certtool: added safety net when generating a certificate request

That is, do not allow specifying --generate-request --load-pubkey without specifying --load-privkey. Previously if --load-pubkey would have been used, it would have been ignored, causing confusion to the users.
author: Nikos Mavrogiannopoulos <nmav@redhat.com> 2016-10-07 14:17:52 +0200
committer: Nikos Mavrogiannopoulos <nmav@redhat.com> 2016-10-07 14:19:25 +0200
commit: 5b675d0a3c9c7afb5e9b2f71721451d7e17d4017 (patch)
tree: ba00bb2e031cabcb6c4fe983bbc2b905ed899145 /src/certtool.c
parent: 322ef875913a10978bb7da1814301b289f7fdd85 (diff)
download: gnutls-5b675d0a3c9c7afb5e9b2f71721451d7e17d4017.tar.gz
1 files changed, 5 insertions, 1 deletions
diff --git a/src/certtool.c b/src/certtool.c
index 60e49c2e75..4ae3b123d9 100644
--- a/src/certtool.c
+++ b/src/certtool.c
@@ -1949,11 +1949,15 @@ void generate_request(common_info_st * cinfo)
 		exit(1);
 	}
 
-
 	/* Load the private key.
 	 */
 	pkey = load_private_key(0, cinfo);
 	if (!pkey) {
+		if (HAVE_OPT(LOAD_PUBKEY)) {
+			fprintf(stderr, "--load-pubkey was specified without corresponding --load-privkey\n");
+			exit(1);
+		}
+
 		ret = gnutls_privkey_init(&pkey);
 		if (ret < 0) {
 			fprintf(stderr, "privkey_init: %s\n",
author	Nikos Mavrogiannopoulos <nmav@redhat.com>	2016-10-07 14:17:52 +0200
committer	Nikos Mavrogiannopoulos <nmav@redhat.com>	2016-10-07 14:19:25 +0200
commit	5b675d0a3c9c7afb5e9b2f71721451d7e17d4017 (patch)
tree	ba00bb2e031cabcb6c4fe983bbc2b905ed899145 /src/certtool.c
parent	322ef875913a10978bb7da1814301b289f7fdd85 (diff)
download	gnutls-5b675d0a3c9c7afb5e9b2f71721451d7e17d4017.tar.gz