Lines Matching +full:row +full:- +full:hold
2 * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
83 REV_VALID = -1, /* Valid (not-revoked) status */
86 REV_HOLD = 2, /* Value is hold instruction */
165 {OPT_HELP_STR, 1, '-', "Usage: %s [options] [certreq...]\n"},
168 {"help", OPT_HELP, '-', "Display this summary"},
169 {"verbose", OPT_VERBOSE, '-', "Verbose output during processing"},
170 {"quiet", OPT_QUIET, '-', "Terse output during processing"},
175 {"infiles", OPT_INFILES, '-', "The last argument, requests to process"},
178 {"notext", OPT_NOTEXT, '-', "Do not print the generated certificate"},
179 {"batch", OPT_BATCH, '-', "Don't ask questions"},
180 {"msie_hack", OPT_MSIE_HACK, '-',
192 {"section", OPT_NAME, 's', "An alias for -name"},
197 {"utf8", OPT_UTF8, '-', "Input characters are UTF8; default ASCII"},
198 {"create_serial", OPT_CREATE_SERIAL, '-',
200 {"rand_serial", OPT_RAND_SERIAL, '-',
202 {"multivalue-rdn", OPT_MULTIVALUE_RDN, '-',
203 "Deprecated; multi-valued RDNs support is always on."},
206 {"not_before", OPT_NOT_BEFORE, 's', "An alias for -startdate"},
208 "[CC]YYMMDDHHMMSSZ value for notAfter certificate field, overrides -days"},
209 {"not_after", OPT_NOT_AFTER, 's', "An alias for -enddate"},
215 {"preserveDN", OPT_PRESERVEDN, '-', "Don't re-order the DN"},
216 {"noemailDN", OPT_NOEMAILDN, '-', "Don't add the EMAIL field to the DN"},
225 "Key to decrypt the private key or cert files if encrypted. Better use -passin"},
229 {"selfsign", OPT_SELFSIGN, '-',
235 {"gencrl", OPT_GENCRL, '-', "Generate a new CRL"},
237 "Add a Valid(not-revoked) DB entry about a cert (given in file)"},
239 {"updatedb", OPT_UPDATEDB, '-', "Updates db for expired cert"},
244 "the hold instruction, an OID. Sets revocation reason to certificateHold"},
317 BIO_printf(bio_err, "%s: Use -help for summary.\n", prog); in ca_main()
501 rev_type = (o - OPT_CRL_REASON) + REV_CRL_REASON; in ca_main()
692 for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++) { in ca_main()
693 pp = sk_OPENSSL_PSTRING_value(db->db->data, i); in ca_main()
711 if (*p == '-') { in ca_main()
713 j--; in ca_main()
730 TXT_DB_write(bio_out, db->db); in ca_main()
732 sk_OPENSSL_PSTRING_num(db->db->data)); in ca_main()
746 if (i == -1) { in ca_main()
860 * no '-extfile' option, so we look for extensions in the main in ca_main()
896 "Warning: -enddate or -not_after option overriding -days option\n"); in ca_main()
1185 for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++) { in ca_main()
1186 pp = sk_OPENSSL_PSTRING_value(db->db->data, i); in ca_main()
1349 int ok = -1, i; in certify()
1407 int ok = -1, i; in certify_cert()
1466 int ok = -1, i, j, last, nid; in do_body()
1469 OPENSSL_STRING row[DB_NUMBER]; in do_body() local
1476 row[i] = NULL; in do_body()
1500 if (str->type == V_ASN1_UNIVERSALSTRING) in do_body()
1503 if (str->type == V_ASN1_IA5STRING && nid != NID_pkcs9_emailAddress) in do_body()
1504 str->type = V_ASN1_T61STRING; in do_body()
1507 && str->type == V_ASN1_PRINTABLESTRING) in do_body()
1508 str->type = V_ASN1_IA5STRING; in do_body()
1516 if (nid == NID_pkcs9_emailAddress && str->type != V_ASN1_IA5STRING) { in do_body()
1521 if (str->type != V_ASN1_BMPSTRING && str->type != V_ASN1_UTF8STRING) { in do_body()
1522 j = ASN1_PRINTABLE_type(str->data, str->length); in do_body()
1523 if ((j == V_ASN1_T61STRING && str->type != V_ASN1_T61STRING) || in do_body()
1524 (j == V_ASN1_IA5STRING && str->type == V_ASN1_PRINTABLESTRING)) in do_body()
1553 if ((j = OBJ_txt2nid(cv->name)) == NID_undef) { in do_body()
1556 cv->name); in do_body()
1561 last = -1; in do_body()
1568 if (last != -1) in do_body()
1577 if (strcmp(cv->value, "optional") == 0) { in do_body()
1580 } else if (strcmp(cv->value, "supplied") == 0) { in do_body()
1584 cv->name); in do_body()
