summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/lib/libssl/src/apps/apps.c193
-rw-r--r--src/lib/libssl/src/apps/apps.h13
2 files changed, 127 insertions, 79 deletions
diff --git a/src/lib/libssl/src/apps/apps.c b/src/lib/libssl/src/apps/apps.c
index 7c0b087a9e..675d8261ec 100644
--- a/src/lib/libssl/src/apps/apps.c
+++ b/src/lib/libssl/src/apps/apps.c
@@ -148,13 +148,14 @@ typedef struct {
148 148
149static UI_METHOD *ui_method = NULL; 149static UI_METHOD *ui_method = NULL;
150 150
151static int set_table_opts(unsigned long *flags, const char *arg, const NAME_EX_TBL * in_tbl); 151static int set_table_opts(unsigned long *flags, const char *arg,
152static int set_multi_opts(unsigned long *flags, const char *arg, const NAME_EX_TBL * in_tbl); 152 const NAME_EX_TBL * in_tbl);
153static int set_multi_opts(unsigned long *flags, const char *arg,
154 const NAME_EX_TBL * in_tbl);
153 155
154#if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_RSA) 156#if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_RSA)
155/* Looks like this stuff is worth moving into separate function */ 157/* Looks like this stuff is worth moving into separate function */
156static EVP_PKEY * 158static EVP_PKEY *load_netscape_key(BIO * err, BIO * key, const char *file,
157load_netscape_key(BIO * err, BIO * key, const char *file,
158 const char *key_descrip, int format); 159 const char *key_descrip, int format);
159#endif 160#endif
160 161
@@ -176,7 +177,7 @@ str2fmt(char *s)
176 else if ((*s == 'M') || (*s == 'm')) 177 else if ((*s == 'M') || (*s == 'm'))
177 return (FORMAT_MSBLOB); 178 return (FORMAT_MSBLOB);
178 else if ((*s == '1') || 179 else if ((*s == '1') ||
179 (strcmp(s, "PKCS12") == 0) || (strcmp(s, "pkcs12") == 0) || 180 (strcmp(s, "PKCS12") == 0) || (strcmp(s, "pkcs12") == 0) ||
180 (strcmp(s, "P12") == 0) || (strcmp(s, "p12") == 0)) 181 (strcmp(s, "P12") == 0) || (strcmp(s, "p12") == 0))
181 return (FORMAT_PKCS12); 182 return (FORMAT_PKCS12);
182 else if ((*s == 'E') || (*s == 'e')) 183 else if ((*s == 'E') || (*s == 'e'))
@@ -215,7 +216,7 @@ chopup_args(ARGS * arg, char *buf, int *argc, char **argv[])
215 i = 0; 216 i = 0;
216 if (arg->count == 0) { 217 if (arg->count == 0) {
217 arg->count = 20; 218 arg->count = 20;
218 arg->data = (char **) malloc(sizeof(char *) * arg->count); 219 arg->data = (char **)malloc(sizeof(char *) * arg->count);
219 } 220 }
220 for (i = 0; i < arg->count; i++) 221 for (i = 0; i < arg->count; i++)
221 arg->data[i] = NULL; 222 arg->data[i] = NULL;
@@ -257,7 +258,7 @@ chopup_args(ARGS * arg, char *buf, int *argc, char **argv[])
257 *p = '\0'; 258 *p = '\0';
258 } else { 259 } else {
259 while (*p && ((*p != ' ') && 260 while (*p && ((*p != ' ') &&
260 (*p != '\t') && (*p != '\n'))) 261 (*p != '\t') && (*p != '\n')))
261 p++; 262 p++;
262 263
263 if (*p == '\0') 264 if (*p == '\0')
@@ -281,7 +282,7 @@ app_init(long mesgwin)
281#endif 282#endif
282 283
283 284
284int 285int
285dump_cert_text(BIO * out, X509 * x) 286dump_cert_text(BIO * out, X509 * x)
286{ 287{
287 char *p; 288 char *p;
@@ -316,7 +317,7 @@ ui_read(UI * ui, UI_STRING * uis)
316 case UIT_VERIFY: 317 case UIT_VERIFY:
317 { 318 {
318 const char *password = 319 const char *password =
319 ((PW_CB_DATA *) UI_get0_user_data(ui))->password; 320 ((PW_CB_DATA *)UI_get0_user_data(ui))->password;
320 if (password && password[0] != '\0') { 321 if (password && password[0] != '\0') {
321 UI_set_result(ui, uis, password); 322 UI_set_result(ui, uis, password);
322 return 1; 323 return 1;
@@ -340,7 +341,7 @@ ui_write(UI * ui, UI_STRING * uis)
340 case UIT_VERIFY: 341 case UIT_VERIFY:
341 { 342 {
342 const char *password = 343 const char *password =
343 ((PW_CB_DATA *) UI_get0_user_data(ui))->password; 344 ((PW_CB_DATA *)UI_get0_user_data(ui))->password;
344 if (password && password[0] != '\0') 345 if (password && password[0] != '\0')
345 return 1; 346 return 1;
346 } 347 }
@@ -379,8 +380,7 @@ destroy_ui_method(void)
379} 380}
380 381
381int 382int
382password_callback(char *buf, int bufsiz, int verify, 383password_callback(char *buf, int bufsiz, int verify, PW_CB_DATA * cb_tmp)
383 PW_CB_DATA * cb_tmp)
384{ 384{
385 UI *ui = NULL; 385 UI *ui = NULL;
386 int res = 0; 386 int res = 0;
@@ -408,8 +408,7 @@ password_callback(char *buf, int bufsiz, int verify,
408 int ui_flags = 0; 408 int ui_flags = 0;
409 char *prompt = NULL; 409 char *prompt = NULL;
410 410
411 prompt = UI_construct_prompt(ui, "pass phrase", 411 prompt = UI_construct_prompt(ui, "pass phrase", prompt_info);
