Reduce chances of issuer and serial number duplication by use of random

initial serial numbers. PR: 842
author: Dr. Stephen Henson <steve@openssl.org> 2004-04-20 12:05:26 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2004-04-20 12:05:26 +0000
commit: 64674bcc8cee73853d00388a5e83cb1b2f38bec1 (patch)
tree: 55da245985e07e8e1c75bf1ae8569012a63cb014 /apps/ca.c
parent: 1dc2d655addc773d6d91ee17a52c14a11d1cb8e1 (diff)
1 files changed, 4 insertions, 1 deletions
diff --git a/apps/ca.c b/apps/ca.c
index 2e8377391a..0fd445613d 100644
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -241,6 +241,7 @@ int MAIN(int argc, char **argv)
 	{
 	ENGINE *e = NULL;
 	char *key=NULL,*passargin=NULL;
+	int create_ser = 0;
 	int free_key = 0;
 	int total=0;
 	int total_done=0;
@@ -354,6 +355,8 @@ EF_ALIGNMENT=0;
 			subj= *(++argv);
 			/* preserve=1; */
 			}
+		else if (strcmp(*argv,"-create_serial") == 0)
+			create_ser = 1;
 		else if (strcmp(*argv,"-multivalue-rdn") == 0)
 			multirdn=1;
 		else if (strcmp(*argv,"-startdate") == 0)
@@ -1097,7 +1100,7 @@ bad:
 			goto err;
 			}
 
-		if ((serial=load_serial(serialfile, 0, NULL)) == NULL)
+		if ((serial=load_serial(serialfile, create_ser, NULL)) == NULL)
 			{
 			BIO_printf(bio_err,"error while loading serial number\n");
 			goto err;
author	Dr. Stephen Henson <steve@openssl.org>	2004-04-20 12:05:26 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2004-04-20 12:05:26 +0000
commit	64674bcc8cee73853d00388a5e83cb1b2f38bec1 (patch)
tree	55da245985e07e8e1c75bf1ae8569012a63cb014 /apps/ca.c
parent	1dc2d655addc773d6d91ee17a52c14a11d1cb8e1 (diff)