[openssl-commits] [openssl] master update
Richard Levitte
levitte at openssl.org
Thu May 11 15:18:53 UTC 2017
The branch master has been updated
via 888adbe064556ff5ab2f1d16a223b0548696614c (commit)
from 3f97052392cb10fca5309212bf720685262ad4a6 (commit)
- Log -----------------------------------------------------------------
commit 888adbe064556ff5ab2f1d16a223b0548696614c
Author: Tomas Mraz <tmraz at fedoraproject.org>
Date: Thu May 11 14:25:17 2017 +0200
Fix regression in openssl req -x509 behaviour.
Allow conversion of existing requests to certificates again.
Fixes the issue #3396
Reviewed-by: Rich Salz <rsalz at openssl.org>
Reviewed-by: Richard Levitte <levitte at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3437)
-----------------------------------------------------------------------
Summary of changes:
apps/req.c | 6 ++++--
doc/man1/req.pod | 3 +++
2 files changed, 7 insertions(+), 2 deletions(-)
diff --git a/apps/req.c b/apps/req.c
index f1dba66..a47dfcf 100644
--- a/apps/req.c
+++ b/apps/req.c
@@ -288,7 +288,6 @@ int req_main(int argc, char **argv)
break;
case OPT_X509:
x509 = 1;
- newreq = 1;
break;
case OPT_DAYS:
days = atoi(opt_arg());
@@ -331,6 +330,9 @@ int req_main(int argc, char **argv)
if (argc != 0)
goto opthelp;
+ if (x509 && infile == NULL)
+ newreq = 1;
+
/* TODO: simplify this as pkey is still always NULL here */
private = newreq && (pkey == NULL) ? 1 : 0;
@@ -582,7 +584,7 @@ int req_main(int argc, char **argv)
}
}
- if (newreq) {
+ if (newreq || x509) {
if (pkey == NULL) {
BIO_printf(bio_err, "you need to specify a private key\n");
goto end;
diff --git a/doc/man1/req.pod b/doc/man1/req.pod
index f9e424b..4dbd489 100644
--- a/doc/man1/req.pod
+++ b/doc/man1/req.pod
@@ -234,6 +234,9 @@ a self signed root CA. The extensions added to the certificate
using the B<set_serial> option, a large random number will be used for
the serial number.
+If existing request is specified with the B<-in> option, it is converted
+to the self signed certificate otherwise new request is created.
+
=item B<-days n>
When the B<-x509> option is being used this specifies the number of
More information about the openssl-commits
mailing list