Commit 371b259013 for openssl.org
commit 371b259013dc75f20ec1cd7f57bbf90f241d03d0
Author: Dr. David von Oheimb <dev@ddvo.net>
Date: Fri May 30 09:36:03 2025 +0200
apps/cmp.c: make error/warning/info/debug log output text lines consistently start upper-case
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
MergeDate: Tue Feb 3 08:42:59 2026
(Merged from https://github.com/openssl/openssl/pull/28478)
diff --git a/apps/cmp.c b/apps/cmp.c
index fcb7e33c5a..427ff0e519 100644
--- a/apps/cmp.c
+++ b/apps/cmp.c
@@ -894,7 +894,7 @@ static int write_PKIMESSAGE(const OSSL_CMP_MSG *msg, char **filenames)
file = *filenames;
*filenames = next_item(file);
if (OSSL_CMP_MSG_write(file, msg) < 0) {
- CMP_err1("cannot write PKIMessage to file '%s'", file);
+ CMP_err1("Cannot write PKIMessage to file '%s'", file);
return 0;
}
return 1;
@@ -911,7 +911,7 @@ static OSSL_CMP_MSG *read_PKIMESSAGE(const char *desc, char **filenames)
return NULL;
}
if (*filenames == NULL) {
- CMP_err("too few file names provided for reading PKIMessage");
+ CMP_err("Too few file names provided for reading PKIMessage");
return NULL;
}
@@ -920,7 +920,7 @@ static OSSL_CMP_MSG *read_PKIMESSAGE(const char *desc, char **filenames)
ret = OSSL_CMP_MSG_read(file, app_get0_libctx(), app_get0_propq());
if (ret == NULL)
- CMP_err1("cannot read PKIMessage from file '%s'", file);
+ CMP_err1("Cannot read PKIMessage from file '%s'", file);
else
CMP_info2("%s %s", desc, file);
return ret;
@@ -942,7 +942,7 @@ static OSSL_CMP_MSG *read_write_req_resp(OSSL_CMP_CTX *ctx,
if (opt_reqout_only != NULL) {
if (OSSL_CMP_MSG_write(opt_reqout_only, req) < 0)
- CMP_err1("cannot write request PKIMessage to file '%s'",
+ CMP_err1("Cannot write request PKIMessage to file '%s'",
opt_reqout_only);
else
reqout_only_done = 1;
@@ -983,7 +983,7 @@ static OSSL_CMP_MSG *read_write_req_resp(OSSL_CMP_CTX *ctx,
} else {
#if !defined(OPENSSL_NO_SOCK) && !defined(OPENSSL_NO_HTTP)
if (opt_server == NULL) {
- CMP_err("missing -server or -use_mock_srv option, or too few -rspin filename arguments");
+ CMP_err("Missing -server or -use_mock_srv option, or too few -rspin filename arguments");
goto err;
}
if (rspin_in_use)
@@ -1035,7 +1035,7 @@ static int set_name(const char *str,
return 0;
if (!(*set_fn)(ctx, n)) {
X509_NAME_free(n);
- CMP_err("out of memory");
+ CMP_err("Out of memory");
return 0;
}
X509_NAME_free(n);
@@ -1069,12 +1069,12 @@ static int set_gennames(OSSL_CMP_CTX *ctx, char *names, const char *desc)
(void)ERR_pop_to_mark();
if (n == NULL) {
- CMP_err2("bad syntax of %s '%s'", desc, names);
+ CMP_err2("Bad syntax of %s '%s'", desc, names);
return 0;
}
if (!OSSL_CMP_CTX_push1_subjectAltName(ctx, n)) {
GENERAL_NAME_free(n);
- CMP_err("out of memory");
+ CMP_err("Out of memory");
return 0;
}
GENERAL_NAME_free(n);
@@ -1165,11 +1165,11 @@ static int transform_opts(void)
} else if (!strcmp(opt_cmd_s, "genm")) {
opt_cmd = CMP_GENM;
} else {
- CMP_err1("unknown cmp command '%s'", opt_cmd_s);
+ CMP_err1("Unknown cmp command '%s'", opt_cmd_s);
return 0;
}
} else {
- CMP_err("no cmp command to execute");
+ CMP_err("No cmp command to execute");
return 0;
}
@@ -1177,7 +1177,7 @@ static int transform_opts(void)
if (opt_keyform_s != NULL
&& !opt_format(opt_keyform_s, FORMAT_OPTIONS, &opt_keyform)) {
- CMP_err("unknown option given for key loading format");
+ CMP_err("Unknown option given for key loading format");
return 0;
}
@@ -1185,12 +1185,12 @@ static int transform_opts(void)
if (opt_certform_s != NULL
&& !opt_format(opt_certform_s, OPT_FMT_PEMDER, &opt_certform)) {
- CMP_err("unknown option given for certificate storing format");
+ CMP_err("Unknown option given for certificate storing format");
return 0;
}
if (opt_crlform_s != NULL
&& !opt_format(opt_crlform_s, OPT_FMT_PEMDER, &opt_crlform)) {
- CMP_err("unknown option given for CRL storing format");
