[tor-bugs] #26116 [Core Tor/Tor]: OpenSSL 1.1.1 changed the semantics of the password callback return value
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed May 16 15:16:12 UTC 2018
#26116: OpenSSL 1.1.1 changed the semantics of the password callback return value
-------------------------+-------------------------------------------------
Reporter: nickm | Owner: nickm
Type: defect | Status: assigned
Priority: Medium | Milestone: Tor: 0.3.4.x-final
Component: Core | Version:
Tor/Tor | Keywords: 029-backport 031-backport
Severity: Normal | 032-backport 033-backport
Actual Points: | Parent ID:
Points: | Reviewer:
Sponsor: |
-------------------------+-------------------------------------------------
In c82c3462267afdbbaa5, openssl changed its interpretation of getting a
"0" result from a PEM password callback. Previously, this indicated an
error, and the documentation said:
>The callback '''must''' return the number of characters in the passphrase
or 0 if an error occurred.
But now, 0 means an empty passphrase, and -1 means that an error occurred.
To avoid strange bugs and compatibility issues, we should have our
pem_no_password_cb function return -1 instead. (-1 was always a supported
return value, even if it isn't documented.)
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/26116>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list