Some cleanups to apps/ca.c

#ifndef PATH_MAX

# define PATH_MAX 4096

#endif

#ifndef NAME_MAX

# define NAME_MAX 255

#endif

#define CERT_MAX (PATH_MAX + NAME_MAX)

#define BASE_SECTION            "ca"

    const char *serialfile = NULL, *subj = NULL;

    char *prog, *startdate = NULL, *enddate = NULL;

    char *dbfile = NULL, *f;

    char new_cert[CERT_MAX + 1];

    char new_cert[PATH_MAX];

    char tmp[10 + 1] = "\0";

    char *const *pp;

    const char *p;

    size_t outdirlen = 0;

    int create_ser = 0, free_key = 0, total = 0, total_done = 0;

    int batch = 0, default_op = 1, doupdatedb = 0, ext_copy = EXT_COPY_NONE;

    int keyformat = FORMAT_PEM, multirdn = 0, notext = 0, output_der = 0;

    X509_REVOKED *r = NULL;

    OPTION_CHOICE o;

    new_cert[CERT_MAX] = '\0';

    prog = opt_init(argc, argv, ca_options);

    while ((o = opt_next()) != OPT_EOF) {

        switch (o) {

        case OPT_SIGOPT:

            if (sigopts == NULL)

                sigopts = sk_OPENSSL_STRING_new_null();

            if (sigopts == NULL

                || !sk_OPENSSL_STRING_push(sigopts, opt_arg()))

            if (sigopts == NULL || !sk_OPENSSL_STRING_push(sigopts, opt_arg()))

                goto end;

            break;

        case OPT_NOTEXT:

                goto end;

            if (verbose)

                BIO_printf(bio_err,

                           "Done. %d entries marked as expired\n", i);

                BIO_printf(bio_err, "Done. %d entries marked as expired\n", i);

        }

    }

            goto end;

    }

    if (md == NULL

        && (md = lookup_conf(conf, section, ENV_DEFAULT_MD)) == NULL)

    if (md == NULL && (md = lookup_conf(conf, section, ENV_DEFAULT_MD)) == NULL)

        goto end;

    if (strcmp(md, "default") == 0) {

        }

        if (startdate == NULL) {

            startdate = NCONF_get_string(conf, section,

                                         ENV_DEFAULT_STARTDATE);

            startdate = NCONF_get_string(conf, section, ENV_DEFAULT_STARTDATE);

            if (startdate == NULL)

                ERR_clear_error();

        }

            if (!NCONF_get_number(conf, section, ENV_DEFAULT_DAYS, &days))

                days = 0;

        }

        if (enddate == NULL && (days == 0)) {

            BIO_printf(bio_err,

                       "cannot lookup how many days to certify for\n");

        if (enddate == NULL && days == 0) {

            BIO_printf(bio_err, "cannot lookup how many days to certify for\n");

            goto end;

        }

                (void)BIO_flush(bio_err);

                tmp[0] = '\0';

                if (fgets(tmp, sizeof(tmp), stdin) == NULL) {

                    BIO_printf(bio_err,

                               "CERTIFICATION CANCELED: I/O error\n");

                    BIO_printf(bio_err, "CERTIFICATION CANCELED: I/O error\n");

                    ret = 0;

                    goto end;

                }

                goto end;

        }

        outdirlen = OPENSSL_strlcpy(new_cert, outdir, sizeof(new_cert));

#ifndef OPENSSL_SYS_VMS

        outdirlen = OPENSSL_strlcat(new_cert, "/", sizeof(new_cert));

#endif

        if (verbose)

            BIO_printf(bio_err, "writing new certificates\n");

        for (i = 0; i < sk_X509_num(cert_sk); i++) {

            BIO *Cout = NULL;

            X509 *xi = sk_X509_value(cert_sk, i);

