ca.c (109998) | ca.c (111147) |
---|---|
1/* apps/ca.c */ 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * --- 182 unchanged lines hidden (view full) --- 191" -noemailDN - Don't add the EMAIL field into certificate' subject\n", 192" -batch - Don't ask questions\n", 193" -msie_hack - msie modifications to handle all those universal strings\n", 194" -revoke file - Revoke a certificate (given in file)\n", 195" -subj arg - Use arg instead of request's subject\n", 196" -extensions .. - Extension section (override value in config file)\n", 197" -extfile file - Configuration file with X509v3 extentions to add\n", 198" -crlexts .. - CRL extension section (override value in config file)\n", | 1/* apps/ca.c */ 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * --- 182 unchanged lines hidden (view full) --- 191" -noemailDN - Don't add the EMAIL field into certificate' subject\n", 192" -batch - Don't ask questions\n", 193" -msie_hack - msie modifications to handle all those universal strings\n", 194" -revoke file - Revoke a certificate (given in file)\n", 195" -subj arg - Use arg instead of request's subject\n", 196" -extensions .. - Extension section (override value in config file)\n", 197" -extfile file - Configuration file with X509v3 extentions to add\n", 198" -crlexts .. - CRL extension section (override value in config file)\n", |
199#ifndef OPENSSL_NO_ENGINE |
|
199" -engine e - use engine e, possibly a hardware device.\n", | 200" -engine e - use engine e, possibly a hardware device.\n", |
201#endif |
|
200" -status serial - Shows certificate status given the serial number\n", 201" -updatedb - Updates db for expired certificates\n", 202NULL 203}; 204 205#ifdef EFENCE 206extern int EF_PROTECT_FREE; 207extern int EF_PROTECT_BELOW; --- 120 unchanged lines hidden (view full) --- 328 long l; 329 const EVP_MD *dgst=NULL; 330 STACK_OF(CONF_VALUE) *attribs=NULL; 331 STACK_OF(X509) *cert_sk=NULL; 332#undef BSIZE 333#define BSIZE 256 334 MS_STATIC char buf[3][BSIZE]; 335 char *randfile=NULL; | 202" -status serial - Shows certificate status given the serial number\n", 203" -updatedb - Updates db for expired certificates\n", 204NULL 205}; 206 207#ifdef EFENCE 208extern int EF_PROTECT_FREE; 209extern int EF_PROTECT_BELOW; --- 120 unchanged lines hidden (view full) --- 330 long l; 331 const EVP_MD *dgst=NULL; 332 STACK_OF(CONF_VALUE) *attribs=NULL; 333 STACK_OF(X509) *cert_sk=NULL; 334#undef BSIZE 335#define BSIZE 256 336 MS_STATIC char buf[3][BSIZE]; 337 char *randfile=NULL; |
338#ifndef OPENSSL_NO_ENGINE |
|
336 char *engine = NULL; | 339 char *engine = NULL; |
340#endif |
|
337 char *tofree=NULL; 338 339#ifdef EFENCE 340EF_PROTECT_FREE=1; 341EF_PROTECT_BELOW=1; 342EF_ALIGNMENT=0; 343#endif 344 --- 187 unchanged lines hidden (view full) --- 532 rev_type = REV_KEY_COMPROMISE; 533 } 534 else if (strcmp(*argv,"-crl_CA_compromise") == 0) 535 { 536 if (--argc < 1) goto bad; 537 rev_arg = *(++argv); 538 rev_type = REV_CA_COMPROMISE; 539 } | 341 char *tofree=NULL; 342 343#ifdef EFENCE 344EF_PROTECT_FREE=1; 345EF_PROTECT_BELOW=1; 346EF_ALIGNMENT=0; 347#endif 348 --- 187 unchanged lines hidden (view full) --- 536 rev_type = REV_KEY_COMPROMISE; 537 } 538 else if (strcmp(*argv,"-crl_CA_compromise") == 0) 539 { 540 if (--argc < 1) goto bad; 541 rev_arg = *(++argv); 542 rev_type = REV_CA_COMPROMISE; 543 } |
544#ifndef OPENSSL_NO_ENGINE |
|
540 else if (strcmp(*argv,"-engine") == 0) 541 { 542 if (--argc < 1) goto bad; 543 engine= *(++argv); 544 } | 545 else if (strcmp(*argv,"-engine") == 0) 546 { 547 if (--argc < 1) goto bad; 548 engine= *(++argv); 549 } |
