Skip to content

O
openssl

btwise / openssl

通知 1
Star 0
Fork 0
O
openssl

体验新版 GitCode,发现更多精彩内容 >>

提交 48feaceb 编写于 作者: R Richard Levitte
浏览文件
操作

Remove the possibility to disable the UI module entirely 

Instead, make it possible to disable the console reader that's part of
the UI module.  This makes it possible to use the UI API and other UI
methods in environments where the console reader isn't useful.

To disable the console reader, configure with 'no-ui-console' /
'disable-ui-console'.

'no-ui' / 'disable-ui' is now an alias for  'no-ui-console' /
'disable-ui-console'.

Fixes #3806
Reviewed-by: NRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3820)
上级 6e2f49b3
展开全部 隐藏空白更改
内联 并排
Showing with 361 addition and 346 deletion
CHANGES
浏览文件 @ 48feaceb
......@@ -9,6 +9,17 @@
Changes between 1.1.0f and 1.1.1 [xx XXX xxxx]
*) The UI API becomes a permanent and integral part of libcrypto, i.e.
not possible to disable entirely. However, it's still possible to
disable the console reading UI method, UI_OpenSSL() (use UI_null()
as a fallback).
To disable, configure with 'no-ui-console'. 'no-ui' is still
possible to use as an alias. Check at compile time with the
macro OPENSSL_NO_UI_CONSOLE. The macro OPENSSL_NO_UI is still
possible to check and is an alias for OPENSSL_NO_UI_CONSOLE.
[Richard Levitte]
*) Add a STORE module, which implements a uniform and URI based reader of
stores that can contain keys, certificates, CRLs and numerous other
objects. The main API is loosely based on a few stdio functions,
......
Configure
浏览文件 @ 48feaceb
......@@ -406,7 +406,7 @@ my @disablables = (
"tls13downgrade",
"ts",
"ubsan",
"ui",
"ui-console",
"unit-test",
"whirlpool",
"weak-ssl-ciphers",
......@@ -422,7 +422,8 @@ foreach my $proto ((@tls, @dtls))
my %deprecated_disablables = (
"ssl2" => undef,
"buf-freelists" => undef,
"ripemd" => "rmd160"
"ripemd" => "rmd160",
"ui" => "ui-console",
);
# All of the following is disabled by default (RC5 was enabled before 0.9.8):
......
apps/apps.c
浏览文件 @ 48feaceb
......@@ -56,9 +56,8 @@ typedef struct {
unsigned long mask;
} NAME_EX_TBL;
#if !defined(OPENSSL_NO_UI) || !defined(OPENSSL_NO_ENGINE)
static UI_METHOD *ui_method = NULL;
#endif
static const UI_METHOD *ui_fallback_method = NULL;
static int set_table_opts(unsigned long *flags, const char *arg,
const NAME_EX_TBL * in_tbl);
......@@ -176,14 +175,19 @@ int dump_cert_text(BIO *out, X509 *x)
return 0;
}
#ifndef OPENSSL_NO_UI
static int ui_open(UI *ui)
{
return UI_method_get_opener(UI_OpenSSL())(ui);
int (*opener)(UI *ui) = UI_method_get_opener(ui_fallback_method);
if (opener)
return opener(ui);
return 1;
}
static int ui_read(UI *ui, UI_STRING *uis)
{
int (*reader)(UI *ui, UI_STRING *uis) = NULL;
if (UI_get_input_flags(uis) & UI_INPUT_FLAG_DEFAULT_PWD
&& UI_get0_user_data(ui)) {
switch (UI_get_string_type(uis)) {
......@@ -205,11 +209,17 @@ static int ui_read(UI *ui, UI_STRING *uis)
break;
}
}
return UI_method_get_reader(UI_OpenSSL())(ui, uis);
reader = UI_method_get_reader(ui_fallback_method);
if (reader)
return reader(ui, uis);
return 1;
}
static int ui_write(UI *ui, UI_STRING *uis)
{
int (*writer)(UI *ui, UI_STRING *uis) = NULL;
if (UI_get_input_flags(uis) & UI_INPUT_FLAG_DEFAULT_PWD
&& UI_get0_user_data(ui)) {
switch (UI_get_string_type(uis)) {
......@@ -229,16 +239,28 @@ static int ui_write(UI *ui, UI_STRING *uis)
break;
}
}
return UI_method_get_writer(UI_OpenSSL())(ui, uis);
writer = UI_method_get_reader(ui_fallback_method);
if (writer)
return writer(ui, uis);
return 1;
}
static int ui_close(UI *ui)
{
return UI_method_get_closer(UI_OpenSSL())(ui);
int (*closer)(UI *ui) = UI_method_get_closer(ui_fallback_method);
if (closer)
return closer(ui);
return 1;
}
int setup_ui_method(void)
{
ui_fallback_method = UI_null();
#ifndef OPENSSL_NO_UI_CONSOLE
ui_fallback_method = UI_OpenSSL();
#endif
ui_method = UI_create_method("OpenSSL application user interface");
UI_method_set_opener(ui_method, ui_open);
UI_method_set_reader(ui_method, ui_read);
......@@ -259,24 +281,13 @@ const UI_METHOD *get_ui_method(void)
{
return ui_method;
}
#endif
int password_callback(char *buf, int bufsiz, int verify, PW_CB_DATA *cb_tmp)
{
int res = 0;
#ifndef OPENSSL_NO_UI
UI *ui = NULL;
#endif
PW_CB_DATA *cb_data = (PW_CB_DATA *)cb_tmp;
#ifdef OPENSSL_NO_UI
if (cb_data != NULL && cb_data->password != NULL) {
res = strlen(cb_data->password);
if (res > bufsiz)
res = bufsiz;
memcpy(buf, cb_data->password, res);
}
#else
ui = UI_new_method(ui_method);
if (ui) {
int ok = 0;
......@@ -331,7 +342,6 @@ int password_callback(char *buf, int bufsiz, int verify, PW_CB_DATA *cb_tmp)
UI_free(ui);
OPENSSL_free(prompt);
}
#endif
return res;
}
......
