aboutsummaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorDaniel Stenberg <daniel@haxx.se>2001-08-14 08:36:30 +0000
committerDaniel Stenberg <daniel@haxx.se>2001-08-14 08:36:30 +0000
commitbd0afd8db4289d8dd90b82892feed5515c9c9e9d (patch)
tree46c9d750c7dbb55f3eb7c70fffa563bc886e9f3f /lib
parent2d68ea45d8e2b756bcf824c05ea3a352ae0d9358 (diff)
removed the use of the global array for the password that was necessary
for OpenSSL versions prior to 0.9.4, this is conditional and should still work with older versions.
Diffstat (limited to 'lib')
-rw-r--r--lib/ssluse.c27
1 files changed, 23 insertions, 4 deletions
diff --git a/lib/ssluse.c b/lib/ssluse.c
index 3d3e9bf84..4eb94c790 100644
--- a/lib/ssluse.c
+++ b/lib/ssluse.c
@@ -42,21 +42,29 @@
#include "memdebug.h"
#endif
+#if OPENSSL_VERSION_NUMBER >= 0x00904100L
+#define HAVE_USERDATA_IN_PWD_CALLBACK 1
+#else
+#undef HAVE_USERDATA_IN_PWD_CALLBACK
+#endif
+
+#ifndef HAVE_USERDATA_IN_PWD_CALLBACK
static char global_passwd[64];
+#endif
static int passwd_callback(char *buf, int num, int verify
-#if OPENSSL_VERSION_NUMBER >= 0x00904100L
+#if HAVE_USERDATA_IN_PWD_CALLBACK
/* This was introduced in 0.9.4, we can set this
using SSL_CTX_set_default_passwd_cb_userdata()
*/
- , void *userdata
+ , void *global_passwd
#endif
)
{
if(verify)
fprintf(stderr, "%s\n", buf);
else {
- if(num > strlen(global_passwd)) {
+ if(num > (int)strlen((char *)global_passwd)) {
strcpy(buf, global_passwd);
return strlen(buf);
}
@@ -68,7 +76,10 @@ static
bool seed_enough(struct connectdata *conn, /* unused for now */
int nread)
{
+ conn = NULL; /* to prevent compiler warnings */
#ifdef HAVE_RAND_STATUS
+ nread = 0; /* to prevent compiler warnings */
+
/* only available in OpenSSL 0.9.5a and later */
if(RAND_status())
return TRUE;
@@ -171,11 +182,18 @@ int cert_stuff(struct connectdata *conn,
X509 *x509;
if(data->cert_passwd) {
+#ifndef HAVE_USERDATA_IN_PWD_CALLBACK
/*
* If password has been given, we store that in the global
* area (*shudder*) for a while:
*/
strcpy(global_passwd, data->cert_passwd);
+#else
+ /*
+ * We set the password in the callback userdata
+ */
+ SSL_CTX_set_default_passwd_cb_userdata(conn->ssl.ctx, data->cert_passwd);
+#endif
/* Set passwd callback: */
SSL_CTX_set_default_passwd_cb(conn->ssl.ctx, passwd_callback);
}
@@ -214,9 +232,10 @@ int cert_stuff(struct connectdata *conn,
failf(data, "Private key does not match the certificate public key\n");
return(0);
}
-
+#ifndef HAVE_USERDATA_IN_PWD_CALLBACK
/* erase it now */
memset(global_passwd, 0, sizeof(global_passwd));
+#endif
}
return(1);
}