+ CMP_err("Unknown option given for CRL storing format");
return 0;
}
@@ -1210,7 +1210,7 @@ static OSSL_CMP_SRV_CTX *setup_srv_ctx(void)
if (opt_srv_ref == NULL) {
if (opt_srv_cert == NULL) {
/* opt_srv_cert should determine the sender */
- CMP_err("must give -srv_ref for mock server if no -srv_cert given");
+ CMP_err("Must give -srv_ref for mock server if no -srv_cert given");
goto err;
}
} else {
@@ -1232,7 +1232,7 @@ static OSSL_CMP_SRV_CTX *setup_srv_ctx(void)
goto err;
}
} else if (opt_srv_cert == NULL) {
- CMP_err("server credentials (-srv_secret or -srv_cert) must be given if -use_mock_srv or -port is used");
+ CMP_err("Server credentials (-srv_secret or -srv_cert) must be given if -use_mock_srv or -port is used");
goto err;
} else {
CMP_warn("server will not be able to handle PBM-protected requests since -srv_secret is not given");
@@ -1240,7 +1240,7 @@ static OSSL_CMP_SRV_CTX *setup_srv_ctx(void)
if (opt_srv_secret == NULL
&& ((opt_srv_cert == NULL) != (opt_srv_key == NULL))) {
- CMP_err("must give both -srv_cert and -srv_key options or neither");
+ CMP_err("Must give both -srv_cert and -srv_key options or neither");
goto err;
}
if (!setup_cert(ctx, opt_srv_cert, opt_srv_keypass,
@@ -1483,7 +1483,7 @@ static SSL_CTX *setup_ssl_ctx(OSSL_CMP_CTX *ctx, const char *host)
* the chain to be provided with the TLS client cert to the TLS server.
*/
if (!ok || !SSL_CTX_set0_chain(ssl_ctx, certs)) {
- CMP_err1("unable to use client TLS certificate file '%s'",
+ CMP_err1("Unable to use client TLS certificate file '%s'",
opt_tls_cert);
OSSL_STACK_OF_X509_free(certs);
goto err;
@@ -1491,7 +1491,7 @@ static SSL_CTX *setup_ssl_ctx(OSSL_CMP_CTX *ctx, const char *host)
for (i = 0; i < sk_X509_num(untrusted); i++) {
cert = sk_X509_value(untrusted, i);
if (!SSL_CTX_add1_chain_cert(ssl_ctx, cert)) {
- CMP_err("could not add untrusted cert to TLS client cert chain");
+ CMP_err("Could not add untrusted cert to TLS client cert chain");
goto err;
}
}
@@ -1510,10 +1510,10 @@ static SSL_CTX *setup_ssl_ctx(OSSL_CMP_CTX *ctx, const char *host)
| X509_V_FLAG_PARTIAL_CHAIN
| X509_V_FLAG_POLICY_CHECK));
}
- CMP_debug("trying to build cert chain for own TLS cert");
+ CMP_debug("Trying to build cert chain for own TLS cert");
if (SSL_CTX_build_cert_chain(ssl_ctx,
SSL_BUILD_CHAIN_FLAG_UNTRUSTED | SSL_BUILD_CHAIN_FLAG_NO_ROOT)) {
- CMP_debug("success building cert chain for own TLS cert");
+ CMP_debug("Success building cert chain for own TLS cert");
} else {
OSSL_CMP_CTX_print_errors(ctx);
CMP_warn("could not build cert chain for own TLS cert");
@@ -1565,7 +1565,7 @@ static SSL_CTX *setup_ssl_ctx(OSSL_CMP_CTX *ctx, const char *host)
goto err;
}
if (SSL_CTX_use_PrivateKey(ssl_ctx, pkey) <= 0) {
- CMP_err1("unable to use TLS client private key '%s'", opt_tls_key);
+ CMP_err1("Unable to use TLS client private key '%s'", opt_tls_key);
EVP_PKEY_free(pkey);
pkey = NULL; /* otherwise, for some reason double free! */
goto err;
@@ -1599,7 +1599,7 @@ err:
static int setup_protection_ctx(OSSL_CMP_CTX *ctx)
{
if (!opt_unprotected_requests && opt_secret == NULL && opt_key == NULL) {
- CMP_err("must give -key or -secret unless -unprotected_requests is used");
+ CMP_err("Must give -key or -secret unless -unprotected_requests is used");
return 0;
}
@@ -1609,7 +1609,7 @@ static int setup_protection_ctx(OSSL_CMP_CTX *ctx)
return 0;
}
if (opt_secret == NULL && ((opt_cert == NULL) != (opt_key == NULL))) {
- CMP_err("must give both -cert and -key options or neither");
+ CMP_err("Must give both -cert and -key options or neither");
return 0;
}
if (opt_secret != NULL) {
@@ -1660,7 +1660,7 @@ static int setup_protection_ctx(OSSL_CMP_CTX *ctx)
ok = OSSL_CMP_CTX_set1_cert(ctx, cert);
X509_free(cert);
if (!ok) {
- CMP_err("out of memory");
+ CMP_err("Out of memory");
} else {
if (opt_own_trusted != NULL) {
own_trusted = load_trusted(opt_own_trusted, 0,
