Allow additional information to be attached to a

[openssl.git] / apps / ca.c

diff --git a/apps/ca.c b/apps/ca.c
index 8d33bc91ce168cfa4bbcd8f2b0806da5a0cf5ac4..36c314e1c1c7af36681e3cfe5c781cd9f0df433d 100644 (file)
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -266,6 +266,7 @@ int MAIN(int argc, char **argv)
 #undef BSIZE
 #define BSIZE 256
        MS_STATIC char buf[3][BSIZE];
+       char *randfile;
 
 #ifdef EFENCE
 EF_PROTECT_FREE=1;
@@ -495,12 +496,16 @@ bad:
                                BIO_free(oid_bio);
                                }
                        }
-               }
-               if(!add_oid_section(conf)) {
+               if(!add_oid_section(conf)) 
+                       {
                        ERR_print_errors(bio_err);
                        goto err;
+                       }
                }
 
+       randfile = CONF_get_string(conf, BASE_SECTION, "RANDFILE");
+       app_RAND_load_file(randfile, bio_err, 0);
+       
        in=BIO_new(BIO_s_file());
        out=BIO_new(BIO_s_file());
        Sout=BIO_new(BIO_s_file());
@@ -1236,6 +1241,7 @@ err:
        sk_pop_free(cert_sk,X509_free);
 
        if (ret) ERR_print_errors(bio_err);
+       app_RAND_write_file(randfile, bio_err);
        BN_free(serial);
        TXT_DB_free(db);
        EVP_PKEY_free(pkey);
@@ -1685,8 +1691,7 @@ again2:
 
                        if (push != NULL)
                                {
-                               if (!X509_NAME_add_entry(subject,push,
-                                       X509_NAME_entry_count(subject),0))
+                               if (!X509_NAME_add_entry(subject,push, -1, 0))
                                        {
                                        if (push != NULL)
                                                X509_NAME_ENTRY_free(push);
@@ -2047,8 +2052,7 @@ static int certify_spkac(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509,
                        strlen(buf))) == NULL)
                        goto err;
 
-               if (!X509_NAME_add_entry(n,ne,X509_NAME_entry_count(n),0))
-                       goto err;
+               if (!X509_NAME_add_entry(n,ne,-1, 0)) goto err;
                }
        if (spki == NULL)
                {