From 0713745868dc436c5b2e8e3b2b1951e7a897b163 Mon Sep 17 00:00:00 2001 From: semarie <> Date: Sat, 17 Oct 2015 07:51:10 +0000 Subject: add "tty" for several subcommands of openssl it is needed in order to let libssl UI_* function plays with echo on/off when asking for password on terminal. passwd subcommand needs additionnal "wpath cpath" in order to let it calls fopen("/dev/tty", "w") (O_WRONLY with O_CREAT | O_TRUNC). problem reported by several with and ok doug@ --- src/usr.bin/openssl/ca.c | 4 ++-- src/usr.bin/openssl/cms.c | 4 ++-- src/usr.bin/openssl/dgst.c | 4 ++-- src/usr.bin/openssl/dsa.c | 4 ++-- src/usr.bin/openssl/ec.c | 4 ++-- src/usr.bin/openssl/enc.c | 4 ++-- src/usr.bin/openssl/gendsa.c | 4 ++-- src/usr.bin/openssl/genpkey.c | 4 ++-- src/usr.bin/openssl/genrsa.c | 4 ++-- src/usr.bin/openssl/openssl.c | 4 ++-- src/usr.bin/openssl/passwd.c | 4 ++-- src/usr.bin/openssl/pkcs12.c | 4 ++-- src/usr.bin/openssl/pkcs8.c | 4 ++-- src/usr.bin/openssl/pkey.c | 4 ++-- src/usr.bin/openssl/pkeyutl.c | 4 ++-- src/usr.bin/openssl/req.c | 4 ++-- src/usr.bin/openssl/rsa.c | 4 ++-- src/usr.bin/openssl/rsautl.c | 4 ++-- src/usr.bin/openssl/s_client.c | 4 ++-- src/usr.bin/openssl/s_server.c | 4 ++-- src/usr.bin/openssl/smime.c | 4 ++-- src/usr.bin/openssl/spkac.c | 4 ++-- src/usr.bin/openssl/ts.c | 4 ++-- src/usr.bin/openssl/x509.c | 4 ++-- 24 files changed, 48 insertions(+), 48 deletions(-) (limited to 'src') diff --git a/src/usr.bin/openssl/ca.c b/src/usr.bin/openssl/ca.c index 0b246aeb15..d97410b556 100644 --- a/src/usr.bin/openssl/ca.c +++ b/src/usr.bin/openssl/ca.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ca.c,v 1.17 2015/10/10 22:28:51 doug Exp $ */ +/* $OpenBSD: ca.c,v 1.18 2015/10/17 07:51:10 semarie Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -287,7 +287,7 @@ ca_main(int argc, char **argv) DB_ATTR db_attr; if (single_execution) { - if (pledge("stdio rpath wpath cpath", NULL) == -1) + if (pledge("stdio rpath wpath cpath tty", NULL) == -1) perror("pledge"); } diff --git a/src/usr.bin/openssl/cms.c b/src/usr.bin/openssl/cms.c index 29429f53e0..4174960d7a 100644 --- a/src/usr.bin/openssl/cms.c +++ b/src/usr.bin/openssl/cms.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cms.c,v 1.4 2015/10/10 22:28:51 doug Exp $ */ +/* $OpenBSD: cms.c,v 1.5 2015/10/17 07:51:10 semarie Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project. */ @@ -136,7 +136,7 @@ cms_main(int argc, char **argv) X509_VERIFY_PARAM *vpm = NULL; if (single_execution) { - if (pledge("stdio rpath wpath cpath", NULL) == -1) + if (pledge("stdio rpath wpath cpath tty", NULL) == -1) perror("pledge"); } diff --git a/src/usr.bin/openssl/dgst.c b/src/usr.bin/openssl/dgst.c index b4632eefa3..432f310030 100644 --- a/src/usr.bin/openssl/dgst.c +++ b/src/usr.bin/openssl/dgst.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dgst.c,v 1.7 2015/10/10 22:28:51 doug Exp $ */ +/* $OpenBSD: dgst.c,v 1.8 2015/10/17 07:51:10 semarie Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -124,7 +124,7 @@ dgst_main(int argc, char **argv) STACK_OF(OPENSSL_STRING) * sigopts = NULL, *macopts = NULL; if (single_execution) { - if (pledge("stdio rpath wpath cpath", NULL) == -1) + if (pledge("stdio rpath wpath cpath tty", NULL) == -1) perror("pledge"); } diff --git a/src/usr.bin/openssl/dsa.c b/src/usr.bin/openssl/dsa.c index 2c4feea0d5..6a774ee545 100644 --- a/src/usr.bin/openssl/dsa.c +++ b/src/usr.bin/openssl/dsa.