[openssl-commits] [openssl] OpenSSL_1_1_0-stable update

[Richard Levitte]

The branch OpenSSL_1_1_0-stable has been updated
       via  50d06d1c7d2682b0042e921a76beb509d7ea68e1 (commit)
       via  e4b47f7f19392e3be604e44f6999de2bc9e7ecf3 (commit)
      from  7b3e775a6a78650bbd3e8e19a5aa12981880402b (commit)


- Log -----------------------------------------------------------------
commit 50d06d1c7d2682b0042e921a76beb509d7ea68e1
Author: Nick Mathewson <nickm at torproject.org>
Date:   Thu May 24 15:23:15 2018 -0400

    Improve the example getpass() implementation to show an error return
    
    Also, modernize the code, so that it isn't trying to store a size_t
    into an int, and then check the int's sign. :/
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/6271)
    
    (cherry picked from commit c8c250333cd254ab3f4d709ebc5ed86a7c065721)

commit e4b47f7f19392e3be604e44f6999de2bc9e7ecf3
Author: Nick Mathewson <nickm at torproject.org>
Date:   Wed May 16 11:07:48 2018 -0400

    Update documentation for PEM callback: error is now -1.
    
    In previous versions of OpenSSL, the documentation for PEM_read_*
    said:
    
       The callback B<must> return the number of characters in the
       passphrase or 0 if an error occurred.
    
    But since c82c3462267afdbbaa5, 0 is now treated as a non-error
    return value.  Applications that want to indicate an error need to
    return -1 instead.
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/6271)
    
    (cherry picked from commit bbbf752a3c8b5a966bcb48fc71a3dc03832e7b27)

-----------------------------------------------------------------------

Summary of changes:
 doc/crypto/PEM_read_bio_PrivateKey.pod | 13 ++++++-------
 1 file changed, 6 insertions(+), 7 deletions(-)

diff --git a/doc/crypto/PEM_read_bio_PrivateKey.pod b/doc/crypto/PEM_read_bio_PrivateKey.pod
index 6b3006e..f8d1d1a 100644
--- a/doc/crypto/PEM_read_bio_PrivateKey.pod
+++ b/doc/crypto/PEM_read_bio_PrivateKey.pod
@@ -294,7 +294,7 @@ for it twice) if B<rwflag> is 1. The B<u> parameter has the same
 value as the B<u> parameter passed to the PEM routine. It allows
 arbitrary data to be passed to the callback by the application
 (for example a window handle in a GUI application). The callback
-B<must> return the number of characters in the passphrase or 0 if
+B<must> return the number of characters in the passphrase or -1 if
 an error occurred.
 
 =head1 EXAMPLES
@@ -348,17 +348,16 @@ Skeleton pass phrase callback:
 
  int pass_cb(char *buf, int size, int rwflag, void *u)
  {
-     int len;
-     char *tmp;
 
      /* We'd probably do something else if 'rwflag' is 1 */
      printf("Enter pass phrase for \"%s\"\n", (char *)u);
 
      /* get pass phrase, length 'len' into 'tmp' */
-     tmp = "hello";
-     len = strlen(tmp);
-     if (len <= 0)
-         return 0;
+     char *tmp = "hello";
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
 
      if (len > size)
          len = size;