Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
OpenHarmony
Third Party Openssl
提交
0996dc54
T
Third Party Openssl
项目概览
OpenHarmony
/
Third Party Openssl
1 年多 前同步成功
通知
10
Star
18
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
T
Third Party Openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
提交
0996dc54
编写于
1月 16, 2016
作者:
V
Viktor Dukhovni
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Refactor apps load_certs/load_crls to work incrementally
Reviewed-by:
N
Richard Levitte
<
levitte@openssl.org
>
上级
6e8beabc
变更
10
显示空白变更内容
内联
并排
Showing
10 changed file
with
45 addition
and
64 deletion
+45
-64
apps/apps.c
apps/apps.c
+14
-16
apps/apps.h
apps/apps.h
+4
-6
apps/cms.c
apps/cms.c
+2
-2
apps/ocsp.c
apps/ocsp.c
+6
-9
apps/pkcs12.c
apps/pkcs12.c
+4
-9
apps/s_cb.c
apps/s_cb.c
+2
-3
apps/s_client.c
apps/s_client.c
+2
-3
apps/s_server.c
apps/s_server.c
+4
-6
apps/smime.c
apps/smime.c
+2
-2
apps/verify.c
apps/verify.c
+5
-8
未找到文件。
apps/apps.c
浏览文件 @
0996dc54
...
...
@@ -921,13 +921,13 @@ static int load_certs_crls(const char *file, int format,
BIO_free
(
bio
);
if
(
pcerts
)
{
if
(
pcerts
&&
*
pcerts
==
NULL
)
{
*
pcerts
=
sk_X509_new_null
();
if
(
!*
pcerts
)
goto
end
;
}
if
(
pcrls
)
{
if
(
pcrls
&&
*
pcrls
==
NULL
)
{
*
pcrls
=
sk_X509_CRL_new_null
();
if
(
!*
pcrls
)
goto
end
;
...
...
@@ -986,24 +986,22 @@ void* app_malloc(int sz, const char *what)
return
vp
;
}
STACK_OF
(
X509
)
*
load_certs
(
const
char
*
file
,
int
format
,
/*
* Initialize or extend, if *certs != NULL, a certificate stack.
*/
int
load_certs
(
const
char
*
file
,
STACK_OF
(
X509
)
**
certs
,
int
format
,
const
char
*
pass
,
ENGINE
*
e
,
const
char
*
desc
)
{
STACK_OF
(
X509
)
*
certs
;
if
(
!
load_certs_crls
(
file
,
format
,
pass
,
e
,
desc
,
&
certs
,
NULL
))
return
NULL
;
return
certs
;
return
load_certs_crls
(
file
,
format
,
pass
,
e
,
desc
,
certs
,
NULL
);
}
STACK_OF
(
X509_CRL
)
*
load_crls
(
const
char
*
file
,
int
format
,
/*
* Initialize or extend, if *crls != NULL, a certificate stack.
*/
int
load_crls
(
const
char
*
file
,
STACK_OF
(
X509_CRL
)
**
crls
,
int
format
,
const
char
*
pass
,
ENGINE
*
e
,
const
char
*
desc
)
{
STACK_OF
(
X509_CRL
)
*
crls
;
if
(
!
load_certs_crls
(
file
,
format
,
pass
,
e
,
desc
,
NULL
,
&
crls
))
return
NULL
;
return
crls
;
return
load_certs_crls
(
file
,
format
,
pass
,
e
,
desc
,
NULL
,
crls
);
}
#define X509V3_EXT_UNKNOWN_MASK (0xfL << 16)
...
...
apps/apps.h
浏览文件 @
0996dc54
...
...
@@ -443,12 +443,10 @@ EVP_PKEY *load_key(const char *file, int format, int maybe_stdin,
const
char
*
pass
,
ENGINE
*
e
,
const
char
*
key_descrip
);
EVP_PKEY
*
load_pubkey
(
const
char
*
file
,
int
format
,
int
maybe_stdin
,
const
char
*
pass
,
ENGINE
*
e
,
const
char
*
key_descrip
);
STACK_OF
(
X509
)
*
load_certs
(
const
char
*
file
,
int
format
,
const
char
*
pass
,
ENGINE
*
e
,
const
char
*
cert_descrip
);
STACK_OF
(
X509_CRL
)
*
load_crls
(
const
char
*
file
,
int
format
,
const
char
*
pass
,
ENGINE
*
e
,
const
char
*
cert_descrip
);
int
load_certs
(
const
char
*
file
,
STACK_OF
(
X509
)
**
certs
,
int
format
,
const
char
*
pass
,
ENGINE
*
e
,
const
char
*
cert_descrip
);
int
load_crls
(
const
char
*
file
,
STACK_OF
(
X509_CRL
)
**
crls
,
int
format
,
const
char
*
pass
,
ENGINE
*
e
,
const
char
*
cert_descrip
);
X509_STORE
*
setup_verify
(
char
*
CAfile
,
char
*
CApath
,
int
noCAfile
,
int
noCApath
);
int
ctx_set_verify_locations
(
SSL_CTX
*
ctx
,
const
char
*
CAfile
,
...