412 prompt_info);
413 412
414 ui_flags |= UI_INPUT_FLAG_DEFAULT_PWD; 413 ui_flags |= UI_INPUT_FLAG_DEFAULT_PWD;
415 UI_ctrl(ui, UI_CTRL_PRINT_ERRORS, 1, 0, 0); 414 UI_ctrl(ui, UI_CTRL_PRINT_ERRORS, 1, 0, 0);
@@ -457,6 +456,7 @@ int
457app_passwd(BIO * err, char *arg1, char *arg2, char **pass1, char **pass2) 456app_passwd(BIO * err, char *arg1, char *arg2, char **pass1, char **pass2)
458{ 457{
459 int same; 458 int same;
459
460 if (!arg2 || !arg1 || strcmp(arg1, arg2)) 460 if (!arg2 || !arg1 || strcmp(arg1, arg2))
461 same = 0; 461 same = 0;
462 else 462 else
@@ -482,12 +482,14 @@ app_get_pass(BIO * err, char *arg, int keepbio)
482 char *tmp, tpass[APP_PASS_LEN]; 482 char *tmp, tpass[APP_PASS_LEN];
483 static BIO *pwdbio = NULL; 483 static BIO *pwdbio = NULL;
484 int i; 484 int i;
485
485 if (!strncmp(arg, "pass:", 5)) 486 if (!strncmp(arg, "pass:", 5))
486 return BUF_strdup(arg + 5); 487 return BUF_strdup(arg + 5);
487 if (!strncmp(arg, "env:", 4)) { 488 if (!strncmp(arg, "env:", 4)) {
488 tmp = getenv(arg + 4); 489 tmp = getenv(arg + 4);
489 if (!tmp) { 490 if (!tmp) {
490 BIO_printf(err, "Can't read environment variable %s\n", arg + 4); 491 BIO_printf(err, "Can't read environment variable %s\n",
492 arg + 4);
491 return NULL; 493 return NULL;
492 } 494 }
493 return BUF_strdup(tmp); 495 return BUF_strdup(tmp);
@@ -496,7 +498,8 @@ app_get_pass(BIO * err, char *arg, int keepbio)
496 if (!strncmp(arg, "file:", 5)) { 498 if (!strncmp(arg, "file:", 5)) {
497 pwdbio = BIO_new_file(arg + 5, "r"); 499 pwdbio = BIO_new_file(arg + 5, "r");
498 if (!pwdbio) { 500 if (!pwdbio) {
499 BIO_printf(err, "Can't open file %s\n", arg + 5); 501 BIO_printf(err, "Can't open file %s\n",
502 arg + 5);
500 return NULL; 503 return NULL;
501 } 504 }
502 /* 505 /*
@@ -513,7 +516,9 @@ app_get_pass(BIO * err, char *arg, int keepbio)
513 if (i >= 0) 516 if (i >= 0)
514 pwdbio = BIO_new_fd(i, BIO_NOCLOSE); 517 pwdbio = BIO_new_fd(i, BIO_NOCLOSE);
515 if ((i < 0) || !pwdbio) { 518 if ((i < 0) || !pwdbio) {
516 BIO_printf(err, "Can't access file descriptor %s\n", arg + 3); 519 BIO_printf(err,
520 "Can't access file descriptor %s\n",
521 arg + 3);
517 return NULL; 522 return NULL;
518 } 523 }
519 /* 524 /*
@@ -529,7 +534,8 @@ app_get_pass(BIO * err, char *arg, int keepbio)
529 return NULL; 534 return NULL;
530 } 535 }
531 } else { 536 } else {
532 BIO_printf(err, "Invalid password argument \"%s\"\n", arg); 537 BIO_printf(err, "Invalid password argument \"%s\"\n",
538 arg);
533 return NULL; 539 return NULL;
534 } 540 }
535 } 541 }
@@ -555,6 +561,7 @@ add_oid_section(BIO * err, CONF * conf)
555 STACK_OF(CONF_VALUE) * sktmp; 561 STACK_OF(CONF_VALUE) * sktmp;
556 CONF_VALUE *cnf; 562 CONF_VALUE *cnf;
557 int i; 563 int i;
564
558 if (!(p = NCONF_get_string(conf, NULL, "oid_section"))) { 565 if (!(p = NCONF_get_string(conf, NULL, "oid_section"))) {
559 ERR_clear_error(); 566 ERR_clear_error();
560 return 1; 567 return 1;
@@ -582,6 +589,7 @@ load_pkcs12(BIO * err, BIO * in, const char *desc, pem_password_cb * pem_cb,
582 char tpass[PEM_BUFSIZE]; 589 char tpass[PEM_BUFSIZE];
583 int len, ret = 0; 590 int len, ret = 0;
584 PKCS12 *p12; 591 PKCS12 *p12;
592
585 p12 = d2i_PKCS12_bio(in, NULL); 593 p12 = d2i_PKCS12_bio(in, NULL);
586 if (p12 == NULL) { 594 if (p12 == NULL) {
587 BIO_printf(err, "Error loading PKCS12 file for %s\n", desc); 595 BIO_printf(err, "Error loading PKCS12 file for %s\n", desc);
@@ -609,6 +617,7 @@ load_pkcs12(BIO * err, BIO * in, const char *desc, pem_password_cb * pem_cb,
609 pass = tpass; 617 pass = tpass;
610 } 618 }
611 ret = PKCS12_parse(p12, pass, pkey, cert, ca); 619 ret = PKCS12_parse(p12, pass, pkey, cert, ca);
620
612die: 621die:
613 if (p12) 622 if (p12)
614 PKCS12_free(p12); 623 PKCS12_free(p12);
@@ -646,14 +655,16 @@ load_cert(BIO * err, const char *file, int format, const char *pass, ENGINE * e,
646 x = d2i_X509_bio(cert, NULL); 655 x = d2i_X509_bio(cert, NULL);
647 else if (format == FORMAT_NETSCAPE) { 656 else if (format == FORMAT_NETSCAPE) {
648 NETSCAPE_X509 *nx; 657 NETSCAPE_X509 *nx;
649 nx = ASN1_item_d2i_bio(ASN1_ITEM_rptr(NETSCAPE_X509), cert, NULL); 658 nx = ASN1_item_d2i_bio(ASN1_ITEM_rptr(NETSCAPE_X509),
659 cert, NULL);
650 if (nx == NULL) 660 if (nx == NULL)
651 goto end; 661 goto end;
652 662
653 if ((strncmp(NETSCAPE_CERT_HDR, (char *) nx->header->data, 663 if ((strncmp(NETSCAPE_CERT_HDR, (char *) nx->header->data,
