X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=apps%2Fcrl.c;h=5e1f109a6bde54264d9668681a41ae613a9d1c1d;hp=0140ff749cd5ecf0e5f6dbc7ba10f9f43c2e18da;hb=1edd899d1127465941c0297806c18749b3ea0c9b;hpb=0f022f5a2201a591da7d373ebeeb7d29bdcaf95a diff --git a/apps/crl.c b/apps/crl.c index 0140ff749c..5e1f109a6b 100644 --- a/apps/crl.c +++ b/apps/crl.c @@ -26,7 +26,7 @@ typedef enum OPTION_choice { OPT_NOOUT, OPT_NAMEOPT, OPT_MD } OPTION_CHOICE; -OPTIONS crl_options[] = { +const OPTIONS crl_options[] = { {"help", OPT_HELP, '-', "Display this summary"}, {"inform", OPT_INFORM, 'F', "Input format; default PEM"}, {"in", OPT_IN, '<', "Input file - default stdin"}, @@ -41,7 +41,7 @@ OPTIONS crl_options[] = { {"fingerprint", OPT_FINGERPRINT, '-', "Print the crl fingerprint"}, {"crlnumber", OPT_CRLNUMBER, '-', "Print CRL number"}, {"badsig", OPT_BADSIG, '-', "Corrupt last byte of loaded CRL signature (for test)" }, - {"gendelta", OPT_GENDELTA, '<'}, + {"gendelta", OPT_GENDELTA, '<', "Other CRL to compare/diff to the Input one"}, {"CApath", OPT_CAPATH, '/', "Verify CRL using certificates in dir"}, {"CAfile", OPT_CAFILE, '<', "Verify CRL using certificates in file name"}, {"no-CAfile", OPT_NOCAFILE, '-', @@ -69,10 +69,8 @@ int crl_main(int argc, char **argv) X509_OBJECT *xobj = NULL; EVP_PKEY *pkey; const EVP_MD *digest = EVP_sha1(); - unsigned long nmflag = 0; - char nmflag_set = 0; char *infile = NULL, *outfile = NULL, *crldiff = NULL, *keyfile = NULL; - char *CAfile = NULL, *CApath = NULL, *prog; + const char *CAfile = NULL, *CApath = NULL, *prog; OPTION_CHOICE o; int hash = 0, issuer = 0, lastupdate = 0, nextupdate = 0, noout = 0; int informat = FORMAT_PEM, outformat = FORMAT_PEM, keyformat = FORMAT_PEM; @@ -169,8 +167,7 @@ int crl_main(int argc, char **argv) badsig = 1; break; case OPT_NAMEOPT: - nmflag_set = 1; - if (!set_name_ex(&nmflag, opt_arg())) + if (!set_nameopt(opt_arg())) goto opthelp; break; case OPT_MD: @@ -182,9 +179,6 @@ int crl_main(int argc, char **argv) if (argc != 0) goto opthelp; - if (!nmflag_set) - nmflag = XN_FLAG_ONELINE; - x = load_crl(infile, informat); if (x == NULL) goto end; @@ -250,18 +244,17 @@ int crl_main(int argc, char **argv) } if (badsig) { - ASN1_BIT_STRING *sig; + const ASN1_BIT_STRING *sig; - X509_CRL_get0_signature(&sig, NULL, x); - if (!corrupt_signature(sig)) - goto end; + X509_CRL_get0_signature(x, &sig, NULL); + corrupt_signature(sig); } if (num) { for (i = 1; i <= num; i++) { if (issuer == i) { print_name(bio_out, "issuer=", X509_CRL_get_issuer(x), - nmflag); + get_nameopt()); } if (crlnumber == i) { ASN1_INTEGER *crlnum; @@ -286,13 +279,13 @@ int crl_main(int argc, char **argv) #endif if (lastupdate == i) { BIO_printf(bio_out, "lastUpdate="); - ASN1_TIME_print(bio_out, X509_CRL_get_lastUpdate(x)); + ASN1_TIME_print(bio_out, X509_CRL_get0_lastUpdate(x)); BIO_printf(bio_out, "\n"); } if (nextupdate == i) { BIO_printf(bio_out, "nextUpdate="); - if (X509_CRL_get_nextUpdate(x)) - ASN1_TIME_print(bio_out, X509_CRL_get_nextUpdate(x)); + if (X509_CRL_get0_nextUpdate(x)) + ASN1_TIME_print(bio_out, X509_CRL_get0_nextUpdate(x)); else BIO_printf(bio_out, "NONE"); BIO_printf(bio_out, "\n"); @@ -320,7 +313,7 @@ int crl_main(int argc, char **argv) goto end; if (text) - X509_CRL_print(out, x); + X509_CRL_print_ex(out, x, get_nameopt()); if (noout) { ret = 0; @@ -344,5 +337,5 @@ int crl_main(int argc, char **argv) X509_CRL_free(x); X509_STORE_CTX_free(ctx); X509_STORE_free(store); - return (ret); + return ret; }