allow setting of verify names in command line utilities and print out verify... (04e4b827) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

apps/apps.c

+19 −0

Original line number	Diff line number	Diff line
		@@ -2239,6 +2239,7 @@ int args_verify(char **pargs, int pargc,
		int purpose = 0, depth = -1;
		char *oldargs = pargs;
		char arg = pargs, argn = (*pargs)[1];
		const X509_VERIFY_PARAM *vpm = NULL;
		if (!strcmp(arg, "-policy"))
		{
		if (!argn)
		@@ -2276,6 +2277,21 @@ int args_verify(char **pargs, int pargc,
		}
		(*pargs)++;
		}
		else if (strcmp(arg,"-verify_name") == 0)
		{
		if (!argn)
		*badarg = 1;
		else
		{
		vpm = X509_VERIFY_PARAM_lookup(argn);
		if(!vpm)
		{
		BIO_printf(err, "unrecognized verify name\n");
		*badarg = 1;
		}
		}
		(*pargs)++;
		}
		else if (strcmp(arg,"-verify_depth") == 0)
		{
		if (!argn)
		@@ -2334,6 +2350,9 @@ int args_verify(char **pargs, int pargc,
		goto end;
		}

		if (vpm)
		X509_VERIFY_PARAM_set1(*pm, vpm);

		if (otmp)
		X509_VERIFY_PARAM_add0_policy(*pm, otmp);
		if (flags)

+17 −4

Original line number	Diff line number	Diff line
		@@ -234,13 +234,26 @@ end:
		BIO_printf(bio_err," [-engine e]");
		#endif
		BIO_printf(bio_err," cert1 cert2 ...\n");

		BIO_printf(bio_err,"recognized usages:\n");
		for(i = 0; i < X509_PURPOSE_get_count(); i++) {
		for(i = 0; i < X509_PURPOSE_get_count(); i++)
		{
		X509_PURPOSE *ptmp;
		ptmp = X509_PURPOSE_get0(i);
		BIO_printf(bio_err, "\t%-10s\t%s\n", X509_PURPOSE_get0_sname(ptmp),
		BIO_printf(bio_err, "\t%-10s\t%s\n",
		X509_PURPOSE_get0_sname(ptmp),
		X509_PURPOSE_get0_name(ptmp));
		}

		BIO_printf(bio_err,"recognized verify names:\n");
		for(i = 0; i < X509_VERIFY_PARAM_get_count(); i++)
		{
		const X509_VERIFY_PARAM *vptmp;
		vptmp = X509_VERIFY_PARAM_get0(i);
		BIO_printf(bio_err, "\t%-10s\n",
		X509_VERIFY_PARAM_get0_name(vptmp));
		}

		}
		if (vpm) X509_VERIFY_PARAM_free(vpm);
		if (cert_ctx != NULL) X509_STORE_free(cert_ctx);