@@ -1689,12 +1689,12 @@ static int setup_protection_ctx(OSSL_CMP_CTX *ctx)
int digest = OBJ_ln2nid(opt_digest);
if (digest == NID_undef) {
- CMP_err1("digest algorithm name not recognized: '%s'", opt_digest);
+ CMP_err1("Digest algorithm name not recognized: '%s'", opt_digest);
return 0;
}
if (!OSSL_CMP_CTX_set_option(ctx, OSSL_CMP_OPT_DIGEST_ALGNID, digest)
|| !OSSL_CMP_CTX_set_option(ctx, OSSL_CMP_OPT_OWF_ALGNID, digest)) {
- CMP_err1("digest algorithm name not supported: '%s'", opt_digest);
+ CMP_err1("Digest algorithm name not supported: '%s'", opt_digest);
return 0;
}
}
@@ -1729,21 +1729,18 @@ static int set_fallback_pubkey(OSSL_CMP_CTX *ctx)
*end = bak;
if (req == NULL) {
- CMP_err1("failed to load ir/cr/kur file '%s' attempting to get fallback public key",
- file);
+ CMP_err1("Failed to load ir/cr/kur file '%s' attempting to get fallback public key", file);
return 0;
}
if ((pubkey = OSSL_CMP_MSG_get0_certreq_publickey(req)) == NULL
|| (pkey = X509_PUBKEY_get0(pubkey)) == NULL) {
- CMP_err1("failed to get fallback public key from ir/cr/kur file '%s'",
- file);
+ CMP_err1("Failed to get fallback public key from ir/cr/kur file '%s'", file);
goto err;
}
pkey1 = EVP_PKEY_dup(pkey);
if (pkey == NULL || !OSSL_CMP_CTX_set0_newPkey(ctx, 0 /* priv */, pkey1)) {
EVP_PKEY_free(pkey1);
- CMP_err1("failed to get fallback public key obtained from ir/cr/kur file '%s'",
- file);
+ CMP_err1("Failed to get fallback public key obtained from ir/cr/kur file '%s'", file);
goto err;
}
res = 1;
@@ -1774,7 +1771,7 @@ static int setup_request_ctx(OSSL_CMP_CTX *ctx)
if (opt_cmd == CMP_IR || opt_cmd == CMP_CR || opt_cmd == CMP_KUR) {
if (opt_reqin == NULL && opt_newkey == NULL && !opt_centralkeygen
&& opt_key == NULL && opt_csr == NULL && opt_oldcert == NULL) {
- CMP_err("missing -newkey (or -key) to be certified and no -csr, -oldcert, -cert, or -reqin option given, which could provide fallback public key."
+ CMP_err("Missing -newkey (or -key) to be certified and no -csr, -oldcert, -cert, or -reqin option given, which could provide fallback public key."
" Neither central key generation is requested.");
return 0;
}
@@ -1797,14 +1794,14 @@ static int setup_request_ctx(OSSL_CMP_CTX *ctx)
&& opt_popo != OSSL_CRMF_POPO_NONE
&& opt_popo != OSSL_CRMF_POPO_RAVERIFIED) {
if (opt_csr != NULL) {
- CMP_err1("no -newkey option given with private key for POPO, -csr option provides just public key%s",
+ CMP_err1("No -newkey option given with private key for POPO, -csr option provides just public key%s",
opt_key == NULL ? "" : ", and -key option superseded by -csr");
if (opt_reqin != NULL)
CMP_info("since -reqin is used, may use -popo -1 or -popo 0 to disable the needless generation of a POPO");
return 0;
}
if (opt_key == NULL) {
- CMP_err("missing -newkey (or -key) option for key to be certified and for POPO");
+ CMP_err("Missing -newkey (or -key) option for key to be certified and for POPO");
return 0;
}
}
@@ -1860,21 +1857,21 @@ static int setup_request_ctx(OSSL_CMP_CTX *ctx)
char *ref_cert = opt_oldcert != NULL ? opt_oldcert : opt_cert;
if (ref_cert == NULL && opt_csr == NULL) {
- CMP_err("missing -oldcert for certificate to be updated and no -csr given");
+ CMP_err("Missing -oldcert for certificate to be updated and no -csr given");
return 0;
}
if (opt_subject != NULL)
- CMP_warn2("given -subject '%s' overrides the subject of '%s' for KUR",
+ CMP_warn2("Given -subject '%s' overrides the subject of '%s' for KUR",
opt_subject, ref_cert != NULL ? ref_cert : opt_csr);
}
if (opt_cmd == CMP_RR) {
if (opt_issuer == NULL && opt_serial == NULL) {
if (opt_oldcert == NULL && opt_csr == NULL) {
- CMP_err("missing -oldcert or -issuer and -serial for certificate to be revoked and no -csr given");
+ CMP_err("Missing -oldcert or -issuer and -serial for certificate to be revoked and no -csr given");
return 0;
}
