summaryrefslogtreecommitdiff
path: root/src/usr.bin/openssl/req.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/usr.bin/openssl/req.c')
-rw-r--r--src/usr.bin/openssl/req.c358
1 files changed, 179 insertions, 179 deletions
diff --git a/src/usr.bin/openssl/req.c b/src/usr.bin/openssl/req.c
index 797cbfa718..0994d0b288 100644
--- a/src/usr.bin/openssl/req.c
+++ b/src/usr.bin/openssl/req.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: req.c,v 1.26 2023/03/05 13:12:53 tb Exp $ */ 1/* $OpenBSD: req.c,v 1.27 2023/03/06 14:32:06 tb Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -168,26 +168,26 @@ static struct {
168 int verbose; 168 int verbose;
169 int verify; 169 int verify;
170 int x509; 170 int x509;
171} req_config; 171} cfg;
172 172
173static int 173static int
174req_opt_addext(char *arg) 174req_opt_addext(char *arg)
175{ 175{
176 int i; 176 int i;
177 177
178 if (req_config.addexts == NULL) { 178 if (cfg.addexts == NULL) {
179 req_config.addexts = (LHASH_OF(OPENSSL_STRING) *)lh_new( 179 cfg.addexts = (LHASH_OF(OPENSSL_STRING) *)lh_new(
180 (LHASH_HASH_FN_TYPE)ext_name_hash, 180 (LHASH_HASH_FN_TYPE)ext_name_hash,
181 (LHASH_COMP_FN_TYPE)ext_name_cmp); 181 (LHASH_COMP_FN_TYPE)ext_name_cmp);
182 req_config.addext_bio = BIO_new(BIO_s_mem()); 182 cfg.addext_bio = BIO_new(BIO_s_mem());
183 if (req_config.addexts == NULL || 183 if (cfg.addexts == NULL ||
184 req_config.addext_bio == NULL) 184 cfg.addext_bio == NULL)
185 return (1); 185 return (1);
186 } 186 }
187 i = duplicated(req_config.addexts, arg); 187 i = duplicated(cfg.addexts, arg);
188 if (i == 1) 188 if (i == 1)
189 return (1); 189 return (1);
190 if (i < 0 || BIO_printf(req_config.addext_bio, "%s\n", arg) < 0) 190 if (i < 0 || BIO_printf(cfg.addext_bio, "%s\n", arg) < 0)
191 return (1); 191 return (1);
192 192
193 return (0); 193 return (0);
@@ -198,11 +198,11 @@ req_opt_days(char *arg)
198{ 198{
199 const char *errstr; 199 const char *errstr;
200 200
201 req_config.days = strtonum(arg, 1, INT_MAX, &errstr); 201 cfg.days = strtonum(arg, 1, INT_MAX, &errstr);
202 if (errstr != NULL) { 202 if (errstr != NULL) {
203 BIO_printf(bio_err, "bad -days %s, using 0: %s\n", 203 BIO_printf(bio_err, "bad -days %s, using 0: %s\n",
204 arg, errstr); 204 arg, errstr);
205 req_config.days = 30; 205 cfg.days = 30;
206 } 206 }
207 return (0); 207 return (0);
208} 208}
@@ -215,7 +215,7 @@ req_opt_digest(int argc, char **argv, int *argsused)
215 if (*name++ != '-') 215 if (*name++ != '-')
216 return (1); 216 return (1);
217 217
218 if ((req_config.digest = EVP_get_digestbyname(name)) == NULL) 218 if ((cfg.digest = EVP_get_digestbyname(name)) == NULL)
219 return (1); 219 return (1);
220 220
221 *argsused = 1; 221 *argsused = 1;
@@ -225,15 +225,15 @@ req_opt_digest(int argc, char **argv, int *argsused)
225static int 225static int
226req_opt_newkey(char *arg) 226req_opt_newkey(char *arg)
227{ 227{
228 req_config.keyalg = arg; 228 cfg.keyalg = arg;
229 req_config.newreq = 1; 229 cfg.newreq = 1;
230 return (0); 230 return (0);
231} 231}
232 232
233static int 233static int
234req_opt_nameopt(char *arg) 234req_opt_nameopt(char *arg)
235{ 235{
236 if (!set_name_ex(&req_config.nmflag, arg)) 236 if (!set_name_ex(&cfg.nmflag, arg))
237 return (1); 237 return (1);
238 return (0); 238 return (0);
239} 239}
@@ -241,11 +241,11 @@ req_opt_nameopt(char *arg)
241static int 241static int
242req_opt_pkeyopt(char *arg) 242req_opt_pkeyopt(char *arg)
243{ 243{
244 if (req_config.pkeyopts == NULL) 244 if (cfg.pkeyopts == NULL)
245 req_config.pkeyopts = sk_OPENSSL_STRING_new_null(); 245 cfg.pkeyopts = sk_OPENSSL_STRING_new_null();
246 if (req_config.pkeyopts == NULL) 246 if (cfg.pkeyopts == NULL)
247 return (1); 247 return (1);
248 if (!sk_OPENSSL_STRING_push(req_config.pkeyopts, arg)) 248 if (!sk_OPENSSL_STRING_push(cfg.pkeyopts, arg))
249 return (1); 249 return (1);
250 return (0); 250 return (0);
251} 251}
@@ -253,7 +253,7 @@ req_opt_pkeyopt(char *arg)
253static int 253static int
254req_opt_reqopt(char *arg) 254req_opt_reqopt(char *arg)
255{ 255{
256 if (!set_cert_ex(&req_config.reqflag, arg)) 256 if (!set_cert_ex(&cfg.reqflag, arg))
257 return (1); 257 return (1);
258 return (0); 258 return (0);
259} 259}
@@ -261,8 +261,8 @@ req_opt_reqopt(char *arg)
261static int 261static int
262req_opt_set_serial(char *arg) 262req_opt_set_serial(char *arg)
263{ 263{
264 req_config.serial = s2i_ASN1_INTEGER(NULL, arg); 264 cfg.serial = s2i_ASN1_INTEGER(NULL, arg);
265 if (req_config.serial == NULL) 265 if (cfg.serial == NULL)
266 return (1); 266 return (1);
267 return (0); 267 return (0);
268} 268}
@@ -270,11 +270,11 @@ req_opt_set_serial(char *arg)
270static int 270static int
271req_opt_sigopt(char *arg) 271req_opt_sigopt(char *arg)
272{ 272{
273 if (req_config.sigopts == NULL) 273 if (cfg.sigopts == NULL)
274 req_config.sigopts = sk_OPENSSL_STRING_new_null(); 274 cfg.sigopts = sk_OPENSSL_STRING_new_null();
275 if (req_config.sigopts == NULL) 275 if (cfg.sigopts == NULL)
276 return (1); 276 return (1);
277 if (!sk_OPENSSL_STRING_push(req_config.sigopts, arg)) 277 if (!sk_OPENSSL_STRING_push(cfg.sigopts, arg))
278 return (1); 278 return (1);
279 return (0); 279 return (0);
