#ifdef OPENSSL_SYS_WINDOWS
#define strcasecmp _stricmp
#else
-#include <strings.h>
+# ifdef NO_STRINGS_H
+ int strcasecmp();
+# else
+# include <strings.h>
+# endif /* NO_STRINGS_H */
#endif
#ifndef W_OK
int verbose, X509_REQ *req, char *ext_sect, CONF *conf,
unsigned long certopt, unsigned long nameopt, int default_op,
int ext_copy);
-static X509_NAME *do_subject(char *subject);
static int do_revoke(X509 *x509, TXT_DB *db, int ext, char *extval);
static int get_certificate_status(const char *ser_status, TXT_DB *db);
static int do_updatedb(TXT_DB *db);
goto err;
}
}
- pkey = load_key(bio_err, keyfile, keyform, key, e,
+ pkey = load_key(bio_err, keyfile, keyform, 0, key, e,
"CA private key");
if (key) memset(key,0,strlen(key));
if (pkey == NULL)
}
if (verbose)
{
- if ((f=BN_bn2hex(serial)) == NULL) goto err;
- BIO_printf(bio_err,"next serial number is %s\n",f);
- OPENSSL_free(f);
+ if (BN_is_zero(serial))
+ BIO_printf(bio_err,"next serial number is 00\n");
+ else
+ {
+ if ((f=BN_bn2hex(serial)) == NULL) goto err;
+ BIO_printf(bio_err,"next serial number is %s\n",f);
+ OPENSSL_free(f);
+ }
}
if ((attribs=NCONF_get_section(conf,policy)) == NULL)
}
if ((crldays == 0) && (crlhours == 0))
{
- BIO_printf(bio_err,"cannot lookup how long until the next CRL is issuer\n");
+ BIO_printf(bio_err,"cannot lookup how long until the next CRL is issued\n");
goto err;
}
if (verbose) BIO_printf(bio_err,"making CRL\n");
if ((crl=X509_CRL_new()) == NULL) goto err;
- if (!X509_CRL_set_issuer_name(crl, X509_get_issuer_name(x509))) goto err;
+ if (!X509_CRL_set_issuer_name(crl, X509_get_subject_name(x509))) goto err;
tmptm = ASN1_TIME_new();
if (!tmptm) goto err;
else
#endif
#ifndef OPENSSL_NO_ECDSA
- if (pkey->type == EVP_PKEY_ECDSA)
+ if (pkey->type == EVP_PKEY_EC)
dgst=EVP_ecdsa();
else
#endif
ret=ASN1_INTEGER_to_BN(ai,NULL);
if (ret == NULL)
{
- BIO_printf(bio_err,"error converting number from bin to BIGNUM");
+ BIO_printf(bio_err,"error converting number from bin to BIGNUM\n");
goto err;
}
err:
if (subj)
{
- X509_NAME *n = do_subject(subj);
+ X509_NAME *n = do_subject(subj, MBSTRING_ASC);
if (!n)
{
}
}
- row[DB_name]=X509_NAME_oneline(dn_subject,NULL,0);
- row[DB_serial]=BN_bn2hex(serial);
- if ((row[DB_name] == NULL) || (row[DB_serial] == NULL))
+ if (BN_is_zero(serial))
+ row[DB_serial]=BUF_strdup("00");
+ else
+ row[DB_serial]=BN_bn2hex(serial);
+ if (row[DB_serial] == NULL)
{
BIO_printf(bio_err,"Memory allocation failure\n");
goto err;
EVP_PKEY_free(pktmp);
#endif
#ifndef OPENSSL_NO_ECDSA
- if (pkey->type == EVP_PKEY_ECDSA)
+ if (pkey->type == EVP_PKEY_EC)
dgst = EVP_ecdsa();
pktmp = X509_get_pubkey(ret);
if (EVP_PKEY_missing_parameters(pktmp) &&
/* row[DB_serial] done already */
row[DB_file]=(char *)OPENSSL_malloc(8);
- /* row[DB_name] done already */
+ row[DB_name]=X509_NAME_oneline(X509_get_subject_name(ret),NULL,0);
if ((row[DB_type] == NULL) || (row[DB_exp_date] == NULL) ||
- (row[DB_file] == NULL))
+ (row[DB_file] == NULL) || (row[DB_name] == NULL))
{
BIO_printf(bio_err,"Memory allocation failure\n");
goto err;
row[i]=NULL;
row[DB_name]=X509_NAME_oneline(X509_get_subject_name(x509),NULL,0);
bn = ASN1_INTEGER_to_BN(X509_get_serialNumber(x509),NULL);
- row[DB_serial]=BN_bn2hex(bn);
+ if (BN_is_zero(bn))
+ row[DB_serial]=BUF_strdup("00");
+ else
+ row[DB_serial]=BN_bn2hex(bn);
BN_free(bn);
if ((row[DB_name] == NULL) || (row[DB_serial] == NULL))
{
* subject is expected to be in the format /type0=value0/type1=value1/type2=...
