diff options
| author | Martin Willi <martin@revosec.ch> | 2010-12-23 15:21:52 +0100 |
|---|---|---|
| committer | Martin Willi <martin@revosec.ch> | 2011-01-05 16:46:07 +0100 |
| commit | 3fd3f8dea8899d6dc44d03c8c3a04ea9018670aa (patch) | |
| tree | 32f972254f77334ed75c4a50de2dc6c935ec0cf4 /src | |
| parent | 97d30f0010528b0d7b7b7128e25d4585c11710ef (diff) | |
| download | strongswan-3fd3f8dea8899d6dc44d03c8c3a04ea9018670aa.tar.bz2 strongswan-3fd3f8dea8899d6dc44d03c8c3a04ea9018670aa.tar.xz | |
Added support for empty subjects DNs to pki --issue
Diffstat (limited to 'src')
| -rw-r--r-- | src/pki/commands/issue.c | 15 |
1 files changed, 7 insertions, 8 deletions
diff --git a/src/pki/commands/issue.c b/src/pki/commands/issue.c index ebbe36010..482941398 100644 --- a/src/pki/commands/issue.c +++ b/src/pki/commands/issue.c @@ -270,12 +270,6 @@ static int issue() } break; } - - if (!pkcs10 && !dn) - { - error = "--dn is required"; - goto usage; - } if (!cacert) { error = "--cacert is required"; @@ -286,7 +280,7 @@ static int issue() error = "--cakey or --keyid is required"; goto usage; } - if (dn) + if (dn && *dn) { id = identification_create_from_string(dn); if (id->get_type(id) != ID_DER_ASN1_DN) @@ -295,6 +289,11 @@ static int issue() goto end; } } + else + { + id = identification_create_from_encoding(ID_DER_ASN1_DN, + chunk_from_chars(ASN1_SEQUENCE, 0)); + } DBG2(DBG_LIB, "Reading ca certificate:"); ca = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509, @@ -511,7 +510,7 @@ static void __attribute__ ((constructor))reg() issue, 'i', "issue", "issue a certificate using a CA certificate and key", {"[--in file] [--type pub|pkcs10] --cakey file | --cakeyid hex", - " --cacert file --dn subject-dn [--san subjectAltName]+", + " --cacert file [--dn subject-dn] [--san subjectAltName]+", "[--lifetime days] [--serial hex] [--crl uri [--crlissuer i] ]+ [--ocsp uri]+", "[--ca] [--pathlen len] [--flag serverAuth|clientAuth|crlSign|ocspSigning]+", "[--nc-permitted name] [--nc-excluded name]", |