apps/enc.c
浏览文件 @ 48feaceb
......@@ -308,7 +308,7 @@ int enc_main(int argc, char **argv)
if ((str == NULL) && (cipher != NULL) && (hkey == NULL)) {
if (1) {
#ifndef OPENSSL_NO_UI
#ifndef OPENSSL_NO_UI_CONSOLE
for (;;) {
char prompt[200];
......
apps/openssl.c
浏览文件 @ 48feaceb
......@@ -70,18 +70,14 @@ static int apps_startup()
| OPENSSL_INIT_LOAD_CONFIG, NULL))
return 0;
#ifndef OPENSSL_NO_UI
setup_ui_method();
#endif
return 1;
}
static void apps_shutdown()
{
#ifndef OPENSSL_NO_UI
destroy_ui_method();
#endif
}
static char *make_config_name()
......
apps/passwd.c
浏览文件 @ 48feaceb
......@@ -100,7 +100,7 @@ int passwd_main(int argc, char **argv)
char *salt_malloc = NULL, *passwd_malloc = NULL, *prog;
OPTION_CHOICE o;
int in_stdin = 0, pw_source_defined = 0;
# ifndef OPENSSL_NO_UI
# ifndef OPENSSL_NO_UI_CONSOLE
int in_noverify = 0;
# endif
int passed_salt = 0, quiet = 0, table = 0, reverse = 0;
......@@ -129,7 +129,7 @@ int passwd_main(int argc, char **argv)
pw_source_defined = 1;
break;
case OPT_NOVERIFY:
# ifndef OPENSSL_NO_UI
# ifndef OPENSSL_NO_UI_CONSOLE
in_noverify = 1;
# endif
break;
......@@ -246,7 +246,7 @@ int passwd_main(int argc, char **argv)
* avoid rot of not-frequently-used code.
*/
if (1) {
# ifndef OPENSSL_NO_UI
# ifndef OPENSSL_NO_UI_CONSOLE
/* build a null-terminated list */
static char *passwds_static[2] = { NULL, NULL };
......
apps/pkcs12.c
浏览文件 @ 48feaceb
......@@ -322,7 +322,7 @@ int pkcs12_main(int argc, char **argv)
if (twopass) {
/* To avoid bit rot */
if (1) {
#ifndef OPENSSL_NO_UI
#ifndef OPENSSL_NO_UI_CONSOLE
if (EVP_read_pw_string
(macpass, sizeof macpass, "Enter MAC Password:", export_cert)) {
BIO_printf(bio_err, "Can't read Password\n");
......@@ -441,7 +441,7 @@ int pkcs12_main(int argc, char **argv)
if (!noprompt) {
/* To avoid bit rot */
if (1) {
#ifndef OPENSSL_NO_UI
#ifndef OPENSSL_NO_UI_CONSOLE
if (EVP_read_pw_string(pass, sizeof pass, "Enter Export Password:",
1)) {
BIO_printf(bio_err, "Can't read Password\n");
......@@ -507,7 +507,7 @@ int pkcs12_main(int argc, char **argv)
if (!noprompt) {
if (1) {
#ifndef OPENSSL_NO_UI
#ifndef OPENSSL_NO_UI_CONSOLE
if (EVP_read_pw_string(pass, sizeof pass, "Enter Import Password:",
0)) {
BIO_printf(bio_err, "Can't read Password\n");
......
apps/pkcs8.c
浏览文件 @ 48feaceb
......@@ -65,7 +65,7 @@ int pkcs8_main(int argc, char **argv)
const EVP_CIPHER *cipher = NULL;
char *infile = NULL, *outfile = NULL;
char *passinarg = NULL, *passoutarg = NULL, *prog;
#ifndef OPENSSL_NO_UI
#ifndef OPENSSL_NO_UI_CONSOLE
char pass[APP_PASS_LEN];
#endif
char *passin = NULL, *passout = NULL, *p8pass = NULL;
......@@ -236,7 +236,7 @@ int pkcs8_main(int argc, char **argv)
p8pass = passout;
} else if (1) {
/* To avoid bit rot */
#ifndef OPENSSL_NO_UI
#ifndef OPENSSL_NO_UI_CONSOLE
p8pass = pass;
if (EVP_read_pw_string
(pass, sizeof pass, "Enter Encryption Password:", 1)) {
......@@ -299,7 +299,7 @@ int pkcs8_main(int argc, char **argv)
if (passin != NULL) {
p8pass = passin;
} else if (1) {
#ifndef OPENSSL_NO_UI
#ifndef OPENSSL_NO_UI_CONSOLE
p8pass = pass;
if (EVP_read_pw_string(pass, sizeof pass, "Enter Password:", 0)) {
BIO_printf(bio_err, "Can't read Password\n");
......
crypto/err/err_all.c
浏览文件 @ 48feaceb
......@@ -83,9 +83,7 @@ int err_load_crypto_strings_int(void)
# ifndef OPENSSL_NO_OCSP
ERR_load_OCSP_strings() == 0 ||
# endif
#ifndef OPENSSL_NO_UI
ERR_load_UI_strings() == 0 ||
#endif
# ifndef OPENSSL_NO_CMS
ERR_load_CMS_strings() == 0 ||
# endif
......
crypto/evp/evp_key.c
浏览文件 @ 48feaceb
......@@ -14,7 +14,6 @@
#include <openssl/evp.h>
#include <openssl/ui.h>
#ifndef OPENSSL_NO_UI
/* should be init to zeros. */
static char prompt_string[80];
......@@ -69,7 +68,6 @@ int EVP_read_pw_string_min(char *buf, int min, int len, const char *prompt,
OPENSSL_cleanse(buff, BUFSIZ);
return ret;
}
#endif /* OPENSSL_NO_UI */
int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
const unsigned char *salt, const unsigned char *data,
......
crypto/pem/pem_lib.c
浏览文件 @ 48feaceb
......@@ -30,12 +30,8 @@ int pem_check_suffix(const char *pem_str, const char *suffix);
int PEM_def_callback(char *buf, int num, int w, void *key)
{
#if defined(OPENSSL_NO_STDIO) || defined(OPENSSL_NO_UI)
int i;
#else
int i, j;
const char *prompt;
#endif
if (key) {
i = strlen(key);
......@@ -44,10 +40,6 @@ int PEM_def_callback(char *buf, int num, int w, void *key)
return i;
}
#if defined(OPENSSL_NO_STDIO) || defined(OPENSSL_NO_UI)
PEMerr(PEM_F_PEM_DEF_CALLBACK, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return -1;
#else
prompt = EVP_get_pw_prompt();
if (prompt == NULL)
prompt = "Enter PEM pass phrase:";
......@@ -74,7 +66,6 @@ int PEM_def_callback(char *buf, int num, int w, void *key)
break;
}
return j;
#endif
}
void PEM_proc_type(char *buf, int type)
......
crypto/ui/ui_lib.c
浏览文件 @ 48feaceb
......@@ -37,9 +37,10 @@ UI *UI_new_method(const UI_METHOD *method)
}
if (method == NULL)
ret->meth = UI_get_default_method();
else
ret->meth = method;
method = UI_get_default_method();
if (method == NULL)
method = UI_null();
ret->meth = method;
if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_UI, ret, &ret->ex_data)) {
OPENSSL_free(ret);
......
crypto/ui/ui_openssl.c
浏览文件 @ 48feaceb
......@@ -9,64 +9,66 @@
#include <openssl/e_os2.h>
#include <openssl/err.h>
#include <openssl/ui.h>
#ifndef OPENSSL_NO_UI_CONSOLE
/*
* need for #define _POSIX_C_SOURCE arises whenever you pass -ansi to gcc
* [maybe others?], because it masks interfaces not discussed in standard,
* sigaction and fileno included. -pedantic would be more appropriate for the
* intended purposes, but we can't prevent users from adding -ansi.
*/
#if defined(OPENSSL_SYS_VXWORKS)
# include <sys/types.h>
#endif
#if !defined(_POSIX_C_SOURCE) && defined(OPENSSL_SYS_VMS)
# ifndef _POSIX_C_SOURCE
# define _POSIX_C_SOURCE 2
# if defined(OPENSSL_SYS_VXWORKS)
# include <sys/types.h>
# endif
#endif
#include <signal.h>
#include <stdio.h>
#include <string.h>
#include <errno.h>
#if !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_VMS)
# ifdef OPENSSL_UNISTD
# include OPENSSL_UNISTD
# else
# include <unistd.h>
# if !defined(_POSIX_C_SOURCE) && defined(OPENSSL_SYS_VMS)
# ifndef _POSIX_C_SOURCE
# define _POSIX_C_SOURCE 2
# endif
# endif
# include <signal.h>
# include <stdio.h>
# include <string.h>
# include <errno.h>
# if !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_VMS)
# ifdef OPENSSL_UNISTD
# include OPENSSL_UNISTD
# else
# include <unistd.h>
# endif
/*
* If unistd.h defines _POSIX_VERSION, we conclude that we are on a POSIX
* system and have sigaction and termios.
