Convert TS_STATUS_INFO* functions to use const getters

[openssl.git] / apps / x509.c

diff --git a/apps/x509.c b/apps/x509.c
index 56c6fcca6aec9618a8c6563bff8c81f179c5f619..23265b229eac8e510e4f9c8c361615540171dd87 100644 (file)
--- a/apps/x509.c
+++ b/apps/x509.c
@@ -145,7 +145,7 @@ OPTIONS x509_options[] = {
 int x509_main(int argc, char **argv)
 {
     ASN1_INTEGER *sno = NULL;
-    ASN1_OBJECT *objtmp;
+    ASN1_OBJECT *objtmp = NULL;
     BIO *out = NULL;
     CONF *extconf = NULL;
     EVP_PKEY *Upkey = NULL, *CApkey = NULL, *fkey = NULL;
@@ -277,6 +277,7 @@ int x509_main(int argc, char **argv)
             if (trust == NULL && (trust = sk_ASN1_OBJECT_new_null()) == NULL)
                 goto end;
             sk_ASN1_OBJECT_push(trust, objtmp);
+            objtmp = NULL;
             trustout = 1;
             break;
         case OPT_ADDREJECT:
@@ -290,6 +291,7 @@ int x509_main(int argc, char **argv)
                 && (reject = sk_ASN1_OBJECT_new_null()) == NULL)
                 goto end;
             sk_ASN1_OBJECT_push(reject, objtmp);
+            objtmp = NULL;
             trustout = 1;
             break;
         case OPT_SETALIAS:
@@ -590,6 +592,7 @@ int x509_main(int argc, char **argv)
             objtmp = sk_ASN1_OBJECT_value(trust, i);
             X509_add1_trust_object(x, objtmp);
         }
+        objtmp = NULL;
     }
 
     if (reject) {
@@ -597,14 +600,22 @@ int x509_main(int argc, char **argv)
             objtmp = sk_ASN1_OBJECT_value(reject, i);
             X509_add1_reject_object(x, objtmp);
         }
+        objtmp = NULL;
+    }
+
+    if (badsig) {
+        ASN1_BIT_STRING *signature;
+        X509_get0_signature(&signature, NULL, x);
+        if (!corrupt_signature(signature))
+            goto end;
     }
 
     if (num) {
         for (i = 1; i <= num; i++) {
             if (issuer == i) {
-                print_name(out, "issuer= ", X509_get_issuer_name(x), nmflag);
+                print_name(out, "issuer=", X509_get_issuer_name(x), nmflag);
             } else if (subject == i) {
-                print_name(out, "subject= ",
+                print_name(out, "subject=",
                            X509_get_subject_name(x), nmflag);
             } else if (serial == i) {
                 BIO_printf(out, "serial=");
@@ -680,14 +691,14 @@ int x509_main(int argc, char **argv)
                 BIO_printf(out, "Modulus=");
 #ifndef OPENSSL_NO_RSA
                 if (EVP_PKEY_id(pkey) == EVP_PKEY_RSA) {
-                    BIGNUM *n;
+                    const BIGNUM *n;
                     RSA_get0_key(EVP_PKEY_get0_RSA(pkey), &n, NULL, NULL);
                     BN_print(out, n);
                 } else
 #endif
 #ifndef OPENSSL_NO_DSA
                 if (EVP_PKEY_id(pkey) == EVP_PKEY_DSA) {
-                    BIGNUM *dsapub = NULL;
+                    const BIGNUM *dsapub = NULL;
                     DSA_get0_key(EVP_PKEY_get0_DSA(pkey), &dsapub, NULL);
                     BN_print(out, dsapub);
                 } else
@@ -843,14 +854,6 @@ int x509_main(int argc, char **argv)
         goto end;
     }
 
-    if (badsig) {
-        ASN1_BIT_STRING *signature;
-        unsigned char *s;
-        X509_get0_signature(&signature, NULL, x);
-        s = ASN1_STRING_data(signature);
-        s[ASN1_STRING_length(signature) - 1] ^= 0x1;
-    }
-
     if (outformat == FORMAT_ASN1)
         i = i2d_X509_bio(out, x);
     else if (outformat == FORMAT_PEM) {
@@ -885,6 +888,7 @@ int x509_main(int argc, char **argv)
     ASN1_INTEGER_free(sno);
     sk_ASN1_OBJECT_pop_free(trust, ASN1_OBJECT_free);
     sk_ASN1_OBJECT_pop_free(reject, ASN1_OBJECT_free);
+    ASN1_OBJECT_free(objtmp);
     OPENSSL_free(passin);
     return (ret);
 }
@@ -1083,7 +1087,7 @@ static int sign(X509 *x, EVP_PKEY *pkey, int days, int clrext,
 static int purpose_print(BIO *bio, X509 *cert, X509_PURPOSE *pt)
 {
     int id, i, idret;
-    char *pname;
+    const char *pname;
     id = X509_PURPOSE_get_id(pt);
     pname = X509_PURPOSE_get0_name(pt);
     for (i = 0; i < 2; i++) {