The branch master has been updated via 931d5b4b27fcc907e3ff4d4328c59a5f285a44fb (commit) via 68f9d9223b247f5c6e50bf66f405bc2fb09295cf (commit) via e50b81c932e7f0a5a742631215865ff66116366e (commit) from 6955e3f7e0574a1f4bf373ba7e8940591b0138ed (commit)
- Log ----------------------------------------------------------------- commit 931d5b4b27fcc907e3ff4d4328c59a5f285a44fb Author: Dr. David von Oheimb <david.von.ohe...@siemens.com> Date: Tue Nov 24 16:16:08 2020 +0100 apps/cmp.c: fix crash with -batch option on OPENSSL_NO_UI_CONSOLE Also make clear we cannot use get_ui_method() at this point. Fixes #13494 Reviewed-by: Matt Caswell <m...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13497) commit 68f9d9223b247f5c6e50bf66f405bc2fb09295cf Author: Dr. David von Oheimb <david.von.ohe...@siemens.com> Date: Wed Nov 25 11:36:27 2020 +0100 apps/cmp.c: Improve description of key loaded due to -newkew option Reviewed-by: Matt Caswell <m...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13497) commit e50b81c932e7f0a5a742631215865ff66116366e Author: Dr. David von Oheimb <david.von.ohe...@siemens.com> Date: Tue Nov 24 16:16:57 2020 +0100 re-encrypt 81-test_cmp_cli_data/Mock/signer.p12 with AES-256-CBC (avoiding DES) Fixes #13494 Reviewed-by: Matt Caswell <m...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13497) ----------------------------------------------------------------------- Summary of changes: apps/cmp.c | 12 +++++------- apps/include/apps_ui.h | 2 +- apps/lib/apps_ui.c | 2 +- test/recipes/81-test_cmp_cli_data/Mock/signer.p12 | Bin 5341 -> 5475 bytes 4 files changed, 7 insertions(+), 9 deletions(-) diff --git a/apps/cmp.c b/apps/cmp.c index ccb61ab497..17173374df 100644 --- a/apps/cmp.c +++ b/apps/cmp.c @@ -1609,12 +1609,13 @@ static int setup_request_ctx(OSSL_CMP_CTX *ctx, ENGINE *engine) const char *file = opt_newkey; const int format = opt_keyform; const char *pass = opt_newkeypass; - const char *desc = "new private or public key for cert to be enrolled"; - EVP_PKEY *pkey = load_key_pwd(file, format, pass, engine, NULL); + const char *desc = "new private key for cert to be enrolled"; + EVP_PKEY *pkey = load_key_pwd(file, format, pass, engine, desc); int priv = 1; if (pkey == NULL) { ERR_clear_error(); + desc = "fallback public key for cert to be enrolled"; pkey = load_pubkey(file, format, 0, pass, engine, desc); priv = 0; } @@ -2697,13 +2698,10 @@ int cmp_main(int argc, char **argv) ret = 0; if (opt_batch) { - UI_METHOD *ui_fallback_method; #ifndef OPENSSL_NO_UI_CONSOLE - ui_fallback_method = UI_OpenSSL(); -#else - ui_fallback_method = (UI_METHOD *)UI_null(); + UI_method_set_reader(UI_OpenSSL(), NULL); + /* can't change get_ui_method() here as load_key_certs_crls() uses it */ #endif - UI_method_set_reader(ui_fallback_method, NULL); } if (opt_engine != NULL) diff --git a/apps/include/apps_ui.h b/apps/include/apps_ui.h index 67d61e1396..59a82d5ecb 100644 --- a/apps/include/apps_ui.h +++ b/apps/include/apps_ui.h @@ -21,7 +21,7 @@ int password_callback(char *buf, int bufsiz, int verify, PW_CB_DATA *cb_data); int setup_ui_method(void); void destroy_ui_method(void); -const UI_METHOD *get_ui_method(void); +UI_METHOD *get_ui_method(void); extern BIO *bio_err; diff --git a/apps/lib/apps_ui.c b/apps/lib/apps_ui.c index 880e9a4f6d..6c8c3de196 100644 --- a/apps/lib/apps_ui.c +++ b/apps/lib/apps_ui.c @@ -136,7 +136,7 @@ void destroy_ui_method(void) } } -const UI_METHOD *get_ui_method(void) +UI_METHOD *get_ui_method(void) { return ui_method; } diff --git a/test/recipes/81-test_cmp_cli_data/Mock/signer.p12 b/test/recipes/81-test_cmp_cli_data/Mock/signer.p12 index 6eab305fde..5bbb1e205f 100644 Binary files a/test/recipes/81-test_cmp_cli_data/Mock/signer.p12 and b/test/recipes/81-test_cmp_cli_data/Mock/signer.p12 differ