Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
openssl: removed USERDATA_IN_PWD_CALLBACK kludge
Code for OpenSSL 0.9.4 serves no purpose anymore!
  • Loading branch information
bagder committed Jun 4, 2015
1 parent ccfdd59 commit 30bd59b
Showing 1 changed file with 3 additions and 37 deletions.
40 changes: 3 additions & 37 deletions lib/vtls/openssl.c
Expand Up @@ -83,12 +83,6 @@
#error "OPENSSL_VERSION_NUMBER not defined"
#endif

#if OPENSSL_VERSION_NUMBER >= 0x00904100L
#define HAVE_USERDATA_IN_PWD_CALLBACK 1
#else
#undef HAVE_USERDATA_IN_PWD_CALLBACK
#endif

#if OPENSSL_VERSION_NUMBER >= 0x00907001L && !defined(OPENSSL_IS_BORINGSSL)
/* ENGINE_load_private_key() takes four arguments */
#define HAVE_ENGINE_LOAD_FOUR_ARGS
Expand Down Expand Up @@ -154,18 +148,8 @@
*/
#define RAND_LOAD_LENGTH 1024

#ifndef HAVE_USERDATA_IN_PWD_CALLBACK
static char global_passwd[64];
#endif

static int passwd_callback(char *buf, int num, int encrypting
#ifdef HAVE_USERDATA_IN_PWD_CALLBACK
/* This was introduced in 0.9.4, we can set this
using SSL_CTX_set_default_passwd_cb_userdata()
*/
, void *global_passwd
#endif
)
static int passwd_callback(char *buf, int num, int encrypting,
void *global_passwd)
{
DEBUGASSERT(0 == encrypting);

Expand Down Expand Up @@ -370,23 +354,9 @@ int cert_stuff(struct connectdata *conn,
int cert_done = 0;

if(data->set.str[STRING_KEY_PASSWD]) {
#ifndef HAVE_USERDATA_IN_PWD_CALLBACK
/*
* If password has been given, we store that in the global
* area (*shudder*) for a while:
*/
size_t len = strlen(data->set.str[STRING_KEY_PASSWD]);
if(len < sizeof(global_passwd))
memcpy(global_passwd, data->set.str[STRING_KEY_PASSWD], len+1);
else
global_passwd[0] = '\0';
#else
/*
* We set the password in the callback userdata
*/
/* set the password in the callback userdata */
SSL_CTX_set_default_passwd_cb_userdata(ctx,
data->set.str[STRING_KEY_PASSWD]);
#endif
/* Set passwd callback: */
SSL_CTX_set_default_passwd_cb(ctx, passwd_callback);
}
Expand Down Expand Up @@ -672,10 +642,6 @@ int cert_stuff(struct connectdata *conn,
failf(data, "Private key does not match the certificate public key");
return 0;
}
#ifndef HAVE_USERDATA_IN_PWD_CALLBACK
/* erase it now */
memset(global_passwd, 0, sizeof(global_passwd));
#endif
}
return 1;
}
Expand Down

0 comments on commit 30bd59b

Please sign in to comment.