#include "apps.h"
#include <openssl/bio.h>
#include <openssl/evp.h>
-#include <openssl/rand.h>
#include <openssl/conf.h>
#include <openssl/err.h>
#include <openssl/asn1.h>
MS_STATIC char config_name[256];
#endif
+ req_conf = NULL;
#ifndef NO_DES
cipher=EVP_des_ede3_cbc();
#endif
/* ok */
digest=md_alg;
}
+ else if (strcmp(*argv,"-extensions") == 0)
+ {
+ if (--argc < 1) goto bad;
+ extensions = *(++argv);
+ }
+ else if (strcmp(*argv,"-reqexts") == 0)
+ {
+ if (--argc < 1) goto bad;
+ req_exts = *(++argv);
+ }
else
-
{
BIO_printf(bio_err,"unknown option %s\n",*argv);
badops=1;
BIO_printf(bio_err," -asn1-kludge Output the 'request' in a format that is wrong but some CA's\n");
BIO_printf(bio_err," have been reported as requiring\n");
BIO_printf(bio_err," [ It is now always turned on but can be turned off with -no-asn1-kludge ]\n");
+ BIO_printf(bio_err," -extensions .. specify certificate extension section (override value in config file)\n");
+ BIO_printf(bio_err," -reqexts .. specify request extension section (override value in config file)\n");
goto end;
}
digest=md_alg;
}
- extensions = CONF_get_string(req_conf, SECTION, V3_EXTENSIONS);
+ if(!extensions)
+ extensions = CONF_get_string(req_conf, SECTION, V3_EXTENSIONS);
if(extensions) {
/* Check syntax of file */
X509V3_CTX ctx;
}
}
- req_exts = CONF_get_string(req_conf, SECTION, REQ_EXTENSIONS);
+ if(!req_exts)
+ req_exts = CONF_get_string(req_conf, SECTION, REQ_EXTENSIONS);
if(req_exts) {
/* Check syntax of file */
X509V3_CTX ctx;
if (newreq && (pkey == NULL))
{
- char *randfile;
- char buffer[200];
-
- if ((randfile=CONF_get_string(req_conf,SECTION,"RANDFILE")) == NULL)
- randfile=RAND_file_name(buffer,200);
-#ifdef WINDOWS
- BIO_printf(bio_err,"Loading 'screen' into random state -");
- BIO_flush(bio_err);
- RAND_screen();
- BIO_printf(bio_err," done\n");
-#endif
- if ((randfile == NULL) || !RAND_load_file(randfile,1024L*1024L))
- {
- BIO_printf(bio_err,"unable to load 'random state'\n");
- BIO_printf(bio_err,"What this means is that the random number generator has not been seeded\n");
- BIO_printf(bio_err,"with much random data.\n");
- BIO_printf(bio_err,"Consider setting the RANDFILE environment variable to point at a file that\n");
- BIO_printf(bio_err,"'random' data can be kept in.\n");
- }
+ char *randfile = CONF_get_string(req_conf,SECTION,"RANDFILE");
+ app_RAND_load_file(randfile, bio_err, 0);
+
if (newkey <= 0)
{
newkey=(int)CONF_get_number(req_conf,SECTION,BITS);
}
#endif
- if ((randfile == NULL) || (RAND_write_file(randfile) == 0))
- BIO_printf(bio_err,"unable to write 'random state'\n");
+ app_RAND_write_file(randfile, bio_err);
if (pkey == NULL) goto end;