summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorinoguchi <>2021-07-15 11:43:27 +0000
committerinoguchi <>2021-07-15 11:43:27 +0000
commit19c638444948306d88371953ff3d28f5ab16cc78 (patch)
tree78eeedb2ff8f8eaae33e3849372d3c3c0af170b3 /src
parent7082601d66bf7916704713a802c1c7ef8ef452a3 (diff)
downloadopenbsd-19c638444948306d88371953ff3d28f5ab16cc78.tar.gz
openbsd-19c638444948306d88371953ff3d28f5ab16cc78.tar.bz2
openbsd-19c638444948306d88371953ff3d28f5ab16cc78.zip
Explicitly check pointer variable if it is NULL or not in ca.c
Diffstat (limited to 'src')
-rw-r--r--src/usr.bin/openssl/ca.c116
1 files changed, 58 insertions, 58 deletions
diff --git a/src/usr.bin/openssl/ca.c b/src/usr.bin/openssl/ca.c
index 7bda3ab55b..cee7a9e56e 100644
--- a/src/usr.bin/openssl/ca.c
+++ b/src/usr.bin/openssl/ca.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ca.c,v 1.31 2021/07/15 10:26:43 inoguchi Exp $ */ 1/* $OpenBSD: ca.c,v 1.32 2021/07/15 11:43:27 inoguchi Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -766,24 +766,24 @@ ca_main(int argc, char **argv)
766 } 766 }
767 } 767 }
768 f = NCONF_get_string(conf, ca_config.section, STRING_MASK); 768 f = NCONF_get_string(conf, ca_config.section, STRING_MASK);
769 if (!f) 769 if (f == NULL)
770 ERR_clear_error(); 770 ERR_clear_error();
771 771
772 if (f && !ASN1_STRING_set_default_mask_asc(f)) { 772 if (f != NULL && !ASN1_STRING_set_default_mask_asc(f)) {
773 BIO_printf(bio_err, 773 BIO_printf(bio_err,
774 "Invalid global string mask setting %s\n", f); 774 "Invalid global string mask setting %s\n", f);
775 goto err; 775 goto err;
776 } 776 }
777 if (ca_config.chtype != MBSTRING_UTF8) { 777 if (ca_config.chtype != MBSTRING_UTF8) {
778 f = NCONF_get_string(conf, ca_config.section, UTF8_IN); 778 f = NCONF_get_string(conf, ca_config.section, UTF8_IN);
779 if (!f) 779 if (f == NULL)
780 ERR_clear_error(); 780 ERR_clear_error();
781 else if (!strcmp(f, "yes")) 781 else if (!strcmp(f, "yes"))
782 ca_config.chtype = MBSTRING_UTF8; 782 ca_config.chtype = MBSTRING_UTF8;
783 } 783 }
784 db_attr.unique_subject = 1; 784 db_attr.unique_subject = 1;
785 p = NCONF_get_string(conf, ca_config.section, ENV_UNIQUE_SUBJECT); 785 p = NCONF_get_string(conf, ca_config.section, ENV_UNIQUE_SUBJECT);
786 if (p) { 786 if (p != NULL) {
787 db_attr.unique_subject = parse_yesno(p, 1); 787 db_attr.unique_subject = parse_yesno(p, 1);
788 } else 788 } else
789 ERR_clear_error(); 789 ERR_clear_error();
@@ -824,7 +824,7 @@ ca_main(int argc, char **argv)
824 lookup_fail(ca_config.section, ENV_PRIVATE_KEY); 824 lookup_fail(ca_config.section, ENV_PRIVATE_KEY);
825 goto err; 825 goto err;
826 } 826 }
827 if (!ca_config.key) { 827 if (ca_config.key == NULL) {
828 free_key = 1; 828 free_key = 1;