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dsa.c,v 1.6 2015/10/10 22:28:51 doug Exp $ */ +/* $OpenBSD: dsa.c,v 1.7 2015/10/17 07:51:10 semarie Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -241,7 +241,7 @@ dsa_main(int argc, char **argv) char *passin = NULL, *passout = NULL; if (single_execution) { - if (pledge("stdio rpath wpath cpath", NULL) == -1) + if (pledge("stdio rpath wpath cpath tty", NULL) == -1) perror("pledge"); } diff --git a/src/usr.bin/openssl/ec.c b/src/usr.bin/openssl/ec.c index b4e2fe1daa..b376d43404 100644 --- a/src/usr.bin/openssl/ec.c +++ b/src/usr.bin/openssl/ec.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ec.c,v 1.6 2015/10/10 22:28:51 doug Exp $ */ +/* $OpenBSD: ec.c,v 1.7 2015/10/17 07:51:10 semarie Exp $ */ /* * Written by Nils Larsch for the OpenSSL project. */ @@ -278,7 +278,7 @@ ec_main(int argc, char **argv) char *passin = NULL, *passout = NULL; if (single_execution) { - if (pledge("stdio rpath wpath cpath", NULL) == -1) + if (pledge("stdio rpath wpath cpath tty", NULL) == -1) perror("pledge"); } diff --git a/src/usr.bin/openssl/enc.c b/src/usr.bin/openssl/enc.c index d7103823d3..296024c68f 100644 --- a/src/usr.bin/openssl/enc.c +++ b/src/usr.bin/openssl/enc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: enc.c,v 1.8 2015/10/10 22:28:51 doug Exp $ */ +/* $OpenBSD: enc.c,v 1.9 2015/10/17 07:51:10 semarie Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -339,7 +339,7 @@ enc_main(int argc, char **argv) int i; if (single_execution) { - if (pledge("stdio rpath wpath cpath", NULL) == -1) + if (pledge("stdio rpath wpath cpath tty", NULL) == -1) perror("pledge"); } diff --git a/src/usr.bin/openssl/gendsa.c b/src/usr.bin/openssl/gendsa.c index 002380a1b9..3e027aaf26 100644 --- a/src/usr.bin/openssl/gendsa.c +++ b/src/usr.bin/openssl/gendsa.c @@ -1,4 +1,4 @@ -/* $OpenBSD: gendsa.c,v 1.5 2015/10/10 22:28:51 doug Exp $ */ +/* $OpenBSD: gendsa.c,v 1.6 2015/10/17 07:51:10 semarie Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -86,7 +86,7 @@ gendsa_main(int argc, char **argv) const EVP_CIPHER *enc = NULL; if (single_execution) { - if (pledge("stdio rpath wpath cpath", NULL) == -1) + if (pledge("stdio rpath wpath cpath tty", NULL) == -1) perror("pledge"); } diff --git a/src/usr.bin/openssl/genpkey.c b/src/usr.bin/openssl/genpkey.c index 4d11bc3c33..995d66f14d 100644 --- a/src/usr.bin/openssl/genpkey.c +++ b/src/usr.bin/openssl/genpkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: genpkey.c,v 1.6 2015/10/10 22:28:51 doug Exp $ */ +/* $OpenBSD: genpkey.c,v 1.7 2015/10/17 07:51:10 semarie Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2006 */ @@ -87,7 +87,7 @@ genpkey_main(int argc, char **argv) int do_param = 0; if (single_execution) { - if (pledge("stdio rpath wpath cpath", NULL) == -1) + if (pledge("stdio rpath wpath cpath tty", NULL) == -1) perror("pledge"); } diff --git a/src/usr.bin/openssl/genrsa.c b/src/usr.bin/openssl/genrsa.c index 1ca8713ed2..35e6d602b0 100644 --- a/src/usr.bin/openssl/genrsa.c +++ b/src/usr.bin/openssl/genrsa.c @@ -1,4 +1,4 @@ -/* $OpenBSD: genrsa.c,v 