[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-bugs] #26116 [Core Tor/Tor]: OpenSSL 1.1.1 changed the semantics of the password callback return value



#26116: OpenSSL 1.1.1 changed the semantics of the password callback return value
-------------------------+-------------------------------------------------
     Reporter:  nickm    |      Owner:  nickm
         Type:  defect   |     Status:  assigned
     Priority:  Medium   |  Milestone:  Tor: 0.3.4.x-final
    Component:  Core     |    Version:
  Tor/Tor                |   Keywords:  029-backport 031-backport
     Severity:  Normal   |  032-backport 033-backport
Actual Points:           |  Parent ID:
       Points:           |   Reviewer:
      Sponsor:           |
-------------------------+-------------------------------------------------
 In c82c3462267afdbbaa5, openssl changed its interpretation of getting a
 "0" result from a PEM password callback.  Previously, this indicated an
 error, and the documentation said:

 >The callback '''must''' return the number of characters in the passphrase
 or 0 if an error occurred.

 But now, 0 means an empty passphrase, and -1 means that an error occurred.

 To avoid strange bugs and compatibility issues, we should have our
 pem_no_password_cb function return -1 instead. (-1 was always a supported
 return value, even if it isn't documented.)

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/26116>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs