prompting, application-defined prompts, the possibility to use
defaults (for example default passwords from somewhere else) and
interrupts/cancelations.

everywhere.

PR:

Submitted by:
Reviewed by:
PR:

In the new crypto/ui/, this was changed into tty (which is usually
/dev/tty), i.e. the FILE * used for reading passwords from the user.
However stdio buffering for read/write streams is not without pitfalls
(passwords would be echoed on some systems).
To avoid problems, split tty into tty_in and tty_out (which are
opened separately).

Spotted by Nalin Dahyabhai <nalin@redhat.com>

_XOPEN_SOURCE.

(for new functions...).  One might still want to be able to pass down
a user-data pointer to be used by the UI.  However, ex_data doesn't
quite cut it, since that means the appropriate index to it might need
to be shared between parts that aren't really related in that sense,
and would require the currently hidden (static) index holders to be
uncovered.  Not a good thing.  Therefore, add the possibility to add a
user-data pointer to a UI.

(The attack against SSL 3.1 and TLS 1.0 is impractical anyway,
otherwise this would be a security relevant patch.)

links.

a bit of weird code in sk_new.

Submitted by:
Reviewed by:
PR:

string (some engines may have certificates protected by a PIN!) and
a description to put into error messages.

Also, have our own password callback that we can send both a password
and some prompt info to.  The default password callback in EVP assumes
that the passed parameter is a password, which isn't always the right
thing, and the ENGINE code (at least the nCipher one) makes other
assumptions...

Also, in spite of having the functions to load keys, some utilities
did the loading all by themselves...  That's changed too.