From: Richard Levitte Date: Thu, 8 Dec 2016 00:27:31 +0000 (+0100) Subject: Make sure that password_callback exercises UI X-Git-Tag: OpenSSL_1_1_0d~97 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=e8a93291cac9a5ebf60f83d5f3cca2b757c32327;p=oweals%2Fopenssl.git Make sure that password_callback exercises UI Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/2040) (cherry picked from commit 57c0f378b8fdbdc55dba783e9b744b8ed2132819) --- diff --git a/apps/apps.c b/apps/apps.c index cc557e565f..cbf4e90b54 100644 --- a/apps/apps.c +++ b/apps/apps.c @@ -244,36 +244,27 @@ int password_callback(char *buf, int bufsiz, int verify, PW_CB_DATA *cb_tmp) int res = 0; #ifndef OPENSSL_NO_UI UI *ui = NULL; - const char *prompt_info = NULL; #endif - const char *password = NULL; PW_CB_DATA *cb_data = (PW_CB_DATA *)cb_tmp; - if (cb_data) { - if (cb_data->password) - password = cb_data->password; -#ifndef OPENSSL_NO_UI - if (cb_data->prompt_info) - prompt_info = cb_data->prompt_info; -#endif - } - - if (password) { - res = strlen(password); +#ifdef OPENSSL_NO_UI + if (cb_data != NULL && cb_data->password != NULL) { + res = strlen(cb_data->password); if (res > bufsiz) res = bufsiz; - memcpy(buf, password, res); - return res; + memcpy(buf, cb_data->password, res); } - -#ifndef OPENSSL_NO_UI +#else ui = UI_new_method(ui_method); if (ui) { int ok = 0; char *buff = NULL; int ui_flags = 0; + const char *prompt_info = NULL; char *prompt; + if (cb_data != NULL && cb_data->prompt_info != NULL) + prompt_info = cb_data->prompt_info; prompt = UI_construct_prompt(ui, "pass phrase", prompt_info); if (!prompt) { BIO_printf(bio_err, "Out of memory\n"); @@ -284,6 +275,9 @@ int password_callback(char *buf, int bufsiz, int verify, PW_CB_DATA *cb_tmp) ui_flags |= UI_INPUT_FLAG_DEFAULT_PWD; UI_ctrl(ui, UI_CTRL_PRINT_ERRORS, 1, 0, 0); + /* We know that there is no previous user data to return to us */ + (void)UI_add_user_data(ui, cb_data); + if (ok >= 0) ok = UI_add_input_string(ui, prompt, ui_flags, buf, PW_MIN_LENGTH, bufsiz - 1);