829 if (!app_passwd(bio_err, ca_config.passargin, NULL, &ca_config.key, NULL)) { 829 if (!app_passwd(bio_err, ca_config.passargin, NULL, &ca_config.key, NULL)) {
830 BIO_printf(bio_err, "Error getting password\n"); 830 BIO_printf(bio_err, "Error getting password\n");
@@ -832,7 +832,7 @@ ca_main(int argc, char **argv)
832 } 832 }
833 } 833 }
834 pkey = load_key(bio_err, ca_config.keyfile, ca_config.keyform, 0, ca_config.key, "CA private key"); 834 pkey = load_key(bio_err, ca_config.keyfile, ca_config.keyform, 0, ca_config.key, "CA private key");
835 if (ca_config.key) 835 if (ca_config.key != NULL)
836 explicit_bzero(ca_config.key, strlen(ca_config.key)); 836 explicit_bzero(ca_config.key, strlen(ca_config.key));
837 if (pkey == NULL) { 837 if (pkey == NULL) {
838 /* load_key() has already printed an appropriate message */ 838 /* load_key() has already printed an appropriate message */
@@ -840,7 +840,7 @@ ca_main(int argc, char **argv)
840 } 840 }
841 /*****************************************************************/ 841 /*****************************************************************/
842 /* we need a certificate */ 842 /* we need a certificate */
843 if (!ca_config.selfsign || ca_config.spkac_file || ca_config.ss_cert_file || ca_config.gencrl) { 843 if (!ca_config.selfsign || ca_config.spkac_file != NULL || ca_config.ss_cert_file != NULL || ca_config.gencrl) {
844 if ((ca_config.certfile == NULL) && 844 if ((ca_config.certfile == NULL) &&
845 ((ca_config.certfile = NCONF_get_string(conf, 845 ((ca_config.certfile = NCONF_get_string(conf,
846 ca_config.section, ENV_CERTIFICATE)) == NULL)) { 846 ca_config.section, ENV_CERTIFICATE)) == NULL)) {
@@ -886,7 +886,7 @@ ca_main(int argc, char **argv)
886 886
887 f = NCONF_get_string(conf, ca_config.section, ENV_CERTOPT); 887 f = NCONF_get_string(conf, ca_config.section, ENV_CERTOPT);
888 888
889 if (f) { 889 if (f != NULL) {
890 if (!set_cert_ex(&certopt, f)) { 890 if (!set_cert_ex(&certopt, f)) {
891 BIO_printf(bio_err, 891 BIO_printf(bio_err,
892 "Invalid certificate options: \"%s\"\n", f); 892 "Invalid certificate options: \"%s\"\n", f);
@@ -898,7 +898,7 @@ ca_main(int argc, char **argv)
898 898
899 f = NCONF_get_string(conf, ca_config.section, ENV_EXTCOPY); 899 f = NCONF_get_string(conf, ca_config.section, ENV_EXTCOPY);
900 900
901 if (f) { 901 if (f != NULL) {
902 if (!set_ext_copy(&ext_copy, f)) { 902 if (!set_ext_copy(&ext_copy, f)) {
903 BIO_printf(bio_err, 903 BIO_printf(bio_err,
904 "Invalid extension copy option: \"%s\"\n", f); 904 "Invalid extension copy option: \"%s\"\n", f);
@@ -1005,7 +1005,7 @@ ca_main(int argc, char **argv)
1005 } 1005 }
1006 /*****************************************************************/ 1006 /*****************************************************************/
1007 /* Read extentions config file */ 1007 /* Read extentions config file */
