Use X509_*get0_pubkey() wherever possible to simplify and clean up

the code. Also add error checking where possible. ok jsing
author: tb <> 2022-02-03 17:44:04 +0000
committer: tb <> 2022-02-03 17:44:04 +0000
commit: 99e959b3452e5b44dc52e0e6e87b7e4ec42147af (patch)
tree: d64d65e1fd6a83904267a56b4660fb0e0411b465 /src/usr.bin/openssl/req.c
parent: 355870caa2e034326f5b6b4df6b18cf93e907bc7 (diff)
download: openbsd-99e959b3452e5b44dc52e0e6e87b7e4ec42147af.tar.gz
openbsd-99e959b3452e5b44dc52e0e6e87b7e4ec42147af.tar.bz2
openbsd-99e959b3452e5b44dc52e0e6e87b7e4ec42147af.zip
1 files changed, 13 insertions, 19 deletions
diff --git a/src/usr.bin/openssl/req.c b/src/usr.bin/openssl/req.c
index a1190304a0..6d74ca0e36 100644
--- a/src/usr.bin/openssl/req.c
+++ b/src/usr.bin/openssl/req.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: req.c,v 1.22 2021/12/12 20:42:37 tb Exp $ */
+/* $OpenBSD: req.c,v 1.23 2022/02/03 17:44:04 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -879,6 +879,7 @@ req_main(int argc, char **argv)
                }
                if (req_config.x509) {
                        EVP_PKEY *tmppkey;
                        X509V3_CTX ext_ctx;
                        if ((x509ss = X509_new()) == NULL)
                                goto end;
@@ -904,10 +905,10 @@ req_main(int argc, char **argv)
                                goto end;
                        if (!X509_set_subject_name(x509ss, X509_REQ_get_subject_name(req)))
                                goto end;
-                        tmppkey = X509_REQ_get_pubkey(req);
+                        if ((tmppkey = X509_REQ_get0_pubkey(req)) == NULL)
-                        if (!tmppkey || !X509_set_pubkey(x509ss, tmppkey))
+                                goto end;
+                        if (!X509_set_pubkey(x509ss, tmppkey))
                                goto end;
-                        EVP_PKEY_free(tmppkey);
                        /* Set up V3 context struct */
@@ -984,19 +985,13 @@ req_main(int argc, char **argv)
                }
        }
        if (req_config.verify && !req_config.x509) {
-                int tmp = 0;
+                EVP_PKEY *pubkey = pkey;
-                if (pkey == NULL) {
+                if (pubkey == NULL)
-                        pkey = X509_REQ_get_pubkey(req);
+                        pubkey = X509_REQ_get0_pubkey(req);
-                        tmp = 1;
+                if (pubkey == NULL)
-                        if (pkey == NULL)
+                        goto end;
-                                goto end;
+                i = X509_REQ_verify(req, pubkey);
-                }
-                i = X509_REQ_verify(req, pkey);
-                if (tmp) {
-                        EVP_PKEY_free(pkey);
-                        pkey = NULL;
-                }
                if (i < 0) {
                        goto end;
                } else if (i == 0) {
@@ -1024,14 +1019,13 @@ req_main(int argc, char **argv)
        if (req_config.pubkey) {
                EVP_PKEY *tpubkey;
-                tpubkey = X509_REQ_get_pubkey(req);
-                if (tpubkey == NULL) {
+                if ((tpubkey = X509_REQ_get0_pubkey(req)) == NULL) {
                        BIO_printf(bio_err, "Error getting public key\n");
                        ERR_print_errors(bio_err);
                        goto end;
                }
