STORE: Fix OSSL_STORE_attach() to check |ui_method| before use

ossl_pw_set_ui_method() demands that the passed |ui_method| be
non-NULL, and OSSL_STORE_attach() didn't check it beforehand.

While we're at it, we remove the passphrase caching that's set at the
library level, and trust the implementations to deal with that on
their own as needed.

Fixes #12830

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12831)

diff --git a/crypto/store/store_lib.c b/crypto/store/store_lib.c
index 89efe691da0c1eb89a8051b2cfada0739710538c..61558a9b6efac437120b1f429f2d6c4c5daac1dd 100644 (file)
--- a/crypto/store/store_lib.c
+++ b/crypto/store/store_lib.c
@@ -135,9 +135,8 @@ OSSL_STORE_open_with_libctx(const char *uri,
         goto err;
     }
 
-    if ((ui_method != NULL
-         && !ossl_pw_set_ui_method(&ctx->pwdata, ui_method, ui_data))
-        || !ossl_pw_enable_passphrase_caching(&ctx->pwdata)) {
+    if (ui_method != NULL
+        && !ossl_pw_set_ui_method(&ctx->pwdata, ui_method, ui_data)) {
         ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_CRYPTO_LIB);
         goto err;
     }
@@ -421,7 +420,6 @@ OSSL_STORE_INFO *OSSL_STORE_load(OSSL_STORE_CTX *ctx)
         }
     }
 
-    ossl_pw_clear_passphrase_cache(&ctx->pwdata);
     if (v != NULL)
         OSSL_TRACE1(STORE, "Got a %s\n",
                     OSSL_STORE_INFO_type_string(OSSL_STORE_INFO_get_type(v)));
@@ -968,7 +966,11 @@ OSSL_STORE_CTX *OSSL_STORE_attach(BIO *bp, const char *scheme,
         return NULL;
     }
 
-    (void)ossl_pw_set_ui_method(&ctx->pwdata, ui_method, ui_data);
+    if (ui_method != NULL
+        && !ossl_pw_set_ui_method(&ctx->pwdata, ui_method, ui_data)) {
+        OPENSSL_free(ctx);
+        return NULL;
+    }
     ctx->fetched_loader = fetched_loader;
     ctx->loader = loader;
     ctx->loader_ctx = loader_ctx;