forked from rpms/openssl
0c6f4a599c
- Fixes 'openssl req' to not ask for password when non-encrypted private key is used - cms: Do not try to check binary format on stdin and -rctform fix - Resolves: rhbz#1988137, rhbz#1988468, rhbz#1988137 Signed-off-by: Sahana Prasad <sahana@redhat.com>
34 lines
1.7 KiB
Diff
34 lines
1.7 KiB
Diff
diff -up openssl-3.0.0-beta2/apps/req.c.req-password openssl-3.0.0-beta2/apps/req.c
|
|
--- openssl-3.0.0-beta2/apps/req.c.req-password 2021-08-10 16:31:04.726233653 +0200
|
|
+++ openssl-3.0.0-beta2/apps/req.c 2021-08-10 16:31:58.286947297 +0200
|
|
@@ -686,7 +686,7 @@ int req_main(int argc, char **argv)
|
|
EVP_PKEY_CTX_free(genctx);
|
|
genctx = NULL;
|
|
}
|
|
- if (keyout == NULL) {
|
|
+ if (keyout == NULL && keyfile == NULL) {
|
|
keyout = NCONF_get_string(req_conf, section, KEYFILE);
|
|
if (keyout == NULL)
|
|
ERR_clear_error();
|
|
diff -up openssl-3.0.0-beta2/doc/man1/openssl-req.pod.in.req-password openssl-3.0.0-beta2/doc/man1/openssl-req.pod.in
|
|
--- openssl-3.0.0-beta2/doc/man1/openssl-req.pod.in.req-password 2021-08-10 16:32:21.863261416 +0200
|
|
+++ openssl-3.0.0-beta2/doc/man1/openssl-req.pod.in 2021-08-10 16:33:19.173025012 +0200
|
|
@@ -205,11 +205,12 @@ See L<openssl-format-options(1)> for det
|
|
=item B<-keyout> I<filename>
|
|
|
|
This gives the filename to write any private key to that has been newly created
|
|
-or read from B<-key>.
|
|
-If the B<-keyout> option is not given the filename specified in the
|
|
-configuration file with the B<default_keyfile> option is used, if present.
|
|
-If a new key is generated and no filename is specified
|
|
-the key is written to standard output.
|
|
+or read from B<-key>. If neither the B<-keyout> option nor the B<-key> option
|
|
+are given then the filename specified in the configuration file with the
|
|
+B<default_keyfile> option is used, if present. Thus, if you want to write the
|
|
+private key and the B<-key> option is provided, you should provide the
|
|
+B<-keyout> option explicitly. If a new key is generated and no filename is
|
|
+specified the key is written to standard output.
|
|
|
|
=item B<-noenc>
|
|
|