> Accidentally ask for a password:
>
> # openssl genrsa -aes256 -out /etc/ssl/private/server.key 2048
> Generating RSA private key, 2048 bit long modulus
> .........+++
> ...............................................................................................................+++
> e is 65537 (0x10001)
> Enter pass phrase for /etc/ssl/private/server.key:
> 822626074580:error:28069065:lib(40):UI_set_result:result too
> small:/home/tedu/src/lib/libcrypto/crypto/../../libssl/src/crypto/ui/ui_lib.c:834:You
> must type in 4 to 1023 characters
> Enter pass phrase for /etc/ssl/private/server.key:
> Enter pass phrase for /etc/ssl/private/server.key:
>
> And now you can't quit. ^C doesn't work. ^D doesn't work. pkill openssl in
> another terminal doesn't work. Nothing works.
Haha, this is a good one.
It is caused by this in openssl apps.c!password_callback()
if (ok >= 0)
do {
ok = UI_process(ui);
} while (ok < 0 &&
UI_ctrl(ui, UI_CTRL_IS_REDOABLE, 0, 0, 0));
which causes the loop to spin, because the redoable flag gets set on
the first error, but if never cleared by true failures such as ^C.
The following diff will fix the problem.
Index: ui/ui_lib.c
===================================================================
RCS file: /OpenBSD/src/lib/libssl/src/crypto/ui/ui_lib.c,v
retrieving revision 1.30
diff -u -p -r1.30 ui_lib.c
--- ui/ui_lib.c 10 Feb 2015 11:22:21 -0000 1.30
+++ ui/ui_lib.c 27 Mar 2016 10:10:59 -0000
@@ -491,6 +491,7 @@ UI_process(UI *ui)
switch (ui->meth->ui_read_string(ui,
sk_UI_STRING_value(ui->strings, i))) {
case -1: /* Interrupt/Cancel/something... */
+ ui->flags &= ~UI_FLAG_REDOABLE;
ok = -2;
goto err;
case 0: /* Errors */
