X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=apps%2Fverify.c;h=02351945679621d49fc75cba66afeba828de1961;hp=35085e73563ad9bd2b3fd9e6bdbf20ad1f89d20b;hb=1c8a527cff6cd4e07935e5a86335963e93adf75a;hpb=333b070ec06d7a67538ee9d5312656a19e802dc1

diff --git a/apps/verify.c b/apps/verify.c
index 35085e7356..0235194567 100644
--- a/apps/verify.c
+++ b/apps/verify.c
@@ -177,7 +177,10 @@ int verify_main(int argc, char **argv)
     argc = opt_num_rest();
     argv = opt_rest();
 
-    if (!(store = setup_verify(CAfile, CApath)))
+    if (!app_load_modules(NULL))
+        goto end;
+
+    if ((store = setup_verify(CAfile, CApath)) == NULL)
         goto end;
     X509_STORE_set_verify_cb(store, cb);
 
@@ -221,10 +224,8 @@ int verify_main(int argc, char **argv)
     }
 
  end:
-    if (vpm)
-        X509_VERIFY_PARAM_free(vpm);
-    if (store != NULL)
-        X509_STORE_free(store);
+    X509_VERIFY_PARAM_free(vpm);
+    X509_STORE_free(store);
     sk_X509_pop_free(untrusted, X509_free);
     sk_X509_pop_free(trusted, X509_free);
     sk_X509_CRL_pop_free(crls, X509_CRL_free);
@@ -283,8 +284,7 @@ static int check(X509_STORE *ctx, char *file,
         }
         sk_X509_pop_free(chain, X509_free);
     }
-    if (x != NULL)
-        X509_free(x);
+    X509_free(x);
 
     return (ret);
 }
@@ -296,26 +296,25 @@ static int cb(int ok, X509_STORE_CTX *ctx)
 
     if (!ok) {
         if (current_cert) {
-            X509_NAME_print_ex_fp(stdout,
-                                  X509_get_subject_name(current_cert),
-                                  0, XN_FLAG_ONELINE);
-            printf("\n");
+            X509_NAME_print_ex(bio_err,
+                            X509_get_subject_name(current_cert),
+                            0, XN_FLAG_ONELINE);
+            BIO_printf(bio_err, "\n");
         }
-        printf("%serror %d at %d depth lookup:%s\n",
+        BIO_printf(bio_err, "%serror %d at %d depth lookup:%s\n",
                X509_STORE_CTX_get0_parent_ctx(ctx) ? "[CRL path]" : "",
                cert_error,
                X509_STORE_CTX_get_error_depth(ctx),
                X509_verify_cert_error_string(cert_error));
         switch (cert_error) {
         case X509_V_ERR_NO_EXPLICIT_POLICY:
-            policies_print(bio_err, ctx);
+            policies_print(ctx);
         case X509_V_ERR_CERT_HAS_EXPIRED:
 
             /*
              * since we are just checking the certificates, it is ok if they
              * are self signed. But we should still warn the user.
              */
-
         case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
             /* Continue after extension errors too */
         case X509_V_ERR_INVALID_CA:
@@ -326,14 +325,13 @@ static int cb(int ok, X509_STORE_CTX *ctx)
         case X509_V_ERR_CRL_NOT_YET_VALID:
         case X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION:
             ok = 1;
-
         }
 
         return ok;
 
     }
     if (cert_error == X509_V_OK && ok == 2)
-        policies_print(bio_out, ctx);
+        policies_print(ctx);
     if (!v_verbose)
         ERR_clear_error();
     return (ok);