654 nx->header->length) != 0)) { 664 nx->header->length) != 0)) {
655 NETSCAPE_X509_free(nx); 665 NETSCAPE_X509_free(nx);
656 BIO_printf(err, "Error reading header on certificate\n"); 666 BIO_printf(err,
667 "Error reading header on certificate\n");
657 goto end; 668 goto end;
658 } 669 }
659 x = nx->cert; 670 x = nx->cert;
@@ -664,13 +675,14 @@ load_cert(BIO * err, const char *file, int format, const char *pass, ENGINE * e,
664 (pem_password_cb *) password_callback, NULL); 675 (pem_password_cb *) password_callback, NULL);
665 else if (format == FORMAT_PKCS12) { 676 else if (format == FORMAT_PKCS12) {
666 if (!load_pkcs12(err, cert, cert_descrip, NULL, NULL, 677 if (!load_pkcs12(err, cert, cert_descrip, NULL, NULL,
667 NULL, &x, NULL)) 678 NULL, &x, NULL))
668 goto end; 679 goto end;
669 } else { 680 } else {
670 BIO_printf(err, "bad input format specified for %s\n", 681 BIO_printf(err, "bad input format specified for %s\n",
671 cert_descrip); 682 cert_descrip);
672 goto end; 683 goto end;
673 } 684 }
685
674end: 686end:
675 if (x == NULL) { 687 if (x == NULL) {
676 BIO_printf(err, "unable to load certificate\n"); 688 BIO_printf(err, "unable to load certificate\n");
@@ -704,7 +716,8 @@ load_key(BIO * err, const char *file, int format, int maybe_stdin,
704 pkey = ENGINE_load_private_key(e, file, 716 pkey = ENGINE_load_private_key(e, file,
705 ui_method, &cb_data); 717 ui_method, &cb_data);
706 if (!pkey) { 718 if (!pkey) {
707 BIO_printf(err, "cannot load %s from engine\n", key_descrip); 719 BIO_printf(err, "cannot load %s from engine\n",
720 key_descrip);
708 ERR_print_errors(err); 721 ERR_print_errors(err);
709 } 722 }
710 } 723 }
@@ -741,8 +754,8 @@ load_key(BIO * err, const char *file, int format, int maybe_stdin,
741#endif 754#endif
742 else if (format == FORMAT_PKCS12) { 755 else if (format == FORMAT_PKCS12) {
743 if (!load_pkcs12(err, key, key_descrip, 756 if (!load_pkcs12(err, key, key_descrip,
744 (pem_password_cb *) password_callback, &cb_data, 757 (pem_password_cb *) password_callback, &cb_data,
745 &pkey, NULL, NULL)) 758 &pkey, NULL, NULL))
746 goto end; 759 goto end;
747 } 760 }
748#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DSA) && !defined (OPENSSL_NO_RC4) 761#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DSA) && !defined (OPENSSL_NO_RC4)
@@ -804,8 +817,7 @@ load_pubkey(BIO * err, const char *file, int format, int maybe_stdin,
804#endif 817#endif
805 BIO_set_fp(key, stdin, BIO_NOCLOSE); 818 BIO_set_fp(key, stdin, BIO_NOCLOSE);
806 } else if (BIO_read_filename(key, file) <= 0) { 819 } else if (BIO_read_filename(key, file) <= 0) {
807 BIO_printf(err, "Error opening %s %s\n", 820 BIO_printf(err, "Error opening %s %s\n", key_descrip, file);
808 key_descrip, file);
809 ERR_print_errors(err); 821 ERR_print_errors(err);
810 goto end; 822 goto end;
811 } 823 }
@@ -852,6 +864,7 @@ load_pubkey(BIO * err, const char *file, int format, int maybe_stdin,
852 BIO_printf(err, "bad input format specified for key file\n"); 864 BIO_printf(err, "bad input format specified for key file\n");
853 goto end; 865 goto end;
854 } 866 }
867
855end: 868end:
856 if (key != NULL) 869 if (key != NULL)
857 BIO_free(key); 870 BIO_free(key);
@@ -897,6 +910,7 @@ load_netscape_key(BIO * err, BIO * key, const char *file,
897 BUF_MEM_free(buf); 910 BUF_MEM_free(buf);
898 EVP_PKEY_set1_RSA(pkey, rsa); 911 EVP_PKEY_set1_RSA(pkey, rsa);
899 return pkey; 912 return pkey;
913
900error: 914error:
901 BUF_MEM_free(buf); 915 BUF_MEM_free(buf);
902 EVP_PKEY_free(pkey); 916 EVP_PKEY_free(pkey);
@@ -990,10 +1004,11 @@ end:
990} 1004}
991 1005
992STACK_OF(X509) * 1006STACK_OF(X509) *
993load_certs(BIO * err, const char *file, int format, const char *pass, ENGINE * e, 1007load_certs(BIO * err, const char *file, int format, const char *pass,
994 const char *desc) 1008 ENGINE * e, const char *desc)
995{ 1009{
996 STACK_OF(X509) * certs; 1010 STACK_OF(X509) * certs;
1011
997 if (!load_certs_crls(err, file, format, pass, e, desc, &certs, NULL)) 1012 if (!load_certs_crls(err, file, format, pass, e, desc, &certs, NULL))
998 return NULL; 1013 return NULL;
999 return certs; 1014 return certs;
@@ -1004,6 +1019,7 @@ load_crls(BIO * err, const char *file, int format, const char *pass, ENGINE * e,
1004 const char *desc) 1019 const char *desc)
1005{ 1020{
1006 STACK_OF(X509_CRL) * crls; 1021 STACK_OF(X509_CRL) * crls;
1022
1007 if (!load_certs_crls(err, file, format, pass, e, desc, NULL, &crls)) 1023 if (!load_certs_crls(err, file, format, pass, e, desc, NULL, &crls))
