X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=apps%2Fapps.c;h=39ca963b5f09c4c34d80df651da102dd1f37a00f;hp=0b5f9fd062b041d56bd636b26d695907a8bf0898;hb=4428c7dba8f6f407d915c1226f4e0f673e8be241;hpb=a412b8919821efd00121d28cf2441c5445bee602 diff --git a/apps/apps.c b/apps/apps.c index 0b5f9fd062..39ca963b5f 100644 --- a/apps/apps.c +++ b/apps/apps.c @@ -227,11 +227,17 @@ int app_init(long mesgwin) } #endif -int ctx_set_verify_locations(SSL_CTX *ctx, - const char *CAfile, const char *CApath) +int ctx_set_verify_locations(SSL_CTX *ctx, const char *CAfile, + const char *CApath, int noCAfile, int noCApath) { - if (CAfile == NULL && CApath == NULL) - return SSL_CTX_set_default_verify_paths(ctx); + if (CAfile == NULL && CApath == NULL) { + if (!noCAfile && SSL_CTX_set_default_verify_file(ctx) <= 0) + return 0; + if (!noCApath && SSL_CTX_set_default_verify_dir(ctx) <= 0) + return 0; + + return 1; + } return SSL_CTX_load_verify_locations(ctx, CAfile, CApath); } @@ -470,7 +476,7 @@ static char *app_get_pass(char *arg, int keepbio) pwdbio = BIO_push(btmp, pwdbio); #endif } else if (strcmp(arg, "stdin") == 0) { - pwdbio = dup_bio_in(); + pwdbio = dup_bio_in(FORMAT_TEXT); if (!pwdbio) { BIO_printf(bio_err, "Can't open BIO for stdin\n"); return NULL; @@ -687,7 +693,7 @@ X509 *load_cert(const char *file, int format, if (file == NULL) { unbuffer(stdin); - cert = dup_bio_in(); + cert = dup_bio_in(format); } else cert = bio_open_default(file, 'r', format); if (cert == NULL) @@ -776,7 +782,7 @@ EVP_PKEY *load_key(const char *file, int format, int maybe_stdin, #endif if (file == NULL && maybe_stdin) { unbuffer(stdin); - key = dup_bio_in(); + key = dup_bio_in(format); } else key = bio_open_default(file, 'r', format); if (key == NULL) @@ -839,7 +845,7 @@ EVP_PKEY *load_pubkey(const char *file, int format, int maybe_stdin, #endif if (file == NULL && maybe_stdin) { unbuffer(stdin); - key = dup_bio_in(); + key = dup_bio_in(format); } else key = bio_open_default(file, 'r', format); if (key == NULL) @@ -1074,7 +1080,11 @@ int set_name_ex(unsigned long *flags, const char *arg) {"ca_default", XN_FLAG_MULTILINE, 0xffffffffL}, {NULL, 0, 0} }; - return set_multi_opts(flags, arg, ex_tbl); + if (set_multi_opts(flags, arg, ex_tbl) == 0) + return 0; + if ((*flags & XN_FLAG_SEP_MASK) == 0) + *flags |= XN_FLAG_SEP_CPLUS_SPC; + return 1; } int set_ext_copy(int *copy_type, const char *arg) @@ -1240,34 +1250,39 @@ void print_array(BIO *out, const char* title, int len, const unsigned char* d) BIO_printf(out, "\n};\n"); } -X509_STORE *setup_verify(char *CAfile, char *CApath) +X509_STORE *setup_verify(char *CAfile, char *CApath, int noCAfile, int noCApath) { X509_STORE *store = X509_STORE_new(); X509_LOOKUP *lookup; if (!store) goto end; - lookup = X509_STORE_add_lookup(store, X509_LOOKUP_file()); - if (lookup == NULL) - goto end; - if (CAfile) { - if (!X509_LOOKUP_load_file(lookup, CAfile, X509_FILETYPE_PEM)) { - BIO_printf(bio_err, "Error loading file %s\n", CAfile); + + if(CAfile != NULL || !noCAfile) { + lookup = X509_STORE_add_lookup(store, X509_LOOKUP_file()); + if (lookup == NULL) goto end; - } - } else - X509_LOOKUP_load_file(lookup, NULL, X509_FILETYPE_DEFAULT); + if (CAfile) { + if (!X509_LOOKUP_load_file(lookup, CAfile, X509_FILETYPE_PEM)) { + BIO_printf(bio_err, "Error loading file %s\n", CAfile); + goto end; + } + } else + X509_LOOKUP_load_file(lookup, NULL, X509_FILETYPE_DEFAULT); + } - lookup = X509_STORE_add_lookup(store, X509_LOOKUP_hash_dir()); - if (lookup == NULL) - goto end; - if (CApath) { - if (!X509_LOOKUP_add_dir(lookup, CApath, X509_FILETYPE_PEM)) { - BIO_printf(bio_err, "Error loading directory %s\n", CApath); + if(CApath != NULL || !noCApath) { + lookup = X509_STORE_add_lookup(store, X509_LOOKUP_hash_dir()); + if (lookup == NULL) goto end; - } - } else - X509_LOOKUP_add_dir(lookup, NULL, X509_FILETYPE_DEFAULT); + if (CApath) { + if (!X509_LOOKUP_add_dir(lookup, CApath, X509_FILETYPE_PEM)) { + BIO_printf(bio_err, "Error loading directory %s\n", CApath); + goto end; + } + } else + X509_LOOKUP_add_dir(lookup, NULL, X509_FILETYPE_DEFAULT); + } ERR_clear_error(); return store; @@ -2721,16 +2736,24 @@ int raw_write_stdout(const void *buf, int siz) * does impact behavior on some platform, such as differentiating between * text and binary input/output on non-Unix platforms */ -BIO *dup_bio_in(void) +static int istext(int format) +{ + return (format & B_FORMAT_TEXT) == B_FORMAT_TEXT; +} + +BIO *dup_bio_in(int format) { - return BIO_new_fp(stdin, BIO_NOCLOSE | BIO_FP_TEXT); + return BIO_new_fp(stdin, + BIO_NOCLOSE | (istext(format) ? BIO_FP_TEXT : 0)); } -BIO *dup_bio_out(void) +BIO *dup_bio_out(int format) { - BIO *b = BIO_new_fp(stdout, BIO_NOCLOSE | BIO_FP_TEXT); + BIO *b = BIO_new_fp(stdout, + BIO_NOCLOSE | (istext(format) ? BIO_FP_TEXT : 0)); #ifdef OPENSSL_SYS_VMS - b = BIO_push(BIO_new(BIO_f_linebuffer()), b); + if (istext(format)) + b = BIO_push(BIO_new(BIO_f_linebuffer()), b); #endif return b; } @@ -2746,11 +2769,11 @@ static const char *modestr(char mode, int format) switch (mode) { case 'a': - return (format & B_FORMAT_TEXT) ? "a" : "ab"; + return istext(format) ? "a" : "ab"; case 'r': - return (format & B_FORMAT_TEXT) ? "r" : "rb"; + return istext(format) ? "r" : "rb"; case 'w': - return (format & B_FORMAT_TEXT) ? "w" : "wb"; + return istext(format) ? "w" : "wb"; } /* The assert above should make sure we never reach this point */ return NULL; @@ -2788,7 +2811,7 @@ BIO *bio_open_owner(const char *filename, int format, int private) #ifdef O_TRUNC mode |= O_TRUNC; #endif - binmode = !(format & B_FORMAT_TEXT); + binmode = istext(format); if (binmode) { #ifdef O_BINARY mode |= O_BINARY; @@ -2828,7 +2851,7 @@ static BIO *bio_open_default_(const char *filename, char mode, int format, BIO *ret; if (filename == NULL || strcmp(filename, "-") == 0) { - ret = mode == 'r' ? dup_bio_in() : dup_bio_out(); + ret = mode == 'r' ? dup_bio_in(format) : dup_bio_out(format); if (quiet) { ERR_clear_error(); return ret;