Re: Display the CRL number w/o -text [patch included]
Bruno Bonfils wrote: Hi openssl's people, I'm currently writing a script to check a PKI. For this purpose, I wrote a small patch to display the crlNumber directly from the crl's app: # openssl crl -in ca.crl -crlnumber -noout crlNumber=42 I'll happy if the patch can be include in upstream. Thanks for your submission. Could you kindly submit your proposed patch in unified diff format to OpenSSL's request tracker? http://www.openssl.org/support/rt.html Best regards, Lutz __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
Display the CRL number w/o -text [patch included]
Hi openssl's people, I'm currently writing a script to check a PKI. For this purpose, I wrote a small patch to display the crlNumber directly from the crl's app: # openssl crl -in ca.crl -crlnumber -noout crlNumber=42 I'll happy if the patch can be include in upstream. Best regards -- http://asyd.net/home/ - Home Page http://guses.org/home/ - French Speaking (Open)Solaris User Group 91a92 -crlnumber - print CRLnumber if exists\n, 109c110 int hash=0,issuer=0,lastupdate=0,nextupdate=0,noout=0,text=0; --- int hash=0,issuer=0,lastupdate=0,nextupdate=0,noout=0,text=0,crlnumber=0; 213a215,216 else if (strcmp(*argv, -crlnumber) == 0) crlnumber= ++num; 329a333,344 if (crlnumber) { int index; STACK_OF(X509_EXTENSION) *extensions = x-crl-extensions; for (index = 0; index sk_X509_EXTENSION_num(extensions) ; index++) { X509_EXTENSION *extension = sk_X509_EXTENSION_value(extensions, index); if (OBJ_obj2nid(extension-object) == NID_crl_number) { BIO_printf(bio_out,crlNumber=); X509V3_EXT_print(bio_out, extension, NULL, 0); BIO_printf(bio_out, \n); } } }
Re: Display the CRL number w/o -text [patch included]
On Wed 19 December, Lutz Jaenicke wrote: I'm currently writing a script to check a PKI. For this purpose, I wrote a small patch to display the crlNumber directly from the crl's Thanks for your submission. Could you kindly submit your proposed patch in unified diff format to OpenSSL's request tracker? http://www.openssl.org/support/rt.html done. Thanks -- http://asyd.net/home/ - Home Page http://guses.org/home/ - French Speaking (Open)Solaris User Group __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
[openssl.org #1625] [Enhancement, Patch] openssl crl option to display crlNumber
Hi, here a patch to openssl crl.c to display the crlNumber using option -crlnumber -- http://asyd.net/home/ - Home Page http://guses.org/home/ - French Speaking (Open)Solaris User Group diff -Nurp openssl-0.9.8g/apps/crl.c openssl-0.9.8g-crlpatch/apps/crl.c --- openssl-0.9.8g/apps/crl.c 2005-04-05 21:11:18.0 +0200 +++ openssl-0.9.8g-crlpatch/apps/crl.c 2007-12-19 12:25:05.359591892 +0100 @@ -89,6 +89,7 @@ static const char *crl_usage[]={ -CAfile name - verify CRL using certificates in file \name\\n, -CApath dir- verify CRL using certificates in \dir\\n, -nameopt arg- various certificate name options\n, + -crlnumber - print the crlNumber if exists\n, NULL }; @@ -106,7 +107,7 @@ int MAIN(int argc, char **argv) BIO *out=NULL; int informat,outformat; char *infile=NULL,*outfile=NULL; - int hash=0,issuer=0,lastupdate=0,nextupdate=0,noout=0,text=0; + int hash=0,issuer=0,lastupdate=0,nextupdate=0,noout=0,text=0,crlnumber=0; int fingerprint = 0; const char **pp; X509_STORE *store = NULL; @@ -211,6 +212,8 @@ int MAIN(int argc, char **argv) /* ok */ digest=md_alg; } + else if (strcmp(*argv, -crlnumber) == 0) + crlnumber= ++num; else { BIO_printf(bio_err,unknown option %s\n,*argv); @@ -324,6 +327,19 @@ bad: ?'\n':':'); } } + if (crlnumber == i) +{ + int index; + STACK_OF(X509_EXTENSION) *extensions = x-crl-extensions; + for (index = 0; index sk_X509_EXTENSION_num(extensions) ; index++) { + X509_EXTENSION *extension = sk_X509_EXTENSION_value(extensions, index); + if (OBJ_obj2nid(extension-object) == NID_crl_number) { + BIO_printf(bio_out,crlNumber=); + X509V3_EXT_print(bio_out, extension, NULL, 0); + BIO_printf(bio_out, \n); + } + } +} } }