diff options
-rw-r--r-- | src/certtool.c | 3 | ||||
-rw-r--r-- | src/common.c | 9 |
2 files changed, 11 insertions, 1 deletions
diff --git a/src/certtool.c b/src/certtool.c index 6bdfe376b1..6c1f04656b 100644 --- a/src/certtool.c +++ b/src/certtool.c @@ -3027,7 +3027,8 @@ void generate_pkcs12(common_info_st * cinfo) app_exit(1); } - result = gnutls_pkcs12_bag_encrypt(bag, pass, flags); + if (!(flags & GNUTLS_PKCS_PLAIN) || cinfo->empty_password) + result = gnutls_pkcs12_bag_encrypt(bag, pass, flags); if (result < 0) { fprintf(stderr, "bag_encrypt: %s\n", gnutls_strerror(result)); diff --git a/src/common.c b/src/common.c index 753481741b..a7e784e666 100644 --- a/src/common.c +++ b/src/common.c @@ -1138,6 +1138,15 @@ pin_callback(void *user, int attempt, const char *token_url, getenv_copy(password, sizeof(password), "GNUTLS_PIN"); } + if (password[0] == 0 && info != NULL && info->password != NULL && info->ask_pass == 0) { + if (strlen(info->password) < sizeof(password)) { + strcpy(password, info->password); + } else { + memcpy(password, info->password, sizeof(password) - 1); + password[sizeof(password) - 1] = '\0'; + } + } + if (password[0] == 0 && (info == NULL || info->batch == 0 || info->ask_pass != 0)) { if (token_label && token_label[0] != 0) { fprintf(stderr, "Token '%s' with URL '%s' ", token_label, token_url); |