diff options
| author | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2023-05-15 19:59:16 +0200 |
|---|---|---|
| committer | Dr. David von Oheimb <dev@ddvo.net> | 2023-05-25 09:04:35 +0200 |
| commit | c8aec16383c7a9aec76b28e6eb95d36bef6f7e56 (patch) | |
| tree | 18ace3d90358a858e9c49ae77ca422ad73029d97 | |
| parent | Create internal/ssl.h (diff) | |
| download | openssl-c8aec16383c7a9aec76b28e6eb95d36bef6f7e56.tar.xz openssl-c8aec16383c7a9aec76b28e6eb95d36bef6f7e56.zip | |
APPS/ca: remove spurious errors when certain config file entries are not provided
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/20971)
| -rw-r--r-- | apps/ca.c | 33 |
1 files changed, 22 insertions, 11 deletions
@@ -537,7 +537,6 @@ end_of_options: f = NCONF_get_string(conf, section, STRING_MASK); if (f == NULL) ERR_clear_error(); - if (f != NULL && !ASN1_STRING_set_default_mask_asc(f)) { BIO_printf(bio_err, "Invalid global string mask setting %s\n", f); goto end; @@ -631,7 +630,8 @@ end_of_options: msie_hack = 1; f = NCONF_get_string(conf, section, ENV_NAMEOPT); - + if (f == NULL) + ERR_clear_error(); if (f != NULL) { if (!set_nameopt(f)) { BIO_printf(bio_err, "Invalid name options: \"%s\"\n", f); @@ -641,7 +641,6 @@ end_of_options: } f = NCONF_get_string(conf, section, ENV_CERTOPT); - if (f != NULL) { if (!set_cert_ex(&certopt, f)) { BIO_printf(bio_err, "Invalid certificate options: \"%s\"\n", f); @@ -653,7 +652,6 @@ end_of_options: } f = NCONF_get_string(conf, section, ENV_EXTCOPY); - if (f != NULL) { if (!set_ext_copy(&ext_copy, f)) { BIO_printf(bio_err, "Invalid extension copy option: \"%s\"\n", f); @@ -789,8 +787,10 @@ end_of_options: /* We can have sections in the ext file */ if (extensions == NULL) { extensions = NCONF_get_string(extfile_conf, "default", "extensions"); - if (extensions == NULL) + if (extensions == NULL) { + ERR_clear_error(); extensions = "default"; + } } } @@ -828,6 +828,8 @@ end_of_options: char *tmp_email_dn = NULL; tmp_email_dn = NCONF_get_string(conf, section, ENV_DEFAULT_EMAIL_DN); + if (tmp_email_dn == NULL) + ERR_clear_error(); if (tmp_email_dn != NULL && strcmp(tmp_email_dn, "no") == 0) email_dn = 0; } @@ -843,6 +845,7 @@ end_of_options: if (NCONF_get_string(conf, section, ENV_RAND_SERIAL) != NULL) { rand_ser = 1; } else { + ERR_clear_error(); serialfile = lookup_conf(conf, section, ENV_SERIAL); if (serialfile == NULL) goto end; @@ -912,8 +915,10 @@ end_of_options: } if (days == 0) { - if (!NCONF_get_number(conf, section, ENV_DEFAULT_DAYS, &days)) + if (!NCONF_get_number(conf, section, ENV_DEFAULT_DAYS, &days)) { + ERR_clear_error(); days = 0; + } } if (enddate == NULL && days == 0) { BIO_printf(bio_err, "cannot lookup how many days to certify for\n"); @@ -1165,22 +1170,28 @@ end_of_options: } } - if ((crlnumberfile = NCONF_get_string(conf, section, ENV_CRLNUMBER)) - != NULL) + crlnumberfile = NCONF_get_string(conf, section, ENV_CRLNUMBER); + if (crlnumberfile != NULL) { if ((crlnumber = load_serial(crlnumberfile, NULL, 0, NULL)) == NULL) { BIO_printf(bio_err, "error while loading CRL number\n"); goto end; } + } else { + ERR_clear_error(); + } if (!crldays && !crlhours && !crlsec) { if (!NCONF_get_number(conf, section, - ENV_DEFAULT_CRL_DAYS, &crldays)) + ENV_DEFAULT_CRL_DAYS, &crldays)) { + ERR_clear_error(); crldays = 0; + } if (!NCONF_get_number(conf, section, - ENV_DEFAULT_CRL_HOURS, &crlhours)) + ENV_DEFAULT_CRL_HOURS, &crlhours)) { + ERR_clear_error(); crlhours = 0; - ERR_clear_error(); + } } if ((crl_nextupdate == NULL) && (crldays == 0) && (crlhours == 0) && (crlsec == 0)) { |