diff options
-rw-r--r-- | NEWS | 3 | ||||
-rw-r--r-- | src/certtool-gaa.c | 2 | ||||
-rw-r--r-- | src/certtool.gaa | 2 |
3 files changed, 5 insertions, 2 deletions
@@ -5,6 +5,9 @@ See the end for copying conditions. * Version 2.12.0 (unreleased) +** certtool: Generated certificate request with stricter permissions. +Reported by Luca Capello. + ** libgnutls: Bug fixes in opencdk code. Reported by Vitaly Kruglikov. ** libgnutls: Corrected windows system_errno() function prototype. diff --git a/src/certtool-gaa.c b/src/certtool-gaa.c index 8ae957ace5..a741a64dc3 100644 --- a/src/certtool-gaa.c +++ b/src/certtool-gaa.c @@ -1190,7 +1190,7 @@ static int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) case GAAOPTID_generate_request: OK = 0; #line 30 "certtool.gaa" -{ gaaval->action=ACTION_GENERATE_REQUEST; ;}; +{ gaaval->privkey_op=1; gaaval->action=ACTION_GENERATE_REQUEST; ;}; return GAA_OK; break; diff --git a/src/certtool.gaa b/src/certtool.gaa index e3e9f1c620..7c67af319b 100644 --- a/src/certtool.gaa +++ b/src/certtool.gaa @@ -27,7 +27,7 @@ option (u, update-certificate) { $action=ACTION_UPDATE_CERTIFICATE; } "Update a option (p, generate-privkey) { $privkey_op=1; $action=ACTION_GENERATE_PRIVKEY; } "Generate a private key." -option (q, generate-request) { $action=ACTION_GENERATE_REQUEST; } "Generate a PKCS #10 certificate request." +option (q, generate-request) { $privkey_op=1; $action=ACTION_GENERATE_REQUEST; } "Generate a PKCS #10 certificate request." option (e, verify-chain) { $action=ACTION_VERIFY_CHAIN; } "Verify a PEM encoded certificate chain. The last certificate in the chain must be a self signed one." |