Add a general user interface API. This is designed to replace things

like des_read_password and friends (backward compatibility functions
using this new API are provided).  The purpose is to remove prompting
functions from the DES code section as well as provide for prompting
through dialog boxes in a window system and the like.

CHANGES

@@ -11,6 +11,13 @@
          *) applies to 0.9.6a (/0.9.6b) and 0.9.7
          +) applies to 0.9.7 only
 
+  +) Add a general user interface API.  This is designed to replace things
+     like des_read_password and friends (backward compatibility functions
+     using this new API are provided).  The purpose is to remove prompting
+     functions from the DES code section as well as provide for prompting
+     through dialog boxes in a window system and the like.
+     [Richard Levitte]
+
   *) In versions up to 0.9.6, RAND_file_name() resorted to file ".rnd"
      in the current directory if neither $RANDFILE nor $HOME was set.
      RAND_file_name() in 0.9.6a returned NULL in this case.  This has

Makefile.org

@@ -168,7 +168,7 @@ SDIRS=  \
 	des rc2 rc4 rc5 idea bf cast \
 	bn ec rsa dsa dh dso engine rijndael \
 	buffer bio stack lhash rand err objects \
-	evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp
+	evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui
 
 # tests to perform.  "alltests" is a special word indicating that all tests
 # should be performed.

crypto/Makefile.ssl

@@ -30,7 +30,7 @@ SDIRS=	md2 md5 sha mdc2 hmac ripemd \
 	des rc2 rc4 rc5 idea bf cast \
 	bn ec rsa dsa dh dso engine rijndael \
 	buffer bio stack lhash rand err objects \
-	evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp
+	evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui
 
 GENERAL=Makefile README crypto-lib.com install.com
 

crypto/cryptlib.c

@@ -101,7 +101,8 @@ static const char* lock_names[CRYPTO_NUM_LOCKS] =
 	"dso",
 	"dynlock",
 	"engine",
-#if CRYPTO_NUM_LOCKS != 29
+	"ui",
+#if CRYPTO_NUM_LOCKS != 30
 # error "Inconsistency between crypto.h and cryptlib.c"
 #endif
 	};

crypto/crypto-lib.com

@@ -91,7 +91,7 @@ $ ENCRYPT_TYPES = "Basic,MD2,MD4,MD5,SHA,MDC2,HMAC,RIPEMD,"+ -
 		  "BN,EC,RSA,DSA,DH,DSO,ENGINE,RIJNDAEL,"+ -
 		  "BUFFER,BIO,STACK,LHASH,RAND,ERR,OBJECTS,"+ -
 		  "EVP,EVP_2,ASN1,ASN1_2,PEM,X509,X509V3,"+ -
-		  "CONF,TXT_DB,PKCS7,PKCS12,COMP,OCSP"
+		  "CONF,TXT_DB,PKCS7,PKCS12,COMP,OCSP,UI"
 $ ENCRYPT_PROGRAMS = "DES,PKCS7"
 $!
 $! Check To Make Sure We Have Valid Command Line Parameters.
@@ -269,6 +269,8 @@ $ LIB_COMP = "comp_lib,"+ -
 	"c_rle,c_zlib"
 $ LIB_OCSP = "ocsp_asn,ocsp_ext,ocsp_ht,ocsp_lib,ocsp_cl,"+ -
 	"ocsp_srv,ocsp_prn,ocsp_vfy,ocsp_err"
+$ LIB_UI_COMPAT = "ui_compat"
+$ LIB_UI = "ui_er,ui_lib,ui_openssl,"+LIB_UI_COMPAT
 $!
 $! Setup exceptional compilations
 $!

crypto/crypto.h

@@ -124,7 +124,8 @@ extern "C" {
 #define	CRYPTO_LOCK_DSO			26
 #define	CRYPTO_LOCK_DYNLOCK		27
 #define	CRYPTO_LOCK_ENGINE		28
-#define	CRYPTO_NUM_LOCKS		29
+#define	CRYPTO_LOCK_UI			29
+#define	CRYPTO_NUM_LOCKS		30
 