1008 return NULL; 1024 return NULL;
1009 return crls; 1025 return crls;
@@ -1106,6 +1122,7 @@ copy_extensions(X509 * x, X509_REQ * req, int copy_type)
1106 X509_EXTENSION *ext, *tmpext; 1122 X509_EXTENSION *ext, *tmpext;
1107 ASN1_OBJECT *obj; 1123 ASN1_OBJECT *obj;
1108 int i, idx, ret = 0; 1124 int i, idx, ret = 0;
1125
1109 if (!x || !req || (copy_type == EXT_COPY_NONE)) 1126 if (!x || !req || (copy_type == EXT_COPY_NONE))
1110 return 1; 1127 return 1;
1111 exts = X509_REQ_get_extensions(req); 1128 exts = X509_REQ_get_extensions(req);
@@ -1140,11 +1157,13 @@ end:
1140} 1157}
1141 1158
1142static int 1159static int
1143set_multi_opts(unsigned long *flags, const char *arg, const NAME_EX_TBL * in_tbl) 1160set_multi_opts(unsigned long *flags, const char *arg,
1161 const NAME_EX_TBL * in_tbl)
1144{ 1162{
1145 STACK_OF(CONF_VALUE) * vals; 1163 STACK_OF(CONF_VALUE) * vals;
1146 CONF_VALUE *val; 1164 CONF_VALUE *val;
1147 int i, ret = 1; 1165 int i, ret = 1;
1166
1148 if (!arg) 1167 if (!arg)
1149 return 0; 1168 return 0;
1150 vals = X509V3_parse_list(arg); 1169 vals = X509V3_parse_list(arg);
@@ -1158,12 +1177,13 @@ set_multi_opts(unsigned long *flags, const char *arg, const NAME_EX_TBL * in_tbl
1158} 1177}
1159 1178
1160static int 1179static int
1161set_table_opts(unsigned long *flags, const char *arg, const NAME_EX_TBL * in_tbl) 1180set_table_opts(unsigned long *flags, const char *arg,
1181 const NAME_EX_TBL * in_tbl)
1162{ 1182{
1163 char c; 1183 char c;
1164 const NAME_EX_TBL *ptbl; 1184 const NAME_EX_TBL *ptbl;
1165 c = arg[0];
1166 1185
1186 c = arg[0];
1167 if (c == '-') { 1187 if (c == '-') {
1168 c = 0; 1188 c = 0;
1169 arg++; 1189 arg++;
@@ -1217,6 +1237,7 @@ setup_verify(BIO * bp, char *CAfile, char *CApath)
1217{ 1237{
1218 X509_STORE *store; 1238 X509_STORE *store;
1219 X509_LOOKUP *lookup; 1239 X509_LOOKUP *lookup;
1240
1220 if (!(store = X509_STORE_new())) 1241 if (!(store = X509_STORE_new()))
1221 goto end; 1242 goto end;
1222 lookup = X509_STORE_add_lookup(store, X509_LOOKUP_file()); 1243 lookup = X509_STORE_add_lookup(store, X509_LOOKUP_file());
@@ -1255,6 +1276,7 @@ static ENGINE *
1255try_load_engine(BIO * err, const char *engine, int debug) 1276try_load_engine(BIO * err, const char *engine, int debug)
1256{ 1277{
1257 ENGINE *e = ENGINE_by_id("dynamic"); 1278 ENGINE *e = ENGINE_by_id("dynamic");
1279
1258 if (e) { 1280 if (e) {
1259 if (!ENGINE_ctrl_cmd_string(e, "SO_PATH", engine, 0) || 1281 if (!ENGINE_ctrl_cmd_string(e, "SO_PATH", engine, 0) ||
1260 !ENGINE_ctrl_cmd_string(e, "LOAD", NULL, 0)) { 1282 !ENGINE_ctrl_cmd_string(e, "LOAD", NULL, 0)) {
@@ -1306,6 +1328,7 @@ int
1306load_config(BIO * err, CONF * cnf) 1328load_config(BIO * err, CONF * cnf)
1307{ 1329{
1308 static int load_config_called = 0; 1330 static int load_config_called = 0;
1331
1309 if (load_config_called) 1332 if (load_config_called)
1310 return 1; 1333 return 1;
1311 load_config_called = 1; 1334 load_config_called = 1;
@@ -1351,8 +1374,10 @@ index_serial_cmp(const OPENSSL_CSTRING * a, const OPENSSL_CSTRING * b)
1351{ 1374{
1352 const char *aa, *bb; 1375 const char *aa, *bb;
1353 1376
1354 for (aa = a[DB_serial]; *aa == '0'; aa++); 1377 for (aa = a[DB_serial]; *aa == '0'; aa++)
1355 for (bb = b[DB_serial]; *bb == '0'; bb++); 1378 ;
1379 for (bb = b[DB_serial]; *bb == '0'; bb++)
1380 ;
1356 return (strcmp(aa, bb)); 1381 return (strcmp(aa, bb));
1357} 1382}
1358 1383
@@ -1415,7 +1440,8 @@ load_serial(char *serialfile, int create, ASN1_INTEGER ** retai)
1415 } 1440 }
1416 ret = ASN1_INTEGER_to_BN(ai, NULL); 1441 ret = ASN1_INTEGER_to_BN(ai, NULL);
1417 if (ret == NULL) { 1442 if (ret == NULL) {
1418 BIO_printf(bio_err, "error converting number from bin to BIGNUM\n"); 1443 BIO_printf(bio_err,
1444 "error converting number from bin to BIGNUM\n");
1419 goto err; 1445 goto err;
1420 } 1446 }
1421 } 1447 }
@@ -1424,6 +1450,7 @@ load_serial(char *serialfile, int create, ASN1_INTEGER ** retai)
1424 *retai = ai; 1450 *retai = ai;
1425 ai = NULL; 1451 ai = NULL;
1426 } 1452 }
1453
1427err: 1454err:
1428 if (in != NULL) 1455 if (in != NULL)
1429 BIO_free(in); 1456 BIO_free(in);
@@ -1453,7 +1480,8 @@ save_serial(char *serialfile, char *suffix, BIGNUM * serial,
1453 if (suffix == NULL) 1480 if (suffix == NULL)
1454 n = strlcpy(buf[0], serialfile, BSIZE); 1481 n = strlcpy(buf[0], serialfile, BSIZE);
1455 else 1482 else
