1/* apps/ca.c */ 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * --- 182 unchanged lines hidden (view full) --- 191" -noemailDN - Don't add the EMAIL field into certificate' subject\n", 192" -batch - Don't ask questions\n", 193" -msie_hack - msie modifications to handle all those universal strings\n", 194" -revoke file - Revoke a certificate (given in file)\n", 195" -subj arg - Use arg instead of request's subject\n", 196" -extensions .. - Extension section (override value in config file)\n", 197" -extfile file - Configuration file with X509v3 extentions to add\n", 198" -crlexts .. - CRL extension section (override value in config file)\n", |
199#ifndef OPENSSL_NO_ENGINE |
200" -engine e - use engine e, possibly a hardware device.\n", |
201#endif |
202" -status serial - Shows certificate status given the serial number\n", 203" -updatedb - Updates db for expired certificates\n", 204NULL 205}; 206 207#ifdef EFENCE 208extern int EF_PROTECT_FREE; 209extern int EF_PROTECT_BELOW; --- 120 unchanged lines hidden (view full) --- 330 long l; 331 const EVP_MD *dgst=NULL; 332 STACK_OF(CONF_VALUE) *attribs=NULL; 333 STACK_OF(X509) *cert_sk=NULL; 334#undef BSIZE 335#define BSIZE 256 336 MS_STATIC char buf[3][BSIZE]; 337 char *randfile=NULL; |
338#ifndef OPENSSL_NO_ENGINE |
339 char *engine = NULL; |
340#endif |
341 char *tofree=NULL; 342 343#ifdef EFENCE 344EF_PROTECT_FREE=1; 345EF_PROTECT_BELOW=1; 346EF_ALIGNMENT=0; 347#endif 348 --- 187 unchanged lines hidden (view full) --- 536 rev_type = REV_KEY_COMPROMISE; 537 } 538 else if (strcmp(*argv,"-crl_CA_compromise") == 0) 539 { 540 if (--argc < 1) goto bad; 541 rev_arg = *(++argv); 542 rev_type = REV_CA_COMPROMISE; 543 } |
544#ifndef OPENSSL_NO_ENGINE |
545 else if (strcmp(*argv,"-engine") == 0) 546 { 547 if (--argc < 1) goto bad; 548 engine= *(++argv); 549 } |
550#endif |
551 else 552 { 553bad: 554 BIO_printf(bio_err,"unknown option %s\n",*argv); 555 badops=1; 556 break; 557 } 558 argc--; --- 4 unchanged lines hidden (view full) --- 563 { 564 for (pp=ca_usage; (*pp != NULL); pp++) 565 BIO_printf(bio_err,"%s",*pp); 566 goto err; 567 } 568 569 ERR_load_crypto_strings(); 570 |
571#ifndef OPENSSL_NO_ENGINE |
572 e = setup_engine(bio_err, engine, 0); |
573#endif |
574 575 /*****************************************************************/ 576 tofree=NULL; 577 if (configfile == NULL) configfile = getenv("OPENSSL_CONF"); 578 if (configfile == NULL) configfile = getenv("SSLEAY_CONF"); 579 if (configfile == NULL) 580 { 581 const char *s=X509_get_default_cert_area(); --- 18 unchanged lines hidden (view full) --- 600 BIO_printf(bio_err,"error loading the config file '%s'\n", 601 configfile); 602 else 603 BIO_printf(bio_err,"error on line %ld of config file '%s'\n" 604 ,errorline,configfile); 605 goto err; 606 } 607 if(tofree) |
608 { |
609 OPENSSL_free(tofree); |
610 tofree = NULL; 611 } |
612 613 if (!load_config(bio_err, conf)) 614 goto err; 615 616 /* Lets get the config section we are using */ 617 if (section == NULL) 618 { 619 section=NCONF_get_string(conf,BASE_SECTION,ENV_DEFAULT_CA); --- 1019 unchanged lines hidden (view full) --- 1639err: 1640 if(tofree) 1641 OPENSSL_free(tofree); 1642 BIO_free_all(Cout); 1643 BIO_free_all(Sout); 1644 BIO_free_all(out); 1645 BIO_free_all(in); 1646 |
1647 if (cert_sk) 1648 sk_X509_pop_free(cert_sk,X509_free); |
1649 1650 if (ret) ERR_print_errors(bio_err); 1651 app_RAND_write_file(randfile, bio_err); |
1652 if (free_key && key) |
1653 OPENSSL_free(key); 1654 BN_free(serial); 1655 TXT_DB_free(db); 1656 EVP_PKEY_free(pkey); 1657 X509_free(x509); 1658 X509_CRL_free(crl); 1659 NCONF_free(conf); 1660 OBJ_cleanup(); --- 1677 unchanged lines hidden --- |