1.6 2015/10/10 22:28:51 doug Exp $ */ +/* $OpenBSD: genrsa.c,v 1.7 2015/10/17 07:51:10 semarie Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -101,7 +101,7 @@ genrsa_main(int argc, char **argv) RSA *rsa = NULL; if (single_execution) { - if (pledge("stdio rpath wpath cpath", NULL) == -1) + if (pledge("stdio rpath wpath cpath tty", NULL) == -1) perror("pledge"); } diff --git a/src/usr.bin/openssl/openssl.c b/src/usr.bin/openssl/openssl.c index 43f0e9189c..374bcd27d0 100644 --- a/src/usr.bin/openssl/openssl.c +++ b/src/usr.bin/openssl/openssl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: openssl.c,v 1.18 2015/10/16 13:37:44 millert Exp $ */ +/* $OpenBSD: openssl.c,v 1.19 2015/10/17 07:51:10 semarie Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -438,7 +438,7 @@ main(int argc, char **argv) arg.data = NULL; arg.count = 0; - if (pledge("stdio inet rpath wpath cpath proc flock", NULL) == -1) { + if (pledge("stdio inet rpath wpath cpath proc flock tty", NULL) == -1) { fprintf(stderr, "openssl: pledge: %s\n", strerror(errno)); exit(1); } diff --git a/src/usr.bin/openssl/passwd.c b/src/usr.bin/openssl/passwd.c index 58fc5ecb4b..7ef7ef456c 100644 --- a/src/usr.bin/openssl/passwd.c +++ b/src/usr.bin/openssl/passwd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: passwd.c,v 1.5 2015/10/10 22:28:51 doug Exp $ */ +/* $OpenBSD: passwd.c,v 1.6 2015/10/17 07:51:10 semarie Exp $ */ #if defined OPENSSL_NO_MD5 #define NO_MD5CRYPT_1 @@ -146,7 +146,7 @@ passwd_main(int argc, char **argv) int ret = 1; if (single_execution) { - if (pledge("stdio rpath", NULL) == -1) + if (pledge("stdio rpath wpath cpath tty", NULL) == -1) perror("pledge"); } diff --git a/src/usr.bin/openssl/pkcs12.c b/src/usr.bin/openssl/pkcs12.c index f8d8cc6115..2eb04a58b7 100644 --- a/src/usr.bin/openssl/pkcs12.c +++ b/src/usr.bin/openssl/pkcs12.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pkcs12.c,v 1.5 2015/10/10 22:28:51 doug Exp $ */ +/* $OpenBSD: pkcs12.c,v 1.6 2015/10/17 07:51:10 semarie Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project. */ @@ -125,7 +125,7 @@ pkcs12_main(int argc, char **argv) char *CApath = NULL, *CAfile = NULL; if (single_execution) { - if (pledge("stdio rpath wpath cpath", NULL) == -1) + if (pledge("stdio rpath wpath cpath tty", NULL) == -1) perror("pledge"); } diff --git a/src/usr.bin/openssl/pkcs8.c b/src/usr.bin/openssl/pkcs8.c index 4ac2af012a..5b54cbfb98 100644 --- a/src/usr.bin/openssl/pkcs8.c +++ b/src/usr.bin/openssl/pkcs8.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pkcs8.c,v 1.7 2015/10/10 22:28:51 doug Exp $ */ +/* $OpenBSD: pkcs8.c,v 1.8 2015/10/17 07:51:10 semarie Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999-2004. */ @@ -227,7 +227,7 @@ pkcs8_main(int argc, char **argv) int ret = 1; if (single_execution) { - if (pledge("stdio rpath wpath cpath", NULL) == -1) + if (pledge("stdio rpath wpath cpath tty", NULL) == -1) perror("pledge"); } diff --git a/src/usr.bin/openssl/pkey.c b/src/usr.bin/openssl/pkey.c index d1ddf5a929..0a0590ccb6 100644 --- a/src/usr.bin/openssl/pkey.c +++ b/src/usr.bin/openssl/pkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pkey.c,v 1.6 2015/10/10 22:28:51 doug Exp $ */ +/* $OpenBSD: pkey.c,v 1.7 2015/10/17 07:51:10 