fprintf (stderr, "global_init: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ if (HAVE_OPT(OUTFILE))
+ {
+ outfile = safe_open_rw (OPT_ARG(OUTFILE), 0);
+ if (outfile == NULL)
+- error (EXIT_FAILURE, errno, "%s", OPT_ARG(OUTFILE));
++ {
++ fprintf (stderr, "%s", OPT_ARG(OUTFILE));
++ exit(1);
++ }
+ }
+ else
+ outfile = stdout;
+@@ -145,7 +150,10 @@ cmd_parser (int argc, char **argv)
+ {
+ infile = fopen (OPT_ARG(INFILE), "rb");
+ if (infile == NULL)
+- error (EXIT_FAILURE, errno, "%s", OPT_ARG(INFILE));
++ {
++ fprintf (stderr, "%s", OPT_ARG(INFILE));
++ exit(1);
++ }
+ }
+ else
+ infile = stdin;
+@@ -210,7 +218,10 @@ static void tpm_generate(FILE* outfile, unsigned int key_type, unsigned int bits
+ free(srk_pass);
+
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "gnutls_tpm_privkey_generate: %s", gnutls_strerror (ret));
++ {
++ fprintf (stderr, "gnutls_tpm_privkey_generate: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ /* fwrite (pubkey.data, 1, pubkey.size, outfile);
+ fputs ("\n", outfile);*/
+@@ -230,7 +241,10 @@ static void tpm_delete(const char* url, FILE* outfile)
+
+ ret = gnutls_tpm_privkey_delete(url, srk_pass);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "gnutls_tpm_privkey_delete: %s", gnutls_strerror (ret));
++ {
++ fprintf (stderr, "gnutls_tpm_privkey_delete: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ fprintf (outfile, "Key %s deleted\n", url);
+ }
+@@ -244,7 +258,10 @@ static void tpm_list(FILE* outfile)
+
+ ret = gnutls_tpm_get_registered (&list);
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "gnutls_tpm_get_registered: %s", gnutls_strerror (ret));
++ {
++ fprintf (stderr, "gnutls_tpm_get_registered: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ fprintf(outfile, "Available keys:\n");
+ for (i=0;;i++)
+@@ -253,7 +270,10 @@ static void tpm_list(FILE* outfile)
+ if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
+ break;
+ else if (ret < 0)
+- error (EXIT_FAILURE, 0, "gnutls_tpm_key_list_get_url: %s", gnutls_strerror (ret));
++ {
++ fprintf (stderr, "gnutls_tpm_key_list_get_url: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ fprintf(outfile, "\t%u: %s\n", i, url);
+ gnutls_free(url);
+@@ -279,7 +299,10 @@ static void tpm_pubkey(const char* url, FILE* outfile)
+ free(srk_pass);
+
+ if (ret < 0)
+- error (EXIT_FAILURE, 0, "gnutls_pubkey_import_tpm_url: %s", gnutls_strerror (ret));
++ {
++ fprintf (stderr, "gnutls_pubkey_import_tpm_url: %s", gnutls_strerror (ret));
++ exit(1);
++ }
+
+ _pubkey_info(outfile, GNUTLS_CRT_PRINT_FULL, pubkey);
+
+--
+1.7.1
+
generated by cgit v1.2.3 (git 2.41.0) at 2024-04-24 12:38:32 +0000