1 files changed, 86 insertions, 71 deletions
diff --git a/src/lib/libcrypto/man/des_read_pw.3 b/src/lib/libcrypto/man/des_read_pw.3
index 30ae099dc6..41f8553de1 100644
--- a/src/lib/libcrypto/man/des_read_pw.3
+++ b/src/lib/libcrypto/man/des_read_pw.3
@@ -1,10 +1,26 @@
-.\"     $OpenBSD: des_read_pw.3,v 1.10 2020/06/19 17:17:13 schwarze Exp $
+.\" $OpenBSD: des_read_pw.3,v 1.11 2023/09/10 13:58:46 schwarze Exp $
-.\"     OpenSSL doc/crypto/ui_compat.pod May 14 11:28:00 2006 +0000
+.\" full merge up to: OpenSSL doc/crypto/des.pod
-.\"     OpenSSL doc/crypto/des.pod 2a9aca32 Oct 25 08:44:10 2001 +0000
+.\" 53934822 Jun 9 16:39:19 2016 -0400
 .\"
-.\" This file was written by Ulf Moeller <ulf@openssl.org> and
+.\" This file is a derived work.
-.\" Richard Levitte <levitte@openssl.org>.
+.\" The changes are covered by the following Copyright and license:
-.\" Copyright (c) 2000, 2001 The OpenSSL Project.  All rights reserved.
+.\"
+.\" Copyright (c) 2023 Ingo Schwarze <schwarze@openbsd.org>
+.\"
+.\" Permission to use, copy, modify, and distribute this software for any
+.\" purpose with or without fee is hereby granted, provided that the above
+.\" copyright notice and this permission notice appear in all copies.
+.\"
+.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+.\"
+.\" The original file was written by Ulf Moeller <ulf@openssl.org>.
+.\" Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
 .\"
 .\" Redistribution and use in source and binary forms, with or without
 .\" modification, are permitted provided that the following conditions
@@ -50,32 +66,16 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: June 19 2020 $
+.Dd $Mdocdate: September 10 2023 $
 .Dt DES_READ_PW 3
 .Os
 .Sh NAME
-.Nm des_read_pw ,
-.Nm des_read_pw_string ,
 .Nm EVP_read_pw_string ,
-.Nm EVP_read_pw_string_min
+.Nm EVP_read_pw_string_min ,
+.Nm EVP_set_pw_prompt ,
+.Nm EVP_get_pw_prompt
 .Nd compatibility user interface functions
 .Sh SYNOPSIS
-.In openssl/ui_compat.h
-.Ft int
-.Fo des_read_pw
-.Fa "char *buf"
-.Fa "char *buff"
-.Fa "int length"
-.Fa "const char *prompt"
-.Fa "int verify"
-.Fc
-.Ft int
-.Fo des_read_pw_string
-.Fa "char *buf"
-.Fa "int length"
-.Fa "const char *prompt"
-.Fa "int verify"
-.Fc
 .In openssl/evp.h
 .Ft int
 .Fo EVP_read_pw_string
@@ -92,73 +92,86 @@
 .Fa "const char *prompt"
 .Fa "int verify"
 .Fc
+.Ft void
+.Fo EVP_set_pw_prompt
+.Fa "const char *default_prompt"
+.Fc
+.Ft char *
+.Fn EVP_get_pw_prompt void
 .Sh DESCRIPTION
 These functions are deprecated.
 Use
 .Xr UI_UTIL_read_pw 3
 instead.
 .Pp
-The DES library contained a few routines to prompt for passwords.
+.Fn EVP_read_pw_string
-These aren't necessarily dependent on DES, and have therefore become
+writes the
-part of the UI compatibility library.
-.Pp
-.Fn des_read_pw
-writes the string specified by
 .Fa prompt
-to standard output, turns echo off, and reads an input string from the
+to
-terminal.
+.Pa /dev/tty ,
+or, if that could not be opened, to standard output, turns echo off,
+and reads an input string from
+.Pa /dev/tty ,
+or, if that could not be opened, from standard input.
 The string is returned in
 .Fa buf ,
 which must have space for at least
 .Fa length
 bytes.
+If the
+.Fa length
+argument exceeds
+.Dv BUFSIZ ,
+.Dv BUFSIZ
+is used instead.
 If
 .Fa verify
 is set, the user is asked for the password twice and unless the two
 copies match, an error is returned.
-The second password is stored in
-.Fa buff ,
-which must therefore also be at least
-.Fa length
-bytes.
 .Pp
-.Fn des_read_pw_string
-is a variant of
-.Fn des_read_pw
-that provides a buffer if
-.Fa verify
-is set.
