certtool: do not require a certificate to generate a PKCS#12 file

author Nikos Mavrogiannopoulos <nmav@redhat.com>

Thu, 22 Sep 2016 07:21:06 +0000 (09:21 +0200)

committer Nikos Mavrogiannopoulos <nmav@redhat.com>

Thu, 22 Sep 2016 07:21:40 +0000 (09:21 +0200)
author Nikos Mavrogiannopoulos <nmav@redhat.com>
Thu, 22 Sep 2016 07:21:06 +0000 (09:21 +0200)
committer Nikos Mavrogiannopoulos <nmav@redhat.com>
Thu, 22 Sep 2016 07:21:40 +0000 (09:21 +0200)
diff --git a/src/certtool-args.def b/src/certtool-args.def

index 29835f8fe4a067c34e210a0b6183d8f4790eec7c..c3acef5ac364a526c2357a092c5a9d092efadec3 100644 (file)
--- a/src/certtool-args.def
+++ b/src/certtool-args.def
@@ -408,7 +408,6 @@ flag = {
      name      = to-p12;
      descrip   = "Generate a PKCS #12 structure";
      doc = "It requires a certificate, a private key and possibly a CA certificate to be specified.";
-    flags-must = load-certificate;
  };
  
  flag = {
diff --git a/src/certtool.c b/src/certtool.c

index e27f05509339d2d565227e8b20e6f3a589157e4f..ecc1393bcc4bee5b153d836135046985082964bc 100644 (file)
--- a/src/certtool.c
+++ b/src/certtool.c
@@ -3105,6 +3105,11 @@ void generate_pkcs12(common_info_st * cinfo)
         crts = load_cert_list(0, &ncrts, cinfo);
         ca_crt = load_ca_cert(0, cinfo);
  
+       if (keys == NULL && crts == NULL && ca_crt == NULL) {
+               fprintf(stderr, "You must specify one of\n\t--load-privkey\n\t--load-certificate\n\t--load-ca-certificate\n");
+               exit(1);
+       }
+
         if (HAVE_OPT(P12_NAME)) {
                 name = OPT_ARG(P12_NAME);
         } else {
author	Nikos Mavrogiannopoulos <nmav@redhat.com>
	Thu, 22 Sep 2016 07:21:06 +0000 (09:21 +0200)
committer	Nikos Mavrogiannopoulos <nmav@redhat.com>
	Thu, 22 Sep 2016 07:21:40 +0000 (09:21 +0200)
src/certtool-args.def		patch \| blob \| blame \| history
src/certtool.c		patch \| blob \| blame \| history