wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Make 'openssl req -x509' more equivalent to 'openssl req -new'

Browse source 
The following would fail, or rather, freeze:

    openssl genrsa -out rsa2048.pem 2048
    openssl req -x509 -key rsa2048.pem -keyform PEM -out cert.pem

In that case, the second command wants to read a certificate request
from stdin, because -x509 wasn't fully flagged as being for creating
something new.  This changes makes it fully flagged.

RT#4655

Reviewed-by: Andy Polyakov <appro@openssl.org>
This commit is contained in:
Richard Levitte 2016-08-22 14:53:53 +02:00
parent 3ba1ef829c
commit 599e5904b2
1 changed files with 2 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
apps/req.c
View file

@ -289,6 +289,7 @@ int req_main(int argc, char **argv)
break; break;
case OPT_X509: case OPT_X509:
x509 = 1; x509 = 1;
newreq = 1;
break; break;
case OPT_DAYS: case OPT_DAYS:
days = atoi(opt_arg()); days = atoi(opt_arg());
@ -578,7 +579,7 @@ int req_main(int argc, char **argv)
} }
} }
if (newreq || x509) { if (newreq) {
if (pkey == NULL) { if (pkey == NULL) {
BIO_printf(bio_err, "you need to specify a private key\n"); BIO_printf(bio_err, "you need to specify a private key\n");
goto end; goto end;