apps: Add maybe_stdin argument to load_certs and set it in pkcs12

author Tomas Mraz <tomas@openssl.org>

Fri, 5 Mar 2021 20:05:35 +0000 (21:05 +0100)

committer Tomas Mraz <tomas@openssl.org>

Mon, 15 Mar 2021 12:29:57 +0000 (13:29 +0100)
author Tomas Mraz <tomas@openssl.org>
Fri, 5 Mar 2021 20:05:35 +0000 (21:05 +0100)
committer Tomas Mraz <tomas@openssl.org>
Mon, 15 Mar 2021 12:29:57 +0000 (13:29 +0100)
diff --git a/apps/cms.c b/apps/cms.c

index f347a3314a7ac991bb04fea524dee0f8cb7f4f60..cea1b73d888717ddfac9b8c2bb8fe596c8f26449 100644 (file)
--- a/apps/cms.c
+++ b/apps/cms.c
@@ -826,7 +826,7 @@ int cms_main(int argc, char **argv)
      }
  
      if (certfile != NULL) {
-        if (!load_certs(certfile, &other, NULL, "certificate file")) {
+        if (!load_certs(certfile, 0, &other, NULL, "certificate file")) {
              ERR_print_errors(bio_err);
              goto end;
          }
diff --git a/apps/include/apps.h b/apps/include/apps.h

index 416e1d25685a9e0fe6def7ae0f0b69167f430004..a2826e6066451a0031de12dd4bf28eb19e117719 100644 (file)
--- a/apps/include/apps.h
+++ b/apps/include/apps.h
@@ -129,7 +129,7 @@ STACK_OF(X509) *load_certs_multifile(char *files, const char *pass,
                                       const char *desc, X509_VERIFY_PARAM *vpm);
  X509_STORE *load_certstore(char *input, const char *pass, const char *desc,
                             X509_VERIFY_PARAM *vpm);
-int load_certs(const char *uri, STACK_OF(X509) **certs,
+int load_certs(const char *uri, int maybe_stdin, STACK_OF(X509) **certs,
                 const char *pass, const char *desc);
  int load_crls(const char *uri, STACK_OF(X509_CRL) **crls,
                const char *pass, const char *desc);
diff --git a/apps/lib/apps.c b/apps/lib/apps.c

index f114f0b10cc81d97bb62649b6d9ad290fa79ae9d..1e14f314978c805efb8885ad3a97dcd404775de1 100644 (file)
--- a/apps/lib/apps.c
+++ b/apps/lib/apps.c
@@ -800,12 +800,12 @@ X509_STORE *load_certstore(char *input, const char *pass, const char *desc,
   * Initialize or extend, if *certs != NULL, a certificate stack.
   * The caller is responsible for freeing *certs if its value is left not NULL.
   */
-int load_certs(const char *uri, STACK_OF(X509) **certs,
+int load_certs(const char *uri, int maybe_stdin, STACK_OF(X509) **certs,
                 const char *pass, const char *desc)
  {
      int was_NULL = *certs == NULL;
-    int ret = load_key_certs_crls(uri, 0, pass, desc, NULL, NULL, NULL,
-                                  NULL, certs, NULL, NULL);
+    int ret = load_key_certs_crls(uri, maybe_stdin, pass, desc, NULL, NULL,
+                                  NULL, NULL, certs, NULL, NULL);
  
      if (!ret && was_NULL) {
          sk_X509_pop_free(*certs, X509_free);
diff --git a/apps/lib/s_cb.c b/apps/lib/s_cb.c

index 0ca90387385d249fa4a6bf95e66e31800aef6b61..4c209e76dfa244427bc2bce48725055436ce127b 100644 (file)
--- a/apps/lib/s_cb.c
+++ b/apps/lib/s_cb.c
@@ -1032,7 +1032,7 @@ int load_excert(SSL_EXCERT **pexc)
          if (exc->key == NULL)
              return 0;
          if (exc->chainfile != NULL) {
-            if (!load_certs(exc->chainfile, &exc->chain, NULL, "server chain"))
+            if (!load_certs(exc->chainfile, 0, &exc->chain, NULL, "server chain"))
                  return 0;
          }
      }
diff --git a/apps/ocsp.c b/apps/ocsp.c

index e61774a8a33fe9796072dc475d0ef4226fbef9f1..e77c90f041d843b2711144f4bf2c33f1c4f00254 100644 (file)
--- a/apps/ocsp.c
+++ b/apps/ocsp.c
@@ -574,10 +574,10 @@ int ocsp_main(int argc, char **argv)
              BIO_printf(bio_err, "Error loading responder certificate\n");
              goto end;
          }
-        if (!load_certs(rca_filename, &rca_cert, NULL, "CA certificates"))
+        if (!load_certs(rca_filename, 0, &rca_cert, NULL, "CA certificates"))
              goto end;
          if (rcertfile != NULL) {
-            if (!load_certs(rcertfile, &rother, NULL,
+            if (!load_certs(rcertfile, 0, &rother, NULL,
                              "responder other certificates"))
                  goto end;
          }
@@ -671,7 +671,7 @@ redo_accept:
              goto end;
          }
          if (sign_certfile != NULL) {
-            if (!load_certs(sign_certfile, &sign_other, NULL,
+            if (!load_certs(sign_certfile, 0, &sign_other, NULL,
                              "signer certificates"))
                  goto end;
          }
@@ -780,7 +780,7 @@ redo_accept:
      if (vpmtouched)
          X509_STORE_set1_param(store, vpm);
      if (verify_certfile != NULL) {
-        if (!load_certs(verify_certfile, &verify_other, NULL,
+        if (!load_certs(verify_certfile, 0, &verify_other, NULL,
                          "validator certificates"))
              goto end;
      }
diff --git a/apps/pkcs12.c b/apps/pkcs12.c

index c5f2981aa7e39fe2bc6b18636c457f2f4dde348e..0a881408800f4d238811defe1d96e309b134acf2 100644 (file)
--- a/apps/pkcs12.c
+++ b/apps/pkcs12.c
@@ -525,7 +525,7 @@ int pkcs12_main(int argc, char **argv)
  
