diff options
author | Richard Levitte <levitte@openssl.org> | 2021-04-28 09:50:42 +0200 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2021-04-30 16:02:29 +0200 |
commit | b7f7a15f6ace4e6e25f8222a9996159582983aa8 (patch) | |
tree | cbf9d98311c9b3d78e6aeac42fbbdcc2c42d5610 | |
parent | b594a227178ccd812e5bb196bcb59ebc52d538ab (diff) | |
download | openssl-b7f7a15f6ace4e6e25f8222a9996159582983aa8.tar.gz |
STORE: Fix the repeated prompting of passphrase
OSSL_STORE's loading function could prompt repeatedly for the same
passphrase. It turns out that OSSL_STORE_load() wasn't caching the
passphrase properly. Fixed in this change.
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15064)
-rw-r--r-- | crypto/store/store_lib.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/crypto/store/store_lib.c b/crypto/store/store_lib.c index 134207d5c2..1a62d7f6ff 100644 --- a/crypto/store/store_lib.c +++ b/crypto/store/store_lib.c @@ -135,7 +135,8 @@ OSSL_STORE_open_ex(const char *uri, OSSL_LIB_CTX *libctx, const char *propq, } if (ui_method != NULL - && !ossl_pw_set_ui_method(&ctx->pwdata, ui_method, ui_data)) { + && (!ossl_pw_set_ui_method(&ctx->pwdata, ui_method, ui_data) + || !ossl_pw_enable_passphrase_caching(&ctx->pwdata))) { ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_CRYPTO_LIB); goto err; } @@ -413,6 +414,9 @@ OSSL_STORE_INFO *OSSL_STORE_load(OSSL_STORE_CTX *ctx) goto again; } + /* Clear any internally cached passphrase */ + (void)ossl_pw_clear_passphrase_cache(&ctx->pwdata); + if (v != NULL && ctx->expected_type != 0) { int returned_type = OSSL_STORE_INFO_get_type(v); |