1456 n = snprintf(buf[0], sizeof buf[0], "%s.%s", serialfile, suffix); 1483 n = snprintf(buf[0], sizeof buf[0], "%s.%s",
1484 serialfile, suffix);
1457 if (n == -1 || n >= sizeof(buf[0])) { 1485 if (n == -1 || n >= sizeof(buf[0])) {
1458 BIO_printf(bio_err, "serial too long\n"); 1486 BIO_printf(bio_err, "serial too long\n");
1459 goto err; 1487 goto err;
@@ -1471,7 +1499,8 @@ save_serial(char *serialfile, char *suffix, BIGNUM * serial,
1471 goto err; 1499 goto err;
1472 } 1500 }
1473 if ((ai = BN_to_ASN1_INTEGER(serial, NULL)) == NULL) { 1501 if ((ai = BN_to_ASN1_INTEGER(serial, NULL)) == NULL) {
1474 BIO_printf(bio_err, "error converting serial to ASN.1 format\n"); 1502 BIO_printf(bio_err,
1503 "error converting serial to ASN.1 format\n");
1475 goto err; 1504 goto err;
1476 } 1505 }
1477 i2a_ASN1_INTEGER(out, ai); 1506 i2a_ASN1_INTEGER(out, ai);
@@ -1481,6 +1510,7 @@ save_serial(char *serialfile, char *suffix, BIGNUM * serial,
1481 *retai = ai; 1510 *retai = ai;
1482 ai = NULL; 1511 ai = NULL;
1483 } 1512 }
1513
1484err: 1514err:
1485 if (out != NULL) 1515 if (out != NULL)
1486 BIO_free_all(out); 1516 BIO_free_all(out);
@@ -1503,34 +1533,36 @@ rotate_serial(char *serialfile, char *new_suffix, char *old_suffix)
1503 BIO_printf(bio_err, "file name too long\n"); 1533 BIO_printf(bio_err, "file name too long\n");
1504 goto err; 1534 goto err;
1505 } 1535 }
1506 snprintf(buf[0], sizeof buf[0], "%s.%s", 1536 snprintf(buf[0], sizeof buf[0], "%s.%s", serialfile, new_suffix);
1507 serialfile, new_suffix); 1537 snprintf(buf[1], sizeof buf[1], "%s.%s", serialfile, old_suffix);
1508 snprintf(buf[1], sizeof buf[1], "%s.%s", 1538
1509 serialfile, old_suffix);
1510#ifdef RL_DEBUG 1539#ifdef RL_DEBUG
1511 BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n", 1540 BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
1512 serialfile, buf[1]); 1541 serialfile, buf[1]);
1513#endif 1542#endif
1514 if (rename(serialfile, buf[1]) < 0 && errno != ENOENT && errno != ENOTDIR) { 1543
1515 BIO_printf(bio_err, 1544 if (rename(serialfile, buf[1]) < 0 &&
1516 "unable to rename %s to %s\n", 1545 errno != ENOENT && errno != ENOTDIR) {
1546 BIO_printf(bio_err, "unable to rename %s to %s\n",
1517 serialfile, buf[1]); 1547 serialfile, buf[1]);
1518 perror("reason"); 1548 perror("reason");
1519 goto err; 1549 goto err;
1520 } 1550 }
1551
1521#ifdef RL_DEBUG 1552#ifdef RL_DEBUG
1522 BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n", 1553 BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
1523 buf[0], serialfile); 1554 buf[0], serialfile);
1524#endif 1555#endif
1556
1525 if (rename(buf[0], serialfile) < 0) { 1557 if (rename(buf[0], serialfile) < 0) {
1526 BIO_printf(bio_err, 1558 BIO_printf(bio_err, "unable to rename %s to %s\n",
1527 "unable to rename %s to %s\n",
1528 buf[0], serialfile); 1559 buf[0], serialfile);
1529 perror("reason"); 1560 perror("reason");
1530 rename(buf[1], serialfile); 1561 rename(buf[1], serialfile);
1531 goto err; 1562 goto err;
1532 } 1563 }
1533 return 1; 1564 return 1;
1565
1534err: 1566err:
1535 return 0; 1567 return 0;
1536} 1568}
@@ -1540,6 +1572,7 @@ rand_serial(BIGNUM * b, ASN1_INTEGER * ai)
1540{ 1572{
1541 BIGNUM *btmp; 1573 BIGNUM *btmp;
1542 int ret = 0; 1574 int ret = 0;
1575
1543 if (b) 1576 if (b)
1544 btmp = b; 1577 btmp = b;
1545 else 1578 else
@@ -1589,8 +1622,8 @@ load_index(char *dbfile, DB_ATTR * db_attr)
1589 if (NCONF_load(dbattr_conf, buf[0], &errorline) <= 0) { 1622 if (NCONF_load(dbattr_conf, buf[0], &errorline) <= 0) {
1590 if (errorline > 0) { 1623 if (errorline > 0) {
1591 BIO_printf(bio_err, 1624 BIO_printf(bio_err,
1592 "error on line %ld of db attribute file '%s'\n" 1625 "error on line %ld of db attribute file '%s'\n",
1593 ,errorline, buf[0]); 1626 errorline, buf[0]);
1594 goto err; 1627 goto err;
1595 } else { 1628 } else {
1596 NCONF_free(dbattr_conf); 1629 NCONF_free(dbattr_conf);
@@ -1613,11 +1646,13 @@ load_index(char *dbfile, DB_ATTR * db_attr)
1613 char *p = NCONF_get_string(dbattr_conf, NULL, "unique_subject"); 1646 char *p = NCONF_get_string(dbattr_conf, NULL, "unique_subject");
1614 if (p) { 1647 if (p) {
1615#ifdef RL_DEBUG 1648#ifdef RL_DEBUG
1616 BIO_printf(bio_err, "DEBUG[load_index]: unique_subject = \"%s\"\n", p); 1649 BIO_printf(bio_err,
1650 "DEBUG[load_index]: unique_subject = \"%s\"\n", p);
1617#endif 1651#endif
1618 retdb->attributes.unique_subject = parse_yesno(p, 1); 1652 retdb->attributes.unique_subject = parse_yesno(p, 1);
1619 } 1653 }
1620 } 1654 }
