artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 3b7b33d) | patch
Use the tls_password_cb() callback with all PEM_read_bio_*() calls, so that
authorjsing <jsing@openbsd.org>
Thu, 22 Jun 2017 18:03:57 +0000 (18:03 +0000)
committerjsing <jsing@openbsd.org>
Thu, 22 Jun 2017 18:03:57 +0000 (18:03 +0000)
commita192468a6a296bf47a6f2939ab2280c765a76555
treefbbe987bf180ce7db204f85bac3ca22a21307480tree | snapshot
parent3b7b33dd91ab32d364b0affd41a19083adede47bcommit | diff
Use the tls_password_cb() callback with all PEM_read_bio_*() calls, so that
we can prevent libcrypto from going behind our back and trying to read
passwords from standard input (which we may not be permitted to do).

Found by jsg@ with httpd and password protected keys.
lib/libtls/tls.c diff | blob | history
lib/libtls/tls_internal.h diff | blob | history
lib/libtls/tls_server.c diff | blob | history
lib/libtls/tls_util.c diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim