diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2016-10-07 14:17:52 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2016-10-07 14:20:00 +0200 |
commit | a07b0ef326f1b297e43be0e57443e6cce801d66e (patch) | |
tree | 907d0796e8b2982595af72bb8bb96dfbb6ab11fd | |
parent | 5c2cf9088e31a2914e9891f8b1ddb933c721ae94 (diff) | |
download | gnutls-a07b0ef326f1b297e43be0e57443e6cce801d66e.tar.gz |
certtool: added safety net when generating a certificate request
That is, do not allow specifying --generate-request --load-pubkey without
specifying --load-privkey. Previously if --load-pubkey would have been
used, it would have been ignored, causing confusion to the users.
-rw-r--r-- | src/certtool.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/src/certtool.c b/src/certtool.c index 40732bf90b..48d709fab7 100644 --- a/src/certtool.c +++ b/src/certtool.c @@ -1949,11 +1949,15 @@ void generate_request(common_info_st * cinfo) exit(1); } - /* Load the private key. */ pkey = load_private_key(0, cinfo); if (!pkey) { + if (HAVE_OPT(LOAD_PUBKEY)) { + fprintf(stderr, "--load-pubkey was specified without corresponding --load-privkey\n"); + exit(1); + } + ret = gnutls_privkey_init(&pkey); if (ret < 0) { fprintf(stderr, "privkey_init: %s\n", |