diff options
| author | Nick Mathewson <nickm@torproject.org> | 2018-05-16 11:39:42 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2018-05-16 11:39:42 -0400 |
| commit | 881f7157f648eb8a39e5dfd3efb95951ee7ac215 (patch) | |
| tree | d9c9d0fe0fb554fa6510b9be598708bcd5641d6f /src | |
| parent | 033e4723f3651062779ff64a619ec526950857f5 (diff) | |
| download | tor-881f7157f648eb8a39e5dfd3efb95951ee7ac215.tar.gz tor-881f7157f648eb8a39e5dfd3efb95951ee7ac215.zip | |
Return -1 from our PEM password callback
Apparently, contrary to its documentation, this is how OpenSSL now
wants us to report an error.
Fixes bug 26116; bugfix on 0.2.5.16.
Diffstat (limited to 'src')
| -rw-r--r-- | src/common/crypto.c | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/src/common/crypto.c b/src/common/crypto.c index 39c8cc2b0a..f8495bb107 100644 --- a/src/common/crypto.c +++ b/src/common/crypto.c @@ -653,7 +653,12 @@ pem_no_password_cb(char *buf, int size, int rwflag, void *u) (void)size; (void)rwflag; (void)u; - return 0; + /* The openssl documentation says that a callback "must" return 0 if an + * error occurred. But during the 1.1.1 series (commit c82c3462267afdbbaa5 + * they changed the interpretation so that 0 indicates an empty password and + * -1 indicates an error. We want to reject any encrypted PEM buffers, so we + * return -1. This will work on older OpenSSL versions and LibreSSL too. */ + return -1; } /** Read a PEM-encoded private key from the <b>len</b>-byte string <b>s</b> |