1655
1621err: 1656err:
1622 if (dbattr_conf) 1657 if (dbattr_conf)
1623 NCONF_free(dbattr_conf); 1658 NCONF_free(dbattr_conf);
@@ -1632,8 +1667,7 @@ int
1632index_index(CA_DB * db) 1667index_index(CA_DB * db)
1633{ 1668{
1634 if (!TXT_DB_create_index(db->db, DB_serial, NULL, 1669 if (!TXT_DB_create_index(db->db, DB_serial, NULL,
1635 LHASH_HASH_FN(index_serial), 1670 LHASH_HASH_FN(index_serial), LHASH_COMP_FN(index_serial))) {
1636 LHASH_COMP_FN(index_serial))) {
1637 BIO_printf(bio_err, 1671 BIO_printf(bio_err,
1638 "error creating serial number index:(%ld,%ld,%ld)\n", 1672 "error creating serial number index:(%ld,%ld,%ld)\n",
1639 db->db->error, db->db->arg1, db->db->arg2); 1673 db->db->error, db->db->arg1, db->db->arg2);
@@ -1641,7 +1675,7 @@ index_index(CA_DB * db)
1641 } 1675 }
1642 if (db->attributes.unique_subject && 1676 if (db->attributes.unique_subject &&
1643 !TXT_DB_create_index(db->db, DB_name, index_name_qual, 1677 !TXT_DB_create_index(db->db, DB_name, index_name_qual,
1644 LHASH_HASH_FN(index_name), LHASH_COMP_FN(index_name))) { 1678 LHASH_HASH_FN(index_name), LHASH_COMP_FN(index_name))) {
1645 BIO_printf(bio_err, "error creating name index:(%ld,%ld,%ld)\n", 1679 BIO_printf(bio_err, "error creating name index:(%ld,%ld,%ld)\n",
1646 db->db->error, db->db->arg1, db->db->arg2); 1680 db->db->error, db->db->arg1, db->db->arg2);
1647 return 0; 1681 return 0;
@@ -1668,9 +1702,11 @@ save_index(const char *dbfile, const char *suffix, CA_DB * db)
1668 snprintf(buf[2], sizeof buf[2], "%s.attr", dbfile); 1702 snprintf(buf[2], sizeof buf[2], "%s.attr", dbfile);
1669 snprintf(buf[1], sizeof buf[1], "%s.attr.%s", dbfile, suffix); 1703 snprintf(buf[1], sizeof buf[1], "%s.attr.%s", dbfile, suffix);
1670 snprintf(buf[0], sizeof buf[0], "%s.%s", dbfile, suffix); 1704 snprintf(buf[0], sizeof buf[0], "%s.%s", dbfile, suffix);
1705
1671#ifdef RL_DEBUG 1706#ifdef RL_DEBUG
1672 BIO_printf(bio_err, "DEBUG: writing \"%s\"\n", buf[0]); 1707 BIO_printf(bio_err, "DEBUG: writing \"%s\"\n", buf[0]);
1673#endif 1708#endif
1709
1674 if (BIO_write_filename(out, buf[0]) <= 0) { 1710 if (BIO_write_filename(out, buf[0]) <= 0) {
1675 perror(dbfile); 1711 perror(dbfile);
1676 BIO_printf(bio_err, "unable to open '%s'\n", dbfile); 1712 BIO_printf(bio_err, "unable to open '%s'\n", dbfile);
@@ -1683,9 +1719,11 @@ save_index(const char *dbfile, const char *suffix, CA_DB * db)
1683 BIO_free(out); 1719 BIO_free(out);
1684 1720
1685 out = BIO_new(BIO_s_file()); 1721 out = BIO_new(BIO_s_file());
1722
1686#ifdef RL_DEBUG 1723#ifdef RL_DEBUG
1687 BIO_printf(bio_err, "DEBUG: writing \"%s\"\n", buf[1]); 1724 BIO_printf(bio_err, "DEBUG: writing \"%s\"\n", buf[1]);
1688#endif 1725#endif
1726
1689 if (BIO_write_filename(out, buf[1]) <= 0) { 1727 if (BIO_write_filename(out, buf[1]) <= 0) {
1690 perror(buf[2]); 1728 perror(buf[2]);
1691 BIO_printf(bio_err, "unable to open '%s'\n", buf[2]); 1729 BIO_printf(bio_err, "unable to open '%s'\n", buf[2]);
@@ -1696,6 +1734,7 @@ save_index(const char *dbfile, const char *suffix, CA_DB * db)
1696 BIO_free(out); 1734 BIO_free(out);
1697 1735
1698 return 1; 1736 return 1;
1737
1699err: 1738err:
1700 return 0; 1739 return 0;
1701} 1740}
@@ -1715,57 +1754,57 @@ rotate_index(const char *dbfile, const char *new_suffix, const char *old_suffix)
1715 goto err; 1754 goto err;
1716 } 1755 }
1717 snprintf(buf[4], sizeof buf[4], "%s.attr", dbfile); 1756 snprintf(buf[4], sizeof buf[4], "%s.attr", dbfile);
1718 snprintf(buf[2], sizeof buf[2], "%s.attr.%s", 1757 snprintf(buf[2], sizeof buf[2], "%s.attr.%s", dbfile, new_suffix);
1719 dbfile, new_suffix); 1758 snprintf(buf[0], sizeof buf[0], "%s.%s", dbfile, new_suffix);
1720 snprintf(buf[0], sizeof buf[0], "%s.%s", 1759 snprintf(buf[1], sizeof buf[1], "%s.%s", dbfile, old_suffix);
1721 dbfile, new_suffix); 1760 snprintf(buf[3], sizeof buf[3], "%s.attr.%s", dbfile, old_suffix);
1722 snprintf(buf[1], sizeof buf[1], "%s.%s", 1761
1723 dbfile, old_suffix);
1724 snprintf(buf[3], sizeof buf[3], "%s.attr.%s",
1725 dbfile, old_suffix);
1726#ifdef RL_DEBUG 1762#ifdef RL_DEBUG
1727 BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n", 1763 BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
1728 dbfile, buf[1]); 1764 dbfile, buf[1]);
1729#endif 1765#endif
1766
1730 if (rename(dbfile, buf[1]) < 0 && errno != ENOENT && errno != ENOTDIR) { 1767 if (rename(dbfile, buf[1]) < 0 && errno != ENOENT && errno != ENOTDIR) {
