* Hudson (tjh@cryptsoft.com).
*
*/
+#ifndef OPENSSL_NO_OCSP
#include <stdio.h>
#include <string.h>
+#include "apps.h"
#include <openssl/pem.h>
#include <openssl/ocsp.h>
#include <openssl/err.h>
#include <openssl/ssl.h>
-#include "apps.h"
/* Maximum leeway in validity period: default 5 minutes */
#define MAX_VALIDITY_PERIOD (5 * 60)
NULL, e, "CA certificate");
if (rcertfile)
{
- rother = load_certs(bio_err, sign_certfile, FORMAT_PEM,
+ rother = load_certs(bio_err, rcertfile, FORMAT_PEM,
NULL, e, "responder other certificates");
- if (!sign_other) goto end;
+ if (!rother) goto end;
}
- rkey = load_key(bio_err, rkeyfile, FORMAT_PEM, NULL, NULL,
+ rkey = load_key(bio_err, rkeyfile, FORMAT_PEM, 0, NULL, NULL,
"responder private key");
if (!rkey)
goto end;
NULL, e, "signer certificates");
if (!sign_other) goto end;
}
- key = load_key(bio_err, keyfile, FORMAT_PEM, NULL, NULL,
+ key = load_key(bio_err, keyfile, FORMAT_PEM, 0, NULL, NULL,
"signer private key");
if (!key)
goto end;
}
else if (host)
{
+#ifndef OPENSSL_NO_SOCK
cbio = BIO_new_connect(host);
+#else
+ BIO_printf(bio_err, "Error creating connect BIO - sockets not supported.\n");
+ goto end;
+#endif
if (!cbio)
{
BIO_printf(bio_err, "Error creating connect BIO\n");
if (use_ssl == 1)
{
BIO *sbio;
+#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
ctx = SSL_CTX_new(SSLv23_client_method());
+#elif !defined(OPENSSL_NO_SSL3)
+ ctx = SSL_CTX_new(SSLv3_client_method());
+#elif !defined(OPENSSL_NO_SSL2)
+ ctx = SSL_CTX_new(SSLv2_client_method());
+#else
+ BIO_printf(bio_err, "SSL is disabled\n");
+ goto end;
+#endif
SSL_CTX_set_mode(ctx, SSL_MODE_AUTO_RETRY);
sbio = BIO_new_ssl(ctx, 1);
cbio = BIO_push(sbio, cbio);
SSL_CTX_free(ctx);
}
- EXIT(ret);
+ OPENSSL_EXIT(ret);
}
static int add_ocsp_cert(OCSP_REQUEST **req, X509 *cert, X509 *issuer,
char *itmp, *row[DB_NUMBER],**rrow;
for (i = 0; i < DB_NUMBER; i++) row[i] = NULL;
bn = ASN1_INTEGER_to_BN(ser,NULL);
- itmp = BN_bn2hex(bn);
+ if (BN_is_zero(bn))
+ itmp = BUF_strdup("00");
+ else
+ itmp = BN_bn2hex(bn);
row[DB_serial] = itmp;
BN_free(bn);
rrow=TXT_DB_get_by_index(db,DB_serial,row);
bufbio = BIO_new(BIO_f_buffer());
if (!bufbio)
goto err;
+#ifndef OPENSSL_NO_SOCK
acbio = BIO_new_accept(port);
+#else
+ BIO_printf(bio_err, "Error setting up accept BIO - sockets not supported.\n");
+#endif
if (!acbio)
goto err;
BIO_set_accept_bios(acbio, bufbio);
for(;;)
{
- len = BIO_gets(cbio, inbuf, 1024);
+ len = BIO_gets(cbio, inbuf, sizeof inbuf);
if (len <= 0)
return 1;
/* Look for "POST" signalling start of query */
return 1;
}
+#endif