#include <ctype.h>
#include <sys/types.h>
#include <sys/stat.h>
-#include "apps.h"
#include <openssl/conf.h>
#include <openssl/bio.h>
#include <openssl/err.h>
# else
# include <unixlib.h>
# endif
-# elif !defined(OPENSSL_SYS_VXWORKS)
+# elif !defined(OPENSSL_SYS_VXWORKS) && !defined(OPENSSL_SYS_WINDOWS)
# include <sys/file.h>
# endif
#endif
+#include "apps.h"
+
#ifndef W_OK
# define F_OK 0
# define X_OK 1
MS_STATIC char buf[3][BSIZE];
char *randfile=NULL;
char *engine = NULL;
+ char *tofree=NULL;
#ifdef EFENCE
EF_PROTECT_FREE=1;
ERR_load_crypto_strings();
- e = setup_engine(bio_err, engine, 0);
+ e = setup_engine(bio_err, engine, 0);
/*****************************************************************/
+ tofree=NULL;
if (configfile == NULL) configfile = getenv("OPENSSL_CONF");
if (configfile == NULL) configfile = getenv("SSLEAY_CONF");
if (configfile == NULL)
{
- /* We will just use 'buf[0]' as a temporary buffer. */
+ const char *s=X509_get_default_cert_area();
+
#ifdef OPENSSL_SYS_VMS
- strncpy(buf[0],X509_get_default_cert_area(),
- sizeof(buf[0])-1-sizeof(CONFIG_FILE));
+ tofree=OPENSSL_malloc(strlen(s)+sizeof(CONFIG_FILE));
+ strcpy(tofree,s);
#else
- strncpy(buf[0],X509_get_default_cert_area(),
- sizeof(buf[0])-2-sizeof(CONFIG_FILE));
- buf[0][sizeof(buf[0])-2-sizeof(CONFIG_FILE)]='\0';
- strcat(buf[0],"/");
+ tofree=OPENSSL_malloc(strlen(s)+sizeof(CONFIG_FILE)+1);
+ strcpy(tofree,s);
+ strcat(tofree,"/");
#endif
- strcat(buf[0],CONFIG_FILE);
- configfile=buf[0];
+ strcat(tofree,CONFIG_FILE);
+ configfile=tofree;
}
BIO_printf(bio_err,"Using configuration from %s\n",configfile);
,errorline,configfile);
goto err;
}
+ if(tofree)
+ OPENSSL_free(tofree);
if (!load_config(bio_err, conf))
goto err;
}
if (verbose)
{
- if ((f=BN_bn2hex(serial)) == NULL) goto err;
- BIO_printf(bio_err,"next serial number is %s\n",f);
- OPENSSL_free(f);
+ if (BN_is_zero(serial))
+ BIO_printf(bio_err,"next serial number is 00\n");
+ else
+ {
+ if ((f=BN_bn2hex(serial)) == NULL) goto err;
+ BIO_printf(bio_err,"next serial number is %s\n",f);
+ OPENSSL_free(f);
+ }
}
if ((attribs=NCONF_get_section(conf,policy)) == NULL)
BIO_printf(bio_err,"Write out database with %d new entries\n",sk_X509_num(cert_sk));
- strncpy(buf[0],serialfile,BSIZE-4);
- buf[0][BSIZE-4]='\0';
+ if(strlen(serialfile) > BSIZE-5 || strlen(dbfile) > BSIZE-5)
+ {
+ BIO_printf(bio_err,"file name too long\n");
+ goto err;
+ }
+
+ strcpy(buf[0],serialfile);
#ifdef OPENSSL_SYS_VMS
strcat(buf[0],"-new");
if (!save_serial(buf[0],serial)) goto err;
- strncpy(buf[1],dbfile,BSIZE-4);
- buf[1][BSIZE-4]='\0';
+ strcpy(buf[1],dbfile);
#ifdef OPENSSL_SYS_VMS
strcat(buf[1],"-new");
j=x->cert_info->serialNumber->length;
p=(char *)x->cert_info->serialNumber->data;
- strncpy(buf[2],outdir,BSIZE-(j*2)-6);
- buf[2][BSIZE-(j*2)-6]='\0';
+ if(strlen(outdir) >= (size_t)(j ? BSIZE-j*2-6 : BSIZE-8))
+ {
+ BIO_printf(bio_err,"certificate file name too long\n");
+ goto err;
+ }
+
+ strcpy(buf[2],outdir);
#ifndef OPENSSL_SYS_VMS
strcat(buf[2],"/");
else
#endif
#ifndef OPENSSL_NO_ECDSA
- if (pkey->type == EVP_PKEY_ECDSA)
+ if (pkey->type == EVP_PKEY_EC)
dgst=EVP_ecdsa();
else
#endif
if (j <= 0) goto err;
X509_free(revcert);
- strncpy(buf[0],dbfile,BSIZE-4);
- buf[0][BSIZE-4]='\0';
+ if(strlen(dbfile) > BSIZE-5)
+ {
+ BIO_printf(bio_err,"filename too long\n");
+ goto err;
+ }
+
+ strcpy(buf[0],dbfile);
#ifndef OPENSSL_SYS_VMS
strcat(buf[0],".new");
#else
/*****************************************************************/
ret=0;
err:
+ if(tofree)
+ OPENSSL_free(tofree);
BIO_free_all(Cout);
BIO_free_all(Sout);
BIO_free_all(out);
ret=ASN1_INTEGER_to_BN(ai,NULL);
if (ret == NULL)
{
- BIO_printf(bio_err,"error converting number from bin to BIGNUM");
+ BIO_printf(bio_err,"error converting number from bin to BIGNUM\n");
goto err;
}
err:
}
}
- row[DB_serial]=BN_bn2hex(serial);
+ if (BN_is_zero(serial))
+ row[DB_serial]=BUF_strdup("00");
+ else
+ row[DB_serial]=BN_bn2hex(serial);
if (row[DB_serial] == NULL)
{
BIO_printf(bio_err,"Memory allocation failure\n");
EVP_PKEY_free(pktmp);
#endif
#ifndef OPENSSL_NO_ECDSA
- if (pkey->type == EVP_PKEY_ECDSA)
+ if (pkey->type == EVP_PKEY_EC)
dgst = EVP_ecdsa();
pktmp = X509_get_pubkey(ret);
if (EVP_PKEY_missing_parameters(pktmp) &&
row[i]=NULL;
row[DB_name]=X509_NAME_oneline(X509_get_subject_name(x509),NULL,0);
bn = ASN1_INTEGER_to_BN(X509_get_serialNumber(x509),NULL);
- row[DB_serial]=BN_bn2hex(bn);
+ if (BN_is_zero(bn))
+ row[DB_serial]=BUF_strdup("00");
+ else
+ row[DB_serial]=BN_bn2hex(bn);
BN_free(bn);
if ((row[DB_name] == NULL) || (row[DB_serial] == NULL))
{
int nid;
if (!buf || !ne_types || !ne_values)
- {
+ {
BIO_printf(bio_err, "malloc error\n");
goto error;
- }
+ }
if (*subject != '/')
- {
+ {
BIO_printf(bio_err, "Subject does not start with '/'.\n");
goto error;
- }
+ }
sp++; /* skip leading / */
while (*sp)
- {
+ {
/* collect type */
ne_types[ne_num] = bp;
while (*sp)
- {
+ {
if (*sp == '\\') /* is there anything to escape in the type...? */
+ {
if (*++sp)
*bp++ = *sp++;
- else
- {
+ else
+ {
BIO_printf(bio_err, "escape character at end of string\n");
goto error;
- }
+ }
+ }
else if (*sp == '=')
- {
+ {
sp++;
*bp++ = '\0';
break;
- }
+ }
else
*bp++ = *sp++;
- }
+ }
if (!*sp)
- {
+ {
BIO_printf(bio_err, "end of string encountered while processing type of subject name element #%d\n", ne_num);
goto error;
- }
+ }
ne_values[ne_num] = bp;
while (*sp)
- {
+ {
if (*sp == '\\')
+ {
if (*++sp)
*bp++ = *sp++;
else
- {
+ {
BIO_printf(bio_err, "escape character at end of string\n");
goto error;
+ }
}
else if (*sp == '/')
- {
+ {
sp++;
break;
- }
+ }
else
*bp++ = *sp++;
- }
+ }
*bp++ = '\0';
ne_num++;
- }
+ }
if (!(n = X509_NAME_new()))
goto error;
projects / openssl.git / blobdiff