1 files changed, 27 insertions, 27 deletions
diff --git a/src/usr.bin/openssl/verify.c b/src/usr.bin/openssl/verify.c
index b42dd2f243..b412623991 100644
--- a/src/usr.bin/openssl/verify.c
+++ b/src/usr.bin/openssl/verify.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: verify.c,v 1.15 2022/11/11 17:07:39 joshua Exp $ */
+/* $OpenBSD: verify.c,v 1.16 2023/03/06 14:32:06 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -81,7 +81,7 @@ static struct {
        char *untfile;
        int verbose;
        X509_VERIFY_PARAM *vpm;
-} verify_config;
+} cfg;
 static int
 verify_opt_args(int argc, char **argv, int *argsused)
@@ -89,7 +89,7 @@ verify_opt_args(int argc, char **argv, int *argsused)
        int oargc = argc;
        int badarg = 0;
-        if (!args_verify(&argv, &argc, &badarg, bio_err, &verify_config.vpm))
+        if (!args_verify(&argv, &argc, &badarg, bio_err, &cfg.vpm))
                return (1);
        if (badarg)
                return (1);
@@ -105,41 +105,41 @@ static const struct option verify_options[] = {
                .argname = "file",
                .desc = "Certificate Authority file",
                .type = OPTION_ARG,
-                .opt.arg = &verify_config.CAfile,
+                .opt.arg = &cfg.CAfile,
        },
        {
                .name = "CApath",
                .argname = "path",
                .desc = "Certificate Authority path",
                .type = OPTION_ARG,
-                .opt.arg = &verify_config.CApath,
+                .opt.arg = &cfg.CApath,
        },
        {
                .name = "CRLfile",
                .argname = "file",
                .desc = "Certificate Revocation List file",
                .type = OPTION_ARG,
-                .opt.arg = &verify_config.crlfile,
+                .opt.arg = &cfg.crlfile,
        },
        {
                .name = "trusted",
                .argname = "file",
                .desc = "Trusted certificates file",
                .type = OPTION_ARG,
-                .opt.arg = &verify_config.trustfile,
+                .opt.arg = &cfg.trustfile,
        },
        {
                .name = "untrusted",
                .argname = "file",
                .desc = "Untrusted certificates file",
                .type = OPTION_ARG,
-                .opt.arg = &verify_config.untfile,
+                .opt.arg = &cfg.untfile,
        },
        {
                .name = "verbose",
                .desc = "Verbose",
                .type = OPTION_FLAG,
-                .opt.flag = &verify_config.verbose,
+                .opt.flag = &cfg.verbose,
        },
        {
                .name = NULL,
@@ -273,7 +273,7 @@ verify_main(int argc, char **argv)
                exit(1);
        }
-        memset(&verify_config, 0, sizeof(verify_config));
+        memset(&cfg, 0, sizeof(cfg));
        if (options_parse(argc, argv, verify_options, NULL, &argsused) != 0) {
                verify_usage();
@@ -288,17 +288,17 @@ verify_main(int argc, char **argv)
                goto end;
        X509_STORE_set_verify_cb(cert_ctx, cb);
-        if (verify_config.vpm)
+        if (cfg.vpm)
-                X509_STORE_set1_param(cert_ctx, verify_config.vpm);
+                X509_STORE_set1_param(cert_ctx, cfg.vpm);
        lookup = X509_STORE_add_lookup(cert_ctx, X509_LOOKUP_file());
