X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=apps%2Fca.c;h=af7bb72e69c09217efc11b32616f0cca2cec59af;hb=2c4ee10c0aa231a30977aad47bae1d0dbe6bbef4;hp=ef61de2eefc6cda2adf06f73606f3873647464ef;hpb=dc047d31fa0c31872db8601a1b9fcd35f24d8589;p=oweals%2Fopenssl.git diff --git a/apps/ca.c b/apps/ca.c index ef61de2eef..af7bb72e69 100644 --- a/apps/ca.c +++ b/apps/ca.c @@ -224,7 +224,7 @@ int ca_main(int argc, char **argv) ENGINE *e = NULL; BIGNUM *crlnumber = NULL, *serial = NULL; EVP_PKEY *pkey = NULL; - BIO *in = NULL, *out = NULL, *Sout = NULL, *Cout = NULL; + BIO *in = NULL, *out = NULL, *Sout = NULL; ASN1_INTEGER *tmpser; ASN1_TIME *tmptm; CA_DB *db = NULL; @@ -982,6 +982,7 @@ end_of_options: if (verbose) BIO_printf(bio_err, "writing new certificates\n"); for (i = 0; i < sk_X509_num(cert_sk); i++) { + BIO *Cout = NULL; ASN1_INTEGER *serialNumber = X509_get_serialNumber(x); int k; char *n; @@ -1031,6 +1032,7 @@ end_of_options: } write_new_certificate(Cout, x, 0, notext); write_new_certificate(Sout, x, output_der, notext); + BIO_free_all(Cout); } if (sk_X509_num(cert_sk)) { @@ -1100,13 +1102,13 @@ end_of_options: if (tmptm == NULL) goto end; X509_gmtime_adj(tmptm, 0); - X509_CRL_set_lastUpdate(crl, tmptm); + X509_CRL_set1_lastUpdate(crl, tmptm); if (!X509_time_adj_ex(tmptm, crldays, crlhours * 60 * 60 + crlsec, NULL)) { BIO_puts(bio_err, "error setting CRL nextUpdate\n"); goto end; } - X509_CRL_set_nextUpdate(crl, tmptm); + X509_CRL_set1_nextUpdate(crl, tmptm); ASN1_TIME_free(tmptm); @@ -1215,7 +1217,6 @@ end_of_options: /*****************************************************************/ ret = 0; end: - BIO_free_all(Cout); BIO_free_all(Sout); BIO_free_all(out); BIO_free_all(in); @@ -1235,6 +1236,7 @@ end_of_options: X509_CRL_free(crl); NCONF_free(conf); NCONF_free(extconf); + release_engine(e); return (ret); } @@ -1377,7 +1379,7 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, { X509_NAME *name = NULL, *CAname = NULL, *subject = NULL, *dn_subject = NULL; - ASN1_UTCTIME *tm; + const ASN1_TIME *tm; ASN1_STRING *str, *str2; ASN1_OBJECT *obj; X509 *ret = NULL; @@ -1703,7 +1705,7 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, if (enddate != NULL) { int tdays; - ASN1_TIME_diff(&tdays, NULL, NULL, X509_get_notAfter(ret)); + ASN1_TIME_diff(&tdays, NULL, NULL, X509_get0_notAfter(ret)); days = tdays; } @@ -1789,7 +1791,7 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, } BIO_printf(bio_err, "Certificate is to be certified until "); - ASN1_TIME_print(bio_err, X509_get_notAfter(ret)); + ASN1_TIME_print(bio_err, X509_get0_notAfter(ret)); if (days) BIO_printf(bio_err, " (%ld days)", days); BIO_printf(bio_err, "\n"); @@ -1822,7 +1824,7 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, /* We now just add it to the database */ row[DB_type] = OPENSSL_strdup("V"); - tm = X509_get_notAfter(ret); + tm = X509_get0_notAfter(ret); row[DB_exp_date] = app_malloc(tm->length + 1, "row expdate"); memcpy(row[DB_exp_date], tm->data, tm->length); row[DB_exp_date][tm->length] = '\0'; @@ -1915,7 +1917,6 @@ static int certify_spkac(X509 **xret, const char *infile, EVP_PKEY *pkey, sk = CONF_get_section(parms, "default"); if (sk_CONF_VALUE_num(sk) == 0) { BIO_printf(bio_err, "no name/value pairs found in %s\n", infile); - CONF_free(parms); goto end; } @@ -2021,7 +2022,7 @@ static int check_time_format(const char *str) static int do_revoke(X509 *x509, CA_DB *db, int type, char *value) { - ASN1_UTCTIME *tm = NULL; + const ASN1_TIME *tm = NULL; char *row[DB_NUMBER], **rrow, **irow; char *rev_str = NULL; BIGNUM *bn = NULL; @@ -2054,7 +2055,7 @@ static int do_revoke(X509 *x509, CA_DB *db, int type, char *value) /* We now just add it to the database */ row[DB_type] = OPENSSL_strdup("V"); - tm = X509_get_notAfter(x509); + tm = X509_get0_notAfter(x509); row[DB_exp_date] = app_malloc(tm->length + 1, "row exp_data"); memcpy(row[DB_exp_date], tm->data, tm->length); row[DB_exp_date][tm->length] = '\0';