[openssl-commits] [openssl] master update

Richard Levitte levitte at openssl.org
Wed May 6 17:44:15 UTC 2015


The branch master has been updated
       via  5c4e3a4e60f7d92ef829eb70071e29270b7b6653 (commit)
       via  2455eaf43f29cf11a949b965d7aa5b2ed816dd5c (commit)
      from  656b26055c713cb5623f26b415f6aeec6fb24c6f (commit)


- Log -----------------------------------------------------------------
commit 5c4e3a4e60f7d92ef829eb70071e29270b7b6653
Author: Richard Levitte <levitte at openssl.org>
Date:   Wed May 6 18:50:57 2015 +0200

    Make -CAserial a type 's' option
    
    The file name given to -CAserial might not exist yet.  The
    -CAcreateserial option decides if this is ok or not.
    
    Previous to this change, -CAserial was a type '<' option, and in that
    case, the existence of the file given as argument is tested quite
    early, and is a failure if it doesn't.  With the type 's' option, the
    argument is just a string that the application can do whatever it
    wants with.
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>

commit 2455eaf43f29cf11a949b965d7aa5b2ed816dd5c
Author: Richard Levitte <levitte at openssl.org>
Date:   Wed May 6 18:48:48 2015 +0200

    Add a -CAserial argument for signing the user cert request
    
    This is just to make sure that option is tested on a Unix build.  This
    option is already present in ms/testss.bat, so it's an easy steal.
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>

-----------------------------------------------------------------------

Summary of changes:
 apps/x509.c | 2 +-
 test/testss | 3 ++-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/apps/x509.c b/apps/x509.c
index fe9b109..5938b43 100644
--- a/apps/x509.c
+++ b/apps/x509.c
@@ -175,7 +175,7 @@ OPTIONS x509_options[] = {
      "The CA key, must be PEM format; if not in CAfile"},
     {"CAcreateserial", OPT_CACREATESERIAL, '-',
      "Create serial number file if it does not exist"},
-    {"CAserial", OPT_CASERIAL, '<', "Serial file"},
+    {"CAserial", OPT_CASERIAL, 's', "Serial file"},
     {"set_serial", OPT_SET_SERIAL, 's', "Serial number to use"},
     {"text", OPT_TEXT, '-', "Print the certificate in text form"},
     {"C", OPT_C, '-', "Print out C code forms"},
diff --git a/test/testss b/test/testss
index 3afeb11..0f2f6dd 100644
--- a/test/testss
+++ b/test/testss
@@ -9,6 +9,7 @@ OPENSSL_CONF=/dev/null ; export OPENSSL_CONF
 
 CAkey="keyCA.ss"
 CAcert="certCA.ss"
+CAserial="certCA.srl"
 CAreq="reqCA.ss"
 CAconf="CAss.cnf"
 CAreq2="req2CA.ss"	# temp
@@ -61,7 +62,7 @@ echo make a user cert request
 $reqcmd -config $Uconf -out $Ureq -keyout $Ukey $req_new >err.ss || exit 1
 
 echo sign user cert request
-$x509cmd -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey -extfile $Uconf -extensions v3_ee >err.ss || exit 1
+$x509cmd -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey -CAserial $CAserial -extfile $Uconf -extensions v3_ee >err.ss || exit 1
 $verifycmd -CAfile $CAcert $Ucert || exit 1
 
 echo Certificate details


More information about the openssl-commits mailing list