You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@httpd.apache.org by "Paul J. Reder" <re...@remulak.net> on 2002/05/01 19:24:47 UTC

[Patch]: SSL passphrase prompt after error.

Is there any reason we can't alter the following code (from ssl_engine_pphrase.c
around line 730) to move the "apr_file_puts(prompt, writetty);" inside the
for statement so that on errors the prompt is reprinted? This is to answer
bug number 8320 (an empty passphrase results in an ambiguous state when an
error is displayed, but no new prompt).

If there are no complaints, I'll commit this patch this afternoon.

Index: httpd-2.0/modules/ssl/ssl_engine_pphrase.c
===================================================================
RCS file: /home/cvspublic/httpd-2.0/modules/ssl/ssl_engine_pphrase.c,v
retrieving revision 1.35
diff -u -r1.35 ssl_engine_pphrase.c
--- httpd-2.0/modules/ssl/ssl_engine_pphrase.c  28 Mar 2002 18:50:07 -0000      1.35
+++ httpd-2.0/modules/ssl/ssl_engine_pphrase.c  1 May 2002 17:20:26 -0000
@@ -732,9 +732,9 @@
           * (see crypto/pem/pem_lib.c:def_callback() for details)
           */
          prompt = "Enter pass phrase:";
-        apr_file_puts(prompt, writetty);

          for (;;) {
+            apr_file_puts(prompt, writetty);
              if (sc->server->pphrase_dialog_type == SSL_PPTYPE_PIPE) {
                  i = pipe_get_passwd_cb(buf, bufsize, "", FALSE);
              }

-- 
Paul J. Reder
-----------------------------------------------------------
"The strength of the Constitution lies entirely in the determination of each
citizen to defend it.  Only if every single citizen feels duty bound to do
his share in this defense are the constitutional rights secure."
-- Albert Einstein

Re: [Patch]: SSL passphrase prompt after error.

Posted by Justin Erenkrantz <je...@apache.org>.

On Wed, May 01, 2002 at 01:24:47PM -0400, Paul J. Reder wrote:
> Is there any reason we can't alter the following code (from ssl_engine_pphrase.c
> around line 730) to move the "apr_file_puts(prompt, writetty);" inside the
> for statement so that on errors the prompt is reprinted? This is to answer
> bug number 8320 (an empty passphrase results in an ambiguous state when an
> error is displayed, but no new prompt).
> 
> If there are no complaints, I'll commit this patch this afternoon.

+1.  -- justin