From 57c0f378b8fdbdc55dba783e9b744b8ed2132819 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Thu, 8 Dec 2016 01:27:31 +0100 Subject: [PATCH] Make sure that password_callback exercises UI Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/2040) --- apps/apps.c | 28 +++++++++++----------------- 1 file changed, 11 insertions(+), 17 deletions(-) diff --git a/apps/apps.c b/apps/apps.c index dd6fb08c94..d911c0f978 100644 --- a/apps/apps.c +++ b/apps/apps.c @@ -252,36 +252,27 @@ int password_callback(char *buf, int bufsiz, int verify, PW_CB_DATA *cb_tmp) int res = 0; #ifndef OPENSSL_NO_UI UI *ui = NULL; - const char *prompt_info = NULL; #endif - const char *password = NULL; PW_CB_DATA *cb_data = (PW_CB_DATA *)cb_tmp; - if (cb_data) { - if (cb_data->password) - password = cb_data->password; -#ifndef OPENSSL_NO_UI - if (cb_data->prompt_info) - prompt_info = cb_data->prompt_info; -#endif - } - - if (password) { - res = strlen(password); +#ifdef OPENSSL_NO_UI + if (cb_data != NULL && cb_data->password != NULL) { + res = strlen(cb_data->password); if (res > bufsiz) res = bufsiz; - memcpy(buf, password, res); - return res; + memcpy(buf, cb_data->password, res); } - -#ifndef OPENSSL_NO_UI +#else ui = UI_new_method(ui_method); if (ui) { int ok = 0; char *buff = NULL; int ui_flags = 0; + const char *prompt_info = NULL; char *prompt; + if (cb_data != NULL && cb_data->prompt_info != NULL) + prompt_info = cb_data->prompt_info; prompt = UI_construct_prompt(ui, "pass phrase", prompt_info); if (!prompt) { BIO_printf(bio_err, "Out of memory\n"); @@ -292,6 +283,9 @@ int password_callback(char *buf, int bufsiz, int verify, PW_CB_DATA *cb_tmp) ui_flags |= UI_INPUT_FLAG_DEFAULT_PWD; UI_ctrl(ui, UI_CTRL_PRINT_ERRORS, 1, 0, 0); + /* We know that there is no previous user data to return to us */ + (void)UI_add_user_data(ui, cb_data); + if (ok >= 0) ok = UI_add_input_string(ui, prompt, ui_flags, buf, PW_MIN_LENGTH, bufsiz - 1); -- 2.25.1