280} 280}
@@ -282,7 +282,7 @@ req_opt_sigopt(char *arg)
282static int 282static int
283req_opt_utf8(void) 283req_opt_utf8(void)
284{ 284{
285 req_config.chtype = MBSTRING_UTF8; 285 cfg.chtype = MBSTRING_UTF8;
286 return (0); 286 return (0);
287} 287}
288 288
@@ -298,14 +298,14 @@ static const struct option req_options[] = {
298 .name = "batch", 298 .name = "batch",
299 .desc = "Operate in batch mode", 299 .desc = "Operate in batch mode",
300 .type = OPTION_FLAG, 300 .type = OPTION_FLAG,
301 .opt.flag = &req_config.batch, 301 .opt.flag = &cfg.batch,
302 }, 302 },
303 { 303 {
304 .name = "config", 304 .name = "config",
305 .argname = "file", 305 .argname = "file",
306 .desc = "Configuration file to use as request template", 306 .desc = "Configuration file to use as request template",
307 .type = OPTION_ARG, 307 .type = OPTION_ARG,
308 .opt.arg = &req_config.template, 308 .opt.arg = &cfg.template,
309 }, 309 },
310 { 310 {
311 .name = "days", 311 .name = "days",
@@ -319,54 +319,54 @@ static const struct option req_options[] = {
319 .argname = "section", 319 .argname = "section",
320 .desc = "Config section to use for certificate extensions", 320 .desc = "Config section to use for certificate extensions",
321 .type = OPTION_ARG, 321 .type = OPTION_ARG,
322 .opt.arg = &req_config.extensions, 322 .opt.arg = &cfg.extensions,
323 }, 323 },
324 { 324 {
325 .name = "in", 325 .name = "in",
326 .argname = "file", 326 .argname = "file",
327 .desc = "Input file (default stdin)", 327 .desc = "Input file (default stdin)",
328 .type = OPTION_ARG, 328 .type = OPTION_ARG,
329 .opt.arg = &req_config.infile, 329 .opt.arg = &cfg.infile,
330 }, 330 },
331 { 331 {
332 .name = "inform", 332 .name = "inform",
333 .argname = "format", 333 .argname = "format",
334 .desc = "Input format (DER or PEM (default))", 334 .desc = "Input format (DER or PEM (default))",
335 .type = OPTION_ARG_FORMAT, 335 .type = OPTION_ARG_FORMAT,
336 .opt.value = &req_config.informat, 336 .opt.value = &cfg.informat,
337 }, 337 },
338 { 338 {
339 .name = "key", 339 .name = "key",
340 .argname = "file", 340 .argname = "file",
341 .desc = "Private key file", 341 .desc = "Private key file",
342 .type = OPTION_ARG, 342 .type = OPTION_ARG,
343 .opt.arg = &req_config.keyfile, 343 .opt.arg = &cfg.keyfile,
344 }, 344 },
345 { 345 {
346 .name = "keyform", 346 .name = "keyform",
347 .argname = "format", 347 .argname = "format",
348 .desc = "Private key format (DER or PEM (default))", 348 .desc = "Private key format (DER or PEM (default))",
349 .type = OPTION_ARG_FORMAT, 349 .type = OPTION_ARG_FORMAT,
350 .opt.value = &req_config.keyform, 350 .opt.value = &cfg.keyform,
351 }, 351 },
352 { 352 {
353 .name = "keyout", 353 .name = "keyout",
354 .argname = "file", 354 .argname = "file",
355 .desc = "Private key output file", 355 .desc = "Private key output file",
356 .type = OPTION_ARG, 356 .type = OPTION_ARG,
357 .opt.arg = &req_config.keyout, 357 .opt.arg = &cfg.keyout,
358 }, 358 },
359 { 359 {
360 .name = "modulus", 360 .name = "modulus",
361 .desc = "Print RSA modulus", 361 .desc = "Print RSA modulus",
362 .type = OPTION_FLAG, 362 .type = OPTION_FLAG,
363 .opt.flag = &req_config.modulus, 363 .opt.flag = &cfg.modulus,
364 }, 364 },
365 { 365 {
366 .name = "multivalue-rdn", 366 .name = "multivalue-rdn",
367 .desc = "Enable support for multivalued RDNs", 367 .desc = "Enable support for multivalued RDNs",
368 .type = OPTION_FLAG, 368 .type = OPTION_FLAG,
369 .opt.flag = &req_config.multirdn, 369 .opt.flag = &cfg.multirdn,
370 }, 370 },
371 { 371 {
372 .name = "nameopt", 372 .name = "nameopt",
@@ -379,13 +379,13 @@ static const struct option req_options[] = {
379 .name = "new", 379 .name = "new",
380 .desc = "New request", 380 .desc = "New request",
381 .type = OPTION_FLAG, 381 .type = OPTION_FLAG,
382 .opt.flag = &req_config.newreq, 382 .opt.flag = &cfg.newreq,
383 }, 383 },
384 { 384 {
385 .name = "newhdr", 385 .name = "newhdr",
386 .desc = "Include 'NEW' in header lines", 386 .desc = "Include 'NEW' in header lines",
387 .type = OPTION_FLAG, 387 .type = OPTION_FLAG,
388 .opt.flag = &req_config.newhdr, 388 .opt.flag = &cfg.newhdr,
389 }, 389 },
390 { 390 {
391 .name = "newkey", 391 .name = "newkey",
@@ -398,41 +398,41 @@ static const struct option req_options[] = {
398 .name = "nodes", 398 .name = "nodes",
399 .desc = "Do not encrypt output private key", 399 .desc = "Do not encrypt output private key",
400 .type = OPTION_FLAG, 400 .type = OPTION_FLAG,
401 .opt.flag = &req_config.nodes, 401 .opt.flag = &cfg.nodes,
402 }, 402 },
403 { 403 {
404 .name = "noout", 404 .name = "noout",
405 .desc = "Do not output request", 405 .desc = "Do not output request",
406 .type = OPTION_FLAG, 406 .type = OPTION_FLAG,
407 .opt.flag = &req_config.noout, 407 .opt.flag = &cfg.noout,
408 }, 408 },
409 { 409 {
410 .name = "out", 410 .name = "out",
411 .argname = "file", 411 .argname = "file",
412 .desc = "Output file (default stdout)", 412 .desc = "Output file (default stdout)",
413 .type = OPTION_ARG, 413 .type = OPTION_ARG,
414 .opt.arg = &req_config.outfile, 414 .opt.arg = &cfg.outfile,
415 }, 415 },
416 { 416 {
417 .name = "outform", 417 .name = "outform",
