Hi, BUG: apps/crl.c always returns an error when using noout-option. Version: 0.9.7c, 0.9.7d, maybe more. OS: Linux, but bug is OS-independent
When using the crl-command within the openssl-application the crl-command alwas returns with a ret-value!=0 when using "noout"-option which apps/openssl.c analyze as an "error in crl" though the crl-command didn't failed. > [EMAIL PROTECTED] 006 $ openssl crl -out > /usr/pki/operating/006/ca/OpenCA/var/tmp/28466_cnv-2.tmp -in > /usr/pki/operating/006/ca/OpenCA/var/tmp/28466_data.tmp > -text -noout -inform PEM > [EMAIL PROTECTED] 006 $ > [EMAIL PROTECTED] 006 $ openssl > OpenSSL> crl -out > /usr/pki/operating/006/ca/OpenCA/var/tmp/28466_cnv-2.tmp -in > /usr/pki/operating/006/ca/OpenCA/var/tmp/28466_data.tmp > -text -noout -inform PEM > error in crl In apps/crl.c I found if (text) X509_CRL_print(out, x); if (noout) goto end; if (outformat == FORMAT_ASN1) i=(int)i2d_X509_CRL_bio(out,x); else if (outformat == FORMAT_PEM) i=PEM_write_bio_X509_CRL(out,x); else { BIO_printf(bio_err,"bad output format specified for outfile\n"); goto end; } if (!i) { BIO_printf(bio_err,"unable to write CRL\n"); goto end; } ret=0; end: BIO_free_all(out); BIO_free_all(bio_out); bio_out=NULL; X509_CRL_free(x); if(store) { X509_STORE_CTX_cleanup(&ctx); X509_STORE_free(store); } apps_shutdown(); OPENSSL_EXIT(ret); } So if the "noout"-Option is set then the programm execution will jump to label "end" after output of the text-format but without setting ret=0; so the apps/openssl.c reports an error because of a returncode!=0 of the CRL-command. So change the line if (noout) goto end; to if (noout) {ret=0;goto end;} I attached a modified apps/crl.c which i tested against 0.9.7c and the bug is fixed. HTH & regards Michael -- Dipl.-Inform. Michael Konietzka Schlund + Partner AG - Development UNIX - Brauerstraße 48 Webservices D-76135 Karlsuhe http://www.schlund.de/ Germany ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]