1008 if (ca_config.extfile) { 1008 if (ca_config.extfile != NULL) {
1009 extconf = NCONF_new(NULL); 1009 extconf = NCONF_new(NULL);
1010 if (NCONF_load(extconf, ca_config.extfile, &errorline) <= 0) { 1010 if (NCONF_load(extconf, ca_config.extfile, &errorline) <= 0) {
1011 if (errorline <= 0) 1011 if (errorline <= 0)
@@ -1025,8 +1025,8 @@ ca_main(int argc, char **argv)
1025 ca_config.extfile); 1025 ca_config.extfile);
1026 1026
1027 /* We can have sections in the ext file */ 1027 /* We can have sections in the ext file */
1028 if (!ca_config.extensions && !(ca_config.extensions = NCONF_get_string(extconf, 1028 if (ca_config.extensions == NULL && (ca_config.extensions = NCONF_get_string(extconf,
1029 "default", "extensions"))) 1029 "default", "extensions")) == NULL)
1030 ca_config.extensions = "default"; 1030 ca_config.extensions = "default";
1031 } 1031 }
1032 /*****************************************************************/ 1032 /*****************************************************************/
@@ -1080,18 +1080,18 @@ ca_main(int argc, char **argv)
1080 lookup_fail(ca_config.section, ENV_SERIAL); 1080 lookup_fail(ca_config.section, ENV_SERIAL);
1081 goto err; 1081 goto err;
1082 } 1082 }
1083 if (!extconf) { 1083 if (extconf == NULL) {
1084 /* 1084 /*
1085 * no '-extfile' option, so we look for extensions in 1085 * no '-extfile' option, so we look for extensions in
1086 * the main configuration file 1086 * the main configuration file
1087 */ 1087 */
1088 if (!ca_config.extensions) { 1088 if (ca_config.extensions == NULL) {
1089 ca_config.extensions = NCONF_get_string(conf, ca_config.section, 1089 ca_config.extensions = NCONF_get_string(conf, ca_config.section,
1090 ENV_EXTENSIONS); 1090 ENV_EXTENSIONS);
1091 if (!ca_config.extensions) 1091 if (ca_config.extensions == NULL)
1092 ERR_clear_error(); 1092 ERR_clear_error();
1093 } 1093 }
1094 if (ca_config.extensions) { 1094 if (ca_config.extensions != NULL) {
1095 /* Check syntax of file */ 1095 /* Check syntax of file */
1096 X509V3_CTX ctx; 1096 X509V3_CTX ctx;
1097 X509V3_set_ctx_test(&ctx); 1097 X509V3_set_ctx_test(&ctx);
@@ -1177,7 +1177,7 @@ ca_main(int argc, char **argv)
1177 "Memory allocation failure\n"); 1177 "Memory allocation failure\n");
1178 goto err; 1178 goto err;
1179 } 1179 }
1180 if (ca_config.outfile) { 1180 if (ca_config.outfile != NULL) {
1181 output_der = 1; 1181 output_der = 1;
1182 ca_config.batch = 1; 1182 ca_config.batch = 1;
1183 } 1183 }
@@ -1257,7 +1257,7 @@ ca_main(int argc, char **argv)
1257 1257
1258 BIO_printf(bio_err, "\n%d out of %d certificate requests certified, commit? [y/n]", total_done, total); 1258 BIO_printf(bio_err, "\n%d out of %d certificate requests certified, commit? [y/n]", total_done, total);
1259 (void) BIO_flush(bio_err); 1259 (void) BIO_flush(bio_err);