418 .argname = "format", 418 .argname = "format",
419 .desc = "Output format (DER or PEM (default))", 419 .desc = "Output format (DER or PEM (default))",
420 .type = OPTION_ARG_FORMAT, 420 .type = OPTION_ARG_FORMAT,
421 .opt.value = &req_config.outformat, 421 .opt.value = &cfg.outformat,
422 }, 422 },
423 { 423 {
424 .name = "passin", 424 .name = "passin",
425 .argname = "source", 425 .argname = "source",
426 .desc = "Private key input password source", 426 .desc = "Private key input password source",
427 .type = OPTION_ARG, 427 .type = OPTION_ARG,
428 .opt.arg = &req_config.passargin, 428 .opt.arg = &cfg.passargin,
429 }, 429 },
430 { 430 {
431 .name = "passout", 431 .name = "passout",
432 .argname = "source", 432 .argname = "source",
433 .desc = "Private key output password source", 433 .desc = "Private key output password source",
434 .type = OPTION_ARG, 434 .type = OPTION_ARG,
435 .opt.arg = &req_config.passargout, 435 .opt.arg = &cfg.passargout,
436 }, 436 },
437 { 437 {
438 .name = "pkeyopt", 438 .name = "pkeyopt",
@@ -445,14 +445,14 @@ static const struct option req_options[] = {
445 .name = "pubkey", 445 .name = "pubkey",
446 .desc = "Output the public key", 446 .desc = "Output the public key",
447 .type = OPTION_FLAG, 447 .type = OPTION_FLAG,
448 .opt.flag = &req_config.pubkey, 448 .opt.flag = &cfg.pubkey,
449 }, 449 },
450 { 450 {
451 .name = "reqexts", 451 .name = "reqexts",
452 .argname = "section", 452 .argname = "section",
453 .desc = "Config section to use for request extensions", 453 .desc = "Config section to use for request extensions",
454 .type = OPTION_ARG, 454 .type = OPTION_ARG,
455 .opt.arg = &req_config.req_exts, 455 .opt.arg = &cfg.req_exts,
456 }, 456 },
457 { 457 {
458 .name = "reqopt", 458 .name = "reqopt",
@@ -480,19 +480,19 @@ static const struct option req_options[] = {
480 .argname = "name", 480 .argname = "name",
481 .desc = "Set or modify the request subject", 481 .desc = "Set or modify the request subject",
482 .type = OPTION_ARG, 482 .type = OPTION_ARG,
483 .opt.arg = &req_config.subj, 483 .opt.arg = &cfg.subj,
484 }, 484 },
485 { 485 {
486 .name = "subject", 486 .name = "subject",
487 .desc = "Output the subject of the request", 487 .desc = "Output the subject of the request",
488 .type = OPTION_FLAG, 488 .type = OPTION_FLAG,
489 .opt.flag = &req_config.subject, 489 .opt.flag = &cfg.subject,
490 }, 490 },
491 { 491 {
492 .name = "text", 492 .name = "text",
493 .desc = "Print request in text form", 493 .desc = "Print request in text form",
494 .type = OPTION_FLAG, 494 .type = OPTION_FLAG,
495 .opt.flag = &req_config.text, 495 .opt.flag = &cfg.text,
496 }, 496 },
497 { 497 {
498 .name = "utf8", 498 .name = "utf8",
@@ -504,19 +504,19 @@ static const struct option req_options[] = {
504 .name = "verbose", 504 .name = "verbose",
505 .desc = "Verbose", 505 .desc = "Verbose",
506 .type = OPTION_FLAG, 506 .type = OPTION_FLAG,
507 .opt.flag = &req_config.verbose, 507 .opt.flag = &cfg.verbose,
508 }, 508 },
509 { 509 {
510 .name = "verify", 510 .name = "verify",
511 .desc = "Verify signature on request", 511 .desc = "Verify signature on request",
512 .type = OPTION_FLAG, 512 .type = OPTION_FLAG,
513 .opt.flag = &req_config.verify, 513 .opt.flag = &cfg.verify,
514 }, 514 },
515 { 515 {
516 .name = "x509", 516 .name = "x509",
517 .desc = "Output an X.509 structure instead of a certificate request", 517 .desc = "Output an X.509 structure instead of a certificate request",
518 .type = OPTION_FLAG, 518 .type = OPTION_FLAG,
519 .opt.flag = &req_config.x509, 519 .opt.flag = &cfg.x509,
520 }, 520 },
521 { 521 {
522 .name = NULL, 522 .name = NULL,
@@ -568,15 +568,15 @@ req_main(int argc, char **argv)
568 exit(1); 568 exit(1);
569 } 569 }
570 570
571 memset(&req_config, 0, sizeof(req_config)); 571 memset(&cfg, 0, sizeof(cfg));
572 572
573 req_config.chtype = MBSTRING_ASC; 573 cfg.chtype = MBSTRING_ASC;
574 req_config.days = 30; 574 cfg.days = 30;
575 req_config.digest = EVP_sha256(); 575 cfg.digest = EVP_sha256();
576 req_config.newkey = -1; 576 cfg.newkey = -1;
577 req_config.informat = FORMAT_PEM; 577 cfg.informat = FORMAT_PEM;
578 req_config.keyform = FORMAT_PEM; 578 cfg.keyform = FORMAT_PEM;
579 req_config.outformat = FORMAT_PEM; 579 cfg.outformat = FORMAT_PEM;
580 580
581 if (options_parse(argc, argv, req_options, NULL, NULL) != 0) { 581 if (options_parse(argc, argv, req_options, NULL, NULL) != 0) {
582 req_usage(); 582 req_usage();
@@ -586,19 +586,19 @@ req_main(int argc, char **argv)
586 req_conf = NULL; 586 req_conf = NULL;
587 cipher = EVP_aes_256_cbc(); 587 cipher = EVP_aes_256_cbc();
588 588
589 if (!app_passwd(bio_err, req_config.passargin, req_config.passargout, &passin, &passout)) { 589 if (!app_passwd(bio_err, cfg.passargin, cfg.passargout, &passin, &passout)) {
590 BIO_printf(bio_err, "Error getting passwords\n"); 590 BIO_printf(bio_err, "Error getting passwords\n");
591 goto end; 591 goto end;
592 } 592 }
593 if (req_config.template != NULL) { 593 if (cfg.template != NULL) {
594 long errline = -1; 594 long errline = -1;
595 595
596 if (req_config.verbose) 596 if (cfg.verbose)
597 BIO_printf(bio_err, "Using configuration from %s\n", req_config.template); 597 BIO_printf(bio_err, "Using configuration from %s\n", cfg.template);
