Add CHANGES entry for OPENSSL_NO_TLSEXT removal

[openssl.git] / apps / x509.c

diff --git a/apps/x509.c b/apps/x509.c
index 5418cce8cf80c70802d20844554b0a6162f0fe53..f22eef18f39da39780666092f90e31398e9a0de7 100644 (file)
--- a/apps/x509.c
+++ b/apps/x509.c
@@ -175,7 +175,7 @@ OPTIONS x509_options[] = {
      "The CA key, must be PEM format; if not in CAfile"},
     {"CAcreateserial", OPT_CACREATESERIAL, '-',
      "Create serial number file if it does not exist"},
-    {"CAserial", OPT_CASERIAL, '<', "Serial file"},
+    {"CAserial", OPT_CASERIAL, 's', "Serial file"},
     {"set_serial", OPT_SET_SERIAL, 's', "Serial number to use"},
     {"text", OPT_TEXT, '-', "Print the certificate in text form"},
     {"C", OPT_C, '-', "Print out C code forms"},
@@ -949,14 +949,12 @@ int x509_main(int argc, char **argv)
     EVP_PKEY_free(Upkey);
     EVP_PKEY_free(CApkey);
     EVP_PKEY_free(fkey);
-    if (sigopts)
-        sk_OPENSSL_STRING_free(sigopts);
+    sk_OPENSSL_STRING_free(sigopts);
     X509_REQ_free(rq);
     ASN1_INTEGER_free(sno);
     sk_ASN1_OBJECT_pop_free(trust, ASN1_OBJECT_free);
     sk_ASN1_OBJECT_pop_free(reject, ASN1_OBJECT_free);
-    if (passin)
-        OPENSSL_free(passin);
+    OPENSSL_free(passin);
     return (ret);
 }
 
@@ -996,8 +994,7 @@ static ASN1_INTEGER *x509_load_serial(char *CAfile, char *serialfile,
         goto end;
 
  end:
-    if (buf)
-        OPENSSL_free(buf);
+    OPENSSL_free(buf);
     BN_free(serial);
     return bs;
 }
@@ -1024,11 +1021,9 @@ static int x509_certify(X509_STORE *ctx, char *CAfile, const EVP_MD *digest,
     }
     if (sno)
         bs = sno;
-    else if (!(bs = x509_load_serial(CAfile, serialfile, create)))
+    else if ((bs = x509_load_serial(CAfile, serialfile, create)) == NULL)
         goto end;
 
-/*      if (!X509_STORE_add_cert(ctx,x)) goto end;*/
-
     /*
      * NOTE: this certificate can/should be self signed, unless it was a
      * certificate request in which case it is not.