summaryrefslogtreecommitdiffstats
path: root/apps
diff options
context:
space:
mode:
authorRichard Levitte <levitte@openssl.org>2017-07-01 12:14:37 +0200
committerRichard Levitte <levitte@openssl.org>2017-07-03 07:51:04 +0200
commit48feaceb53fa6ae924e298b8eba0e247019313e4 (patch)
tree535524c1e9e1f24c7e0341e7721416c8e5d175eb /apps
parentMake sure OSSL_STORE_load() isn't caught in an endless loop (diff)
downloadopenssl-48feaceb53fa6ae924e298b8eba0e247019313e4.tar.xz
openssl-48feaceb53fa6ae924e298b8eba0e247019313e4.zip
Remove the possibility to disable the UI module entirely
Instead, make it possible to disable the console reader that's part of the UI module. This makes it possible to use the UI API and other UI methods in environments where the console reader isn't useful. To disable the console reader, configure with 'no-ui-console' / 'disable-ui-console'. 'no-ui' / 'disable-ui' is now an alias for 'no-ui-console' / 'disable-ui-console'. Fixes #3806 Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3820)
Diffstat (limited to 'apps')
-rw-r--r--apps/apps.c48
-rw-r--r--apps/enc.c2
-rw-r--r--apps/openssl.c4
-rw-r--r--apps/passwd.c6
-rw-r--r--apps/pkcs12.c6
-rw-r--r--apps/pkcs8.c6
6 files changed, 39 insertions, 33 deletions
diff --git a/apps/apps.c b/apps/apps.c
index a89d4eb5e6..8b1aab4c4d 100644
--- a/apps/apps.c
+++ b/apps/apps.c
@@ -56,9 +56,8 @@ typedef struct {
unsigned long mask;
} NAME_EX_TBL;
-#if !defined(OPENSSL_NO_UI) || !defined(OPENSSL_NO_ENGINE)
static UI_METHOD *ui_method = NULL;
-#endif
+static const UI_METHOD *ui_fallback_method = NULL;
static int set_table_opts(unsigned long *flags, const char *arg,
const NAME_EX_TBL * in_tbl);
@@ -176,14 +175,19 @@ int dump_cert_text(BIO *out, X509 *x)
return 0;
}
-#ifndef OPENSSL_NO_UI
static int ui_open(UI *ui)
{
- return UI_method_get_opener(UI_OpenSSL())(ui);
+ int (*opener)(UI *ui) = UI_method_get_opener(ui_fallback_method);
+
+ if (opener)
+ return opener(ui);
+ return 1;
}
static int ui_read(UI *ui, UI_STRING *uis)
{
+ int (*reader)(UI *ui, UI_STRING *uis) = NULL;
+
if (UI_get_input_flags(uis) & UI_INPUT_FLAG_DEFAULT_PWD
&& UI_get0_user_data(ui)) {
switch (UI_get_string_type(uis)) {
@@ -205,11 +209,17 @@ static int ui_read(UI *ui, UI_STRING *uis)
break;
}
}
- return UI_method_get_reader(UI_OpenSSL())(ui, uis);
+
+ reader = UI_method_get_reader(ui_fallback_method);
+ if (reader)
+ return reader(ui, uis);
+ return 1;
}
static int ui_write(UI *ui, UI_STRING *uis)
{
+ int (*writer)(UI *ui, UI_STRING *uis) = NULL;
+
if (UI_get_input_flags(uis) & UI_INPUT_FLAG_DEFAULT_PWD
&& UI_get0_user_data(ui)) {
switch (UI_get_string_type(uis)) {
@@ -229,16 +239,28 @@ static int ui_write(UI *ui, UI_STRING *uis)
break;
}
}
- return UI_method_get_writer(UI_OpenSSL())(ui, uis);
+
+ writer = UI_method_get_reader(ui_fallback_method);
+ if (writer)
+ return writer(ui, uis);
+ return 1;
}
static int ui_close(UI *ui)
{
- return UI_method_get_closer(UI_OpenSSL())(ui);
+ int (*closer)(UI *ui) = UI_method_get_closer(ui_fallback_method);
+
+ if (closer)
+ return closer(ui);
+ return 1;
}
int setup_ui_method(void)
{
+ ui_fallback_method = UI_null();
+#ifndef OPENSSL_NO_UI_CONSOLE
+ ui_fallback_method = UI_OpenSSL();
+#endif
ui_method = UI_create_method("OpenSSL application user interface");
UI_method_set_opener(ui_method, ui_open);
UI_method_set_reader(ui_method, ui_read);
@@ -259,24 +281,13 @@ const UI_METHOD *get_ui_method(void)
{
return ui_method;
}
-#endif
int password_callback(char *buf, int bufsiz, int verify, PW_CB_DATA *cb_tmp)
{
int res = 0;
-#ifndef OPENSSL_NO_UI
UI *ui = NULL;
-#endif
PW_CB_DATA *cb_data = (PW_CB_DATA *)cb_tmp;
-#ifdef OPENSSL_NO_UI
- if (cb_data != NULL && cb_data->password != NULL) {
- res = strlen(cb_data->password);
- if (res > bufsiz)
- res = bufsiz;
