Commit bd4e1527 authored by Dr. Stephen Henson's avatar Dr. Stephen Henson
Browse files 

Document the new DN printing options.

Change a few names to be more meaningful.

Fix typos in CA.pl docs.
parent aa826d88

apps/apps.c

+2 −2
Original line number Diff line number Diff line
@@ -668,8 +668,8 @@ int set_name_ex(unsigned long *flags, const char *arg) 
		{ "esc_msb", ASN1_STRFLGS_ESC_MSB, 0},

		{ "use_quote", ASN1_STRFLGS_ESC_QUOTE, 0},

		{ "utf8", ASN1_STRFLGS_UTF8_CONVERT, 0},

		{ "no_type", ASN1_STRFLGS_IGNORE_TYPE, 0},

		{ "show_name", ASN1_STRFLGS_SHOW_NAME, 0},

		{ "ignore_type", ASN1_STRFLGS_IGNORE_TYPE, 0},

		{ "show_type", ASN1_STRFLGS_SHOW_TYPE, 0},

		{ "dump_all", ASN1_STRFLGS_DUMP_ALL, 0},

		{ "dump_nostr", ASN1_STRFLGS_DUMP_UNKNOWN, 0},

		{ "dump_der", ASN1_STRFLGS_DUMP_DER, 0},

crypto/asn1/a_strex.c

+5 −5
Original line number Diff line number Diff line
@@ -311,7 +311,7 @@ static int do_print_ex(char_io *io_ch, void *arg, unsigned long lflags, ASN1_STR 
	outlen = 0;





	if(lflags & ASN1_STRFLGS_SHOW_NAME) {

	if(lflags & ASN1_STRFLGS_SHOW_TYPE) {

		const char *tagname;

		tagname = ASN1_tag2str(type);

		outlen += strlen(tagname);
@@ -393,7 +393,7 @@ static int do_name_ex(char_io *io_ch, void *arg, X509_NAME *n, 
		sep_dn = "\n";

		sep_dn_len = 1;

		sep_mv = " + ";

		sep_mv_len = 1;

		sep_mv_len = 3;

		break;



		case XN_FLAG_SEP_COMMA_PLUS:
@@ -446,10 +446,10 @@ static int do_name_ex(char_io *io_ch, void *arg, X509_NAME *n, 
			} else {

				if(!io_ch(arg, sep_dn, sep_dn_len)) return -1;

				outlen += sep_dn_len;

			}

				if(!do_indent(io_ch, arg, indent)) return -1;

				outlen += indent;

			}

		}

		prev = ent->set;

		fn = X509_NAME_ENTRY_get_object(ent);

		val = X509_NAME_ENTRY_get_data(ent);

crypto/asn1/asn1.h

+1 −1
Original line number Diff line number Diff line
@@ -306,7 +306,7 @@ typedef int ASN1_NULL; 
#define ASN1_STRFLGS_IGNORE_TYPE	0x20



/* If this is set we include the string type in the output */

#define ASN1_STRFLGS_SHOW_NAME		0x40

#define ASN1_STRFLGS_SHOW_TYPE		0x40



/* This determines which strings to display and which to

 * 'dump' (hex dump of content octets or DER encoding). We can

crypto/x509/x509.h

+4 −4
Original line number Diff line number Diff line
@@ -338,10 +338,10 @@ DECLARE_STACK_OF(X509_TRUST) 


#define XN_FLAG_FN_MASK		(0x3 << 21)



#define XN_FLAG_FN_NONE		0		/* No field names */

#define XN_FLAG_FN_SN		(1 << 21)	/* Object short name */

#define XN_FLAG_FN_LN		(2 << 21)	/* Object long name */

#define XN_FLAG_FN_OID		(3 << 21)	/* Always use OIDs */

#define XN_FLAG_FN_SN		0		/* Object short name */

#define XN_FLAG_FN_LN		(1 << 21)	/* Object long name */

#define XN_FLAG_FN_OID		(2 << 21)	/* Always use OIDs */

#define XN_FLAG_FN_NONE		(3 << 21)	/* No field names */



#define XN_FLAG_SPC_EQ		(1 << 23)	/* Put spaces round '=' */

doc/apps/CA.pl.pod

+2 −2
Original line number Diff line number Diff line
@@ -69,7 +69,7 @@ list box), otherwise the name "My Certificate" is used. 


calls the B<ca> program to sign a certificate request. It expects the request

to be in the file "newreq.pem". The new certificate is written to the file

"newcert.pem" except in the case of the B<-xcert> option when it is written

"newcert.pem" except in the case of the B<-xsign> option when it is written

to standard output.



=item B<-signcert>
@@ -122,7 +122,7 @@ Create the CA directories and files: 


enter cacert.pem when prompted for the CA file name.



Create a DSA certificate request and privat key (a different set of parameters

Create a DSA certificate request and private key (a different set of parameters

can optionally be created first):



 openssl req -out newreq.pem -newkey dsa:dsap.pem