summary |
shortlog |
log |
commit | commitdiff |
tree
raw |
patch |
inline | side by side (from parent 1:
150a432)
Remove references to 'TXT' in -inform and -outform switches.
13 files changed:
Changes between 0.9.4 and 0.9.5 [xx XXX 1999]
Changes between 0.9.4 and 0.9.5 [xx XXX 1999]
+ *) New function X509_CTX_rget_chain(), this returns the chain
+ from an X509_CTX structure with a dup of the stack and all
+ the X509 reference counts upped: so the stack will exist
+ after X509_CTX_cleanup() has been called. Modify pkcs12.c
+ to use this.
+
+ Also make SSL_SESSION_print() print out the verify return
+ code.
+ [Steve Henson]
+
*) Add manpage for the pkcs12 command. Also change the default
behaviour so MAC iteration counts are used unless the new
-nomaciter option is used. This improves file security and
*) Add manpage for the pkcs12 command. Also change the default
behaviour so MAC iteration counts are used unless the new
-nomaciter option is used. This improves file security and
static char *crl_usage[]={
"usage: crl args\n",
"\n",
static char *crl_usage[]={
"usage: crl args\n",
"\n",
-" -inform arg - input format - default PEM (one of DER, TXT or PEM)\n",
+" -inform arg - input format - default PEM (DER or PEM)\n",
" -outform arg - output format - default PEM\n",
" -text - print out a text format version\n",
" -in arg - input file - default stdin\n",
" -outform arg - output format - default PEM\n",
" -text - print out a text format version\n",
" -in arg - input file - default stdin\n",
#undef PROG
#define PROG crl2pkcs7_main
#undef PROG
#define PROG crl2pkcs7_main
-/* -inform arg - input format - default PEM (one of DER, TXT or PEM)
+/* -inform arg - input format - default PEM (DER or PEM)
* -outform arg - output format - default PEM
* -in arg - input file - default stdin
* -out arg - output file - default stdout
* -outform arg - output format - default PEM
* -in arg - input file - default stdin
* -out arg - output file - default stdout
bad:
BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog);
BIO_printf(bio_err,"where options are\n");
bad:
BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog);
BIO_printf(bio_err,"where options are\n");
- BIO_printf(bio_err," -inform arg input format - one of DER TXT PEM\n");
- BIO_printf(bio_err," -outform arg output format - one of DER TXT PEM\n");
+ BIO_printf(bio_err," -inform arg input format - DER or PEM\n");
+ BIO_printf(bio_err," -outform arg output format - DER or PEM\n");
BIO_printf(bio_err," -in arg input file\n");
BIO_printf(bio_err," -out arg output file\n");
BIO_printf(bio_err," -certfile arg certificates file of chain to a trusted CA\n");
BIO_printf(bio_err," -in arg input file\n");
BIO_printf(bio_err," -out arg output file\n");
BIO_printf(bio_err," -certfile arg certificates file of chain to a trusted CA\n");
#undef PROG
#define PROG dh_main
#undef PROG
#define PROG dh_main
-/* -inform arg - input format - default PEM (one of DER, TXT or PEM)
+/* -inform arg - input format - default PEM (DER or PEM)
* -outform arg - output format - default PEM
* -in arg - input file - default stdin
* -out arg - output file - default stdout
* -outform arg - output format - default PEM
* -in arg - input file - default stdin
* -out arg - output file - default stdout
#undef PROG
#define PROG dsaparam_main
#undef PROG
#define PROG dsaparam_main
-/* -inform arg - input format - default PEM (one of DER, TXT or PEM)
+/* -inform arg - input format - default PEM (DER or PEM)
* -outform arg - output format - default PEM
* -in arg - input file - default stdin
* -out arg - output file - default stdout
* -outform arg - output format - default PEM
* -in arg - input file - default stdin
* -out arg - output file - default stdout
i = X509_STORE_CTX_get_error (&store_ctx);
goto err;
}
i = X509_STORE_CTX_get_error (&store_ctx);
goto err;
}
- chn = sk_X509_dup(X509_STORE_CTX_get_chain (&store_ctx));
- for (i = 0; i < sk_X509_num(chn); i++) {
- x = sk_X509_value(chn, i);
- CRYPTO_add(&x->references,1,CRYPTO_LOCK_X509);
- }
+ chn = X509_STORE_CTX_rget_chain(&store_ctx);
i = 0;
*chain = chn;
err:
i = 0;
*chain = chn;
err:
#undef PROG
#define PROG pkcs7_main
#undef PROG
#define PROG pkcs7_main
-/* -inform arg - input format - default PEM (one of DER, TXT or PEM)
+/* -inform arg - input format - default PEM (DER or PEM)
* -outform arg - output format - default PEM
* -in arg - input file - default stdin
* -out arg - output file - default stdout
* -outform arg - output format - default PEM
* -in arg - input file - default stdin
* -out arg - output file - default stdout
bad:
BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog);
BIO_printf(bio_err,"where options are\n");
bad:
BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog);
BIO_printf(bio_err,"where options are\n");