          /* Load all certs in input file */
          if (!(options & NOCERTS)) {
-            if (!load_certs(infile, &certs, passin,
+            if (!load_certs(infile, 1, &certs, passin,
                              "certificates from -in file"))
                  goto export_end;
              if (sk_X509_num(certs) < 1) {
@@ -560,7 +560,7 @@ int pkcs12_main(int argc, char **argv)
  
          /* Load any untrusted certificates for chain building */
          if (untrusted != NULL) {
-            if (!load_certs(untrusted, &untrusted_certs, passcerts,
+            if (!load_certs(untrusted, 0, &untrusted_certs, passcerts,
                              "untrusted certificates"))
                  goto export_end;
          }
@@ -605,7 +605,7 @@ int pkcs12_main(int argc, char **argv)
  
          /* Add any extra certificates asked for */
          if (certfile != NULL) {
-            if (!load_certs(certfile, &certs, passcerts,
+            if (!load_certs(certfile, 0, &certs, passcerts,
                              "extra certificates from -certfile"))
                  goto export_end;
          }
diff --git a/apps/s_client.c b/apps/s_client.c

index 431df131ddad9a8f252e22f2c4e793fad67e6d0d..ac744ccbd5350a0128a8e0a6f78e2d283bca0766 100644 (file)
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -1625,7 +1625,7 @@ int s_client_main(int argc, char **argv)
      }
  
      if (chain_file != NULL) {
-        if (!load_certs(chain_file, &chain, pass, "client certificate chain"))
+        if (!load_certs(chain_file, 0, &chain, pass, "client certificate chain"))
              goto end;
      }
  
diff --git a/apps/s_server.c b/apps/s_server.c

index bbbe3cf8770a46c9d4737fe0a32aca07bbe93e05..34b28736a11d83eb6e941af8c0ed5ebdfb3b1700 100644 (file)
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -1690,7 +1690,7 @@ int s_server_main(int argc, char *argv[])
          if (s_cert == NULL)
              goto end;
          if (s_chain_file != NULL) {
-            if (!load_certs(s_chain_file, &s_chain, NULL,
+            if (!load_certs(s_chain_file, 0, &s_chain, NULL,
                              "server certificate chain"))
                  goto end;
          }
@@ -1754,7 +1754,7 @@ int s_server_main(int argc, char *argv[])
              goto end;
          }
          if (s_dchain_file != NULL) {
-            if (!load_certs(s_dchain_file, &s_dchain, NULL,
+            if (!load_certs(s_dchain_file, 0, &s_dchain, NULL,
                              "second server certificate chain"))
                  goto end;
          }
diff --git a/apps/smime.c b/apps/smime.c

index 63578f28d5a3791399eb3124e791839ca9317932..dcef6b3b4950c6bd9db77977e55ad72145558efd 100644 (file)
--- a/apps/smime.c
+++ b/apps/smime.c
@@ -457,7 +457,7 @@ int smime_main(int argc, char **argv)
      }
  
      if (certfile != NULL) {
-        if (!load_certs(certfile, &other, NULL, "certificates")) {
+        if (!load_certs(certfile, 0, &other, NULL, "certificates")) {
              ERR_print_errors(bio_err);
              goto end;
          }
diff --git a/apps/verify.c b/apps/verify.c

index bf200b0fb65f6d153d76f9bc095b4cb67cd523bb..de6e051006f0acf8520b447b50df9e27443f4e92 100644 (file)
--- a/apps/verify.c
+++ b/apps/verify.c
@@ -145,7 +145,7 @@ int verify_main(int argc, char **argv)
              break;
          case OPT_UNTRUSTED:
              /* Zero or more times */
-            if (!load_certs(opt_arg(), &untrusted, NULL,
+            if (!load_certs(opt_arg(), 0, &untrusted, NULL,
                              "untrusted certificates"))
                  goto end;
              break;
@@ -154,7 +154,7 @@ int verify_main(int argc, char **argv)
              noCAfile = 1;
              noCApath = 1;
              noCAstore = 1;
-            if (!load_certs(opt_arg(), &trusted, NULL, "trusted certificates"))
+            if (!load_certs(opt_arg(), 0, &trusted, NULL, "trusted certificates"))
                  goto end;
              break;
          case OPT_CRLFILE:
author	Tomas Mraz <tomas@openssl.org>
	Fri, 5 Mar 2021 20:05:35 +0000 (21:05 +0100)
committer	Tomas Mraz <tomas@openssl.org>
	Mon, 15 Mar 2021 12:29:57 +0000 (13:29 +0100)
apps/cms.c		patch \| blob \| blame \| history
apps/include/apps.h		patch \| blob \| blame \| history
apps/lib/apps.c		patch \| blob \| blame \| history
apps/lib/s_cb.c		patch \| blob \| blame \| history
apps/ocsp.c		patch \| blob \| blame \| history
apps/pkcs12.c		patch \| blob \| blame \| history
apps/s_client.c		patch \| blob \| blame \| history
apps/s_server.c		patch \| blob \| blame \| history
apps/smime.c		patch \| blob \| blame \| history
apps/verify.c		patch \| blob \| blame \| history