diff options
| author | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2020-09-02 13:52:23 +0200 |
|---|---|---|
| committer | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2020-09-10 12:07:33 +0200 |
| commit | 5a0991d0d94b966e0621b8123873b132877dc9d3 (patch) | |
| tree | c4fd5cd639741a863010a23472cfc005556610cd /apps/lib | |
| parent | 5fdcde816f6ee9ef048977c14427e2b0b63f47b6 (diff) | |
Add/harmonize multi-valued RDN support and doc of ca, cmp, req, storeutl, and x509 apps
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12769)
Diffstat (limited to 'apps/lib')
| -rw-r--r-- | apps/lib/apps.c | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/apps/lib/apps.c b/apps/lib/apps.c index 878ec18f0b..d3f3f6d2b6 100644 --- a/apps/lib/apps.c +++ b/apps/lib/apps.c @@ -1647,7 +1647,8 @@ int parse_yesno(const char *str, int def) /* * name is expected to be in the format /type0=value0/type1=value1/type2=... - * where characters may be escaped by \ + * where + can be used instead of / to form multi-valued RDNs if canmulti + * and characters may be escaped by \ */ X509_NAME *parse_name(const char *cp, int chtype, int canmulti, const char *desc) @@ -1700,6 +1701,7 @@ X509_NAME *parse_name(const char *cp, int chtype, int canmulti, /* Collect the value. */ valstr = (unsigned char *)bp; for (; *cp != '\0' && *cp != '/'; *bp++ = *cp++) { + /* unescaped '+' symbol string signals further member of multiRDN */ if (canmulti && *cp == '+') { nextismulti = 1; break; @@ -1723,6 +1725,9 @@ X509_NAME *parse_name(const char *cp, int chtype, int canmulti, BIO_printf(bio_err, "%s: Skipping unknown %s name attribute \"%s\"\n", opt_getprog(), desc, typestr); + if (ismulti) + BIO_printf(bio_err, + "Hint: a '+' in a value string needs be escaped using '\\' else a new member of a multi-valued RDN is expected\n"); continue; } if (*valstr == '\0') { |