apps/req.c: Make sure -verify option takes effect also with -x509

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/13658)
2021-01-06 12:16:44 +01:00 · 2021-01-06 12:16:44 +01:00 · 04a1b3fa7b
parent 0ae8d4ca9e
commit 04a1b3fa7b
2 changed files with 3 additions and 3 deletions
--- a/apps/req.c
+++ b/apps/req.c
@ -104,7 +104,7 @@ const OPTIONS req_options[] = {
 #endif
    {"in", OPT_IN, '<', "X.509 request input file"},
    {"inform", OPT_INFORM, 'F', "Input format - DER or PEM"},
-    {"verify", OPT_VERIFY, '-', "Verify signature on REQ"},
+    {"verify", OPT_VERIFY, '-', "Verify self-signature on the request"},

    OPT_SECTION("Certificate"),
    {"new", OPT_NEW, '-', "New request"},
@ -932,7 +932,7 @@ int req_main(int argc, char **argv)
        }
    }

-    if (verify && !gen_x509) {
+    if (verify) {
        EVP_PKEY *tpubkey = pkey;

        if (tpubkey == NULL) {
--- a/doc/man1/openssl-req.pod.in
+++ b/doc/man1/openssl-req.pod.in
@ -142,7 +142,7 @@ Prints out the value of the modulus of the public key contained in the request.

 =item B<-verify>

-Verifies the signature on the request.
+Verifies the self-signature on the request.

 =item B<-new>