Fix srp app missing NULL termination with password callback

[oweals/openssl.git] / apps / req.c

diff --git a/apps/req.c b/apps/req.c
index bd18708e3a4e1ab6e3646a109874c57c4820dbd9..a749925ba045d7f610ff0532cb1a434db7934540 100644 (file)
--- a/apps/req.c
+++ b/apps/req.c
@@ -121,7 +121,7 @@ OPTIONS req_options[] = {
     {"multivalue-rdn", OPT_MULTIVALUE_RDN, '-',
      "Enable support for multivalued RDNs"},
     {"days", OPT_DAYS, 'p', "Number of days cert is valid for"},
-    {"set_serial", OPT_SET_SERIAL, 'p', "Serial number to use"},
+    {"set_serial", OPT_SET_SERIAL, 's', "Serial number to use"},
     {"extensions", OPT_EXTENSIONS, 's',
      "Cert extension section (override value in config file)"},
     {"reqexts", OPT_REQEXTS, 's',
@@ -294,6 +294,10 @@ int req_main(int argc, char **argv)
             days = atoi(opt_arg());
             break;
         case OPT_SET_SERIAL:
+            if (serial != NULL) {
+                BIO_printf(bio_err, "Serial number supplied twice\n");
+                goto opthelp;
+            }
             serial = s2i_ASN1_INTEGER(NULL, opt_arg());
             if (serial == NULL)
                 goto opthelp;
@@ -324,6 +328,9 @@ int req_main(int argc, char **argv)
     if (argc != 0)
         goto opthelp;
 
+    if (x509 && infile == NULL)
+        newreq = 1;
+
     if (!nmflag_set)
         nmflag = XN_FLAG_ONELINE;
 
@@ -815,6 +822,7 @@ int req_main(int argc, char **argv)
     X509_REQ_free(req);
     X509_free(x509ss);
     ASN1_INTEGER_free(serial);
+    release_engine(e);
     if (passin != nofree_passin)
         OPENSSL_free(passin);
     if (passout != nofree_passout)
@@ -1267,7 +1275,7 @@ static int req_check_len(int len, int n_min, int n_max)
     }
     if ((n_max >= 0) && (len > n_max)) {
         BIO_printf(bio_err,
-                   "string is too long, it needs to be less than  %d bytes long\n",
+                   "string is too long, it needs to be no more than %d bytes long\n",
                    n_max);
         return (0);
     }