Message ID | 20240908224220.478684-1-selva.nair@gmail.com |
---|---|
State | Accepted |
Headers | show |
Series | [Openvpn-devel] Initialize before use struct user_pass in ui_reader() | expand |
Acked-by: Gert Doering <gert@greenie.muc.de> Thanks :-) (not much to test here) Your patch has been applied to the master branch. commit 67124dcf317460609860a2ea7cb7a55ceed4a4ce Author: Selva Nair Date: Sun Sep 8 18:42:20 2024 -0400 Initialize before use struct user_pass in ui_reader() Signed-off-by: Selva Nair <selva.nair@gmail.com> Acked-by: Gert Doering <gert@greenie.muc.de> Message-Id: <20240908224220.478684-1-selva.nair@gmail.com> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg29114.html Signed-off-by: Gert Doering <gert@greenie.muc.de> -- kind regards, Gert Doering
diff --git a/src/openvpn/ssl_openssl.c b/src/openvpn/ssl_openssl.c index 05555a38..0d845f4a 100644 --- a/src/openvpn/ssl_openssl.c +++ b/src/openvpn/ssl_openssl.c @@ -776,7 +776,9 @@ tls_ctx_load_ecdh_params(struct tls_root_ctx *ctx, const char *curve_name) #if defined(HAVE_OPENSSL_STORE_API) /** - * A wrapper for pem_password_callback for use with OpenSSL UI_METHOD. + * A wrapper for password callback for use with OpenSSL UI_METHOD. + * The callback is obtained using SSL_CTX_get_default_passwd_cb() + * which is set to pem_password_callback() in tls_ctx_set_options(). */ static int ui_reader(UI *ui, UI_STRING *uis) @@ -791,6 +793,7 @@ ui_reader(UI *ui, UI_STRING *uis) if (strstr(prompt, "PKCS#11")) { struct user_pass up; + CLEAR(up); get_user_pass(&up, NULL, "PKCS#11 token", GET_USER_PASS_MANAGEMENT|GET_USER_PASS_PASSWORD_ONLY); UI_set_result(ui, uis, up.password); purge_user_pass(&up, true);