*/
# if defined(_POSIX_VERSION)
# if defined(_POSIX_VERSION)
# define SIGACTION
# if !defined(TERMIOS) && !defined(TERMIO) && !defined(SGTTY)
# define TERMIOS
# endif
# define SIGACTION
# if !defined(TERMIOS) && !defined(TERMIO) && !defined(SGTTY)
# define TERMIOS
# endif
# endif
# endif
#endif
/* 06-Apr-92 Luke Brennan Support for VMS */
#include "ui_locl.h"
#include "internal/cryptlib.h"
# include "ui_locl.h"
# include "internal/cryptlib.h"
#ifdef OPENSSL_SYS_VMS /* prototypes for sys$whatever */
# include <starlet.h>
# ifdef __DECC
# pragma message disable DOLLARID
# ifdef OPENSSL_SYS_VMS /* prototypes for sys$whatever */
# include <starlet.h>
# ifdef __DECC
# pragma message disable DOLLARID
# endif
# endif
#endif
#ifdef WIN_CONSOLE_BUG
# include <windows.h>
# ifndef OPENSSL_SYS_WINCE
# include <wincon.h>
# ifdef WIN_CONSOLE_BUG
# include <windows.h>
# ifndef OPENSSL_SYS_WINCE
# include <wincon.h>
# endif
# endif
#endif
/*
* There are 6 types of terminal interface supported, TERMIO, TERMIOS, VMS,
......@@ -80,81 +82,81 @@
* may eventually opt to remove it's use entirely.
*/
#if !defined(TERMIOS) && !defined(TERMIO) && !defined(SGTTY)
# if !defined(TERMIOS) && !defined(TERMIO) && !defined(SGTTY)
# if defined(_LIBC)
# undef TERMIOS
# define TERMIO
# undef SGTTY
# if defined(_LIBC)
# undef TERMIOS
# define TERMIO
# undef SGTTY
/*
* We know that VMS, MSDOS, VXWORKS, use entirely other mechanisms.
*/
# elif !defined(OPENSSL_SYS_VMS) \
# elif !defined(OPENSSL_SYS_VMS) \
&& !defined(OPENSSL_SYS_MSDOS) \
&& !defined(OPENSSL_SYS_VXWORKS)
# define TERMIOS
# undef TERMIO
# undef SGTTY
# endif
# define TERMIOS
# undef TERMIO
# undef SGTTY
# endif
#endif
# endif
#ifdef TERMIOS
# include <termios.h>
# define TTY_STRUCT struct termios
# define TTY_FLAGS c_lflag
# define TTY_get(tty,data) tcgetattr(tty,data)
# define TTY_set(tty,data) tcsetattr(tty,TCSANOW,data)
#endif
# ifdef TERMIOS
# include <termios.h>
# define TTY_STRUCT struct termios
# define TTY_FLAGS c_lflag
# define TTY_get(tty,data) tcgetattr(tty,data)
# define TTY_set(tty,data) tcsetattr(tty,TCSANOW,data)
# endif
#ifdef TERMIO
# include <termio.h>
# define TTY_STRUCT struct termio
# define TTY_FLAGS c_lflag
# define TTY_get(tty,data) ioctl(tty,TCGETA,data)
# define TTY_set(tty,data) ioctl(tty,TCSETA,data)
#endif
# ifdef TERMIO
# include <termio.h>
# define TTY_STRUCT struct termio
# define TTY_FLAGS c_lflag
# define TTY_get(tty,data) ioctl(tty,TCGETA,data)
# define TTY_set(tty,data) ioctl(tty,TCSETA,data)
# endif
#ifdef SGTTY
# include <sgtty.h>
# define TTY_STRUCT struct sgttyb
# define TTY_FLAGS sg_flags
# define TTY_get(tty,data) ioctl(tty,TIOCGETP,data)
# define TTY_set(tty,data) ioctl(tty,TIOCSETP,data)
#endif
# ifdef SGTTY
# include <sgtty.h>
# define TTY_STRUCT struct sgttyb
# define TTY_FLAGS sg_flags
# define TTY_get(tty,data) ioctl(tty,TIOCGETP,data)
# define TTY_set(tty,data) ioctl(tty,TIOCSETP,data)
# endif
#if !defined(_LIBC) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_VMS)
# include <sys/ioctl.h>
#endif
# if !defined(_LIBC) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_VMS)
# include <sys/ioctl.h>
# endif
#ifdef OPENSSL_SYS_MSDOS
# include <conio.h>
#endif
# ifdef OPENSSL_SYS_MSDOS
# include <conio.h>
# endif
#ifdef OPENSSL_SYS_VMS
# include <ssdef.h>
# include <iodef.h>
# include <ttdef.h>
# include <descrip.h>
# ifdef OPENSSL_SYS_VMS
# include <ssdef.h>
# include <iodef.h>
# include <ttdef.h>
# include <descrip.h>
struct IOSB {
short iosb$w_value;
short iosb$w_count;
long iosb$l_info;
};
#endif
# endif
#ifndef NX509_SIG
# define NX509_SIG 32
#endif
# ifndef NX509_SIG
# define NX509_SIG 32
# endif
/* Define globals. They are protected by a lock */
#ifdef SIGACTION
# ifdef SIGACTION
static struct sigaction savsig[NX509_SIG];
#else
# else
static void (*savsig[NX509_SIG]) (int);
#endif
# endif
#ifdef OPENSSL_SYS_VMS
# ifdef OPENSSL_SYS_VMS
static struct IOSB iosb;
static $DESCRIPTOR(terminal, "TT");
