Hello, Regarding openssl 0.9.7:
When using OPENSSL_DES_LIBDES_COMPATIBILITY, I noticed that `des_read_pw_string' was not functioning. I tracked this down to a bug in crypto/ui/ui_lib.c:general_allocate_string(). Callers of general_allocate_string (including ultimately UI_UTIL_read_pw, which is used to implement des_read_pw_string) expect it to return 0 for success, or non-zero for failure. However, the return code is mishandled here: 164 static int general_allocate_string(UI *ui, const char *prompt, [...] 168 int ret = -1; [...] 179 ret=sk_UI_STRING_push(ui->strings, s); 180 /* sk_push() returns 0 on error. Let's addapt that */ 181 if (ret <= 0) ret--; sk_UI_STRING_push returns 0 on error, or a positive integer for success. Therefore, if sk_UI_STRING_push succeeds, general_allocate_string returns a positive integer, which does not match what callers expect. This is the simple fix I applied locally (note the same issue exists in general_allocate_boolean). --- ui_lib.c Wed Dec 4 18:04:40 2002 +++ ui_lib.c Sun Jan 12 09:04:16 2003 @@ -178,7 +178,7 @@ s->_.string_data.test_buf=test_buf; ret=sk_UI_STRING_push(ui->strings, s); /* sk_push() returns 0 on error. Let's addapt that */ - if (ret <= 0) ret--; + ret = (ret == 0) ? -1 : 0; } else free_string(s); @@ -228,7 +228,7 @@ ret=sk_UI_STRING_push(ui->strings, s); /* sk_push() returns 0 on error. Let's addapt that */ - if (ret <= 0) ret--; + ret = (ret == 0) ? -1 : 0; } else free_string(s); Cheers, -- Jacques A. Vidrine <[EMAIL PROTECTED]> http://www.celabo.org/ NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos [EMAIL PROTECTED] . [EMAIL PROTECTED] . [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]