If the email address is moved from the subject to the subject alternate name,

[oweals/openssl.git] / apps / ca.c

diff --git a/apps/ca.c b/apps/ca.c
index 0b3c8a4397bcf75c1c134a7829cd5bdca72f3c34..f97910b89f43964c648877a8264ec77a31e13211 100644 (file)
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -80,7 +80,11 @@
 #ifdef OPENSSL_SYS_WINDOWS
 #define strcasecmp _stricmp
 #else
-#include <strings.h>
+#  ifdef NO_STRINGS_H
+    int        strcasecmp();
+#  else
+#    include <strings.h>
+#  endif /* NO_STRINGS_H */
 #endif
 
 #ifndef W_OK
@@ -1450,13 +1454,13 @@ bad:
                        }
                if ((crldays == 0) && (crlhours == 0))
                        {
-                       BIO_printf(bio_err,"cannot lookup how long until the next CRL is issuer\n");
+                       BIO_printf(bio_err,"cannot lookup how long until the next CRL is issued\n");
                        goto err;
                        }
 
                if (verbose) BIO_printf(bio_err,"making CRL\n");
                if ((crl=X509_CRL_new()) == NULL) goto err;
-               if (!X509_CRL_set_issuer_name(crl, X509_get_issuer_name(x509))) goto err;
+               if (!X509_CRL_set_issuer_name(crl, X509_get_subject_name(x509))) goto err;
 
                tmptm = ASN1_TIME_new();
                if (!tmptm) goto err;
@@ -1509,11 +1513,6 @@ bad:
                        if (pkey->type == EVP_PKEY_DSA) 
                                dgst=EVP_dss1();
                        else
-#endif
-#ifndef OPENSSL_NO_ECDSA
-                       if (pkey->type == EVP_PKEY_ECDSA)
-                               dgst=EVP_ecdsa();
-                       else
 #endif
                                dgst=EVP_md5();
                        }
@@ -1573,6 +1572,10 @@ bad:
                                }
                        j=TXT_DB_write(out,db);
                        if (j <= 0) goto err;
+                       BIO_free_all(out);
+                       out = NULL;
+                       BIO_free_all(in);
+                       in = NULL;
                        strncpy(buf[1],dbfile,BSIZE-4);
                        buf[1][BSIZE-4]='\0';
 #ifndef OPENSSL_SYS_VMS
@@ -1580,10 +1583,6 @@ bad:
 #else
                        strcat(buf[1],"-old");
 #endif
-                       BIO_free(in);
-                       in = NULL;
-                       BIO_free(out);
-                       out = NULL;
                        if (rename(dbfile,buf[1]) < 0)
                                {
                                BIO_printf(bio_err,"unable to rename %s to %s\n", dbfile, buf[1]);
@@ -2090,9 +2089,8 @@ again2:
                        }
                }
 
-       row[DB_name]=X509_NAME_oneline(dn_subject,NULL,0);
        row[DB_serial]=BN_bn2hex(serial);
-       if ((row[DB_name] == NULL) || (row[DB_serial] == NULL))
+       if (row[DB_serial] == NULL)
                {
                BIO_printf(bio_err,"Memory allocation failure\n");
                goto err;
@@ -2289,16 +2287,6 @@ again2:
                EVP_PKEY_copy_parameters(pktmp,pkey);
        EVP_PKEY_free(pktmp);
 #endif
-#ifndef OPENSSL_NO_ECDSA
-       if (pkey->type == EVP_PKEY_ECDSA)
-               dgst = EVP_ecdsa();
-       pktmp = X509_get_pubkey(ret);
-       if (EVP_PKEY_missing_parameters(pktmp) &&
-               !EVP_PKEY_missing_parameters(pkey))
-               EVP_PKEY_copy_parameters(pktmp, pkey);
-       EVP_PKEY_free(pktmp);
-#endif
-
 
        if (!X509_sign(ret,pkey,dgst))
                goto err;
@@ -2315,10 +2303,10 @@ again2:
 
        /* row[DB_serial] done already */
        row[DB_file]=(char *)OPENSSL_malloc(8);
-       /* row[DB_name] done already */
+       row[DB_name]=X509_NAME_oneline(X509_get_subject_name(ret),NULL,0);
 
        if ((row[DB_type] == NULL) || (row[DB_exp_date] == NULL) ||
-               (row[DB_file] == NULL))
+               (row[DB_file] == NULL) || (row[DB_name] == NULL))
                {
                BIO_printf(bio_err,"Memory allocation failure\n");
                goto err;