[openssl-commits] [openssl] master update
Richard Levitte
levitte at openssl.org
Wed May 6 17:44:15 UTC 2015
The branch master has been updated
via 5c4e3a4e60f7d92ef829eb70071e29270b7b6653 (commit)
via 2455eaf43f29cf11a949b965d7aa5b2ed816dd5c (commit)
from 656b26055c713cb5623f26b415f6aeec6fb24c6f (commit)
- Log -----------------------------------------------------------------
commit 5c4e3a4e60f7d92ef829eb70071e29270b7b6653
Author: Richard Levitte <levitte at openssl.org>
Date: Wed May 6 18:50:57 2015 +0200
Make -CAserial a type 's' option
The file name given to -CAserial might not exist yet. The
-CAcreateserial option decides if this is ok or not.
Previous to this change, -CAserial was a type '<' option, and in that
case, the existence of the file given as argument is tested quite
early, and is a failure if it doesn't. With the type 's' option, the
argument is just a string that the application can do whatever it
wants with.
Reviewed-by: Rich Salz <rsalz at openssl.org>
commit 2455eaf43f29cf11a949b965d7aa5b2ed816dd5c
Author: Richard Levitte <levitte at openssl.org>
Date: Wed May 6 18:48:48 2015 +0200
Add a -CAserial argument for signing the user cert request
This is just to make sure that option is tested on a Unix build. This
option is already present in ms/testss.bat, so it's an easy steal.
Reviewed-by: Rich Salz <rsalz at openssl.org>
-----------------------------------------------------------------------
Summary of changes:
apps/x509.c | 2 +-
test/testss | 3 ++-
2 files changed, 3 insertions(+), 2 deletions(-)
diff --git a/apps/x509.c b/apps/x509.c
index fe9b109..5938b43 100644
--- a/apps/x509.c
+++ b/apps/x509.c
@@ -175,7 +175,7 @@ OPTIONS x509_options[] = {
"The CA key, must be PEM format; if not in CAfile"},
{"CAcreateserial", OPT_CACREATESERIAL, '-',
"Create serial number file if it does not exist"},
- {"CAserial", OPT_CASERIAL, '<', "Serial file"},
+ {"CAserial", OPT_CASERIAL, 's', "Serial file"},
{"set_serial", OPT_SET_SERIAL, 's', "Serial number to use"},
{"text", OPT_TEXT, '-', "Print the certificate in text form"},
{"C", OPT_C, '-', "Print out C code forms"},
diff --git a/test/testss b/test/testss
index 3afeb11..0f2f6dd 100644
--- a/test/testss
+++ b/test/testss
@@ -9,6 +9,7 @@ OPENSSL_CONF=/dev/null ; export OPENSSL_CONF
CAkey="keyCA.ss"
CAcert="certCA.ss"
+CAserial="certCA.srl"
CAreq="reqCA.ss"
CAconf="CAss.cnf"
CAreq2="req2CA.ss" # temp
@@ -61,7 +62,7 @@ echo make a user cert request
$reqcmd -config $Uconf -out $Ureq -keyout $Ukey $req_new >err.ss || exit 1
echo sign user cert request
-$x509cmd -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey -extfile $Uconf -extensions v3_ee >err.ss || exit 1
+$x509cmd -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey -CAserial $CAserial -extfile $Uconf -extensions v3_ee >err.ss || exit 1
$verifycmd -CAfile $CAcert $Ucert || exit 1
echo Certificate details
More information about the openssl-commits
mailing list