550#endif |
|
545 else 546 { 547bad: 548 BIO_printf(bio_err,"unknown option %s\n",*argv); 549 badops=1; 550 break; 551 } 552 argc--; --- 4 unchanged lines hidden (view full) --- 557 { 558 for (pp=ca_usage; (*pp != NULL); pp++) 559 BIO_printf(bio_err,"%s",*pp); 560 goto err; 561 } 562 563 ERR_load_crypto_strings(); 564 | 551 else 552 { 553bad: 554 BIO_printf(bio_err,"unknown option %s\n",*argv); 555 badops=1; 556 break; 557 } 558 argc--; --- 4 unchanged lines hidden (view full) --- 563 { 564 for (pp=ca_usage; (*pp != NULL); pp++) 565 BIO_printf(bio_err,"%s",*pp); 566 goto err; 567 } 568 569 ERR_load_crypto_strings(); 570 |
571#ifndef OPENSSL_NO_ENGINE |
|
565 e = setup_engine(bio_err, engine, 0); | 572 e = setup_engine(bio_err, engine, 0); |
573#endif |
|
566 567 /*****************************************************************/ 568 tofree=NULL; 569 if (configfile == NULL) configfile = getenv("OPENSSL_CONF"); 570 if (configfile == NULL) configfile = getenv("SSLEAY_CONF"); 571 if (configfile == NULL) 572 { 573 const char *s=X509_get_default_cert_area(); --- 18 unchanged lines hidden (view full) --- 592 BIO_printf(bio_err,"error loading the config file '%s'\n", 593 configfile); 594 else 595 BIO_printf(bio_err,"error on line %ld of config file '%s'\n" 596 ,errorline,configfile); 597 goto err; 598 } 599 if(tofree) | 574 575 /*****************************************************************/ 576 tofree=NULL; 577 if (configfile == NULL) configfile = getenv("OPENSSL_CONF"); 578 if (configfile == NULL) configfile = getenv("SSLEAY_CONF"); 579 if (configfile == NULL) 580 { 581 const char *s=X509_get_default_cert_area(); --- 18 unchanged lines hidden (view full) --- 600 BIO_printf(bio_err,"error loading the config file '%s'\n", 601 configfile); 602 else 603 BIO_printf(bio_err,"error on line %ld of config file '%s'\n" 604 ,errorline,configfile); 605 goto err; 606 } 607 if(tofree) |
608 { |
|
600 OPENSSL_free(tofree); | 609 OPENSSL_free(tofree); |
610 tofree = NULL; 611 } |
|
601 602 if (!load_config(bio_err, conf)) 603 goto err; 604 605 /* Lets get the config section we are using */ 606 if (section == NULL) 607 { 608 section=NCONF_get_string(conf,BASE_SECTION,ENV_DEFAULT_CA); --- 1019 unchanged lines hidden (view full) --- 1628err: 1629 if(tofree) 1630 OPENSSL_free(tofree); 1631 BIO_free_all(Cout); 1632 BIO_free_all(Sout); 1633 BIO_free_all(out); 1634 BIO_free_all(in); 1635 | 612 613 if (!load_config(bio_err, conf)) 614 goto err; 615 616 /* Lets get the config section we are using */ 617 if (section == NULL) 618 { 619 section=NCONF_get_string(conf,BASE_SECTION,ENV_DEFAULT_CA); --- 1019 unchanged lines hidden (view full) --- 1639err: 1640 if(tofree) 1641 OPENSSL_free(tofree); 1642 BIO_free_all(Cout); 1643 BIO_free_all(Sout); 1644 BIO_free_all(out); 1645 BIO_free_all(in); 1646 |
1636 sk_X509_pop_free(cert_sk,X509_free); | 1647 if (cert_sk) 1648 sk_X509_pop_free(cert_sk,X509_free); |
1637 1638 if (ret) ERR_print_errors(bio_err); 1639 app_RAND_write_file(randfile, bio_err); | 1649 1650 if (ret) ERR_print_errors(bio_err); 1651 app_RAND_write_file(randfile, bio_err); |
1640 if (free_key) | 1652 if (free_key && key) |
1641 OPENSSL_free(key); 1642 BN_free(serial); 1643 TXT_DB_free(db); 1644 EVP_PKEY_free(pkey); 1645 X509_free(x509); 1646 X509_CRL_free(crl); 1647 NCONF_free(conf); 1648 OBJ_cleanup(); --- 1677 unchanged lines hidden --- | 1653 OPENSSL_free(key); 1654 BN_free(serial); 1655 TXT_DB_free(db); 1656 EVP_PKEY_free(pkey); 1657 X509_free(x509); 1658 X509_CRL_free(crl); 1659 NCONF_free(conf); 1660 OBJ_cleanup(); --- 1677 unchanged lines hidden --- |