[openssl.org #917] BUG/PATCH: apps/crl.c always returns an error when using noout-option.

Thu, 15 Jul 2004 06:48:11 -0700 

Hi,

BUG: apps/crl.c always returns an error when using noout-option.
Version: 0.9.7c, 0.9.7d, maybe more.
OS: Linux, but bug is OS-independent

When using the crl-command within the openssl-application the
crl-command alwas returns with a ret-value!=0 when using "noout"-option which
apps/openssl.c analyze as an "error in crl" though the crl-command didn't failed.

> [EMAIL PROTECTED] 006 $ openssl crl -out
> /usr/pki/operating/006/ca/OpenCA/var/tmp/28466_cnv-2.tmp -in
> /usr/pki/operating/006/ca/OpenCA/var/tmp/28466_data.tmp
> -text -noout -inform PEM
> [EMAIL PROTECTED] 006 $
> [EMAIL PROTECTED] 006 $ openssl
> OpenSSL> crl -out
> /usr/pki/operating/006/ca/OpenCA/var/tmp/28466_cnv-2.tmp -in
> /usr/pki/operating/006/ca/OpenCA/var/tmp/28466_data.tmp
> -text -noout -inform PEM
> error in crl 

In apps/crl.c
I found

        if (text) X509_CRL_print(out, x);

        if (noout) goto end;

         if      (outformat == FORMAT_ASN1)
                 i=(int)i2d_X509_CRL_bio(out,x);
         else if (outformat == FORMAT_PEM)
                 i=PEM_write_bio_X509_CRL(out,x);
         else
                 {
                 BIO_printf(bio_err,"bad output format specified for outfile\n");
                 goto end;
                 }
         if (!i) { BIO_printf(bio_err,"unable to write CRL\n"); goto end; }
         ret=0;
end:
         BIO_free_all(out);
         BIO_free_all(bio_out);
         bio_out=NULL;
         X509_CRL_free(x);
         if(store) {
                 X509_STORE_CTX_cleanup(&ctx);
                 X509_STORE_free(store);
         }
         apps_shutdown();
         OPENSSL_EXIT(ret);
         }


So if the "noout"-Option is set then the programm execution will
jump to label "end" after output of the text-format but without setting
ret=0; so the apps/openssl.c reports an error because of a returncode!=0
of the CRL-command.

So change the line

if (noout) goto end;

to

if (noout) {ret=0;goto end;}

I attached a modified apps/crl.c which i tested against 0.9.7c and
the bug is fixed.

HTH & regards
  Michael
-- 
Dipl.-Inform. Michael Konietzka  Schlund + Partner AG
- Development UNIX -             Brauerstra�e 48
     Webservices                  D-76135 Karlsuhe
http://www.schlund.de/           Germany
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to