 #define CRYPTO_LOCK		1
 #define CRYPTO_UNLOCK		2

crypto/des/Makefile.ssl

@@ -40,8 +40,8 @@ LIBOBJ= set_key.o  ecb_enc.o  cbc_enc.o \
 	ecb3_enc.o cfb64enc.o cfb64ede.o cfb_enc.o  ofb64ede.o \
 	enc_read.o enc_writ.o ofb64enc.o \
 	ofb_enc.o  str2key.o  pcbc_enc.o qud_cksm.o rand_key.o \
-	${DES_ENC} read2pwd.o \
-	fcrypt.o xcbc_enc.o read_pwd.o rpc_enc.o  cbc_cksm.o \
+	${DES_ENC} \
+	fcrypt.o xcbc_enc.o rpc_enc.o  cbc_cksm.o \
 	ede_cbcm_enc.o
 
 SRC= $(LIBSRC)
@@ -194,8 +194,11 @@ qud_cksm.o: ../../include/openssl/opensslconf.h des_locl.h qud_cksm.c
 rand_key.o: ../../include/openssl/des.h ../../include/openssl/e_os2.h
 rand_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/rand.h
 rand_key.o: rand_key.c
-read2pwd.o: ../../include/openssl/des.h ../../include/openssl/e_os2.h
-read2pwd.o: ../../include/openssl/opensslconf.h des_locl.h read2pwd.c
+read2pwd.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+read2pwd.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+read2pwd.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+read2pwd.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+read2pwd.o: ../../include/openssl/ui.h des_locl.h read2pwd.c
 read_pwd.o: ../../e_os.h ../../include/openssl/bio.h
 read_pwd.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
 read_pwd.o: ../../include/openssl/des.h ../../include/openssl/e_os2.h

crypto/err/err.h

@@ -129,6 +129,7 @@ typedef struct err_state_st
 #define ERR_LIB_DSO		37
 #define ERR_LIB_ENGINE		38
 #define ERR_LIB_OCSP            39
+#define ERR_LIB_UI              40
 
 #define ERR_LIB_USER		128
 
@@ -155,6 +156,7 @@ typedef struct err_state_st
 #define DSOerr(f,r) ERR_PUT_error(ERR_LIB_DSO,(f),(r),__FILE__,__LINE__)
 #define ENGINEerr(f,r) ERR_PUT_error(ERR_LIB_ENGINE,(f),(r),__FILE__,__LINE__)
 #define OCSPerr(f,r) ERR_PUT_error(ERR_LIB_OCSP,(f),(r),__FILE__,__LINE__)
+#define UIerr(f,r) ERR_PUT_error(ERR_LIB_UI,(f),(r),__FILE__,__LINE__)
 
 /* Borland C seems too stupid to be able to shift and do longs in
  * the pre-processor :-( */
@@ -204,6 +206,7 @@ typedef struct err_state_st
 #define ERR_R_DSO_LIB	ERR_LIB_DSO      /* 37 */
 #define ERR_R_ENGINE_LIB ERR_LIB_ENGINE  /* 38 */
 #define ERR_R_OCSP_LIB  ERR_LIB_OCSP     /* 39 */
+#define ERR_R_UI_LIB    ERR_LIB_UI       /* 40 */
 
 #define ERR_R_NESTED_ASN1_ERROR			58
 #define ERR_R_BAD_ASN1_OBJECT_HEADER		59

crypto/err/openssl.ec

@@ -26,6 +26,7 @@ L RAND		crypto/rand/rand.h		crypto/rand/rand_err.c
 L DSO		crypto/dso/dso.h		crypto/dso/dso_err.c
 L ENGINE	crypto/engine/engine.h		crypto/engine/engine_err.c
 L OCSP		crypto/ocsp/ocsp.h		crypto/ocsp/ocsp_err.c
+L UI		crypto/ui/ui.h			crypto/ui/ui_err.c
 
 # additional header files to be scanned for function names
 L NONE		crypto/x509/x509_vfy.h		NONE

crypto/evp/evp_key.c

@@ -61,6 +61,7 @@
 #include <openssl/x509.h>
 #include <openssl/objects.h>
 #include <openssl/evp.h>
+#include <openssl/ui.h>
 
