diff options
Diffstat (limited to 'apps')
-rw-r--r-- | apps/verify.c | 38 |
1 files changed, 16 insertions, 22 deletions
diff --git a/apps/verify.c b/apps/verify.c index 183579c06d..158504464b 100644 --- a/apps/verify.c +++ b/apps/verify.c @@ -115,7 +115,6 @@ int verify_main(int argc, char **argv) X509_VERIFY_PARAM *vpm = NULL; char *prog, *CApath = NULL, *CAfile = NULL; int noCApath = 0, noCAfile = 0; - char *untfile = NULL, *trustfile = NULL, *crlfile = NULL; int vpmtouched = 0, crl_download = 0, show_chain = 0, i = 0, ret = 1; OPTION_CHOICE o; @@ -167,13 +166,24 @@ int verify_main(int argc, char **argv) noCAfile = 1; break; case OPT_UNTRUSTED: - untfile = opt_arg(); + /* Zero or more times */ + if (!load_certs(opt_arg(), &untrusted, FORMAT_PEM, NULL, e, + "untrusted certificates")) + goto end; break; case OPT_TRUSTED: - trustfile = opt_arg(); + /* Zero or more times */ + noCAfile = 1; + noCApath = 1; + if (!load_certs(opt_arg(), &trusted, FORMAT_PEM, NULL, e, + "trusted certificates")) + goto end; break; case OPT_CRLFILE: - crlfile = opt_arg(); + /* Zero or more times */ + if (!load_crls(opt_arg(), &crls, FORMAT_PEM, NULL, e, + "other CRLs")) + goto end; break; case OPT_CRL_DOWNLOAD: crl_download = 1; @@ -182,6 +192,7 @@ int verify_main(int argc, char **argv) show_chain = 1; break; case OPT_ENGINE: + /* Specify *before* -trusted/-untrusted/-CRLfile */ e = setup_engine(opt_arg(), 0); break; case OPT_VERBOSE: @@ -191,7 +202,7 @@ int verify_main(int argc, char **argv) } argc = opt_num_rest(); argv = opt_rest(); - if (trustfile && (CAfile || CApath)) { + if (trusted != NULL && (CAfile || CApath)) { BIO_printf(bio_err, "%s: Cannot use -trusted with -CAfile or -CApath\n", prog); @@ -207,23 +218,6 @@ int verify_main(int argc, char **argv) ERR_clear_error(); - if (untfile) { - if (!load_certs(untfile, &untrusted, FORMAT_PEM, NULL, e, - "untrusted certificates")) - goto end; - } - - if (trustfile) { - if (!load_certs(trustfile, &trusted, FORMAT_PEM, NULL, e, - "trusted certificates")) - goto end; - } - - if (crlfile) { - if (!load_crls(crlfile, &crls, FORMAT_PEM, NULL, e, "other CRLs")) - goto end; - } - if (crl_download) store_setup_crl_download(store); |