From 04e4b8272614ab72d313af8d8e6488f8575e175e Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Thu, 25 Feb 2010 00:11:32 +0000 Subject: [PATCH] allow setting of verify names in command line utilities and print out verify names in verify utility --- apps/apps.c | 19 +++++++++++++++++++ apps/verify.c | 21 +++++++++++++++++---- 2 files changed, 36 insertions(+), 4 deletions(-) diff --git a/apps/apps.c b/apps/apps.c index 5dccea70d2..4688224213 100644 --- a/apps/apps.c +++ b/apps/apps.c @@ -2239,6 +2239,7 @@ int args_verify(char ***pargs, int *pargc, int purpose = 0, depth = -1; char **oldargs = *pargs; char *arg = **pargs, *argn = (*pargs)[1]; + const X509_VERIFY_PARAM *vpm = NULL; if (!strcmp(arg, "-policy")) { if (!argn) @@ -2276,6 +2277,21 @@ int args_verify(char ***pargs, int *pargc, } (*pargs)++; } + else if (strcmp(arg,"-verify_name") == 0) + { + if (!argn) + *badarg = 1; + else + { + vpm = X509_VERIFY_PARAM_lookup(argn); + if(!vpm) + { + BIO_printf(err, "unrecognized verify name\n"); + *badarg = 1; + } + } + (*pargs)++; + } else if (strcmp(arg,"-verify_depth") == 0) { if (!argn) @@ -2334,6 +2350,9 @@ int args_verify(char ***pargs, int *pargc, goto end; } + if (vpm) + X509_VERIFY_PARAM_set1(*pm, vpm); + if (otmp) X509_VERIFY_PARAM_add0_policy(*pm, otmp); if (flags) diff --git a/apps/verify.c b/apps/verify.c index 9163997e93..4fd6b192e3 100644 --- a/apps/verify.c +++ b/apps/verify.c @@ -234,13 +234,26 @@ end: BIO_printf(bio_err," [-engine e]"); #endif BIO_printf(bio_err," cert1 cert2 ...\n"); + BIO_printf(bio_err,"recognized usages:\n"); - for(i = 0; i < X509_PURPOSE_get_count(); i++) { + for(i = 0; i < X509_PURPOSE_get_count(); i++) + { X509_PURPOSE *ptmp; ptmp = X509_PURPOSE_get0(i); - BIO_printf(bio_err, "\t%-10s\t%s\n", X509_PURPOSE_get0_sname(ptmp), - X509_PURPOSE_get0_name(ptmp)); - } + BIO_printf(bio_err, "\t%-10s\t%s\n", + X509_PURPOSE_get0_sname(ptmp), + X509_PURPOSE_get0_name(ptmp)); + } + + BIO_printf(bio_err,"recognized verify names:\n"); + for(i = 0; i < X509_VERIFY_PARAM_get_count(); i++) + { + const X509_VERIFY_PARAM *vptmp; + vptmp = X509_VERIFY_PARAM_get0(i); + BIO_printf(bio_err, "\t%-10s\n", + X509_VERIFY_PARAM_get0_name(vptmp)); + } + } if (vpm) X509_VERIFY_PARAM_free(vpm); if (cert_ctx != NULL) X509_STORE_free(cert_ctx); -- 2.25.1