- Merged trunk into 1.1 branch

programs/aes/CMakeLists.txt

@@ -4,6 +4,6 @@ target_link_libraries(aescrypt2 polarssl)
 add_executable(crypt_and_hash crypt_and_hash.c)
 target_link_libraries(crypt_and_hash polarssl)
 
-INSTALL(TARGETS aescrypt2 crypt_and_hash
+install(TARGETS aescrypt2 crypt_and_hash
         DESTINATION "bin"
         PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)

programs/hash/CMakeLists.txt

@@ -13,6 +13,6 @@ target_link_libraries(sha1sum polarssl)
 add_executable(sha2sum sha2sum.c)
 target_link_libraries(sha2sum polarssl)
 
-INSTALL(TARGETS hello md5sum sha1sum sha2sum generic_sum
+install(TARGETS hello md5sum sha1sum sha2sum generic_sum
         DESTINATION "bin"
         PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)

programs/pkey/CMakeLists.txt

@@ -34,6 +34,6 @@ target_link_libraries(rsa_encrypt polarssl)
 add_executable(rsa_decrypt rsa_decrypt.c)
 target_link_libraries(rsa_decrypt polarssl)
 
-INSTALL(TARGETS dh_client dh_genprime dh_server key_app mpi_demo rsa_genkey rsa_sign rsa_verify rsa_encrypt rsa_decrypt
+install(TARGETS dh_client dh_genprime dh_server key_app mpi_demo rsa_genkey rsa_sign rsa_verify rsa_encrypt rsa_decrypt
         DESTINATION "bin"
         PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)

programs/random/CMakeLists.txt

@@ -7,6 +7,6 @@ target_link_libraries(gen_random_ctr_drbg polarssl)
 add_executable(gen_entropy gen_entropy.c)
 target_link_libraries(gen_entropy polarssl)
 
-INSTALL(TARGETS gen_random_havege gen_random_ctr_drbg gen_entropy
+install(TARGETS gen_random_havege gen_random_ctr_drbg gen_entropy
         DESTINATION "bin"
         PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)

programs/ssl/CMakeLists.txt

@@ -21,6 +21,6 @@ target_link_libraries(ssl_fork_server ${libs})
 add_executable(ssl_mail_client ssl_mail_client.c)
 target_link_libraries(ssl_mail_client ${libs})
 
-INSTALL(TARGETS ssl_client1 ssl_client2 ssl_server ssl_fork_server ssl_mail_client
+install(TARGETS ssl_client1 ssl_client2 ssl_server ssl_fork_server ssl_mail_client
         DESTINATION "bin"
         PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)

programs/ssl/ssl_client2.c

@@ -241,12 +241,12 @@ int main( int argc, char *argv[] )
 
 #if defined(POLARSSL_FS_IO)
     if( strlen( opt.ca_file ) )
-        ret = x509parse_crtfile( &cacert, opt.ca_file, X509_NON_PERMISSIVE );
+        ret = x509parse_crtfile( &cacert, opt.ca_file );
     else 
 #endif
 #if defined(POLARSSL_CERTS_C)
         ret = x509parse_crt( &cacert, (unsigned char *) test_ca_crt,
-                strlen( test_ca_crt ), X509_NON_PERMISSIVE );
+                strlen( test_ca_crt ) );
 #else
     {
         ret = 1;
@@ -271,12 +271,12 @@ int main( int argc, char *argv[] )
 
 #if defined(POLARSSL_FS_IO)
     if( strlen( opt.crt_file ) )
-        ret = x509parse_crtfile( &clicert, opt.crt_file, X509_NON_PERMISSIVE );
+        ret = x509parse_crtfile( &clicert, opt.crt_file );
     else 
 #endif
 #if defined(POLARSSL_CERTS_C)
         ret = x509parse_crt( &clicert, (unsigned char *) test_cli_crt,
-                strlen( test_cli_crt ), X509_NON_PERMISSIVE );
+                strlen( test_cli_crt ) );
 #else
     {
         ret = 1;

programs/ssl/ssl_fork_server.c

@@ -250,7 +250,7 @@ int main( int argc, char *argv[] )
      * server and CA certificates, as well as x509parse_keyfile().
      */
     ret = x509parse_crt( &srvcert, (unsigned char *) test_srv_crt,
-                         strlen( test_srv_crt ), X509_NON_PERMISSIVE );
+                         strlen( test_srv_crt ) );
     if( ret != 0 )
     {
         printf( " failed\n  !  x509parse_crt returned %d\n\n", ret );
@@ -258,7 +258,7 @@ int main( int argc, char *argv[] )
     }
 
     ret = x509parse_crt( &srvcert, (unsigned char *) test_ca_crt,
-                         strlen( test_ca_crt ), X509_NON_PERMISSIVE );
+                         strlen( test_ca_crt ) );
     if( ret != 0 )
     {
         printf( " failed\n  !  x509parse_crt returned %d\n\n", ret );

programs/ssl/ssl_mail_client.c

@@ -493,12 +493,12 @@ int main( int argc, char *argv[] )
 
 #if defined(POLARSSL_FS_IO)
     if( strlen( opt.ca_file ) )
-        ret = x509parse_crtfile( &cacert, opt.ca_file, X509_NON_PERMISSIVE );
+        ret = x509parse_crtfile( &cacert, opt.ca_file );
     else
 #endif
 #if defined(POLARSSL_CERTS_C)
         ret = x509parse_crt( &cacert, (unsigned char *) test_ca_crt,
-                strlen( test_ca_crt ), X509_NON_PERMISSIVE );
+                strlen( test_ca_crt ) );
 #else
     {
         ret = 1;
@@ -523,15 +523,15 @@ int main( int argc, char *argv[] )
 
