diff options
| author | Tomas Mraz <tomas@openssl.org> | 2021-03-05 21:05:35 +0100 |
|---|---|---|
| committer | Tomas Mraz <tomas@openssl.org> | 2021-03-15 13:29:57 +0100 |
| commit | ea51096e51571b0dfe1e9e63661ad6f62ce0d82a (patch) | |
| tree | 58e1c359aaa08b76d7abf971e6c97d009da0e1b7 /apps | |
| parent | 8287a4c3b2230f8df109f5eb34171fa0058add2c (diff) | |
| download | openssl-new-ea51096e51571b0dfe1e9e63661ad6f62ce0d82a.tar.gz | |
apps: Add maybe_stdin argument to load_certs and set it in pkcs12
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14449)
Diffstat (limited to 'apps')
| -rw-r--r-- | apps/cms.c | 2 | ||||
| -rw-r--r-- | apps/include/apps.h | 2 | ||||
| -rw-r--r-- | apps/lib/apps.c | 6 | ||||
| -rw-r--r-- | apps/lib/s_cb.c | 2 | ||||
| -rw-r--r-- | apps/ocsp.c | 8 | ||||
| -rw-r--r-- | apps/pkcs12.c | 6 | ||||
| -rw-r--r-- | apps/s_client.c | 2 | ||||
| -rw-r--r-- | apps/s_server.c | 4 | ||||
| -rw-r--r-- | apps/smime.c | 2 | ||||
| -rw-r--r-- | apps/verify.c | 4 |
10 files changed, 19 insertions, 19 deletions
diff --git a/apps/cms.c b/apps/cms.c index f347a3314a..cea1b73d88 100644 --- a/apps/cms.c +++ b/apps/cms.c @@ -826,7 +826,7 @@ int cms_main(int argc, char **argv) } if (certfile != NULL) { - if (!load_certs(certfile, &other, NULL, "certificate file")) { + if (!load_certs(certfile, 0, &other, NULL, "certificate file")) { ERR_print_errors(bio_err); goto end; } diff --git a/apps/include/apps.h b/apps/include/apps.h index 416e1d2568..a2826e6066 100644 --- a/apps/include/apps.h +++ b/apps/include/apps.h @@ -129,7 +129,7 @@ STACK_OF(X509) *load_certs_multifile(char *files, const char *pass, const char *desc, X509_VERIFY_PARAM *vpm); X509_STORE *load_certstore(char *input, const char *pass, const char *desc, X509_VERIFY_PARAM *vpm); -int load_certs(const char *uri, STACK_OF(X509) **certs, +int load_certs(const char *uri, int maybe_stdin, STACK_OF(X509) **certs, const char *pass, const char *desc); int load_crls(const char *uri, STACK_OF(X509_CRL) **crls, const char *pass, const char *desc); diff --git a/apps/lib/apps.c b/apps/lib/apps.c index f114f0b10c..1e14f31497 100644 --- a/apps/lib/apps.c +++ b/apps/lib/apps.c @@ -800,12 +800,12 @@ X509_STORE *load_certstore(char *input, const char *pass, const char *desc, * Initialize or extend, if *certs != NULL, a certificate stack. * The caller is responsible for freeing *certs if its value is left not NULL. */ -int load_certs(const char *uri, STACK_OF(X509) **certs, +int load_certs(const char *uri, int maybe_stdin, STACK_OF(X509) **certs, const char *pass, const char *desc) { int was_NULL = *certs == NULL; - int ret = load_key_certs_crls(uri, 0, pass, desc, NULL, NULL, NULL, - NULL, certs, NULL, NULL); + int ret = load_key_certs_crls(uri, maybe_stdin, pass, desc, NULL, NULL, + NULL, NULL, certs, NULL, NULL); if (!ret && was_NULL) { sk_X509_pop_free(*certs, X509_free); diff --git a/apps/lib/s_cb.c b/apps/lib/s_cb.c index 0ca9038738..4c209e76df 100644 --- a/apps/lib/s_cb.c +++ b/apps/lib/s_cb.c @@ -1032,7 +1032,7 @@ int load_excert(SSL_EXCERT **pexc) if (exc->key == NULL) return 0; if (exc->chainfile != NULL) { - if (!load_certs(exc->chainfile, &exc->chain, NULL, "server chain")) + if (!load_certs(exc->chainfile, 0, &exc->chain, NULL, "server chain")) return 0; } } diff --git a/apps/ocsp.c b/apps/ocsp.c index e61774a8a3..e77c90f041 100644 --- a/apps/ocsp.c +++ b/apps/ocsp.c @@ -574,10 +574,10 @@ int ocsp_main(int argc, char **argv) BIO_printf(bio_err, "Error loading responder certificate\n"); goto end; } - if (!load_certs(rca_filename, &rca_cert, NULL, "CA certificates")) + if (!load_certs(rca_filename, 0, &rca_cert, NULL, "CA certificates")) goto end; if (rcertfile != NULL) { - if (!load_certs(rcertfile, &rother, NULL, + if (!load_certs(rcertfile, 0, &rother, NULL, "responder other certificates")) goto end; } @@ -671,7 +671,7 @@ redo_accept: goto end; } if (sign_certfile != NULL) { - if (!load_certs(sign_certfile, &sign_other, NULL, + if (!load_certs(sign_certfile, 0, &sign_other, NULL, "signer certificates")) goto end; } @@ -780,7 +780,7 @@ redo_accept: if (vpmtouched) X509_STORE_set1_param(store, vpm); if (verify_certfile != NULL) { - if (!load_certs(verify_certfile, &verify_other, NULL, + if (!load_certs(verify_certfile, 0, &verify_other, NULL, "validator certificates")) goto end; } diff --git a/apps/pkcs12.c b/apps/pkcs12.c index c5f2981aa7..0a88140880 100644 --- a/apps/pkcs12.c +++ b/apps/pkcs12.c @@ -525,7 +525,7 @@ int pkcs12_main(int argc, char **argv) /* Load all certs in input file */ if (!(options & NOCERTS)) { - if (!load_certs(infile, &certs, passin, + if (!load_certs(infile, 1, &certs, passin, "certificates from -in file")) goto export_end; if (sk_X509_num(certs) < 1) { @@ -560,7 +560,7 @@ int pkcs12_main(int argc, char **argv) /* Load any untrusted certificates for chain building */ if (untrusted != NULL) { - if (!load_certs(untrusted, &untrusted_certs, passcerts, + if (!load_certs(untrusted, 0, &untrusted_certs, passcerts, "untrusted certificates")) goto export_end; } @@ -605,7 +605,7 @@ int pkcs12_main(int argc, char **argv) /* Add any extra certificates asked for */ if (certfile != NULL) { - if (!load_certs(certfile, &certs, passcerts, + if (!load_certs(certfile, 0, &certs, passcerts, "extra certificates from -certfile")) goto export_end; } diff --git a/apps/s_client.c b/apps/s_client.c index 431df131dd..ac744ccbd5 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -1625,7 +1625,7 @@ int s_client_main(int argc, char **argv) } if (chain_file != NULL) { - if (!load_certs(chain_file, &chain, pass, "client certificate chain")) + if (!load_certs(chain_file, 0, &chain, pass, "client certificate chain")) goto end; } diff --git a/apps/s_server.c b/apps/s_server.c index bbbe3cf877..34b28736a1 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -1690,7 +1690,7 @@ int s_server_main(int argc, char *argv[]) if (s_cert == NULL) goto end; if (s_chain_file != NULL) { - if (!load_certs(s_chain_file, &s_chain, NULL, + if (!load_certs(s_chain_file, 0, &s_chain, NULL, "server certificate chain")) goto end; } @@ -1754,7 +1754,7 @@ int s_server_main(int argc, char *argv[]) goto end; } if (s_dchain_file != NULL) { - if (!load_certs(s_dchain_file, &s_dchain, NULL, + if (!load_certs(s_dchain_file, 0, &s_dchain, NULL, "second server certificate chain")) goto end; } diff --git a/apps/smime.c b/apps/smime.c index 63578f28d5..dcef6b3b49 100644 --- a/apps/smime.c +++ b/apps/smime.c @@ -457,7 +457,7 @@ int smime_main(int argc, char **argv) } if (certfile != NULL) { - if (!load_certs(certfile, &other, NULL, "certificates")) { + if (!load_certs(certfile, 0, &other, NULL, "certificates")) { ERR_print_errors(bio_err); goto end; } diff --git a/apps/verify.c b/apps/verify.c index bf200b0fb6..de6e051006 100644 --- a/apps/verify.c +++ b/apps/verify.c @@ -145,7 +145,7 @@ int verify_main(int argc, char **argv) break; case OPT_UNTRUSTED: /* Zero or more times */ - if (!load_certs(opt_arg(), &untrusted, NULL, + if (!load_certs(opt_arg(), 0, &untrusted, NULL, "untrusted certificates")) goto end; break; @@ -154,7 +154,7 @@ int verify_main(int argc, char **argv) noCAfile = 1; noCApath = 1; noCAstore = 1; - if (!load_certs(opt_arg(), &trusted, NULL, "trusted certificates")) + if (!load_certs(opt_arg(), 0, &trusted, NULL, "trusted certificates")) goto end; break; case OPT_CRLFILE: |