mirror of
https://github.com/openssl/openssl.git
synced 2024-12-16 13:33:49 +08:00
Fix regression in openssl req -x509 behaviour.
Allow conversion of existing requests to certificates again. Fixes the issue #3396 Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3437)
This commit is contained in:
parent
3f97052392
commit
888adbe064
@ -288,7 +288,6 @@ int req_main(int argc, char **argv)
|
||||
break;
|
||||
case OPT_X509:
|
||||
x509 = 1;
|
||||
newreq = 1;
|
||||
break;
|
||||
case OPT_DAYS:
|
||||
days = atoi(opt_arg());
|
||||
@ -331,6 +330,9 @@ int req_main(int argc, char **argv)
|
||||
if (argc != 0)
|
||||
goto opthelp;
|
||||
|
||||
if (x509 && infile == NULL)
|
||||
newreq = 1;
|
||||
|
||||
/* TODO: simplify this as pkey is still always NULL here */
|
||||
private = newreq && (pkey == NULL) ? 1 : 0;
|
||||
|
||||
@ -582,7 +584,7 @@ int req_main(int argc, char **argv)
|
||||
}
|
||||
}
|
||||
|
||||
if (newreq) {
|
||||
if (newreq || x509) {
|
||||
if (pkey == NULL) {
|
||||
BIO_printf(bio_err, "you need to specify a private key\n");
|
||||
goto end;
|
||||
|
@ -234,6 +234,9 @@ a self signed root CA. The extensions added to the certificate
|
||||
using the B<set_serial> option, a large random number will be used for
|
||||
the serial number.
|
||||
|
||||
If existing request is specified with the B<-in> option, it is converted
|
||||
to the self signed certificate otherwise new request is created.
|
||||
|
||||
=item B<-days n>
|
||||
|
||||
When the B<-x509> option is being used this specifies the number of
|
||||
|
Loading…
Reference in New Issue
Block a user