 #if defined(POLARSSL_FS_IO)
     if( strlen( opt.crt_file ) )
-        ret = x509parse_crtfile( &clicert, opt.crt_file, X509_NON_PERMISSIVE );
+        ret = x509parse_crtfile( &clicert, opt.crt_file );
     else 
 #endif
 #if defined(POLARSSL_CERTS_C)
         ret = x509parse_crt( &clicert, (unsigned char *) test_cli_crt,
-                strlen( test_cli_crt ), X509_NON_PERMISSIVE );
+                strlen( test_cli_crt ) );
 #else
     {
-        ret = 1;
+        ret = -1;
         printf("POLARSSL_CERTS_C not defined.");
     }
 #endif
@@ -551,7 +551,7 @@ int main( int argc, char *argv[] )
                 strlen( test_cli_key ), NULL, 0 );
 #else
     {
-        ret = 1;
+        ret = -1;
         printf("POLARSSL_CERTS_C not defined.");
     }
 #endif

programs/ssl/ssl_server.c

@@ -220,7 +220,7 @@ int main( int argc, char *argv[] )
      * server and CA certificates, as well as x509parse_keyfile().
      */
     ret = x509parse_crt( &srvcert, (unsigned char *) test_srv_crt,
-                         strlen( test_srv_crt ), X509_NON_PERMISSIVE );
+                         strlen( test_srv_crt ) );
     if( ret != 0 )
     {
         printf( " failed\n  !  x509parse_crt returned %d\n\n", ret );
@@ -228,7 +228,7 @@ int main( int argc, char *argv[] )
     }
 
     ret = x509parse_crt( &srvcert, (unsigned char *) test_ca_crt,
-                         strlen( test_ca_crt ), X509_NON_PERMISSIVE );
+                         strlen( test_ca_crt ) );
     if( ret != 0 )
     {
         printf( " failed\n  !  x509parse_crt returned %d\n\n", ret );

programs/test/CMakeLists.txt

@@ -18,6 +18,6 @@ target_link_libraries(ssl_test ${libs})
 add_executable(ssl_cert_test ssl_cert_test.c)
 target_link_libraries(ssl_cert_test ${libs})
 
-INSTALL(TARGETS selftest benchmark ssl_test ssl_cert_test
+install(TARGETS selftest benchmark ssl_test ssl_cert_test
         DESTINATION "bin"
         PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)

programs/test/ssl_cert_test.c

@@ -100,7 +100,7 @@ int main( int argc, char *argv[] )
      * Alternatively, you may load the CA certificates from a .pem or
      * .crt file by calling x509parse_crtfile( &cacert, "myca.crt" ).
      */
-    ret = x509parse_crtfile( &cacert, "ssl/test-ca/test-ca.crt", X509_NON_PERMISSIVE );
+    ret = x509parse_crtfile( &cacert, "ssl/test-ca/test-ca.crt" );
     if( ret != 0 )
     {
         printf( " failed\n  !  x509parse_crtfile returned %d\n\n", ret );
@@ -148,7 +148,7 @@ int main( int argc, char *argv[] )
         printf( "  . Loading the client certificate %s...", name );
         fflush( stdout );
 
-        ret = x509parse_crtfile( &clicert, name, X509_NON_PERMISSIVE );
+        ret = x509parse_crtfile( &clicert, name );
         if( ret != 0 )
         {
             printf( " failed\n  !  x509parse_crt returned %d\n\n", ret );

programs/test/ssl_test.c

@@ -214,7 +214,7 @@ static int ssl_test( struct options *opt )
         goto exit;
 #else
         ret =  x509parse_crt( &srvcert, (unsigned char *) test_srv_crt,
-                              strlen( test_srv_crt ), X509_NON_PERMISSIVE );
+                              strlen( test_srv_crt ) );
         if( ret != 0 )
         {
             printf( "  !  x509parse_crt returned %d\n\n", ret );
@@ -222,7 +222,7 @@ static int ssl_test( struct options *opt )
         }
 
         ret =  x509parse_crt( &srvcert, (unsigned char *) test_ca_crt,
-                              strlen( test_ca_crt ), X509_NON_PERMISSIVE );
+                              strlen( test_ca_crt ) );
         if( ret != 0 )
         {
             printf( "  !  x509parse_crt returned %d\n\n", ret );

programs/x509/CMakeLists.txt

@@ -12,6 +12,6 @@ target_link_libraries(cert_app ${libs})
 add_executable(crl_app crl_app.c)
 target_link_libraries(crl_app ${libs})
 
-INSTALL(TARGETS cert_app crl_app
+install(TARGETS cert_app crl_app
         DESTINATION "bin"
         PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)

programs/x509/cert_app.c

@@ -200,17 +200,25 @@ int main( int argc, char *argv[] )
         printf( "\n  . Loading the certificate(s) ..." );
         fflush( stdout );
 
-        ret = x509parse_crtfile( &crt, opt.filename, opt.permissive );
+        ret = x509parse_crtfile( &crt, opt.filename );
 
-        if( ret != 0 )
+        if( ret < 0 )
         {
             printf( " failed\n  !  x509parse_crt returned %d\n\n", ret );
             x509_free( &crt );
             goto exit;
         }
 
+        if( opt.permissive == 0 && ret > 0 )
+        {
+            printf( " failed\n  !  x509parse_crt failed to parse %d certificates\n\n", ret );
+            x509_free( &crt );
+            goto exit;
+        }
+
         printf( " ok\n" );
 
+    
         /*
          * 1.2 Print the certificate(s)
          */