Fix escaping when using the -subj option of "openssl req", document

[openssl.git] / apps / crl.c

diff --git a/apps/crl.c b/apps/crl.c
index 82ef8ce1f62c145d8265a91ea1acc8e38e61f3cc..00946b4d20fc2370cb9636ac9e41594a45e6af2f 100644 (file)
--- a/apps/crl.c
+++ b/apps/crl.c
@@ -87,6 +87,7 @@ static char *crl_usage[]={
 " -noout          - no CRL output\n",
 " -CAfile  name   - verify CRL using certificates in file \"name\"\n",
 " -CApath  dir    - verify CRL using certificates in \"dir\"\n",
+" -nameopt arg    - various certificate name options\n",
 NULL
 };
 
@@ -97,6 +98,7 @@ int MAIN(int, char **);
 
 int MAIN(int argc, char **argv)
        {
+       unsigned long nmflag = 0;
        X509_CRL *x=NULL;
        char *CAfile = NULL, *CApath = NULL;
        int ret=1,i,num,badops=0;
@@ -105,7 +107,7 @@ int MAIN(int argc, char **argv)
        char *infile=NULL,*outfile=NULL;
        int hash=0,issuer=0,lastupdate=0,nextupdate=0,noout=0,text=0;
        int fingerprint = 0;
-       char **pp,buf[256];
+       char **pp;
        X509_STORE *store = NULL;
        X509_STORE_CTX ctx;
        X509_LOOKUP *lookup = NULL;
@@ -120,6 +122,9 @@ int MAIN(int argc, char **argv)
                if ((bio_err=BIO_new(BIO_s_file())) != NULL)
                        BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
 
+       if (!load_config(bio_err, NULL))
+               goto end;
+
        if (bio_out == NULL)
                if ((bio_out=BIO_new(BIO_s_file())) != NULL)
                        {
@@ -185,6 +190,11 @@ int MAIN(int argc, char **argv)
                        text = 1;
                else if (strcmp(*argv,"-hash") == 0)
                        hash= ++num;
+               else if (strcmp(*argv,"-nameopt") == 0)
+                       {
+                       if (--argc < 1) goto bad;
+                       if (!set_name_ex(&nmflag, *(++argv))) goto bad;
+                       }
                else if (strcmp(*argv,"-issuer") == 0)
                        issuer= ++num;
                else if (strcmp(*argv,"-lastupdate") == 0)
@@ -235,7 +245,11 @@ bad:
                        X509_LOOKUP_add_dir(lookup,NULL,X509_FILETYPE_DEFAULT);
                ERR_clear_error();
 
-               X509_STORE_CTX_init(&ctx, store, NULL, NULL);
+               if(!X509_STORE_CTX_init(&ctx, store, NULL, NULL)) {
+                       BIO_printf(bio_err,
+                               "Error initialising X509 store\n");
+                       goto end;
+               }
 
                i = X509_STORE_get_by_subject(&ctx, X509_LU_X509, 
                                        X509_CRL_get_issuer(x), &xobj);
@@ -264,9 +278,7 @@ bad:
                        {
                        if (issuer == i)
                                {
-                               X509_NAME_oneline(X509_CRL_get_issuer(x),
-                                                               buf,256);
-                               BIO_printf(bio_out,"issuer= %s\n",buf);
+                               print_name(bio_out, "issuer=", X509_CRL_get_issuer(x), nmflag);
                                }
 
                        if (hash == i)