1731 BIO_printf(bio_err, 1768 BIO_printf(bio_err, "unable to rename %s to %s\n",
1732 "unable to rename %s to %s\n",
1733 dbfile, buf[1]); 1769 dbfile, buf[1]);
1734 perror("reason"); 1770 perror("reason");
1735 goto err; 1771 goto err;
1736 } 1772 }
1773
1737#ifdef RL_DEBUG 1774#ifdef RL_DEBUG
1738 BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n", 1775 BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
1739 buf[0], dbfile); 1776 buf[0], dbfile);
1740#endif 1777#endif
1778
1741 if (rename(buf[0], dbfile) < 0) { 1779 if (rename(buf[0], dbfile) < 0) {
1742 BIO_printf(bio_err, 1780 BIO_printf(bio_err, "unable to rename %s to %s\n",
1743 "unable to rename %s to %s\n",
1744 buf[0], dbfile); 1781 buf[0], dbfile);
1745 perror("reason"); 1782 perror("reason");
1746 rename(buf[1], dbfile); 1783 rename(buf[1], dbfile);
1747 goto err; 1784 goto err;
1748 } 1785 }
1786
1749#ifdef RL_DEBUG 1787#ifdef RL_DEBUG
1750 BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n", 1788 BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
1751 buf[4], buf[3]); 1789 buf[4], buf[3]);
1752#endif 1790#endif
1791
1753 if (rename(buf[4], buf[3]) < 0 && errno != ENOENT && errno != ENOTDIR) { 1792 if (rename(buf[4], buf[3]) < 0 && errno != ENOENT && errno != ENOTDIR) {
1754 BIO_printf(bio_err, 1793 BIO_printf(bio_err, "unable to rename %s to %s\n",
1755 "unable to rename %s to %s\n",
1756 buf[4], buf[3]); 1794 buf[4], buf[3]);
1757 perror("reason"); 1795 perror("reason");
1758 rename(dbfile, buf[0]); 1796 rename(dbfile, buf[0]);
1759 rename(buf[1], dbfile); 1797 rename(buf[1], dbfile);
1760 goto err; 1798 goto err;
1761 } 1799 }
1800
1762#ifdef RL_DEBUG 1801#ifdef RL_DEBUG
1763 BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n", 1802 BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
1764 buf[2], buf[4]); 1803 buf[2], buf[4]);
1765#endif 1804#endif
1805
1766 if (rename(buf[2], buf[4]) < 0) { 1806 if (rename(buf[2], buf[4]) < 0) {
1767 BIO_printf(bio_err, 1807 BIO_printf(bio_err, "unable to rename %s to %s\n",
1768 "unable to rename %s to %s\n",
1769 buf[2], buf[4]); 1808 buf[2], buf[4]);
1770 perror("reason"); 1809 perror("reason");
1771 rename(buf[3], buf[4]); 1810 rename(buf[3], buf[4]);
@@ -1793,6 +1832,7 @@ int
1793parse_yesno(const char *str, int def) 1832parse_yesno(const char *str, int def)
1794{ 1833{
1795 int ret = def; 1834 int ret = def;
1835
1796 if (str) { 1836 if (str) {
1797 switch (*str) { 1837 switch (*str) {
1798 case 'f': /* false */ 1838 case 'f': /* false */
@@ -1907,14 +1947,17 @@ parse_name(char *subject, long chtype, int multirdn)
1907 1947
1908 for (i = 0; i < ne_num; i++) { 1948 for (i = 0; i < ne_num; i++) {
1909 if ((nid = OBJ_txt2nid(ne_types[i])) == NID_undef) { 1949 if ((nid = OBJ_txt2nid(ne_types[i])) == NID_undef) {
1910 BIO_printf(bio_err, "Subject Attribute %s has no known NID, skipped\n", ne_types[i]); 1950 BIO_printf(bio_err,
1951 "Subject Attribute %s has no known NID, skipped\n",
1952 ne_types[i]);
1911 continue; 1953 continue;
1912 } 1954 }
1913 if (!*ne_values[i]) { 1955 if (!*ne_values[i]) {
1914 BIO_printf(bio_err, "No value provided for Subject Attribute %s, skipped\n", ne_types[i]); 1956 BIO_printf(bio_err, "No value provided for Subject Attribute %s, skipped\n", ne_types[i]);
1915 continue; 1957 continue;
1916 } 1958 }
1917 if (!X509_NAME_add_entry_by_NID(n, nid, chtype, (unsigned char *) ne_values[i], -1, -1, mval[i])) 1959 if (!X509_NAME_add_entry_by_NID(n, nid, chtype,
1960 (unsigned char *) ne_values[i], -1, -1, mval[i]))
1918 goto error; 1961 goto error;
1919 } 1962 }
1920 1963
@@ -1938,8 +1981,8 @@ error:
1938} 1981}
1939 1982
1940int 1983int
1941args_verify(char ***pargs, int *pargc, 1984args_verify(char ***pargs, int *pargc, int *badarg, BIO * err,
1942 int *badarg, BIO * err, X509_VERIFY_PARAM ** pm) 1985 X509_VERIFY_PARAM ** pm)
1943{ 1986{
1944 ASN1_OBJECT *otmp = NULL; 1987 ASN1_OBJECT *otmp = NULL;
1945 unsigned long flags = 0; 1988 unsigned long flags = 0;
@@ -1948,6 +1991,7 @@ args_verify(char ***pargs, int *pargc,
1948 char **oldargs = *pargs; 1991 char **oldargs = *pargs;
1949 char *arg = **pargs, *argn = (*pargs)[1]; 1992 char *arg = **pargs, *argn = (*pargs)[1];
1950 time_t at_time = 0; 1993 time_t at_time = 0;
1994
1951 if (!strcmp(arg, "-policy")) { 1995 if (!strcmp(arg, "-policy")) {
1952 if (!argn) 1996 if (!argn)
1953 *badarg = 1; 1997 *badarg = 1;
@@ -2077,6 +2121,7 @@ bio_to_mem(unsigned char **out, int maxlen, BIO * in)
2077 BIO *mem; 2121 BIO *mem;
