#endif
-int dump_cert_text(BIO *out, X509 *x)
+static unsigned long nmflag = 0;
+static char nmflag_set = 0;
+
+int set_nameopt(const char *arg)
{
- char *p;
+ int ret = set_name_ex(&nmflag, arg);
+
+ if (ret)
+ nmflag_set = 1;
+
+ return ret;
+}
- p = X509_NAME_oneline(X509_get_subject_name(x), NULL, 0);
- BIO_puts(out, "subject=");
- BIO_puts(out, p);
- OPENSSL_free(p);
+unsigned long get_nameopt(void)
+{
+ return (nmflag_set) ? nmflag : XN_FLAG_ONELINE;
+}
- p = X509_NAME_oneline(X509_get_issuer_name(x), NULL, 0);
- BIO_puts(out, "\nissuer=");
- BIO_puts(out, p);
+int dump_cert_text(BIO *out, X509 *x)
+{
+ print_name(out, "subject=", X509_get_subject_name(x), get_nameopt());
+ BIO_puts(out, "\n");
+ print_name(out, "issuer=", X509_get_issuer_name(x), get_nameopt());
BIO_puts(out, "\n");
- OPENSSL_free(p);
return 0;
}
void print_bignum_var(BIO *, const BIGNUM *, const char*,
int, unsigned char *);
void print_array(BIO *, const char *, int, const unsigned char *);
+int set_nameopt(const char *arg);
+unsigned long get_nameopt(void);
int set_cert_ex(unsigned long *flags, const char *arg);
int set_name_ex(unsigned long *flags, const char *arg);
int set_ext_copy(int *copy_type, const char *arg);
int ret = 1, email_dn = 1, req = 0, verbose = 0, gencrl = 0, dorevoke = 0;
int i, j, selfsign = 0;
long crldays = 0, crlhours = 0, crlsec = 0, days = 0;
- unsigned long chtype = MBSTRING_ASC, nameopt = 0, certopt = 0;
+ unsigned long chtype = MBSTRING_ASC, certopt = 0;
X509 *x509 = NULL, *x509p = NULL, *x = NULL;
REVINFO_TYPE rev_type = REV_NONE;
X509_REVOKED *r = NULL;
f = NCONF_get_string(conf, section, ENV_NAMEOPT);
if (f) {
- if (!set_name_ex(&nameopt, f)) {
+ if (!set_nameopt(f)) {
BIO_printf(bio_err, "Invalid name options: \"%s\"\n", f);
goto end;
}
default_op = 0;
- } else {
- nameopt = XN_FLAG_ONELINE;
- ERR_clear_error();
}
f = NCONF_get_string(conf, section, ENV_CERTOPT);
j = certify_spkac(&x, spkac_file, pkey, x509, dgst, sigopts,
attribs, db, serial, subj, chtype, multirdn,
email_dn, startdate, enddate, days, extensions,
- conf, verbose, certopt, nameopt, default_op,
+ conf, verbose, certopt, get_nameopt(), default_op,
ext_copy);
if (j < 0)
goto end;
attribs,
db, serial, subj, chtype, multirdn, email_dn,
startdate, enddate, days, batch, extensions,
- conf, verbose, certopt, nameopt, default_op,
+ conf, verbose, certopt, get_nameopt(), default_op,
ext_copy);
if (j < 0)
goto end;
j = certify(&x, infile, pkey, x509p, dgst, sigopts, attribs, db,
serial, subj, chtype, multirdn, email_dn, startdate,
enddate, days, batch, extensions, conf, verbose,