static long tty_orig[3], tty_new[3]; /* XXX Is there any guarantee that this
......@@ -162,26 +164,26 @@ static long tty_orig[3], tty_new[3]; /* XXX Is there any guarantee that this
* structures? */
static long status;
static unsigned short channel = 0;
#elif defined(_WIN32) && !defined(_WIN32_WCE)
# elif defined(_WIN32) && !defined(_WIN32_WCE)
static DWORD tty_orig, tty_new;
#else
# if !defined(OPENSSL_SYS_MSDOS) || defined(__DJGPP__)
# else
# if !defined(OPENSSL_SYS_MSDOS) || defined(__DJGPP__)
static TTY_STRUCT tty_orig, tty_new;
# endif
# endif
#endif
static FILE *tty_in, *tty_out;
static int is_a_tty;
/* Declare static functions */
#if !defined(OPENSSL_SYS_WINCE)
# if !defined(OPENSSL_SYS_WINCE)
static int read_till_nl(FILE *);
static void recsig(int);
static void pushsig(void);
static void popsig(void);
#endif
#if defined(OPENSSL_SYS_MSDOS) && !defined(_WIN32)
# endif
# if defined(OPENSSL_SYS_MSDOS) && !defined(_WIN32)
static int noecho_fgets(char *buf, int size, FILE *tty);
#endif
# endif
static int read_string_inner(UI *ui, UI_STRING *uis, int echo, int strip_nl);
static int read_string(UI *ui, UI_STRING *uis);
......@@ -192,34 +194,6 @@ static int echo_console(UI *ui);
static int noecho_console(UI *ui);
static int close_console(UI *ui);
static UI_METHOD ui_openssl = {
"OpenSSL default user interface",
open_console,
write_string,
NULL, /* No flusher is needed for command lines */
read_string,
close_console,
NULL
};
static const UI_METHOD *default_UI_meth = &ui_openssl;
void UI_set_default_method(const UI_METHOD *meth)
{
default_UI_meth = meth;
}
const UI_METHOD *UI_get_default_method(void)
{
return default_UI_meth;
}
/* The method with all the built-in thingies */
UI_METHOD *UI_OpenSSL(void)
{
return &ui_openssl;
}
/*
* The following function makes sure that info and error strings are printed
* before any prompt.
......@@ -280,11 +254,11 @@ static int read_string(UI *ui, UI_STRING *uis)
return 1;
}
#if !defined(OPENSSL_SYS_WINCE)
# if !defined(OPENSSL_SYS_WINCE)
/* Internal functions to read a string without echoing */
static int read_till_nl(FILE *in)
{
# define SIZE 4
# define SIZE 4
char buf[SIZE + 1];
do {
......@@ -295,7 +269,7 @@ static int read_till_nl(FILE *in)
}
static volatile sig_atomic_t intr_signal;
#endif
# endif
static int read_string_inner(UI *ui, UI_STRING *uis, int echo, int strip_nl)
{
......@@ -303,7 +277,7 @@ static int read_string_inner(UI *ui, UI_STRING *uis, int echo, int strip_nl)
int ok;
char result[BUFSIZ];
int maxsize = BUFSIZ - 1;
#if !defined(OPENSSL_SYS_WINCE)
# if !defined(OPENSSL_SYS_WINCE)
char *p = NULL;
int echo_eol = !echo;
......@@ -319,10 +293,10 @@ static int read_string_inner(UI *ui, UI_STRING *uis, int echo, int strip_nl)
ps = 2;
result[0] = '\0';
# if defined(_WIN32)
# if defined(_WIN32)
if (is_a_tty) {
DWORD numread;
# if defined(CP_UTF8)
# if defined(CP_UTF8)
if (GetEnvironmentVariableW(L"OPENSSL_WIN32_UTF8", NULL, 0) != 0) {
WCHAR wresult[BUFSIZ];
......@@ -342,7 +316,7 @@ static int read_string_inner(UI *ui, UI_STRING *uis, int echo, int strip_nl)
OPENSSL_cleanse(wresult, sizeof(wresult));
}
} else
# endif
# endif
if (ReadConsoleA(GetStdHandle(STD_INPUT_HANDLE),
result, maxsize, &numread, NULL)) {
if (numread >= 2 &&
......@@ -354,12 +328,12 @@ static int read_string_inner(UI *ui, UI_STRING *uis, int echo, int strip_nl)
p = result;
}
} else
# elif defined(OPENSSL_SYS_MSDOS)
# elif defined(OPENSSL_SYS_MSDOS)
if (!echo) {
noecho_fgets(result, maxsize, tty_in);
p = result; /* FIXME: noecho_fgets doesn't return errors */
} else
# endif
# endif
p = fgets(result, maxsize, tty_in);
if (p == NULL)
goto error;
......@@ -385,9 +359,9 @@ static int read_string_inner(UI *ui, UI_STRING *uis, int echo, int strip_nl)
if (ps >= 1)
popsig();
#else
# else
ok = 1;
#endif
# endif
OPENSSL_cleanse(result, BUFSIZ);
return ok;
......@@ -399,10 +373,10 @@ static int open_console(UI *ui)
CRYPTO_THREAD_write_lock(ui->lock);
is_a_tty = 1;
#if defined(OPENSSL_SYS_VXWORKS)
# if defined(OPENSSL_SYS_VXWORKS)
tty_in = stdin;
