" -extensions .. - Extension section (override value in config file)\n",
" -extfile file - Configuration file with X509v3 extentions to add\n",
" -crlexts .. - CRL extension section (override value in config file)\n",
+#ifndef OPENSSL_NO_ENGINE
" -engine e - use engine e, possibly a hardware device.\n",
+#endif
" -status serial - Shows certificate status given the serial number\n",
" -updatedb - Updates db for expired certificates\n",
NULL
#define BSIZE 256
MS_STATIC char buf[3][BSIZE];
char *randfile=NULL;
+#ifndef OPENSSL_NO_ENGINE
char *engine = NULL;
+#endif
char *tofree=NULL;
#ifdef EFENCE
rev_arg = *(++argv);
rev_type = REV_CA_COMPROMISE;
}
+#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine= *(++argv);
}
+#endif
else
{
bad:
ERR_load_crypto_strings();
+#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
+#endif
/*****************************************************************/
tofree=NULL;
if (pkey->type == EVP_PKEY_DSA)
dgst=EVP_dss1();
else
-#endif
-#ifndef OPENSSL_NO_ECDSA
- if (pkey->type == EVP_PKEY_EC)
- dgst=EVP_ecdsa();
- else
#endif
dgst=EVP_md5();
}
}
j=TXT_DB_write(out,db);
if (j <= 0) goto err;
+ BIO_free_all(out);
+ out = NULL;
+ BIO_free_all(in);
+ in = NULL;
strncpy(buf[1],dbfile,BSIZE-4);
buf[1][BSIZE-4]='\0';
#ifndef OPENSSL_SYS_VMS
#else
strcat(buf[1],"-old");
#endif
- BIO_free(in);
- in = NULL;
- BIO_free(out);
- out = NULL;
if (rename(dbfile,buf[1]) < 0)
{
BIO_printf(bio_err,"unable to rename %s to %s\n", dbfile, buf[1]);
BIO_free_all(out);
BIO_free_all(in);
- sk_X509_pop_free(cert_sk,X509_free);
+ if (cert_sk)
+ sk_X509_pop_free(cert_sk,X509_free);
if (ret) ERR_print_errors(bio_err);
app_RAND_write_file(randfile, bio_err);
- if (free_key & key)
+ if (free_key && key)
OPENSSL_free(key);
BN_free(serial);
TXT_DB_free(db);
#ifdef X509_V3
/* Make it an X509 v3 certificate. */
- if (!X509_set_version(x509,2)) goto err;
+ if (!X509_set_version(ret,2)) goto err;
#endif
if (BN_to_ASN1_INTEGER(serial,ci->serialNumber) == NULL)
EVP_PKEY_copy_parameters(pktmp,pkey);
EVP_PKEY_free(pktmp);
#endif
-#ifndef OPENSSL_NO_ECDSA
- if (pkey->type == EVP_PKEY_EC)
- dgst = EVP_ecdsa();
- pktmp = X509_get_pubkey(ret);
- if (EVP_PKEY_missing_parameters(pktmp) &&
- !EVP_PKEY_missing_parameters(pkey))
- EVP_PKEY_copy_parameters(pktmp, pkey);
- EVP_PKEY_free(pktmp);
-#endif
-
if (!X509_sign(ret,pkey,dgst))
goto err;
int nid;
if (!buf || !ne_types || !ne_values)
- {
+ {
BIO_printf(bio_err, "malloc error\n");
goto error;
- }
+ }
if (*subject != '/')
- {
+ {
BIO_printf(bio_err, "Subject does not start with '/'.\n");
goto error;
- }
+ }
sp++; /* skip leading / */
while (*sp)
{
if (*++sp)
*bp++ = *sp++;
- else
+ else
{
BIO_printf(bio_err, "escape character at end of string\n");
goto error;
}
- }
+ }
else if (*sp == '=')
{
sp++;
}
*bp++ = '\0';
ne_num++;
- }
+ }
if (!(n = X509_NAME_new()))
goto error;