- certopt, nameopt, default_op, ext_copy, selfsign);
+ certopt, get_nameopt(), default_op, ext_copy, selfsign);
if (j < 0)
goto end;
if (j > 0) {
j = certify(&x, argv[i], pkey, x509p, dgst, sigopts, attribs, db,
serial, subj, chtype, multirdn, email_dn, startdate,
enddate, days, batch, extensions, conf, verbose,
- certopt, nameopt, default_op, ext_copy, selfsign);
+ certopt, get_nameopt(), default_op, ext_copy, selfsign);
if (j < 0)
goto end;
if (j > 0) {
goto end;
}
if (verbose)
- X509_REQ_print(bio_err, req);
+ X509_REQ_print_ex(bio_err, req, nameopt, X509_FLAG_COMPAT);
BIO_printf(bio_err, "Check that the request matches the signature\n");
X509_OBJECT *xobj = NULL;
EVP_PKEY *pkey;
const EVP_MD *digest = EVP_sha1();
- unsigned long nmflag = 0;
- char nmflag_set = 0;
char *infile = NULL, *outfile = NULL, *crldiff = NULL, *keyfile = NULL;
const char *CAfile = NULL, *CApath = NULL, *prog;
OPTION_CHOICE o;
badsig = 1;
break;
case OPT_NAMEOPT:
- nmflag_set = 1;
- if (!set_name_ex(&nmflag, opt_arg()))
+ if (!set_nameopt(opt_arg()))
goto opthelp;
break;
case OPT_MD:
if (argc != 0)
goto opthelp;
- if (!nmflag_set)
- nmflag = XN_FLAG_ONELINE;
-
x = load_crl(infile, informat);
if (x == NULL)
goto end;
for (i = 1; i <= num; i++) {
if (issuer == i) {
print_name(bio_out, "issuer=", X509_CRL_get_issuer(x),
- nmflag);
+ get_nameopt());
}
if (crlnumber == i) {
ASN1_INTEGER *crlnum;
goto end;
if (text)
- X509_CRL_print(out, x);
+ X509_CRL_print_ex(out, x, get_nameopt());
if (noout) {
ret = 0;
for (i = 0; i < sk_X509_CRL_num(crls); i++) {
crl = sk_X509_CRL_value(crls, i);
- X509_CRL_print(out, crl);
+ X509_CRL_print_ex(out, crl, get_nameopt());
if (!noout)
PEM_write_bio_X509_CRL(out, crl);
int modulus = 0, multirdn = 0, verify = 0, noout = 0, text = 0;
int nodes = 0, newhdr = 0, subject = 0, pubkey = 0, precert = 0;
long newkey = -1;
- unsigned long chtype = MBSTRING_ASC, nmflag = 0, reqflag = 0;
- char nmflag_set = 0;
+ unsigned long chtype = MBSTRING_ASC, reqflag = 0;
#ifndef OPENSSL_NO_DES
cipher = EVP_des_ede3_cbc();
chtype = MBSTRING_UTF8;
break;
case OPT_NAMEOPT:
- nmflag_set = 1;
- if (!set_name_ex(&nmflag, opt_arg()))
+ if (!set_nameopt(opt_arg()))
goto opthelp;
break;
case OPT_REQOPT:
if (argc != 0)
goto opthelp;
- if (!nmflag_set)
- nmflag = XN_FLAG_ONELINE;
-
/* TODO: simplify this as pkey is still always NULL here */
private = newreq && (pkey == NULL) ? 1 : 0;
if (verbose) {
BIO_printf(bio_err, "Modifying Request's Subject\n");
print_name(bio_err, "old subject=",
- X509_REQ_get_subject_name(req), nmflag);
+ X509_REQ_get_subject_name(req), get_nameopt());
}
if (build_subject(req, subj, chtype, multirdn) == 0) {
if (verbose) {
print_name(bio_err, "new subject=",
- X509_REQ_get_subject_name(req), nmflag);
+ X509_REQ_get_subject_name(req), get_nameopt());
}
}
if (text) {
if (x509)
- X509_print_ex(out, x509ss, nmflag, reqflag);
+ X509_print_ex(out, x509ss, get_nameopt(), reqflag);
else
- X509_REQ_print_ex(out, req, nmflag, reqflag);
+ X509_REQ_print_ex(out, req, get_nameopt(), reqflag);
}
if (subject) {
if (x509)
print_name(out, "subject=", X509_get_subject_name(x509ss),
- nmflag);
+ get_nameopt());
else
print_name(out, "subject=", X509_REQ_get_subject_name(req),
- nmflag);
+ get_nameopt());
}
if (modulus) {
long bio_dump_callback(BIO *bio, int cmd, const char *argp,
int argi, long argl, long ret);
-int set_nameopt(const char *arg);
-
#ifdef HEADER_SSL_H
void apps_ssl_info_callback(const SSL *s, int where, int ret);
void msg_cb(int write_p, int version, int content_type, const void *buf,
static int cookie_initialized = 0;
#endif
static BIO *bio_keylog = NULL;
-static unsigned long nmflag = XN_FLAG_ONELINE;
-
-int set_nameopt(const char *arg)
-{
- return set_name_ex(&nmflag, arg);
-}
static const char *lookup(int val, const STRINT_PAIR* list, const char* def)
{
if (err_cert) {
X509_NAME_print_ex(bio_err,
X509_get_subject_name(err_cert),
- 0, nmflag);
+ 0, get_nameopt());
BIO_puts(bio_err, "\n");
} else
BIO_puts(bio_err, "<no cert>\n");
case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
BIO_puts(bio_err, "issuer= ");
X509_NAME_print_ex(bio_err, X509_get_issuer_name(err_cert),
- 0, nmflag);
+ 0, get_nameopt());
BIO_puts(bio_err, "\n");
break;
case X509_V_ERR_CERT_NOT_YET_VALID:
rv = SSL_check_chain(ssl, exc->cert, exc->key, exc->chain);
BIO_printf(bio_err, "Checking cert chain %d:\nSubject: ", i);
X509_NAME_print_ex(bio_err, X509_get_subject_name(exc->cert), 0,
- nmflag);
+ get_nameopt());
BIO_puts(bio_err, "\n");
print_chain_flags(ssl, rv);
if (rv & CERT_PKEY_VALID) {
BIO_puts(bio_err, "Peer certificate: ");
X509_NAME_print_ex(bio_err, X509_get_subject_name(peer),
- 0, nmflag);
+ 0, get_nameopt());
BIO_puts(bio_err, "\n");
if (SSL_get_peer_signature_nid(s, &nid))
BIO_printf(bio_err, "Hash used: %s\n", OBJ_nid2sn(nid));
BIO_printf(bio, "---\nAcceptable %s certificate CA names\n",cs);
for (i = 0; i < sk_X509_NAME_num(sk); i++) {
- X509_NAME_print_ex(bio, sk_X509_NAME_value(sk, i), 0, XN_FLAG_ONELINE);
+ X509_NAME_print_ex(bio, sk_X509_NAME_value(sk, i), 0, get_nameopt());
BIO_write(bio, "\n", 1);
}
}
static void print_stuff(BIO *bio, SSL *s, int full)
{
X509 *peer = NULL;
- char buf[BUFSIZ];
STACK_OF(X509) *sk;
const SSL_CIPHER *c;
int i;
BIO_printf(bio, "---\nCertificate chain\n");
for (i = 0; i < sk_X509_num(sk); i++) {
- X509_NAME_oneline(X509_get_subject_name(sk_X509_value(sk, i)),
- buf, sizeof buf);
- BIO_printf(bio, "%2d s:%s\n", i, buf);
- X509_NAME_oneline(X509_get_issuer_name(sk_X509_value(sk, i)),
- buf, sizeof buf);
- BIO_printf(bio, " i:%s\n", buf);
+ BIO_printf(bio, "%2d s:", i);
+ X509_NAME_print_ex(bio, X509_get_subject_name(sk_X509_value(sk, i)), 0, get_nameopt());
+ BIO_puts(bio, "\n");
+ BIO_printf(bio, " i:");
+ X509_NAME_print_ex(bio, X509_get_issuer_name(sk_X509_value(sk, i)), 0, get_nameopt());
+ BIO_puts(bio, "\n");
if (c_showcerts)
PEM_write_bio_X509(bio, sk_X509_value(sk, i));
}
/* Redundant if we showed the whole chain */
if (!(c_showcerts && got_a_chain))
PEM_write_bio_X509(bio, peer);
- X509_NAME_oneline(X509_get_subject_name(peer), buf, sizeof buf);
- BIO_printf(bio, "subject=%s\n", buf);
- X509_NAME_oneline(X509_get_issuer_name(peer), buf, sizeof buf);
- BIO_printf(bio, "issuer=%s\n", buf);
+ dump_cert_text(bio, peer);
} else {
BIO_printf(bio, "no peer certificate available\n");
}
if (peer != NULL) {
BIO_printf(bio_s_out, "Client certificate\n");
PEM_write_bio_X509(bio_s_out, peer);
- X509_NAME_oneline(X509_get_subject_name(peer), buf, sizeof buf);
- BIO_printf(bio_s_out, "subject=%s\n", buf);
- X509_NAME_oneline(X509_get_issuer_name(peer), buf, sizeof buf);
- BIO_printf(bio_s_out, "issuer=%s\n", buf);
+ dump_cert_text(bio_s_out, peer);
X509_free(peer);
peer = NULL;
}
STACK_OF(X509) *uchain, STACK_OF(X509) *tchain,
STACK_OF(X509_CRL) *crls, int show_chain);
static int v_verbose = 0, vflags = 0;
-static unsigned long nmflag = 0;
typedef enum OPTION_choice {
OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
const char *prog, *CApath = NULL, *CAfile = NULL;
int noCApath = 0, noCAfile = 0;
int vpmtouched = 0, crl_download = 0, show_chain = 0, i = 0, ret = 1;
- char nmflag_set = 0;
OPTION_CHOICE o;
if ((vpm = X509_VERIFY_PARAM_new()) == NULL)
show_chain = 1;
break;
case OPT_NAMEOPT:
- nmflag_set = 1;
- if (!set_name_ex(&nmflag, opt_arg()))
+ if (!set_nameopt(opt_arg()))
goto end;
break;
case OPT_VERBOSE:
goto end;
}
- if (!nmflag_set)
- nmflag = XN_FLAG_ONELINE;
-
if ((store = setup_verify(CAfile, CApath, noCAfile, noCApath)) == NULL)
goto end;
X509_STORE_set_verify_cb(store, cb);
printf("depth=%d: ", j);
X509_NAME_print_ex_fp(stdout,
X509_get_subject_name(cert),
- 0, nmflag);
+ 0, get_nameopt());
if (j < num_untrusted)
printf(" (untrusted)");
printf("\n");
if (current_cert) {
X509_NAME_print_ex(bio_err,
X509_get_subject_name(current_cert),
- 0, nmflag);
+ 0, get_nameopt());
BIO_printf(bio_err, "\n");
}
BIO_printf(bio_err, "%serror %d at %d depth lookup: %s\n",
char *checkhost = NULL, *checkemail = NULL, *checkip = NULL;
char *extsect = NULL, *extfile = NULL, *passin = NULL, *passinarg = NULL;
char *infile = NULL, *outfile = NULL, *keyfile = NULL, *CAfile = NULL;
- char buf[256], *prog;
+ char *prog;
int x509req = 0, days = DEF_DAYS, modulus = 0, pubkey = 0, pprint = 0;
int C = 0, CAformat = FORMAT_PEM, CAkeyformat = FORMAT_PEM;
int fingerprint = 0, reqfile = 0, need_rand = 0, checkend = 0;
int text = 0, serial = 0, subject = 0, issuer = 0, startdate = 0;
int enddate = 0;
time_t checkoffset = 0;
- unsigned long nmflag = 0, certflag = 0;
- char nmflag_set = 0;
+ unsigned long certflag = 0;
OPTION_CHOICE o;
ENGINE *e = NULL;
#ifndef OPENSSL_NO_MD5
goto opthelp;
break;
case OPT_NAMEOPT:
- nmflag_set = 1;
- if (!set_name_ex(&nmflag, opt_arg()))
+ if (!set_nameopt(opt_arg()))
goto opthelp;
break;
case OPT_ENGINE:
goto opthelp;
}
- if (!nmflag_set)
- nmflag = XN_FLAG_ONELINE;
-
out = bio_open_default(outfile, 'w', outformat);
if (out == NULL)
goto end;
BIO_printf(bio_err, "Signature ok\n");
print_name(bio_err, "subject=", X509_REQ_get_subject_name(req),
- nmflag);
+ get_nameopt());
if ((x = X509_new()) == NULL)
goto end;
if (num) {
for (i = 1; i <= num; i++) {
if (issuer == i) {
- print_name(out, "issuer=", X509_get_issuer_name(x), nmflag);
+ print_name(out, "issuer=", X509_get_issuer_name(x), get_nameopt());
} else if (subject == i) {
print_name(out, "subject=",
- X509_get_subject_name(x), nmflag);
+ X509_get_subject_name(x), get_nameopt());
} else if (serial == i) {
BIO_printf(out, "serial=");
i2a_ASN1_INTEGER(out, X509_get_serialNumber(x));
char *m;
int len;
- X509_NAME_oneline(X509_get_subject_name(x), buf, sizeof buf);
- BIO_printf(out, "/*\n"
- " * Subject: %s\n", buf);
-
- X509_NAME_oneline(X509_get_issuer_name(x), buf, sizeof buf);
- BIO_printf(out, " * Issuer: %s\n"
- " */\n", buf);
+ print_name(out, "/*\n"
+ " * Subject: ", X509_get_subject_name(x), get_nameopt());
+ print_name(out, " * Issuer: ", X509_get_issuer_name(x), get_nameopt());
+ BIO_puts(out, " */\n");
len = i2d_X509(x, NULL);
m = app_malloc(len, "x509 name buffer");
print_array(out, "the_certificate", len, (unsigned char *)m);
OPENSSL_free(m);
} else if (text == i) {
- X509_print_ex(out, x, nmflag, certflag);
+ X509_print_ex(out, x, get_nameopt(), certflag);
} else if (startdate == i) {