tty_out = stderr;
#elif defined(_WIN32) && !defined(_WIN32_WCE)
# elif defined(_WIN32) && !defined(_WIN32_WCE)
if ((tty_out = fopen("conout$", "w")) == NULL)
tty_out = stderr;
......@@ -413,26 +387,26 @@ static int open_console(UI *ui)
if ((tty_in = fopen("conin$", "r")) == NULL)
tty_in = stdin;
}
#else
# ifdef OPENSSL_SYS_MSDOS
# define DEV_TTY "con"
# else
# define DEV_TTY "/dev/tty"
# endif
# ifdef OPENSSL_SYS_MSDOS
# define DEV_TTY "con"
# else
# define DEV_TTY "/dev/tty"
# endif
if ((tty_in = fopen(DEV_TTY, "r")) == NULL)
tty_in = stdin;
if ((tty_out = fopen(DEV_TTY, "w")) == NULL)
tty_out = stderr;
#endif
# endif
#if defined(TTY_get) && !defined(OPENSSL_SYS_VMS)
# if defined(TTY_get) && !defined(OPENSSL_SYS_VMS)
if (TTY_get(fileno(tty_in), &tty_orig) == -1) {
# ifdef ENOTTY
# ifdef ENOTTY
if (errno == ENOTTY)
is_a_tty = 0;
else
# endif
# ifdef EINVAL
# endif
# ifdef EINVAL
/*
* Ariel Glenn ariel@columbia.edu reports that solaris can return
* EINVAL instead. This should be ok
......@@ -440,8 +414,8 @@ static int open_console(UI *ui)
if (errno == EINVAL)
is_a_tty = 0;
else
# endif
# ifdef ENODEV
# endif
# ifdef ENODEV
/*
* MacOS X returns ENODEV (Operation not supported by device),
* which seems appropriate.
......@@ -449,7 +423,7 @@ static int open_console(UI *ui)
if (errno == ENODEV)
is_a_tty = 0;
else
# endif
# endif
{
char tmp_num[10];
BIO_snprintf(tmp_num, sizeof(tmp_num) - 1, "%d", errno);
......@@ -459,8 +433,8 @@ static int open_console(UI *ui)
return 0;
}
}
#endif
#ifdef OPENSSL_SYS_VMS
# endif
# ifdef OPENSSL_SYS_VMS
status = sys$assign(&terminal, &channel, 0, 0);
/* if there isn't a TT device, something is very wrong */
......@@ -479,22 +453,22 @@ static int open_console(UI *ui)
/* If IO$_SENSEMODE doesn't work, this is not a terminal device */
if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL))
is_a_tty = 0;
#endif
# endif
return 1;
}
static int noecho_console(UI *ui)
{
#ifdef TTY_FLAGS
# ifdef TTY_FLAGS
memcpy(&(tty_new), &(tty_orig), sizeof(tty_orig));
tty_new.TTY_FLAGS &= ~ECHO;
#endif
# endif
#if defined(TTY_set) && !defined(OPENSSL_SYS_VMS)
# if defined(TTY_set) && !defined(OPENSSL_SYS_VMS)
if (is_a_tty && (TTY_set(fileno(tty_in), &tty_new) == -1))
return 0;
#endif
#ifdef OPENSSL_SYS_VMS
# endif
# ifdef OPENSSL_SYS_VMS
if (is_a_tty) {
tty_new[0] = tty_orig[0];
tty_new[1] = tty_orig[1] | TT$M_NOECHO;
......@@ -514,29 +488,29 @@ static int noecho_console(UI *ui)
return 0;
}
}
#endif
#if defined(_WIN32) && !defined(_WIN32_WCE)
# endif
# if defined(_WIN32) && !defined(_WIN32_WCE)
if (is_a_tty) {
tty_new = tty_orig;
tty_new &= ~ENABLE_ECHO_INPUT;
SetConsoleMode(GetStdHandle(STD_INPUT_HANDLE), tty_new);
}
#endif
# endif
return 1;
}
static int echo_console(UI *ui)
{
#if defined(TTY_set) && !defined(OPENSSL_SYS_VMS)
# if defined(TTY_set) && !defined(OPENSSL_SYS_VMS)
memcpy(&(tty_new), &(tty_orig), sizeof(tty_orig));
tty_new.TTY_FLAGS |= ECHO;
#endif
# endif
#if defined(TTY_set) && !defined(OPENSSL_SYS_VMS)
# if defined(TTY_set) && !defined(OPENSSL_SYS_VMS)
if (is_a_tty && (TTY_set(fileno(tty_in), &tty_new) == -1))
return 0;
#endif
#ifdef OPENSSL_SYS_VMS
# endif
# ifdef OPENSSL_SYS_VMS
if (is_a_tty) {
tty_new[0] = tty_orig[0];
tty_new[1] = tty_orig[1] & ~TT$M_NOECHO;
......@@ -556,14 +530,14 @@ static int echo_console(UI *ui)
return 0;
}
}
#endif
#if defined(_WIN32) && !defined(_WIN32_WCE)
# endif
# if defined(_WIN32) && !defined(_WIN32_WCE)
if (is_a_tty) {
tty_new = tty_orig;
tty_new |= ENABLE_ECHO_INPUT;
SetConsoleMode(GetStdHandle(STD_INPUT_HANDLE), tty_new);
}
#endif
# endif
return 1;
}
......@@ -573,7 +547,7 @@ static int close_console(UI *ui)
fclose(tty_in);
if (tty_out != stderr)
fclose(tty_out);
#ifdef OPENSSL_SYS_VMS
# ifdef OPENSSL_SYS_VMS
status = sys$dassgn(channel);
if (status != SS$_NORMAL) {
char tmp_num[12];
......@@ -583,97 +557,97 @@ static int close_console(UI *ui)
ERR_add_error_data(2, "status=", tmp_num);
return 0;
}
#endif
# endif
CRYPTO_THREAD_unlock(ui->lock);
