From: Richard Levitte Date: Thu, 21 Jun 2018 04:24:33 +0000 (+0200) Subject: openssl ca: open the output file as late as possible X-Git-Tag: OpenSSL_1_1_1-pre9~274 X-Git-Url: https://git.openssl.org/?p=openssl.git;a=commitdiff_plain;h=63871d9f810fec1e8a441d82c9ac79c58b19e2ad;hp=6e501c47191102b23912e2744929d4c630523ff7 openssl ca: open the output file as late as possible Fixes #6544 Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/6546) --- diff --git a/apps/ca.c b/apps/ca.c index 60c8f6c373..4a8396ee07 100644 --- a/apps/ca.c +++ b/apps/ca.c @@ -726,10 +726,6 @@ end_of_options: output_der = 1; batch = 1; } - Sout = bio_open_default(outfile, 'w', - output_der ? FORMAT_ASN1 : FORMAT_TEXT); - if (Sout == NULL) - goto end; } if (md == NULL && (md = lookup_conf(conf, section, ENV_DEFAULT_MD)) == NULL) @@ -1025,6 +1021,11 @@ end_of_options: if (verbose) BIO_printf(bio_err, "writing %s\n", new_cert); + Sout = bio_open_default(outfile, 'w', + output_der ? FORMAT_ASN1 : FORMAT_TEXT); + if (Sout == NULL) + goto end; + Cout = BIO_new_file(new_cert, "w"); if (Cout == NULL) { perror(new_cert); @@ -1033,6 +1034,8 @@ end_of_options: write_new_certificate(Cout, xi, 0, notext); write_new_certificate(Sout, xi, output_der, notext); BIO_free_all(Cout); + BIO_free_all(Sout); + Sout = NULL; } if (sk_X509_num(cert_sk)) { @@ -1181,6 +1184,11 @@ end_of_options: if (!do_X509_CRL_sign(crl, pkey, dgst, sigopts)) goto end; + Sout = bio_open_default(outfile, 'w', + output_der ? FORMAT_ASN1 : FORMAT_TEXT); + if (Sout == NULL) + goto end; + PEM_write_bio_X509_CRL(Sout, crl); if (crlnumberfile != NULL) /* Rename the crlnumber file */