598 if ((req_conf = NCONF_new(NULL)) == NULL) 598 if ((req_conf = NCONF_new(NULL)) == NULL)
599 goto end; 599 goto end;
600 if(!NCONF_load(req_conf, req_config.template, &errline)) { 600 if(!NCONF_load(req_conf, cfg.template, &errline)) {
601 BIO_printf(bio_err, "error on line %ld of %s\n", errline, req_config.template); 601 BIO_printf(bio_err, "error on line %ld of %s\n", errline, cfg.template);
602 goto end; 602 goto end;
603 } 603 }
604 } else { 604 } else {
@@ -606,21 +606,21 @@ req_main(int argc, char **argv)
606 606
607 if (req_conf == NULL) { 607 if (req_conf == NULL) {
608 BIO_printf(bio_err, "Unable to load config info from %s\n", default_config_file); 608 BIO_printf(bio_err, "Unable to load config info from %s\n", default_config_file);
609 if (req_config.newreq) 609 if (cfg.newreq)
610 goto end; 610 goto end;
611 } else if (req_config.verbose) 611 } else if (cfg.verbose)
612 BIO_printf(bio_err, "Using configuration from %s\n", 612 BIO_printf(bio_err, "Using configuration from %s\n",
613 default_config_file); 613 default_config_file);
614 } 614 }
615 615
616 if (req_config.addext_bio != NULL) { 616 if (cfg.addext_bio != NULL) {
617 long errline = -1; 617 long errline = -1;
618 if (req_config.verbose) 618 if (cfg.verbose)
619 BIO_printf(bio_err, 619 BIO_printf(bio_err,
620 "Using additional configuration from command line\n"); 620 "Using additional configuration from command line\n");
621 if ((addext_conf = NCONF_new(NULL)) == NULL) 621 if ((addext_conf = NCONF_new(NULL)) == NULL)
622 goto end; 622 goto end;
623 if (!NCONF_load_bio(addext_conf, req_config.addext_bio, &errline)) { 623 if (!NCONF_load_bio(addext_conf, cfg.addext_bio, &errline)) {
624 BIO_printf(bio_err, 624 BIO_printf(bio_err,
625 "req: Error on line %ld of config input\n", 625 "req: Error on line %ld of config input\n",
626 errline); 626 errline);
@@ -658,22 +658,22 @@ req_main(int argc, char **argv)
658 ERR_clear_error(); 658 ERR_clear_error();
659 if (p != NULL) { 659 if (p != NULL) {
660 if ((md_alg = EVP_get_digestbyname(p)) != NULL) 660 if ((md_alg = EVP_get_digestbyname(p)) != NULL)
661 req_config.digest = md_alg; 661 cfg.digest = md_alg;
662 } 662 }
663 } 663 }
664 if (!req_config.extensions) { 664 if (!cfg.extensions) {
665 req_config.extensions = NCONF_get_string(req_conf, SECTION, V3_EXTENSIONS); 665 cfg.extensions = NCONF_get_string(req_conf, SECTION, V3_EXTENSIONS);
666 if (!req_config.extensions) 666 if (!cfg.extensions)
667 ERR_clear_error(); 667 ERR_clear_error();
668 } 668 }
669 if (req_config.extensions) { 669 if (cfg.extensions) {
670 /* Check syntax of file */ 670 /* Check syntax of file */
671 X509V3_CTX ctx; 671 X509V3_CTX ctx;
672 X509V3_set_ctx_test(&ctx); 672 X509V3_set_ctx_test(&ctx);
673 X509V3_set_nconf(&ctx, req_conf); 673 X509V3_set_nconf(&ctx, req_conf);
674 if (!X509V3_EXT_add_nconf(req_conf, &ctx, req_config.extensions, NULL)) { 674 if (!X509V3_EXT_add_nconf(req_conf, &ctx, cfg.extensions, NULL)) {
675 BIO_printf(bio_err, 675 BIO_printf(bio_err,
676 "Error Loading extension section %s\n", req_config.extensions); 676 "Error Loading extension section %s\n", cfg.extensions);
677 goto end; 677 goto end;
678 } 678 }
679 } 679 }
@@ -706,27 +706,27 @@ req_main(int argc, char **argv)
706 BIO_printf(bio_err, "Invalid global string mask setting %s\n", p); 706 BIO_printf(bio_err, "Invalid global string mask setting %s\n", p);
707 goto end; 707 goto end;
708 } 708 }
709 if (req_config.chtype != MBSTRING_UTF8) { 709 if (cfg.chtype != MBSTRING_UTF8) {
710 p = NCONF_get_string(req_conf, SECTION, UTF8_IN); 710 p = NCONF_get_string(req_conf, SECTION, UTF8_IN);
711 if (!p) 711 if (!p)
712 ERR_clear_error(); 712 ERR_clear_error();
713 else if (!strcmp(p, "yes")) 713 else if (!strcmp(p, "yes"))
714 req_config.chtype = MBSTRING_UTF8; 714 cfg.chtype = MBSTRING_UTF8;
715 } 715 }
716 if (!req_config.req_exts) { 716 if (!cfg.req_exts) {
717 req_config.req_exts = NCONF_get_string(req_conf, SECTION, REQ_EXTENSIONS); 717 cfg.req_exts = NCONF_get_string(req_conf, SECTION, REQ_EXTENSIONS);
718 if (!req_config.req_exts) 718 if (!cfg.req_exts)
719 ERR_clear_error(); 719 ERR_clear_error();
720 } 720 }
721 if (req_config.req_exts) { 721 if (cfg.req_exts) {
722 /* Check syntax of file */ 722 /* Check syntax of file */
723 X509V3_CTX ctx; 723 X509V3_CTX ctx;
724 X509V3_set_ctx_test(&ctx); 724 X509V3_set_ctx_test(&ctx);
725 X509V3_set_nconf(&ctx, req_conf); 725 X509V3_set_nconf(&ctx, req_conf);
726 if (!X509V3_EXT_add_nconf(req_conf, &ctx, req_config.req_exts, NULL)) { 726 if (!X509V3_EXT_add_nconf(req_conf, &ctx, cfg.req_exts, NULL)) {
727 BIO_printf(bio_err, 727 BIO_printf(bio_err,
728 "Error Loading request extension section %s\n", 728 "Error Loading request extension section %s\n",
729 req_config.req_exts); 729 cfg.req_exts);
730 goto end; 730 goto end;
731 } 731 }
732 } 732 }
@@ -735,8 +735,8 @@ req_main(int argc, char **argv)
735 if ((in == NULL) || (out == NULL)) 735 if ((in == NULL) || (out == NULL))
736 goto end; 736 goto end;
737 737
738 if (req_config.keyfile != NULL) { 738 if (cfg.keyfile != NULL) {
