openssl-util: Make ret_user_interface required output argument

To avoid the argument accidentally not getting passed anymore during
refactoring, let's make it a required output argument so that callers
are required to provide it.

See 11f47cb70014894a9f09c730ee7aedcac89cf73e and
875b568f56e3a8a23edd9f20463c9019ec098900.

diff --git a/src/shared/openssl-util.c b/src/shared/openssl-util.c
index 0e54ae527af00d8d7634516ae4fdd35c24cf56f2..47c64fd7d4cb895e315a1169e5ac1401bce159b9 100644 (file)
--- a/src/shared/openssl-util.c
+++ b/src/shared/openssl-util.c
@@ -1712,17 +1712,20 @@ int openssl_load_private_key(
 
         int r;
 
+        /* The caller must keep the OpenSSLAskPasswordUI object alive as long as the EVP_PKEY object so that
+         * the user can enter any needed hardware token pin to unlock the private key when needed. */
+
         assert(private_key);
         assert(request);
         assert(ret_private_key);
+        assert(ret_user_interface);
 
         if (private_key_source_type == OPENSSL_KEY_SOURCE_FILE) {
                 r = openssl_load_private_key_from_file(private_key, ret_private_key);
                 if (r < 0)
                         return r;
 
-                if (ret_user_interface)
-                        *ret_user_interface = NULL;
+                *ret_user_interface = NULL;
         } else {
                 _cleanup_(openssl_ask_password_ui_freep) OpenSSLAskPasswordUI *ui = NULL;
                 r = openssl_ask_password_ui_new(request, &ui);
@@ -1747,8 +1750,7 @@ int openssl_load_private_key(
                                         private_key,
                                         private_key_source);
 
-                if (ret_user_interface)
-                        *ret_user_interface = TAKE_PTR(ui);
+                *ret_user_interface = TAKE_PTR(ui);
         }
 
         return 0;