semarie Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2006 */ @@ -80,7 +80,7 @@ pkey_main(int argc, char **argv) int ret = 1; if (single_execution) { - if (pledge("stdio rpath wpath cpath", NULL) == -1) + if (pledge("stdio rpath wpath cpath tty", NULL) == -1) perror("pledge"); } diff --git a/src/usr.bin/openssl/pkeyutl.c b/src/usr.bin/openssl/pkeyutl.c index 64d1f90f50..bf3fcf1b92 100644 --- a/src/usr.bin/openssl/pkeyutl.c +++ b/src/usr.bin/openssl/pkeyutl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pkeyutl.c,v 1.8 2015/10/10 22:28:51 doug Exp $ */ +/* $OpenBSD: pkeyutl.c,v 1.9 2015/10/17 07:51:10 semarie Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2006. */ @@ -101,7 +101,7 @@ pkeyutl_main(int argc, char **argv) int ret = 1, rv = -1; if (single_execution) { - if (pledge("stdio rpath wpath cpath", NULL) == -1) + if (pledge("stdio rpath wpath cpath tty", NULL) == -1) perror("pledge"); } diff --git a/src/usr.bin/openssl/req.c b/src/usr.bin/openssl/req.c index 032944b233..c2f20ae757 100644 --- a/src/usr.bin/openssl/req.c +++ b/src/usr.bin/openssl/req.c @@ -1,4 +1,4 @@ -/* $OpenBSD: req.c,v 1.10 2015/10/10 22:28:51 doug Exp $ */ +/* $OpenBSD: req.c,v 1.11 2015/10/17 07:51:10 semarie Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -177,7 +177,7 @@ req_main(int argc, char **argv) unsigned long chtype = MBSTRING_ASC; if (single_execution) { - if (pledge("stdio rpath wpath cpath", NULL) == -1) + if (pledge("stdio rpath wpath cpath tty", NULL) == -1) perror("pledge"); } diff --git a/src/usr.bin/openssl/rsa.c b/src/usr.bin/openssl/rsa.c index a5737605fe..06d3ca1b42 100644 --- a/src/usr.bin/openssl/rsa.c +++ b/src/usr.bin/openssl/rsa.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rsa.c,v 1.6 2015/10/10 22:28:51 doug Exp $ */ +/* $OpenBSD: rsa.c,v 1.7 2015/10/17 07:51:10 semarie Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -269,7 +269,7 @@ rsa_main(int argc, char **argv) char *passin = NULL, *passout = NULL; if (single_execution) { - if (pledge("stdio rpath wpath cpath", NULL) == -1) + if (pledge("stdio rpath wpath cpath tty", NULL) == -1) perror("pledge"); } diff --git a/src/usr.bin/openssl/rsautl.c b/src/usr.bin/openssl/rsautl.c index 92dceff8a1..a6106e0313 100644 --- a/src/usr.bin/openssl/rsautl.c +++ b/src/usr.bin/openssl/rsautl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rsautl.c,v 1.8 2015/10/10 22:28:51 doug Exp $ */ +/* $OpenBSD: rsautl.c,v 1.9 2015/10/17 07:51:10 semarie Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2000. */ @@ -99,7 +99,7 @@ rsautl_main(int argc, char **argv) int ret = 1; if (single_execution) { - if (pledge("stdio rpath wpath cpath", NULL) == -1) + if (pledge("stdio rpath wpath cpath tty", NULL) == -1) perror("pledge"); } diff --git a/src/usr.bin/openssl/s_client.c b/src/usr.bin/openssl/s_client.c index 63f30389c4..6bc66ac5fb 100644 --- a/src/usr.bin/openssl/s_client.c +++ b/src/usr.bin/openssl/s_client.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s_client.c,v 1.21 2015/10/10 22:28:51 doug Exp $ */ +/* $OpenBSD: s_client.c,v 1.22 2015/10/17 07:51:10 semarie Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -365,7 +365,7 @@ s_client_main(int argc, char **argv) long socket_mtu = 0; if (single_execution) { - if (pledge("stdio inet rpath wpath cpath", NULL) == -1) + if (pledge("stdio inet rpath wpath cpath tty", NULL) == -1) perror("pledge"); } diff --git a/src/usr.bin/openssl/s_server.c b/src/usr.bin/openssl/s_server.c index 198508398b..33765eeedb 100644 --- a/src/usr.bin/openssl/s_server.c +++ b/src/usr.bin/openssl/s_server.