wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Convert save_serial() to work like save_index(), and add a

Browse source 
rotate_serial() that works like rotate_index().
This commit is contained in:
Richard Levitte 2003-04-04 15:10:35 +00:00
parent d6df2b281f
commit 4c771796d5
4 changed files with 103 additions and 48 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

101
apps/apps.c
View file

@ -1519,19 +1519,44 @@ BIGNUM *load_serial(char *serialfile, int create, ASN1_INTEGER **retai)
return(ret); return(ret);
} }
int save_serial(char *serialfile, BIGNUM *serial, ASN1_INTEGER **retai) int save_serial(char *serialfile, char *suffix, BIGNUM *serial, ASN1_INTEGER **retai)
{ {
BIO *out; char buf[1][BSIZE];
BIO *out = NULL;
int ret=0; int ret=0;
ASN1_INTEGER *ai=NULL; ASN1_INTEGER *ai=NULL;
int j;
if (suffix == NULL)
j = strlen(serialfile);
else
j = strlen(serialfile) + strlen(suffix) + 1;
if (j >= BSIZE)
{
BIO_printf(bio_err,"file name too long\n");
goto err;
}
if (suffix == NULL)
BUF_strlcpy(buf[0], serialfile, BSIZE);
else
{
#ifndef OPENSSL_SYS_VMS
j = BIO_snprintf(buf[0], sizeof buf[0], "%s.%s", serialfile, suffix);
#else
j = BIO_snprintf(buf[0], sizeof buf[0], "%s-%s", serialfile, suffix);
#endif
}
#ifdef RL_DEBUG
BIO_printf(bio_err, "DEBUG: writing \"%s\"\n", buf[0]);
#endif
out=BIO_new(BIO_s_file()); out=BIO_new(BIO_s_file());
if (out == NULL) if (out == NULL)
{ {
ERR_print_errors(bio_err); ERR_print_errors(bio_err);
goto err; goto err;
} }
if (BIO_write_filename(out,serialfile) <= 0) if (BIO_write_filename(out,buf[0]) <= 0)
{ {
perror(serialfile); perror(serialfile);
goto err; goto err;
@ -1556,6 +1581,76 @@ err:
return(ret); return(ret);
} }
int rotate_serial(char *serialfile, char *new_suffix, char *old_suffix)
{
char buf[5][BSIZE];
int i,j;
struct stat sb;
i = strlen(serialfile) + strlen(old_suffix);
j = strlen(serialfile) + strlen(new_suffix);
if (i > j) j = i;
if (j + 1 >= BSIZE)
{
BIO_printf(bio_err,"file name too long\n");
goto err;
}
#ifndef OPENSSL_SYS_VMS
j = BIO_snprintf(buf[0], sizeof buf[0], "%s.%s",
serialfile, new_suffix);
#else
j = BIO_snprintf(buf[0], sizeof buf[0], "%s-%s",
serialfile, new_suffix);
#endif
#ifndef OPENSSL_SYS_VMS
j = BIO_snprintf(buf[1], sizeof buf[1], "%s.%s",
serialfile, old_suffix);
#else
j = BIO_snprintf(buf[1], sizeof buf[1], "%s-%s",
serialfile, old_suffix);
#endif
if (stat(serialfile,&sb) < 0)
{
if (errno != ENOENT
#ifdef ENOTDIR
&& errno != ENOTDIR)
#endif
goto err;
}
else
{
#ifdef RL_DEBUG
BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
serialfile, buf[1]);
#endif
if (rename(serialfile,buf[1]) < 0)
{
BIO_printf(bio_err,
"unable to rename %s to %s\n",
serialfile, buf[1]);
perror("reason");
goto err;
}
}
#ifdef RL_DEBUG
BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
buf[0],serialfile);
#endif
if (rename(buf[0],serialfile) < 0)
{
BIO_printf(bio_err,
"unable to rename %s to %s\n",
buf[0],serialfile);
perror("reason");
rename(buf[1],serialfile);
goto err;
}
return 1;
err:
return 0;
}
CA_DB *load_index(char *dbfile, DB_ATTR *db_attr) CA_DB *load_index(char *dbfile, DB_ATTR *db_attr)
{ {
CA_DB *retdb = NULL; CA_DB *retdb = NULL;

3
apps/apps.h
View file

@ -311,7 +311,8 @@ typedef struct ca_db_st
} CA_DB; } CA_DB;
BIGNUM *load_serial(char *serialfile, int create, ASN1_INTEGER **retai); BIGNUM *load_serial(char *serialfile, int create, ASN1_INTEGER **retai);
int save_serial(char *serialfile, BIGNUM *serial, ASN1_INTEGER **retai); int save_serial(char *serialfile, char *suffix, BIGNUM *serial, ASN1_INTEGER **retai);
int rotate_serial(char *serialfile, char *new_suffix, char *old_suffix);
CA_DB *load_index(char *dbfile, DB_ATTR *dbattr); CA_DB *load_index(char *dbfile, DB_ATTR *dbattr);
int index_index(CA_DB *db); int index_index(CA_DB *db);
int save_index(char *dbfile, char *suffix, CA_DB *db); int save_index(char *dbfile, char *suffix, CA_DB *db);

45
apps/ca.c
View file

@ -1243,21 +1243,7 @@ bad:
BIO_printf(bio_err,"Write out database with %d new entries\n",sk_X509_num(cert_sk)); BIO_printf(bio_err,"Write out database with %d new entries\n",sk_X509_num(cert_sk));
if(strlen(serialfile) > BSIZE-5 || strlen(dbfile) > BSIZE-5) if (!save_serial(serialfile,"new",serial,NULL)) goto err;
{
BIO_printf(bio_err,"file name too long\n");
goto err;
}
strcpy(buf[0],serialfile);
#ifdef OPENSSL_SYS_VMS
strcat(buf[0],"-new");
#else
strcat(buf[0],".new");
#endif
if (!save_serial(buf[0],serial,NULL)) goto err;
if (!save_index(dbfile, "new", db)) goto err; if (!save_index(dbfile, "new", db)) goto err;
} }
@ -1317,34 +1303,7 @@ bad:
if (sk_X509_num(cert_sk)) if (sk_X509_num(cert_sk))
{ {
/* Rename the database and the serial file */ /* Rename the database and the serial file */
strncpy(buf[2],serialfile,BSIZE-4); if (!rotate_serial(serialfile,"new","old")) goto err;
buf[2][BSIZE-4]='\0';
#ifdef OPENSSL_SYS_VMS
strcat(buf[2],"-old");
#else
strcat(buf[2],".old");
#endif
BIO_free(in);
BIO_free_all(out);
in=NULL;
out=NULL;
if (rename(serialfile,buf[2]) < 0)
{
BIO_printf(bio_err,"unable to rename %s to %s\n",
serialfile,buf[2]);
perror("reason");
goto err;
}
if (rename(buf[0],serialfile) < 0)
{
BIO_printf(bio_err,"unable to rename %s to %s\n",
buf[0],serialfile);
perror("reason");
rename(buf[2],serialfile);
goto err;
}
if (!rotate_index(dbfile,"new","old")) goto err; if (!rotate_index(dbfile,"new","old")) goto err;

2
apps/x509.c
View file

@ -1064,7 +1064,7 @@ static ASN1_INTEGER *x509_load_serial(char *CAfile, char *serialfile, int create
if (!BN_add_word(serial,1)) if (!BN_add_word(serial,1))
{ BIO_printf(bio_err,"add_word failure\n"); goto end; } { BIO_printf(bio_err,"add_word failure\n"); goto end; }
if (!save_serial(buf, serial, &bs)) goto end; if (!save_serial(buf, NULL, serial, &bs)) goto end;
end: end:
if (buf) OPENSSL_free(buf); if (buf) OPENSSL_free(buf);