Let 'openssl req' fail if an argument to '-newkey' is not

recognized instead of using RSA as a default.

Let 'openssl req' fail if an argument to '-newkey' is not
recognized instead of using RSA as a default.
9226e218 · Bodo Möller · 48921e00 · 9226e218 · 9226e218
隐藏空白更改
内联并排

Showing with 7 addition and 1 deletion

CHANGES CHANGES +4 -0

apps/req.c apps/req.c +3 -1

未找到文件。
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,10 @@
 Changes between 0.9.7 and 0.9.8  [xx XXX 2002]
+  *) Let 'openssl req' fail if an argument to '-newkey' is not
+     recognized instead of using RSA as a default.
+     [Bodo Moeller]
  *) Add support for ECC-based ciphersuites from draft-ietf-tls-ecc-01.txt.
     As these are not official, they are not included in "ALL";
     the "ECCdraft" ciphersuite group alias can be used to select them.

--- a/apps/req.c
+++ b/apps/req.c
@@ -383,7 +383,9 @@ int MAIN(int argc, char **argv)
 				}
 			else
 #endif
-				pkey_type=TYPE_RSA;
+				{
+				goto bad;
+				}
 			newreq=1;
 			}