I noticed when using a command like req or ca, that the following options=
:

.... -passin file:ca.pass -passout file:ca.pass ...

would fail with something like:

Error reading password from BIO
Error getting passwords

but that copying the contents of ca.pass to a second file like ca.pass2=20
and then using:

.... -passin file:ca.pass -passout file:ca.pass2 ...

works just fine. It gives the impression that the something's holding=20
the -passin file open after the content's been read, and then what=20
should be a newly opened file for -passout is instead getting tossed the=20
old file handle and position from the exhausted -passin file, and not=20
getting a chance to read anything.

This looks like it might be another problem in apps.c:app_get_pass, the=20
same function that's using the deprecated gets(), and the same that's=20
been the focus of some other related bugs like "[openssl.org #643]=20
Possible bug in -passin[out] fd:int argument form" from:

http://osdir.com/ml/encryption.opens.../msg00064.html

-
C. Alex. North-Keys, Talisman.Org, Spatial Environments Research
url "http://www.talisman.org/~erlkonig/"
voice 512.249.7121, cell 512.404.3344, pager url + "contact/"

__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majordomo@openssl.org