The branch OpenSSL_1_1_0-stable has been updated via bfd752fe83c72f248a6905d971217e8a3e3a287d (commit) from fe4de29d48d6f7125576a6f8ac73c5af5e832083 (commit)
- Log ----------------------------------------------------------------- commit bfd752fe83c72f248a6905d971217e8a3e3a287d Author: Eric Curtin <ericcurti...@gmail.com> Date: Mon Sep 3 15:23:37 2018 +0100 New openssl subject parser hard to debug -subj 'subject=C = US, ST = A, L = root, O = Hewlett Packard Enterprise Company, OU = Remote Device Access, CN = Hewlett Packard Enterprise Remote Device Access Test Local CA, emailAddress = r...@hpe.com' was a valid subject in openssl 1.0. Error received in 1.1 is: problems making Certificate Request Not very informative, I only figured this out because I compiled the code and added logging. Reviewed-by: Tim Hudson <t...@openssl.org> Reviewed-by: Paul Dale <paul.d...@oracle.com> (Merged from https://github.com/openssl/openssl/pull/7098) (cherry picked from commit 2167640b0bf76ec50a397dd90444b97c242e3f04) ----------------------------------------------------------------------- Summary of changes: apps/apps.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/apps/apps.c b/apps/apps.c index d52201f..a162b16 100644 --- a/apps/apps.c +++ b/apps/apps.c @@ -1707,8 +1707,14 @@ X509_NAME *parse_name(const char *cp, long chtype, int canmulti) char *work; X509_NAME *n; - if (*cp++ != '/') + if (*cp++ != '/') { + BIO_printf(bio_err, + "name is expected to be in the format " + "/type0=value0/type1=value1/type2=... where characters may " + "be escaped by \\. This name is not in that format: '%s'\n", + --cp); return NULL; + } n = X509_NAME_new(); if (n == NULL) _____ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits