openssl
/
openssl
mirror of https://github.com/openssl/openssl
1
0
Fork 0
Code Issues Releases Wiki Activity

Remove -C option from x509 command 

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13384)
This commit is contained in:
Rich Salz 2020-11-11 19:10:22 -05:00 committed by Richard Levitte
parent 1696b8909b
commit a18cf8fc63
3 changed files with 6 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
CHANGES.md
View File

@ -27,7 +27,8 @@ OpenSSL 3.0
*Paul Dale*
* The -C option to the dhparam, dsaparam, and ecparam commands were removed.
* The -C option to the x509, dhparam, dsaparam, and ecparam commands
were removed.
*Rich Salz*

30
apps/x509.c
View File

@ -54,7 +54,7 @@ typedef enum OPTION_choice {
OPT_EXTENSIONS, OPT_IN, OPT_OUT, OPT_SIGNKEY, OPT_CA, OPT_CAKEY,
OPT_CASERIAL, OPT_SET_SERIAL, OPT_NEW, OPT_FORCE_PUBKEY, OPT_SUBJ,
OPT_ADDTRUST, OPT_ADDREJECT, OPT_SETALIAS, OPT_CERTOPT, OPT_NAMEOPT,
OPT_C, OPT_EMAIL, OPT_OCSP_URI, OPT_SERIAL, OPT_NEXT_SERIAL,
OPT_EMAIL, OPT_OCSP_URI, OPT_SERIAL, OPT_NEXT_SERIAL,
OPT_MODULUS, OPT_PUBKEY, OPT_X509TOREQ, OPT_TEXT, OPT_HASH,
OPT_ISSUER_HASH, OPT_SUBJECT, OPT_ISSUER, OPT_FINGERPRINT, OPT_DATES,
OPT_PURPOSE, OPT_STARTDATE, OPT_ENDDATE, OPT_CHECKEND, OPT_CHECKHOST,
@ -110,7 +110,6 @@ const OPTIONS x509_options[] = {
{OPT_MORE_STR, 1, 1, "Exit 1 if so, 0 if not"},
{"text", OPT_TEXT, '-', "Print the certificate in text form"},
{"ext", OPT_EXT, 's', "Print various X509V3 extensions"},
{"C", OPT_C, '-', "Print out C code forms"},
#ifndef OPENSSL_NO_MD5
{"subject_hash_old", OPT_SUBJECT_HASH_OLD, '-',
"Print old-style (MD5) subject hash value"},
@ -188,7 +187,7 @@ int x509_main(int argc, char **argv)
char *infile = NULL, *outfile = NULL, *keyfile = NULL, *CAfile = NULL;
char *prog;
int x509req = 0, days = DEF_DAYS, modulus = 0, pubkey = 0, pprint = 0;
int C = 0, CAformat = FORMAT_PEM, CAkeyformat = FORMAT_PEM;
int CAformat = FORMAT_PEM, CAkeyformat = FORMAT_PEM;
int fingerprint = 0, reqfile = 0, checkend = 0;
int informat = FORMAT_PEM, outformat = FORMAT_PEM, keyformat = FORMAT_PEM;
int next_serial = 0, subject_hash = 0, issuer_hash = 0, ocspid = 0;
@ -360,9 +359,6 @@ int x509_main(int argc, char **argv)
case OPT_ENGINE:
e = setup_engine(opt_arg(), 0);
break;
case OPT_C:
C = ++num;
break;
case OPT_EMAIL:
email = ++num;
break;
@ -788,28 +784,6 @@ int x509_main(int argc, char **argv)
goto end;
}
PEM_write_bio_PUBKEY(out, pkey);
} else if (C == i) {
unsigned char *d;
char *m;
int len;
print_name(out, "/*\n"
" * Subject: ", X509_get_subject_name(x), get_nameopt());
print_name(out, " * Issuer: ", X509_get_issuer_name(x), get_nameopt());
BIO_puts(out, " */\n");
len = i2d_X509(x, NULL);
m = app_malloc(len, "x509 name buffer");
d = (unsigned char *)m;
len = i2d_X509_NAME(X509_get_subject_name(x), &d);
print_array(out, "the_subject_name", len, (unsigned char *)m);
d = (unsigned char *)m;
len = i2d_X509_PUBKEY(X509_get_X509_PUBKEY(x), &d);
print_array(out, "the_public_key", len, (unsigned char *)m);
d = (unsigned char *)m;
len = i2d_X509(x, &d);
print_array(out, "the_certificate", len, (unsigned char *)m);
OPENSSL_free(m);
} else if (text == i) {
X509_print_ex(out, x, get_nameopt(), certflag);
} else if (startdate == i) {

7
doc/man1/openssl-x509.pod.in
View File

@ -65,7 +65,6 @@ B<openssl> B<x509>
[B<-checkhost> I<host>]
[B<-checkemail> I<host>]
[B<-checkip> I<ipaddr>]
[B<-C>]
[B<-I<digest>>]
[B<-clrext>]
[B<-extfile> I<filename>]
@ -271,10 +270,6 @@ This is commonly called a "fingerprint". Because of the nature of message
digests, the fingerprint of a certificate is unique to that certificate and
two certificates with the same fingerprint can be considered to be the same.
=item B<-C>
This outputs the certificate in the form of a C source file.
=back
=head2 Trust Settings
@ -843,6 +838,8 @@ The B<-CAform> option has become obsolete in OpenSSL 3.0.0 and has no effect.
The B<-engine> option was deprecated in OpenSSL 3.0.
The B<-C> option was removed in OpenSSL 3.0.
=head1 COPYRIGHT
Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.