- Merged trunk into 1.1 branch
diff --git a/programs/aes/CMakeLists.txt b/programs/aes/CMakeLists.txt
index 0695a34..9bac94a 100644
--- a/programs/aes/CMakeLists.txt
+++ b/programs/aes/CMakeLists.txt
@@ -4,6 +4,6 @@
add_executable(crypt_and_hash crypt_and_hash.c)
target_link_libraries(crypt_and_hash polarssl)
-INSTALL(TARGETS aescrypt2 crypt_and_hash
+install(TARGETS aescrypt2 crypt_and_hash
DESTINATION "bin"
PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
diff --git a/programs/hash/CMakeLists.txt b/programs/hash/CMakeLists.txt
index 367dae1..870b8a0 100644
--- a/programs/hash/CMakeLists.txt
+++ b/programs/hash/CMakeLists.txt
@@ -13,6 +13,6 @@
add_executable(sha2sum sha2sum.c)
target_link_libraries(sha2sum polarssl)
-INSTALL(TARGETS hello md5sum sha1sum sha2sum generic_sum
+install(TARGETS hello md5sum sha1sum sha2sum generic_sum
DESTINATION "bin"
PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
diff --git a/programs/pkey/CMakeLists.txt b/programs/pkey/CMakeLists.txt
index 124b197..c97f520 100644
--- a/programs/pkey/CMakeLists.txt
+++ b/programs/pkey/CMakeLists.txt
@@ -34,6 +34,6 @@
add_executable(rsa_decrypt rsa_decrypt.c)
target_link_libraries(rsa_decrypt polarssl)
-INSTALL(TARGETS dh_client dh_genprime dh_server key_app mpi_demo rsa_genkey rsa_sign rsa_verify rsa_encrypt rsa_decrypt
+install(TARGETS dh_client dh_genprime dh_server key_app mpi_demo rsa_genkey rsa_sign rsa_verify rsa_encrypt rsa_decrypt
DESTINATION "bin"
PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
diff --git a/programs/random/CMakeLists.txt b/programs/random/CMakeLists.txt
index c60ed42..ae02bd1 100644
--- a/programs/random/CMakeLists.txt
+++ b/programs/random/CMakeLists.txt
@@ -7,6 +7,6 @@
add_executable(gen_entropy gen_entropy.c)
target_link_libraries(gen_entropy polarssl)
-INSTALL(TARGETS gen_random_havege gen_random_ctr_drbg gen_entropy
+install(TARGETS gen_random_havege gen_random_ctr_drbg gen_entropy
DESTINATION "bin"
PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
diff --git a/programs/ssl/CMakeLists.txt b/programs/ssl/CMakeLists.txt
index 95daa11..4dcf01c 100644
--- a/programs/ssl/CMakeLists.txt
+++ b/programs/ssl/CMakeLists.txt
@@ -21,6 +21,6 @@
add_executable(ssl_mail_client ssl_mail_client.c)
target_link_libraries(ssl_mail_client ${libs})
-INSTALL(TARGETS ssl_client1 ssl_client2 ssl_server ssl_fork_server ssl_mail_client
+install(TARGETS ssl_client1 ssl_client2 ssl_server ssl_fork_server ssl_mail_client
DESTINATION "bin"
PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index 39d69ac..f5bbe85 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -241,12 +241,12 @@
#if defined(POLARSSL_FS_IO)
if( strlen( opt.ca_file ) )
- ret = x509parse_crtfile( &cacert, opt.ca_file, X509_NON_PERMISSIVE );
+ ret = x509parse_crtfile( &cacert, opt.ca_file );
else
#endif
#if defined(POLARSSL_CERTS_C)
ret = x509parse_crt( &cacert, (unsigned char *) test_ca_crt,
- strlen( test_ca_crt ), X509_NON_PERMISSIVE );
+ strlen( test_ca_crt ) );
#else
{
ret = 1;
@@ -271,12 +271,12 @@
#if defined(POLARSSL_FS_IO)
if( strlen( opt.crt_file ) )
- ret = x509parse_crtfile( &clicert, opt.crt_file, X509_NON_PERMISSIVE );
+ ret = x509parse_crtfile( &clicert, opt.crt_file );
else
#endif
#if defined(POLARSSL_CERTS_C)
ret = x509parse_crt( &clicert, (unsigned char *) test_cli_crt,
- strlen( test_cli_crt ), X509_NON_PERMISSIVE );
+ strlen( test_cli_crt ) );
#else
{
ret = 1;
diff --git a/programs/ssl/ssl_fork_server.c b/programs/ssl/ssl_fork_server.c
index d24ae00..881a68e 100644
--- a/programs/ssl/ssl_fork_server.c
+++ b/programs/ssl/ssl_fork_server.c
@@ -250,7 +250,7 @@
* server and CA certificates, as well as x509parse_keyfile().