BIO_puts(out, "notBefore=");
ASN1_TIME_print(out, X509_get0_notBefore(x));
goto end;
}
if (!noout) {
- X509_REQ_print(out, rq);
+ X509_REQ_print_ex(out, rq, get_nameopt(), X509_FLAG_COMPAT);
PEM_write_bio_X509_REQ(out, rq);
}
noout = 1;
#endif
int X509_CRL_print(BIO *out, X509_CRL *x)
+{
+ return X509_CRL_print_ex(out, x, XN_FLAG_COMPAT);
+}
+
+int X509_CRL_print_ex(BIO *out, X509_CRL *x, unsigned long nmflag)
{
STACK_OF(X509_REVOKED) *rev;
X509_REVOKED *r;
const ASN1_BIT_STRING *sig;
long l;
int i;
- char *p;
BIO_printf(out, "Certificate Revocation List (CRL):\n");
l = X509_CRL_get_version(x);
BIO_printf(out, "%8sVersion unknown (%ld)\n", "", l);
X509_CRL_get0_signature(x, &sig, &sig_alg);
X509_signature_print(out, sig_alg, NULL);
- p = X509_NAME_oneline(X509_CRL_get_issuer(x), NULL, 0);
- BIO_printf(out, "%8sIssuer: %s\n", "", p);
- OPENSSL_free(p);
+ BIO_printf(out, "%8sIssuer: ", "");
+ X509_NAME_print_ex(out, X509_CRL_get_issuer(x), 0, nmflag);
+ BIO_puts(out, "\n");
BIO_printf(out, "%8sLast Update: ", "");
ASN1_TIME_print(out, X509_CRL_get0_lastUpdate(x));
BIO_printf(out, "\n%8sNext Update: ", "");
unsigned long cflag);
int X509_print(BIO *bp, X509 *x);
int X509_ocspid_print(BIO *bp, X509 *x);
+int X509_CRL_print_ex(BIO *out, X509_CRL *x, unsigned long nmflag);
int X509_CRL_print(BIO *bp, X509_CRL *x);
int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflag,
unsigned long cflag);
--- /dev/null
+-----BEGIN X509 CRL-----
+MIIB6DCB0QIBATANBgkqhkiG9w0BAQsFADCBjjELMAkGA1UEBhMCUlUxFTATBgNV
+BAgMDNCc0L7RgdC60LLQsDELMAkGA1UECgwC0K8xCzAJBgNVBAsMAtCvMSowKAYD
+VQQDDCHQlNC80LjRgtGA0LjQuSDQkdC10LvRj9Cy0YHQutC40LkxIjAgBgkqhkiG
+9w0BCQEWE2JlbGRtaXRAZXhhbXBsZS5jb20XDTE3MDQyNDEzMjUzMVoXDTE3MDUy
+NDEzMjUzMVqgDjAMMAoGA1UdFAQDAgEBMA0GCSqGSIb3DQEBCwUAA4IBAQCF5eX+
+1BM/BxoHU2/3pQHJgPSKevN0/K/daiFHiJl7Kb9GCwKY14B1RvbN2rUP/58Mt+aq
+jvauf1yBzlaJQeJKZcsCmG9p6Tr1y0BJXhrq5kC0SLyNDsfGUTfuxnwmo+clHXRU
++gKuk+h0WkJL022ZYbJ38w588k4NT3CWVHeE23EDC264p942mlDE7en6MyL152Pe
+Ld9YrWiq5iOIOrIbQLErq0EjwxvHG9sMiYFUa6VrwmRf26nyZ7u9RKJDP+o2dltw
+diBaSXC3Qt3pZ8BIfv/l81lwp8Dr63SwCII2pIRplyICdQqmX/a+1q8kThXIP2Kx
++X48g7VE2o2X4cfy
+-----END X509 CRL-----
--- /dev/null
+Certificate Revocation List (CRL):
+ Version 2 (0x1)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=RU, ST=Москва, O=Я, OU=Я, CN=Дмитрий Белявский, emailAddress=beldmit@example.com
+ Last Update: Apr 24 13:25:31 2017 GMT
+ Next Update: May 24 13:25:31 2017 GMT
+ CRL extensions:
+ X509v3 CRL Number:
+ 1
+No Revoked Certificates.
+ Signature Algorithm: sha256WithRSAEncryption
