diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2016-10-07 14:17:52 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2016-10-07 14:19:25 +0200 |
commit | 5b675d0a3c9c7afb5e9b2f71721451d7e17d4017 (patch) | |
tree | ba00bb2e031cabcb6c4fe983bbc2b905ed899145 | |
parent | 322ef875913a10978bb7da1814301b289f7fdd85 (diff) | |
download | gnutls-5b675d0a3c9c7afb5e9b2f71721451d7e17d4017.tar.gz |
certtool: added safety net when generating a certificate request
That is, do not allow specifying --generate-request --load-pubkey without
specifying --load-privkey. Previously if --load-pubkey would have been
used, it would have been ignored, causing confusion to the users.
-rw-r--r-- | src/certtool.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/src/certtool.c b/src/certtool.c index 60e49c2e75..4ae3b123d9 100644 --- a/src/certtool.c +++ b/src/certtool.c @@ -1949,11 +1949,15 @@ void generate_request(common_info_st * cinfo) exit(1); } - /* Load the private key. */ pkey = load_private_key(0, cinfo); if (!pkey) { + if (HAVE_OPT(LOAD_PUBKEY)) { + fprintf(stderr, "--load-pubkey was specified without corresponding --load-privkey\n"); + exit(1); + } + ret = gnutls_privkey_init(&pkey); if (ret < 0) { fprintf(stderr, "privkey_init: %s\n", |