 /* should be init to zeros. */
 static char prompt_string[80];
@@ -86,13 +87,21 @@ char *EVP_get_pw_prompt(void)
  * this function will fail */
 int EVP_read_pw_string(char *buf, int len, const char *prompt, int verify)
 	{
-#ifndef OPENSSL_NO_DES
+	int ret;
+	char buff[BUFSIZ];
+	UI *ui;
+
 	if ((prompt == NULL) && (prompt_string[0] != '\0'))
 		prompt=prompt_string;
-	return(des_read_pw_string(buf,len,prompt,verify));
-#else
-	return -1;
-#endif
+	ui = UI_new();
+	UI_add_input_string(ui,prompt,0,buf,0,(len>=BUFSIZ)?BUFSIZ-1:len);
+	if (verify)
+		UI_add_verify_string(ui,prompt,0,
+			buff,0,(len>=BUFSIZ)?BUFSIZ-1:len,buf);
+	ret = UI_process(ui);
+	UI_free(ui);
+	memset(buff,0,BUFSIZ);
+	return ret;
 	}
 
 int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md, 

crypto/stack/safestack.h

@@ -744,6 +744,26 @@ STACK_OF(type) \
 #define sk_SXNETID_pop(st) SKM_sk_pop(SXNETID, (st))
 #define sk_SXNETID_sort(st) SKM_sk_sort(SXNETID, (st))
 
+#define sk_UI_STRING_new(st) SKM_sk_new(UI_STRING, (st))
+#define sk_UI_STRING_new_null() SKM_sk_new_null(UI_STRING)
+#define sk_UI_STRING_free(st) SKM_sk_free(UI_STRING, (st))
+#define sk_UI_STRING_num(st) SKM_sk_num(UI_STRING, (st))
+#define sk_UI_STRING_value(st, i) SKM_sk_value(UI_STRING, (st), (i))
+#define sk_UI_STRING_set(st, i, val) SKM_sk_set(UI_STRING, (st), (i), (val))
+#define sk_UI_STRING_zero(st) SKM_sk_zero(UI_STRING, (st))
+#define sk_UI_STRING_push(st, val) SKM_sk_push(UI_STRING, (st), (val))
+#define sk_UI_STRING_unshift(st, val) SKM_sk_unshift(UI_STRING, (st), (val))
+#define sk_UI_STRING_find(st, val) SKM_sk_find(UI_STRING, (st), (val))
+#define sk_UI_STRING_delete(st, i) SKM_sk_delete(UI_STRING, (st), (i))
+#define sk_UI_STRING_delete_ptr(st, ptr) SKM_sk_delete_ptr(UI_STRING, (st), (ptr))
+#define sk_UI_STRING_insert(st, val, i) SKM_sk_insert(UI_STRING, (st), (val), (i))
+#define sk_UI_STRING_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(UI_STRING, (st), (cmp))
+#define sk_UI_STRING_dup(st) SKM_sk_dup(UI_STRING, st)
+#define sk_UI_STRING_pop_free(st, free_func) SKM_sk_pop_free(UI_STRING, (st), (free_func))
+#define sk_UI_STRING_shift(st) SKM_sk_shift(UI_STRING, (st))
+#define sk_UI_STRING_pop(st) SKM_sk_pop(UI_STRING, (st))
+#define sk_UI_STRING_sort(st) SKM_sk_sort(UI_STRING, (st))
+
 #define sk_X509_new(st) SKM_sk_new(X509, (st))
 #define sk_X509_new_null() SKM_sk_new_null(X509)
 #define sk_X509_free(st) SKM_sk_free(X509, (st))

