#ifndef W_OK
# ifdef OPENSSL_SYS_VMS
-# if defined(__DECC)
-# include <unistd.h>
-# else
-# include <unixlib.h>
-# endif
+# include <unistd.h>
# elif !defined(OPENSSL_SYS_VXWORKS) && !defined(OPENSSL_SYS_WINDOWS)
# include <sys/file.h>
# endif
int ret = 1, email_dn = 1, req = 0, verbose = 0, gencrl = 0, dorevoke = 0;
int i, j, selfsign = 0;
long crldays = 0, crlhours = 0, crlsec = 0, days = 0;
- unsigned long chtype = MBSTRING_ASC, nameopt = 0, certopt = 0;
+ unsigned long chtype = MBSTRING_ASC, certopt = 0;
X509 *x509 = NULL, *x509p = NULL, *x = NULL;
REVINFO_TYPE rev_type = REV_NONE;
X509_REVOKED *r = NULL;
f = NCONF_get_string(conf, section, ENV_NAMEOPT);
if (f) {
- if (!set_name_ex(&nameopt, f)) {
+ if (!set_nameopt(f)) {
BIO_printf(bio_err, "Invalid name options: \"%s\"\n", f);
goto end;
}
default_op = 0;
- } else {
- nameopt = XN_FLAG_ONELINE;
- ERR_clear_error();
}
f = NCONF_get_string(conf, section, ENV_CERTOPT);
j = certify_spkac(&x, spkac_file, pkey, x509, dgst, sigopts,
attribs, db, serial, subj, chtype, multirdn,
email_dn, startdate, enddate, days, extensions,
- conf, verbose, certopt, nameopt, default_op,
+ conf, verbose, certopt, get_nameopt(), default_op,
ext_copy);
if (j < 0)
goto end;
attribs,
db, serial, subj, chtype, multirdn, email_dn,
startdate, enddate, days, batch, extensions,
- conf, verbose, certopt, nameopt, default_op,
+ conf, verbose, certopt, get_nameopt(), default_op,
ext_copy);
if (j < 0)
goto end;
j = certify(&x, infile, pkey, x509p, dgst, sigopts, attribs, db,
serial, subj, chtype, multirdn, email_dn, startdate,
enddate, days, batch, extensions, conf, verbose,
- certopt, nameopt, default_op, ext_copy, selfsign);
+ certopt, get_nameopt(), default_op, ext_copy, selfsign);
if (j < 0)
goto end;
if (j > 0) {
j = certify(&x, argv[i], pkey, x509p, dgst, sigopts, attribs, db,
serial, subj, chtype, multirdn, email_dn, startdate,
enddate, days, batch, extensions, conf, verbose,
- certopt, nameopt, default_op, ext_copy, selfsign);
+ certopt, get_nameopt(), default_op, ext_copy, selfsign);
if (j < 0)
goto end;
if (j > 0) {
goto end;
}
if (verbose)
- X509_REQ_print(bio_err, req);
+ X509_REQ_print_ex(bio_err, req, nameopt, X509_FLAG_COMPAT);
BIO_printf(bio_err, "Check that the request matches the signature\n");
row[DB_rev_date] = NULL;
row[DB_file] = OPENSSL_strdup("unknown");
+ if (row[DB_type] == NULL || row[DB_file] == NULL) {
+ BIO_printf(bio_err, "Memory allocation failure\n");
+ goto end;
+ }
+
irow = app_malloc(sizeof(*irow) * (DB_NUMBER + 1), "row ptr");
- for (i = 0; i < DB_NUMBER; i++) {
+ for (i = 0; i < DB_NUMBER; i++)
irow[i] = row[i];
- row[i] = NULL;
- }
irow[DB_NUMBER] = NULL;
if (!TXT_DB_insert(db->db, irow)) {
BIO_printf(bio_err, "failed to update database\n");
BIO_printf(bio_err, "TXT_DB error number %ld\n", db->db->error);
+ OPENSSL_free(irow);
goto end;
}
+ for (i = 0; i < DB_NUMBER; i++)
+ row[i] = NULL;
+
/* Revoke Certificate */
if (rev_type == REV_VALID)
ok = 1;
}
ok = 1;
end:
- for (i = 0; i < DB_NUMBER; i++) {
+ for (i = 0; i < DB_NUMBER; i++)
OPENSSL_free(row[i]);
- }
return (ok);
}
if (serial_len % 2) {
/*
* Set the first char to 0
- */ ;
+ */
row[DB_serial][0] = '0';
/* Copy String from serial to row[DB_serial] */