- memcpy(buf, cb_data->password, res);
- }
-#else
ui = UI_new_method(ui_method);
if (ui) {
int ok = 0;
@@ -331,7 +342,6 @@ int password_callback(char *buf, int bufsiz, int verify, PW_CB_DATA *cb_tmp)
UI_free(ui);
OPENSSL_free(prompt);
}
-#endif
return res;
}
diff --git a/apps/enc.c b/apps/enc.c
index 49568eaa50..d2000752f8 100644
--- a/apps/enc.c
+++ b/apps/enc.c
@@ -308,7 +308,7 @@ int enc_main(int argc, char **argv)
if ((str == NULL) && (cipher != NULL) && (hkey == NULL)) {
if (1) {
-#ifndef OPENSSL_NO_UI
+#ifndef OPENSSL_NO_UI_CONSOLE
for (;;) {
char prompt[200];
diff --git a/apps/openssl.c b/apps/openssl.c
index 2a140718ab..e23c390a4c 100644
--- a/apps/openssl.c
+++ b/apps/openssl.c
@@ -70,18 +70,14 @@ static int apps_startup()
| OPENSSL_INIT_LOAD_CONFIG, NULL))
return 0;
-#ifndef OPENSSL_NO_UI
setup_ui_method();
-#endif
return 1;
}
static void apps_shutdown()
{
-#ifndef OPENSSL_NO_UI
destroy_ui_method();
-#endif
}
static char *make_config_name()
diff --git a/apps/passwd.c b/apps/passwd.c
index c87369760c..7ce40e058c 100644
--- a/apps/passwd.c
+++ b/apps/passwd.c
@@ -100,7 +100,7 @@ int passwd_main(int argc, char **argv)
char *salt_malloc = NULL, *passwd_malloc = NULL, *prog;
OPTION_CHOICE o;
int in_stdin = 0, pw_source_defined = 0;
-# ifndef OPENSSL_NO_UI
+# ifndef OPENSSL_NO_UI_CONSOLE
int in_noverify = 0;
# endif
int passed_salt = 0, quiet = 0, table = 0, reverse = 0;
@@ -129,7 +129,7 @@ int passwd_main(int argc, char **argv)
pw_source_defined = 1;
break;
case OPT_NOVERIFY:
-# ifndef OPENSSL_NO_UI
+# ifndef OPENSSL_NO_UI_CONSOLE
in_noverify = 1;
# endif
break;
@@ -246,7 +246,7 @@ int passwd_main(int argc, char **argv)
* avoid rot of not-frequently-used code.
*/
if (1) {
-# ifndef OPENSSL_NO_UI
+# ifndef OPENSSL_NO_UI_CONSOLE
/* build a null-terminated list */
static char *passwds_static[2] = { NULL, NULL };
diff --git a/apps/pkcs12.c b/apps/pkcs12.c
index 439622ad91..9449679cea 100644
--- a/apps/pkcs12.c
+++ b/apps/pkcs12.c
@@ -322,7 +322,7 @@ int pkcs12_main(int argc, char **argv)
if (twopass) {
/* To avoid bit rot */
if (1) {
-#ifndef OPENSSL_NO_UI
+#ifndef OPENSSL_NO_UI_CONSOLE
if (EVP_read_pw_string
(macpass, sizeof macpass, "Enter MAC Password:", export_cert)) {
BIO_printf(bio_err, "Can't read Password\n");
@@ -441,7 +441,7 @@ int pkcs12_main(int argc, char **argv)
if (!noprompt) {
/* To avoid bit rot */
if (1) {
-#ifndef OPENSSL_NO_UI
+#ifndef OPENSSL_NO_UI_CONSOLE
if (EVP_read_pw_string(pass, sizeof pass, "Enter Export Password:",
1)) {
BIO_printf(bio_err, "Can't read Password\n");
@@ -507,7 +507,7 @@ int pkcs12_main(int argc, char **argv)
if (!noprompt) {
if (1) {
-#ifndef OPENSSL_NO_UI
+#ifndef OPENSSL_NO_UI_CONSOLE
if (EVP_read_pw_string(pass, sizeof pass, "Enter Import Password:",
0)) {
BIO_printf(bio_err, "Can't read Password\n");
diff --git a/apps/pkcs8.c b/apps/pkcs8.c
index e964a3b619..ad41f7b711 100644
--- a/apps/pkcs8.c
+++ b/apps/pkcs8.c
@@ -65,7 +65,7 @@ int pkcs8_main(int argc, char **argv)
const EVP_CIPHER *cipher = NULL;
char *infile = NULL, *outfile = NULL;
char *passinarg = NULL, *passoutarg = NULL, *prog;
-#ifndef OPENSSL_NO_UI
+#ifndef OPENSSL_NO_UI_CONSOLE
char pass[APP_PASS_LEN];
#endif
char *passin = NULL, *passout = NULL, *p8pass = NULL;
@@ -236,7 +236,7 @@ int pkcs8_main(int argc, char **argv)
p8pass = passout;
} else if (1) {
/* To avoid bit rot */
-#ifndef OPENSSL_NO_UI
+#ifndef OPENSSL_NO_UI_CONSOLE
p8pass = pass;
if (EVP_read_pw_string
(pass, sizeof pass, "Enter Encryption Password:", 1)) {
@@ -299,7 +299,7 @@ int pkcs8_main(int argc, char **argv)
if (passin != NULL) {
p8pass = passin;
} else if (1) {
-#ifndef OPENSSL_NO_UI
+#ifndef OPENSSL_NO_UI_CONSOLE
p8pass = pass;
if (EVP_read_pw_string(pass, sizeof pass, "Enter Password:", 0)) {
BIO_printf(bio_err, "Can't read Password\n");