STORE: Fix the repeated prompting of passphrase

OSSL_STORE's loading function could prompt repeatedly for the same
passphrase.  It turns out that OSSL_STORE_load() wasn't caching the
passphrase properly.  Fixed in this change.

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15064)

diff --git a/crypto/store/store_lib.c b/crypto/store/store_lib.c
index 134207d5c245f1df23420ac083d4fafb3bc9f7cc..1a62d7f6ff5ac4ca77bd732ff649c5d50c2d8361 100644 (file)
--- a/crypto/store/store_lib.c
+++ b/crypto/store/store_lib.c
@@ -135,7 +135,8 @@ OSSL_STORE_open_ex(const char *uri, OSSL_LIB_CTX *libctx, const char *propq,
     }
 
     if (ui_method != NULL
-        && !ossl_pw_set_ui_method(&ctx->pwdata, ui_method, ui_data)) {
+        && (!ossl_pw_set_ui_method(&ctx->pwdata, ui_method, ui_data)
+            || !ossl_pw_enable_passphrase_caching(&ctx->pwdata))) {
         ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_CRYPTO_LIB);
         goto err;
     }
@@ -413,6 +414,9 @@ OSSL_STORE_INFO *OSSL_STORE_load(OSSL_STORE_CTX *ctx)
             goto again;
     }
 
+    /* Clear any internally cached passphrase */
+    (void)ossl_pw_clear_passphrase_cache(&ctx->pwdata);
+
     if (v != NULL && ctx->expected_type != 0) {
         int returned_type = OSSL_STORE_INFO_get_type(v);