[openssl-commits] [openssl] master update
Matt Caswell
matt at openssl.org
Wed Mar 2 17:18:22 UTC 2016
The branch master has been updated
via 0c452abc162d348876e136979230a06d0d83641b (commit)
from fdfb8c848679d74fd492e3b306500f2da0570c17 (commit)
- Log -----------------------------------------------------------------
commit 0c452abc162d348876e136979230a06d0d83641b
Author: Christian Heimes <cheimes at redhat.com>
Date: Wed Mar 2 12:53:40 2016 +0100
Provide getters for default_passwd_cb and userdata
This patch provides getters for default_passwd_cb and userdata for SSL
and SSL_CTX. The getter functions are required to port Python's ssl module
to OpenSSL 1.1.0.
Reviewed-by: Richard Levitte <levitte at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
-----------------------------------------------------------------------
Summary of changes:
doc/ssl/SSL_CTX_set_default_passwd_cb.pod | 30 ++++++++++++++++++++++++++----
include/openssl/ssl.h | 4 ++++
ssl/ssl_lib.c | 20 ++++++++++++++++++++
util/ssleay.num | 4 ++++
4 files changed, 54 insertions(+), 4 deletions(-)
diff --git a/doc/ssl/SSL_CTX_set_default_passwd_cb.pod b/doc/ssl/SSL_CTX_set_default_passwd_cb.pod
index 452737f..45a4311 100644
--- a/doc/ssl/SSL_CTX_set_default_passwd_cb.pod
+++ b/doc/ssl/SSL_CTX_set_default_passwd_cb.pod
@@ -3,8 +3,10 @@
=head1 NAME
SSL_CTX_set_default_passwd_cb, SSL_CTX_set_default_passwd_cb_userdata,
-SSL_set_default_passwd_cb, SSL_set_default_passwd_cb_userdata - set passwd
-callback for encrypted PEM file handling
+SSL_CTX_get_default_passwd_cb, SSL_CTX_get_default_passwd_cb_userdata,
+SSL_set_default_passwd_cb, SSL_set_default_passwd_cb_userdata,
+SSL_get_default_passwd_cb, SSL_get_default_passwd_cb_userdata - set or
+get passwd callback for encrypted PEM file handling
=head1 SYNOPSIS
@@ -12,8 +14,13 @@ callback for encrypted PEM file handling
void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb);
void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u);
+ pem_password_cb *SSL_CTX_get_default_passwd_cb(SSL_CTX *ctx);
+ void *SSL_CTX_get_default_passwd_cb_userdata(SSL_CTX *ctx);
+
void SSL_set_default_passwd_cb(SSL *s, pem_password_cb *cb);
void SSL_set_default_passwd_cb_userdata(SSL *s, void *u);
+ pem_password_cb *SSL_get_default_passwd_cb(SSL *s);
+ void *SSL_get_default_passwd_cb_userdata(SSL *s);
int pem_passwd_cb(char *buf, int size, int rwflag, void *userdata);
@@ -25,8 +32,17 @@ when loading/storing a PEM certificate with encryption.
SSL_CTX_set_default_passwd_cb_userdata() sets a pointer to B<userdata> which
will be provided to the password callback on invocation.
-SSL_set_default_passwd_cb() and SSL_set_default_passwd_cb_userdata() perform the
-same function as their SSL_CTX counterparts, but using an SSL object.
+SSL_CTX_get_default_passwd_cb() returns a function pointer to the password
+callback currently set in B<ctx>. If no callback was explicitly set, the
+NULL pointer is returned.
+
+SSL_CTX_get_default_passwd_cb_userdata() returns a pointer to B<userdata>
+currently set in B<ctx>. If no userdata was explicitly set, the NULL pointer
+is returned.
+
+SSL_set_default_passwd_cb(), SSL_set_default_passwd_cb_userdata(),
+SSL_get_default_passwd_cb() and SSL_get_default_passwd_cb_userdata() perform
+the same function as their SSL_CTX counterparts, but using an SSL object.
The pem_passwd_cb(), which must be provided by the application, hands back the
password to be used during decryption. On invocation a pointer to B<userdata>
@@ -74,6 +90,12 @@ truncated.
return(strlen(buf));
}
+=head1 HISTORY
+
+SSL_CTX_get_default_passwd_cb(), SSL_CTX_get_default_passwd_cb_userdata(),
+SSL_set_default_passwd_cb() and SSL_set_default_passwd_cb_userdata() were
+first added to OpenSSL 1.1.0
+
=head1 SEE ALSO
L<ssl(3)>,
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index f6d2813..c9119e3 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -1527,8 +1527,12 @@ __owur int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len,
void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb);
void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u);
+pem_password_cb *SSL_CTX_get_default_passwd_cb(SSL_CTX *ctx);
+void *SSL_CTX_get_default_passwd_cb_userdata(SSL_CTX *ctx);
void SSL_set_default_passwd_cb(SSL *s, pem_password_cb *cb);
void SSL_set_default_passwd_cb_userdata(SSL *s, void *u);
+pem_password_cb *SSL_get_default_passwd_cb(SSL *s);
+void *SSL_get_default_passwd_cb_userdata(SSL *s);
__owur int SSL_CTX_check_private_key(const SSL_CTX *ctx);
__owur int SSL_check_private_key(const SSL *ctx);
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 359b58b..98489a1 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -2474,6 +2474,16 @@ void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u)
ctx->default_passwd_callback_userdata = u;
}
+pem_password_cb *SSL_CTX_get_default_passwd_cb(SSL_CTX *ctx)
+{
+ return ctx->default_passwd_callback;
+}
+
+void *SSL_CTX_get_default_passwd_cb_userdata(SSL_CTX *ctx)
+{
+ return ctx->default_passwd_callback_userdata;
+}
+
void SSL_set_default_passwd_cb(SSL *s, pem_password_cb *cb)
{
s->default_passwd_callback = cb;
@@ -2484,6 +2494,16 @@ void SSL_set_default_passwd_cb_userdata(SSL *s, void *u)
s->default_passwd_callback_userdata = u;
}
+pem_password_cb *SSL_get_default_passwd_cb(SSL *s)
+{
+ return s->default_passwd_callback;
+}
+
+void *SSL_get_default_passwd_cb_userdata(SSL *s)
+{
+ return s->default_passwd_callback_userdata;
+}
+
void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx,
int (*cb) (X509_STORE_CTX *, void *),
void *arg)
diff --git a/util/ssleay.num b/util/ssleay.num
index ed7606a..b4b01fa 100755
--- a/util/ssleay.num
+++ b/util/ssleay.num
@@ -418,3 +418,7 @@ DTLSv1_listen 473 1_1_0 EXIST::FUNCTION:
SSL_get0_verified_chain 474 1_1_0 EXIST::FUNCTION:
OPENSSL_init_ssl 475 1_1_0 EXIST::FUNCTION:
SSL_get_changed_async_fds 476 1_1_0 EXIST::FUNCTION:
+SSL_get_default_passwd_cb_userdata 477 1_1_0 EXIST::FUNCTION:
+SSL_get_default_passwd_cb 478 1_1_0 EXIST::FUNCTION:
+SSL_CTX_get_default_passwd_cb_userdata 479 1_1_0 EXIST::FUNCTION:
+SSL_CTX_get_default_passwd_cb 480 1_1_0 EXIST::FUNCTION:
More information about the openssl-commits
mailing list