diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2011-03-30 22:00:13 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2011-03-30 22:00:40 +0200 |
commit | 5ed31482f439a826235b2e17d8321a3b49745093 (patch) | |
tree | d98fe2764274e1e12ef2e63402fc74a2ffe7c89a | |
parent | adfee35ae60800d633ad24c649f3b4d280cb336c (diff) | |
download | gnutls-5ed31482f439a826235b2e17d8321a3b49745093.tar.gz |
Generate certificate request with stricter permissions. Reported by Luca Capello.
-rw-r--r-- | NEWS | 3 | ||||
-rw-r--r-- | src/certtool-gaa.c | 2 | ||||
-rw-r--r-- | src/certtool.gaa | 2 |
3 files changed, 5 insertions, 2 deletions
@@ -5,6 +5,9 @@ See the end for copying conditions. * Version 2.12.0 (unreleased) +** certtool: Generated certificate request with stricter permissions. +Reported by Luca Capello. + ** libgnutls: Bug fixes in opencdk code. Reported by Vitaly Kruglikov. ** libgnutls: Corrected windows system_errno() function prototype. diff --git a/src/certtool-gaa.c b/src/certtool-gaa.c index 8ae957ace5..a741a64dc3 100644 --- a/src/certtool-gaa.c +++ b/src/certtool-gaa.c @@ -1190,7 +1190,7 @@ static int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) case GAAOPTID_generate_request: OK = 0; #line 30 "certtool.gaa" -{ gaaval->action=ACTION_GENERATE_REQUEST; ;}; +{ gaaval->privkey_op=1; gaaval->action=ACTION_GENERATE_REQUEST; ;}; return GAA_OK; break; diff --git a/src/certtool.gaa b/src/certtool.gaa index e3e9f1c620..7c67af319b 100644 --- a/src/certtool.gaa +++ b/src/certtool.gaa @@ -27,7 +27,7 @@ option (u, update-certificate) { $action=ACTION_UPDATE_CERTIFICATE; } "Update a option (p, generate-privkey) { $privkey_op=1; $action=ACTION_GENERATE_PRIVKEY; } "Generate a private key." -option (q, generate-request) { $action=ACTION_GENERATE_REQUEST; } "Generate a PKCS #10 certificate request." +option (q, generate-request) { $privkey_op=1; $action=ACTION_GENERATE_REQUEST; } "Generate a PKCS #10 certificate request." option (e, verify-chain) { $action=ACTION_VERIFY_CHAIN; } "Verify a PEM encoded certificate chain. The last certificate in the chain must be a self signed one." |