Re: Display the CRL number w/o -text [patch included]
Bruno Bonfils wrote: Hi openssl's people, I'm currently writing a script to check a PKI. For this purpose, I wrote a small patch to display the crlNumber directly from the crl's app: # openssl crl -in ca.crl -crlnumber -noout crlNumber=42 I'll happy if the patch can be include in upstream. Thanks for your submission. Could you kindly submit your proposed patch in unified diff format to OpenSSL's request tracker? http://www.openssl.org/support/rt.html Best regards, Lutz __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
Display the CRL number w/o -text [patch included]
Hi openssl's people,
I'm currently writing a script to check a PKI. For this purpose, I
wrote a small patch to display the crlNumber directly from the crl's
app:
# openssl crl -in ca.crl -crlnumber -noout
crlNumber=42
I'll happy if the patch can be include in upstream.
Best regards
--
http://asyd.net/home/ - Home Page
http://guses.org/home/ - French Speaking (Open)Solaris User Group
91a92
-crlnumber - print CRLnumber if exists\n,
109c110
int hash=0,issuer=0,lastupdate=0,nextupdate=0,noout=0,text=0;
---
int hash=0,issuer=0,lastupdate=0,nextupdate=0,noout=0,text=0,crlnumber=0;
213a215,216
else if (strcmp(*argv, -crlnumber) == 0)
crlnumber= ++num;
329a333,344
if (crlnumber) {
int index;
STACK_OF(X509_EXTENSION) *extensions = x-crl-extensions;
for (index = 0; index sk_X509_EXTENSION_num(extensions) ; index++) {
X509_EXTENSION *extension = sk_X509_EXTENSION_value(extensions, index);
if (OBJ_obj2nid(extension-object) == NID_crl_number) {
BIO_printf(bio_out,crlNumber=);
X509V3_EXT_print(bio_out, extension, NULL, 0);
BIO_printf(bio_out, \n);
}
}
}
Re: Display the CRL number w/o -text [patch included]
On Wed 19 December, Lutz Jaenicke wrote: I'm currently writing a script to check a PKI. For this purpose, I wrote a small patch to display the crlNumber directly from the crl's Thanks for your submission. Could you kindly submit your proposed patch in unified diff format to OpenSSL's request tracker? http://www.openssl.org/support/rt.html done. Thanks -- http://asyd.net/home/ - Home Page http://guses.org/home/ - French Speaking (Open)Solaris User Group __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
[openssl.org #1625] [Enhancement, Patch] openssl crl option to display crlNumber
Hi,
here a patch to openssl crl.c to display the crlNumber using option
-crlnumber
--
http://asyd.net/home/ - Home Page
http://guses.org/home/ - French Speaking (Open)Solaris User Group
diff -Nurp openssl-0.9.8g/apps/crl.c openssl-0.9.8g-crlpatch/apps/crl.c
--- openssl-0.9.8g/apps/crl.c 2005-04-05 21:11:18.0 +0200
+++ openssl-0.9.8g-crlpatch/apps/crl.c 2007-12-19 12:25:05.359591892 +0100
@@ -89,6 +89,7 @@ static const char *crl_usage[]={
-CAfile name - verify CRL using certificates in file \name\\n,
-CApath dir- verify CRL using certificates in \dir\\n,
-nameopt arg- various certificate name options\n,
+ -crlnumber - print the crlNumber if exists\n,
NULL
};
@@ -106,7 +107,7 @@ int MAIN(int argc, char **argv)
BIO *out=NULL;
int informat,outformat;
char *infile=NULL,*outfile=NULL;
- int hash=0,issuer=0,lastupdate=0,nextupdate=0,noout=0,text=0;
+ int hash=0,issuer=0,lastupdate=0,nextupdate=0,noout=0,text=0,crlnumber=0;
int fingerprint = 0;
const char **pp;
X509_STORE *store = NULL;
@@ -211,6 +212,8 @@ int MAIN(int argc, char **argv)
/* ok */
digest=md_alg;
}
+ else if (strcmp(*argv, -crlnumber) == 0)
+ crlnumber= ++num;
else
{
BIO_printf(bio_err,unknown option %s\n,*argv);
@@ -324,6 +327,19 @@ bad:
?'\n':':');
}
}
+ if (crlnumber == i)
+{
+ int index;
+ STACK_OF(X509_EXTENSION) *extensions = x-crl-extensions;
+ for (index = 0; index sk_X509_EXTENSION_num(extensions) ; index++) {
+ X509_EXTENSION *extension = sk_X509_EXTENSION_value(extensions, index);
+ if (OBJ_obj2nid(extension-object) == NID_crl_number) {
+ BIO_printf(bio_out,crlNumber=);
+ X509V3_EXT_print(bio_out, extension, NULL, 0);
+ BIO_printf(bio_out, \n);
+ }
+ }
+}
}
}
