tool: don't generate negative serial numbers.

MSVC, on 32-bit systems, defines sizeof(long)=4 which means that a
uint32_t could end up negative when passed to |ASN1_INTEGER_set| on
Windows.

Change-Id: Ib07487ab524550c832909bf10521aae61d654416
Reviewed-on: https://boringssl-review.googlesource.com/12560
Commit-Queue: Adam Langley <agl@google.com>
Reviewed-by: Martin Kreichgauer <martinkr@google.com>
Reviewed-by: Adam Langley <agl@google.com>

tool/server.cc

@@ -113,7 +113,7 @@ static bssl::UniquePtr<X509> MakeSelfSignedCert(EVP_PKEY *evp_pkey,
   bssl::UniquePtr<X509> x509(X509_new());
   uint32_t serial;
   RAND_bytes(reinterpret_cast<uint8_t*>(&serial), sizeof(serial));
-  ASN1_INTEGER_set(X509_get_serialNumber(x509.get()), serial);
+  ASN1_INTEGER_set(X509_get_serialNumber(x509.get()), serial >> 1);
   X509_gmtime_adj(X509_get_notBefore(x509.get()), 0);
   X509_gmtime_adj(X509_get_notAfter(x509.get()), 60 * 60 * 24 * valid_days);