1589 } else if (strcmp(cv->value, "match") == 0) { in do_body()
1595 cv->name); in do_body()
1599 last2 = -1; in do_body()
1603 if ((j < 0) && (last2 == -1)) { in do_body()
1606 "the 'policy' is misconfigured\n", cv->name); in do_body()
1621 cv->name, in do_body()
1622 ((str2 == NULL) ? "NULL" : (char *)str2->data), in do_body()
1623 ((str == NULL) ? "NULL" : (char *)str->data)); in do_body()
1629 cv->value); in do_body()
1634 if (!X509_NAME_add_entry(subject, push, -1, 0)) { in do_body()
1749 /* Build the correct Subject if no e-mail is wanted in the subject. */ in do_body()
1762 i = -1; in do_body()
1766 tmpne = X509_NAME_delete_entry(dn_subject, i--); in do_body()
1777 row[DB_name] = X509_NAME_oneline(X509_get_subject_name(ret), NULL, 0); in do_body()
1778 if (row[DB_name] == NULL) { in do_body()
1784 row[DB_serial] = OPENSSL_strdup("00"); in do_body()
1786 row[DB_serial] = BN_bn2hex(serial); in do_body()
1787 if (row[DB_serial] == NULL) { in do_body()
1792 if (row[DB_name][0] == '\0') { in do_body()
1798 OPENSSL_free(row[DB_name]); in do_body()
1799 row[DB_name] = OPENSSL_strdup(row[DB_serial]); in do_body()
1800 if (row[DB_name] == NULL) { in do_body()
1806 if (db->attributes.unique_subject) { in do_body()
1807 OPENSSL_STRING *crow = row; in do_body()
1809 rrow = TXT_DB_get_by_index(db->db, DB_name, crow); in do_body()
1813 row[DB_name]); in do_body()
1817 rrow = TXT_DB_get_by_index(db->db, DB_serial, row); in do_body()
1821 row[DB_serial]); in do_body()
1860 ok = -1; /* This is now a 'bad' error. */ in do_body()
1906 row[DB_type] = OPENSSL_strdup("V"); in do_body()
1908 row[DB_exp_date] = app_malloc(tm->length + 1, "row expdate"); in do_body()
1909 memcpy(row[DB_exp_date], tm->data, tm->length); in do_body()
1910 row[DB_exp_date][tm->length] = '\0'; in do_body()
1911 row[DB_rev_date] = NULL; in do_body()
1912 row[DB_file] = OPENSSL_strdup("unknown"); in do_body()
1913 if ((row[DB_type] == NULL) || (row[DB_file] == NULL) in do_body()
1914 || (row[DB_name] == NULL)) { in do_body()
1919 irow = app_malloc(sizeof(*irow) * (DB_NUMBER + 1), "row space"); in do_body()
1921 irow[i] = row[i]; in do_body()
1924 if (!TXT_DB_insert(db->db, irow)) { in do_body()
1926 BIO_printf(bio_err, "TXT_DB error number %ld\n", db->db->error); in do_body()
1934 OPENSSL_free(row[i]); in do_body()
1978 int ok = -1, i, j; in certify_spkac()
2020 type = cv->name; in certify_spkac()
2024 for (buf = cv->name; *buf; buf++) in certify_spkac()
2032 buf = cv->value; in certify_spkac()
2035 spki = NETSCAPE_SPKI_b64_decode(cv->value, -1); in certify_spkac()
2046 (unsigned char *)buf, -1, -1, 0)) in certify_spkac()
2099 char *row[DB_NUMBER], **rrow, **irow; in do_revoke() local
2102 int ok = -1, i; in do_revoke()
2105 row[i] = NULL; in do_revoke()
2106 row[DB_name] = X509_NAME_oneline(X509_get_subject_name(x509), NULL, 0); in do_revoke()
2111 row[DB_serial] = OPENSSL_strdup("00"); in do_revoke()
2113 row[DB_serial] = BN_bn2hex(bn); in do_revoke()
2115 if (row[DB_name] != NULL && row[DB_name][0] == '\0') { in do_revoke()
2117 OPENSSL_free(row[DB_name]); in do_revoke()
2118 row[DB_name] = OPENSSL_strdup(row[DB_serial]); in do_revoke()
2120 if ((row[DB_name] == NULL) || (row[DB_serial] == NULL)) { in do_revoke()
2128 rrow = TXT_DB_get_by_index(db->db, DB_serial, row); in do_revoke()
2132 row[DB_serial], row[DB_name]); in do_revoke()
2135 row[DB_type] = OPENSSL_strdup("V"); in do_revoke()
2137 row[DB_exp_date] = app_malloc(tm->length + 1, "row exp_data"); in do_revoke()
2138 memcpy(row[DB_exp_date], tm->data, tm->length); in do_revoke()
2139 row[DB_exp_date][tm->length] = '\0'; in do_revoke()
2140 row[DB_rev_date] = NULL; in do_revoke()
2141 row[DB_file] = OPENSSL_strdup("unknown"); in do_revoke()
2143 if (row[DB_type] == NULL || row[DB_file] == NULL) { in do_revoke()
