mirror of https://github.com/openssl/openssl.git
Fix "no-ui" configuration
Reviewed-by: Matt Caswell <matt@openssl.org>
This commit is contained in:
Richard Levitte
parent
4de9913b8c
commit
923b1857de
10
apps/apps.c
10
apps/apps.c
|
|
@ -266,6 +266,7 @@ int dump_cert_text(BIO *out, X509 *x)
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#ifndef OPENSSL_NO_UI
|
||||||
static int ui_open(UI *ui)
|
static int ui_open(UI *ui)
|
||||||
{
|
{
|
||||||
return UI_method_get_opener(UI_OpenSSL())(ui);
|
return UI_method_get_opener(UI_OpenSSL())(ui);
|
||||||
|
|
@ -335,20 +336,25 @@ void destroy_ui_method(void)
|
||||||
ui_method = NULL;
|
ui_method = NULL;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
int password_callback(char *buf, int bufsiz, int verify, PW_CB_DATA *cb_tmp)
|
int password_callback(char *buf, int bufsiz, int verify, PW_CB_DATA *cb_tmp)
|
||||||
{
|
{
|
||||||
UI *ui = NULL;
|
|
||||||
int res = 0;
|
int res = 0;
|
||||||
|
#ifndef OPENSSL_NO_UI
|
||||||
|
UI *ui = NULL;
|
||||||
const char *prompt_info = NULL;
|
const char *prompt_info = NULL;
|
||||||
|
#endif
|
||||||
const char *password = NULL;
|
const char *password = NULL;
|
||||||
PW_CB_DATA *cb_data = (PW_CB_DATA *)cb_tmp;
|
PW_CB_DATA *cb_data = (PW_CB_DATA *)cb_tmp;
|
||||||
|
|
||||||
if (cb_data) {
|
if (cb_data) {
|
||||||
if (cb_data->password)
|
if (cb_data->password)
|
||||||
password = cb_data->password;
|
password = cb_data->password;
|
||||||
|
#ifndef OPENSSL_NO_UI
|
||||||
if (cb_data->prompt_info)
|
if (cb_data->prompt_info)
|
||||||
prompt_info = cb_data->prompt_info;
|
prompt_info = cb_data->prompt_info;
|
||||||
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
if (password) {
|
if (password) {
|
||||||
|
|
@ -359,6 +365,7 @@ int password_callback(char *buf, int bufsiz, int verify, PW_CB_DATA *cb_tmp)
|
||||||
return res;
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#ifndef OPENSSL_NO_UI
|
||||||
ui = UI_new_method(ui_method);
|
ui = UI_new_method(ui_method);
|
||||||
if (ui) {
|
if (ui) {
|
||||||
int ok = 0;
|
int ok = 0;
|
||||||
|
|
@ -408,6 +415,7 @@ int password_callback(char *buf, int bufsiz, int verify, PW_CB_DATA *cb_tmp)
|
||||||
UI_free(ui);
|
UI_free(ui);
|
||||||
OPENSSL_free(prompt);
|
OPENSSL_free(prompt);
|
||||||
}
|
}
|
||||||
|
#endif
|
||||||
return res;
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
39
apps/enc.c
39
apps/enc.c
|
|
@ -347,26 +347,33 @@ int enc_main(int argc, char **argv)
|
||||||
}
|
}
|
||||||
|
|
||||||
if ((str == NULL) && (cipher != NULL) && (hkey == NULL)) {
|
if ((str == NULL) && (cipher != NULL) && (hkey == NULL)) {
|
||||||
for (;;) {
|
if (1) {
|
||||||
char prompt[200];
|
#ifndef OPENSSL_NO_UI
|
||||||
|
for (;;) {
|
||||||
|
char prompt[200];
|
||||||
|
|
||||||
BIO_snprintf(prompt, sizeof prompt, "enter %s %s password:",
|
BIO_snprintf(prompt, sizeof prompt, "enter %s %s password:",
|
||||||
OBJ_nid2ln(EVP_CIPHER_nid(cipher)),
|
OBJ_nid2ln(EVP_CIPHER_nid(cipher)),
|
||||||
(enc) ? "encryption" : "decryption");
|
(enc) ? "encryption" : "decryption");
|
||||||
strbuf[0] = '\0';
|
strbuf[0] = '\0';
|
||||||
i = EVP_read_pw_string((char *)strbuf, SIZE, prompt, enc);
|
i = EVP_read_pw_string((char *)strbuf, SIZE, prompt, enc);
|
||||||
if (i == 0) {
|
if (i == 0) {
|
||||||
if (strbuf[0] == '\0') {
|
if (strbuf[0] == '\0') {
|
||||||
ret = 1;
|
ret = 1;
