Closed
Bug 330622
Opened 19 years ago
Closed 17 years ago
certutil's usage messages incorrectly document certain options
Categories
(NSS :: Tools, defect, P3)
Tracking
(Not tracked)
RESOLVED
FIXED
3.12.1
People
(Reporter: KaiE, Assigned: nelson)
Details
Attachments
(1 file)
|
3.42 KB,
patch
|
KaiE
:
review+
|
Details | Diff | Splinter Review |
From https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=185577
Description of problem:
When I run "certutil -R" and supply an email address using the -y flag, I get an
error message.
Version-Release number of selected component (if applicable):
nss-tools-3.11-4
How reproducible:
Always
Steps to Reproduce:
1. mkdir /tmp/z
2. certutil -d /tmp/z -N
3. certutil -d /tmp/z -R -s 'cn=Nalin Dahyabhai' -a -o /tmp/z/nalin.req -y
nalin@redhat.com
Actual results:
I get this error message:
certutil -y: incorrect public exponent 0.Must be 3, 17, or 65537.
Expected results:
certutil would usually ask me to help it seed its RNG, and proceed as normally
|
Assignee | |
Updated•19 years ago
|
Assignee: wtchang → nobody
QA Contact: jason.m.reid → tools
|
|
Assignee | |
Updated•19 years ago
|
Priority: -- → P3
|
||
Updated•18 years ago
|
OS: Linux → All
Hardware: PC → All
|
||
Comment 1•17 years ago
|
||
The -y option is for the public exponent only, we wouldn't want to overload this meaning. The -R command honors the -S command extension options
-7 Create an email subject alt name extension
certutil -d /tmp/z -R -s 'cn=Nalin Dahyabhai' -a -o /tmp/z/nalin.req -s
nalin@redhat.com works as the reporter expected. Wouldn't this be the proper way?
|
||
Comment 2•17 years ago
|
||
Yep, looks like you're right -- the short-form ('-h') help output must be wrong.
|
|
||
Updated•17 years ago
|
Status: NEW → ASSIGNED
|
|
Assignee | |
Comment 3•17 years ago
|
||
Also, the documentation for the -7 -8 and -0 options are wrong or missing.
Patch forthcoming.
Summary: certutil -R doesn't like the -y flag → certutil's usage messages incorrectly document certain options
|
|
Assignee | |
Updated•17 years ago
|
Assignee: nobody → nelson
Status: ASSIGNED → NEW
|
Reporter | |
Comment 5•17 years ago
|
||
Comment on attachment 331775 [details] [diff] [review]
patch v1
I don't know what the SSO-Password is, maybe you'd want to use a more obvious string.
Besides from that the changes in the patch seem to match the information in secuCommandFlag options_init, so r+
Attachment #331775 -
Flags: review?(kaie) → review+
|
|
Reporter | |
Comment 6•17 years ago
|
||
If you create a new patch, and your only change is a more descriptive string for SSO, my r+ shall still apply.
|
|
Assignee | |
Comment 7•17 years ago
|
||
Kai, as you may recall, certutil has both a "short" and a "long" usage message,
obtained with certutil -h and certutil -H respectively. With this patch,
the short message describes certutil's -T option as:
Usage: certutil -T [-d certdir] [-P dbprefix] [-h token-name]
[-f pwfile] [-0 SSO-password]
and the long usage message describes it as:
-T Reset the Key database or token
-d certdir Cert database directory (default is ~/.netscape)
-P dbprefix Cert & Key database prefix
-h token-name Token to reset (default is internal)
-0 SSO-password Set token's Site Security Officer password
Do you think that SSO-password needs more explanation than that?
|
|
Assignee | |
Comment 8•17 years ago
|
||
cmd/certutil/certutil.c; new revision: 1.141; previous revision: 1.140
Status: NEW → RESOLVED
Closed: 17 years ago
Resolution: --- → FIXED
Target Milestone: --- → 3.12.1
|
|
Reporter | |
Comment 9•17 years ago
|
||
Nelson, thanks for the clarification, you're right, that seems sufficient.
You need to log in
before you can comment on or make changes to this bug.
Description
•