From: tb Date: Sat, 24 Aug 2024 07:48:37 +0000 (+0000) Subject: Remove documentation of UI_UTIL_read_pw* X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=3b161766402507a3551f96cf9790312e5b6fc3eb;p=openbsd Remove documentation of UI_UTIL_read_pw* According to some, a fail-open password verification function is par for the course for libcrypto. Unfortunately, we have been recommending its use over similarly named EVP functions after what amounted to a coin toss a few years back. Luckily enough, no one followed that advice and we can soon remove this API for good. --- diff --git a/lib/libcrypto/man/Makefile b/lib/libcrypto/man/Makefile index d4633edddfe..4973ea744cb 100644 --- a/lib/libcrypto/man/Makefile +++ b/lib/libcrypto/man/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.289 2024/08/17 09:16:37 tb Exp $ +# $OpenBSD: Makefile,v 1.290 2024/08/24 07:48:37 tb Exp $ .include @@ -300,7 +300,6 @@ MAN= \ SMIME_write_PKCS7.3 \ STACK_OF.3 \ TS_REQ_new.3 \ - UI_UTIL_read_pw.3 \ UI_create_method.3 \ UI_get_string_type.3 \ UI_new.3 \ diff --git a/lib/libcrypto/man/UI_UTIL_read_pw.3 b/lib/libcrypto/man/UI_UTIL_read_pw.3 deleted file mode 100644 index aa3cefe8dd7..00000000000 --- a/lib/libcrypto/man/UI_UTIL_read_pw.3 +++ /dev/null @@ -1,107 +0,0 @@ -.\" $OpenBSD: UI_UTIL_read_pw.3,v 1.3 2018/03/22 21:08:22 schwarze Exp $ -.\" full merge up to: OpenSSL 23103a52 Jan 12 15:17:42 2017 +0100 -.\" selective merge up to: OpenSSL 61f805c1 Jan 16 01:01:46 2018 +0800 -.\" -.\" This file was written by Richard Levitte . -.\" Copyright (c) 2017 The OpenSSL Project. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: March 22 2018 $ -.Dt UI_UTIL_READ_PW 3 -.Os -.Sh NAME -.Nm UI_UTIL_read_pw , -.Nm UI_UTIL_read_pw_string -.Nd get a password from the user -.Sh SYNOPSIS -.In openssl/ui.h -.Ft int -.Fo UI_UTIL_read_pw_string -.Fa "char *buf" -.Fa "int length" -.Fa "const char *prompt" -.Fa "int verify" -.Fc -.Ft int -.Fo UI_UTIL_read_pw -.Fa "char *buf" -.Fa "char *buff" -.Fa "int size" -.Fa "const char *prompt" -.Fa "int verify" -.Fc -.Sh DESCRIPTION -.Fn UI_UTIL_read_pw_string -asks for a passphrase, using -.Fa prompt -as a prompt, and stores it in -.Fa buf . -The maximum allowed size is given with -.Fa length , -including the terminating NUL byte. -If -.Fa verify -is non-zero, the password will be verified as well. -.Pp -.Fn UI_UTIL_read_pw -does the same as -.Fn UI_UTIL_read_pw_string , -but takes an external buffer -.Fa buff -for the verification passphrase. -.Sh RETURN VALUES -.Fn UI_UTIL_read_pw_string -and -.Fn UI_UTIL_read_pw -return 0 on success or a negative value on error. -.Sh SEE ALSO -.Xr UI_new 3 -.Sh HISTORY -.Fn UI_UTIL_read_pw -and -.Fn UI_UTIL_read_pw_string -first appeared in OpenSSL 0.9.7 and have been available since -.Ox 3.2 . diff --git a/lib/libcrypto/man/UI_new.3 b/lib/libcrypto/man/UI_new.3 index d7113591964..411b37b1c50 100644 --- a/lib/libcrypto/man/UI_new.3 +++ b/lib/libcrypto/man/UI_new.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: UI_new.3,v 1.11 2022/12/17 22:23:31 tb Exp $ +.\" $OpenBSD: UI_new.3,v 1.12 2024/08/24 07:48:37 tb Exp $ .\" full merge up to: OpenSSL 78b19e90 Jan 11 00:12:01 2017 +0100 .\" selective merge up to: OpenSSL 61f805c1 Jan 16 01:01:46 2018 +0800 .\" @@ -49,7 +49,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: December 17 2022 $ +.Dd $Mdocdate: August 24 2024 $ .Dt UI_NEW 3 .Os .Sh NAME @@ -515,8 +515,7 @@ argument. .Sh SEE ALSO .Xr crypto 3 , .Xr UI_create_method 3 , -.Xr UI_get_string_type 3 , -.Xr UI_UTIL_read_pw 3 +.Xr UI_get_string_type 3 .Sh HISTORY These functions first appeared in OpenSSL 0.9.7 and have been available since diff --git a/lib/libcrypto/man/des_read_pw.3 b/lib/libcrypto/man/des_read_pw.3 index 41f8553de1a..7cb35b47f8e 100644 --- a/lib/libcrypto/man/des_read_pw.3 +++ b/lib/libcrypto/man/des_read_pw.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: des_read_pw.3,v 1.11 2023/09/10 13:58:46 schwarze Exp $ +.\" $OpenBSD: des_read_pw.3,v 1.12 2024/08/24 07:48:37 tb Exp $ .\" full merge up to: OpenSSL doc/crypto/des.pod .\" 53934822 Jun 9 16:39:19 2016 -0400 .\" @@ -66,7 +66,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: September 10 2023 $ +.Dd $Mdocdate: August 24 2024 $ .Dt DES_READ_PW 3 .Os .Sh NAME @@ -99,11 +99,6 @@ .Ft char * .Fn EVP_get_pw_prompt void .Sh DESCRIPTION -These functions are deprecated. -Use -.Xr UI_UTIL_read_pw 3 -instead. -.Pp .Fn EVP_read_pw_string writes the .Fa prompt @@ -185,8 +180,7 @@ returns an internal pointer to static memory containing the default prompt, or .Dv NULL if no default prompt is set. .Sh SEE ALSO -.Xr UI_new 3 , -.Xr UI_UTIL_read_pw 3 +.Xr UI_new 3 .Sh HISTORY .Fn EVP_read_pw_string first appeared in SSLeay 0.5.1 and