]> git.ipfire.org Git - thirdparty/openssl.git/commitdiff
projects / thirdparty / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: dea5e26)
apps.c: add comment to do_X509_sign() referring to question #19805
authorDr. David von Oheimb <David.von.Oheimb@siemens.com>
Tue, 30 May 2023 19:09:26 +0000 (21:09 +0200)
committerDr. David von Oheimb <dev@ddvo.net>
Thu, 1 Jun 2023 08:03:06 +0000 (10:03 +0200)
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/21086)

apps/lib/apps.c patch | blob | blame | history

diff --git a/apps/lib/apps.c b/apps/lib/apps.c
index 79980257bdeef3d7636a8236b6ccf984bd38357f..4f92016ee2f57f53a7e7456c8731d6f1c88707de 100644 (file)
--- a/apps/lib/apps.c
+++ b/apps/lib/apps.c
@@ -2349,6 +2349,7 @@ int do_X509_sign(X509 *cert, int force_v1, EVP_PKEY *pkey, const char *md,
                              "keyid, issuer", !self_sign))
             goto end;
     }
+    /* May add further measures for ensuring RFC 5280 compliance, see #19805 */
 
     if (mctx != NULL && do_sign_init(mctx, pkey, md, sigopts) > 0)
         rv = (X509_sign_ctx(cert, mctx) > 0);
Mirror of https://github.com/openssl/openssl.git