From: DaanDeMeyer Date: Thu, 25 Dec 2025 18:24:17 +0000 (+0100) Subject: openssl-util: Make ret_user_interface required output argument X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ded0f85f7bbfae64c63865fcf71b6c8179605ed3;p=thirdparty%2Fsystemd.git openssl-util: Make ret_user_interface required output argument To avoid the argument accidentally not getting passed anymore during refactoring, let's make it a required output argument so that callers are required to provide it. See 11f47cb70014894a9f09c730ee7aedcac89cf73e and 875b568f56e3a8a23edd9f20463c9019ec098900. --- diff --git a/src/shared/openssl-util.c b/src/shared/openssl-util.c index 0e54ae527af..47c64fd7d4c 100644 --- a/src/shared/openssl-util.c +++ b/src/shared/openssl-util.c @@ -1712,17 +1712,20 @@ int openssl_load_private_key( int r; + /* The caller must keep the OpenSSLAskPasswordUI object alive as long as the EVP_PKEY object so that + * the user can enter any needed hardware token pin to unlock the private key when needed. */ + assert(private_key); assert(request); assert(ret_private_key); + assert(ret_user_interface); if (private_key_source_type == OPENSSL_KEY_SOURCE_FILE) { r = openssl_load_private_key_from_file(private_key, ret_private_key); if (r < 0) return r; - if (ret_user_interface) - *ret_user_interface = NULL; + *ret_user_interface = NULL; } else { _cleanup_(openssl_ask_password_ui_freep) OpenSSLAskPasswordUI *ui = NULL; r = openssl_ask_password_ui_new(request, &ui); @@ -1747,8 +1750,7 @@ int openssl_load_private_key( private_key, private_key_source); - if (ret_user_interface) - *ret_user_interface = TAKE_PTR(ui); + *ret_user_interface = TAKE_PTR(ui); } return 0;