Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
btwise
openssl
提交
86a2f966
O
openssl
项目概览
btwise
/
openssl
通知
1
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
DevOps
流水线
流水线任务
计划
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
O
openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
86a2f966
编写于
2月 25, 2014
作者:
D
Dr. Stephen Henson
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Add -show_chain option to print out verified chain.
上级
a4cc3c80
变更
1
隐藏空白更改
内联
并排
Showing
1 changed file
with
24 addition
and
5 deletion
+24
-5
apps/verify.c
apps/verify.c
+24
-5
未找到文件。
apps/verify.c
浏览文件 @
86a2f966
...
...
@@ -72,7 +72,7 @@
static
int
MS_CALLBACK
cb
(
int
ok
,
X509_STORE_CTX
*
ctx
);
static
int
check
(
X509_STORE
*
ctx
,
char
*
file
,
STACK_OF
(
X509
)
*
uchain
,
STACK_OF
(
X509
)
*
tchain
,
STACK_OF
(
X509_CRL
)
*
crls
,
ENGINE
*
e
);
STACK_OF
(
X509_CRL
)
*
crls
,
ENGINE
*
e
,
int
show_chain
);
static
int
v_verbose
=
0
,
vflags
=
0
;
int
MAIN
(
int
,
char
**
);
...
...
@@ -88,7 +88,7 @@ int MAIN(int argc, char **argv)
X509_STORE
*
cert_ctx
=
NULL
;
X509_LOOKUP
*
lookup
=
NULL
;
X509_VERIFY_PARAM
*
vpm
=
NULL
;
int
crl_download
=
0
;
int
crl_download
=
0
,
show_chain
=
0
;
#ifndef OPENSSL_NO_ENGINE
char
*
engine
=
NULL
;
#endif
...
...
@@ -148,6 +148,8 @@ int MAIN(int argc, char **argv)
}
else
if
(
strcmp
(
*
argv
,
"-crl_download"
)
==
0
)
crl_download
=
1
;
else
if
(
strcmp
(
*
argv
,
"-show_chain"
)
==
0
)
show_chain
=
1
;
#ifndef OPENSSL_NO_ENGINE
else
if
(
strcmp
(
*
argv
,
"-engine"
)
==
0
)
{
...
...
@@ -231,13 +233,13 @@ int MAIN(int argc, char **argv)
ret
=
0
;
if
(
argc
<
1
)
{
if
(
1
!=
check
(
cert_ctx
,
NULL
,
untrusted
,
trusted
,
crls
,
e
))
if
(
1
!=
check
(
cert_ctx
,
NULL
,
untrusted
,
trusted
,
crls
,
e
,
show_chain
))
ret
=-
1
;
}
else
{
for
(
i
=
0
;
i
<
argc
;
i
++
)
if
(
1
!=
check
(
cert_ctx
,
argv
[
i
],
untrusted
,
trusted
,
crls
,
e
))
if
(
1
!=
check
(
cert_ctx
,
argv
[
i
],
untrusted
,
trusted
,
crls
,
e
,
show_chain
))
ret
=-
1
;
}
...
...
@@ -280,11 +282,12 @@ end:
static
int
check
(
X509_STORE
*
ctx
,
char
*
file
,
STACK_OF
(
X509
)
*
uchain
,
STACK_OF
(
X509
)
*
tchain
,
STACK_OF
(
X509_CRL
)
*
crls
,
ENGINE
*
e
)
STACK_OF
(
X509_CRL
)
*
crls
,
ENGINE
*
e
,
int
show_chain
)
{
X509
*
x
=
NULL
;
int
i
=
0
,
ret
=
0
;
X509_STORE_CTX
*
csc
;
STACK_OF
(
X509
)
*
chain
=
NULL
;
x
=
load_cert
(
bio_err
,
file
,
FORMAT_PEM
,
NULL
,
e
,
"certificate file"
);
if
(
x
==
NULL
)
...
...
@@ -307,6 +310,8 @@ static int check(X509_STORE *ctx, char *file,
if
(
crls
)
X509_STORE_CTX_set0_crls
(
csc
,
crls
);
i
=
X509_verify_cert
(
csc
);
if
(
i
>
0
&&
show_chain
)
chain
=
X509_STORE_CTX_get1_chain
(
csc
);
X509_STORE_CTX_free
(
csc
);
ret
=
0
;
...
...
@@ -318,6 +323,20 @@ end:
}
else
ERR_print_errors
(
bio_err
);
if
(
chain
)
{
printf
(
"Chain:
\n
"
);
for
(
i
=
0
;
i
<
sk_X509_num
(
chain
);
i
++
)
{
X509
*
cert
=
sk_X509_value
(
chain
,
i
);
printf
(
"depth=%d: "
,
i
);
X509_NAME_print_ex_fp
(
stdout
,
X509_get_subject_name
(
cert
),
0
,
XN_FLAG_ONELINE
);
printf
(
"
\n
"
);
}
sk_X509_pop_free
(
chain
,
X509_free
);
}
if
(
x
!=
NULL
)
X509_free
(
x
);
return
(
ret
);
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录