2078 int len, ret; 2122 int len, ret;
2079 unsigned char tbuf[1024]; 2123 unsigned char tbuf[1024];
2124
2080 mem = BIO_new(BIO_s_mem()); 2125 mem = BIO_new(BIO_s_mem());
2081 if (!mem) 2126 if (!mem)
2082 return -1; 2127 return -1;
@@ -2108,6 +2153,7 @@ pkey_ctrl_string(EVP_PKEY_CTX * ctx, char *value)
2108{ 2153{
2109 int rv; 2154 int rv;
2110 char *stmp, *vtmp = NULL; 2155 char *stmp, *vtmp = NULL;
2156
2111 stmp = BUF_strdup(value); 2157 stmp = BUF_strdup(value);
2112 if (!stmp) 2158 if (!stmp)
2113 return -1; 2159 return -1;
@@ -2126,6 +2172,7 @@ nodes_print(BIO * out, const char *name, STACK_OF(X509_POLICY_NODE) * nodes)
2126{ 2172{
2127 X509_POLICY_NODE *node; 2173 X509_POLICY_NODE *node;
2128 int i; 2174 int i;
2175
2129 BIO_printf(out, "%s Policies:", name); 2176 BIO_printf(out, "%s Policies:", name);
2130 if (nodes) { 2177 if (nodes) {
2131 BIO_puts(out, "\n"); 2178 BIO_puts(out, "\n");
@@ -2143,6 +2190,7 @@ policies_print(BIO * out, X509_STORE_CTX * ctx)
2143 X509_POLICY_TREE *tree; 2190 X509_POLICY_TREE *tree;
2144 int explicit_policy; 2191 int explicit_policy;
2145 int free_out = 0; 2192 int free_out = 0;
2193
2146 if (out == NULL) { 2194 if (out == NULL) {
2147 out = BIO_new_fp(stderr, BIO_NOCLOSE); 2195 out = BIO_new_fp(stderr, BIO_NOCLOSE);
2148 free_out = 1; 2196 free_out = 1;
@@ -2491,7 +2539,6 @@ app_tminterval(int stop, int usertime)
2491} 2539}
2492#endif 2540#endif
2493 2541
2494
2495int 2542int
2496app_isdir(const char *name) 2543app_isdir(const char *name)
2497{ 2544{
diff --git a/src/lib/libssl/src/apps/apps.h b/src/lib/libssl/src/apps/apps.h
index 9a5b77f807..a79bdc9436 100644
--- a/src/lib/libssl/src/apps/apps.h
+++ b/src/lib/libssl/src/apps/apps.h
@@ -181,9 +181,7 @@ typedef struct pw_cb_data {
181 const char *prompt_info; 181 const char *prompt_info;
182} PW_CB_DATA; 182} PW_CB_DATA;
183 183
184int 184int password_callback(char *buf, int bufsiz, int verify, PW_CB_DATA *cb_data);
185password_callback(char *buf, int bufsiz, int verify,
186PW_CB_DATA *cb_data);
187 185
188int setup_ui_method(void); 186int setup_ui_method(void);
189void destroy_ui_method(void); 187void destroy_ui_method(void);
@@ -195,7 +193,8 @@ void program_name(char *in, char *out, int size);
195int chopup_args(ARGS *arg, char *buf, int *argc, char **argv[]); 193int chopup_args(ARGS *arg, char *buf, int *argc, char **argv[]);
196#ifdef HEADER_X509_H 194#ifdef HEADER_X509_H
197int dump_cert_text(BIO *out, X509 *x); 195int dump_cert_text(BIO *out, X509 *x);
198void print_name(BIO *out, const char *title, X509_NAME *nm, unsigned long lflags); 196void print_name(BIO *out, const char *title, X509_NAME *nm,
197 unsigned long lflags);
199#endif 198#endif
200int set_cert_ex(unsigned long *flags, const char *arg); 199int set_cert_ex(unsigned long *flags, const char *arg);
201int set_name_ex(unsigned long *flags, const char *arg); 200int set_name_ex(unsigned long *flags, const char *arg);
@@ -252,13 +251,15 @@ typedef struct ca_db_st {
252} CA_DB; 251} CA_DB;
253 252
254BIGNUM *load_serial(char *serialfile, int create, ASN1_INTEGER **retai); 253BIGNUM *load_serial(char *serialfile, int create, ASN1_INTEGER **retai);
255int save_serial(char *serialfile, char *suffix, BIGNUM *serial, ASN1_INTEGER **retai); 254int save_serial(char *serialfile, char *suffix, BIGNUM *serial,
255 ASN1_INTEGER **retai);
256int rotate_serial(char *serialfile, char *new_suffix, char *old_suffix); 256int rotate_serial(char *serialfile, char *new_suffix, char *old_suffix);
257int rand_serial(BIGNUM *b, ASN1_INTEGER *ai); 257int rand_serial(BIGNUM *b, ASN1_INTEGER *ai);
258CA_DB *load_index(char *dbfile, DB_ATTR *dbattr); 258CA_DB *load_index(char *dbfile, DB_ATTR *dbattr);
259int index_index(CA_DB *db); 259int index_index(CA_DB *db);
260int save_index(const char *dbfile, const char *suffix, CA_DB *db); 260int save_index(const char *dbfile, const char *suffix, CA_DB *db);
261int rotate_index(const char *dbfile, const char *new_suffix, const char *old_suffix); 261int rotate_index(const char *dbfile, const char *new_suffix,
262 const char *old_suffix);
262void free_index(CA_DB *db); 263void free_index(CA_DB *db);
263#define index_name_cmp_noconst(a, b) \ 264#define index_name_cmp_noconst(a, b) \
264 index_name_cmp((const OPENSSL_CSTRING *)CHECKED_PTR_OF(OPENSSL_STRING, a), \ 265 index_name_cmp((const OPENSSL_CSTRING *)CHECKED_PTR_OF(OPENSSL_STRING, a), \
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-21 19:47:49 +0000