[openssl-commits] [openssl] master update

[Richard Levitte]

The branch master has been updated
       via  c8c250333cd254ab3f4d709ebc5ed86a7c065721 (commit)
       via  bbbf752a3c8b5a966bcb48fc71a3dc03832e7b27 (commit)
      from  1bb829300a9a941b75e8d5ae6ea8f53b3845ac4c (commit)


- Log -----------------------------------------------------------------
commit c8c250333cd254ab3f4d709ebc5ed86a7c065721
Author: Nick Mathewson <nickm at torproject.org>
Date:   Thu May 24 15:23:15 2018 -0400

    Improve the example getpass() implementation to show an error return
    
    Also, modernize the code, so that it isn't trying to store a size_t
    into an int, and then check the int's sign. :/
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/6271)

commit bbbf752a3c8b5a966bcb48fc71a3dc03832e7b27
Author: Nick Mathewson <nickm at torproject.org>
Date:   Wed May 16 11:07:48 2018 -0400

    Update documentation for PEM callback: error is now -1.
    
    In previous versions of OpenSSL, the documentation for PEM_read_*
    said:
    
       The callback B<must> return the number of characters in the
       passphrase or 0 if an error occurred.
    
    But since c82c3462267afdbbaa5, 0 is now treated as a non-error
    return value.  Applications that want to indicate an error need to
    return -1 instead.
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/6271)

-----------------------------------------------------------------------

Summary of changes:
 doc/man3/PEM_read_bio_PrivateKey.pod | 13 ++++++-------
 1 file changed, 6 insertions(+), 7 deletions(-)

diff --git a/doc/man3/PEM_read_bio_PrivateKey.pod b/doc/man3/PEM_read_bio_PrivateKey.pod
index 9f62140..744a46f 100644
--- a/doc/man3/PEM_read_bio_PrivateKey.pod
+++ b/doc/man3/PEM_read_bio_PrivateKey.pod
@@ -295,7 +295,7 @@ for it twice) if B<rwflag> is 1. The B<u> parameter has the same
 value as the B<u> parameter passed to the PEM routine. It allows
 arbitrary data to be passed to the callback by the application
 (for example a window handle in a GUI application). The callback
-B<must> return the number of characters in the passphrase or 0 if
+B<must> return the number of characters in the passphrase or -1 if
 an error occurred.
 
 =head1 EXAMPLES
@@ -346,17 +346,16 @@ Skeleton pass phrase callback:
 
  int pass_cb(char *buf, int size, int rwflag, void *u)
  {
-     int len;
-     char *tmp;
 
      /* We'd probably do something else if 'rwflag' is 1 */
      printf("Enter pass phrase for \"%s\"\n", (char *)u);
 
      /* get pass phrase, length 'len' into 'tmp' */
-     tmp = "hello";
-     len = strlen(tmp);
-     if (len <= 0)
-         return 0;
+     char *tmp = "hello";
+     if (tmp == NULL) /* An error occurred */
+         return -1;
+
+     size_t len = strlen(tmp);
 
      if (len > size)
          len = size;