if (opt_oldcert != NULL && opt_csr != NULL)
- CMP_warn("ignoring -csr since certificate to be revoked is given");
+ CMP_warn("Ignoring -csr since certificate to be revoked is given");
} else {
#define OSSL_CMP_RR_MSG "since -issuer and -serial is given for command 'rr'"
if (opt_issuer == NULL || opt_serial == NULL) {
@@ -1890,12 +1887,12 @@ static int setup_request_ctx(OSSL_CMP_CTX *ctx)
ASN1_INTEGER *sno;
if ((sno = s2i_ASN1_INTEGER(NULL, opt_serial)) == NULL) {
- CMP_err1("cannot read serial number: '%s'", opt_serial);
+ CMP_err1("Cannot read serial number: '%s'", opt_serial);
return 0;
}
if (!OSSL_CMP_CTX_set1_serialNumber(ctx, sno)) {
ASN1_INTEGER_free(sno);
- CMP_err("out of memory");
+ CMP_err("Out of memory");
return 0;
}
ASN1_INTEGER_free(sno);
@@ -1908,13 +1905,13 @@ static int setup_request_ctx(OSSL_CMP_CTX *ctx)
CMP_warn("Ignoring -serial for command other than 'rr'");
}
if (opt_cmd == CMP_P10CR && opt_csr == NULL) {
- CMP_err("missing PKCS#10 CSR for p10cr");
+ CMP_err("Missing PKCS#10 CSR for p10cr");
return 0;
}
if (opt_recipient == NULL && opt_srvcert == NULL && opt_issuer == NULL
&& opt_oldcert == NULL && opt_cert == NULL)
- CMP_warn("missing -recipient, -srvcert, -issuer, -oldcert or -cert; recipient for any requests not covered by -reqin will be set to \"NULL-DN\"");
+ CMP_warn("Missing -recipient, -srvcert, -issuer, -oldcert or -cert; recipient for any requests not covered by -reqin will be set to \"NULL-DN\"");
if (opt_cmd == CMP_P10CR || opt_cmd == CMP_RR || opt_cmd == CMP_GENM) {
const char *msg = "option is ignored for 'p10cr', 'rr', and 'genm' commands";
@@ -1962,14 +1959,13 @@ static int setup_request_ctx(OSSL_CMP_CTX *ctx)
}
if (opt_days > 0
- && !OSSL_CMP_CTX_set_option(ctx, OSSL_CMP_OPT_VALIDITY_DAYS,
- opt_days)) {
- CMP_err("could not set requested cert validity period");
+ && !OSSL_CMP_CTX_set_option(ctx, OSSL_CMP_OPT_VALIDITY_DAYS, opt_days)) {
+ CMP_err("Could not set requested cert validity period");
return 0;
}
if (opt_policies != NULL && opt_policy_oids != NULL) {
- CMP_err("cannot have policies both via -policies and via -policy_oids");
+ CMP_err("Cannot have policies both via -policies and via -policy_oids");
return 0;
}
@@ -1991,14 +1987,12 @@ static int setup_request_ctx(OSSL_CMP_CTX *ctx)
X509V3_set_nconf(&ext_ctx, conf);
if (opt_reqexts != NULL
&& !X509V3_EXT_add_nconf_sk(conf, &ext_ctx, opt_reqexts, &exts)) {
- CMP_err1("cannot load certificate request extension section '%s'",
- opt_reqexts);
+ CMP_err1("Cannot load certificate request extension section '%s'", opt_reqexts);
goto exts_err;
}
if (opt_policies != NULL
&& !X509V3_EXT_add_nconf_sk(conf, &ext_ctx, opt_policies, &exts)) {
- CMP_err1("cannot load policy cert request extension section '%s'",
- opt_policies);
+ CMP_err1("Cannot load policy cert request extension section '%s'", opt_policies);
goto exts_err;
}
OSSL_CMP_CTX_set0_reqExtensions(ctx, exts);
@@ -2007,7 +2001,7 @@ static int setup_request_ctx(OSSL_CMP_CTX *ctx)
/* After here, must not goto oom/exts_err */
if (OSSL_CMP_CTX_reqExtensions_have_SAN(ctx) && opt_sans != NULL) {
- CMP_err("cannot have Subject Alternative Names both via -reqexts and via -sans");
+ CMP_err("Cannot have Subject Alternative Names both via -reqexts and via -sans");
return 0;
}
if (!set_gennames(ctx, opt_sans, "Subject Alternative Name"))
@@ -2045,7 +2039,7 @@ static int setup_request_ctx(OSSL_CMP_CTX *ctx)
pinfo->policyid = policy;
if (!OSSL_CMP_CTX_push0_policy(ctx, pinfo)) {
- CMP_err1("cannot add policy with OID '%s'", opt_policy_oids);
+ CMP_err1("Cannot add policy with OID '%s'", opt_policy_oids);
POLICYINFO_free(pinfo);
return 0;
}
@@ -2071,7 +2065,7 @@ static int setup_request_ctx(OSSL_CMP_CTX *ctx)
return 1;
oom:
- CMP_err("out of memory");
+ CMP_err("Out of memory");
exts_err:
sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free);