        if (lookup == NULL)
                abort(); /* XXX */
-        if (verify_config.CAfile) {
+        if (cfg.CAfile) {
-                if (!X509_LOOKUP_load_file(lookup, verify_config.CAfile,
+                if (!X509_LOOKUP_load_file(lookup, cfg.CAfile,
                    X509_FILETYPE_PEM)) {
                        BIO_printf(bio_err, "Error loading file %s\n",
-                            verify_config.CAfile);
+                            cfg.CAfile);
                        ERR_print_errors(bio_err);
                        goto end;
                }
@@ -308,11 +308,11 @@ verify_main(int argc, char **argv)
        lookup = X509_STORE_add_lookup(cert_ctx, X509_LOOKUP_hash_dir());
        if (lookup == NULL)
                abort(); /* XXX */
-        if (verify_config.CApath) {
+        if (cfg.CApath) {
-                if (!X509_LOOKUP_add_dir(lookup, verify_config.CApath,
+                if (!X509_LOOKUP_add_dir(lookup, cfg.CApath,
                    X509_FILETYPE_PEM)) {
                        BIO_printf(bio_err, "Error loading directory %s\n",
-                            verify_config.CApath);
+                            cfg.CApath);
                        ERR_print_errors(bio_err);
                        goto end;
                }
@@ -321,20 +321,20 @@ verify_main(int argc, char **argv)
        ERR_clear_error();
-        if (verify_config.untfile) {
+        if (cfg.untfile) {
-                untrusted = load_certs(bio_err, verify_config.untfile,
+                untrusted = load_certs(bio_err, cfg.untfile,
                    FORMAT_PEM, NULL, "untrusted certificates");
                if (!untrusted)
                        goto end;
        }
-        if (verify_config.trustfile) {
+        if (cfg.trustfile) {
-                trusted = load_certs(bio_err, verify_config.trustfile,
+                trusted = load_certs(bio_err, cfg.trustfile,
                    FORMAT_PEM, NULL, "trusted certificates");
                if (!trusted)
                        goto end;
        }
-        if (verify_config.crlfile) {
+        if (cfg.crlfile) {
-                crls = load_crls(bio_err, verify_config.crlfile, FORMAT_PEM,
+                crls = load_crls(bio_err, cfg.crlfile, FORMAT_PEM,
                    NULL, "other CRLs");
                if (!crls)
                        goto end;
@@ -352,8 +352,8 @@ verify_main(int argc, char **argv)
        }
 end:
-        if (verify_config.vpm)
+        if (cfg.vpm)
-                X509_VERIFY_PARAM_free(verify_config.vpm);
+                X509_VERIFY_PARAM_free(cfg.vpm);
        if (cert_ctx != NULL)
                X509_STORE_free(cert_ctx);
        sk_X509_pop_free(untrusted, X509_free);
@@ -454,7 +454,7 @@ cb(int ok, X509_STORE_CTX *ctx)
        }
        if (cert_error == X509_V_OK && ok == 2)
                policies_print(NULL, ctx);
-        if (!verify_config.verbose)
+        if (!cfg.verbose)
                ERR_clear_error();
        return (ok);
 }

diff --git a/src/usr.bin/openssl/verify.c b/src/usr.bin/openssl/verify.c index b42dd2f243..b412623991 100644 --- a/src/usr.bin/openssl/verify.c +++ b/src/usr.bin/openssl/verify.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: verify.c,v 1.15 2022/11/11 17:07:39 joshua Exp $ */	1	/* $OpenBSD: verify.c,v 1.16 2023/03/06 14:32:06 tb Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -81,7 +81,7 @@ static struct {
