diff options
author | relyea%netscape.com <devnull@localhost> | 2000-06-29 21:25:41 +0000 |
---|---|---|
committer | relyea%netscape.com <devnull@localhost> | 2000-06-29 21:25:41 +0000 |
commit | e5df4b94eb1f23197dbfcd353cdb3a578d346dac (patch) | |
tree | 9dd86f99d866a82c3c07fbc925532c8eb331efff | |
parent | 23b76f7b35ac91bfad51accdce9084182e0baf10 (diff) | |
download | nss-hg-e5df4b94eb1f23197dbfcd353cdb3a578d346dac.tar.gz |
merge changes from NSS 3.0 branch to allow NT automated tests to work.
-rw-r--r-- | security/nss/cmd/certutil/certutil.c | 23 | ||||
-rw-r--r-- | security/nss/cmd/lib/secpwd.c | 4 | ||||
-rw-r--r-- | security/nss/cmd/lib/secutil.c | 25 | ||||
-rw-r--r-- | security/nss/cmd/selfserv/selfserv.c | 2 |
4 files changed, 36 insertions, 18 deletions
diff --git a/security/nss/cmd/certutil/certutil.c b/security/nss/cmd/certutil/certutil.c index 1c049a36e..907f4a68d 100644 --- a/security/nss/cmd/certutil/certutil.c +++ b/security/nss/cmd/certutil/certutil.c @@ -100,7 +100,6 @@ GetGeneralName (PRArenaPool *arena) PORT_Assert (arena); mark = PORT_ArenaMark (arena); do { - fflush (stdin); puts ("\nSelect one of the following general name type: \n"); puts ("\t1 - instance of other name\n\t2 - rfc822Name\n\t3 - dnsName\n"); puts ("\t4 - x400Address\n\t5 - directoryName\n\t6 - ediPartyName\n"); @@ -123,7 +122,6 @@ GetGeneralName (PRArenaPool *arena) } current->type = intValue; puts ("\nEnter data:"); - fflush (stdin); fflush (stdout); gets (buffer); switch (current->type) { @@ -198,7 +196,6 @@ GetString(PRArenaPool *arena, char *prompt, SECItem *value) value->len = 0; puts (prompt); - fflush (stdin); gets (buffer); if (strlen (buffer) > 0) { value->data = PORT_ArenaAlloc (arena, strlen (buffer)); @@ -269,7 +266,6 @@ GetYesNo(char *prompt) #if 0 char charValue; - fflush (stdin); puts (prompt); scanf ("%c", &charValue); if (charValue != 'y' && charValue != 'Y') @@ -1575,7 +1571,6 @@ AddBasicConstraint(void *extHandle) do { basicConstraint.pathLenConstraint = CERT_UNLIMITED_PATH_CONSTRAINT; puts ("Is this a CA certificate [y/n]?"); - fflush (stdin); gets (buffer); basicConstraint.isCA = (buffer[0] == 'Y' || buffer[0] == 'y') ? PR_TRUE : PR_FALSE; @@ -1604,7 +1599,7 @@ AddBasicConstraint(void *extHandle) static SECItem * SignCert(CERTCertDBHandle *handle, CERTCertificate *cert, PRBool selfsign, -SECKEYPrivateKey *selfsignprivkey, char *issuerNickName) +SECKEYPrivateKey *selfsignprivkey, char *issuerNickName, void *pwarg) { SECItem der; SECItem *result = NULL; @@ -1625,7 +1620,7 @@ SECKEYPrivateKey *selfsignprivkey, char *issuerNickName) return (SECItem *)NULL; } - caPrivateKey = PK11_FindKeyByAnyCert(issuer, (void *)NULL); + caPrivateKey = PK11_FindKeyByAnyCert(issuer, pwarg); if (caPrivateKey == NULL) { SECU_PrintError(progName, "unable to retrieve key %s", issuerNickName); return NULL; @@ -1708,7 +1703,6 @@ AddAuthKeyID (void *extHandle) GEN_BREAK (SECFailure); } - fflush (stdin); rv = GetString (arena, "Enter value for the key identifier fields, enter to omit:", &authKeyID->keyID); if (rv != SECSuccess) @@ -1760,7 +1754,6 @@ AddCrlDistPoint(void *extHandle) GEN_BREAK (SECFailure); } - fflush (stdin); /* Get the distributionPointName fields - this field is optional */ puts ("Enter the type of the distribution point name:\n"); puts ("\t1 - Full Name\n\t2 - Relative Name\n\tOther - omit\n\t\tChoice: "); @@ -1779,7 +1772,6 @@ AddCrlDistPoint(void *extHandle) current->distPointType = intValue; puts ("Enter the relative name: "); fflush (stdout); - fflush (stdin); gets (buffer); /* For simplicity, use CERT_AsciiToName to converse from a string to NAME, but we only interest in the first RDN */ @@ -1846,7 +1838,6 @@ AddCrlDistPoint(void *extHandle) } while (1); if (rv == SECSuccess) { - fflush (stdin); buffer[0] = 'n'; puts ("Is this a critical extension [y/n]? "); gets (buffer); @@ -1868,6 +1859,7 @@ CreateCert( PRFileDesc *inFile, PRFileDesc *outFile, SECKEYPrivateKey *selfsignprivkey, + void *pwarg, int serialNumber, int warpmonths, int validitylength, @@ -1955,7 +1947,7 @@ CreateCert( CERT_FinishExtensions(extHandle); - certDER = SignCert (handle, subjectCert, selfsign, selfsignprivkey, issuerNickName); + certDER = SignCert (handle, subjectCert, selfsign, selfsignprivkey, issuerNickName,pwarg); if (certDER) PR_Write(outFile, certDER->data, certDER->len); @@ -2141,6 +2133,11 @@ main(int argc, char **argv) } #endif + if (certutil.options[opt_PasswordFile].arg) { + pwdata.source = PW_FROMFILE; + pwdata.data = certutil.options[opt_PasswordFile].arg; + } + if (certutil.options[opt_CertDir].activated) SECU_ConfigDirectory(certutil.options[opt_CertDir].arg); @@ -2534,7 +2531,7 @@ main(int argc, char **argv) certutil.commands[cmd_CreateNewCert].activated) { rv = CreateCert(certHandle, certutil.options[opt_IssuerName].arg, - inFile, outFile, privkey, + inFile, outFile, privkey, &pwdata, serialNumber, warpmonths, validitylength, certutil.options[opt_SelfSign].activated, certutil.options[opt_AddKeyUsageExt].activated, diff --git a/security/nss/cmd/lib/secpwd.c b/security/nss/cmd/lib/secpwd.c index c235c3ffa..b2edcaed2 100644 --- a/security/nss/cmd/lib/secpwd.c +++ b/security/nss/cmd/lib/secpwd.c @@ -155,6 +155,10 @@ static int quiet_fgets (char *buf, int length, FILE *input) /* fflush (input); */ memset (buf, 0, length); + if (input != stdin) { + return fgets(buf,length,input); + } + while (1) { c = getch(); diff --git a/security/nss/cmd/lib/secutil.c b/security/nss/cmd/lib/secutil.c index 880503659..cb2112bdf 100644 --- a/security/nss/cmd/lib/secutil.c +++ b/security/nss/cmd/lib/secutil.c @@ -255,6 +255,8 @@ SECU_FilePasswd(PK11SlotInfo *slot, PRBool retry, void *arg) nb = PR_Read(fd, phrase, sizeof(phrase)); PR_Close(fd); + /* handle the Windows EOL case */ + if ((nb > 2) && (phrase[nb-2] == '\r') ) nb--; if (phrase[nb-1] == '\n') { phrase[nb-1] = '\0'; if (nb == 0) { @@ -309,11 +311,15 @@ secu_InitSlotPassword(PK11SlotInfo *slot, PRBool retry, void *arg) if (pwdata->source == PW_NONE) { /* open terminal */ +#ifdef _WINDOWS + input = stdin; +#else input = fopen(consoleName, "r"); if (input == NULL) { PR_fprintf(PR_STDERR, "Error opening input terminal for read\n"); return NULL; } +#endif /* we have no password, so initialize database with one */ PR_fprintf(PR_STDERR, @@ -393,9 +399,16 @@ SECU_ChangePW(PK11SlotInfo *slot, char *passwd, char *pwFile) for (;;) { oldpw = SECU_GetModulePassword(slot, PR_FALSE, &pwdata); - if (PK11_CheckUserPassword(slot, oldpw) != SECSuccess) - PR_fprintf(PR_STDERR, "Invalid password. Try again.\n"); - else + if (PK11_CheckUserPassword(slot, oldpw) != SECSuccess) { + if (pwdata.source == PW_NONE) { + PR_fprintf(PR_STDERR, "Invalid password. Try again.\n"); + } else { + PR_fprintf(PR_STDERR, "Invalid password.\n"); + PORT_Memset(oldpw, 0, PL_strlen(oldpw)); + PORT_Free(oldpw); + return SECFailure; + } + } else break; PORT_Free(oldpw); @@ -578,11 +591,15 @@ SECU_ChangeKeyDBPassword(SECKEYKeyDBHandle *handle) oldpwitem = secu_GetZeroLengthPassword(handle); /* open terminal */ +#ifdef _WINDOWS + input = stdin; +#else input = fopen(consoleName, "r"); if (input == NULL) { fprintf(stderr, "Error opening input terminal\n"); return SECFailure; } +#endif output = fopen(consoleName, "w"); if (output == NULL) { @@ -667,7 +684,7 @@ SECU_ChangeKeyDBPassword(SECKEYKeyDBHandle *handle) SECITEM_ZfreeItem(newpwitem, PR_TRUE); SECITEM_ZfreeItem(oldpwitem, PR_TRUE); - fclose(input); + if (input != stdin) fclose(input); fclose(output); if (failed) { diff --git a/security/nss/cmd/selfserv/selfserv.c b/security/nss/cmd/selfserv/selfserv.c index 37fdedf38..f5fb03312 100644 --- a/security/nss/cmd/selfserv/selfserv.c +++ b/security/nss/cmd/selfserv/selfserv.c @@ -894,7 +894,7 @@ send_answer: break; } } else { - fwrite(buf, 1, i, stdout); /* display it */ + /* fwrite(buf, 1, i, stdout); /* display it */ rv = PR_Write(ssl_sock, buf, i); if (rv < 0) { errWarn("PR_Write"); |