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s_server.c,v 1.20 2015/10/10 22:28:51 doug Exp $ */ +/* $OpenBSD: s_server.c,v 1.21 2015/10/17 07:51:10 semarie Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -605,7 +605,7 @@ s_server_main(int argc, char *argv[]) tlsextalpnctx alpn_ctx = { NULL, 0 }; if (single_execution) { - if (pledge("stdio inet rpath", NULL) == -1) + if (pledge("stdio inet rpath tty", NULL) == -1) perror("pledge"); } diff --git a/src/usr.bin/openssl/smime.c b/src/usr.bin/openssl/smime.c index fee7c71e76..53e2a94a54 100644 --- a/src/usr.bin/openssl/smime.c +++ b/src/usr.bin/openssl/smime.c @@ -1,4 +1,4 @@ -/* $OpenBSD: smime.c,v 1.5 2015/10/10 22:28:51 doug Exp $ */ +/* $OpenBSD: smime.c,v 1.6 2015/10/17 07:51:10 semarie Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project. */ @@ -113,7 +113,7 @@ smime_main(int argc, char **argv) X509_VERIFY_PARAM *vpm = NULL; if (single_execution) { - if (pledge("stdio rpath wpath cpath", NULL) == -1) + if (pledge("stdio rpath wpath cpath tty", NULL) == -1) perror("pledge"); } diff --git a/src/usr.bin/openssl/spkac.c b/src/usr.bin/openssl/spkac.c index 1c8b7073d8..7eff70b5e6 100644 --- a/src/usr.bin/openssl/spkac.c +++ b/src/usr.bin/openssl/spkac.c @@ -1,4 +1,4 @@ -/* $OpenBSD: spkac.c,v 1.6 2015/10/10 22:28:51 doug Exp $ */ +/* $OpenBSD: spkac.c,v 1.7 2015/10/17 07:51:10 semarie Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. Based on an original idea by Massimiliano Pala * (madwolf@openca.org). @@ -182,7 +182,7 @@ spkac_main(int argc, char **argv) EVP_PKEY *pkey = NULL; if (single_execution) { - if (pledge("stdio rpath wpath cpath", NULL) == -1) + if (pledge("stdio rpath wpath cpath tty", NULL) == -1) perror("pledge"); } diff --git a/src/usr.bin/openssl/ts.c b/src/usr.bin/openssl/ts.c index 04ff60ae48..60b8f02bac 100644 --- a/src/usr.bin/openssl/ts.c +++ b/src/usr.bin/openssl/ts.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ts.c,v 1.11 2015/10/10 22:28:51 doug Exp $ */ +/* $OpenBSD: ts.c,v 1.12 2015/10/17 07:51:10 semarie Exp $ */ /* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL * project 2002. */ @@ -150,7 +150,7 @@ ts_main(int argc, char **argv) int token_out = 0; if (single_execution) { - if (pledge("stdio rpath wpath cpath", NULL) == -1) + if (pledge("stdio rpath wpath cpath tty", NULL) == -1) perror("pledge"); } diff --git a/src/usr.bin/openssl/x509.c b/src/usr.bin/openssl/x509.c index 07c28789d3..08b39e5db6 100644 --- a/src/usr.bin/openssl/x509.c +++ b/src/usr.bin/openssl/x509.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509.c,v 1.10 2015/10/10 22:28:51 doug Exp $ */ +/* $OpenBSD: x509.c,v 1.11 2015/10/17 07:51:10 semarie Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -199,7 +199,7 @@ x509_main(int argc, char **argv) const char *errstr = NULL; if (single_execution) { - if (pledge("stdio rpath wpath cpath", NULL) == -1) + if (pledge("stdio rpath wpath cpath tty", NULL) == -1) perror("pledge"); } -- cgit v1.2.3-55-g6feb