Bugfix: previously the serial number file could turn negative

[openssl.git] / apps / x509.c

diff --git a/apps/x509.c b/apps/x509.c
index 1ae673d4698721c456e99aa3de52c654df75416b..391bb3eef9504521a8a567ed4a2323bf9d797861 100644 (file)
--- a/apps/x509.c
+++ b/apps/x509.c
@@ -60,7 +60,7 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
-#ifdef NO_STDIO
+#ifdef OPENSSL_NO_STDIO
 #define APPS_WIN16
 #endif
 #include "apps.h"
@@ -193,7 +193,7 @@ int MAIN(int argc, char **argv)
        if (bio_err == NULL)
                bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
        STDout=BIO_new_fp(stdout,BIO_NOCLOSE);
-#ifdef VMS
+#ifdef OPENSSL_SYS_VMS
        {
        BIO *tmpbio = BIO_new(BIO_f_linebuffer());
        STDout = BIO_push(tmpbio, STDout);
@@ -642,7 +642,7 @@ bad:
                if (outfile == NULL)
                        {
                        BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef VMS
+#ifdef OPENSSL_SYS_VMS
                        {
                        BIO *tmpbio = BIO_new(BIO_f_linebuffer());
                        out = BIO_push(tmpbio, out);
@@ -746,12 +746,12 @@ bad:
                                        goto end;
                                        }
                                BIO_printf(STDout,"Modulus=");
-#ifndef NO_RSA
+#ifndef OPENSSL_NO_RSA
                                if (pkey->type == EVP_PKEY_RSA)
                                        BN_print(STDout,pkey->pkey.rsa->n);
                                else
 #endif
-#ifndef NO_DSA
+#ifndef OPENSSL_NO_DSA
                                if (pkey->type == EVP_PKEY_DSA)
                                        BN_print(STDout,pkey->pkey.dsa->pub_key);
                                else
@@ -877,7 +877,7 @@ bad:
                                                keyfile,keyformat, passin, e);
                                        if (Upkey == NULL) goto end;
                                        }
-#ifndef NO_DSA
+#ifndef OPENSSL_NO_DSA
                                if (Upkey->type == EVP_PKEY_DSA)
                                        digest=EVP_dss1();
 #endif
@@ -896,7 +896,7 @@ bad:
                                                e);
                                        if (CApkey == NULL) goto end;
                                        }
-#ifndef NO_DSA
+#ifndef OPENSSL_NO_DSA
                                if (CApkey->type == EVP_PKEY_DSA)
                                        digest=EVP_dss1();
 #endif
@@ -1030,9 +1030,10 @@ static ASN1_INTEGER *load_serial(char *CAfile, char *serialfile, int create)
        {
        char *buf = NULL, *p;
        MS_STATIC char buf2[1024];
-       ASN1_INTEGER *bs = NULL, bs2;
+       ASN1_INTEGER *bs = NULL, *bs2 = NULL;
        BIO *io = NULL;
-       BIGNUM *serial;
+       BIGNUM *serial = NULL;
+
        buf=OPENSSL_malloc( ((serialfile == NULL)
                        ?(strlen(CAfile)+strlen(POSTFIX)+1)
                        :(strlen(serialfile)))+1);
@@ -1099,22 +1100,26 @@ static ASN1_INTEGER *load_serial(char *CAfile, char *serialfile, int create)
 
        if (!BN_add_word(serial,1))
                { BIO_printf(bio_err,"add_word failure\n"); goto end; }
-       bs2.data=(unsigned char *)buf2;
-       bs2.length=BN_bn2bin(serial,bs2.data);
-
+       if (!(bs2 = BN_to_ASN1_INTEGER(serial, NULL)))
+               { BIO_printf(bio_err,"error converting bn 2 asn1_integer\n"); goto end; }
        if (BIO_write_filename(io,buf) <= 0)
                {
                BIO_printf(bio_err,"error attempting to write serial number file\n");
                perror(buf);
                goto end;
                }
-       i2a_ASN1_INTEGER(io,&bs2);
+       i2a_ASN1_INTEGER(io,bs2);
        BIO_puts(io,"\n");
+
        BIO_free(io);
+       if (buf) OPENSSL_free(buf);
+       ASN1_INTEGER_free(bs2);
+       BN_free(serial);
        io=NULL;
        return bs;
 
        end:
+       if (buf) OPENSSL_free(buf);
        BIO_free(io);
        ASN1_INTEGER_free(bs);
        BN_free(serial);
@@ -1277,6 +1282,3 @@ static int purpose_print(BIO *bio, X509 *cert, X509_PURPOSE *pt)
                }
        return 1;
 }
-
-
-