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
str = strbuf;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
if (i < 0) {
|
||||||
|
BIO_printf(bio_err, "bad password read\n");
|
||||||
goto end;
|
goto end;
|
||||||
}
|
}
|
||||||
str = strbuf;
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
if (i < 0) {
|
|
||||||
BIO_printf(bio_err, "bad password read\n");
|
|
||||||
goto end;
|
|
||||||
}
|
}
|
||||||
|
} else {
|
||||||
|
#endif
|
||||||
|
BIO_printf(bio_err, "password required\n");
|
||||||
|
goto end;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -176,14 +176,18 @@ static int apps_startup()
|
||||||
| OPENSSL_INIT_LOAD_CONFIG, NULL))
|
| OPENSSL_INIT_LOAD_CONFIG, NULL))
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
|
#ifndef OPENSSL_NO_UI
|
||||||
setup_ui_method();
|
setup_ui_method();
|
||||||
|
#endif
|
||||||
|
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
static void apps_shutdown()
|
static void apps_shutdown()
|
||||||
{
|
{
|
||||||
|
#ifndef OPENSSL_NO_UI
|
||||||
destroy_ui_method();
|
destroy_ui_method();
|
||||||
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
static char *make_config_name()
|
static char *make_config_name()
|
||||||
|
|
|
||||||
|
|
@ -118,7 +118,10 @@ int passwd_main(int argc, char **argv)
|
||||||
char *infile = NULL, *salt = NULL, *passwd = NULL, **passwds = NULL;
|
char *infile = NULL, *salt = NULL, *passwd = NULL, **passwds = NULL;
|
||||||
char *salt_malloc = NULL, *passwd_malloc = NULL, *prog;
|
char *salt_malloc = NULL, *passwd_malloc = NULL, *prog;
|
||||||
OPTION_CHOICE o;
|
OPTION_CHOICE o;
|
||||||
int in_stdin = 0, in_noverify = 0, pw_source_defined = 0;
|
int in_stdin = 0, pw_source_defined = 0;
|
||||||
|
#ifndef OPENSSL_NO_UI
|
||||||
|
int in_noverify = 0;
|
||||||
|
#endif
|
||||||
int passed_salt = 0, quiet = 0, table = 0, reverse = 0;
|
int passed_salt = 0, quiet = 0, table = 0, reverse = 0;
|
||||||
int ret = 1, usecrypt = 0, use1 = 0, useapr1 = 0;
|
int ret = 1, usecrypt = 0, use1 = 0, useapr1 = 0;
|
||||||
size_t passwd_malloc_size = 0, pw_maxlen = 256;
|
size_t passwd_malloc_size = 0, pw_maxlen = 256;
|
||||||
|
|
@ -142,7 +145,9 @@ int passwd_main(int argc, char **argv)
|
||||||
pw_source_defined = 1;
|
pw_source_defined = 1;
|
||||||
break;
|
break;
|
||||||
case OPT_NOVERIFY:
|
case OPT_NOVERIFY:
|
||||||
|
#ifndef OPENSSL_NO_UI
|
||||||
in_noverify = 1;
|
in_noverify = 1;
|
||||||
|
#endif
|
||||||
break;
|
break;
|
||||||
case OPT_QUIET:
|
case OPT_QUIET:
|
||||||
quiet = 1;
|
quiet = 1;
|
||||||
|
|
@ -232,18 +237,26 @@ int passwd_main(int argc, char **argv)
|
||||||
}
|
}
|
||||||
|
|
||||||
if ((in == NULL) && (passwds == NULL)) {
|
if ((in == NULL) && (passwds == NULL)) {
|
||||||
/* build a null-terminated list */
|
if (1) {
|
||||||
static char *passwds_static[2] = { NULL, NULL };
|
#ifndef OPENSSL_NO_UI
|
||||||
|
/* build a null-terminated list */
|
||||||
|
static char *passwds_static[2] = { NULL, NULL };
|
||||||
|
|
||||||
passwds = passwds_static;
|
passwds = passwds_static;
|
||||||
if (in == NULL)
|
if (in == NULL)
|
||||||
if (EVP_read_pw_string
|
if (EVP_read_pw_string
|
||||||
(passwd_malloc, passwd_malloc_size, "Password: ",
|
(passwd_malloc, passwd_malloc_size, "Password: ",
|
||||||
!(passed_salt || in_noverify)) != 0)
|
!(passed_salt || in_noverify)) != 0)
|
||||||
goto end;
|
goto end;
|
||||||