1260 if (!fgets(answer, sizeof answer - 1, stdin)) { 1260 if (fgets(answer, sizeof answer - 1, stdin) == NULL) {
1261 BIO_printf(bio_err, "CERTIFICATION CANCELED: I/O error\n"); 1261 BIO_printf(bio_err, "CERTIFICATION CANCELED: I/O error\n");
1262 ret = 0; 1262 ret = 0;
1263 goto err; 1263 goto err;
@@ -1292,7 +1292,7 @@ ca_main(int argc, char **argv)
1292 serialstr = bin2hex(data, j); 1292 serialstr = bin2hex(data, j);
1293 else 1293 else
1294 serialstr = strdup("00"); 1294 serialstr = strdup("00");
1295 if (serialstr) { 1295 if (serialstr != NULL) {
1296 k = snprintf(pempath, sizeof(pempath), 1296 k = snprintf(pempath, sizeof(pempath),
1297 "%s/%s.pem", ca_config.outdir, serialstr); 1297 "%s/%s.pem", ca_config.outdir, serialstr);
1298 free(serialstr); 1298 free(serialstr);
@@ -1331,12 +1331,12 @@ ca_main(int argc, char **argv)
1331 /*****************************************************************/ 1331 /*****************************************************************/
1332 if (ca_config.gencrl) { 1332 if (ca_config.gencrl) {
1333 int crl_v2 = 0; 1333 int crl_v2 = 0;
1334 if (!ca_config.crl_ext) { 1334 if (ca_config.crl_ext == NULL) {
1335 ca_config.crl_ext = NCONF_get_string(conf, ca_config.section, ENV_CRLEXT); 1335 ca_config.crl_ext = NCONF_get_string(conf, ca_config.section, ENV_CRLEXT);
1336 if (!ca_config.crl_ext) 1336 if (ca_config.crl_ext == NULL)
1337 ERR_clear_error(); 1337 ERR_clear_error();
1338 } 1338 }
1339 if (ca_config.crl_ext) { 1339 if (ca_config.crl_ext != NULL) {
1340 /* Check syntax of file */ 1340 /* Check syntax of file */
1341 X509V3_CTX ctx; 1341 X509V3_CTX ctx;
1342 X509V3_set_ctx_test(&ctx); 1342 X509V3_set_ctx_test(&ctx);
@@ -1378,12 +1378,12 @@ ca_main(int argc, char **argv)
1378 goto err; 1378 goto err;
1379 1379
1380 tmptm = ASN1_TIME_new(); 1380 tmptm = ASN1_TIME_new();
1381 if (!tmptm) 1381 if (tmptm == NULL)
1382 goto err; 1382 goto err;
1383 X509_gmtime_adj(tmptm, 0); 1383 X509_gmtime_adj(tmptm, 0);
1384 X509_CRL_set_lastUpdate(crl, tmptm); 1384 X509_CRL_set_lastUpdate(crl, tmptm);
1385 if (!X509_time_adj_ex(tmptm, ca_config.crldays, 1385 if (X509_time_adj_ex(tmptm, ca_config.crldays,
1386 ca_config.crlhours * 60 * 60 + ca_config.crlsec, NULL)) { 1386 ca_config.crlhours * 60 * 60 + ca_config.crlsec, NULL) == NULL) {
1387 BIO_puts(bio_err, "error setting CRL nextUpdate\n"); 1387 BIO_puts(bio_err, "error setting CRL nextUpdate\n");
1388 goto err; 1388 goto err;
1389 } 1389 }
@@ -1406,7 +1406,7 @@ ca_main(int argc, char **argv)
1406 tmpserial = BN_to_ASN1_INTEGER(serial, NULL); 1406 tmpserial = BN_to_ASN1_INTEGER(serial, NULL);
1407 BN_free(serial); 1407 BN_free(serial);
1408 serial = NULL; 1408 serial = NULL;
1409 if (!tmpserial) 1409 if (tmpserial == NULL)
1410 goto err; 1410 goto err;
1411 X509_REVOKED_set_serialNumber(r, tmpserial); 1411 X509_REVOKED_set_serialNumber(r, tmpserial);
