projects
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Correctly check for trailing digest options.
[openssl.git]
/
apps
/
ocsp.c
diff --git
a/apps/ocsp.c
b/apps/ocsp.c
index fd38da44e3b697699309146ab75f135482d0ad4e..416e05caef824031da065b505f848952b9c79598 100644
(file)
--- a/
apps/ocsp.c
+++ b/
apps/ocsp.c
@@
-228,6
+228,7
@@
int ocsp_main(int argc, char **argv)
{
BIO *acbio = NULL, *cbio = NULL, *derbio = NULL, *out = NULL;
const EVP_MD *cert_id_md = NULL, *rsign_md = NULL;
{
BIO *acbio = NULL, *cbio = NULL, *derbio = NULL, *out = NULL;
const EVP_MD *cert_id_md = NULL, *rsign_md = NULL;
+ int trailing_md = 0;
CA_DB *rdb = NULL;
EVP_PKEY *key = NULL, *rkey = NULL;
OCSP_BASICRESP *bs = NULL;
CA_DB *rdb = NULL;
EVP_PKEY *key = NULL, *rkey = NULL;
OCSP_BASICRESP *bs = NULL;
@@
-439,6
+440,7
@@
int ocsp_main(int argc, char **argv)
goto end;
if (!sk_OPENSSL_STRING_push(reqnames, opt_arg()))
goto end;
goto end;
if (!sk_OPENSSL_STRING_push(reqnames, opt_arg()))
goto end;
+ trailing_md = 0;
break;
case OPT_SERIAL:
if (cert_id_md == NULL)
break;
case OPT_SERIAL:
if (cert_id_md == NULL)
@@
-447,6
+449,7
@@
int ocsp_main(int argc, char **argv)
goto end;
if (!sk_OPENSSL_STRING_push(reqnames, opt_arg()))
goto end;
goto end;
if (!sk_OPENSSL_STRING_push(reqnames, opt_arg()))
goto end;
+ trailing_md = 0;
break;
case OPT_INDEX:
ridx_filename = opt_arg();
break;
case OPT_INDEX:
ridx_filename = opt_arg();
@@
-490,7
+493,7
@@
int ocsp_main(int argc, char **argv)
goto end;
break;
case OPT_MD:
goto end;
break;
case OPT_MD:
- if (
cert_id_md != NULL
) {
+ if (
trailing_md
) {
BIO_printf(bio_err,
"%s: Digest must be before -cert or -serial\n",
prog);
BIO_printf(bio_err,
"%s: Digest must be before -cert or -serial\n",
prog);
@@
-498,9
+501,16
@@
int ocsp_main(int argc, char **argv)
}
if (!opt_md(opt_unknown(), &cert_id_md))
goto opthelp;
}
if (!opt_md(opt_unknown(), &cert_id_md))
goto opthelp;
+ trailing_md = 1;
break;
}
}
break;
}
}
+
+ if (trailing_md) {
+ BIO_printf(bio_err, "%s: Digest must be before -cert or -serial\n",
+ prog);
+ goto opthelp;
+ }
argc = opt_num_rest();
if (argc != 0)
goto opthelp;
argc = opt_num_rest();
if (argc != 0)
goto opthelp;