739 pkey = load_key(bio_err, req_config.keyfile, req_config.keyform, 0, passin, 739 pkey = load_key(bio_err, cfg.keyfile, cfg.keyform, 0, passin,
740 "Private Key"); 740 "Private Key");
741 if (!pkey) { 741 if (!pkey) {
742 /* 742 /*
@@ -746,31 +746,31 @@ req_main(int argc, char **argv)
746 goto end; 746 goto end;
747 } 747 }
748 } 748 }
749 if (req_config.newreq && (pkey == NULL)) { 749 if (cfg.newreq && (pkey == NULL)) {
750 if (!NCONF_get_number(req_conf, SECTION, BITS, &req_config.newkey)) { 750 if (!NCONF_get_number(req_conf, SECTION, BITS, &cfg.newkey)) {
751 req_config.newkey = DEFAULT_KEY_LENGTH; 751 cfg.newkey = DEFAULT_KEY_LENGTH;
752 } 752 }
753 if (req_config.keyalg) { 753 if (cfg.keyalg) {
754 genctx = set_keygen_ctx(bio_err, req_config.keyalg, &pkey_type, &req_config.newkey, 754 genctx = set_keygen_ctx(bio_err, cfg.keyalg, &pkey_type, &cfg.newkey,
755 &keyalgstr); 755 &keyalgstr);
756 if (!genctx) 756 if (!genctx)
757 goto end; 757 goto end;
758 } 758 }
759 if (req_config.newkey < MIN_KEY_LENGTH && (pkey_type == EVP_PKEY_RSA || pkey_type == EVP_PKEY_DSA)) { 759 if (cfg.newkey < MIN_KEY_LENGTH && (pkey_type == EVP_PKEY_RSA || pkey_type == EVP_PKEY_DSA)) {
760 BIO_printf(bio_err, "private key length is too short,\n"); 760 BIO_printf(bio_err, "private key length is too short,\n");
761 BIO_printf(bio_err, "it needs to be at least %d bits, not %ld\n", MIN_KEY_LENGTH, req_config.newkey); 761 BIO_printf(bio_err, "it needs to be at least %d bits, not %ld\n", MIN_KEY_LENGTH, cfg.newkey);
762 goto end; 762 goto end;
763 } 763 }
764 if (!genctx) { 764 if (!genctx) {
765 genctx = set_keygen_ctx(bio_err, NULL, &pkey_type, &req_config.newkey, 765 genctx = set_keygen_ctx(bio_err, NULL, &pkey_type, &cfg.newkey,
766 &keyalgstr); 766 &keyalgstr);
767 if (!genctx) 767 if (!genctx)
768 goto end; 768 goto end;
769 } 769 }
770 if (req_config.pkeyopts) { 770 if (cfg.pkeyopts) {
771 char *genopt; 771 char *genopt;
772 for (i = 0; i < sk_OPENSSL_STRING_num(req_config.pkeyopts); i++) { 772 for (i = 0; i < sk_OPENSSL_STRING_num(cfg.pkeyopts); i++) {
773 genopt = sk_OPENSSL_STRING_value(req_config.pkeyopts, i); 773 genopt = sk_OPENSSL_STRING_value(cfg.pkeyopts, i);
774 if (pkey_ctrl_string(genctx, genopt) <= 0) { 774 if (pkey_ctrl_string(genctx, genopt) <= 0) {
775 BIO_printf(bio_err, 775 BIO_printf(bio_err,
776 "parameter error \"%s\"\n", 776 "parameter error \"%s\"\n",
@@ -781,7 +781,7 @@ req_main(int argc, char **argv)
781 } 781 }
782 } 782 }
783 BIO_printf(bio_err, "Generating a %ld bit %s private key\n", 783 BIO_printf(bio_err, "Generating a %ld bit %s private key\n",
784 req_config.newkey, keyalgstr); 784 cfg.newkey, keyalgstr);
785 785
786 EVP_PKEY_CTX_set_cb(genctx, genpkey_cb); 786 EVP_PKEY_CTX_set_cb(genctx, genpkey_cb);
787 EVP_PKEY_CTX_set_app_data(genctx, bio_err); 787 EVP_PKEY_CTX_set_app_data(genctx, bio_err);
@@ -793,18 +793,18 @@ req_main(int argc, char **argv)
793 EVP_PKEY_CTX_free(genctx); 793 EVP_PKEY_CTX_free(genctx);
794 genctx = NULL; 794 genctx = NULL;
795 795
796 if (req_config.keyout == NULL) { 796 if (cfg.keyout == NULL) {
797 req_config.keyout = NCONF_get_string(req_conf, SECTION, KEYFILE); 797 cfg.keyout = NCONF_get_string(req_conf, SECTION, KEYFILE);
798 if (req_config.keyout == NULL) 798 if (cfg.keyout == NULL)
799 ERR_clear_error(); 799 ERR_clear_error();
800 } 800 }
801 if (req_config.keyout == NULL) { 801 if (cfg.keyout == NULL) {
802 BIO_printf(bio_err, "writing new private key to stdout\n"); 802 BIO_printf(bio_err, "writing new private key to stdout\n");
803 BIO_set_fp(out, stdout, BIO_NOCLOSE); 803 BIO_set_fp(out, stdout, BIO_NOCLOSE);
804 } else { 804 } else {
805 BIO_printf(bio_err, "writing new private key to '%s'\n", req_config.keyout); 805 BIO_printf(bio_err, "writing new private key to '%s'\n", cfg.keyout);
806 if (BIO_write_filename(out, req_config.keyout) <= 0) { 806 if (BIO_write_filename(out, cfg.keyout) <= 0) {
807 perror(req_config.keyout); 807 perror(cfg.keyout);
808 goto end; 808 goto end;
809 } 809 }
810 } 810 }
@@ -818,7 +818,7 @@ req_main(int argc, char **argv)
818 } 818 }
819 if ((p != NULL) && (strcmp(p, "no") == 0)) 819 if ((p != NULL) && (strcmp(p, "no") == 0))
820 cipher = NULL; 820 cipher = NULL;
821 if (req_config.nodes) 821 if (cfg.nodes)
822 cipher = NULL; 822 cipher = NULL;
823 823
824 i = 0; 824 i = 0;
@@ -835,19 +835,19 @@ req_main(int argc, char **argv)
835 } 835 }
836 BIO_printf(bio_err, "-----\n"); 836 BIO_printf(bio_err, "-----\n");
837 } 837 }
838 if (!req_config.newreq) { 838 if (!cfg.newreq) {
839 if (req_config.infile == NULL) 839 if (cfg.infile == NULL)
840 BIO_set_fp(in, stdin, BIO_NOCLOSE); 840 BIO_set_fp(in, stdin, BIO_NOCLOSE);
841 else { 841 else {
842 if (BIO_read_filename(in, req_config.infile) <= 0) { 842 if (BIO_read_filename(in, cfg.infile) <= 0) {
843 perror(req_config.infile); 843 perror(cfg.infile);
844 goto end; 844 goto end;
845 } 845 }
846 } 846 }
847 847
848 if (req_config.informat == FORMAT_ASN1) 848 if (cfg.informat == FORMAT_ASN1)
849 req = d2i_X509_REQ_bio(in, NULL); 849 req = d2i_X509_REQ_bio(in, NULL);
850 else if (req_config.informat == FORMAT_PEM) 850 else if (cfg.informat == FORMAT_PEM)
851 req = PEM_read_bio_X509_REQ(in, NULL, NULL, NULL); 851 req = PEM_read_bio_X509_REQ(in, NULL, NULL, NULL);
