crl -nameopt

Robert Joop Tue, 30 Apr 2002 01:20:02 -0700

i've discovered that `req -nameopt` is implemented but undocumented.

`req -subject` is implemented and documented in the usage, but not in
the manual.


`crl -nameopt` was not implemented, i quickly hacked it in (we want a
sane output format for openca), patch is attached.
documentation should be added...

rj

diff -ru orig/openssl-SNAP-20020427/apps/crl.c openssl-SNAP-20020427/apps/crl.c
--- orig/openssl-SNAP-20020427/apps/crl.c       Fri Feb 22 15:02:16 2002
+++ openssl-SNAP-20020427/apps/crl.c    Mon Apr 29 19:16:51 2002
@@ -87,6 +87,7 @@
 " -noout          - no CRL output\n",
 " -CAfile  name   - verify CRL using certificates in file \"name\"\n",
 " -CApath  dir    - verify CRL using certificates in \"dir\"\n",
+" -nameopt arg    - various certificate name options\n",
 NULL
 };
 
@@ -97,6 +98,7 @@
 
 int MAIN(int argc, char **argv)
        {
+       unsigned long nmflag = 0;
        X509_CRL *x=NULL;
        char *CAfile = NULL, *CApath = NULL;
        int ret=1,i,num,badops=0;
@@ -105,7 +107,7 @@
        char *infile=NULL,*outfile=NULL;
        int hash=0,issuer=0,lastupdate=0,nextupdate=0,noout=0,text=0;
        int fingerprint = 0;
-       char **pp,buf[256];
+       char **pp;
        X509_STORE *store = NULL;
        X509_STORE_CTX ctx;
        X509_LOOKUP *lookup = NULL;
@@ -188,6 +190,11 @@
                        text = 1;
                else if (strcmp(*argv,"-hash") == 0)
                        hash= ++num;
+               else if (strcmp(*argv,"-nameopt") == 0)
+                       {
+                       if (--argc < 1) goto bad;
+                       if (!set_name_ex(&nmflag, *(++argv))) goto bad;
+                       }
                else if (strcmp(*argv,"-issuer") == 0)
                        issuer= ++num;
                else if (strcmp(*argv,"-lastupdate") == 0)
@@ -271,9 +278,7 @@
                        {
                        if (issuer == i)
                                {
-                               X509_NAME_oneline(X509_CRL_get_issuer(x),
-                                                               buf,256);
-                               BIO_printf(bio_out,"issuer= %s\n",buf);
+                               print_name(bio_out, "issuer=", X509_CRL_get_issuer(x), 
+nmflag);
                                }
 
                        if (hash == i)
diff -ru orig/openssl-SNAP-20020427/apps/req.c openssl-SNAP-20020427/apps/req.c
--- orig/openssl-SNAP-20020427/apps/req.c       Wed Apr 17 12:00:48 2002
+++ openssl-SNAP-20020427/apps/req.c    Mon Apr 29 18:55:54 2002
@@ -505,6 +505,7 @@
                BIO_printf(bio_err," -extensions .. specify certificate extension 
section (override value in config file)\n");
                BIO_printf(bio_err," -reqexts ..    specify request extension section 
(override value in config file)\n");
                BIO_printf(bio_err," -utf8          input characters are UTF8 (default 
ASCII)\n");
+               BIO_printf(bio_err," -nameopt arg    - various certificate name 
+options\n");
                goto end;
                }

x509/req/crl -nameopt

Reply via email to