diff options
author | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2022-07-29 11:31:39 +0200 |
---|---|---|
committer | Hugo Landau <hlandau@openssl.org> | 2023-04-27 15:45:38 +0100 |
commit | 57c0205b4df7d612a0333415dfc0a845c22e7458 (patch) | |
tree | 45f90c434cf45bda5ad5202e17e8ae7335f653b1 /apps | |
parent | 2786160731257540a957216aeb6431970bbce95f (diff) | |
download | openssl-new-57c0205b4df7d612a0333415dfc0a845c22e7458.tar.gz |
APPS: make sure the -CAfile argument can be in DER format
Note that PKCS#12 input is still not supported here-
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18917)
Diffstat (limited to 'apps')
-rw-r--r-- | apps/lib/apps.c | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/apps/lib/apps.c b/apps/lib/apps.c index 69bf5b4e37..6f9bf4a6c8 100644 --- a/apps/lib/apps.c +++ b/apps/lib/apps.c @@ -1379,8 +1379,12 @@ X509_STORE *setup_verify(const char *CAfile, int noCAfile, if (CAfile != NULL) { if (X509_LOOKUP_load_file_ex(lookup, CAfile, X509_FILETYPE_PEM, libctx, propq) <= 0) { - BIO_printf(bio_err, "Error loading file %s\n", CAfile); - goto end; + ERR_clear_error(); + if (X509_LOOKUP_load_file_ex(lookup, CAfile, X509_FILETYPE_ASN1, + libctx, propq) <= 0) { + BIO_printf(bio_err, "Error loading file %s\n", CAfile); + goto end; + } } } else { X509_LOOKUP_load_file_ex(lookup, NULL, X509_FILETYPE_DEFAULT, |