From e36019c5dbce686efe687f2a52f9ccbc76e3489d Mon Sep 17 00:00:00 2001 From: "neil.williams%sun.com" Date: Thu, 17 Mar 2005 01:43:47 +0000 Subject: [PATCH] Bug 285208 Fixes ext processing bug introduced by previous patch. r=nelson git-svn-id: svn://10.0.0.236/trunk@170816 18797224-902f-48f8-a5cc-f745e15eee43 --- mozilla/security/nss/cmd/certutil/certutil.c | 23 ++++++++++++++++---- 1 file changed, 19 insertions(+), 4 deletions(-) diff --git a/mozilla/security/nss/cmd/certutil/certutil.c b/mozilla/security/nss/cmd/certutil/certutil.c index 459e665e7f3..cae48f6b723 100644 --- a/mozilla/security/nss/cmd/certutil/certutil.c +++ b/mozilla/security/nss/cmd/certutil/certutil.c @@ -2939,9 +2939,8 @@ secuCommandFlag certutil_options[] = * Certificate request */ - /* Make a cert request (-R or -S). */ - if (certutil.commands[cmd_CreateAndAddCert].activated || - certutil.commands[cmd_CertReq].activated) { + /* Make a cert request (-R). */ + if (certutil.commands[cmd_CertReq].activated) { rv = CertReq(privkey, pubkey, keytype, hashAlgTag, subject, certutil.options[opt_PhoneNumber].arg, certutil.options[opt_ASCIIForIO].activated, @@ -2963,10 +2962,26 @@ secuCommandFlag certutil_options[] = * Certificate creation */ - /* If making and adding a cert, load the cert request file + /* If making and adding a cert, create a cert request file first without + * any extensions, then load it with the command line extensions * and output the cert to another file. */ if (certutil.commands[cmd_CreateAndAddCert].activated) { + rv = CertReq(privkey, pubkey, keytype, hashAlgTag, subject, + certutil.options[opt_PhoneNumber].arg, + certutil.options[opt_ASCIIForIO].activated, + NULL, + NULL, + PR_FALSE, + PR_FALSE, + PR_FALSE, + PR_FALSE, + PR_FALSE, + PR_FALSE, + outFile ? outFile : PR_STDOUT); + if (rv) + goto shutdown; + privkey->wincx = &pwdata; PR_Close(outFile); inFile = PR_Open(certreqfile, PR_RDONLY, 0); if (!inFile) {