* where characters may be escaped by \
*/
-static X509_NAME *do_subject(char *subject)
+X509_NAME *do_subject(char *subject, long chtype)
{
- size_t buflen = strlen (subject)+1; /* to copy the types and values into. due to escaping, the copy can only become shorter */
- char *buf = malloc (buflen);
+ size_t buflen = strlen(subject)+1; /* to copy the types and values into. due to escaping, the copy can only become shorter */
+ char *buf = OPENSSL_malloc(buflen);
size_t max_ne = buflen / 2 + 1; /* maximum number of name elements */
- char **ne_types = malloc (max_ne * sizeof (char *));
- char **ne_values = malloc (max_ne * sizeof (char *));
+ char **ne_types = OPENSSL_malloc(max_ne * sizeof (char *));
+ char **ne_values = OPENSSL_malloc(max_ne * sizeof (char *));
char *sp = subject, *bp = buf;
int i, ne_num = 0;
if (!buf || !ne_types || !ne_values)
{
BIO_printf(bio_err, "malloc error\n");
- goto error0;
+ goto error;
}
if (*subject != '/')
{
BIO_printf(bio_err, "Subject does not start with '/'.\n");
- goto error0;
+ goto error;
}
sp++; /* skip leading / */
else
{
BIO_printf(bio_err, "escape character at end of string\n");
- goto error0;
+ goto error;
}
else if (*sp == '=')
{
if (!*sp)
{
BIO_printf(bio_err, "end of string encountered while processing type of subject name element #%d\n", ne_num);
- goto error0;
+ goto error;
}
ne_values[ne_num] = bp;
while (*sp)
else
{
BIO_printf(bio_err, "escape character at end of string\n");
- goto error0;
+ goto error;
}
else if (*sp == '/')
{
sp++;
- *bp++ = '\0';
break;
}
else
}
if (!(n = X509_NAME_new()))
- goto error0;
+ goto error;
for (i = 0; i < ne_num; i++)
{
continue;
}
- if (!X509_NAME_add_entry_by_NID(n, nid, MBSTRING_ASC, (unsigned char*)ne_values[i], -1,-1,0))
- goto error1;
+ if (!X509_NAME_add_entry_by_NID(n, nid, chtype, (unsigned char*)ne_values[i], -1,-1,0))
+ goto error;
}
- free (ne_values);
- free (ne_types);
- free (buf);
+ OPENSSL_free(ne_values);
+ OPENSSL_free(ne_types);
+ OPENSSL_free(buf);
return n;
-error1:
+error:
X509_NAME_free(n);
-error0:
- free (ne_values);
- free (ne_types);
- free (buf);
+ if (ne_values)
+ OPENSSL_free(ne_values);
+ if (ne_types)
+ OPENSSL_free(ne_types);
+ if (buf)
+ OPENSSL_free(buf);
return NULL;
}
-
int old_entry_print(BIO *bp, ASN1_OBJECT *obj, ASN1_STRING *str)
{
char buf[25],*pbuf, *p;