1412 ASN1_INTEGER_free(tmpserial); 1412 ASN1_INTEGER_free(tmpserial);
@@ -1425,18 +1425,18 @@ ca_main(int argc, char **argv)
1425 1425
1426 /* Add any extensions asked for */ 1426 /* Add any extensions asked for */
1427 1427
1428 if (ca_config.crl_ext || crlnumberfile != NULL) { 1428 if (ca_config.crl_ext != NULL || crlnumberfile != NULL) {
1429 X509V3_CTX crlctx; 1429 X509V3_CTX crlctx;
1430 X509V3_set_ctx(&crlctx, x509, NULL, NULL, crl, 0); 1430 X509V3_set_ctx(&crlctx, x509, NULL, NULL, crl, 0);
1431 X509V3_set_nconf(&crlctx, conf); 1431 X509V3_set_nconf(&crlctx, conf);
1432 1432
1433 if (ca_config.crl_ext) 1433 if (ca_config.crl_ext != NULL)
1434 if (!X509V3_EXT_CRL_add_nconf(conf, &crlctx, 1434 if (!X509V3_EXT_CRL_add_nconf(conf, &crlctx,
1435 ca_config.crl_ext, crl)) 1435 ca_config.crl_ext, crl))
1436 goto err; 1436 goto err;
1437 if (crlnumberfile != NULL) { 1437 if (crlnumberfile != NULL) {
1438 tmpserial = BN_to_ASN1_INTEGER(crlnumber, NULL); 1438 tmpserial = BN_to_ASN1_INTEGER(crlnumber, NULL);
1439 if (!tmpserial) 1439 if (tmpserial == NULL)
1440 goto err; 1440 goto err;
1441 X509_CRL_add1_ext_i2d(crl, NID_crl_number, 1441 X509_CRL_add1_ext_i2d(crl, NID_crl_number,
1442 tmpserial, 0, 0); 1442 tmpserial, 0, 0);
@@ -1446,7 +1446,7 @@ ca_main(int argc, char **argv)
1446 goto err; 1446 goto err;
1447 } 1447 }
1448 } 1448 }
1449 if (ca_config.crl_ext || crl_v2) { 1449 if (ca_config.crl_ext != NULL || crl_v2) {
1450 if (!X509_CRL_set_version(crl, 1)) 1450 if (!X509_CRL_set_version(crl, 1))
1451 goto err; /* version 2 CRL */ 1451 goto err; /* version 2 CRL */
1452 } 1452 }
@@ -1455,7 +1455,7 @@ ca_main(int argc, char **argv)
1455 if (!save_serial(crlnumberfile, "new", crlnumber, NULL)) 1455 if (!save_serial(crlnumberfile, "new", crlnumber, NULL))
1456 goto err; 1456 goto err;
1457 1457
1458 if (crlnumber) { 1458 if (crlnumber != NULL) {
1459 BN_free(crlnumber); 1459 BN_free(crlnumber);
1460 crlnumber = NULL; 1460 crlnumber = NULL;
1461 } 1461 }
@@ -1692,10 +1692,10 @@ do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, const EVP_MD *dgst,
1692 for (i = 0; i < DB_NUMBER; i++) 1692 for (i = 0; i < DB_NUMBER; i++)
1693 row[i] = NULL; 1693 row[i] = NULL;
1694 1694
1695 if (subj) { 1695 if (subj != NULL) {
1696 X509_NAME *n = parse_name(subj, chtype, multirdn); 1696 X509_NAME *n = parse_name(subj, chtype, multirdn);
1697 1697
1698 if (!n) { 1698 if (n == NULL) {
1699 ERR_print_errors(bio_err); 1699 ERR_print_errors(bio_err);
1700 goto err; 1700 goto err;
1701 } 1701 }
@@ -1870,7 +1870,7 @@ again2:
1870 * Its best to dup the subject DN and then delete any email 1870 * Its best to dup the subject DN and then delete any email
1871 * addresses because this retains its structure. 1871 * addresses because this retains its structure.