852 else { 852 else {
853 BIO_printf(bio_err, "bad input format specified for X509 request\n"); 853 BIO_printf(bio_err, "bad input format specified for X509 request\n");
@@ -858,7 +858,7 @@ req_main(int argc, char **argv)
858 goto end; 858 goto end;
859 } 859 }
860 } 860 }
861 if (req_config.newreq || req_config.x509) { 861 if (cfg.newreq || cfg.x509) {
862 if (pkey == NULL) { 862 if (pkey == NULL) {
863 BIO_printf(bio_err, "you need to specify a private key\n"); 863 BIO_printf(bio_err, "you need to specify a private key\n");
864 goto end; 864 goto end;
@@ -868,14 +868,14 @@ req_main(int argc, char **argv)
868 if (req == NULL) { 868 if (req == NULL) {
869 goto end; 869 goto end;
870 } 870 }
871 i = make_REQ(req, pkey, req_config.subj, req_config.multirdn, !req_config.x509, req_config.chtype); 871 i = make_REQ(req, pkey, cfg.subj, cfg.multirdn, !cfg.x509, cfg.chtype);
872 req_config.subj = NULL; /* done processing '-subj' option */ 872 cfg.subj = NULL; /* done processing '-subj' option */
873 if (!i) { 873 if (!i) {
874 BIO_printf(bio_err, "problems making Certificate Request\n"); 874 BIO_printf(bio_err, "problems making Certificate Request\n");
875 goto end; 875 goto end;
876 } 876 }
877 } 877 }
878 if (req_config.x509) { 878 if (cfg.x509) {
879 EVP_PKEY *tmppkey; 879 EVP_PKEY *tmppkey;
880 880
881 X509V3_CTX ext_ctx; 881 X509V3_CTX ext_ctx;
@@ -883,11 +883,11 @@ req_main(int argc, char **argv)
883 goto end; 883 goto end;
884 884
885 /* Set version to V3 */ 885 /* Set version to V3 */
886 if ((req_config.extensions != NULL || addext_conf != NULL) && 886 if ((cfg.extensions != NULL || addext_conf != NULL) &&
887 !X509_set_version(x509ss, 2)) 887 !X509_set_version(x509ss, 2))
888 goto end; 888 goto end;
889 if (req_config.serial) { 889 if (cfg.serial) {
890 if (!X509_set_serialNumber(x509ss, req_config.serial)) 890 if (!X509_set_serialNumber(x509ss, cfg.serial))
891 goto end; 891 goto end;
892 } else { 892 } else {
893 if (!rand_serial(NULL, 893 if (!rand_serial(NULL,
@@ -899,7 +899,7 @@ req_main(int argc, char **argv)
899 goto end; 899 goto end;
900 if (!X509_gmtime_adj(X509_get_notBefore(x509ss), 0)) 900 if (!X509_gmtime_adj(X509_get_notBefore(x509ss), 0))
901 goto end; 901 goto end;
902 if (!X509_time_adj_ex(X509_get_notAfter(x509ss), req_config.days, 0, NULL)) 902 if (!X509_time_adj_ex(X509_get_notAfter(x509ss), cfg.days, 0, NULL))
903 goto end; 903 goto end;
904 if (!X509_set_subject_name(x509ss, X509_REQ_get_subject_name(req))) 904 if (!X509_set_subject_name(x509ss, X509_REQ_get_subject_name(req)))
905 goto end; 905 goto end;
@@ -914,11 +914,11 @@ req_main(int argc, char **argv)
914 X509V3_set_nconf(&ext_ctx, req_conf); 914 X509V3_set_nconf(&ext_ctx, req_conf);
915 915
916 /* Add extensions */ 916 /* Add extensions */
917 if (req_config.extensions && !X509V3_EXT_add_nconf(req_conf, 917 if (cfg.extensions && !X509V3_EXT_add_nconf(req_conf,
918 &ext_ctx, req_config.extensions, x509ss)) { 918 &ext_ctx, cfg.extensions, x509ss)) {
919 BIO_printf(bio_err, 919 BIO_printf(bio_err,
920 "Error Loading extension section %s\n", 920 "Error Loading extension section %s\n",
921 req_config.extensions); 921 cfg.extensions);
922 goto end; 922 goto end;
923 } 923 }
924 if (addext_conf != NULL && 924 if (addext_conf != NULL &&
@@ -928,7 +928,7 @@ req_main(int argc, char **argv)
928 "Error Loading command line extensions\n"); 928 "Error Loading command line extensions\n");
929 goto end; 929 goto end;
930 } 930 }
931 i = do_X509_sign(bio_err, x509ss, pkey, req_config.digest, req_config.sigopts); 931 i = do_X509_sign(bio_err, x509ss, pkey, cfg.digest, cfg.sigopts);
932 if (!i) { 932 if (!i) {
933 ERR_print_errors(bio_err); 933 ERR_print_errors(bio_err);
934 goto end; 934 goto end;
@@ -942,11 +942,11 @@ req_main(int argc, char **argv)
942 X509V3_set_nconf(&ext_ctx, req_conf); 942 X509V3_set_nconf(&ext_ctx, req_conf);
943 943
944 /* Add extensions */ 944 /* Add extensions */
945 if (req_config.req_exts && !X509V3_EXT_REQ_add_nconf(req_conf, 945 if (cfg.req_exts && !X509V3_EXT_REQ_add_nconf(req_conf,
946 &ext_ctx, req_config.req_exts, req)) { 946 &ext_ctx, cfg.req_exts, req)) {
947 BIO_printf(bio_err, 947 BIO_printf(bio_err,
948 "Error Loading extension section %s\n", 948 "Error Loading extension section %s\n",
949 req_config.req_exts); 949 cfg.req_exts);
950 goto end; 950 goto end;
951 } 951 }
952 if (addext_conf != NULL && 952 if (addext_conf != NULL &&
@@ -956,33 +956,33 @@ req_main(int argc, char **argv)
956 "Error Loading command line extensions\n"); 956 "Error Loading command line extensions\n");
957 goto end; 957 goto end;
958 } 958 }
959 i = do_X509_REQ_sign(bio_err, req, pkey, req_config.digest, req_config.sigopts); 959 i = do_X509_REQ_sign(bio_err, req, pkey, cfg.digest, cfg.sigopts);
960 if (!i) { 960 if (!i) {
961 ERR_print_errors(bio_err); 961 ERR_print_errors(bio_err);
962 goto end; 962 goto end;
963 } 963 }
964 } 964 }
965 } 965 }
966 if (req_config.subj && req_config.x509) { 966 if (cfg.subj && cfg.x509) {
967 BIO_printf(bio_err, "Cannot modify certificate subject\n"); 967 BIO_printf(bio_err, "Cannot modify certificate subject\n");
968 goto end; 968 goto end;
