Remove the possibility to disable the UI module entirely

Instead, make it possible to disable the console reader that's part of the UI module. This makes it possible to use the UI API and other UI methods in environments where the console reader isn't useful. To disable the console reader, configure with 'no-ui-console' / 'disable-ui-console'. 'no-ui' / 'disable-ui' is now an alias for 'no-ui-console' / 'disable-ui-console'. Fixes #3806 Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3820)
author: Richard Levitte <levitte@openssl.org> 2017-07-01 12:14:37 +0200
committer: Richard Levitte <levitte@openssl.org> 2017-07-03 07:51:04 +0200
commit: 48feaceb53fa6ae924e298b8eba0e247019313e4 (patch)
tree: 535524c1e9e1f24c7e0341e7721416c8e5d175eb /include
parent: 6e2f49b38429d9df00ed12ade60e3de3b9ba43b3 (diff)
download: openssl-48feaceb53fa6ae924e298b8eba0e247019313e4.tar.gz
2 files changed, 24 insertions, 18 deletions
diff --git a/include/openssl/evp.h b/include/openssl/evp.h
index 89a64aeb8e..2531d0012f 100644
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h
@@ -546,13 +546,11 @@ __owur int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
 __owur int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md,
                            unsigned int *s);
 
-#ifndef OPENSSL_NO_UI
 int EVP_read_pw_string(char *buf, int length, const char *prompt, int verify);
 int EVP_read_pw_string_min(char *buf, int minlen, int maxlen,
                            const char *prompt, int verify);
 void EVP_set_pw_prompt(const char *prompt);
 char *EVP_get_pw_prompt(void);
-#endif
 
 __owur int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
                           const unsigned char *salt,
diff --git a/include/openssl/ui.h b/include/openssl/ui.h
index 5990153a9e..0f8c03f8ed 100644
--- a/include/openssl/ui.h
+++ b/include/openssl/ui.h
@@ -12,19 +12,24 @@
 
 # include <openssl/opensslconf.h>
 
-# ifndef OPENSSL_NO_UI
-
-#  if OPENSSL_API_COMPAT < 0x10100000L
-#   include <openssl/crypto.h>
+# if OPENSSL_API_COMPAT < 0x10100000L
+#  include <openssl/crypto.h>
+# endif
+# include <openssl/safestack.h>
+# include <openssl/pem.h>
+# include <openssl/ossl_typ.h>
+# include <openssl/uierr.h>
+
+/* For compatibility reasons, the macro OPENSSL_NO_UI is currently retained */
+# if OPENSSL_API_COMPAT < 0x10200000L
+#  ifdef OPENSSL_NO_UI_CONSOLE
+#   define OPENSSL_NO_UI
 #  endif
-#  include <openssl/safestack.h>
-#  include <openssl/pem.h>
-#  include <openssl/ossl_typ.h>
-#  include <openssl/uierr.h>
+# endif
 
-#ifdef  __cplusplus
+# ifdef  __cplusplus
 extern "C" {
-#endif
+# endif
 
 /*
  * All the following functions return -1 or NULL on error and in some cases
@@ -112,7 +117,7 @@ int UI_dup_error_string(UI *ui, const char *text);
  * each UI being marked with this flag, or the application might get
  * confused.
  */
-#  define UI_INPUT_FLAG_DEFAULT_PWD       0x02
+# define UI_INPUT_FLAG_DEFAULT_PWD       0x02
 
 /*-
  * The user of these routines may want to define flags of their own.  The core
@@ -124,7 +129,7 @@ int UI_dup_error_string(UI *ui, const char *text);
  *    #define MY_UI_FLAG1       (0x01 << UI_INPUT_FLAG_USER_BASE)
  *
 */
-#  define UI_INPUT_FLAG_USER_BASE 16
+# define UI_INPUT_FLAG_USER_BASE 16
 
 /*-
  * The following function helps construct a prompt.  object_desc is a
@@ -187,7 +192,7 @@ int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f) (void));
  * OpenSSL error stack before printing any info or added error messages and
  * before any prompting.
  */
-#  define UI_CTRL_PRINT_ERRORS            1
+# define UI_CTRL_PRINT_ERRORS            1
 /*
  * Check if a UI_process() is possible to do again with the same instance of
  * a user interface.  This makes UI_ctrl() return 1 if it is redoable, and 0
@@ -199,7 +204,7 @@ int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f) (void));
 # define UI_set_app_data(s,arg)         UI_set_ex_data(s,0,arg)
 # define UI_get_app_data(s)             UI_get_ex_data(s,0)
 
-#define UI_get_ex_new_index(l, p, newf, dupf, freef) \
+# define UI_get_ex_new_index(l, p, newf, dupf, freef) \
     CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_UI, l, p, newf, dupf, freef)
 int UI_set_ex_data(UI *r, int idx, void *arg);
 void *UI_get_ex_data(UI *r, int idx);
@@ -210,9 +215,13 @@ const UI_METHOD *UI_get_default_method(void);
 const UI_METHOD *UI_get_method(UI *ui);
 const UI_METHOD *UI_set_method(UI *ui, const UI_METHOD *meth);
 
+# ifndef OPENSSL_NO_UI_CONSOLE
+
 /* The method with all the built-in thingies */
 UI_METHOD *UI_OpenSSL(void);
 
+# endif
+
 /*
  * NULL method.  Literally does nothing, but may serve as a placeholder
  * to avoid internal default.
@@ -351,8 +360,7 @@ UI_METHOD *UI_UTIL_wrap_read_pem_callback(pem_password_cb *cb, int rwflag);
 
 int ERR_load_UI_strings(void);
 
-#  ifdef  __cplusplus
+# ifdef  __cplusplus
 }
-#  endif
 # endif
 #endif
author	Richard Levitte <levitte@openssl.org>	2017-07-01 12:14:37 +0200
committer	Richard Levitte <levitte@openssl.org>	2017-07-03 07:51:04 +0200
commit	48feaceb53fa6ae924e298b8eba0e247019313e4 (patch)
tree	535524c1e9e1f24c7e0341e7721416c8e5d175eb /include
parent	6e2f49b38429d9df00ed12ade60e3de3b9ba43b3 (diff)
download	openssl-48feaceb53fa6ae924e298b8eba0e247019313e4.tar.gz