On Mon, Nov 22, 2004, Thomas Wu wrote:
> This patch allows the "pkcs12" utility to handle empty-password PKCS#12
> files created by MS even when the "-passin" option is used. Previously,
> such files could only be imported by leaving out "-passin" and hitting
> return at the import password prompt, which was insufficient for
> scripted or unattended operation.
Content-Description: pkcs12patch.txt
> *** openssl-0.9.7e-orig/apps/pkcs12.c 2003-12-27 14:40:56.000000000 +0000
> --- openssl-0.9.7e/apps/pkcs12.c 2004-11-23 00:21:50.000000000 +0000
> ***************
> *** 667,671 ****
> #endif
> /* If we enter empty password try no password first */
> ! if(!macpass[0] && PKCS12_verify_mac(p12, NULL, 0)) {
> /* If mac and crypto pass the same set it to NULL too */
> if(!twopass) cpass = NULL;
> --- 667,673 ----
> #endif
> /* If we enter empty password try no password first */
> ! if(mpass && !mpass[0] && PKCS12_verify_mac(p12, NULL, 0)) {
> ! if(!twopass) cpass = NULL;
> ! } else if(!macpass[0] && PKCS12_verify_mac(p12, NULL, 0)) {
> /* If mac and crypto pass the same set it to NULL too */
> if(!twopass) cpass = NULL;
Actually it's simpler than that. The 'macpass[0]' above is a typo and should
read mpass[0].
Fix applied thanks for the report.
Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
Funding needed! Details on homepage.
Homepage: http://www.drh-consultancy.demon.co.uk
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
