On Mon, Jan 13, 2003 at 03:16:46PM +0100, Richard Levitte via RT wrote:
>
> Hello,
>
> Thanks for the report. Unfortunately, your conclusions are
> incorrect. The functions that you spotted in ui_lib.c return the
> expected values, it's UI_UTIL_read_pw() that interprets those values
> incorrectly.
Ah, I see. There seems to be a bit of confusion about that. A quick
survey of consumers of general_allocate_string:
general_allocate_string
In reality, returns negative for error
UI_add_input_string
Comment says `Returns the index to the place in the stack or 0 for
error.' --> zero for error
password_callback
`ok >= 0' --> negative for error
hwcrhk_get_pass
ignores return value
EVP_read_pw_string
ignores return value
UI_UTIL_read_pw
`ok == 0' --> non-zero for error
UI_dup_input_string
Comment says `Same as UI_add_input_string()' --> zero for error
UI_add_verify_string
password_callback
`ok >= 0' --> negative for error
EVP_read_pw_string
ignores return value
UI_UTIL_read_pw
`ok == 0' --> non-zero for error
UI_dup_verify_string
No callers
UI_add_info_string
No callers
UI_dup_info_string
hwcrhk_insert_card
`ok >= 0' --> negative for error
UI_add_error_string
No callers
UI_dup_error_string
No callers
So yeah, I guess UI_UTIL_read_pw and the comment for
UI_add_input_string et. al. are incorrect. Previously I stopped
looking after seeing that comment :-) oops
> I'm committing a change that should fix this. Please try tomorrows
> snapshot.
>
> This ticket is now resolved.
Thanks much! Your fix looks correct to me.
Cheers,
--
Jacques A. Vidrine <[EMAIL PROTECTED]> http://www.celabo.org/
NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos
[EMAIL PROTECTED] . [EMAIL PROTECTED] . [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