- BIO_printf(bio_err," -inform arg input format - one of DER TXT PEM\n");
- BIO_printf(bio_err," -outform arg output format - one of DER TXT PEM\n");
+ BIO_printf(bio_err," -inform arg input format - DER or PEM\n");
+ BIO_printf(bio_err," -outform arg output format - DER or PEM\n");
BIO_printf(bio_err," -in arg input file\n");
BIO_printf(bio_err," -out arg output file\n");
BIO_printf(bio_err," -print_certs print any certs or crl in the input\n");
BIO_printf(bio_err," -in arg input file\n");
BIO_printf(bio_err," -out arg output file\n");
BIO_printf(bio_err," -print_certs print any certs or crl in the input\n");
#undef PROG
#define PROG req_main
#undef PROG
#define PROG req_main
-/* -inform arg - input format - default PEM (one of DER, TXT or PEM)
+/* -inform arg - input format - default PEM (DER or PEM)
* -outform arg - output format - default PEM
* -in arg - input file - default stdin
* -out arg - output file - default stdout
* -outform arg - output format - default PEM
* -in arg - input file - default stdin
* -out arg - output file - default stdout
bad:
BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog);
BIO_printf(bio_err,"where options are\n");
bad:
BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog);
BIO_printf(bio_err,"where options are\n");
- BIO_printf(bio_err," -inform arg input format - one of DER TXT PEM\n");
- BIO_printf(bio_err," -outform arg output format - one of DER TXT PEM\n");
+ BIO_printf(bio_err," -inform arg input format - DER or PEM\n");
+ BIO_printf(bio_err," -outform arg output format - DER or PEM\n");
BIO_printf(bio_err," -in arg input file\n");
BIO_printf(bio_err," -out arg output file\n");
BIO_printf(bio_err," -text text form of request\n");
BIO_printf(bio_err," -in arg input file\n");
BIO_printf(bio_err," -out arg output file\n");
BIO_printf(bio_err," -text text form of request\n");
static char *sess_id_usage[]={
"usage: sess_id args\n",
"\n",
static char *sess_id_usage[]={
"usage: sess_id args\n",
"\n",
-" -inform arg - input format - default PEM (one of DER, TXT or PEM)\n",
+" -inform arg - input format - default PEM (DER or PEM)\n",
" -outform arg - output format - default PEM\n",
" -in arg - input file - default stdin\n",
" -out arg - output file - default stdout\n",
" -outform arg - output format - default PEM\n",
" -in arg - input file - default stdin\n",
" -out arg - output file - default stdout\n",
+STACK_OF(X509) *X509_STORE_CTX_rget_chain(X509_STORE_CTX *ctx)
+ {
+ int i;
+ X509 *x;
+ STACK_OF(X509) *chain;
+ if(!ctx->chain || !(chain = sk_X509_dup(ctx->chain))) return NULL;
+ for(i = 0; i < sk_X509_num(chain); i++) {
+ x = sk_X509_value(chain, i);
+ CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
+ }
+ return(chain);
+ }
+
void X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx, X509 *x)
{
ctx->cert=x;
void X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx, X509 *x)
{
ctx->cert=x;
int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx);
X509 * X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx);
STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx);
int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx);
X509 * X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx);
STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx);
+STACK_OF(X509) *X509_STORE_CTX_rget_chain(X509_STORE_CTX *ctx);
void X509_STORE_CTX_set_cert(X509_STORE_CTX *c,X509 *x);
void X509_STORE_CTX_set_chain(X509_STORE_CTX *c,STACK_OF(X509) *sk);
int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose);
void X509_STORE_CTX_set_cert(X509_STORE_CTX *c,X509 *x);
void X509_STORE_CTX_set_chain(X509_STORE_CTX *c,STACK_OF(X509) *sk);
int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose);
-/** specify the ciphers to be used by defaut by the SSL_CTX */
+/** specify the ciphers to be used by default by the SSL_CTX */
int SSL_CTX_set_cipher_list(SSL_CTX *ctx,char *str)
{
STACK_OF(SSL_CIPHER) *sk;
int SSL_CTX_set_cipher_list(SSL_CTX *ctx,char *str)
{
STACK_OF(SSL_CIPHER) *sk;
sprintf(str,"%02X",x->session_id[i]);
if (BIO_puts(bp,str) <= 0) goto err;
}
sprintf(str,"%02X",x->session_id[i]);
if (BIO_puts(bp,str) <= 0) goto err;
}
- if (BIO_puts(bp,"\nSession-ID-ctx: ") <= 0) goto err;
+ if (BIO_puts(bp,"\n Session-ID-ctx: ") <= 0) goto err;
for (i=0; i<x->sid_ctx_length; i++)
{
sprintf(str,"%02X",x->sid_ctx[i]);
for (i=0; i<x->sid_ctx_length; i++)
{
sprintf(str,"%02X",x->sid_ctx[i]);
if (BIO_puts(bp,str) <= 0) goto err;
}
if (BIO_puts(bp,"\n") <= 0) goto err;
if (BIO_puts(bp,str) <= 0) goto err;
}
if (BIO_puts(bp,"\n") <= 0) goto err;
+
+ if (BIO_puts(bp, " Verify return code ") <= 0) goto err;
+ sprintf(str, "%ld (%s)\n", x->verify_result,
+ X509_verify_cert_error_string(x->verify_result));
+ if (BIO_puts(bp,str) <= 0) goto err;