Align CRL and CSR version printing with certs

Only print specified 0-based versions and print them with the 1-based
human interpretation. Use a colon and error check the BIO_printf()
calls. (There's a lot more to clean up in here, but that's for another
day).

Notably, X509_CRL_print_ex() is missing... I guess that's better than
having one with signature and semantics differing from X509_print_ex()
und X509_REQ_print_ex().

ok beck

diff --git a/lib/libcrypto/asn1/t_crl.c b/lib/libcrypto/asn1/t_crl.c
index 39e0450..6449e7f 100644 (file)
--- a/lib/libcrypto/asn1/t_crl.c
+++ b/lib/libcrypto/asn1/t_crl.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: t_crl.c,v 1.25 2024/05/02 15:33:59 tb Exp $ */
+/* $OpenBSD: t_crl.c,v 1.26 2024/05/03 02:52:00 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
@@ -96,9 +96,15 @@ X509_CRL_print(BIO *out, X509_CRL *x)
 
        BIO_printf(out, "Certificate Revocation List (CRL):\n");
        l = X509_CRL_get_version(x);
-       if (l < 0 || l == LONG_MAX)
-               goto err;
-       BIO_printf(out, "%8sVersion %lu (0x%lx)\n", "", l + 1, l);
+       if (l >= 0 && l <= 1) {
+               if (BIO_printf(out, "%8sVersion: %lu (0x%lx)\n",
+                   "", l + 1, l) <= 0)
+                       goto err;
+       } else {
+               if (BIO_printf(out, "%8sVersion: unknown (%ld)\n",
+                   "", l) <= 0)
+                       goto err;
+       }
        if (X509_signature_print(out, x->sig_alg, NULL) == 0)
                goto err;
        p = X509_NAME_oneline(X509_CRL_get_issuer(x), NULL, 0);

diff --git a/lib/libcrypto/asn1/t_req.c b/lib/libcrypto/asn1/t_req.c
index ac01170..1d4be98 100644 (file)
--- a/lib/libcrypto/asn1/t_req.c
+++ b/lib/libcrypto/asn1/t_req.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: t_req.c,v 1.27 2024/04/09 13:55:02 beck Exp $ */
+/* $OpenBSD: t_req.c,v 1.28 2024/05/03 02:52:00 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -99,7 +99,6 @@ X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags,
 {
        unsigned long l;
        int i;
-       const char *neg;
        X509_REQ_INFO *ri;
        EVP_PKEY *pkey;
        STACK_OF(X509_ATTRIBUTE) *sk;
@@ -124,15 +123,14 @@ X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags,
                        goto err;
        }
        if (!(cflag & X509_FLAG_NO_VERSION)) {
-               neg = (ri->version->type == V_ASN1_NEG_INTEGER) ? "-" : "";
-               l = 0;
-               for (i = 0; i < ri->version->length; i++) {
-                       l <<= 8;
-                       l += ri->version->data[i];
+               if ((l = X509_REQ_get_version(x)) == 0) {
+                       if (BIO_printf(bp, "%8sVersion: 1 (0x0)\n", "") <= 0)
+                               goto err;
+               } else {
+                       if (BIO_printf(bp, "%8sVersion: unknown (%ld)\n",
+                           "", l) <= 0)
+                               goto err;
                }
-               if (BIO_printf(bp, "%8sVersion: %s%lu (%s0x%lx)\n", "", neg,
-                   l, neg, l) <= 0)
-                       goto err;
        }
        if (!(cflag & X509_FLAG_NO_SUBJECT)) {
                if (BIO_printf(bp, "        Subject:%c", mlch) <= 0)