X509_REQ_free(csr);
@@ -2193,7 +2187,7 @@ static int handle_opt_geninfo(OSSL_CMP_CTX *ctx)
return 1;
oom:
- CMP_err("out of memory");
+ CMP_err("Out of memory");
err:
ASN1_OBJECT_free(obj);
ASN1_TYPE_free(type);
@@ -2225,26 +2219,25 @@ static int setup_client_ctx(OSSL_CMP_CTX *ctx)
if (!opt_use_mock_srv && opt_rspin == NULL) { /* note: -port is not given */
#if !defined(OPENSSL_NO_SOCK) && !defined(OPENSSL_NO_HTTP)
if (opt_server == NULL && opt_reqout_only == NULL) {
- CMP_err("missing -server or -use_mock_srv or -rspin option");
+ CMP_err("Missing -server or -use_mock_srv or -rspin option");
goto err;
}
#else
- CMP_err("missing -use_mock_srv or -rspin option; -server option is not supported due to no-sock build");
+ CMP_err("Missing -use_mock_srv or -rspin option; -server option is not supported due to no-sock build");
goto err;
#endif
}
#if !defined(OPENSSL_NO_SOCK) && !defined(OPENSSL_NO_HTTP)
if (opt_server == NULL) {
if (opt_proxy != NULL)
- CMP_warn("ignoring -proxy option since -server is not given");
+ CMP_warn("Ignoring -proxy option since -server is not given");
if (opt_no_proxy != NULL)
- CMP_warn("ignoring -no_proxy option since -server is not given");
+ CMP_warn("Ignoring -no_proxy option since -server is not given");
goto set_path;
}
if (!OSSL_HTTP_parse_url(opt_server, &use_ssl, NULL /* user */,
- &host, &port, &portnum,
- &path, NULL /* q */, NULL /* frag */)) {
- CMP_err1("cannot parse -server URL: %s", opt_server);
+ &host, &port, &portnum, &path, NULL /* q */, NULL /* frag */)) {
+ CMP_err1("Cannot parse -server URL: %s", opt_server);
goto err;
}
if (use_ssl && !opt_tls_used) {
@@ -2290,7 +2283,7 @@ set_path:
strncat(id_buf, opt_infotype_s, sizeof(id_buf) - strlen(id_buf) - 1);
if ((opt_infotype = OBJ_sn2nid(id_buf)) == NID_undef) {
- CMP_err("unknown OID name in -infotype option");
+ CMP_err("Unknown OID name in -infotype option");
goto err;
}
}
@@ -2315,7 +2308,7 @@ set_path:
CMP_warn1("-keyspec %s", msg);
} else {
if (opt_template == NULL)
- CMP_err("missing -template option for genm with infotype certReqTemplate");
+ CMP_err("Missing -template option for genm with infotype certReqTemplate");
}
if (!setup_verification_ctx(ctx))
@@ -2355,10 +2348,10 @@ set_path:
if (opt_tls_cert != NULL
|| opt_tls_key != NULL || opt_tls_keypass != NULL) {
if (opt_tls_key == NULL) {
- CMP_err("missing -tls_key option");
+ CMP_err("Missing -tls_key option");
goto err;
} else if (opt_tls_cert == NULL) {
- CMP_err("missing -tls_cert option");
+ CMP_err("Missing -tls_cert option");
goto err;
}
}
@@ -2400,7 +2393,7 @@ set_path:
/* not printing earlier, to minimize confusion in case setup fails before */
if (opt_reqout_only == NULL)
- CMP_info3("will contact %s%s%s ", server_buf, proxy_buf,
+ CMP_info3("Will contact %s%s%s ", server_buf, proxy_buf,
opt_rspin == NULL ? "" : " only if -rspin argument does not give enough filenames");
ret = 1;
@@ -2411,7 +2404,7 @@ err:
OPENSSL_free(path);
return ret;
oom:
- CMP_err("out of memory");
+ CMP_err("Out of memory");
goto err;
}
@@ -2464,14 +2457,13 @@ static int save_free_certs(STACK_OF(X509) *certs,
if (file == NULL)
goto end;
if (certs != NULL)
- CMP_info3("received %d %s certificate(s), saving to file '%s'",
- n, desc, file);
+ CMP_info3("Received %d %s certificate(s), saving to file '%s'", n, desc, file);
if (n > 1 && opt_certform != FORMAT_PEM)
- CMP_warn("saving more than one certificate in non-PEM format");
+ CMP_warn("Saving more than one certificate in non-PEM format");
if ((bio = BIO_new(BIO_s_file())) == NULL
|| !BIO_write_filename(bio, (char *)file)) {
- CMP_err3("could not open file '%s' for %s %s certificate(s)",
+ CMP_err3("Could not open file '%s' for %s %s certificate(s)",
file, certs == NULL ? "deleting" : "writing", desc);
n = -1;
goto end;
@@ -2479,7 +2471,7 @@ static int save_free_certs(STACK_OF(X509) *certs,