            ASN1_INTEGER *serialNumber = X509_get_serialNumber(xi);

            int k;

            char *n;

            j = ASN1_STRING_length(serialNumber);

            p = (const char *)ASN1_STRING_get0_data(serialNumber);

            const unsigned char *psn = ASN1_STRING_get0_data(serialNumber);

            const int snl = ASN1_STRING_length(serialNumber);

            const int filen_len = 2 * (snl > 0 ? snl : 1) + sizeof(".pem");

            char *n = new_cert + outdirlen;

            if (strlen(outdir) >= (size_t)(j ? CERT_MAX - j * 2 - 6 : CERT_MAX - 8)) {

            if (outdirlen + filen_len > PATH_MAX) {

                BIO_printf(bio_err, "certificate file name too long\n");

                goto end;

            }

            strcpy(new_cert, outdir);

#ifndef OPENSSL_SYS_VMS

            OPENSSL_strlcat(new_cert, "/", sizeof(new_cert));

#endif

            if (snl > 0) {

                static const char HEX_DIGITS[] = "0123456789ABCDEF";

            n = (char *)&(new_cert[strlen(new_cert)]);

            if (j > 0) {

                for (k = 0; k < j; k++) {

                    if (n >= &(new_cert[sizeof(new_cert)]))

                        break;

                    BIO_snprintf(n,

                                 &new_cert[0] + sizeof(new_cert) - n,

                                 "%02X", (unsigned char)*(p++));

                    n += 2;

                for (j = 0; j < snl; j++, psn++) {

                    *n++ = HEX_DIGITS[*psn >> 4];

                    *n++ = HEX_DIGITS[*psn & 0x0F];

                }

            } else {

                *(n++) = '0';

            *(n++) = 'p';

            *(n++) = 'e';

            *(n++) = 'm';

            *n = '\0';

            *n = '\0';          /* closing new_cert */

            if (verbose)

                BIO_printf(bio_err, "writing %s\n", new_cert);

            X509V3_set_nconf(&ctx, conf);

            if (!X509V3_EXT_add_nconf(conf, &ctx, crl_ext, NULL)) {

                BIO_printf(bio_err,

                           "Error Loading CRL extension section %s\n",

                           crl_ext);

                           "Error Loading CRL extension section %s\n", crl_ext);

                ret = 1;

                goto end;

            }

                   CONF *lconf, unsigned long certopt, unsigned long nameopt,

                   int default_op, int ext_copy, int selfsign)

{

    X509_NAME *name = NULL, *CAname = NULL, *subject = NULL, *dn_subject =

        NULL;

    X509_NAME *name = NULL, *CAname = NULL, *subject = NULL, *dn_subject = NULL;

    const ASN1_TIME *tm;

    ASN1_STRING *str, *str2;

    ASN1_OBJECT *obj;

    }

    if (default_op)

        BIO_printf(bio_err,

                   "The Subject's Distinguished Name is as follows\n");

        BIO_printf(bio_err, "The Subject's Distinguished Name is as follows\n");

    name = X509_REQ_get_subject_name(req);

    for (i = 0; i < X509_NAME_entry_count(name); i++) {

                if ((j < 0) && (last2 == -1)) {

                    BIO_printf(bio_err,

                               "The %s field does not exist in the CA certificate,\n"

                               "the 'policy' is misconfigured\n",

                               cv->name);

                               "the 'policy' is misconfigured\n", cv->name);

                    goto end;

                }

                if (j >= 0) {

    return (ok);

}

static void write_new_certificate(BIO *bp, X509 *x, int output_der,

                                  int notext)

static void write_new_certificate(BIO *bp, X509 *x, int output_der, int notext)

{

    if (output_der) {

     * Now extract the key from the SPKI structure.

     */

    BIO_printf(bio_err,

               "Check that the SPKAC request matches the signature\n");

    BIO_printf(bio_err, "Check that the SPKAC request matches the signature\n");

    if ((pktmp = NETSCAPE_SPKI_get_pubkey(spki)) == NULL) {

        BIO_printf(bio_err, "error unpacking SPKAC public key\n");

            hold = OBJ_txt2obj(arg_str, 0);

            if (!hold) {

                BIO_printf(bio_err, "invalid object identifier %s\n",

                           arg_str);

                BIO_printf(bio_err, "invalid object identifier %s\n", arg_str);

                goto end;

            }

            if (phold)