passwds[0] = passwd_malloc;
|
passwds[0] = passwd_malloc;
|
||||||
|
} else {
|
||||||
|
#endif
|
||||||
|
BIO_printf(bio_err, "password required\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
if (in == NULL) {
|
if (in == NULL) {
|
||||||
assert(passwds != NULL);
|
assert(passwds != NULL);
|
||||||
assert(*passwds != NULL);
|
assert(*passwds != NULL);
|
||||||
|
|
|
||||||
|
|
@ -176,7 +176,8 @@ int pkcs12_main(int argc, char **argv)
|
||||||
int cert_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
|
int cert_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
|
||||||
# endif
|
# endif
|
||||||
int key_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
|
int key_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
|
||||||
int ret = 1, macver = 1, noprompt = 0, add_lmk = 0, private = 0;
|
int ret = 1, macver = 1, add_lmk = 0, private = 0;
|
||||||
|
int noprompt = 0;
|
||||||
char *passinarg = NULL, *passoutarg = NULL, *passarg = NULL;
|
char *passinarg = NULL, *passoutarg = NULL, *passarg = NULL;
|
||||||
char *passin = NULL, *passout = NULL, *inrand = NULL, *macalg = NULL;
|
char *passin = NULL, *passout = NULL, *inrand = NULL, *macalg = NULL;
|
||||||
char *cpass = NULL, *mpass = NULL, *CApath = NULL, *CAfile = NULL;
|
char *cpass = NULL, *mpass = NULL, *CApath = NULL, *CAfile = NULL;
|
||||||
|
|
@ -367,9 +368,16 @@ int pkcs12_main(int argc, char **argv)
|
||||||
}
|
}
|
||||||
|
|
||||||
if (twopass) {
|
if (twopass) {
|
||||||
if (EVP_read_pw_string
|
if (1) {
|
||||||
(macpass, sizeof macpass, "Enter MAC Password:", export_cert)) {
|
#ifndef OPENSSL_NO_UI
|
||||||
BIO_printf(bio_err, "Can't read Password\n");
|
if (EVP_read_pw_string
|
||||||
|
(macpass, sizeof macpass, "Enter MAC Password:", export_cert)) {
|
||||||
|
BIO_printf(bio_err, "Can't read Password\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
#endif
|
||||||
|
BIO_printf(bio_err, "Unsupported option -twopass\n");
|
||||||
goto end;
|
goto end;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -477,12 +485,21 @@ int pkcs12_main(int argc, char **argv)
|
||||||
if (add_lmk && key)
|
if (add_lmk && key)
|
||||||
EVP_PKEY_add1_attr_by_NID(key, NID_LocalKeySet, 0, NULL, -1);
|
EVP_PKEY_add1_attr_by_NID(key, NID_LocalKeySet, 0, NULL, -1);
|
||||||
|
|
||||||
if (!noprompt &&
|
if (!noprompt) {
|
||||||
EVP_read_pw_string(pass, sizeof pass, "Enter Export Password:",
|
if (1) {
|
||||||
1)) {
|
#ifndef OPENSSL_NO_UI
|
||||||
BIO_printf(bio_err, "Can't read Password\n");
|
if (EVP_read_pw_string(pass, sizeof pass, "Enter Export Password:",
|
||||||
goto export_end;
|
1)) {
|
||||||
|
BIO_printf(bio_err, "Can't read Password\n");
|
||||||
|
goto export_end;
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
#endif
|
||||||
|
BIO_printf(bio_err, "Password required\n");
|
||||||
|
goto export_end;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!twopass)
|
if (!twopass)
|
||||||
OPENSSL_strlcpy(macpass, pass, sizeof macpass);
|
OPENSSL_strlcpy(macpass, pass, sizeof macpass);
|
||||||
|
|
||||||
|
|
@ -534,11 +551,19 @@ int pkcs12_main(int argc, char **argv)
|
||||||
goto end;
|
goto end;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!noprompt
|
if (!noprompt) {
|
||||||
&& EVP_read_pw_string(pass, sizeof pass, "Enter Import Password:",
|
if (1) {
|
||||||
0)) {
|
#ifndef OPENSSL_NO_UI
|
||||||
BIO_printf(bio_err, "Can't read Password\n");
