diff options
Diffstat (limited to 'apps/req.c')
-rw-r--r-- | apps/req.c | 38 |
1 files changed, 11 insertions, 27 deletions
diff --git a/apps/req.c b/apps/req.c index 14e8ef5a4f..07a47c607f 100644 --- a/apps/req.c +++ b/apps/req.c @@ -156,6 +156,7 @@ int MAIN(int argc, char **argv) char *req_exts = NULL; EVP_CIPHER *cipher=NULL; int modulus=0; + char *passargin = NULL, *passargout = NULL; char *passin = NULL, *passout = NULL; char *p; const EVP_MD *md_alg=NULL,*digest=EVP_md5(); @@ -231,34 +232,12 @@ int MAIN(int argc, char **argv) else if (strcmp(*argv,"-passin") == 0) { if (--argc < 1) goto bad; - passin= *(++argv); - } - else if (strcmp(*argv,"-envpassin") == 0) - { - if (--argc < 1) goto bad; - if(!(passin= getenv(*(++argv)))) - { - BIO_printf(bio_err, - "Can't read environment variable %s\n", - *argv); - badops = 1; - } - } - else if (strcmp(*argv,"-envpassout") == 0) - { - if (--argc < 1) goto bad; - if(!(passout= getenv(*(++argv)))) - { - BIO_printf(bio_err, - "Can't read environment variable %s\n", - *argv); - badops = 1; - } + passargin= *(++argv); } else if (strcmp(*argv,"-passout") == 0) { if (--argc < 1) goto bad; - passout= *(++argv); + passargout= *(++argv); } else if (strcmp(*argv,"-newkey") == 0) { @@ -401,13 +380,16 @@ bad: BIO_printf(bio_err," -days number of days a x509 generated by -x509 is valid for.\n"); BIO_printf(bio_err," -asn1-kludge Output the 'request' in a format that is wrong but some CA's\n"); BIO_printf(bio_err," have been reported as requiring\n"); - BIO_printf(bio_err," [ It is now always turned on but can be turned off with -no-asn1-kludge ]\n"); BIO_printf(bio_err," -extensions .. specify certificate extension section (override value in config file)\n"); BIO_printf(bio_err," -reqexts .. specify request extension section (override value in config file)\n"); goto end; } ERR_load_crypto_strings(); + if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) { + BIO_printf(bio_err, "Error getting passwords\n"); + goto end; + } #ifndef MONOLITH /* else this has happened in openssl.c (global `config') */ /* Lets load up our environment a little */ @@ -540,7 +522,7 @@ bad: pkey=d2i_PrivateKey_bio(in,NULL); else if (keyform == FORMAT_PEM) { - pkey=PEM_read_bio_PrivateKey(in,NULL,PEM_cb,passin); + pkey=PEM_read_bio_PrivateKey(in,NULL,NULL,passin); } else { @@ -629,7 +611,7 @@ bad: i=0; loop: if (!PEM_write_bio_PrivateKey(out,pkey,cipher, - NULL,0,PEM_cb,passout)) + NULL,0,NULL,passout)) { if ((ERR_GET_REASON(ERR_peek_error()) == PEM_R_PROBLEMS_GETTING_PASSWORD) && (i < 3)) @@ -892,6 +874,8 @@ end: EVP_PKEY_free(pkey); X509_REQ_free(req); X509_free(x509ss); + if(passin) Free(passin); + if(passout) Free(passout); OBJ_cleanup(); #ifndef NO_DSA if (dsa_params != NULL) DSA_free(dsa_params); |