On Thu, Jul 15, 2004 at 03:46:52PM +0200, Michael Konietzka via RT wrote:
BUG: apps/crl.c always returns an error when using noout-option.
Version: 0.9.7c, 0.9.7d, maybe more.
OS: Linux, but bug is OS-independent
When using the crl-command within the openssl-application the
crl-command alwas returns with a ret-value!=0 when using noout-option which
apps/openssl.c analyze as an error in crl though the crl-command didn't failed.
[EMAIL PROTECTED] 006 $ openssl crl -out
/usr/pki/operating/006/ca/OpenCA/var/tmp/28466_cnv-2.tmp -in
/usr/pki/operating/006/ca/OpenCA/var/tmp/28466_data.tmp
-text -noout -inform PEM
[EMAIL PROTECTED] 006 $
[EMAIL PROTECTED] 006 $ openssl
OpenSSL crl -out
/usr/pki/operating/006/ca/OpenCA/var/tmp/28466_cnv-2.tmp -in
/usr/pki/operating/006/ca/OpenCA/var/tmp/28466_data.tmp
-text -noout -inform PEM
error in crl
A co-worker of mine discovered the problem as well:
| This makes some scripting a bit difficult:
|
| * openssl crl ... -noout -text returns 1 on success (!!!)
| * openssl crl ... -textreturns 0 on success
| * openssl crl ... -outform DER|PEM liefert 0 on success
|
| Attached you'll find a short patch, which fixes this behaviour. As the
| subfunction always returns 1, it would also be possible to always return 0, but
| maybe the subfunction will change some time.
I've attached his patch.
Peter
--
Thought is limitation. Free your mind.
diff -Nur openssl-0.9.7d.orig/apps/crl.c openssl-0.9.7d/apps/crl.c
--- openssl-0.9.7d.orig/apps/crl.c 2004-07-20 11:13:28.428102578 +0200
+++ openssl-0.9.7d/apps/crl.c 2004-07-20 12:30:43.729848489 +0200
@@ -353,7 +353,13 @@
}
}
- if (text) X509_CRL_print(out, x);
+ if (text) {
+ ret=X509_CRL_print(out, x);
+ /* stupid hack for stupid functions
+ * X509_CRL_print seems to always return 1*/
+ if(ret == 1)
+ ret=0;
+ }
if (noout) goto end;
pgp191g24i9tX.pgp
Description: PGP signature