...
apps/cms.c
浏览文件 @
0996dc54
...
...
@@ -735,8 +735,8 @@ int cms_main(int argc, char **argv)
}
if
(
certfile
)
{
if
(
(
other
=
load_certs
(
certfile
,
FORMAT_PEM
,
NULL
,
e
,
"certificate file"
))
==
NULL
)
{
if
(
!
load_certs
(
certfile
,
&
other
,
FORMAT_PEM
,
NULL
,
e
,
"certificate file"
)
)
{
ERR_print_errors
(
bio_err
);
goto
end
;
}
...
...
apps/ocsp.c
浏览文件 @
0996dc54
...
...
@@ -533,9 +533,8 @@ int ocsp_main(int argc, char **argv)
rca_cert
=
load_cert
(
rca_filename
,
FORMAT_PEM
,
NULL
,
NULL
,
"CA certificate"
);
if
(
rcertfile
)
{
rother
=
load_certs
(
rcertfile
,
FORMAT_PEM
,
NULL
,
NULL
,
"responder other certificates"
);
if
(
!
rother
)
if
(
!
load_certs
(
rcertfile
,
&
rother
,
FORMAT_PEM
,
NULL
,
NULL
,
"responder other certificates"
))
goto
end
;
}
rkey
=
load_key
(
rkeyfile
,
FORMAT_PEM
,
0
,
NULL
,
NULL
,
...
...
@@ -578,9 +577,8 @@ int ocsp_main(int argc, char **argv)
goto
end
;
}
if
(
sign_certfile
)
{
sign_other
=
load_certs
(
sign_certfile
,
FORMAT_PEM
,
NULL
,
NULL
,
"signer certificates"
);
if
(
!
sign_other
)
if
(
!
load_certs
(
sign_certfile
,
&
sign_other
,
FORMAT_PEM
,
NULL
,
NULL
,
"signer certificates"
))
goto
end
;
}
key
=
load_key
(
keyfile
,
FORMAT_PEM
,
0
,
NULL
,
NULL
,
...
...
@@ -702,9 +700,8 @@ int ocsp_main(int argc, char **argv)
if
(
vpmtouched
)
X509_STORE_set1_param
(
store
,
vpm
);
if
(
verify_certfile
)
{
verify_other
=
load_certs
(
verify_certfile
,
FORMAT_PEM
,
NULL
,
NULL
,
"validator certificate"
);
if
(
!
verify_other
)
if
(
!
load_certs
(
verify_certfile
,
&
verify_other
,
FORMAT_PEM
,
NULL
,
NULL
,
"validator certificate"
))
goto
end
;
}
...
...
apps/pkcs12.c
浏览文件 @
0996dc54
...
...
@@ -395,9 +395,8 @@ int pkcs12_main(int argc, char **argv)
/* Load in all certs in input file */
if
(
!
(
options
&
NOCERTS
))
{
certs
=
load_certs
(
infile
,
FORMAT_PEM
,
NULL
,
e
,
"certificates"
);
if
(
!
certs
)
if
(
!
load_certs
(
infile
,
&
certs
,
FORMAT_PEM
,
NULL
,
e
,
"certificates"
))
goto
export_end
;
if
(
key
)
{
...
...
@@ -425,13 +424,9 @@ int pkcs12_main(int argc, char **argv)
/* Add any more certificates asked for */
if
(
certfile
)
{
STACK_OF
(
X509
)
*
morecerts
=
NULL
;
if
((
morecerts
=
load_certs
(
certfile
,
FORMAT_PEM
,
NULL
,
e
,
"certificates from certfile"
))
==
NULL
)
if
(
!
load_certs
(
certfile
,
&
certs
,
FORMAT_PEM
,
NULL
,
e
,
"certificates from certfile"
))
goto
export_end
;
while
(
sk_X509_num
(
morecerts
)
>
0
)
sk_X509_push
(
certs
,
sk_X509_shift
(
morecerts
));
sk_X509_free
(
morecerts
);
}
/* If chaining get chain from user cert */
...
...
apps/s_cb.c
浏览文件 @
0996dc54
...
...
@@ -1002,9 +1002,8 @@ int load_excert(SSL_EXCERT **pexc)
if
(
!
exc
->
key
)
return
0
;
if
(
exc
->
chainfile
)
{
exc
->
chain
=
load_certs
(
exc
->
chainfile
,
FORMAT_PEM
,
NULL
,
NULL
,
"Server Chain"
);
if
(
!
exc
->
chain
)
if
(
!
load_certs
(
exc
->
chainfile
,
&
exc
->
chain
,
FORMAT_PEM
,
NULL
,
NULL
,
"Server Chain"
))
return
0
;
}
}
...
...
apps/s_client.c
浏览文件 @
0996dc54
...
...
@@ -1331,9 +1331,8 @@ int s_client_main(int argc, char **argv)
}
if
(
chain_file
)
{
chain
=
load_certs
(
chain_file
,
FORMAT_PEM
,
NULL
,
e
,
"client certificate chain"
);
if
(
!
chain
)
if
(
!
load_certs
(
chain_file
,
&
chain
,
FORMAT_PEM
,
NULL
,
e
,
"client certificate chain"
))
goto
end
;
}
...
...
apps/s_server.c
浏览文件 @
0996dc54
...
...
@@ -1507,9 +1507,8 @@ int s_server_main(int argc, char *argv[])
goto
end
;
}
if
(
s_chain_file
)
{
s_chain
=
load_certs
(
s_chain_file
,
FORMAT_PEM
,
NULL
,
e
,
"server certificate chain"
);
if
(
!
s_chain
)
if
(
!
load_certs
(
s_chain_file
,
&
s_chain
,
FORMAT_PEM
,
NULL
,
e
,
"server certificate chain"
))
goto
end
;
}
...
...
@@ -1587,9 +1586,8 @@ int s_server_main(int argc, char *argv[])
goto
end
;
}
if
(
s_dchain_file
)
{
s_dchain
=
load_certs
(
s_dchain_file
,
FORMAT_PEM
,
NULL
,
e
,
"second server certificate chain"
);
if
(
!
s_dchain
)
if
(
!
load_certs
(
s_dchain_file
,
&
s_dchain
,
FORMAT_PEM
,
NULL
,
e
,
"second server certificate chain"
))
goto
end
;
}
...
...
apps/smime.c
浏览文件 @
0996dc54
...
...
@@ -468,8 +468,8 @@ int smime_main(int argc, char **argv)
}
if
(
certfile
)
{
if
(
(
other
=
load_certs
(
certfile
,
FORMAT_PEM
,
NULL
,
e
,
"certificate file"
))
==
NULL
)
{
if
(
!
load_certs
(
certfile
,
&
other
,
FORMAT_PEM
,
NULL
,
e
,
"certificate file"
)
)
{
ERR_print_errors
(
bio_err
);
goto
end
;
}
...
...
apps/verify.c
浏览文件 @
0996dc54
...
...
@@ -208,22 +208,19 @@ int verify_main(int argc, char **argv)
ERR_clear_error
();
if
(
untfile
)
{
untrusted
=
load_certs
(
untfile
,
FORMAT_PEM
,
NULL
,
e
,
"untrusted certificates"
);
if
(
!
untrusted
)
if
(
!
load_certs
(
untfile
,
&
untrusted
,
FORMAT_PEM
,
NULL
,
e
,
"untrusted certificates"
))
goto
end
;
}
if
(
trustfile
)
{
trusted
=
load_certs
(
trustfile
,
FORMAT_PEM
,
NULL
,
e
,
"trusted certificates"
);
if
(
!
trusted
)
if
(
!
load_certs
(
trustfile
,
&
trusted
,
FORMAT_PEM
,
NULL
,
e
,
"trusted certificates"
))
goto
end
;
}
if
(
crlfile
)
{
crls
=
load_crls
(
crlfile
,
FORMAT_PEM
,
NULL
,
e
,
"other CRLs"
);
if
(
!
crls
)
if
(
!
load_crls
(
crlfile
,
&
crls
,
FORMAT_PEM
,
NULL
,
e
,
"other CRLs"
))
goto
end
;
}
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录