From: Matt Caswell <matt@openssl.org>
Date: Thu, 25 Jun 2020 15:10:54 +0000 (+0100)
Subject: If an empty password is supplied still try to use it
X-Git-Tag: openssl-3.0.0-alpha5~105
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=ca3245a61989009a99931748723d12e30d0a66b2;p=thirdparty%2Fopenssl.git

If an empty password is supplied still try to use it

If an empty password was supplied we ignored it and were trying to use
the fallback method to read the password instead (i.e. read from stdin).
However if that failed (which it always does if the cmp option -batch is
used) then we were reporting that we had successfully read the password
without actually setting one.

Instead, if an empty password is explicitly provided we should use it. If
no password is supplied explicitly and we have no fallback method then we
assume the empty password.

[extended tests]

Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12275)
---

diff --git a/apps/lib/apps_ui.c b/apps/lib/apps_ui.c
index 2a6e01ec101..13f8670d9fa 100644
--- a/apps/lib/apps_ui.c
+++ b/apps/lib/apps_ui.c
@@ -20,7 +20,7 @@ static int ui_open(UI *ui)
 {
     int (*opener)(UI *ui) = UI_method_get_opener(ui_fallback_method);
 
-    if (opener)
+    if (opener != NULL)
         return opener(ui);
     return 1;
 }
@@ -37,7 +37,8 @@ static int ui_read(UI *ui, UI_STRING *uis)
             {
                 const char *password =
                     ((PW_CB_DATA *)UI_get0_user_data(ui))->password;
-                if (password && password[0] != '\0') {
+
+                if (password != NULL) {
                     UI_set_result(ui, uis, password);
                     return 1;
                 }
@@ -52,8 +53,10 @@ static int ui_read(UI *ui, UI_STRING *uis)
     }
 
     reader = UI_method_get_reader(ui_fallback_method);
-    if (reader)
+    if (reader != NULL)
         return reader(ui, uis);
+    /* Default to the empty password if we've got nothing better */
+    UI_set_result(ui, uis, "");
     return 1;
 }
 
@@ -82,7 +85,7 @@ static int ui_write(UI *ui, UI_STRING *uis)
     }
 
     writer = UI_method_get_writer(ui_fallback_method);
-    if (writer)
+    if (writer != NULL)
         return writer(ui, uis);
     return 1;
 }
@@ -91,7 +94,7 @@ static int ui_close(UI *ui)
 {
     int (*closer)(UI *ui) = UI_method_get_closer(ui_fallback_method);
 
-    if (closer)
+    if (closer != NULL)
         return closer(ui);
     return 1;
 }
@@ -112,7 +115,7 @@ int setup_ui_method(void)
 
 void destroy_ui_method(void)
 {
-    if (ui_method) {
+    if (ui_method != NULL) {
         UI_destroy_method(ui_method);
         ui_method = NULL;
     }