2148 irow = app_malloc(sizeof(*irow) * (DB_NUMBER + 1), "row ptr"); in do_revoke()
2150 irow[i] = row[i]; in do_revoke()
2153 if (!TXT_DB_insert(db->db, irow)) { in do_revoke()
2155 BIO_printf(bio_err, "TXT_DB error number %ld\n", db->db->error); in do_revoke()
2161 row[i] = NULL; in do_revoke()
2172 } else if (index_name_cmp_noconst(row, rrow)) { in do_revoke()
2173 BIO_printf(bio_err, "ERROR:name does not match %s\n", row[DB_name]); in do_revoke()
2177 row[DB_serial]); in do_revoke()
2181 row[DB_serial]); in do_revoke()
2197 OPENSSL_free(row[i]); in do_revoke()
2203 char *row[DB_NUMBER], **rrow; in get_certificate_status() local
2204 int ok = -1, i; in get_certificate_status()
2209 row[i] = NULL; in get_certificate_status()
2212 row[DB_serial] = app_malloc(serial_len + 2, "row serial#"); in get_certificate_status()
2218 row[DB_serial][0] = '0'; in get_certificate_status()
2220 /* Copy String from serial to row[DB_serial] */ in get_certificate_status()
2221 memcpy(row[DB_serial] + 1, serial, serial_len); in get_certificate_status()
2222 row[DB_serial][serial_len + 1] = '\0'; in get_certificate_status()
2224 /* Copy String from serial to row[DB_serial] */ in get_certificate_status()
2225 memcpy(row[DB_serial], serial, serial_len); in get_certificate_status()
2226 row[DB_serial][serial_len] = '\0'; in get_certificate_status()
2230 make_uppercase(row[DB_serial]); in get_certificate_status()
2235 rrow = TXT_DB_get_by_index(db->db, DB_serial, row); in get_certificate_status()
2237 BIO_printf(bio_err, "Serial %s not present in db.\n", row[DB_serial]); in get_certificate_status()
2238 ok = -1; in get_certificate_status()
2242 row[DB_serial], rrow[DB_type][0]); in get_certificate_status()
2246 row[DB_serial], rrow[DB_type][0]); in get_certificate_status()
2250 row[DB_serial], rrow[DB_type][0]); in get_certificate_status()
2254 row[DB_serial], rrow[DB_type][0]); in get_certificate_status()
2258 row[DB_serial], rrow[DB_type][0]); in get_certificate_status()
2259 ok = -1; in get_certificate_status()
2263 OPENSSL_free(row[i]); in get_certificate_status()
2276 return -1; in do_updatedb()
2281 return -1; in do_updatedb()
2284 for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++) { in do_updatedb()
2285 rrow = sk_OPENSSL_PSTRING_value(db->db->data, i); in do_updatedb()
2294 return -1; in do_updatedb()
2300 return -1; in do_updatedb()
2406 i = revtm->length + 1; in make_revocation_str()
2414 OPENSSL_strlcpy(str, (char *)revtm->data, i); in make_revocation_str()
2427 /*-
2438 int reason_code = -1; in make_revoked()
2440 ASN1_OBJECT *hold = NULL; in make_revoked() local
2446 i = unpack_revinfo(&revDate, &reason_code, &hold, &comp_time, str); in make_revoked()
2467 if (rev && hold) { in make_revoked()
2469 (rev, NID_hold_instruction_code, hold, 0, 0) <= 0) in make_revoked()
2481 ASN1_OBJECT_free(hold); in make_revoked()
2497 for (j = 22 - j; j > 0; j--) in old_entry_print()
2503 if (str->type == V_ASN1_PRINTABLESTRING) in old_entry_print()
2505 else if (str->type == V_ASN1_T61STRING) in old_entry_print()
2507 else if (str->type == V_ASN1_IA5STRING) in old_entry_print()
2509 else if (str->type == V_ASN1_UNIVERSALSTRING) in old_entry_print()
2512 BIO_printf(bio_err, "ASN.1 %2d:'", str->type); in old_entry_print()
2514 p = (const char *)str->data; in old_entry_print()
2515 for (j = str->length; j > 0; j--) { in old_entry_print()
2535 int reason_code = -1; in unpack_revinfo()
2538 ASN1_OBJECT *hold = NULL; in unpack_revinfo() local
2587 } else if (reason_code == 8) { /* Hold instruction */ in unpack_revinfo()
2589 BIO_printf(bio_err, "missing hold instruction\n"); in unpack_revinfo()
2593 hold = OBJ_txt2obj(arg_str, 0); in unpack_revinfo()
2595 if (!hold) { in unpack_revinfo()
2600 *phold = hold; in unpack_revinfo()
2602 ASN1_OBJECT_free(hold); in unpack_revinfo()