summaryrefslogtreecommitdiffstats
path: root/apps/ca.c
diff options
context:
space:
mode:
authorDr. Stephen Henson <steve@openssl.org>2012-09-09 12:58:49 +0000
committerDr. Stephen Henson <steve@openssl.org>2012-09-09 12:58:49 +0000
commit648f551a4aa1da792620cdbbddb791dba28fb297 (patch)
tree426cf2516c2fe8ea8bf985f74b42a1c9bf6bd799 /apps/ca.c
parent33a8de69dc092285fce9a3db4aae2b0df8852427 (diff)
New -valid option to add a certificate to the ca index.txt that is valid and not revoked
Diffstat (limited to 'apps/ca.c')
-rw-r--r--apps/ca.c19
1 files changed, 18 insertions, 1 deletions
diff --git a/apps/ca.c b/apps/ca.c
index 1cf50e0029..0cb498b9d9 100644
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -501,6 +501,12 @@ EF_ALIGNMENT=0;
infile= *(++argv);
dorevoke=1;
}
+ else if (strcmp(*argv,"-valid") == 0)
+ {
+ if (--argc < 1) goto bad;
+ infile= *(++argv);
+ dorevoke=2;
+ }
else if (strcmp(*argv,"-extensions") == 0)
{
if (--argc < 1) goto bad;
@@ -1523,6 +1529,8 @@ bad:
NULL, e, infile);
if (revcert == NULL)
goto err;
+ if (dorevoke == 2)
+ rev_type = -1;
j=do_revoke(revcert,db, rev_type, rev_arg);
if (j <= 0) goto err;
X509_free(revcert);
@@ -2486,7 +2494,10 @@ static int do_revoke(X509 *x509, CA_DB *db, int type, char *value)
}
/* Revoke Certificate */
- ok = do_revoke(x509,db, type, value);
+ if (type == -1)
+ ok = 1;
+ else
+ ok = do_revoke(x509,db, type, value);
goto err;
@@ -2497,6 +2508,12 @@ static int do_revoke(X509 *x509, CA_DB *db, int type, char *value)
row[DB_name]);
goto err;
}
+ else if (type == -1)
+ {
+ BIO_printf(bio_err,"ERROR:Already present, serial number %s\n",
+ row[DB_serial]);
+ goto err;
+ }
else if (rrow[DB_type][0]=='R')
{
BIO_printf(bio_err,"ERROR:Already revoked, serial number %s\n",