STORE: Fix the repeated prompting of passphrase

OSSL_STORE's loading function could prompt repeatedly for the same passphrase. It turns out that OSSL_STORE_load() wasn't caching the passphrase properly. Fixed in this change. Reviewed-by: N Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15064)

STORE: Fix the repeated prompting of passphrase
OSSL_STORE's loading function could prompt repeatedly for the same passphrase. It turns out that OSSL_STORE_load() wasn't caching the passphrase properly. Fixed in this change. Reviewed-by: N Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15064)
b7f7a15f · Richard Levitte · b594a227 · b7f7a15f
隐藏空白更改
内联并排

Showing with 5 addition and 1 deletion

crypto/store/store_lib.c crypto/store/store_lib.c +5 -1

未找到文件。
--- a/crypto/store/store_lib.c
+++ b/crypto/store/store_lib.c
@@ -135,7 +135,8 @@ OSSL_STORE_open_ex(const char *uri, OSSL_LIB_CTX *libctx, const char *propq,
    }

    if (ui_method != NULL
-        && !ossl_pw_set_ui_method(&ctx->pwdata, ui_method, ui_data)) {
+        && (!ossl_pw_set_ui_method(&ctx->pwdata, ui_method, ui_data)
+            || !ossl_pw_enable_passphrase_caching(&ctx->pwdata))) {
        ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_CRYPTO_LIB);
        goto err;
    }
@@ -413,6 +414,9 @@ OSSL_STORE_INFO *OSSL_STORE_load(OSSL_STORE_CTX *ctx)
            goto again;
    }

+    /* Clear any internally cached passphrase */
+    (void)ossl_pw_clear_passphrase_cache(&ctx->pwdata);
+
    if (v != NULL && ctx->expected_type != 0) {
        int returned_type = OSSL_STORE_INFO_get_type(v);