for (i = 0; i < n; i++) {
if (!write_cert(bio, sk_X509_value(certs, i))) {
- CMP_err2("cannot write %s certificate to file '%s'", desc, file);
+ CMP_err2("Cannot write %s certificate to file '%s'", desc, file);
n = -1;
goto end;
}
@@ -2500,17 +2492,16 @@ static int save_crl(X509_CRL *crl,
if (file == NULL)
return 1;
if (crl != NULL)
- CMP_info2("received %s, saving to file '%s'", desc, file);
+ CMP_info2("Received %s, saving to file '%s'", desc, file);
if ((bio = BIO_new(BIO_s_file())) == NULL
|| !BIO_write_filename(bio, (char *)file)) {
- CMP_err2("could not open file '%s' for writing %s",
- file, desc);
+ CMP_err2("Could not open file '%s' for writing %s", file, desc);
goto end;
}
if (!write_crl(bio, crl)) {
- CMP_err2("cannot write %s to file '%s'", desc, file);
+ CMP_err2("Cannot write %s to file '%s'", desc, file);
goto end;
}
res = 1;
@@ -2565,18 +2556,15 @@ static int save_template(const char *file, const OSSL_CRMF_CERTTEMPLATE *tmpl)
BIO *bio = BIO_new_file(file, "wb");
if (bio == NULL) {
- CMP_err1("error saving certTemplate from genp: cannot open file %s",
- file);
+ CMP_err1("Error saving certTemplate from genp: cannot open file %s", file);
return 0;
}
- if (!ASN1_i2d_bio_of(OSSL_CRMF_CERTTEMPLATE, i2d_OSSL_CRMF_CERTTEMPLATE,
- bio, tmpl)) {
- CMP_err1("error saving certTemplate from genp: cannot write file %s",
- file);
+ if (!ASN1_i2d_bio_of(OSSL_CRMF_CERTTEMPLATE, i2d_OSSL_CRMF_CERTTEMPLATE, bio, tmpl)) {
+ CMP_err1("Error saving certTemplate from genp: cannot write file %s", file);
BIO_free(bio);
return 0;
} else {
- CMP_info1("stored certTemplate from genp to file '%s'", file);
+ CMP_info1("Stored certTemplate from genp to file '%s'", file);
}
BIO_free(bio);
return 1;
@@ -2587,16 +2575,16 @@ static int save_keyspec(const char *file, const OSSL_CMP_ATAVS *keyspec)
BIO *bio = BIO_new_file(file, "wb");
if (bio == NULL) {
- CMP_err1("error saving keySpec from genp: cannot open file %s", file);
+ CMP_err1("Error saving keySpec from genp: cannot open file %s", file);
return 0;
}
if (!ASN1_i2d_bio_of(OSSL_CMP_ATAVS, i2d_OSSL_CMP_ATAVS, bio, keyspec)) {
- CMP_err1("error saving keySpec from genp: cannot write file %s", file);
+ CMP_err1("Error saving keySpec from genp: cannot write file %s", file);
BIO_free(bio);
return 0;
} else {
- CMP_info1("stored keySpec from genp to file '%s'", file);
+ CMP_info1("Stored keySpec from genp to file '%s'", file);
}
BIO_free(bio);
return 1;
@@ -2629,12 +2617,12 @@ static int print_itavs(const STACK_OF(OSSL_CMP_ITAV) *itavs)
char name[80];
if (itav == NULL) {
- CMP_err1("could not get ITAV #%d from genp", i);
+ CMP_err1("Could not get ITAV #%d from genp", i);
ret = 0;
continue;
}
if (i2t_ASN1_OBJECT(name, sizeof(name), type) <= 0) {
- CMP_err1("error parsing type of ITAV #%d from genp", i);
+ CMP_err1("Error parsing type of ITAV #%d from genp", i);
ret = 0;
} else {
CMP_info2("ITAV #%d from genp infoType=%s", i, name);
@@ -2662,7 +2650,7 @@ static const char *prev_item(const char *opt, const char *end)
}
len = end - beg;
if (len > SECTION_NAME_MAX) {
- CMP_warn3("using only first %d characters of section name starting with \"%.*s\"",
+ CMP_warn3("Using only first %d characters of section name starting with \"%.*s\"",
SECTION_NAME_MAX, SECTION_NAME_MAX, beg);
len = SECTION_NAME_MAX;
}
@@ -2783,8 +2771,7 @@ static int read_config(void)
}
break;
default:
- CMP_err2("internal: unsupported type '%c' for option '%s'",
- opt->valtype, opt->name);
+ CMP_err2("Internal: unsupported type '%c' for option '%s'", opt->valtype, opt->name);
return 0;
break;
}
@@ -2810,8 +2797,7 @@ static int read_config(void)
if (provider_option
? !opt_provider(opt_next())
: !opt_verify(opt_next(), vpm)) {
- CMP_err2("for option '%s' in config file section '%s'",
- opt->name, opt_section);
+ CMP_err2("For option '%s' in config file section '%s'", opt->name, opt_section);