|
if (EVP_read_pw_string(pass, sizeof pass, "Enter Import Password:",
|
||||||
goto end;
|
0)) {
|
||||||
|
BIO_printf(bio_err, "Can't read Password\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
#endif
|
||||||
|
BIO_printf(bio_err, "Password required\n");
|
||||||
|
goto end;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!twopass)
|
if (!twopass)
|
||||||
|
|
|
||||||
19
apps/pkcs8.c
19
apps/pkcs8.c
|
|
@ -111,7 +111,10 @@ int pkcs8_main(int argc, char **argv)
|
||||||
const EVP_CIPHER *cipher = NULL;
|
const EVP_CIPHER *cipher = NULL;
|
||||||
char *infile = NULL, *outfile = NULL;
|
char *infile = NULL, *outfile = NULL;
|
||||||
char *passinarg = NULL, *passoutarg = NULL, *prog;
|
char *passinarg = NULL, *passoutarg = NULL, *prog;
|
||||||
char pass[50], *passin = NULL, *passout = NULL, *p8pass = NULL;
|
#ifndef OPENSSL_NO_UI
|
||||||
|
char pass[50];
|
||||||
|
#endif
|
||||||
|
char *passin = NULL, *passout = NULL, *p8pass = NULL;
|
||||||
OPTION_CHOICE o;
|
OPTION_CHOICE o;
|
||||||
int nocrypt = 0, ret = 1, iter = PKCS12_DEFAULT_ITER;
|
int nocrypt = 0, ret = 1, iter = PKCS12_DEFAULT_ITER;
|
||||||
int informat = FORMAT_PEM, outformat = FORMAT_PEM, topk8 = 0, pbe_nid = -1;
|
int informat = FORMAT_PEM, outformat = FORMAT_PEM, topk8 = 0, pbe_nid = -1;
|
||||||
|
|
@ -272,13 +275,18 @@ int pkcs8_main(int argc, char **argv)
|
||||||
}
|
}
|
||||||
if (passout)
|
if (passout)
|
||||||
p8pass = passout;
|
p8pass = passout;
|
||||||
else {
|
else if (1) {
|
||||||
|
#ifndef OPENSSL_NO_UI
|
||||||
p8pass = pass;
|
p8pass = pass;
|
||||||
if (EVP_read_pw_string
|
if (EVP_read_pw_string
|
||||||
(pass, sizeof pass, "Enter Encryption Password:", 1)) {
|
(pass, sizeof pass, "Enter Encryption Password:", 1)) {
|
||||||
X509_ALGOR_free(pbe);
|
X509_ALGOR_free(pbe);
|
||||||
goto end;
|
goto end;
|
||||||
}
|
}
|
||||||
|
} else {
|
||||||
|
#endif
|
||||||
|
BIO_printf(bio_err, "Password required\n");
|
||||||
|
goto end;
|
||||||
}
|
}
|
||||||
app_RAND_load_file(NULL, 0);
|
app_RAND_load_file(NULL, 0);
|
||||||
p8 = PKCS8_set0_pbe(p8pass, strlen(p8pass), p8inf, pbe);
|
p8 = PKCS8_set0_pbe(p8pass, strlen(p8pass), p8inf, pbe);
|
||||||
|
|
@ -330,9 +338,14 @@ int pkcs8_main(int argc, char **argv)
|
||||||
}
|
}
|
||||||
if (passin)
|
if (passin)
|
||||||
p8pass = passin;
|
p8pass = passin;
|
||||||
else {
|
else if (1) {
|
||||||
|
#ifndef OPENSSL_NO_UI
|
||||||
p8pass = pass;
|
p8pass = pass;
|
||||||
EVP_read_pw_string(pass, sizeof pass, "Enter Password:", 0);
|
EVP_read_pw_string(pass, sizeof pass, "Enter Password:", 0);
|
||||||
|
} else {
|
||||||
|
#endif
|
||||||
|
BIO_printf(bio_err, "Password required\n");
|
||||||
|
goto end;
|
||||||
}
|
}
|
||||||
p8inf = PKCS8_decrypt(p8, p8pass, strlen(p8pass));
|
p8inf = PKCS8_decrypt(p8, p8pass, strlen(p8pass));
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -133,7 +133,9 @@ void err_load_crypto_strings_intern(void)
|
||||||
ERR_load_ENGINE_strings();
|
ERR_load_ENGINE_strings();
|
||||||
# endif
|
# endif
|
||||||
ERR_load_OCSP_strings();
|
ERR_load_OCSP_strings();
|
||||||
|
#ifndef OPENSSL_NO_UI
|
||||||
ERR_load_UI_strings();
|
ERR_load_UI_strings();
|
||||||
|
#endif
|
||||||
# ifdef OPENSSL_FIPS
|
# ifdef OPENSSL_FIPS
|
||||||
ERR_load_FIPS_strings();
|
ERR_load_FIPS_strings();
|
||||||
# endif
|
# endif
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue