# else
# include <unixlib.h>
# endif
-# else
+# elif !defined(OPENSSL_SYS_VXWORKS)
# include <sys/file.h>
# endif
#endif
int verbose, X509_REQ *req, char *ext_sect, CONF *conf,
unsigned long certopt, unsigned long nameopt, int default_op,
int ext_copy);
-static X509_NAME *do_subject(char *subject, int email_dn);
+static X509_NAME *do_subject(char *subject);
static int do_revoke(X509 *x509, TXT_DB *db, int ext, char *extval);
static int get_certificate_status(const char *ser_status, TXT_DB *db);
static int do_updatedb(TXT_DB *db);
#else
strncpy(buf[0],X509_get_default_cert_area(),
sizeof(buf[0])-2-sizeof(CONFIG_FILE));
+ buf[0][sizeof(buf[0])-2-sizeof(CONFIG_FILE)]='\0';
strcat(buf[0],"/");
#endif
strcat(buf[0],CONFIG_FILE);
goto err;
}
+ if (!load_config(bio_err, conf))
+ goto err;
+
/* Lets get the config section we are using */
if (section == NULL)
{
BIO_printf(bio_err,"Write out database with %d new entries\n",sk_X509_num(cert_sk));
strncpy(buf[0],serialfile,BSIZE-4);
+ buf[0][BSIZE-4]='\0';
#ifdef OPENSSL_SYS_VMS
strcat(buf[0],"-new");
if (!save_serial(buf[0],serial)) goto err;
strncpy(buf[1],dbfile,BSIZE-4);
+ buf[1][BSIZE-4]='\0';
#ifdef OPENSSL_SYS_VMS
strcat(buf[1],"-new");
p=(char *)x->cert_info->serialNumber->data;
strncpy(buf[2],outdir,BSIZE-(j*2)-6);
+ buf[2][BSIZE-(j*2)-6]='\0';
#ifndef OPENSSL_SYS_VMS
strcat(buf[2],"/");
{
/* Rename the database and the serial file */
strncpy(buf[2],serialfile,BSIZE-4);
+ buf[2][BSIZE-4]='\0';
#ifdef OPENSSL_SYS_VMS
strcat(buf[2],"-old");
}
strncpy(buf[2],dbfile,BSIZE-4);
+ buf[2][BSIZE-4]='\0';
#ifdef OPENSSL_SYS_VMS
strcat(buf[2],"-old");
if (pkey->type == EVP_PKEY_DSA)
dgst=EVP_dss1();
else
+#endif
+#ifndef OPENSSL_NO_ECDSA
+ if (pkey->type == EVP_PKEY_ECDSA)
+ dgst=EVP_ecdsa();
+ else
#endif
dgst=EVP_md5();
}
X509_free(revcert);
strncpy(buf[0],dbfile,BSIZE-4);
+ buf[0][BSIZE-4]='\0';
#ifndef OPENSSL_SYS_VMS
strcat(buf[0],".new");
#else
j=TXT_DB_write(out,db);
if (j <= 0) goto err;
strncpy(buf[1],dbfile,BSIZE-4);
+ buf[1][BSIZE-4]='\0';
#ifndef OPENSSL_SYS_VMS
strcat(buf[1],".old");
#else
strcat(buf[1],"-old");
#endif
+ BIO_free(in);
+ in = NULL;
+ BIO_free(out);
+ out = NULL;
if (rename(dbfile,buf[1]) < 0)
{
BIO_printf(bio_err,"unable to rename %s to %s\n", dbfile, buf[1]);
if (subj)
{
- X509_NAME *n = do_subject(subj, email_dn);
+ X509_NAME *n = do_subject(subj);
if (!n)
{
goto err;
}
while((i = X509_NAME_get_index_by_NID(dn_subject,
- NID_pkcs9_emailAddress, -1) >= 0))
+ NID_pkcs9_emailAddress, -1)) >= 0)
{
tmpne = X509_NAME_get_entry(dn_subject, i);
X509_NAME_delete_entry(dn_subject, i);
EVP_PKEY_copy_parameters(pktmp,pkey);
EVP_PKEY_free(pktmp);
#endif
+#ifndef OPENSSL_NO_ECDSA
+ if (pkey->type == EVP_PKEY_ECDSA)
+ dgst = EVP_ecdsa();
+ pktmp = X509_get_pubkey(ret);
+ if (EVP_PKEY_missing_parameters(pktmp) &&
+ !EVP_PKEY_missing_parameters(pkey))
+ EVP_PKEY_copy_parameters(pktmp, pkey);
+ EVP_PKEY_free(pktmp);
+#endif
+
if (!X509_sign(ret,pkey,dgst))
goto err;
return ret;
}
-static X509_NAME *do_subject(char *subject, int email_dn)
+static X509_NAME *do_subject(char *subject)
{
X509_NAME *n = NULL;
continue;
}
- if ((nid == NID_pkcs9_emailAddress) && (email_dn == 0))
- continue;
-
if (!X509_NAME_add_entry_by_NID(n, nid, MBSTRING_ASC, (unsigned char*)ne_value, -1,-1,0))
{
X509_NAME_free(n);