[openssl-commits] [openssl] OpenSSL_1_0_2-stable update
Richard Levitte
levitte at openssl.org
Mon Aug 22 13:47:53 UTC 2016
The branch OpenSSL_1_0_2-stable has been updated
via fd7ca7465b67336b8950a505b6d2adee867a78f7 (commit)
from 9c8bca1c206df7886aaef4692badc4049b488e40 (commit)
- Log -----------------------------------------------------------------
commit fd7ca7465b67336b8950a505b6d2adee867a78f7
Author: Richard Levitte <levitte at openssl.org>
Date: Mon Aug 22 15:22:17 2016 +0200
Make 'openssl req -x509' more equivalent to 'openssl req -new'
The following would fail, or rather, freeze:
openssl genrsa -out rsa2048.pem 2048
openssl req -x509 -key rsa2048.pem -keyform PEM -out cert.pem
In that case, the second command wants to read a certificate request
from stdin, because -x509 wasn't fully flagged as being for creating
something new. This changes makes it fully flagged.
RT#4655
Reviewed-by: Andy Polyakov <appro at openssl.org>
-----------------------------------------------------------------------
Summary of changes:
apps/req.c | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/apps/req.c b/apps/req.c
index 46255f5..d1411c9 100644
--- a/apps/req.c
+++ b/apps/req.c
@@ -332,9 +332,10 @@ int MAIN(int argc, char **argv)
subject = 1;
else if (strcmp(*argv, "-text") == 0)
text = 1;
- else if (strcmp(*argv, "-x509") == 0)
+ else if (strcmp(*argv, "-x509") == 0) {
+ newreq = 1;
x509 = 1;
- else if (strcmp(*argv, "-asn1-kludge") == 0)
+ } else if (strcmp(*argv, "-asn1-kludge") == 0)
kludge = 1;
else if (strcmp(*argv, "-no-asn1-kludge") == 0)
kludge = 0;
@@ -756,7 +757,7 @@ int MAIN(int argc, char **argv)
}
}
- if (newreq || x509) {
+ if (newreq) {
if (pkey == NULL) {
BIO_printf(bio_err, "you need to specify a private key\n");
goto end;
More information about the openssl-commits
mailing list