The branch master has been updated via b7f7a15f6ace4e6e25f8222a9996159582983aa8 (commit) from b594a227178ccd812e5bb196bcb59ebc52d538ab (commit)
- Log ----------------------------------------------------------------- commit b7f7a15f6ace4e6e25f8222a9996159582983aa8 Author: Richard Levitte <levi...@openssl.org> Date: Wed Apr 28 09:50:42 2021 +0200 STORE: Fix the repeated prompting of passphrase OSSL_STORE's loading function could prompt repeatedly for the same passphrase. It turns out that OSSL_STORE_load() wasn't caching the passphrase properly. Fixed in this change. Reviewed-by: Paul Dale <pa...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15064) ----------------------------------------------------------------------- Summary of changes: crypto/store/store_lib.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/crypto/store/store_lib.c b/crypto/store/store_lib.c index 134207d5c2..1a62d7f6ff 100644 --- a/crypto/store/store_lib.c +++ b/crypto/store/store_lib.c @@ -135,7 +135,8 @@ OSSL_STORE_open_ex(const char *uri, OSSL_LIB_CTX *libctx, const char *propq, } if (ui_method != NULL - && !ossl_pw_set_ui_method(&ctx->pwdata, ui_method, ui_data)) { + && (!ossl_pw_set_ui_method(&ctx->pwdata, ui_method, ui_data) + || !ossl_pw_enable_passphrase_caching(&ctx->pwdata))) { ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_CRYPTO_LIB); goto err; } @@ -413,6 +414,9 @@ OSSL_STORE_INFO *OSSL_STORE_load(OSSL_STORE_CTX *ctx) goto again; } + /* Clear any internally cached passphrase */ + (void)ossl_pw_clear_passphrase_cache(&ctx->pwdata); + if (v != NULL && ctx->expected_type != 0) { int returned_type = OSSL_STORE_INFO_get_type(v);