Neuter the completely broken UI_UTIL_read_pw* API

Return 0 on success, return <= 0 on failure. Sigh. In particular, if an allocation failed, the password that no one entered was considered valid. ok jsing
author: tb <> 2024-08-24 07:50:23 +0000
committer: tb <> 2024-08-24 07:50:23 +0000
commit: 53881b29bc76cfdb36e78d5e160be5c9cd77bedf (patch)
tree: 362bb8bc3a2fd272511c15f322718d9ca1561a7b
parent: bf1f93fbf489016a56536bda74c7bbbbea4d4c8a (diff)
download: openbsd-53881b29bc76cfdb36e78d5e160be5c9cd77bedf.tar.gz
openbsd-53881b29bc76cfdb36e78d5e160be5c9cd77bedf.tar.bz2
openbsd-53881b29bc76cfdb36e78d5e160be5c9cd77bedf.zip
1 files changed, 5 insertions, 27 deletions
diff --git a/src/lib/libcrypto/ui/ui_util.c b/src/lib/libcrypto/ui/ui_util.c
index e1dda00427..ad7adc5fc1 100644
--- a/src/lib/libcrypto/ui/ui_util.c
+++ b/src/lib/libcrypto/ui/ui_util.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ui_util.c,v 1.15 2024/08/08 09:56:51 tb Exp $ */
+/* $OpenBSD: ui_util.c,v 1.16 2024/08/24 07:50:23 tb Exp $ */
 /* ====================================================================
 * Copyright (c) 2001-2002 The OpenSSL Project.  All rights reserved.
 *
@@ -58,40 +58,18 @@
 #include <openssl/ui.h>
+/* XXX - remove in next bump. */
 int
 UI_UTIL_read_pw_string(char *buf, int length, const char *prompt, int verify)
 {
-        char buff[BUFSIZ];
+        return -1;
-        int ret;
-        ret = UI_UTIL_read_pw(buf, buff, (length > BUFSIZ) ? BUFSIZ : length,
-            prompt, verify);
-        explicit_bzero(buff, BUFSIZ);
-        return (ret);
 }
 LCRYPTO_ALIAS(UI_UTIL_read_pw_string);
 int
 UI_UTIL_read_pw(char *buf, char *buff, int size, const char *prompt, int verify)
 {
-        int ok = 0;
+        return -1;
-        UI *ui;
-        if (size < 1)
-                return -1;
-        ui = UI_new();
-        if (ui) {
-                ok = UI_add_input_string(ui, prompt, 0, buf, 0, size - 1);
-                if (ok >= 0 && verify)
-                        ok = UI_add_verify_string(ui, prompt, 0, buff, 0,
-                            size - 1, buf);
-                if (ok >= 0)
-                        ok = UI_process(ui);
-                UI_free(ui);
-        }
-        if (ok > 0)
-                ok = 0;
-        return (ok);
 }
 LCRYPTO_ALIAS(UI_UTIL_read_pw);
author	tb <>	2024-08-24 07:50:23 +0000
committer	tb <>	2024-08-24 07:50:23 +0000
commit	53881b29bc76cfdb36e78d5e160be5c9cd77bedf (patch)
tree	362bb8bc3a2fd272511c15f322718d9ca1561a7b
parent	bf1f93fbf489016a56536bda74c7bbbbea4d4c8a (diff)
download	openbsd-53881b29bc76cfdb36e78d5e160be5c9cd77bedf.tar.gz openbsd-53881b29bc76cfdb36e78d5e160be5c9cd77bedf.tar.bz2 openbsd-53881b29bc76cfdb36e78d5e160be5c9cd77bedf.zip

diff --git a/src/lib/libcrypto/ui/ui_util.c b/src/lib/libcrypto/ui/ui_util.c index e1dda00427..ad7adc5fc1 100644 --- a/src/lib/libcrypto/ui/ui_util.c +++ b/src/lib/libcrypto/ui/ui_util.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ui_util.c,v 1.15 2024/08/08 09:56:51 tb Exp $ */	1	/* $OpenBSD: ui_util.c,v 1.16 2024/08/24 07:50:23 tb Exp $ */
2	/* ====================================================================	2	/* ====================================================================
3	* Copyright (c) 2001-2002 The OpenSSL Project. All rights reserved.	3	* Copyright (c) 2001-2002 The OpenSSL Project. All rights reserved.
4	*	4	*
@@ -58,40 +58,18 @@
58		58
59	#include <openssl/ui.h>	59	#include <openssl/ui.h>
60		60
		61	/* XXX - remove in next bump. */
		62
61	int	63	int
62	UI_UTIL_read_pw_string(char buf, int length, const char prompt, int verify)	64	UI_UTIL_read_pw_string(char buf, int length, const char prompt, int verify)
63	{	65	{
64	char buff[BUFSIZ];	66	return -1;
65	int ret;
66
67	ret = UI_UTIL_read_pw(buf, buff, (length > BUFSIZ) ? BUFSIZ : length,
68	prompt, verify);
69	explicit_bzero(buff, BUFSIZ);
70	return (ret);
71	}	67	}
72	LCRYPTO_ALIAS(UI_UTIL_read_pw_string);	68	LCRYPTO_ALIAS(UI_UTIL_read_pw_string);
73		69
74	int	70	int
75	UI_UTIL_read_pw(char buf, char buff, int size, const char *prompt, int verify)	71	UI_UTIL_read_pw(char buf, char buff, int size, const char *prompt, int verify)
76	{	72	{
77	int ok = 0;	73	return -1;
78	UI *ui;
79
80	if (size < 1)
81	return -1;
82
83	ui = UI_new();
84	if (ui) {
85	ok = UI_add_input_string(ui, prompt, 0, buf, 0, size - 1);
86	if (ok >= 0 && verify)
87	ok = UI_add_verify_string(ui, prompt, 0, buff, 0,
88	size - 1, buf);
89	if (ok >= 0)
90	ok = UI_process(ui);
91	UI_free(ui);
92	}
93	if (ok > 0)
94	ok = 0;
95	return (ok);
96	}	74	}
97	LCRYPTO_ALIAS(UI_UTIL_read_pw);	75	LCRYPTO_ALIAS(UI_UTIL_read_pw);