From 09637e3243f1c75a19b85f490afd0e000c0ac855 Mon Sep 17 00:00:00 2001
From: Arndt Kaiser <aka@mrwash.de>
Date: Sun, 10 May 2020 20:04:48 +0200
Subject: [PATCH] Don't ask for ca-password during update-db if EASYRSA_PASSIN
 is set

Now it is possible to run the command update-db without being asked for
the ca-password, if the option --passin is provided at the command line.
---
 easyrsa3/easyrsa | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/easyrsa3/easyrsa b/easyrsa3/easyrsa
index 2e5d13b..1f78395 100755
--- a/easyrsa3/easyrsa
+++ b/easyrsa3/easyrsa
@@ -1493,7 +1493,7 @@ Failed to change the private key passphrase. See above for error messages."
 update_db() {
 	verify_ca_init
 
-	easyrsa_openssl ca -utf8 -updatedb || die "\
+	easyrsa_openssl ca -utf8 -updatedb ${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} || die "\
 Failed to perform update-db: see above for related openssl errors."
 	return 0
 } # => update_db()