diff options
| author | Richard Levitte <levitte@openssl.org> | 2017-07-01 12:14:37 +0200 |
|---|---|---|
| committer | Richard Levitte <levitte@openssl.org> | 2017-07-03 07:51:04 +0200 |
| commit | 48feaceb53fa6ae924e298b8eba0e247019313e4 (patch) | |
| tree | 535524c1e9e1f24c7e0341e7721416c8e5d175eb /apps | |
| parent | 6e2f49b38429d9df00ed12ade60e3de3b9ba43b3 (diff) | |
| download | openssl-48feaceb53fa6ae924e298b8eba0e247019313e4.tar.gz | |
Remove the possibility to disable the UI module entirely
Instead, make it possible to disable the console reader that's part of
the UI module. This makes it possible to use the UI API and other UI
methods in environments where the console reader isn't useful.
To disable the console reader, configure with 'no-ui-console' /
'disable-ui-console'.
'no-ui' / 'disable-ui' is now an alias for 'no-ui-console' /
'disable-ui-console'.
Fixes #3806
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3820)
Diffstat (limited to 'apps')
| -rw-r--r-- | apps/apps.c | 48 | ||||
| -rw-r--r-- | apps/enc.c | 2 | ||||
| -rw-r--r-- | apps/openssl.c | 4 | ||||
| -rw-r--r-- | apps/passwd.c | 6 | ||||
| -rw-r--r-- | apps/pkcs12.c | 6 | ||||
| -rw-r--r-- | apps/pkcs8.c | 6 |
6 files changed, 39 insertions, 33 deletions
diff --git a/apps/apps.c b/apps/apps.c index a89d4eb5e6..8b1aab4c4d 100644 --- a/apps/apps.c +++ b/apps/apps.c @@ -56,9 +56,8 @@ typedef struct { unsigned long mask; } NAME_EX_TBL; -#if !defined(OPENSSL_NO_UI) || !defined(OPENSSL_NO_ENGINE) static UI_METHOD *ui_method = NULL; -#endif +static const UI_METHOD *ui_fallback_method = NULL; static int set_table_opts(unsigned long *flags, const char *arg, const NAME_EX_TBL * in_tbl); @@ -176,14 +175,19 @@ int dump_cert_text(BIO *out, X509 *x) return 0; } -#ifndef OPENSSL_NO_UI static int ui_open(UI *ui) { - return UI_method_get_opener(UI_OpenSSL())(ui); + int (*opener)(UI *ui) = UI_method_get_opener(ui_fallback_method); + + if (opener) + return opener(ui); + return 1; } static int ui_read(UI *ui, UI_STRING *uis) { + int (*reader)(UI *ui, UI_STRING *uis) = NULL; + if (UI_get_input_flags(uis) & UI_INPUT_FLAG_DEFAULT_PWD && UI_get0_user_data(ui)) { switch (UI_get_string_type(uis)) { @@ -205,11 +209,17 @@ static int ui_read(UI *ui, UI_STRING *uis) break; } } - return UI_method_get_reader(UI_OpenSSL())(ui, uis); + + reader = UI_method_get_reader(ui_fallback_method); + if (reader) + return reader(ui, uis); + return 1; } static int ui_write(UI *ui, UI_STRING *uis) { + int (*writer)(UI *ui, UI_STRING *uis) = NULL; + if (UI_get_input_flags(uis) & UI_INPUT_FLAG_DEFAULT_PWD && UI_get0_user_data(ui)) { switch (UI_get_string_type(uis)) { @@ -229,16 +239,28 @@ static int ui_write(UI *ui, UI_STRING *uis) break; } } - return UI_method_get_writer(UI_OpenSSL())(ui, uis); + + writer = UI_method_get_reader(ui_fallback_method); + if (writer) + return writer(ui, uis); + return 1; } static int ui_close(UI *ui) { - return UI_method_get_closer(UI_OpenSSL())(ui); + int (*closer)(UI *ui) = UI_method_get_closer(ui_fallback_method); + + if (closer) + return closer(ui); + return 1; } int setup_ui_method(void) { + ui_fallback_method = UI_null(); +#ifndef OPENSSL_NO_UI_CONSOLE + ui_fallback_method = UI_OpenSSL(); +#endif ui_method = UI_create_method("OpenSSL application user interface"); UI_method_set_opener(ui_method, ui_open); UI_method_set_reader(ui_method, ui_read); @@ -259,24 +281,13 @@ const UI_METHOD *get_ui_method(void) { return ui_method; } -#endif int password_callback(char *buf, int bufsiz, int verify, PW_CB_DATA *cb_tmp) { int res = 0; -#ifndef OPENSSL_NO_UI UI *ui = NULL; -#endif PW_CB_DATA *cb_data = (PW_CB_DATA *)cb_tmp; -#ifdef OPENSSL_NO_UI - if (cb_data != NULL && cb_data->password != NULL) { - res = strlen(cb_data->password); - if (res > bufsiz) - res = bufsiz; - memcpy(buf, cb_data->password, res); - } -#else ui = UI_new_method(ui_method); if (ui) { int ok = 0; @@ -331,7 +342,6 @@ int password_callback(char *buf, int bufsiz, int verify, PW_CB_DATA *cb_tmp) UI_free(ui); OPENSSL_free(prompt); } -#endif return res; } diff --git a/apps/enc.c b/apps/enc.c index 49568eaa50..d2000752f8 100644 --- a/apps/enc.c +++ b/apps/enc.c @@ -308,7 +308,7 @@ int enc_main(int argc, char **argv) if ((str == NULL) && (cipher != NULL) && (hkey == NULL)) { if (1) { -#ifndef OPENSSL_NO_UI +#ifndef OPENSSL_NO_UI_CONSOLE for (;;) { char prompt[200]; diff --git a/apps/openssl.c b/apps/openssl.c index 2a140718ab..e23c390a4c 100644 --- a/apps/openssl.c +++ b/apps/openssl.c @@ -70,18 +70,14 @@ static int apps_startup() | OPENSSL_INIT_LOAD_CONFIG, NULL)) return 0; -#ifndef OPENSSL_NO_UI setup_ui_method(); -#endif return 1; } static void apps_shutdown() { -#ifndef OPENSSL_NO_UI destroy_ui_method(); -#endif } static char *make_config_name() diff --git a/apps/passwd.c b/apps/passwd.c index c87369760c..7ce40e058c 100644 --- a/apps/passwd.c +++ b/apps/passwd.c @@ -100,7 +100,7 @@ int passwd_main(int argc, char **argv) char *salt_malloc = NULL, *passwd_malloc = NULL, *prog; OPTION_CHOICE o; int in_stdin = 0, pw_source_defined = 0; -# ifndef OPENSSL_NO_UI +# ifndef OPENSSL_NO_UI_CONSOLE int in_noverify = 0; # endif int passed_salt = 0, quiet = 0, table = 0, reverse = 0; @@ -129,7 +129,7 @@ int passwd_main(int argc, char **argv) pw_source_defined = 1; break; case OPT_NOVERIFY: -# ifndef OPENSSL_NO_UI +# ifndef OPENSSL_NO_UI_CONSOLE in_noverify = 1; # endif break; @@ -246,7 +246,7 @@ int passwd_main(int argc, char **argv) * avoid rot of not-frequently-used code. */ if (1) { -# ifndef OPENSSL_NO_UI +# ifndef OPENSSL_NO_UI_CONSOLE /* build a null-terminated list */ static char *passwds_static[2] = { NULL, NULL }; diff --git a/apps/pkcs12.c b/apps/pkcs12.c index 439622ad91..9449679cea 100644 --- a/apps/pkcs12.c +++ b/apps/pkcs12.c @@ -322,7 +322,7 @@ int pkcs12_main(int argc, char **argv) if (twopass) { /* To avoid bit rot */ if (1) { -#ifndef OPENSSL_NO_UI +#ifndef OPENSSL_NO_UI_CONSOLE if (EVP_read_pw_string (macpass, sizeof macpass, "Enter MAC Password:", export_cert)) { BIO_printf(bio_err, "Can't read Password\n"); @@ -441,7 +441,7 @@ int pkcs12_main(int argc, char **argv) if (!noprompt) { /* To avoid bit rot */ if (1) { -#ifndef OPENSSL_NO_UI +#ifndef OPENSSL_NO_UI_CONSOLE if (EVP_read_pw_string(pass, sizeof pass, "Enter Export Password:", 1)) { BIO_printf(bio_err, "Can't read Password\n"); @@ -507,7 +507,7 @@ int pkcs12_main(int argc, char **argv) if (!noprompt) { if (1) { -#ifndef OPENSSL_NO_UI +#ifndef OPENSSL_NO_UI_CONSOLE if (EVP_read_pw_string(pass, sizeof pass, "Enter Import Password:", 0)) { BIO_printf(bio_err, "Can't read Password\n"); diff --git a/apps/pkcs8.c b/apps/pkcs8.c index e964a3b619..ad41f7b711 100644 --- a/apps/pkcs8.c +++ b/apps/pkcs8.c @@ -65,7 +65,7 @@ int pkcs8_main(int argc, char **argv) const EVP_CIPHER *cipher = NULL; char *infile = NULL, *outfile = NULL; char *passinarg = NULL, *passoutarg = NULL, *prog; -#ifndef OPENSSL_NO_UI +#ifndef OPENSSL_NO_UI_CONSOLE char pass[APP_PASS_LEN]; #endif char *passin = NULL, *passout = NULL, *p8pass = NULL; @@ -236,7 +236,7 @@ int pkcs8_main(int argc, char **argv) p8pass = passout; } else if (1) { /* To avoid bit rot */ -#ifndef OPENSSL_NO_UI +#ifndef OPENSSL_NO_UI_CONSOLE p8pass = pass; if (EVP_read_pw_string (pass, sizeof pass, "Enter Encryption Password:", 1)) { @@ -299,7 +299,7 @@ int pkcs8_main(int argc, char **argv) if (passin != NULL) { p8pass = passin; } else if (1) { -#ifndef OPENSSL_NO_UI +#ifndef OPENSSL_NO_UI_CONSOLE p8pass = pass; if (EVP_read_pw_string(pass, sizeof pass, "Enter Password:", 0)) { BIO_printf(bio_err, "Can't read Password\n"); |