1 files changed, 8 insertions, 6 deletions

diff --git a/src/openac/openac.c b/src/openac/openac.c
index 5de8f5b7c..745988750 100755
--- a/src/openac/openac.c
+++ b/src/openac/openac.c
@@ -39,8 +39,8 @@
 #include <credentials/sets/mem_cred.h>
 #include <utils/optionsfrom.h>
 
-#define OPENAC_PATH   		IPSEC_CONFDIR "/openac"
-#define OPENAC_SERIAL 		IPSEC_CONFDIR "/openac/serial"
+#define OPENAC_PATH			IPSEC_CONFDIR "/openac"
+#define OPENAC_SERIAL		IPSEC_CONFDIR "/openac/serial"
 
 #define DEFAULT_VALIDITY	24*3600		/* seconds */
 
@@ -133,7 +133,7 @@ static void write_serial(chunk_t serial)
 
 		DBG1(DBG_LIB, "  serial number is %#B", &serial);
 		hex_serial = chunk_to_hex(serial, NULL, FALSE);
-		fprintf(fd, "%.*s\n", hex_serial.len, hex_serial.ptr);
+		fprintf(fd, "%.*s\n", (int)hex_serial.len, hex_serial.ptr);
 		fclose(fd);
 		free(hex_serial.ptr);
 	}
@@ -300,6 +300,7 @@ int main(int argc, char **argv)
 					if (*optarg == '/')	/* absolute pathname */
 					{
 						strncpy(path, optarg, BUF_LEN);
+						path[BUF_LEN-1] = '\0';
 					}
 					else			/* relative pathname */
 					{
@@ -326,7 +327,7 @@ int main(int argc, char **argv)
 				continue;
 
 			case 'p':	/* --key */
-				if (strlen(optarg) > BUF_LEN)
+				if (strlen(optarg) >= BUF_LEN)
 				{
 					usage("passphrase too long");
 					goto end;
@@ -490,7 +491,8 @@ int main(int argc, char **argv)
 	notAfter =  (notAfter  == UNDEFINED_TIME) ? time(NULL) + validity : notAfter;
 
 	/* build and parse attribute certificate */
-	if (userCert != NULL && signerCert != NULL && signerKey != NULL)
+	if (userCert != NULL && signerCert != NULL && signerKey != NULL &&
+		outfile != NULL)
 	{
 		/* read the serial number and increment it by one */
 		serial = read_serial();
@@ -522,7 +524,7 @@ int main(int argc, char **argv)
 	}
 	else
 	{
-		usage("some of the mandatory parameters --usercert --cert --key "
+		usage("some of the mandatory parameters --usercert --cert --key --out "
 			  "are missing");
 	}