From: Matt Caswell <matt@openssl.org>
Date: Fri, 23 Feb 2018 09:46:30 +0000 (+0000)
Subject: Revert "Don't allow an empty Subject when creating a Certificate"
X-Git-Tag: OpenSSL_1_1_1-pre3~72
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=c845ff070d03052f10d9d183682388429cf4fd92;p=oweals%2Fopenssl.git

Revert "Don't allow an empty Subject when creating a Certificate"

This reverts commit e505f1e86874acfd98826d64c53bf2ddfd9c1399.

Empty Subjects should be permissible.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5444)
---

diff --git a/apps/ca.c b/apps/ca.c
index db886117f4..e20561ca38 100644
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -1404,10 +1404,6 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509,
         BIO_printf(bio_err, "The Subject's Distinguished Name is as follows\n");
 
     name = X509_REQ_get_subject_name(req);
-    if (X509_NAME_entry_count(name) == 0) {
-        BIO_printf(bio_err, "Error: The supplied Subject is empty\n");
-        goto end;
-    }
     for (i = 0; i < X509_NAME_entry_count(name); i++) {
         ne = X509_NAME_get_entry(name, i);
         str = X509_NAME_ENTRY_get_data(ne);
@@ -1569,12 +1565,6 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509,
             goto end;
     }
 
-    if (X509_NAME_entry_count(subject) == 0) {
-        BIO_printf(bio_err,
-                   "Error: After applying policy the Subject is empty\n");
-        goto end;
-    }
-
     if (verbose)
         BIO_printf(bio_err,
                    "The subject name appears to be ok, checking data base for clashes\n");