1872 */ 1872 */
1873 if (!(dn_subject = X509_NAME_dup(subject))) { 1873 if ((dn_subject = X509_NAME_dup(subject)) == NULL) {
1874 BIO_printf(bio_err, "Memory allocation failure\n"); 1874 BIO_printf(bio_err, "Memory allocation failure\n");
1875 goto err; 1875 goto err;
1876 } 1876 }
@@ -1997,7 +1997,7 @@ again2:
1997 goto err; 1997 goto err;
1998 1998
1999 /* Lets add the extensions, if there are any */ 1999 /* Lets add the extensions, if there are any */
2000 if (ext_sect) { 2000 if (ext_sect != NULL) {
2001 X509V3_CTX ctx; 2001 X509V3_CTX ctx;
2002 if (ci->version == NULL) 2002 if (ci->version == NULL)
2003 if ((ci->version = ASN1_INTEGER_new()) == NULL) 2003 if ((ci->version = ASN1_INTEGER_new()) == NULL)
@@ -2020,7 +2020,7 @@ again2:
2020 else 2020 else
2021 X509V3_set_ctx(&ctx, x509, ret, req, NULL, 0); 2021 X509V3_set_ctx(&ctx, x509, ret, req, NULL, 0);
2022 2022
2023 if (extconf) { 2023 if (extconf != NULL) {
2024 if (verbose) 2024 if (verbose)
2025 BIO_printf(bio_err, 2025 BIO_printf(bio_err,
2026 "Extra configuration file found\n"); 2026 "Extra configuration file found\n");
@@ -2042,7 +2042,7 @@ again2:
2042 } 2042 }
2043 if (verbose) 2043 if (verbose)
2044 BIO_printf(bio_err, "Successfully added extensions from file.\n"); 2044 BIO_printf(bio_err, "Successfully added extensions from file.\n");
2045 } else if (ext_sect) { 2045 } else if (ext_sect != NULL) {
2046 /* We found extensions to be set from config file */ 2046 /* We found extensions to be set from config file */
2047 X509V3_set_nconf(&ctx, lconf); 2047 X509V3_set_nconf(&ctx, lconf);
2048 2048
@@ -2343,7 +2343,7 @@ do_revoke(X509 *x509, CA_DB *db, int type, char *value)
2343 row[i] = NULL; 2343 row[i] = NULL;
2344 row[DB_name] = X509_NAME_oneline(X509_get_subject_name(x509), NULL, 0); 2344 row[DB_name] = X509_NAME_oneline(X509_get_subject_name(x509), NULL, 0);
2345 bn = ASN1_INTEGER_to_BN(X509_get_serialNumber(x509), NULL); 2345 bn = ASN1_INTEGER_to_BN(X509_get_serialNumber(x509), NULL);
2346 if (!bn) 2346 if (bn == NULL)
2347 goto err; 2347 goto err;
2348 if (BN_is_zero(bn)) 2348 if (BN_is_zero(bn))
2349 row[DB_serial] = strdup("00"); 2349 row[DB_serial] = strdup("00");
@@ -2425,7 +2425,7 @@ do_revoke(X509 *x509, CA_DB *db, int type, char *value)
2425 BIO_printf(bio_err, "Revoking Certificate %s.\n", 2425 BIO_printf(bio_err, "Revoking Certificate %s.\n",
2426 rrow[DB_serial]); 2426 rrow[DB_serial]);
2427 rev_str = make_revocation_str(type, value); 2427 rev_str = make_revocation_str(type, value);
2428 if (!rev_str) { 2428 if (rev_str == NULL) {
2429 BIO_printf(bio_err, "Error in revocation arguments\n"); 2429 BIO_printf(bio_err, "Error in revocation arguments\n");
2430 goto err; 2430 goto err;
2431 } 2431 }
@@ -2696,22 +2696,22 @@ make_revoked(X509_REVOKED *rev, const char *str)
2696 if (i == 0) 2696 if (i == 0)
