Corrected 'cms' exit status when key or certificate cannot be opened

Fixes #4996.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4997)

diff --git a/apps/cms.c b/apps/cms.c
index 1457cabee7cb1ebbb91e379621395adcf8e56bac..6900ddfe84fcd2cfdf86993f0ad6ddf0de28379c 100644 (file)
--- a/apps/cms.c
+++ b/apps/cms.c
@@ -921,11 +921,15 @@ int cms_main(int argc, char **argv)
             keyfile = sk_OPENSSL_STRING_value(skkeys, i);
 
             signer = load_cert(signerfile, FORMAT_PEM, "signer certificate");
-            if (signer == NULL)
+            if (signer == NULL) {
+                ret = 2;
                 goto end;
+            }
             key = load_key(keyfile, keyform, 0, passin, e, "signing key file");
-            if (key == NULL)
+            if (key == NULL) {
+                ret = 2;
                 goto end;
+            }
             for (kparam = key_first; kparam; kparam = kparam->next) {
                 if (kparam->idx == i) {
                     tflags |= CMS_KEY_PARAM;