-It is available in the MIT Kerberos library as well.
-If
-.Fa length
-exceeds
-.Dv BUFSIZ ,
-.Fn des_read_pw_string
-uses
-.Dv BUFSIZ .
-.Pp
-.Fn EVP_read_pw_string
-and
-.Fn EVP_read_pw_string_min
-are functionally similar to
-.Fn des_read_pw_string .
 .Fn EVP_read_pw_string_min
 additionally checks that the password is at least
 .Fa min_length
 bytes long.
+.Pp
+.Fn EVP_set_pw_prompt
+sets a default prompt to a copy of
+.Fa default_prompt ,
+or clears the default prompt if the
+.Fa default_prompt
+argument is
+.Dv NULL
+or an empty string.
+If the
+.Fa default_prompt
+argument is longer than 79 bytes,
+the copy is silently truncated to a string length of 79 bytes.
+.Pp
+As long as a default prompt is set,
+.Fn EVP_read_pw_string
+and
+.Fn EVP_read_pw_string_min
+can be called with a
+.Fa prompt
+argument of
+.Dv NULL ,
+in which case the default prompt is used instead.
 .Sh RETURN VALUES
-These functions return 0 on success and a negative value on failure.
+.Fn EVP_read_pw_string
+and
+.Fn EVP_read_pw_string_min
+return 0 on success or a negative value on failure.
 .Pp
-They return -1 if
+They return \-1 if
 .Fa length
 is less than or equal to zero or on memory allocation failure.
-They return -1 or -2 if the internal call to
+They return \-1 or \-2 if the internal call to
 .Xr UI_process 3
 fails.
 .Pp
 In addition,
 .Fa EVP_read_pw_string_min
-returns -1 if
+returns \-1 if
 .Fa min_length
 is negative, if
 .Fa length
@@ -166,16 +179,21 @@ is less than or equal to
 .Fa min_length ,
 or if the user entered a password shorter than
 .Fa min_length .
+.Pp
+.Fn EVP_get_pw_prompt
+returns an internal pointer to static memory containing the default prompt, or
+.Dv NULL
+if no default prompt is set.
 .Sh SEE ALSO
 .Xr UI_new 3 ,
 .Xr UI_UTIL_read_pw 3
 .Sh HISTORY
-.Fn des_read_pw_string
-appeared in SSLeay 0.4 or earlier.
 .Fn EVP_read_pw_string
-first appeared in SSLeay 0.5.1.
+first appeared in SSLeay 0.5.1 and
-.Fn des_read_pw
+.Fn EVP_set_pw_prompt
-first appeared in SSLeay 0.8.0.
+and
+.Fn EVP_get_pw_prompt
+in SSLeay 0.6.0.
 These functions have been available since
 .Ox 2.4 .
 .Pp
@@ -183,6 +201,3 @@ These functions have been available since
 first appeared in OpenSSL 1.0.0
 and has been available since
 .Ox 4.9 .
-.Sh AUTHORS
-.An Richard Levitte Aq Mt richard@levitte.org
-for the OpenSSL project.

diff --git a/src/lib/libcrypto/man/des_read_pw.3 b/src/lib/libcrypto/man/des_read_pw.3 index 30ae099dc6..41f8553de1 100644 --- a/src/lib/libcrypto/man/des_read_pw.3 +++ b/src/lib/libcrypto/man/des_read_pw.3
@@ -1,10 +1,26 @@
1	.\" $OpenBSD: des_read_pw.3,v 1.10 2020/06/19 17:17:13 schwarze Exp $	1	.\" $OpenBSD: des_read_pw.3,v 1.11 2023/09/10 13:58:46 schwarze Exp $
2	.\" OpenSSL doc/crypto/ui_compat.pod May 14 11:28:00 2006 +0000	2	.\" full merge up to: OpenSSL doc/crypto/des.pod
3	.\" OpenSSL doc/crypto/des.pod 2a9aca32 Oct 25 08:44:10 2001 +0000	3	.\" 53934822 Jun 9 16:39:19 2016 -0400
4	.\"	4	.\"
5	.\" This file was written by Ulf Moeller <ulf@openssl.org> and	5	.\" This file is a derived work.
6	.\" Richard Levitte <levitte@openssl.org>.	6	.\" The changes are covered by the following Copyright and license:
7	.\" Copyright (c) 2000, 2001 The OpenSSL Project. All rights reserved.	7	.\"
		8	.\" Copyright (c) 2023 Ingo Schwarze <schwarze@openbsd.org>
		9	.\"
		10	.\" Permission to use, copy, modify, and distribute this software for any
		11	.\" purpose with or without fee is hereby granted, provided that the above
		12	.\" copyright notice and this permission notice appear in all copies.
