/*
- * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
#endif
#include "apps.h"
+#include "progs.h"
#ifndef W_OK
# define F_OK 0
goto end;
}
}
+ if (pp[DB_name][0] == '\0') {
+ BIO_printf(bio_err, "entry %d: bad Subject\n", i + 1);
+ goto end;
+ }
}
if (verbose) {
TXT_DB_write(bio_out, db->db);
goto end;
tmptm = ASN1_TIME_new();
- if (tmptm == NULL)
- goto end;
- X509_gmtime_adj(tmptm, 0);
- X509_CRL_set1_lastUpdate(crl, tmptm);
- if (!X509_time_adj_ex(tmptm, crldays, crlhours * 60 * 60 + crlsec,
- NULL)) {
+ if (tmptm == NULL
+ || X509_gmtime_adj(tmptm, 0) == NULL
+ || !X509_CRL_set1_lastUpdate(crl, tmptm)
+ || X509_time_adj_ex(tmptm, crldays, crlhours * 60 * 60 + crlsec,
+ NULL) == NULL) {
BIO_puts(bio_err, "error setting CRL nextUpdate\n");
+ ASN1_TIME_free(tmptm);
goto end;
}
X509_CRL_set1_nextUpdate(crl, tmptm);
BIO_printf(bio_err, "The Subject's Distinguished Name is as follows\n");
name = X509_REQ_get_subject_name(req);
+ if (X509_NAME_entry_count(name) == 0) {
+ BIO_printf(bio_err, "Error: The supplied Subject is empty\n");
+ goto end;
+ }
for (i = 0; i < X509_NAME_entry_count(name); i++) {
ne = X509_NAME_get_entry(name, i);
str = X509_NAME_ENTRY_get_data(ne);
if (push != NULL) {
if (!X509_NAME_add_entry(subject, push, -1, 0)) {
- X509_NAME_ENTRY_free(push);
BIO_printf(bio_err, "Memory allocation failure\n");
goto end;
}
goto end;
}
+ if (X509_NAME_entry_count(subject) == 0) {
+ BIO_printf(bio_err,
+ "Error: After applying policy the Subject is empty\n");
+ goto end;
+ }
+
if (verbose)
BIO_printf(bio_err,
"The subject name appears to be ok, checking data base for clashes\n");
if (enddate != NULL) {
int tdays;
- ASN1_TIME_diff(&tdays, NULL, NULL, X509_get0_notAfter(ret));
+
+ if (!ASN1_TIME_diff(&tdays, NULL, NULL, X509_get0_notAfter(ret)))
+ goto end;
days = tdays;
}
return -1;
/* get actual time and make a string */
- a_tm = X509_gmtime_adj(a_tm, 0);
+ if (X509_gmtime_adj(a_tm, 0) == NULL) {
+ ASN1_UTCTIME_free(a_tm);
+ return -1;
+ }
a_tm_s = app_malloc(a_tm->length + 1, "time string");
memcpy(a_tm_s, a_tm->data, a_tm->length);