Add ctrls to clear options and mode.

[openssl.git] / apps / req.c

diff --git a/apps/req.c b/apps/req.c
index 745ba7035f430d5ca688b98869bb07aaffe2bc67..65cb19b4ee986d504af026cb8d4fb28f42d28213 100644 (file)
--- a/apps/req.c
+++ b/apps/req.c
@@ -165,7 +165,7 @@ int MAIN(int argc, char **argv)
        EVP_PKEY_CTX *genctx = NULL;
        const char *keyalg = NULL;
        char *keyalgstr = NULL;
-       STACK *pkeyopts = NULL;
+       STACK_OF(OPENSSL_STRING) *pkeyopts = NULL;
        EVP_PKEY *pkey=NULL;
        int i=0,badops=0,newreq=0,verbose=0,pkey_type=-1;
        long newkey = -1;
@@ -306,8 +306,8 @@ int MAIN(int argc, char **argv)
                        if (--argc < 1)
                                goto bad;
                        if (!pkeyopts)
-                               pkeyopts = sk_new_null();
-                       if (!pkeyopts || !sk_push(pkeyopts, *(++argv)))
+                               pkeyopts = sk_OPENSSL_STRING_new_null();
+                       if (!pkeyopts || !sk_OPENSSL_STRING_push(pkeyopts, *(++argv)))
                                goto bad;
                        }
                else if (strcmp(*argv,"-batch") == 0)
@@ -365,11 +365,6 @@ int MAIN(int argc, char **argv)
                        serial = s2i_ASN1_INTEGER(NULL, *(++argv));
                        if (!serial) goto bad;
                        }
-               else if ((md_alg=EVP_get_digestbyname(&((*argv)[1]))) != NULL)
-                       {
-                       /* ok */
-                       digest=md_alg;
-                       }
                else if (strcmp(*argv,"-extensions") == 0)
                        {
                        if (--argc < 1) goto bad;
@@ -380,6 +375,11 @@ int MAIN(int argc, char **argv)
                        if (--argc < 1) goto bad;
                        req_exts = *(++argv);
                        }
+               else if ((md_alg=EVP_get_digestbyname(&((*argv)[1]))) != NULL)
+                       {
+                       /* ok */
+                       digest=md_alg;
+                       }
                else
                        {
                        BIO_printf(bio_err,"unknown option %s\n",*argv);
@@ -617,8 +617,7 @@ bad:
                           message */
                        goto end;
                        }
-               if (EVP_PKEY_type(pkey->type) == EVP_PKEY_DSA || 
-                       EVP_PKEY_type(pkey->type) == EVP_PKEY_EC)
+               else
                        {
                        char *randfile = NCONF_get_string(req_conf,SECTION,"RANDFILE");
                        if (randfile == NULL)
@@ -668,9 +667,9 @@ bad:
                if (pkeyopts)
                        {
                        char *genopt;
-                       for (i = 0; i < sk_num(pkeyopts); i++)
+                       for (i = 0; i < sk_OPENSSL_STRING_num(pkeyopts); i++)
                                {
-                               genopt = sk_value(pkeyopts, i);
+                               genopt = sk_OPENSSL_STRING_value(pkeyopts, i);
                                if (pkey_ctrl_string(genctx, genopt) <= 0)
                                        {
                                        BIO_printf(bio_err,
@@ -839,7 +838,7 @@ loop:
 
                        if (!X509_set_issuer_name(x509ss, X509_REQ_get_subject_name(req))) goto end;
                        if (!X509_gmtime_adj(X509_get_notBefore(x509ss),0)) goto end;
-                       if (!X509_gmtime_adj(X509_get_notAfter(x509ss), (long)60*60*24*days)) goto end;
+                       if (!X509_time_adj_ex(X509_get_notAfter(x509ss), days, 0, NULL)) goto end;
                        if (!X509_set_subject_name(x509ss, X509_REQ_get_subject_name(req))) goto end;
                        tmppkey = X509_REQ_get_pubkey(req);
                        if (!tmppkey || !X509_set_pubkey(x509ss,tmppkey)) goto end;
@@ -1084,7 +1083,7 @@ end:
        if (genctx)
                EVP_PKEY_CTX_free(genctx);
        if (pkeyopts)
-               sk_free(pkeyopts);
+               sk_OPENSSL_STRING_free(pkeyopts);
 #ifndef OPENSSL_NO_ENGINE
        if (gen_eng)
                ENGINE_free(gen_eng);
@@ -1442,7 +1441,8 @@ start:
                buf[0]='\0';
                if (!batch)
                        {
-                       fgets(buf,sizeof buf,stdin);
+                       if (!fgets(buf,sizeof buf,stdin))
+                               return 0;
                        }
                else
                        {
@@ -1500,7 +1500,8 @@ start:
                buf[0]='\0';
                if (!batch)
                        {
-                       fgets(buf,sizeof buf,stdin);
+                       if (!fgets(buf,sizeof buf,stdin))
+                               return 0;
                        }
                else
                        {
@@ -1648,7 +1649,7 @@ static EVP_PKEY_CTX *set_keygen_ctx(BIO *err, const char *gstr, int *pkey_type,
                if (!param)
                        {
                        X509 *x;
-                       BIO_reset(pbio);
+                       (void)BIO_reset(pbio);
                        x = PEM_read_bio_X509(pbio, NULL, NULL, NULL);
                        if (x)
                                {
@@ -1716,7 +1717,7 @@ static EVP_PKEY_CTX *set_keygen_ctx(BIO *err, const char *gstr, int *pkey_type,
                ERR_print_errors(err);
                return NULL;
                }
-
+#ifndef OPENSSL_NO_RSA
        if ((*pkey_type == EVP_PKEY_RSA) && (keylen != -1))
                {
                if (EVP_PKEY_CTX_set_rsa_keygen_bits(gctx, keylen) <= 0)
@@ -1727,6 +1728,7 @@ static EVP_PKEY_CTX *set_keygen_ctx(BIO *err, const char *gstr, int *pkey_type,
                        return NULL;
                        }
                }
+#endif
 
        return gctx;
        }