		13	.\"
		14	.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
		15	.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
		16	.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
		17	.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
		18	.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
		19	.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
		20	.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
		21	.\"
		22	.\" The original file was written by Ulf Moeller <ulf@openssl.org>.
		23	.\" Copyright (c) 2000 The OpenSSL Project. All rights reserved.
8	.\"	24	.\"
9	.\" Redistribution and use in source and binary forms, with or without	25	.\" Redistribution and use in source and binary forms, with or without
10	.\" modification, are permitted provided that the following conditions	26	.\" modification, are permitted provided that the following conditions
@@ -50,32 +66,16 @@
50	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED	66	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
51	.\" OF THE POSSIBILITY OF SUCH DAMAGE.	67	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
52	.\"	68	.\"
53	.Dd $Mdocdate: June 19 2020 $	69	.Dd $Mdocdate: September 10 2023 $
54	.Dt DES_READ_PW 3	70	.Dt DES_READ_PW 3
55	.Os	71	.Os
56	.Sh NAME	72	.Sh NAME
57	.Nm des_read_pw ,
58	.Nm des_read_pw_string ,
59	.Nm EVP_read_pw_string ,	73	.Nm EVP_read_pw_string ,
60	.Nm EVP_read_pw_string_min	74	.Nm EVP_read_pw_string_min ,
		75	.Nm EVP_set_pw_prompt ,
		76	.Nm EVP_get_pw_prompt
61	.Nd compatibility user interface functions	77	.Nd compatibility user interface functions
62	.Sh SYNOPSIS	78	.Sh SYNOPSIS
63	.In openssl/ui_compat.h
64	.Ft int
65	.Fo des_read_pw
66	.Fa "char *buf"
67	.Fa "char *buff"
68	.Fa "int length"
69	.Fa "const char *prompt"
70	.Fa "int verify"
71	.Fc
72	.Ft int
73	.Fo des_read_pw_string
74	.Fa "char *buf"
75	.Fa "int length"
76	.Fa "const char *prompt"
77	.Fa "int verify"
78	.Fc
79	.In openssl/evp.h	79	.In openssl/evp.h
80	.Ft int	80	.Ft int
81	.Fo EVP_read_pw_string	81	.Fo EVP_read_pw_string
@@ -92,73 +92,86 @@
92	.Fa "const char *prompt"	92	.Fa "const char *prompt"
93	.Fa "int verify"	93	.Fa "int verify"
94	.Fc	94	.Fc
		95	.Ft void
		96	.Fo EVP_set_pw_prompt
		97	.Fa "const char *default_prompt"
		98	.Fc
		99	.Ft char *
		100	.Fn EVP_get_pw_prompt void
95	.Sh DESCRIPTION	101	.Sh DESCRIPTION
96	These functions are deprecated.	102	These functions are deprecated.
97	Use	103	Use
98	.Xr UI_UTIL_read_pw 3	104	.Xr UI_UTIL_read_pw 3
99	instead.	105	instead.
100	.Pp	106	.Pp
101	The DES library contained a few routines to prompt for passwords.	107	.Fn EVP_read_pw_string
102	These aren't necessarily dependent on DES, and have therefore become	108	writes the
103	part of the UI compatibility library.
104	.Pp
105	.Fn des_read_pw
106	writes the string specified by
107	.Fa prompt	109	.Fa prompt
108	to standard output, turns echo off, and reads an input string from the	110	to
109	terminal.	111	.Pa /dev/tty ,
		112	or, if that could not be opened, to standard output, turns echo off,
		113	and reads an input string from
		114	.Pa /dev/tty ,
		115	or, if that could not be opened, from standard input.
110	The string is returned in	116	The string is returned in
111	.Fa buf ,	117	.Fa buf ,
112	which must have space for at least	118	which must have space for at least
113	.Fa length	119	.Fa length
114	bytes.	120	bytes.
		121	If the
		122	.Fa length
		123	argument exceeds
		124	.Dv BUFSIZ ,
		125	.Dv BUFSIZ
		126	is used instead.
115	If	127	If
116	.Fa verify	128	.Fa verify
117	is set, the user is asked for the password twice and unless the two	129	is set, the user is asked for the password twice and unless the two
118	copies match, an error is returned.	130	copies match, an error is returned.
119	The second password is stored in
120	.Fa buff ,
121	which must therefore also be at least
122	.Fa length
123	bytes.
124	.Pp	131	.Pp
125	.Fn des_read_pw_string
126	is a variant of
127	.Fn des_read_pw
128	that provides a buffer if
129	.Fa verify
130	is set.
131	It is available in the MIT Kerberos library as well.
132	If
133	.Fa length
134	exceeds
135	.Dv BUFSIZ ,
136	.Fn des_read_pw_string
137	uses
138	.Dv BUFSIZ .
139	.Pp
140	.Fn EVP_read_pw_string
141	and
142	.Fn EVP_read_pw_string_min
143	are functionally similar to
144	.Fn des_read_pw_string .
145	.Fn EVP_read_pw_string_min	132	.Fn EVP_read_pw_string_min
146	additionally checks that the password is at least	133	additionally checks that the password is at least
147	.Fa min_length	134	.Fa min_length
148	bytes long.	135	bytes long.
		136	.Pp
		137	.Fn EVP_set_pw_prompt
		138	sets a default prompt to a copy of
		139	.Fa default_prompt ,
		140	or clears the default prompt if the
		141	.Fa default_prompt
		142	argument is
		143	.Dv NULL
		144	or an empty string.
		145	If the
		146	.Fa default_prompt
		147	argument is longer than 79 bytes,
		148	the copy is silently truncated to a string length of 79 bytes.
		149	.Pp
		150	As long as a default prompt is set,
		151	.Fn EVP_read_pw_string
		152	and
		153	.Fn EVP_read_pw_string_min
		154	can be called with a
		155	.Fa prompt
		156	argument of
		157	.Dv NULL ,
		158	in which case the default prompt is used instead.
149	.Sh RETURN VALUES	159	.Sh RETURN VALUES
150	These functions return 0 on success and a negative value on failure.	160	.Fn EVP_read_pw_string
		161	and
		162	.Fn EVP_read_pw_string_min
		163	return 0 on success or a negative value on failure.
151	.Pp	164	.Pp
152	They return -1 if	165	They return \-1 if
153	.Fa length	166	.Fa length
154	is less than or equal to zero or on memory allocation failure.	167	is less than or equal to zero or on memory allocation failure.
155	They return -1 or -2 if the internal call to	168	They return \-1 or \-2 if the internal call to
156	.Xr UI_process 3	169	.Xr UI_process 3
157	fails.	170	fails.
158	.Pp	171	.Pp
159	In addition,	172	In addition,
160	.Fa EVP_read_pw_string_min	173	.Fa EVP_read_pw_string_min
161	returns -1 if	174	returns \-1 if
162	.Fa min_length	175	.Fa min_length
163	is negative, if	176	is negative, if
164	.Fa length	177	.Fa length
@@ -166,16 +179,21 @@ is less than or equal to
166	.Fa min_length ,	179	.Fa min_length ,
167	or if the user entered a password shorter than	180	or if the user entered a password shorter than
168	.Fa min_length .	181	.Fa min_length .
		182	.Pp
		183	.Fn EVP_get_pw_prompt
		184	returns an internal pointer to static memory containing the default prompt, or
		185	.Dv NULL
		186	if no default prompt is set.
169	.Sh SEE ALSO	187	.Sh SEE ALSO
170	.Xr UI_new 3 ,	188	.Xr UI_new 3 ,
171	.Xr UI_UTIL_read_pw 3	189	.Xr UI_UTIL_read_pw 3
172	.Sh HISTORY	190	.Sh HISTORY
173	.Fn des_read_pw_string
174	appeared in SSLeay 0.4 or earlier.
175	.Fn EVP_read_pw_string	191	.Fn EVP_read_pw_string
176	first appeared in SSLeay 0.5.1.	192	first appeared in SSLeay 0.5.1 and
177	.Fn des_read_pw	193	.Fn EVP_set_pw_prompt
178	first appeared in SSLeay 0.8.0.	194	and
		195	.Fn EVP_get_pw_prompt
		196	in SSLeay 0.6.0.
179	These functions have been available since	197	These functions have been available since
180	.Ox 2.4 .	198	.Ox 2.4 .
181	.Pp	199	.Pp
@@ -183,6 +201,3 @@ These functions have been available since
183	first appeared in OpenSSL 1.0.0	201	first appeared in OpenSSL 1.0.0
184	and has been available since	202	and has been available since
185	.Ox 4.9 .	203	.Ox 4.9 .
186	.Sh AUTHORS
187	.An Richard Levitte Aq Mt richard@levitte.org
188	for the OpenSSL project.