From df368ecce4e2d2ab8aedb4fa5eadb08992b52b4f Mon Sep 17 00:00:00 2001
From: "Dr. Stephen Henson" <steve@openssl.org>
Date: Wed, 12 May 2004 18:20:37 +0000
Subject: [PATCH] Make self signing option of 'x509' use random serial numbers
 too.

---
 apps/x509.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/apps/x509.c b/apps/x509.c
index 6e652177d8..d00511c78a 100644
--- a/apps/x509.c
+++ b/apps/x509.c
@@ -601,12 +601,16 @@ bad:
 		if ((x=X509_new()) == NULL) goto end;
 		ci=x->cert_info;
 
-		if (sno)
+		if (sno == NULL)
 			{
-			if (!X509_set_serialNumber(x, sno))
+			sno = ASN1_INTEGER_new();
+			if (!sno || !rand_serial(NULL, sno))
 				goto end;
 			}
-		else if (!ASN1_INTEGER_set(X509_get_serialNumber(x),0)) goto end;
+
+		if (!X509_set_serialNumber(x, sno)) 
+			goto end;
+
 		if (!X509_set_issuer_name(x,req->req_info->subject)) goto end;
 		if (!X509_set_subject_name(x,req->req_info->subject)) goto end;
 
-- 
GitLab