*/
ret = x509parse_crt( &srvcert, (unsigned char *) test_srv_crt,
- strlen( test_srv_crt ), X509_NON_PERMISSIVE );
+ strlen( test_srv_crt ) );
if( ret != 0 )
{
printf( " failed\n ! x509parse_crt returned %d\n\n", ret );
@@ -258,7 +258,7 @@
}
ret = x509parse_crt( &srvcert, (unsigned char *) test_ca_crt,
- strlen( test_ca_crt ), X509_NON_PERMISSIVE );
+ strlen( test_ca_crt ) );
if( ret != 0 )
{
printf( " failed\n ! x509parse_crt returned %d\n\n", ret );
diff --git a/programs/ssl/ssl_mail_client.c b/programs/ssl/ssl_mail_client.c
index eb223b0..2f442c9 100644
--- a/programs/ssl/ssl_mail_client.c
+++ b/programs/ssl/ssl_mail_client.c
@@ -493,12 +493,12 @@
#if defined(POLARSSL_FS_IO)
if( strlen( opt.ca_file ) )
- ret = x509parse_crtfile( &cacert, opt.ca_file, X509_NON_PERMISSIVE );
+ ret = x509parse_crtfile( &cacert, opt.ca_file );
else
#endif
#if defined(POLARSSL_CERTS_C)
ret = x509parse_crt( &cacert, (unsigned char *) test_ca_crt,
- strlen( test_ca_crt ), X509_NON_PERMISSIVE );
+ strlen( test_ca_crt ) );
#else
{
ret = 1;
@@ -523,15 +523,15 @@
#if defined(POLARSSL_FS_IO)
if( strlen( opt.crt_file ) )
- ret = x509parse_crtfile( &clicert, opt.crt_file, X509_NON_PERMISSIVE );
+ ret = x509parse_crtfile( &clicert, opt.crt_file );
else
#endif
#if defined(POLARSSL_CERTS_C)
ret = x509parse_crt( &clicert, (unsigned char *) test_cli_crt,
- strlen( test_cli_crt ), X509_NON_PERMISSIVE );
+ strlen( test_cli_crt ) );
#else
{
- ret = 1;
+ ret = -1;
printf("POLARSSL_CERTS_C not defined.");
}
#endif
@@ -551,7 +551,7 @@
strlen( test_cli_key ), NULL, 0 );
#else
{
- ret = 1;
+ ret = -1;
printf("POLARSSL_CERTS_C not defined.");
}
#endif
diff --git a/programs/ssl/ssl_server.c b/programs/ssl/ssl_server.c
index f43e8b4..5ee2f63 100644
--- a/programs/ssl/ssl_server.c
+++ b/programs/ssl/ssl_server.c
@@ -220,7 +220,7 @@
* server and CA certificates, as well as x509parse_keyfile().
