Use incremented serial of base CRL when signing delta CRL
authorMartin Willi <martin@revosec.ch>
Thu, 23 Dec 2010 13:50:04 +0000 (14:50 +0100)
committerMartin Willi <martin@revosec.ch>
Wed, 5 Jan 2011 15:46:06 +0000 (16:46 +0100)
src/pki/commands/signcrl.c

index 07f4a13..4b1c12e 100644 (file)
@@ -332,6 +332,8 @@ static int sign_crl()
                        error = "loading base CRL failed";
                        goto error;
                }
+               memcpy(crl_serial, lastcrl->get_serial(lastcrl).ptr,
+                          min(lastcrl->get_serial(lastcrl).len, sizeof(crl_serial)));
                baseCrlNumber = chunk_clone(lastcrl->get_serial(lastcrl));
                DESTROY_IF((certificate_t*)lastcrl);
                lastcrl = NULL;