969 } 969 }
970 if (req_config.subj && !req_config.x509) { 970 if (cfg.subj && !cfg.x509) {
971 if (req_config.verbose) { 971 if (cfg.verbose) {
972 BIO_printf(bio_err, "Modifying Request's Subject\n"); 972 BIO_printf(bio_err, "Modifying Request's Subject\n");
973 print_name(bio_err, "old subject=", X509_REQ_get_subject_name(req), req_config.nmflag); 973 print_name(bio_err, "old subject=", X509_REQ_get_subject_name(req), cfg.nmflag);
974 } 974 }
975 if (build_subject(req, req_config.subj, req_config.chtype, req_config.multirdn) == 0) { 975 if (build_subject(req, cfg.subj, cfg.chtype, cfg.multirdn) == 0) {
976 BIO_printf(bio_err, "ERROR: cannot modify subject\n"); 976 BIO_printf(bio_err, "ERROR: cannot modify subject\n");
977 ex = 1; 977 ex = 1;
978 goto end; 978 goto end;
979 } 979 }
980 980
981 if (req_config.verbose) { 981 if (cfg.verbose) {
982 print_name(bio_err, "new subject=", X509_REQ_get_subject_name(req), req_config.nmflag); 982 print_name(bio_err, "new subject=", X509_REQ_get_subject_name(req), cfg.nmflag);
983 } 983 }
984 } 984 }
985 if (req_config.verify && !req_config.x509) { 985 if (cfg.verify && !cfg.x509) {
986 EVP_PKEY *pubkey = pkey; 986 EVP_PKEY *pubkey = pkey;
987 987
988 if (pubkey == NULL) 988 if (pubkey == NULL)
@@ -998,24 +998,24 @@ req_main(int argc, char **argv)
998 } else /* if (i > 0) */ 998 } else /* if (i > 0) */
999 BIO_printf(bio_err, "verify OK\n"); 999 BIO_printf(bio_err, "verify OK\n");
1000 } 1000 }
1001 if (req_config.noout && !req_config.text && !req_config.modulus && !req_config.subject && !req_config.pubkey) { 1001 if (cfg.noout && !cfg.text && !cfg.modulus && !cfg.subject && !cfg.pubkey) {
1002 ex = 0; 1002 ex = 0;
1003 goto end; 1003 goto end;
1004 } 1004 }
1005 if (req_config.outfile == NULL) { 1005 if (cfg.outfile == NULL) {
1006 BIO_set_fp(out, stdout, BIO_NOCLOSE); 1006 BIO_set_fp(out, stdout, BIO_NOCLOSE);
1007 } else { 1007 } else {
1008 if ((req_config.keyout != NULL) && (strcmp(req_config.outfile, req_config.keyout) == 0)) 1008 if ((cfg.keyout != NULL) && (strcmp(cfg.outfile, cfg.keyout) == 0))
1009 i = (int) BIO_append_filename(out, req_config.outfile); 1009 i = (int) BIO_append_filename(out, cfg.outfile);
1010 else 1010 else
1011 i = (int) BIO_write_filename(out, req_config.outfile); 1011 i = (int) BIO_write_filename(out, cfg.outfile);
1012 if (!i) { 1012 if (!i) {
1013 perror(req_config.outfile); 1013 perror(cfg.outfile);
1014 goto end; 1014 goto end;
1015 } 1015 }
1016 } 1016 }
1017 1017
1018 if (req_config.pubkey) { 1018 if (cfg.pubkey) {
1019 EVP_PKEY *tpubkey; 1019 EVP_PKEY *tpubkey;
1020 1020
1021 if ((tpubkey = X509_REQ_get0_pubkey(req)) == NULL) { 1021 if ((tpubkey = X509_REQ_get0_pubkey(req)) == NULL) {
@@ -1025,22 +1025,22 @@ req_main(int argc, char **argv)
1025 } 1025 }
1026 PEM_write_bio_PUBKEY(out, tpubkey); 1026 PEM_write_bio_PUBKEY(out, tpubkey);
1027 } 1027 }
1028 if (req_config.text) { 1028 if (cfg.text) {
1029 if (req_config.x509) 1029 if (cfg.x509)
1030 X509_print_ex(out, x509ss, req_config.nmflag, req_config.reqflag); 1030 X509_print_ex(out, x509ss, cfg.nmflag, cfg.reqflag);
1031 else 1031 else
1032 X509_REQ_print_ex(out, req, req_config.nmflag, req_config.reqflag); 1032 X509_REQ_print_ex(out, req, cfg.nmflag, cfg.reqflag);
1033 } 1033 }
1034 if (req_config.subject) { 1034 if (cfg.subject) {
1035 if (req_config.x509) 1035 if (cfg.x509)
1036 print_name(out, "subject=", X509_get_subject_name(x509ss), req_config.nmflag); 1036 print_name(out, "subject=", X509_get_subject_name(x509ss), cfg.nmflag);
1037 else 1037 else
1038 print_name(out, "subject=", X509_REQ_get_subject_name(req), req_config.nmflag); 1038 print_name(out, "subject=", X509_REQ_get_subject_name(req), cfg.nmflag);
1039 } 1039 }
1040 if (req_config.modulus) { 1040 if (cfg.modulus) {
1041 EVP_PKEY *tpubkey; 1041 EVP_PKEY *tpubkey;
1042 1042
1043 if (req_config.x509) 1043 if (cfg.x509)
1044 tpubkey = X509_get0_pubkey(x509ss); 1044 tpubkey = X509_get0_pubkey(x509ss);
1045 else 1045 else
1046 tpubkey = X509_REQ_get0_pubkey(req); 1046 tpubkey = X509_REQ_get0_pubkey(req);
@@ -1059,11 +1059,11 @@ req_main(int argc, char **argv)
1059 fprintf(stdout, "Wrong Algorithm type"); 1059 fprintf(stdout, "Wrong Algorithm type");
1060 fprintf(stdout, "\n"); 1060 fprintf(stdout, "\n");
1061 } 1061 }
1062 if (!req_config.noout && !req_config.x509) { 1062 if (!cfg.noout && !cfg.x509) {
1063 if (req_config.outformat == FORMAT_ASN1) 1063 if (cfg.outformat == FORMAT_ASN1)
1064 i = i2d_X509_REQ_bio(out, req); 1064 i = i2d_X509_REQ_bio(out, req);
1065 else if (req_config.outformat == FORMAT_PEM) { 1065 else if (cfg.outformat == FORMAT_PEM) {
1066 if (req_config.newhdr) 1066 if (cfg.newhdr)
1067 i = PEM_write_bio_X509_REQ_NEW(out, req); 1067 i = PEM_write_bio_X509_REQ_NEW(out, req);
1068 else 1068 else
1069 i = PEM_write_bio_X509_REQ(out, req); 1069 i = PEM_write_bio_X509_REQ(out, req);
@@ -1076,10 +1076,10 @@ req_main(int argc, char **argv)
1076 goto end; 1076 goto end;
1077 } 1077 }
1078 } 1078 }
1079 if (!req_config.noout && req_config.x509 && (x509ss != NULL)) { 1079 if (!cfg.noout && cfg.x509 && (x509ss != NULL)) {
1080 if (req_config.outformat == FORMAT_ASN1) 1080 if (cfg.outformat == FORMAT_ASN1)