81	char *untfile;	81	char *untfile;
82	int verbose;	82	int verbose;
83	X509_VERIFY_PARAM *vpm;	83	X509_VERIFY_PARAM *vpm;
84	} verify_config;	84	} cfg;
85		85
86	static int	86	static int
87	verify_opt_args(int argc, char *argv, int argsused)	87	verify_opt_args(int argc, char *argv, int argsused)
@@ -89,7 +89,7 @@ verify_opt_args(int argc, char *argv, int argsused)
89	int oargc = argc;	89	int oargc = argc;
90	int badarg = 0;	90	int badarg = 0;
91		91
92	if (!args_verify(&argv, &argc, &badarg, bio_err, &verify_config.vpm))	92	if (!args_verify(&argv, &argc, &badarg, bio_err, &cfg.vpm))
93	return (1);	93	return (1);
94	if (badarg)	94	if (badarg)
95	return (1);	95	return (1);
@@ -105,41 +105,41 @@ static const struct option verify_options[] = {
105	.argname = "file",	105	.argname = "file",
106	.desc = "Certificate Authority file",	106	.desc = "Certificate Authority file",
107	.type = OPTION_ARG,	107	.type = OPTION_ARG,
108	.opt.arg = &verify_config.CAfile,	108	.opt.arg = &cfg.CAfile,
109	},	109	},
110	{	110	{
111	.name = "CApath",	111	.name = "CApath",
112	.argname = "path",	112	.argname = "path",
113	.desc = "Certificate Authority path",	113	.desc = "Certificate Authority path",
114	.type = OPTION_ARG,	114	.type = OPTION_ARG,
115	.opt.arg = &verify_config.CApath,	115	.opt.arg = &cfg.CApath,
116	},	116	},
117	{	117	{
118	.name = "CRLfile",	118	.name = "CRLfile",
119	.argname = "file",	119	.argname = "file",
120	.desc = "Certificate Revocation List file",	120	.desc = "Certificate Revocation List file",
121	.type = OPTION_ARG,	121	.type = OPTION_ARG,
122	.opt.arg = &verify_config.crlfile,	122	.opt.arg = &cfg.crlfile,
123	},	123	},
124	{	124	{
125	.name = "trusted",	125	.name = "trusted",
126	.argname = "file",	126	.argname = "file",
127	.desc = "Trusted certificates file",	127	.desc = "Trusted certificates file",
128	.type = OPTION_ARG,	128	.type = OPTION_ARG,
129	.opt.arg = &verify_config.trustfile,	129	.opt.arg = &cfg.trustfile,
130	},	130	},
131	{	131	{
132	.name = "untrusted",	132	.name = "untrusted",
133	.argname = "file",	133	.argname = "file",
134	.desc = "Untrusted certificates file",	134	.desc = "Untrusted certificates file",
135	.type = OPTION_ARG,	135	.type = OPTION_ARG,
136	.opt.arg = &verify_config.untfile,	136	.opt.arg = &cfg.untfile,
137	},	137	},
138	{	138	{
139	.name = "verbose",	139	.name = "verbose",
140	.desc = "Verbose",	140	.desc = "Verbose",
141	.type = OPTION_FLAG,	141	.type = OPTION_FLAG,
142	.opt.flag = &verify_config.verbose,	142	.opt.flag = &cfg.verbose,
143	},	143	},
144	{	144	{
145	.name = NULL,	145	.name = NULL,
@@ -273,7 +273,7 @@ verify_main(int argc, char **argv)
273	exit(1);	273	exit(1);
274	}	274	}
275		275
276	memset(&verify_config, 0, sizeof(verify_config));	276	memset(&cfg, 0, sizeof(cfg));
277		277
278	if (options_parse(argc, argv, verify_options, NULL, &argsused) != 0) {	278	if (options_parse(argc, argv, verify_options, NULL, &argsused) != 0) {
279	verify_usage();	279	verify_usage();
@@ -288,17 +288,17 @@ verify_main(int argc, char **argv)
288	goto end;	288	goto end;
289	X509_STORE_set_verify_cb(cert_ctx, cb);	289	X509_STORE_set_verify_cb(cert_ctx, cb);
290		290
291	if (verify_config.vpm)	291	if (cfg.vpm)
292	X509_STORE_set1_param(cert_ctx, verify_config.vpm);	292	X509_STORE_set1_param(cert_ctx, cfg.vpm);