2697 goto err; 2697 goto err;
2698 2698
2699 if (rev && !X509_REVOKED_set_revocationDate(rev, revDate)) 2699 if (rev != NULL && !X509_REVOKED_set_revocationDate(rev, revDate))
2700 goto err; 2700 goto err;
2701 2701
2702 if (rev && (reason_code != OCSP_REVOKED_STATUS_NOSTATUS)) { 2702 if (rev != NULL && (reason_code != OCSP_REVOKED_STATUS_NOSTATUS)) {
2703 rtmp = ASN1_ENUMERATED_new(); 2703 rtmp = ASN1_ENUMERATED_new();
2704 if (!rtmp || !ASN1_ENUMERATED_set(rtmp, reason_code)) 2704 if (rtmp == NULL || !ASN1_ENUMERATED_set(rtmp, reason_code))
2705 goto err; 2705 goto err;
2706 if (!X509_REVOKED_add1_ext_i2d(rev, NID_crl_reason, rtmp, 0, 0)) 2706 if (!X509_REVOKED_add1_ext_i2d(rev, NID_crl_reason, rtmp, 0, 0))
2707 goto err; 2707 goto err;
2708 } 2708 }
2709 if (rev && comp_time) { 2709 if (rev != NULL && comp_time != NULL) {
2710 if (!X509_REVOKED_add1_ext_i2d(rev, NID_invalidity_date, 2710 if (!X509_REVOKED_add1_ext_i2d(rev, NID_invalidity_date,
2711 comp_time, 0, 0)) 2711 comp_time, 0, 0))
2712 goto err; 2712 goto err;
2713 } 2713 }
2714 if (rev && hold) { 2714 if (rev != NULL && hold != NULL) {
2715 if (!X509_REVOKED_add1_ext_i2d(rev, NID_hold_instruction_code, 2715 if (!X509_REVOKED_add1_ext_i2d(rev, NID_hold_instruction_code,
2716 hold, 0, 0)) 2716 hold, 0, 0))
2717 goto err; 2717 goto err;
@@ -2792,17 +2792,17 @@ unpack_revinfo(ASN1_TIME **prevtm, int *preason, ASN1_OBJECT **phold,
2792 p = strchr(tmp, ','); 2792 p = strchr(tmp, ',');
2793 rtime_str = tmp; 2793 rtime_str = tmp;
2794 2794
2795 if (p) { 2795 if (p != NULL) {
2796 *p = '\0'; 2796 *p = '\0';
2797 p++; 2797 p++;
2798 reason_str = p; 2798 reason_str = p;
2799 p = strchr(p, ','); 2799 p = strchr(p, ',');
2800 if (p) { 2800 if (p != NULL) {
2801 *p = '\0'; 2801 *p = '\0';
2802 arg_str = p + 1; 2802 arg_str = p + 1;
2803 } 2803 }
2804 } 2804 }
2805 if (prevtm) { 2805 if (prevtm != NULL) {
2806 *prevtm = ASN1_UTCTIME_new(); 2806 *prevtm = ASN1_UTCTIME_new();
2807 if (!ASN1_UTCTIME_set_string(*prevtm, rtime_str)) { 2807 if (!ASN1_UTCTIME_set_string(*prevtm, rtime_str)) {
2808 BIO_printf(bio_err, "invalid revocation date %s\n", 2808 BIO_printf(bio_err, "invalid revocation date %s\n",
@@ -2810,7 +2810,7 @@ unpack_revinfo(ASN1_TIME **prevtm, int *preason, ASN1_OBJECT **phold,
2810 goto err; 2810 goto err;
2811 } 2811 }
2812 } 2812 }
2813 if (reason_str) { 2813 if (reason_str != NULL) {
2814 for (i = 0; i < NUM_REASONS; i++) { 2814 for (i = 0; i < NUM_REASONS; i++) {
2815 if (!strcasecmp(reason_str, crl_reasons[i])) { 2815 if (!strcasecmp(reason_str, crl_reasons[i])) {
2816 reason_code = i; 2816 reason_code = i;
@@ -2825,7 +2825,7 @@ unpack_revinfo(ASN1_TIME **prevtm, int *preason, ASN1_OBJECT **phold,
2825 if (reason_code == 7) 2825 if (reason_code == 7)