+ 85:e5:e5:fe:d4:13:3f:07:1a:07:53:6f:f7:a5:01:c9:80:f4:
+ 8a:7a:f3:74:fc:af:dd:6a:21:47:88:99:7b:29:bf:46:0b:02:
+ 98:d7:80:75:46:f6:cd:da:b5:0f:ff:9f:0c:b7:e6:aa:8e:f6:
+ ae:7f:5c:81:ce:56:89:41:e2:4a:65:cb:02:98:6f:69:e9:3a:
+ f5:cb:40:49:5e:1a:ea:e6:40:b4:48:bc:8d:0e:c7:c6:51:37:
+ ee:c6:7c:26:a3:e7:25:1d:74:54:fa:02:ae:93:e8:74:5a:42:
+ 4b:d3:6d:99:61:b2:77:f3:0e:7c:f2:4e:0d:4f:70:96:54:77:
+ 84:db:71:03:0b:6e:b8:a7:de:36:9a:50:c4:ed:e9:fa:33:22:
+ f5:e7:63:de:2d:df:58:ad:68:aa:e6:23:88:3a:b2:1b:40:b1:
+ 2b:ab:41:23:c3:1b:c7:1b:db:0c:89:81:54:6b:a5:6b:c2:64:
+ 5f:db:a9:f2:67:bb:bd:44:a2:43:3f:ea:36:76:5b:70:76:20:
+ 5a:49:70:b7:42:dd:e9:67:c0:48:7e:ff:e5:f3:59:70:a7:c0:
+ eb:eb:74:b0:08:82:36:a4:84:69:97:22:02:75:0a:a6:5f:f6:
+ be:d6:af:24:4e:15:c8:3f:62:b1:f9:7e:3c:83:b5:44:da:8d:
+ 97:e1:c7:f2
+-----BEGIN X509 CRL-----
+MIIB6DCB0QIBATANBgkqhkiG9w0BAQsFADCBjjELMAkGA1UEBhMCUlUxFTATBgNV
+BAgMDNCc0L7RgdC60LLQsDELMAkGA1UECgwC0K8xCzAJBgNVBAsMAtCvMSowKAYD
+VQQDDCHQlNC80LjRgtGA0LjQuSDQkdC10LvRj9Cy0YHQutC40LkxIjAgBgkqhkiG
+9w0BCQEWE2JlbGRtaXRAZXhhbXBsZS5jb20XDTE3MDQyNDEzMjUzMVoXDTE3MDUy
+NDEzMjUzMVqgDjAMMAoGA1UdFAQDAgEBMA0GCSqGSIb3DQEBCwUAA4IBAQCF5eX+
+1BM/BxoHU2/3pQHJgPSKevN0/K/daiFHiJl7Kb9GCwKY14B1RvbN2rUP/58Mt+aq
+jvauf1yBzlaJQeJKZcsCmG9p6Tr1y0BJXhrq5kC0SLyNDsfGUTfuxnwmo+clHXRU
++gKuk+h0WkJL022ZYbJ38w588k4NT3CWVHeE23EDC264p942mlDE7en6MyL152Pe
+Ld9YrWiq5iOIOrIbQLErq0EjwxvHG9sMiYFUa6VrwmRf26nyZ7u9RKJDP+o2dltw
+diBaSXC3Qt3pZ8BIfv/l81lwp8Dr63SwCII2pIRplyICdQqmX/a+1q8kThXIP2Kx
++X48g7VE2o2X4cfy
+-----END X509 CRL-----
setup("test_crl");
-plan tests => 5;
+plan tests => 7;
require_ok(srctop_file('test','recipes','tconversion.pl'));
+my $pem = srctop_file("test/certs", "cyrillic_crl.pem");
+my $out = "cyrillic_crl.out";
+my $utf = srctop_file("test/certs", "cyrillic_crl.utf8");
+
subtest 'crl conversions' => sub {
tconversion("crl", srctop_file("test","testcrl.pem"));
};
srctop_file('test', 'testcrl.pem')],
'SHA256 Fingerprint=B3:A9:FD:A7:2E:8C:3D:DF:D0:F1:C3:1A:96:60:B5:FD:B0:99:7C:7F:0E:E4:34:F5:DB:87:62:36:BC:F1:BC:1B'));
+ok(run(app(["openssl", "crl", "-text", "-in", $pem, "-out", $out,
+ "-nameopt", "utf8"])));
+is(cmp_text($out, srctop_file("test/certs", "cyrillic_crl.utf8")),
+ 0, 'Comparing utf8 output');
+unlink $out;
+
sub compare1stline {
my ($cmdarray, $str) = @_;
my @lines = run(app($cmdarray), capture => 1);
ZINT64_it 4215 1_1_0f EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
CRYPTO_mem_leaks_cb 4216 1_1_1 EXIST::FUNCTION:CRYPTO_MDEBUG
BIO_lookup_ex 4217 1_1_1 EXIST::FUNCTION:SOCK
+X509_CRL_print_ex 4218 1_1_1 EXIST::FUNCTION: