diff options
author | Geoff Thorpe <geoff@openssl.org> | 2001-09-01 20:02:13 +0000 |
---|---|---|
committer | Geoff Thorpe <geoff@openssl.org> | 2001-09-01 20:02:13 +0000 |
commit | 79aa04ef27f69a1149d4d0e72d2d2953b6241ef0 (patch) | |
tree | 28eb317ea6bcd7f391cffe2fe694e92224ce1ff8 /apps | |
parent | 3a0799977bcb154d044828e96a25a01eb478de51 (diff) | |
download | openssl-new-79aa04ef27f69a1149d4d0e72d2d2953b6241ef0.tar.gz |
Make the necessary changes to work with the recent "ex_data" overhaul.
See the commit log message for that for more information.
NB: X509_STORE_CTX's use of "ex_data" support was actually misimplemented
(initialisation by "memset" won't/can't/doesn't work). This fixes that but
requires that X509_STORE_CTX_init() be able to handle errors - so its
prototype has been changed to return 'int' rather than 'void'. All uses of
that function throughout the source code have been tracked down and
adjusted.
Diffstat (limited to 'apps')
-rw-r--r-- | apps/Makefile.ssl | 4 | ||||
-rw-r--r-- | apps/apps.h | 2 | ||||
-rw-r--r-- | apps/crl.c | 6 | ||||
-rw-r--r-- | apps/pkcs12.c | 3 | ||||
-rw-r--r-- | apps/verify.c | 6 | ||||
-rw-r--r-- | apps/x509.c | 6 |
6 files changed, 21 insertions, 6 deletions
diff --git a/apps/Makefile.ssl b/apps/Makefile.ssl index bce72a93dc..a2c23a3860 100644 --- a/apps/Makefile.ssl +++ b/apps/Makefile.ssl @@ -772,8 +772,8 @@ speed.o: ../include/openssl/rsa.h ../include/openssl/safestack.h speed.o: ../include/openssl/sha.h ../include/openssl/stack.h speed.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h speed.o: ../include/openssl/types.h ../include/openssl/ui.h -speed.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ./testdsa.h -speed.o: ./testrsa.h apps.h speed.c +speed.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h apps.h speed.c +speed.o: testdsa.h testrsa.h spkac.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h spkac.o: ../include/openssl/bn.h ../include/openssl/buffer.h spkac.o: ../include/openssl/conf.h ../include/openssl/crypto.h diff --git a/apps/apps.h b/apps/apps.h index de136f453b..869b13d7a9 100644 --- a/apps/apps.h +++ b/apps/apps.h @@ -140,7 +140,7 @@ extern BIO *bio_err; ENGINE_load_builtin_engines(); setup_ui_method(); } while(0) # endif # define apps_shutdown() \ - destroy_ui_method() + do { destroy_ui_method(); CRYPTO_cleanup_all_ex_data(); } while(0) #endif typedef struct args_st diff --git a/apps/crl.c b/apps/crl.c index 82ef8ce1f6..5ea59d0169 100644 --- a/apps/crl.c +++ b/apps/crl.c @@ -235,7 +235,11 @@ bad: X509_LOOKUP_add_dir(lookup,NULL,X509_FILETYPE_DEFAULT); ERR_clear_error(); - X509_STORE_CTX_init(&ctx, store, NULL, NULL); + if(!X509_STORE_CTX_init(&ctx, store, NULL, NULL)) { + BIO_printf(bio_err, + "Error initialising X509 store\n"); + goto end; + } i = X509_STORE_get_by_subject(&ctx, X509_LU_X509, X509_CRL_get_issuer(x), &xobj); diff --git a/apps/pkcs12.c b/apps/pkcs12.c index b507491dbb..d90cf59df7 100644 --- a/apps/pkcs12.c +++ b/apps/pkcs12.c @@ -810,6 +810,9 @@ int get_cert_chain (X509 *cert, X509_STORE *store, STACK_OF(X509) **chain) STACK_OF(X509) *chn; int i; + /* FIXME: Should really check the return status of X509_STORE_CTX_init + * for an error, but how that fits into the return value of this + * function is less obvious. */ X509_STORE_CTX_init(&store_ctx, store, cert, NULL); if (X509_verify_cert(&store_ctx) <= 0) { i = X509_STORE_CTX_get_error (&store_ctx); diff --git a/apps/verify.c b/apps/verify.c index 60da5c5a24..b1a4dacb8b 100644 --- a/apps/verify.c +++ b/apps/verify.c @@ -249,7 +249,11 @@ static int check(X509_STORE *ctx, char *file, STACK_OF(X509) *uchain, STACK_OF(X goto end; } X509_STORE_set_flags(ctx, vflags); - X509_STORE_CTX_init(csc,ctx,x,uchain); + if(!X509_STORE_CTX_init(csc,ctx,x,uchain)) + { + ERR_print_errors(bio_err); + goto end; + } if(tchain) X509_STORE_CTX_trusted_stack(csc, tchain); if(purpose >= 0) X509_STORE_CTX_set_purpose(csc, purpose); i=X509_verify_cert(csc); diff --git a/apps/x509.c b/apps/x509.c index f18aaf5d9f..65b072cc9a 100644 --- a/apps/x509.c +++ b/apps/x509.c @@ -1128,7 +1128,11 @@ static int x509_certify(X509_STORE *ctx, char *CAfile, const EVP_MD *digest, EVP_PKEY_copy_parameters(upkey,pkey); EVP_PKEY_free(upkey); - X509_STORE_CTX_init(&xsc,ctx,x,NULL); + if(!X509_STORE_CTX_init(&xsc,ctx,x,NULL)) + { + BIO_printf(bio_err,"Error initialising X509 store\n"); + goto end; + } if (sno) bs = sno; else if (!(bs = load_serial(CAfile, serialfile, create))) goto end; |