                PEM_write_bio_PUBKEY(out, tpubkey);
-                EVP_PKEY_free(tpubkey);
        }
        if (req_config.text) {
                if (req_config.x509)
author	tb <>	2022-02-03 17:44:04 +0000
committer	tb <>	2022-02-03 17:44:04 +0000
commit	99e959b3452e5b44dc52e0e6e87b7e4ec42147af (patch)
tree	d64d65e1fd6a83904267a56b4660fb0e0411b465 /src/usr.bin/openssl/req.c
parent	355870caa2e034326f5b6b4df6b18cf93e907bc7 (diff)
download	openbsd-99e959b3452e5b44dc52e0e6e87b7e4ec42147af.tar.gz openbsd-99e959b3452e5b44dc52e0e6e87b7e4ec42147af.tar.bz2 openbsd-99e959b3452e5b44dc52e0e6e87b7e4ec42147af.zip

diff --git a/src/usr.bin/openssl/req.c b/src/usr.bin/openssl/req.c index a1190304a0..6d74ca0e36 100644 --- a/src/usr.bin/openssl/req.c +++ b/src/usr.bin/openssl/req.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: req.c,v 1.22 2021/12/12 20:42:37 tb Exp $ */	1	/* $OpenBSD: req.c,v 1.23 2022/02/03 17:44:04 tb Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -879,6 +879,7 @@ req_main(int argc, char **argv)
879	}	879	}
880	if (req_config.x509) {	880	if (req_config.x509) {
881	EVP_PKEY *tmppkey;	881	EVP_PKEY *tmppkey;
		882
882	X509V3_CTX ext_ctx;	883	X509V3_CTX ext_ctx;
883	if ((x509ss = X509_new()) == NULL)	884	if ((x509ss = X509_new()) == NULL)
884	goto end;	885	goto end;
@@ -904,10 +905,10 @@ req_main(int argc, char **argv)
904	goto end;	905	goto end;
905	if (!X509_set_subject_name(x509ss, X509_REQ_get_subject_name(req)))	906	if (!X509_set_subject_name(x509ss, X509_REQ_get_subject_name(req)))
906	goto end;	907	goto end;
907	tmppkey = X509_REQ_get_pubkey(req);	908	if ((tmppkey = X509_REQ_get0_pubkey(req)) == NULL)
908	if (!tmppkey \|\| !X509_set_pubkey(x509ss, tmppkey))	909	goto end;
		910	if (!X509_set_pubkey(x509ss, tmppkey))
909	goto end;	911	goto end;
910	EVP_PKEY_free(tmppkey);
911		912
912	/* Set up V3 context struct */	913	/* Set up V3 context struct */
913		914
@@ -984,19 +985,13 @@ req_main(int argc, char **argv)
984	}	985	}
985	}	986	}
986	if (req_config.verify && !req_config.x509) {	987	if (req_config.verify && !req_config.x509) {
987	int tmp = 0;	988	EVP_PKEY *pubkey = pkey;
988		989
989	if (pkey == NULL) {	990	if (pubkey == NULL)
990	pkey = X509_REQ_get_pubkey(req);	991	pubkey = X509_REQ_get0_pubkey(req);
991	tmp = 1;	992	if (pubkey == NULL)
992	if (pkey == NULL)	993	goto end;
993	goto end;	994	i = X509_REQ_verify(req, pubkey);
994	}
995	i = X509_REQ_verify(req, pkey);
996	if (tmp) {
997	EVP_PKEY_free(pkey);
998	pkey = NULL;
999	}
1000	if (i < 0) {	995	if (i < 0) {
1001	goto end;	996	goto end;
1002	} else if (i == 0) {	997	} else if (i == 0) {
@@ -1024,14 +1019,13 @@ req_main(int argc, char **argv)
1024		1019
1025	if (req_config.pubkey) {	1020	if (req_config.pubkey) {
1026	EVP_PKEY *tpubkey;	1021	EVP_PKEY *tpubkey;
1027	tpubkey = X509_REQ_get_pubkey(req);	1022
1028	if (tpubkey == NULL) {	1023	if ((tpubkey = X509_REQ_get0_pubkey(req)) == NULL) {
1029	BIO_printf(bio_err, "Error getting public key\n");	1024	BIO_printf(bio_err, "Error getting public key\n");
1030	ERR_print_errors(bio_err);	1025	ERR_print_errors(bio_err);
1031	goto end;	1026	goto end;
1032	}	1027	}
1033	PEM_write_bio_PUBKEY(out, tpubkey);	1028	PEM_write_bio_PUBKEY(out, tpubkey);
1034	EVP_PKEY_free(tpubkey);
1035	}	1029	}
1036	if (req_config.text) {	1030	if (req_config.text) {
1037	if (req_config.x509)	1031	if (req_config.x509)