return 1;
}
#if !defined(OPENSSL_SYS_WINCE)
# if !defined(OPENSSL_SYS_WINCE)
/* Internal functions to handle signals and act on them */
static void pushsig(void)
{
# ifndef OPENSSL_SYS_WIN32
# ifndef OPENSSL_SYS_WIN32
int i;
# endif
# ifdef SIGACTION
# endif
# ifdef SIGACTION
struct sigaction sa;
memset(&sa, 0, sizeof(sa));
sa.sa_handler = recsig;
# endif
# endif
# ifdef OPENSSL_SYS_WIN32
# ifdef OPENSSL_SYS_WIN32
savsig[SIGABRT] = signal(SIGABRT, recsig);
savsig[SIGFPE] = signal(SIGFPE, recsig);
savsig[SIGILL] = signal(SIGILL, recsig);
savsig[SIGINT] = signal(SIGINT, recsig);
savsig[SIGSEGV] = signal(SIGSEGV, recsig);
savsig[SIGTERM] = signal(SIGTERM, recsig);
# else
# else
for (i = 1; i < NX509_SIG; i++) {
# ifdef SIGUSR1
# ifdef SIGUSR1
if (i == SIGUSR1)
continue;
# endif
# ifdef SIGUSR2
# endif
# ifdef SIGUSR2
if (i == SIGUSR2)
continue;
# endif
# ifdef SIGKILL
# endif
# ifdef SIGKILL
if (i == SIGKILL) /* We can't make any action on that. */
continue;
# endif
# ifdef SIGACTION
# endif
# ifdef SIGACTION
sigaction(i, &sa, &savsig[i]);
# else
# else
savsig[i] = signal(i, recsig);
# endif
# endif
}
# endif
# endif
# ifdef SIGWINCH
# ifdef SIGWINCH
signal(SIGWINCH, SIG_DFL);
# endif
# endif
}
static void popsig(void)
{
# ifdef OPENSSL_SYS_WIN32
# ifdef OPENSSL_SYS_WIN32
signal(SIGABRT, savsig[SIGABRT]);
signal(SIGFPE, savsig[SIGFPE]);
signal(SIGILL, savsig[SIGILL]);
signal(SIGINT, savsig[SIGINT]);
signal(SIGSEGV, savsig[SIGSEGV]);
signal(SIGTERM, savsig[SIGTERM]);
# else
# else
int i;
for (i = 1; i < NX509_SIG; i++) {
# ifdef SIGUSR1
# ifdef SIGUSR1
if (i == SIGUSR1)
continue;
# endif
# ifdef SIGUSR2
# endif
# ifdef SIGUSR2
if (i == SIGUSR2)
continue;
# endif
# ifdef SIGACTION
# endif
# ifdef SIGACTION
sigaction(i, &savsig[i], NULL);
# else
# else
signal(i, savsig[i]);
# endif
# endif
}
# endif
# endif
}
static void recsig(int i)
{
intr_signal = i;
}
#endif
# endif
/* Internal functions specific for Windows */
#if defined(OPENSSL_SYS_MSDOS) && !defined(_WIN32)
# if defined(OPENSSL_SYS_MSDOS) && !defined(_WIN32)
static int noecho_fgets(char *buf, int size, FILE *tty)
{
int i;
......@@ -686,11 +660,11 @@ static int noecho_fgets(char *buf, int size, FILE *tty)
break;
}
size--;
# if defined(_WIN32)
# if defined(_WIN32)
i = _getch();
# else
# else
i = getch();
# endif
# endif
if (i == '\r')
i = '\n';
*(p++) = i;
......@@ -699,7 +673,7 @@ static int noecho_fgets(char *buf, int size, FILE *tty)
break;
}
}
# ifdef WIN_CONSOLE_BUG
# ifdef WIN_CONSOLE_BUG
/*
* Win95 has several evil console bugs: one of these is that the last
* character read using getch() is passed to the next read: this is
......@@ -711,7 +685,41 @@ static int noecho_fgets(char *buf, int size, FILE *tty)
inh = GetStdHandle(STD_INPUT_HANDLE);
FlushConsoleInputBuffer(inh);
}
# endif
# endif
return (strlen(buf));
}
# endif
static UI_METHOD ui_openssl = {
"OpenSSL default user interface",
open_console,
write_string,
NULL, /* No flusher is needed for command lines */
read_string,
close_console,
NULL
};
/* The method with all the built-in console thingies */
UI_METHOD *UI_OpenSSL(void)
{
return &ui_openssl;
}
static const UI_METHOD *default_UI_meth = &ui_openssl;
#else
static const UI_METHOD *default_UI_meth = NULL;
#endif
void UI_set_default_method(const UI_METHOD *meth)
{
default_UI_meth = meth;
}
const UI_METHOD *UI_get_default_method(void)
{
return default_UI_meth;
}
include/openssl/evp.h
浏览文件 @ 48feaceb
......@@ -546,13 +546,11 @@ __owur int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
__owur int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md,
unsigned int *s);
#ifndef OPENSSL_NO_UI
int EVP_read_pw_string(char *buf, int length, const char *prompt, int verify);
int EVP_read_pw_string_min(char *buf, int minlen, int maxlen,
const char *prompt, int verify);
void EVP_set_pw_prompt(const char *prompt);
char *EVP_get_pw_prompt(void);
#endif
__owur int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
const unsigned char *salt,
......