return 0;
}
}
@@ -3084,7 +3070,7 @@ static int get_opts(int argc, char **argv)
opt_popo = opt_int_arg();
if (opt_popo < OSSL_CRMF_POPO_NONE
|| opt_popo > OSSL_CRMF_POPO_KEYENC) {
- CMP_err("invalid popo spec. Valid values are -1 .. 2");
+ CMP_err("Invalid popo spec. Valid values are -1 .. 2");
goto opthelp;
}
break;
@@ -3114,7 +3100,7 @@ static int get_opts(int argc, char **argv)
if (opt_revreason < CRL_REASON_NONE
|| opt_revreason > CRL_REASON_AA_COMPROMISE
|| opt_revreason == 7) {
- CMP_err("invalid revreason. Valid values are -1 .. 6, 8 .. 10");
+ CMP_err("Invalid revreason. Valid values are -1 .. 6, 8 .. 10");
goto opthelp;
}
break;
@@ -3318,8 +3304,7 @@ static int cmp_server(OSSL_CMP_CTX *srv_cmp_ctx)
if (req != NULL) {
if (strcmp(path, "") != 0 && strcmp(path, "pkix/") != 0) {
(void)http_server_send_status(prog, cbio, 404, "Not Found");
- CMP_err1("expecting empty path or 'pkix/' but got '%s'",
- path);
+ CMP_err1("Expecting empty path or 'pkix/' but got '%s'", path);
OPENSSL_free(path);
OSSL_CMP_MSG_free(req);
goto next;
@@ -3466,7 +3451,7 @@ static int do_genm(OSSL_CMP_CTX *ctx)
/* could check authorization of sender/origin at this point */
if (cacerts == NULL) {
- CMP_warn("no CA certificates provided by server");
+ CMP_warn("No CA certificates provided by server");
} else if (save_free_certs(cacerts, opt_cacertsout, "CA") < 0) {
CMP_err1("Failed to store CA certificates from genp in %s",
opt_cacertsout);
@@ -3498,9 +3483,9 @@ static int do_genm(OSSL_CMP_CTX *ctx)
/* At this point might check authorization of response sender/origin */
if (newwithnew == NULL)
- CMP_info("no root CA certificate update available");
+ CMP_info("No root CA certificate update available");
else if (oldwithold == NULL && oldwithnew != NULL)
- CMP_warn("oldWithNew certificate received in genp for verifying oldWithOld, but oldWithOld was not provided");
+ CMP_warn("OldWithNew certificate received in genp for verifying oldWithOld, but oldWithOld was not provided");
if (save_cert_or_delete(newwithnew, opt_newwithnew,
"NewWithNew cert from genp")
@@ -3556,7 +3541,7 @@ static int do_genm(OSSL_CMP_CTX *ctx)
goto end_crlupd;
if (crl == NULL)
- CMP_info("no CRL update available");
+ CMP_info("No CRL update available");
if (!save_crl_or_delete(crl, opt_crlout, desc))
goto end_crlupd;
@@ -3577,7 +3562,7 @@ static int do_genm(OSSL_CMP_CTX *ctx)
return 0;
if (certTemplate == NULL) {
- CMP_warn("no certificate request template available");
+ CMP_warn("No certificate request template available");
if (!delete_file(opt_template, "certTemplate from genp"))
return 0;
if (opt_keyspec != NULL
@@ -3591,7 +3576,7 @@ static int do_genm(OSSL_CMP_CTX *ctx)
print_keyspec(keySpec);
if (opt_keyspec != NULL) {
if (keySpec == NULL) {
- CMP_warn("no key specifications available");
+ CMP_warn("No key specifications available");
if (!delete_file(opt_keyspec, "keySpec from genp"))
goto tmpl_end;
} else if (!save_keyspec(opt_keyspec, keySpec)) {
@@ -3674,7 +3659,7 @@ int cmp_main(int argc, char **argv)
vpm = X509_VERIFY_PARAM_new();
if (vpm == NULL) {
- CMP_err("out of memory");
+ CMP_err("Out of memory");
goto err;
}
@@ -3683,7 +3668,7 @@ int cmp_main(int argc, char **argv)
if (configfile != NULL && configfile[0] != '\0' /* non-empty string */
&& (configfile != default_config_file
|| access(configfile, F_OK) != -1)) {
- CMP_info2("using section(s) '%s' of OpenSSL configuration file '%s'",
+ CMP_info2("Using section(s) '%s' of OpenSSL configuration file '%s'",
opt_section, configfile);
conf = app_load_config(configfile);
if (conf == NULL) {
@@ -3691,7 +3676,7 @@ int cmp_main(int argc, char **argv)
} else {
if (strcmp(opt_section, CMP_SECTION) == 0) { /* default */
if (!NCONF_get_section(conf, opt_section))
- CMP_info2("no [%s] section found in config file '%s';"
+ CMP_info2("No [%s] section found in config file '%s';"
