I noticed when using a command like req or ca, that the following options: ... -passin file:ca.pass -passout file:ca.pass ...
would fail with something like: Error reading password from BIO Error getting passwords but that copying the contents of ca.pass to a second file like ca.pass2 and then using: ... -passin file:ca.pass -passout file:ca.pass2 ... works just fine. It gives the impression that the something's holding the -passin file open after the content's been read, and then what should be a newly opened file for -passout is instead getting tossed the old file handle and position from the exhausted -passin file, and not getting a chance to read anything. This looks like it might be another problem in apps.c:app_get_pass, the same function that's using the deprecated gets(), and the same that's been the focus of some other related bugs like "[openssl.org #643] Possible bug in -passin[out] fd:int argument form" from: http://osdir.com/ml/encryption.openssl.devel/2003-06/msg00064.html - C. Alex. North-Keys, Talisman.Org, Spatial Environments Research url "http://www.talisman.org/~erlkonig/"; voice 512.249.7121, cell 512.404.3344, pager url + "contact/" ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [EMAIL PROTECTED]
