Fix: PEM_read_bio_PrivateKey with no-ui / no-stdio

If openssl is compiled with no-ui or no-stdio, then PEM_read_bio_PrivateKey fails if a password but no callback is provided. The reason is that the premature return in the PEM_def_callback implementation when OPENSSL_NO_STDIO or OPENSSL_NO_UI is defined, comes too early. This patch moves the ifdef block to the correct place. Reviewed-by: N Matt Caswell <matt@openssl.org> Reviewed-by: N Rich Salz <rsalz@openssl.org>

Fix: PEM_read_bio_PrivateKey with no-ui / no-stdio
If openssl is compiled with no-ui or no-stdio, then PEM_read_bio_PrivateKey fails if a password but no callback is provided. The reason is that the premature return in the PEM_def_callback implementation when OPENSSL_NO_STDIO or OPENSSL_NO_UI is defined, comes too early. This patch moves the ifdef block to the correct place. Reviewed-by: N Matt Caswell <matt@openssl.org> Reviewed-by: N Rich Salz <rsalz@openssl.org>
b01e1644 · Mat · Rich Salz · 80c630f6 · b01e1644
隐藏空白更改
内联并排

Showing with 7 addition and 7 deletion

crypto/pem/pem_lib.c crypto/pem/pem_lib.c +7 -7

未找到文件。
--- a/crypto/pem/pem_lib.c
+++ b/crypto/pem/pem_lib.c
@@ -30,13 +30,6 @@ int pem_check_suffix(const char *pem_str, const char *suffix);

 int PEM_def_callback(char *buf, int num, int w, void *key)
 {
-#if defined(OPENSSL_NO_STDIO) || defined(OPENSSL_NO_UI)
-    /*
-     * We should not ever call the default callback routine from windows.
-     */
-    PEMerr(PEM_F_PEM_DEF_CALLBACK, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-    return (-1);
-#else
    int i, j;
    const char *prompt;
    if (key) {
@@ -46,6 +39,13 @@ int PEM_def_callback(char *buf, int num, int w, void *key)
        return (i);
    }

+#if defined(OPENSSL_NO_STDIO) || defined(OPENSSL_NO_UI)
+    /*
+     * We should not ever call the default callback routine from windows.
+     */
+    PEMerr(PEM_F_PEM_DEF_CALLBACK, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+    return (-1);
+#else
    prompt = EVP_get_pw_prompt();
    if (prompt == NULL)
        prompt = "Enter PEM pass phrase:";