" will thus use just [default] and unnamed section if present",
opt_section, configfile);
} else {
@@ -3699,8 +3684,7 @@ int cmp_main(int argc, char **argv)
while ((end = prev_item(opt_section, end)) != NULL) {
if (!NCONF_get_section(conf, opt_item)) {
- CMP_err2("no [%s] section found in config file '%s'",
- opt_item, configfile);
+ CMP_err2("No [%s] section found in config file '%s'", opt_item, configfile);
goto err;
}
}
@@ -3734,7 +3718,7 @@ int cmp_main(int argc, char **argv)
OSSL_CMP_CTX_set_log_verbosity(cmp_ctx, opt_verbosity);
if (!OSSL_CMP_CTX_set_log_cb(cmp_ctx, print_to_bio_out)) {
- CMP_err1("cannot set up error reporting and logging for %s", prog);
+ CMP_err1("Cannot set up error reporting and logging for %s", prog);
goto err;
}
@@ -3745,7 +3729,7 @@ int cmp_main(int argc, char **argv)
if (opt_tls_used)
CMP_warn("-tls_used is active without any other TLS options");
} else if (!opt_tls_used) {
- CMP_warn("ignoring TLS options(s) since -tls_used is not active");
+ CMP_warn("Ignoring TLS options(s) since -tls_used is not active");
}
if (opt_port != NULL) {
if (opt_tls_used) {
@@ -3767,11 +3751,11 @@ int cmp_main(int argc, char **argv)
}
if (opt_server != NULL && opt_use_mock_srv) {
- CMP_err("cannot use both -server and -use_mock_srv options");
+ CMP_err("Cannot use both -server and -use_mock_srv options");
goto err;
}
if ((opt_server == NULL || opt_use_mock_srv) && opt_tls_used) {
- CMP_warn("ignoring -tls_used option since -server is not given or -use_mock_srv is given");
+ CMP_warn("Ignoring -tls_used option since -server is not given or -use_mock_srv is given");
opt_tls_used = 0;
}
@@ -3797,7 +3781,7 @@ int cmp_main(int argc, char **argv)
srv_cmp_ctx = OSSL_CMP_SRV_CTX_get0_cmp_ctx(srv_ctx);
if (!OSSL_CMP_CTX_set_log_cb(srv_cmp_ctx, print_to_bio_err)) {
- CMP_err1("cannot set up error reporting and logging for %s", prog);
+ CMP_err1("Cannot set up error reporting and logging for %s", prog);
goto err;
}
OSSL_CMP_CTX_set_log_verbosity(srv_cmp_ctx, opt_verbosity);
@@ -3832,15 +3816,15 @@ int cmp_main(int argc, char **argv)
CMP_warn1("-no_proxy %s", msg);
opt_no_proxy = NULL;
}
+ if (opt_tls_used) {
+ CMP_warn1("-tls_used %s", msg);
+ opt_tls_used = 0;
+ }
#endif
if (opt_path != NULL) {
CMP_warn1("-path %s", msg);
opt_path = NULL;
}
- if (opt_tls_used) {
- CMP_warn1("-tls_used %s", msg);
- opt_tls_used = 0;
- }
if (opt_use_mock_srv) {
CMP_warn1("-use_mock_srv %s", msg);
@@ -3856,7 +3840,7 @@ int cmp_main(int argc, char **argv)
}
#if !defined(OPENSSL_NO_SOCK) && !defined(OPENSSL_NO_HTTP)
if (opt_server == NULL && !opt_use_mock_srv && opt_port == NULL)
- CMP_info("will not contact any server");
+ CMP_info("Will not contact any server");
#endif
if (opt_rspin != NULL) {
#if !defined(OPENSSL_NO_SOCK) && !defined(OPENSSL_NO_HTTP)
@@ -3868,7 +3852,7 @@ int cmp_main(int argc, char **argv)
}
if (!setup_client_ctx(cmp_ctx)) {
- CMP_err("cannot set up CMP context");
+ CMP_err("Cannot set up CMP context");
goto err;
}
for (i = 0; i < opt_repeat; i++) {
@@ -3960,7 +3944,7 @@ int cmp_main(int argc, char **argv)
cipher = EVP_CIPHER_fetch(app_get0_libctx(), SN_aes_256_cbc, app_get0_propq());
}
- CMP_info1("saving centrally generated key to file '%s'", opt_newkeyout);
+ CMP_info1("Saving centrally generated key to file '%s'", opt_newkeyout);
if (PEM_write_bio_PrivateKey(out, new_key, cipher, NULL, 0, NULL,
(void *)pass_string)
<= 0)
diff --git a/test/recipes/80-test_cmp_http.t b/test/recipes/80-test_cmp_http.t
index 63b25259f5..6f560216dc 100644
--- a/test/recipes/80-test_cmp_http.t
+++ b/test/recipes/80-test_cmp_http.t
@@ -333,7 +333,7 @@ sub start_server {
my $pid0 = $pid;
while (<$server_fh>) {
print "$server_name server output: $_";
- next if m/using section/;
+ next if m/[Uu]sing section/;
s/\R$//; # Better chomp
($host, $port, $pid) = ($1, $2, $3)
if /^ACCEPT\s(.*?):(\d+) PID=(\d+)$/;