git.librecmc.org Git - oweals/openssl.git/commit

author	Benjamin Kaduk <bkaduk@akamai.com>
	Thu, 4 Oct 2018 18:49:21 +0000 (13:49 -0500)
committer	Ben Kaduk <kaduk@mit.edu>
	Mon, 8 Oct 2018 21:32:47 +0000 (16:32 -0500)
commit	3d362f190306b62a17aa2fd475b2bc8b3faa8142
tree	6017fdeece75ffebed1fa1de05193dc21ceb7814	tree \| snapshot
parent	4fef4981f8cc614559b86a06532b0eeac6ffd0d9	commit \| diff

apps: allow empty attribute values with -subj

Historically (i.e., OpenSSL 1.0.x), the openssl applications would
allow for empty subject attributes to be passed via the -subj argument,
e.g., `opensl req -subj '/CN=joe/O=/OU=local' ...`. Commit
db4c08f0194d58c6192f0d8311bf3f20e251cf4f applied a badly needed rewrite
to the parse_name() helper function that parses these strings, but
in the process dropped a check that would skip attributes with no
associated value. As a result, such strings are now treated as
hard errors and the operation fails.

Restore the check to skip empty attribute values and restore
the historical behavior.

Document the behavior for empty subject attribute values in the
corresponding applications' manual pages.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7349)

apps/apps.c		diff \| blob \| history
doc/man1/ca.pod		diff \| blob \| history
doc/man1/req.pod		diff \| blob \| history
doc/man1/storeutl.pod		diff \| blob \| history