293		293
294	lookup = X509_STORE_add_lookup(cert_ctx, X509_LOOKUP_file());	294	lookup = X509_STORE_add_lookup(cert_ctx, X509_LOOKUP_file());
295	if (lookup == NULL)	295	if (lookup == NULL)
296	abort(); /* XXX */	296	abort(); /* XXX */
297	if (verify_config.CAfile) {	297	if (cfg.CAfile) {
298	if (!X509_LOOKUP_load_file(lookup, verify_config.CAfile,	298	if (!X509_LOOKUP_load_file(lookup, cfg.CAfile,
299	X509_FILETYPE_PEM)) {	299	X509_FILETYPE_PEM)) {
300	BIO_printf(bio_err, "Error loading file %s\n",	300	BIO_printf(bio_err, "Error loading file %s\n",
301	verify_config.CAfile);	301	cfg.CAfile);
302	ERR_print_errors(bio_err);	302	ERR_print_errors(bio_err);
303	goto end;	303	goto end;
304	}	304	}
@@ -308,11 +308,11 @@ verify_main(int argc, char **argv)
308	lookup = X509_STORE_add_lookup(cert_ctx, X509_LOOKUP_hash_dir());	308	lookup = X509_STORE_add_lookup(cert_ctx, X509_LOOKUP_hash_dir());
309	if (lookup == NULL)	309	if (lookup == NULL)
310	abort(); /* XXX */	310	abort(); /* XXX */
311	if (verify_config.CApath) {	311	if (cfg.CApath) {
312	if (!X509_LOOKUP_add_dir(lookup, verify_config.CApath,	312	if (!X509_LOOKUP_add_dir(lookup, cfg.CApath,
313	X509_FILETYPE_PEM)) {	313	X509_FILETYPE_PEM)) {
314	BIO_printf(bio_err, "Error loading directory %s\n",	314	BIO_printf(bio_err, "Error loading directory %s\n",
315	verify_config.CApath);	315	cfg.CApath);
316	ERR_print_errors(bio_err);	316	ERR_print_errors(bio_err);
317	goto end;	317	goto end;
318	}	318	}
@@ -321,20 +321,20 @@ verify_main(int argc, char **argv)
321		321
322	ERR_clear_error();	322	ERR_clear_error();
323		323
324	if (verify_config.untfile) {	324	if (cfg.untfile) {
325	untrusted = load_certs(bio_err, verify_config.untfile,	325	untrusted = load_certs(bio_err, cfg.untfile,
326	FORMAT_PEM, NULL, "untrusted certificates");	326	FORMAT_PEM, NULL, "untrusted certificates");
327	if (!untrusted)	327	if (!untrusted)
328	goto end;	328	goto end;
329	}	329	}
330	if (verify_config.trustfile) {	330	if (cfg.trustfile) {
331	trusted = load_certs(bio_err, verify_config.trustfile,	331	trusted = load_certs(bio_err, cfg.trustfile,
332	FORMAT_PEM, NULL, "trusted certificates");	332	FORMAT_PEM, NULL, "trusted certificates");
333	if (!trusted)	333	if (!trusted)
334	goto end;	334	goto end;
335	}	335	}
336	if (verify_config.crlfile) {	336	if (cfg.crlfile) {
337	crls = load_crls(bio_err, verify_config.crlfile, FORMAT_PEM,	337	crls = load_crls(bio_err, cfg.crlfile, FORMAT_PEM,
338	NULL, "other CRLs");	338	NULL, "other CRLs");
339	if (!crls)	339	if (!crls)
340	goto end;	340	goto end;
@@ -352,8 +352,8 @@ verify_main(int argc, char **argv)
352	}	352	}
353		353
354	end:	354	end:
355	if (verify_config.vpm)	355	if (cfg.vpm)
356	X509_VERIFY_PARAM_free(verify_config.vpm);	356	X509_VERIFY_PARAM_free(cfg.vpm);
357	if (cert_ctx != NULL)	357	if (cert_ctx != NULL)
358	X509_STORE_free(cert_ctx);	358	X509_STORE_free(cert_ctx);
359	sk_X509_pop_free(untrusted, X509_free);	359	sk_X509_pop_free(untrusted, X509_free);
@@ -454,7 +454,7 @@ cb(int ok, X509_STORE_CTX *ctx)
454	}	454	}
455	if (cert_error == X509_V_OK && ok == 2)	455	if (cert_error == X509_V_OK && ok == 2)
456	policies_print(NULL, ctx);	456	policies_print(NULL, ctx);
457	if (!verify_config.verbose)	457	if (!cfg.verbose)
458	ERR_clear_error();	458	ERR_clear_error();
459	return (ok);	459	return (ok);
460	}	460	}