1081 i = i2d_X509_bio(out, x509ss); 1081 i = i2d_X509_bio(out, x509ss);
1082 else if (req_config.outformat == FORMAT_PEM) 1082 else if (cfg.outformat == FORMAT_PEM)
1083 i = PEM_write_bio_X509(out, x509ss); 1083 i = PEM_write_bio_X509(out, x509ss);
1084 else { 1084 else {
1085 BIO_printf(bio_err, "bad output format specified for outfile\n"); 1085 BIO_printf(bio_err, "bad output format specified for outfile\n");
@@ -1098,25 +1098,25 @@ req_main(int argc, char **argv)
1098 if ((req_conf != NULL) && (req_conf != config)) 1098 if ((req_conf != NULL) && (req_conf != config))
1099 NCONF_free(req_conf); 1099 NCONF_free(req_conf);
1100 NCONF_free(addext_conf); 1100 NCONF_free(addext_conf);
1101 BIO_free(req_config.addext_bio); 1101 BIO_free(cfg.addext_bio);
1102 BIO_free(in); 1102 BIO_free(in);
1103 BIO_free_all(out); 1103 BIO_free_all(out);
1104 EVP_PKEY_free(pkey); 1104 EVP_PKEY_free(pkey);
1105 if (genctx) 1105 if (genctx)
1106 EVP_PKEY_CTX_free(genctx); 1106 EVP_PKEY_CTX_free(genctx);
1107 if (req_config.pkeyopts) 1107 if (cfg.pkeyopts)
1108 sk_OPENSSL_STRING_free(req_config.pkeyopts); 1108 sk_OPENSSL_STRING_free(cfg.pkeyopts);
1109 if (req_config.sigopts) 1109 if (cfg.sigopts)
1110 sk_OPENSSL_STRING_free(req_config.sigopts); 1110 sk_OPENSSL_STRING_free(cfg.sigopts);
1111 lh_OPENSSL_STRING_doall(req_config.addexts, (LHASH_DOALL_FN_TYPE)exts_cleanup); 1111 lh_OPENSSL_STRING_doall(cfg.addexts, (LHASH_DOALL_FN_TYPE)exts_cleanup);
1112 lh_OPENSSL_STRING_free(req_config.addexts); 1112 lh_OPENSSL_STRING_free(cfg.addexts);
1113 free(keyalgstr); 1113 free(keyalgstr);
1114 X509_REQ_free(req); 1114 X509_REQ_free(req);
1115 X509_free(x509ss); 1115 X509_free(x509ss);
1116 ASN1_INTEGER_free(req_config.serial); 1116 ASN1_INTEGER_free(cfg.serial);
1117 if (req_config.passargin && passin) 1117 if (cfg.passargin && passin)
1118 free(passin); 1118 free(passin);
1119 if (req_config.passargout && passout) 1119 if (cfg.passargout && passout)
1120 free(passout); 1120 free(passout);
1121 OBJ_cleanup(); 1121 OBJ_cleanup();
1122 1122
@@ -1222,7 +1222,7 @@ prompt_info(X509_REQ * req,
1222 X509_NAME *subj; 1222 X509_NAME *subj;
1223 subj = X509_REQ_get_subject_name(req); 1223 subj = X509_REQ_get_subject_name(req);
1224 1224
1225 if (!req_config.batch) { 1225 if (!cfg.batch) {
1226 BIO_printf(bio_err, "You are about to be asked to enter information that will be incorporated\n"); 1226 BIO_printf(bio_err, "You are about to be asked to enter information that will be incorporated\n");
1227 BIO_printf(bio_err, "into your certificate request.\n"); 1227 BIO_printf(bio_err, "into your certificate request.\n");
1228 BIO_printf(bio_err, "What you are about to enter is what is called a Distinguished Name or a DN.\n"); 1228 BIO_printf(bio_err, "What you are about to enter is what is called a Distinguished Name or a DN.\n");
@@ -1316,7 +1316,7 @@ prompt_info(X509_REQ * req,
1316 } 1316 }
1317 if (attribs) { 1317 if (attribs) {
1318 if ((attr_sk != NULL) && (sk_CONF_VALUE_num(attr_sk) > 0) && 1318 if ((attr_sk != NULL) && (sk_CONF_VALUE_num(attr_sk) > 0) &&
1319 (!req_config.batch)) { 1319 (!cfg.batch)) {
1320 BIO_printf(bio_err, 1320 BIO_printf(bio_err,
1321 "\nPlease enter the following 'extra' attributes\n"); 1321 "\nPlease enter the following 'extra' attributes\n");
1322 BIO_printf(bio_err, 1322 BIO_printf(bio_err,
@@ -1452,7 +1452,7 @@ add_DN_object(X509_NAME * n, char *text, const char *def, char *value,
1452 int i, ret = 0; 1452 int i, ret = 0;
1453 char buf[1024]; 1453 char buf[1024];
1454 start: 1454 start:
1455 if (!req_config.batch) 1455 if (!cfg.batch)
1456 BIO_printf(bio_err, "%s [%s]:", text, def); 1456 BIO_printf(bio_err, "%s [%s]:", text, def);
1457 (void) BIO_flush(bio_err); 1457 (void) BIO_flush(bio_err);
1458 if (value != NULL) { 1458 if (value != NULL) {
@@ -1461,7 +1461,7 @@ add_DN_object(X509_NAME * n, char *text, const char *def, char *value,
1461 BIO_printf(bio_err, "%s\n", value); 1461 BIO_printf(bio_err, "%s\n", value);
1462 } else { 1462 } else {
1463 buf[0] = '\0'; 1463 buf[0] = '\0';
1464 if (!req_config.batch) { 1464 if (!cfg.batch) {
1465 if (!fgets(buf, sizeof buf, stdin)) 1465 if (!fgets(buf, sizeof buf, stdin))
1466 return 0; 1466 return 0;
1467 } else { 1467 } else {
@@ -1505,7 +1505,7 @@ add_attribute_object(X509_REQ * req, char *text, const char *def,
1505 static char buf[1024]; 1505 static char buf[1024];
1506 1506
1507 start: 1507 start:
1508 if (!req_config.batch) 1508 if (!cfg.batch)
1509 BIO_printf(bio_err, "%s [%s]:", text, def); 1509 BIO_printf(bio_err, "%s [%s]:", text, def);
1510 (void) BIO_flush(bio_err); 1510 (void) BIO_flush(bio_err);
1511 if (value != NULL) { 1511 if (value != NULL) {
@@ -1514,7 +1514,7 @@ add_attribute_object(X509_REQ * req, char *text, const char *def,
1514 BIO_printf(bio_err, "%s\n", value); 1514 BIO_printf(bio_err, "%s\n", value);
1515 } else { 1515 } else {
1516 buf[0] = '\0'; 1516 buf[0] = '\0';
1517 if (!req_config.batch) { 1517 if (!cfg.batch) {
1518 if (!fgets(buf, sizeof buf, stdin)) 1518 if (!fgets(buf, sizeof buf, stdin))
1519 return 0; 1519 return 0;
1520 } else { 1520 } else {
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 05:55:54 +0000