Make -passin -passout etc work again.
authorDr. Stephen Henson <steve@openssl.org>
Fri, 17 Aug 2001 01:09:54 +0000 (01:09 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Fri, 17 Aug 2001 01:09:54 +0000 (01:09 +0000)
Fix leak in ca.c when using -passin.

apps/apps.c
apps/ca.c

index 2d2fb38858a544c940928b4ed983972321bc82fd..31225b3f9c0cadf0987074b9f456b084a7b1e6e7 100644 (file)
@@ -459,6 +459,15 @@ int password_callback(char *buf, int bufsiz, int verify,
                        prompt_info = cb_data->prompt_info;
                }
 
+       if (password)
+               {
+               res = strlen(password);
+               if (res > bufsiz)
+                       res = bufsiz;
+               memcpy(buf, password, res);
+               return res;
+               }
+
        ui = UI_new_method(ui_method);
        if (ui)
                {
index 1e34e50232cb98f62bb3ee22ebbf2a12e5a3e30a..d41a9d5fc64ea3db7b22934d5b699c0b46454351 100644 (file)
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -264,6 +264,7 @@ int MAIN(int argc, char **argv)
        {
        ENGINE *e = NULL;
        char *key=NULL,*passargin=NULL;
+       int free_key = 0;
        int total=0;
        int total_done=0;
        int badops=0;
@@ -677,10 +678,14 @@ bad:
                lookup_fail(section,ENV_PRIVATE_KEY);
                goto err;
                }
-       if (!key && !app_passwd(bio_err, passargin, NULL, &key, NULL))
+       if (!key)
                {
-               BIO_printf(bio_err,"Error getting password\n");
-               goto err;
+               free_key = 1;
+               if (!app_passwd(bio_err, passargin, NULL, &key, NULL))
+                       {
+                       BIO_printf(bio_err,"Error getting password\n");
+                       goto err;
+                       }
                }
        pkey = load_key(bio_err, keyfile, keyform, key, e, 
                "CA private key");
@@ -1577,6 +1582,8 @@ err:
 
        if (ret) ERR_print_errors(bio_err);
        app_RAND_write_file(randfile, bio_err);
+       if (free_key)
+               OPENSSL_free(key);
        BN_free(serial);
        TXT_DB_free(db);
        EVP_PKEY_free(pkey);