[PATCH]: Added -subject to openssl req

Fri, 03 Nov 2000 01:37:28 -0800 

Hello OpenSSL Developers,

In my cgi-perl scripts I often have to check what is exactly in the PKCS#10 request a
Customer submits. Currently only the -text option could be used to look into the
request contents, but its output is difficult to parse.
I have found a patch from Mr. Svenning posted on 2000-06-24, but this patch
somehow wasn't added to the 0.9.6 release.
I've included the "-subject" parameter which outputs the requested SubjectDN as a
single line (same as with the x509 command).

The Patch was made against the regular openssl-0.9.6/apps/req.c

--- req.c.orig.0.9.6 Fri Nov  3 09:58:00 2000
+++ req.c Fri Nov  3 09:58:00 2000
@@ -105,6 +105,7 @@
  * -rand file(s) - load the file(s) into the PRNG.
  * -newkey - make a key and a request.
  * -modulus - print RSA modulus.
+ * -subject - print subject DN.
  * -x509 - output a self signed X509 structure instead.
  * -asn1-kludge - output new certificate request in a format that some CA's
  *    require.  This format is wrong
@@ -155,7 +156,7 @@
  char *extensions = NULL;
  char *req_exts = NULL;
  EVP_CIPHER *cipher=NULL;
- int modulus=0;
+ int modulus=0, subject=0;
  char *inrand=NULL;
  char *passargin = NULL, *passargout = NULL;
  char *passin = NULL, *passout = NULL;
@@ -314,6 +315,8 @@
    }
   else if (strcmp(*argv,"-newhdr") == 0)
    newhdr=1;
+  else if (strcmp(*argv,"-subject") == 0)
+   subject=1;
   else if (strcmp(*argv,"-modulus") == 0)
    modulus=1;
   else if (strcmp(*argv,"-verify") == 0)
@@ -374,6 +377,7 @@
   BIO_printf(bio_err," -noout         do not output REQ\n");
   BIO_printf(bio_err," -verify        verify signature on REQ\n");
   BIO_printf(bio_err," -modulus       RSA modulus\n");
+  BIO_printf(bio_err," -subject       Subject DN\n");
   BIO_printf(bio_err," -nodes         don't encrypt the output key\n");
   BIO_printf(bio_err," -key file use the private key contained in file\n");
   BIO_printf(bio_err," -keyform arg   key file format\n");
@@ -803,7 +807,7 @@
    BIO_printf(bio_err,"verify OK\n");
   }

- if (noout && !text && !modulus)
+ if (noout && !text && !modulus && !subject)
   {
   ex=0;
   goto end;
@@ -862,6 +866,15 @@
    fprintf(stdout,"Wrong Algorithm type");
   fprintf(stdout,"\n");
   }
+
+ if (subject)
+  {
+  char sn[1024];
+
+  X509_NAME_oneline(X509_REQ_get_subject_name(req),sn,sizeof(sn));
+  fprintf(stdout,"subject=%s\n",sn);
+  }
+

  if (!noout && !x509)
   {

Regards,
Guus Gerrits
--------------------------
Media Transfer GmbH
Dolivostra�e 11
D-64293 Darmstadt
Germany
EMail: [EMAIL PROTECTED]
Web:   http://www.mtgnet.de
Tel: +49 6151 8193 17
Fax: +49 6151 8193 41
--------------------------
Note: If you receive an attachment smime.p7s dont worry.
  It is an "Secure Multipurpose Internet Mail Extension" and
  contains a digital signature and public key. If you "see" this attachment,
  it probably means that your E-mail client cannot handle S/MIME-Standard.
  In this case it can be just ignored.

req.c.diff

Reply via email to