diff options
| author | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2022-05-30 16:53:05 +0200 |
|---|---|---|
| committer | Hugo Landau <hlandau@openssl.org> | 2022-07-14 07:26:34 +0100 |
| commit | b74fc77b447ad6dd47a5d3dbe1dfedde75ff6278 (patch) | |
| tree | 675862bbaf7acd0c00481782e49de6b418751bea /apps/lib | |
| parent | fcdd41fea3ed56660ce03cec7f07217c99d90d31 (diff) | |
| download | openssl-new-b74fc77b447ad6dd47a5d3dbe1dfedde75ff6278.tar.gz | |
APPS/x509: With -CA but both -CAserial and -CAcreateserial not given, use random serial.
Also improve openssl-x509.pod.in and error handling of load_serial() in apps.c.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18373)
(cherry picked from commit ec8a3409487c871b440fa52bff7c3ef33378494a)
Diffstat (limited to 'apps/lib')
| -rw-r--r-- | apps/lib/apps.c | 18 |
1 files changed, 14 insertions, 4 deletions
diff --git a/apps/lib/apps.c b/apps/lib/apps.c index 8b952a1b03..c501e32f3f 100644 --- a/apps/lib/apps.c +++ b/apps/lib/apps.c @@ -1456,7 +1456,8 @@ static IMPLEMENT_LHASH_HASH_FN(index_name, OPENSSL_CSTRING) static IMPLEMENT_LHASH_COMP_FN(index_name, OPENSSL_CSTRING) #undef BSIZE #define BSIZE 256 -BIGNUM *load_serial(const char *serialfile, int create, ASN1_INTEGER **retai) +BIGNUM *load_serial(const char *serialfile, int *exists, int create, + ASN1_INTEGER **retai) { BIO *in = NULL; BIGNUM *ret = NULL; @@ -1468,6 +1469,8 @@ BIGNUM *load_serial(const char *serialfile, int create, ASN1_INTEGER **retai) goto err; in = BIO_new_file(serialfile, "r"); + if (exists != NULL) + *exists = in != NULL; if (in == NULL) { if (!create) { perror(serialfile); @@ -1475,8 +1478,14 @@ BIGNUM *load_serial(const char *serialfile, int create, ASN1_INTEGER **retai) } ERR_clear_error(); ret = BN_new(); - if (ret == NULL || !rand_serial(ret, ai)) + if (ret == NULL) { BIO_printf(bio_err, "Out of memory\n"); + } else if (!rand_serial(ret, ai)) { + BIO_printf(bio_err, "Error creating random number to store in %s\n", + serialfile); + BN_free(ret); + ret = NULL; + } } else { if (!a2i_ASN1_INTEGER(in, ai, buf, 1024)) { BIO_printf(bio_err, "Unable to load number from %s\n", @@ -1490,12 +1499,13 @@ BIGNUM *load_serial(const char *serialfile, int create, ASN1_INTEGER **retai) } } - if (ret && retai) { + if (ret != NULL && retai != NULL) { *retai = ai; ai = NULL; } err: - ERR_print_errors(bio_err); + if (ret == NULL) + ERR_print_errors(bio_err); BIO_free(in); ASN1_INTEGER_free(ai); return ret; |