*/
ret = x509parse_crt( &srvcert, (unsigned char *) test_srv_crt,
- strlen( test_srv_crt ), X509_NON_PERMISSIVE );
+ strlen( test_srv_crt ) );
if( ret != 0 )
{
printf( " failed\n ! x509parse_crt returned %d\n\n", ret );
@@ -228,7 +228,7 @@
}
ret = x509parse_crt( &srvcert, (unsigned char *) test_ca_crt,
- strlen( test_ca_crt ), X509_NON_PERMISSIVE );
+ strlen( test_ca_crt ) );
if( ret != 0 )
{
printf( " failed\n ! x509parse_crt returned %d\n\n", ret );
diff --git a/programs/test/CMakeLists.txt b/programs/test/CMakeLists.txt
index 87f08c7..5ad4364 100644
--- a/programs/test/CMakeLists.txt
+++ b/programs/test/CMakeLists.txt
@@ -18,6 +18,6 @@
add_executable(ssl_cert_test ssl_cert_test.c)
target_link_libraries(ssl_cert_test ${libs})
-INSTALL(TARGETS selftest benchmark ssl_test ssl_cert_test
+install(TARGETS selftest benchmark ssl_test ssl_cert_test
DESTINATION "bin"
PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
diff --git a/programs/test/ssl_cert_test.c b/programs/test/ssl_cert_test.c
index 2e4e6c5..57ea32c 100644
--- a/programs/test/ssl_cert_test.c
+++ b/programs/test/ssl_cert_test.c
@@ -100,7 +100,7 @@
* Alternatively, you may load the CA certificates from a .pem or
* .crt file by calling x509parse_crtfile( &cacert, "myca.crt" ).
*/
- ret = x509parse_crtfile( &cacert, "ssl/test-ca/test-ca.crt", X509_NON_PERMISSIVE );
+ ret = x509parse_crtfile( &cacert, "ssl/test-ca/test-ca.crt" );
if( ret != 0 )
{
printf( " failed\n ! x509parse_crtfile returned %d\n\n", ret );
@@ -148,7 +148,7 @@
printf( " . Loading the client certificate %s...", name );
fflush( stdout );
- ret = x509parse_crtfile( &clicert, name, X509_NON_PERMISSIVE );
+ ret = x509parse_crtfile( &clicert, name );
if( ret != 0 )
{
printf( " failed\n ! x509parse_crt returned %d\n\n", ret );
diff --git a/programs/test/ssl_test.c b/programs/test/ssl_test.c
index 3337540..59fab01 100644
--- a/programs/test/ssl_test.c
+++ b/programs/test/ssl_test.c
@@ -214,7 +214,7 @@
goto exit;
#else
ret = x509parse_crt( &srvcert, (unsigned char *) test_srv_crt,
- strlen( test_srv_crt ), X509_NON_PERMISSIVE );
+ strlen( test_srv_crt ) );
if( ret != 0 )
{
printf( " ! x509parse_crt returned %d\n\n", ret );
@@ -222,7 +222,7 @@
}
ret = x509parse_crt( &srvcert, (unsigned char *) test_ca_crt,
- strlen( test_ca_crt ), X509_NON_PERMISSIVE );
+ strlen( test_ca_crt ) );
if( ret != 0 )
{
printf( " ! x509parse_crt returned %d\n\n", ret );
diff --git a/programs/x509/CMakeLists.txt b/programs/x509/CMakeLists.txt
index 15b634a..554d9a0 100644
--- a/programs/x509/CMakeLists.txt
+++ b/programs/x509/CMakeLists.txt
@@ -12,6 +12,6 @@
add_executable(crl_app crl_app.c)
target_link_libraries(crl_app ${libs})
-INSTALL(TARGETS cert_app crl_app
+install(TARGETS cert_app crl_app
DESTINATION "bin"
PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
diff --git a/programs/x509/cert_app.c b/programs/x509/cert_app.c
index a041a47..08d1b9a 100644
--- a/programs/x509/cert_app.c
+++ b/programs/x509/cert_app.c
@@ -200,17 +200,25 @@
printf( "\n . Loading the certificate(s) ..." );
fflush( stdout );
- ret = x509parse_crtfile( &crt, opt.filename, opt.permissive );
+ ret = x509parse_crtfile( &crt, opt.filename );
- if( ret != 0 )
+ if( ret < 0 )
{
printf( " failed\n ! x509parse_crt returned %d\n\n", ret );
x509_free( &crt );
goto exit;
}
+ if( opt.permissive == 0 && ret > 0 )
+ {
+ printf( " failed\n ! x509parse_crt failed to parse %d certificates\n\n", ret );
+ x509_free( &crt );
+ goto exit;
+ }
+
printf( " ok\n" );
+
/*
* 1.2 Print the certificate(s)
*/