Remove the possibility to disable the UI module entirely (48feaceb) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

CHANGES

+11 −0

Original line number	Diff line number	Diff line
		@@ -9,6 +9,17 @@

		Changes between 1.1.0f and 1.1.1 [xx XXX xxxx]

		*) The UI API becomes a permanent and integral part of libcrypto, i.e.
		not possible to disable entirely. However, it's still possible to
		disable the console reading UI method, UI_OpenSSL() (use UI_null()
		as a fallback).

		To disable, configure with 'no-ui-console'. 'no-ui' is still
		possible to use as an alias. Check at compile time with the
		macro OPENSSL_NO_UI_CONSOLE. The macro OPENSSL_NO_UI is still
		possible to check and is an alias for OPENSSL_NO_UI_CONSOLE.
		[Richard Levitte]

		*) Add a STORE module, which implements a uniform and URI based reader of
		stores that can contain keys, certificates, CRLs and numerous other
		objects. The main API is loosely based on a few stdio functions,

Configure

+3 −2

Original line number	Diff line number	Diff line
		@@ -406,7 +406,7 @@ my @disablables = (
		"tls13downgrade",
		"ts",
		"ubsan",
		"ui",
		"ui-console",
		"unit-test",
		"whirlpool",
		"weak-ssl-ciphers",
		@@ -422,7 +422,8 @@ foreach my $proto ((@tls, @dtls))
		my %deprecated_disablables = (
		"ssl2" => undef,
		"buf-freelists" => undef,
		"ripemd" => "rmd160"
		"ripemd" => "rmd160",
		"ui" => "ui-console",
		);

		# All of the following is disabled by default (RC5 was enabled before 0.9.8):

apps/apps.c

+29 −19

Original line number	Diff line number	Diff line
		@@ -56,9 +56,8 @@ typedef struct {
		unsigned long mask;
		} NAME_EX_TBL;

		#if !defined(OPENSSL_NO_UI) \|\| !defined(OPENSSL_NO_ENGINE)
		static UI_METHOD *ui_method = NULL;
		#endif
		static const UI_METHOD *ui_fallback_method = NULL;

		static int set_table_opts(unsigned long flags, const char arg,
		const NAME_EX_TBL * in_tbl);
		@@ -176,14 +175,19 @@ int dump_cert_text(BIO out, X509 x)
		return 0;
		}

		#ifndef OPENSSL_NO_UI
		static int ui_open(UI *ui)
		{
		return UI_method_get_opener(UI_OpenSSL())(ui);
		int (opener)(UI ui) = UI_method_get_opener(ui_fallback_method);

		if (opener)
		return opener(ui);
		return 1;
		}

		static int ui_read(UI ui, UI_STRING uis)
		{
		int (reader)(UI ui, UI_STRING *uis) = NULL;

		if (UI_get_input_flags(uis) & UI_INPUT_FLAG_DEFAULT_PWD
		&& UI_get0_user_data(ui)) {
		switch (UI_get_string_type(uis)) {
		@@ -205,11 +209,17 @@ static int ui_read(UI ui, UI_STRING uis)
		break;
		}
		}
		return UI_method_get_reader(UI_OpenSSL())(ui, uis);

		reader = UI_method_get_reader(ui_fallback_method);
		if (reader)
		return reader(ui, uis);
		return 1;
		}

		static int ui_write(UI ui, UI_STRING uis)
		{
		int (writer)(UI ui, UI_STRING *uis) = NULL;

		if (UI_get_input_flags(uis) & UI_INPUT_FLAG_DEFAULT_PWD
		&& UI_get0_user_data(ui)) {
		switch (UI_get_string_type(uis)) {
		@@ -229,16 +239,28 @@ static int ui_write(UI ui, UI_STRING uis)
		break;
		}
		}
		return UI_method_get_writer(UI_OpenSSL())(ui, uis);

		writer = UI_method_get_reader(ui_fallback_method);
		if (writer)
		return writer(ui, uis);
		return 1;
		}

		static int ui_close(UI *ui)
		{
		return UI_method_get_closer(UI_OpenSSL())(ui);
		int (closer)(UI ui) = UI_method_get_closer(ui_fallback_method);

		if (closer)
		return closer(ui);
		return 1;
		}

		int setup_ui_method(void)
		{
		ui_fallback_method = UI_null();
		#ifndef OPENSSL_NO_UI_CONSOLE
		ui_fallback_method = UI_OpenSSL();
		#endif
		ui_method = UI_create_method("OpenSSL application user interface");
		UI_method_set_opener(ui_method, ui_open);
		UI_method_set_reader(ui_method, ui_read);
		@@ -259,24 +281,13 @@ const UI_METHOD *get_ui_method(void)
		{
		return ui_method;
		}
		#endif

		int password_callback(char buf, int bufsiz, int verify, PW_CB_DATA cb_tmp)
		{
		int res = 0;
		#ifndef OPENSSL_NO_UI
		UI *ui = NULL;
		#endif
		PW_CB_DATA cb_data = (PW_CB_DATA )cb_tmp;

		#ifdef OPENSSL_NO_UI
		if (cb_data != NULL && cb_data->password != NULL) {
		res = strlen(cb_data->password);
		if (res > bufsiz)
		res = bufsiz;
		memcpy(buf, cb_data->password, res);
		}
		#else
		ui = UI_new_method(ui_method);
		if (ui) {
		int ok = 0;
		@@ -331,7 +342,6 @@ int password_callback(char buf, int bufsiz, int verify, PW_CB_DATA cb_tmp)
		UI_free(ui);
		OPENSSL_free(prompt);
		}
		#endif
		return res;
		}

apps/enc.c

+1 −1

Original line number	Diff line number	Diff line
		@@ -308,7 +308,7 @@ int enc_main(int argc, char **argv)

		if ((str == NULL) && (cipher != NULL) && (hkey == NULL)) {
		if (1) {
		#ifndef OPENSSL_NO_UI
		#ifndef OPENSSL_NO_UI_CONSOLE
		for (;;) {
		char prompt[200];

apps/openssl.c

+0 −4

Original line number	Diff line number	Diff line
		@@ -70,18 +70,14 @@ static int apps_startup()
		\| OPENSSL_INIT_LOAD_CONFIG, NULL))
		return 0;

		#ifndef OPENSSL_NO_UI
		setup_ui_method();
		#endif

		return 1;
		}

		static void apps_shutdown()
		{
		#ifndef OPENSSL_NO_UI
		destroy_ui_method();
		#endif
		}

		static char *make_config_name()