From: Bodo Möller Date: Mon, 11 Jun 2001 09:54:28 +0000 (+0000) Subject: Earlier OpenSSL versions printed prompts to stderr. X-Git-Tag: OpenSSL_0_9_6c~182^2~116 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=200bc9e3e8a82fcae405465b8502f76e1099cc76;p=oweals%2Fopenssl.git Earlier OpenSSL versions printed prompts to stderr. In the new crypto/ui/, this was changed into tty (which is usually /dev/tty), i.e. the FILE * used for reading passwords from the user. However stdio buffering for read/write streams is not without pitfalls (passwords would be echoed on some systems). To avoid problems, split tty into tty_in and tty_out (which are opened separately). --- diff --git a/crypto/ui/ui_openssl.c b/crypto/ui/ui_openssl.c index abf223b5d1..63dc3713e4 100644 --- a/crypto/ui/ui_openssl.c +++ b/crypto/ui/ui_openssl.c @@ -1,6 +1,6 @@ /* crypto/ui/ui_openssl.c -*- mode:C; c-file-style: "eay" -*- */ -/* Written by Richard Levitte (levitte@stacken.kth.se) for the OpenSSL - * project 2000. +/* Written by Richard Levitte (levitte@stacken.kth.se) and others + * for the OpenSSL project 2000/2001. */ /* ==================================================================== * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. @@ -261,7 +261,7 @@ static jmp_buf save; #ifdef OPENSSL_SYS_VMS static struct IOSB iosb; static $DESCRIPTOR(terminal,"TT"); -static long tty_orig[3], tty_new[3]; +static long tty_orig[3], tty_new[3]; /* XXX Is there any guarantee that this will always suffice for the actual structures? */ static long status; static unsigned short channel = 0; #else @@ -269,7 +269,7 @@ static unsigned short channel = 0; static TTY_STRUCT tty_orig,tty_new; #endif #endif -static FILE *tty; +static FILE *tty_in, *tty_out; static int is_a_tty; /* Declare static functions */ @@ -309,44 +309,44 @@ static int read_string(UI *ui, UI_STRING *uis) switch (UI_get_string_type(uis)) { case UI_VERIFY_NOECHO: - fprintf(tty,"Verifying - %s", + fprintf(tty_out,"Verifying - %s", UI_get0_output_string(uis)); - fflush(tty); + fflush(tty_out); if (read_string_inner(ui, uis, 0) == 0) return 0; if (strcmp(UI_get0_result_string(uis), UI_get0_test_string(uis)) != 0) { - fprintf(tty,"Verify failure\n"); - fflush(tty); + fprintf(tty_out,"Verify failure\n"); + fflush(tty_out); return 0; } break; case UI_VERIFY_ECHO: - fprintf(tty,"Verifying - %s", + fprintf(tty_out,"Verifying - %s", UI_get0_output_string(uis)); - fflush(tty); + fflush(tty_out); if (read_string_inner(ui, uis, 1) == 0) return 0; if (strcmp(UI_get0_result_string(uis), UI_get0_test_string(uis)) != 0) { - fprintf(tty,"Verify failure\n"); - fflush(tty); + fprintf(tty_out,"Verify failure\n"); + fflush(tty_out); return 0; } break; case UI_STRING_NOECHO: - fputs(UI_get0_output_string(uis), tty); - fflush(tty); + fputs(UI_get0_output_string(uis), tty_out); + fflush(tty_out); return read_string_inner(ui, uis, 0); case UI_STRING_ECHO: - fputs(UI_get0_output_string(uis), tty); - fflush(tty); + fputs(UI_get0_output_string(uis), tty_out); + fflush(tty_out); return read_string_inner(ui, uis, 1); default: - fputs(UI_get0_output_string(uis), tty); - fflush(tty); + fputs(UI_get0_output_string(uis), tty_out); + fflush(tty_out); break; } return 1; @@ -393,21 +393,24 @@ static int read_string_inner(UI *ui, UI_STRING *uis, int echo) result[0]='\0'; #ifdef OPENSSL_SYS_MSDOS if (!echo) - noecho_fgets(result,maxsize,tty); + noecho_fgets(result,maxsize,tty_in); else + fgets(result,maxsize,tty_in); +#else + fgets(result,maxsize,tty_in); #endif - fgets(result,maxsize,tty); - if (feof(tty)) goto error; - if (ferror(tty)) goto error; + if (feof(tty_in)) goto error; + if (ferror(tty_in)) goto error; if ((p=(char *)strchr(result,'\n')) != NULL) *p='\0'; - else read_till_nl(tty); + else + read_till_nl(tty_in); if (UI_set_result(uis, result) >= 0) ok=1; } error: - if (!echo) fprintf(tty,"\n"); + if (!echo) fprintf(tty_out,"\n"); if (ps >= 2 && !echo) echo_console(ui); @@ -429,21 +432,18 @@ static int open_console(UI *ui) CRYPTO_w_lock(CRYPTO_LOCK_UI); is_a_tty = 1; -#ifdef OPENSSL_SYS_MSDOS - /* For some bizarre reason this call to fopen() on Windows - * fails if the mode is "w+" or "r+", whereas "w" works fine. - */ - if ((tty=fopen("con","w")) == NULL) - tty=stdin; -#elif defined(OPENSSL_SYS_MACINTOSH_CLASSIC) - tty=stdin; +#if defined(OPENSSL_SYS_MACINTOSH_CLASSIC) + tty_in=stdin; + tty_out=stderr; #else - if ((tty=fopen("/dev/tty","w+")) == NULL) - tty=stdin; + if ((tty_in=fopen("/dev/tty","r")) == NULL) + tty_in=stdin; + if ((tty_out=fopen("/dev/tty","w")) == NULL) + tty_out=stderr; #endif #if defined(TTY_get) && !defined(VMS) - if (TTY_get(fileno(tty),&tty_orig) == -1) + if (TTY_get(fileno(tty_in),&tty_orig) == -1) { #ifdef ENOTTY if (errno == ENOTTY) @@ -479,7 +479,7 @@ static int noecho_console(UI *ui) #endif #if defined(TTY_set) && !defined(OPENSSL_SYS_VMS) - if (is_a_tty && (TTY_set(fileno(tty),&tty_new) == -1)) + if (is_a_tty && (TTY_set(fileno(tty_in),&tty_new) == -1)) return 0; #endif #ifdef OPENSSL_SYS_VMS @@ -501,7 +501,7 @@ static int echo_console(UI *ui) #endif #if defined(TTY_set) && !defined(OPENSSL_SYS_VMS) - if (is_a_tty && (TTY_set(fileno(tty),&tty_new) == -1)) + if (is_a_tty && (TTY_set(fileno(tty_in),&tty_new) == -1)) return 0; #endif #ifdef OPENSSL_SYS_VMS @@ -517,7 +517,8 @@ static int echo_console(UI *ui) static int close_console(UI *ui) { - if (stdin != tty) fclose(tty); + if (tty_in != stderr) fclose(tty_in); + if (tty_out != stderr) fclose(tty_out); #ifdef OPENSSL_SYS_VMS status = sys$dassgn(channel); #endif