X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=apps%2Fcrl2p7.c;h=194971d5d9d5245a901a1623129932d45a82a73a;hp=04bb1a1c87df2c5fdfe076cf22cd47062bd2d021;hb=e4e949192ba1d72226ec22b76cfe540b1d675d55;hpb=d02b48c63a58ea4367a0e905979f140b7d090f86 diff --git a/apps/crl2p7.c b/apps/crl2p7.c index 04bb1a1c87..194971d5d9 100644 --- a/apps/crl2p7.c +++ b/apps/crl2p7.c @@ -1,5 +1,5 @@ /* apps/crl2p7.c */ -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * * This package is an SSL implementation written @@ -63,33 +63,27 @@ #include #include #include -#include #include "apps.h" -#include "err.h" -#include "evp.h" -#include "x509.h" -#include "pkcs7.h" -#include "pem.h" -#include "objects.h" - -#ifndef NOPROTO -static int add_certs_from_file(STACK *stack, char *certfile); -#else -static int add_certs_from_file(); -#endif +#include +#include +#include +#include +#include +#include +static int add_certs_from_file(STACK_OF(X509) *stack, char *certfile); #undef PROG #define PROG crl2pkcs7_main -/* -inform arg - input format - default PEM (one of DER, TXT or PEM) +/* -inform arg - input format - default PEM (DER or PEM) * -outform arg - output format - default PEM * -in arg - input file - default stdin * -out arg - output file - default stdout */ -int MAIN(argc, argv) -int argc; -char **argv; +int MAIN(int, char **); + +int MAIN(int argc, char **argv) { int i,badops=0; BIO *in=NULL,*out=NULL; @@ -98,21 +92,21 @@ char **argv; PKCS7 *p7 = NULL; PKCS7_SIGNED *p7s = NULL; X509_CRL *crl=NULL; - STACK *crl_stack=NULL; - STACK *cert_stack=NULL; + STACK_OF(STRING) *certflst=NULL; + STACK_OF(X509_CRL) *crl_stack=NULL; + STACK_OF(X509) *cert_stack=NULL; int ret=1,nocrl=0; apps_startup(); if (bio_err == NULL) if ((bio_err=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err,stderr,BIO_NOCLOSE); + BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); infile=NULL; outfile=NULL; informat=FORMAT_PEM; outformat=FORMAT_PEM; - certfile=NULL; prog=argv[0]; argc--; @@ -146,7 +140,8 @@ char **argv; else if (strcmp(*argv,"-certfile") == 0) { if (--argc < 1) goto bad; - certfile= *(++argv); + if(!certflst) certflst = sk_STRING_new_null(); + sk_STRING_push(certflst,*(++argv)); } else { @@ -163,13 +158,15 @@ char **argv; bad: BIO_printf(bio_err,"%s [options] outfile\n",prog); BIO_printf(bio_err,"where options are\n"); - BIO_printf(bio_err," -inform arg input format - one of DER TXT PEM\n"); - BIO_printf(bio_err," -outform arg output format - one of DER TXT PEM\n"); - BIO_printf(bio_err," -in arg inout file\n"); + BIO_printf(bio_err," -inform arg input format - DER or PEM\n"); + BIO_printf(bio_err," -outform arg output format - DER or PEM\n"); + BIO_printf(bio_err," -in arg input file\n"); BIO_printf(bio_err," -out arg output file\n"); BIO_printf(bio_err," -certfile arg certificates file of chain to a trusted CA\n"); + BIO_printf(bio_err," (can be used more than once)\n"); BIO_printf(bio_err," -nocrl no crl to load, just certs from '-certfile'\n"); - EXIT(1); + ret = 1; + goto end; } ERR_load_crypto_strings(); @@ -198,7 +195,7 @@ bad: if (informat == FORMAT_ASN1) crl=d2i_X509_CRL_bio(in,NULL); else if (informat == FORMAT_PEM) - crl=PEM_read_bio_X509_CRL(in,NULL,NULL); + crl=PEM_read_bio_X509_CRL(in,NULL,NULL,NULL); else { BIO_printf(bio_err,"bad input format specified for input crl\n"); goto end; @@ -218,29 +215,39 @@ bad: p7s->contents->type=OBJ_nid2obj(NID_pkcs7_data); if (!ASN1_INTEGER_set(p7s->version,1)) goto end; - if ((crl_stack=sk_new(NULL)) == NULL) goto end; + if ((crl_stack=sk_X509_CRL_new_null()) == NULL) goto end; p7s->crl=crl_stack; if (crl != NULL) { - sk_push(crl_stack,(char *)crl); - crl=NULL; /* now part of p7 for Freeing */ + sk_X509_CRL_push(crl_stack,crl); + crl=NULL; /* now part of p7 for OPENSSL_freeing */ } - if ((cert_stack=sk_new(NULL)) == NULL) goto end; + if ((cert_stack=sk_X509_new_null()) == NULL) goto end; p7s->cert=cert_stack; - if (certfile != NULL) - { + if(certflst) for(i = 0; i < sk_STRING_num(certflst); i++) { + certfile = sk_STRING_value(certflst, i); if (add_certs_from_file(cert_stack,certfile) < 0) { - BIO_printf(bio_err,"error loading certificates\n"); + BIO_printf(bio_err, "error loading certificates\n"); ERR_print_errors(bio_err); goto end; } - } + } + + sk_STRING_free(certflst); if (outfile == NULL) + { BIO_set_fp(out,stdout,BIO_NOCLOSE); +#ifdef OPENSSL_SYS_VMS + { + BIO *tmpbio = BIO_new(BIO_f_linebuffer()); + out = BIO_push(tmpbio, out); + } +#endif + } else { if (BIO_write_filename(out,outfile) <= 0) @@ -267,11 +274,12 @@ bad: ret=0; end: if (in != NULL) BIO_free(in); - if (out != NULL) BIO_free(out); + if (out != NULL) BIO_free_all(out); if (p7 != NULL) PKCS7_free(p7); if (crl != NULL) X509_CRL_free(crl); - EXIT(ret); + apps_shutdown(); + OPENSSL_EXIT(ret); } /* @@ -284,40 +292,35 @@ end: * number of certs added if successful, -1 if not. *---------------------------------------------------------------------- */ -static int add_certs_from_file(stack,certfile) -STACK *stack; -char *certfile; +static int add_certs_from_file(STACK_OF(X509) *stack, char *certfile) { - struct stat st; BIO *in=NULL; int count=0; int ret= -1; - STACK *sk=NULL; + STACK_OF(X509_INFO) *sk=NULL; X509_INFO *xi; - if ((stat(certfile,&st) != 0)) - { - BIO_printf(bio_err,"unable to file the file, %s\n",certfile); - goto end; - } - in=BIO_new(BIO_s_file()); if ((in == NULL) || (BIO_read_filename(in,certfile) <= 0)) { + BIO_printf(bio_err,"error opening the file, %s\n",certfile); goto end; } /* This loads from a file, a stack of x509/crl/pkey sets */ - sk=PEM_X509_INFO_read_bio(in,NULL,NULL); - if (sk == NULL) goto end; + sk=PEM_X509_INFO_read_bio(in,NULL,NULL,NULL); + if (sk == NULL) { + BIO_printf(bio_err,"error reading the file, %s\n",certfile); + goto end; + } /* scan over it and pull out the CRL's */ - while (sk_num(sk)) + while (sk_X509_INFO_num(sk)) { - xi=(X509_INFO *)sk_shift(sk); + xi=sk_X509_INFO_shift(sk); if (xi->x509 != NULL) { - sk_push(stack,(char *)xi->x509); + sk_X509_push(stack,xi->x509); xi->x509=NULL; count++; } @@ -326,9 +329,9 @@ char *certfile; ret=count; end: - /* never need to Free x */ + /* never need to OPENSSL_free x */ if (in != NULL) BIO_free(in); - if (sk != NULL) sk_free(sk); + if (sk != NULL) sk_X509_INFO_free(sk); return(ret); }