include/openssl/ui.h
浏览文件 @ 48feaceb
......@@ -12,19 +12,24 @@
# include <openssl/opensslconf.h>
# ifndef OPENSSL_NO_UI
# if OPENSSL_API_COMPAT < 0x10100000L
# include <openssl/crypto.h>
# if OPENSSL_API_COMPAT < 0x10100000L
# include <openssl/crypto.h>
# endif
# include <openssl/safestack.h>
# include <openssl/pem.h>
# include <openssl/ossl_typ.h>
# include <openssl/uierr.h>
/* For compatibility reasons, the macro OPENSSL_NO_UI is currently retained */
# if OPENSSL_API_COMPAT < 0x10200000L
# ifdef OPENSSL_NO_UI_CONSOLE
# define OPENSSL_NO_UI
# endif
# include <openssl/safestack.h>
# include <openssl/pem.h>
# include <openssl/ossl_typ.h>
# include <openssl/uierr.h>
# endif
#ifdef __cplusplus
# ifdef __cplusplus
extern "C" {
#endif
# endif
/*
* All the following functions return -1 or NULL on error and in some cases
......@@ -112,7 +117,7 @@ int UI_dup_error_string(UI *ui, const char *text);
* each UI being marked with this flag, or the application might get
* confused.
*/
# define UI_INPUT_FLAG_DEFAULT_PWD 0x02
# define UI_INPUT_FLAG_DEFAULT_PWD 0x02
/*-
* The user of these routines may want to define flags of their own. The core
......@@ -124,7 +129,7 @@ int UI_dup_error_string(UI *ui, const char *text);
* #define MY_UI_FLAG1 (0x01 << UI_INPUT_FLAG_USER_BASE)
*
*/
# define UI_INPUT_FLAG_USER_BASE 16
# define UI_INPUT_FLAG_USER_BASE 16
/*-
* The following function helps construct a prompt. object_desc is a
......@@ -187,7 +192,7 @@ int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f) (void));
* OpenSSL error stack before printing any info or added error messages and
* before any prompting.
*/
# define UI_CTRL_PRINT_ERRORS 1
# define UI_CTRL_PRINT_ERRORS 1
/*
* Check if a UI_process() is possible to do again with the same instance of
* a user interface. This makes UI_ctrl() return 1 if it is redoable, and 0
......@@ -199,7 +204,7 @@ int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f) (void));
# define UI_set_app_data(s,arg) UI_set_ex_data(s,0,arg)
# define UI_get_app_data(s) UI_get_ex_data(s,0)
#define UI_get_ex_new_index(l, p, newf, dupf, freef) \
# define UI_get_ex_new_index(l, p, newf, dupf, freef) \
CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_UI, l, p, newf, dupf, freef)
int UI_set_ex_data(UI *r, int idx, void *arg);
void *UI_get_ex_data(UI *r, int idx);
......@@ -210,9 +215,13 @@ const UI_METHOD *UI_get_default_method(void);
const UI_METHOD *UI_get_method(UI *ui);
const UI_METHOD *UI_set_method(UI *ui, const UI_METHOD *meth);
# ifndef OPENSSL_NO_UI_CONSOLE
/* The method with all the built-in thingies */
UI_METHOD *UI_OpenSSL(void);
# endif
/*
* NULL method. Literally does nothing, but may serve as a placeholder
* to avoid internal default.
......@@ -351,8 +360,7 @@ UI_METHOD *UI_UTIL_wrap_read_pem_callback(pem_password_cb *cb, int rwflag);
int ERR_load_UI_strings(void);
# ifdef __cplusplus
# ifdef __cplusplus
}
# endif
# endif
#endif
test/uitest.c
浏览文件 @ 48feaceb
......@@ -17,8 +17,7 @@
/* apps/apps.c depend on these */
char *default_config_file = NULL;
#ifndef OPENSSL_NO_UI
# include <openssl/ui.h>
#include <openssl/ui.h>
/* Old style PEM password callback */
static int test_pem_password_cb(char *buf, int size, int rwflag, void *userdata)
......@@ -89,12 +88,8 @@ static int test_new_ui()
return ok;
}
#endif
void register_tests(void)
{
#ifndef OPENSSL_NO_UI
ADD_TEST(test_old);
ADD_TEST(test_new_ui);
#endif
}
util/libcrypto.num
浏览文件 @ 48feaceb
此差异已折叠。
util/mkdef.pl
浏览文件 @ 48feaceb
......@@ -127,7 +127,7 @@ my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF",
# Unit testing
"UNIT_TEST",
# User Interface
"UI",
"UI_CONSOLE",
#
"TS",
# OCB mode
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册