Stop spurious "unable to load config info" errors in req
[openssl.git] / apps / crl.c
index 9bab031..5ea59d0 100644 (file)
@@ -75,7 +75,7 @@
 static char *crl_usage[]={
 "usage: crl args\n",
 "\n",
-" -inform arg     - input format - default PEM (one of DER, TXT or PEM)\n",
+" -inform arg     - input format - default PEM (DER or PEM)\n",
 " -outform arg    - output format - default PEM\n",
 " -text           - print out a text format version\n",
 " -in arg         - input file - default stdin\n",
@@ -93,6 +93,8 @@ NULL
 static X509_CRL *load_crl(char *file, int format);
 static BIO *bio_out=NULL;
 
+int MAIN(int, char **);
+
 int MAIN(int argc, char **argv)
        {
        X509_CRL *x=NULL;
@@ -102,6 +104,7 @@ int MAIN(int argc, char **argv)
        int informat,outformat;
        char *infile=NULL,*outfile=NULL;
        int hash=0,issuer=0,lastupdate=0,nextupdate=0,noout=0,text=0;
+       int fingerprint = 0;
        char **pp,buf[256];
        X509_STORE *store = NULL;
        X509_STORE_CTX ctx;
@@ -109,6 +112,7 @@ int MAIN(int argc, char **argv)
        X509_OBJECT xobj;
        EVP_PKEY *pkey;
        int do_ver = 0;
+       const EVP_MD *md_alg,*digest=EVP_md5();
 
        apps_startup();
 
@@ -118,7 +122,15 @@ int MAIN(int argc, char **argv)
 
        if (bio_out == NULL)
                if ((bio_out=BIO_new(BIO_s_file())) != NULL)
+                       {
                        BIO_set_fp(bio_out,stdout,BIO_NOCLOSE);
+#ifdef OPENSSL_SYS_VMS
+                       {
+                       BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+                       bio_out = BIO_push(tmpbio, bio_out);
+                       }
+#endif
+                       }
 
        informat=FORMAT_PEM;
        outformat=FORMAT_PEM;
@@ -181,6 +193,13 @@ int MAIN(int argc, char **argv)
                        nextupdate= ++num;
                else if (strcmp(*argv,"-noout") == 0)
                        noout= ++num;
+               else if (strcmp(*argv,"-fingerprint") == 0)
+                       fingerprint= ++num;
+               else if ((md_alg=EVP_get_digestbyname(*argv + 1)))
+                       {
+                       /* ok */
+                       digest=md_alg;
+                       }
                else
                        {
                        BIO_printf(bio_err,"unknown option %s\n",*argv);
@@ -195,12 +214,11 @@ int MAIN(int argc, char **argv)
                {
 bad:
                for (pp=crl_usage; (*pp != NULL); pp++)
-                       BIO_printf(bio_err,*pp);
+                       BIO_printf(bio_err,"%s",*pp);
                goto end;
                }
 
        ERR_load_crypto_strings();
-       X509V3_add_standard_extensions();
        x=load_crl(infile,informat);
        if (x == NULL) { goto end; }
 
@@ -217,7 +235,11 @@ bad:
                        X509_LOOKUP_add_dir(lookup,NULL,X509_FILETYPE_DEFAULT);
                ERR_clear_error();
 
-               X509_STORE_CTX_init(&ctx, store, NULL, NULL);
+               if(!X509_STORE_CTX_init(&ctx, store, NULL, NULL)) {
+                       BIO_printf(bio_err,
+                               "Error initialising X509 store\n");
+                       goto end;
+               }
 
                i = X509_STORE_get_by_subject(&ctx, X509_LU_X509, 
                                        X509_CRL_get_issuer(x), &xobj);
@@ -273,6 +295,26 @@ bad:
                                        BIO_printf(bio_out,"NONE");
                                BIO_printf(bio_out,"\n");
                                }
+                       if (fingerprint == i)
+                               {
+                               int j;
+                               unsigned int n;
+                               unsigned char md[EVP_MAX_MD_SIZE];
+
+                               if (!X509_CRL_digest(x,digest,md,&n))
+                                       {
+                                       BIO_printf(bio_err,"out of memory\n");
+                                       goto end;
+                                       }
+                               BIO_printf(bio_out,"%s Fingerprint=",
+                                               OBJ_nid2sn(EVP_MD_type(digest)));
+                               for (j=0; j<(int)n; j++)
+                                       {
+                                       BIO_printf(bio_out,"%02X%c",md[j],
+                                               (j+1 == (int)n)
+                                               ?'\n':':');
+                                       }
+                               }
                        }
                }
 
@@ -284,7 +326,15 @@ bad:
                }
 
        if (outfile == NULL)
+               {
                BIO_set_fp(out,stdout,BIO_NOCLOSE);
+#ifdef OPENSSL_SYS_VMS
+               {
+               BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+               out = BIO_push(tmpbio, out);
+               }
+#endif
+               }
        else
                {
                if (BIO_write_filename(out,outfile) <= 0)
@@ -310,15 +360,15 @@ bad:
        if (!i) { BIO_printf(bio_err,"unable to write CRL\n"); goto end; }
        ret=0;
 end:
-       BIO_free(out);
-       BIO_free(bio_out);
+       BIO_free_all(out);
+       BIO_free_all(bio_out);
        bio_out=NULL;
        X509_CRL_free(x);
        if(store) {
                X509_STORE_CTX_cleanup(&ctx);
                X509_STORE_free(store);
        }
-       X509V3_EXT_cleanup();
+       apps_shutdown();
        EXIT(ret);
        }