diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2003-11-21 12:52:08 +0000 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2003-11-21 12:52:08 +0000 |
| commit | 018641aa48169181d4739406da4f9c8bcde2f556 (patch) | |
| tree | d32ee6e85cac1cc5ce7d50997e7e6e47220cc0dd /src | |
| parent | 1142d8a787be2ba96cbc2f581b3a975522e64d64 (diff) | |
| download | gnutls-018641aa48169181d4739406da4f9c8bcde2f556.tar.gz | |
generated certificates by certtool now have version 1 if they do not include extensions.
Diffstat (limited to 'src')
| -rw-r--r-- | src/certtool.c | 19 |
1 files changed, 14 insertions, 5 deletions
diff --git a/src/certtool.c b/src/certtool.c index 296bbd50c3..4449b9ad62 100644 --- a/src/certtool.c +++ b/src/certtool.c @@ -134,7 +134,9 @@ static char input[128]; static const char* read_pass( const char* input_str) { +#ifdef _WIN32 static char input[128]; +#endif const char* pass; if (info.pass) return info.pass; @@ -272,6 +274,8 @@ gnutls_x509_crt generate_certificate( gnutls_x509_privkey *ret_key) int size, serial; int days, result, ca_status; const char* str; + int vers = 0; /* the default version in the certificate + */ gnutls_x509_crq crq; /* request */ size = gnutls_x509_crt_init(&crt); @@ -314,11 +318,6 @@ gnutls_x509_crt generate_certificate( gnutls_x509_privkey *ret_key) } } - result = gnutls_x509_crt_set_version( crt, 2); - if (result < 0) { - fprintf(stderr, "set_version: %s\n", gnutls_strerror(result)); - exit(1); - } serial = read_int( "Enter the certificate's serial number (decimal): "); buffer[2] = serial & 0xff; @@ -360,6 +359,9 @@ gnutls_x509_crt generate_certificate( gnutls_x509_privkey *ret_key) if (result != 0) { str = read_str( "Enter the dnsName of the subject of the certificate: "); if (str != NULL) { + vers = 2; /* only version 3 certificates, can + * have extensions. + */ result = gnutls_x509_crt_set_subject_alternative_name( crt, GNUTLS_SAN_DNSNAME, str); if (result < 0) { fprintf(stderr, "subject_alt_name: %s\n", gnutls_strerror(result)); @@ -371,6 +373,7 @@ gnutls_x509_crt generate_certificate( gnutls_x509_privkey *ret_key) str = read_str( "Enter the e-mail of the subject of the certificate: "); if (str != NULL) { + vers = 2; result = gnutls_x509_crt_set_subject_alternative_name( crt, GNUTLS_SAN_RFC822NAME, str); if (result < 0) { fprintf(stderr, "subject_alt_name: %s\n", gnutls_strerror(result)); @@ -379,6 +382,12 @@ gnutls_x509_crt generate_certificate( gnutls_x509_privkey *ret_key) } } + result = gnutls_x509_crt_set_version( crt, vers); + if (result < 0) { + fprintf(stderr, "set_version: %s\n", gnutls_strerror(result)); + exit(1); + } + *ret_key = key; return crt; |