2826 reason_code = OCSP_REVOKED_STATUS_REMOVEFROMCRL; 2826 reason_code = OCSP_REVOKED_STATUS_REMOVEFROMCRL;
2827 else if (reason_code == 8) { /* Hold instruction */ 2827 else if (reason_code == 8) { /* Hold instruction */
2828 if (!arg_str) { 2828 if (arg_str == NULL) {
2829 BIO_printf(bio_err, 2829 BIO_printf(bio_err,
2830 "missing hold instruction\n"); 2830 "missing hold instruction\n");
2831 goto err; 2831 goto err;
@@ -2833,15 +2833,15 @@ unpack_revinfo(ASN1_TIME **prevtm, int *preason, ASN1_OBJECT **phold,
2833 reason_code = OCSP_REVOKED_STATUS_CERTIFICATEHOLD; 2833 reason_code = OCSP_REVOKED_STATUS_CERTIFICATEHOLD;
2834 hold = OBJ_txt2obj(arg_str, 0); 2834 hold = OBJ_txt2obj(arg_str, 0);
2835 2835
2836 if (!hold) { 2836 if (hold == NULL) {
2837 BIO_printf(bio_err, 2837 BIO_printf(bio_err,
2838 "invalid object identifier %s\n", arg_str); 2838 "invalid object identifier %s\n", arg_str);
2839 goto err; 2839 goto err;
2840 } 2840 }
2841 if (phold) 2841 if (phold != NULL)
2842 *phold = hold; 2842 *phold = hold;
2843 } else if ((reason_code == 9) || (reason_code == 10)) { 2843 } else if ((reason_code == 9) || (reason_code == 10)) {
2844 if (!arg_str) { 2844 if (arg_str == NULL) {
2845 BIO_printf(bio_err, 2845 BIO_printf(bio_err,
2846 "missing compromised time\n"); 2846 "missing compromised time\n");
2847 goto err; 2847 goto err;
@@ -2859,9 +2859,9 @@ unpack_revinfo(ASN1_TIME **prevtm, int *preason, ASN1_OBJECT **phold,
2859 reason_code = OCSP_REVOKED_STATUS_CACOMPROMISE; 2859 reason_code = OCSP_REVOKED_STATUS_CACOMPROMISE;
2860 } 2860 }
2861 } 2861 }
2862 if (preason) 2862 if (preason != NULL)
2863 *preason = reason_code; 2863 *preason = reason_code;
2864 if (pinvtm) 2864 if (pinvtm != NULL)
2865 *pinvtm = comp_time; 2865 *pinvtm = comp_time;
2866 else 2866 else
2867 ASN1_GENERALIZEDTIME_free(comp_time); 2867 ASN1_GENERALIZEDTIME_free(comp_time);
@@ -2871,9 +2871,9 @@ unpack_revinfo(ASN1_TIME **prevtm, int *preason, ASN1_OBJECT **phold,
2871 err: 2871 err:
2872 free(tmp); 2872 free(tmp);
2873 2873
2874 if (!phold) 2874 if (phold == NULL)
2875 ASN1_OBJECT_free(hold); 2875 ASN1_OBJECT_free(hold);
2876 if (!pinvtm) 2876 if (pinvtm == NULL)
2877 ASN1_GENERALIZEDTIME_free(comp_time); 2877 ASN1_GENERALIZEDTIME_free(comp_time);
2878 2878
2879 return ret; 2879 return ret;
@@ -2886,7 +2886,7 @@ bin2hex(unsigned char *data, size_t len)
2886 char hex[] = "0123456789ABCDEF"; 2886 char hex[] = "0123456789ABCDEF";
2887 int i; 2887 int i;
2888 2888
2889 if ((ret = malloc(len * 2 + 1))) { 2889 if ((ret = malloc(len * 2 + 1)) != NULL) {
2890 for (i = 0; i < len; i++) { 2890 for (i = 0; i < len; i++) {
2891 ret[i * 2 + 0] = hex[data[i] >> 4]; 2891 ret[i * 2 + 0] = hex[data[i] >> 4];
2892 ret[i * 2 + 1] = hex[data[i] & 0x0F]; 2892 ret[i * 2 + 1] = hex[data[i] & 0x0F];
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-23 23:02:22 +0000