crypto/ui/Makefile.ssl

+#
+# OpenSSL/crypto/ui/Makefile
+#
+
+DIR=	ui
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKE=		make -f Makefile.ssl
+MAKEDEPPROG=	makedepend
+MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=	Makefile.ssl
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST= uitest.c
+APPS=
+
+COMPATSRC= ui_compat.c
+COMPATOBJ= ui_compat.o
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= ui_err.c ui_lib.c ui_openssl.c $(COMPATSRC)
+LIBOBJ= ui_err.o ui_lib.o ui_openssl.o $(COMPATOBJ)
+
+SRC= $(LIBSRC)
+
+EXHEADER= ui.h
+HEADER=	$(EXHEADER) ui_locl.h
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB)
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+	@$(TOP)/util/point.sh Makefile.ssl Makefile
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@for i in $(EXHEADER) ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	$(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+ui_compat.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+ui_compat.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+ui_compat.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+ui_compat.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ui_compat.o: ../../include/openssl/ui.h ui_compat.c
+ui_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+ui_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+ui_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+ui_err.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+ui_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ui_err.o: ../../include/openssl/ui.h ui_err.c
+ui_lib.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+ui_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+ui_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+ui_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+ui_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ui_lib.o: ../../include/openssl/ui.h ui_lib.c ui_locl.h
+ui_openssl.o: ../../e_os.h ../../include/openssl/bio.h
+ui_openssl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+ui_openssl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+ui_openssl.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+ui_openssl.o: ../../include/openssl/opensslv.h
+ui_openssl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ui_openssl.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+ui_openssl.o: ../cryptlib.h ui_locl.h ui_openssl.c

crypto/ui/ui.h

+/* crypto/ui/ui.h -*- mode:C; c-file-style: "eay" -*- */
+/* Written by Richard Levitte (levitte@stacken.kth.se) for the OpenSSL
+ * project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_UI_H
+#define HEADER_UI_H
+
+#include <openssl/crypto.h>
+#include <openssl/safestack.h>
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/* The UI type is a holder for a specific user interface session.  It can
+   contain an illimited number of informational or error strings as well
+   as things to prompt for, both passwords (noecho mode) and others (echo
+   mode), and verification of the same.  All of these are called strings,
+   and are further described below. */
+typedef struct ui_st UI;
+
+/* All instances of UI have a reference to a method structure, which is a
+   ordered vector of functions that implement the lower level things to do.
+   There is an instruction on the implementation further down, in the section
+   for method implementors. */
+typedef struct ui_method_st UI_METHOD;
+
+
+/* All the following functions return -1 or NULL on error.  When everything is
+   fine, they return 0, a positive value or a non-NULL pointer, all depending
+   on their purpose. */
+
+/* Creators and destructor.   */
+UI *UI_new(void);
+UI *UI_new_method(const UI_METHOD *method);
+void UI_free(UI *ui);
+
+/* The following functions are used to add strings to be printed and prompt
+   strings to prompt for data.  The names are UI_{add,dup}_<function>_string,
+   with the following meanings:
+	add	add a text or prompt string.  The pointers given to these
+		functions are used verbatim, no copying is done.
+	dup	make a copy of the text or prompt string, then add the copy
+		to the collection of strings in the user interface.
+	<function>
+		The function is a name for the functionality that the given
+		string shall be used for.  It can be one of:
+			input	use the string as data prompt.
+			verify	use the string as verification prompt.  This
+				is used to verify a previous input.
+			info	use the string for informational output.
+			error	use the string for error output.
+   Honestly, there's currently no difference between info and error for the
+   moment.
+
+   All of the functions in this group take a UI and a string.  The input and
+   verify addition functions also take an echo flag, a buffer for the result
+   to end up with, a minimum input size and a maximum input size (the result
+   buffer MUST be large enough to be able to contain the maximum number of
+   characters).  Additionally, the verify addition functions takes another
+   buffer to compare the result against.
+
+   On success, the all return an index of the added information.  That index
+   is usefull when retrieving results with UI_get0_result(). */
+int UI_add_input_string(UI *ui, const char *prompt, int echo_p,
+	char *result_buf, int minsize, int maxsize);
+int UI_dup_input_string(UI *ui, const char *prompt, int echo_p,
+	char *result_buf, int minsize, int maxsize);
+int UI_add_verify_string(UI *ui, const char *prompt, int echo_p,
+	char *result_buf, int minsize, int maxsize, const char *test_buf);
+int UI_dup_verify_string(UI *ui, const char *prompt, int echo_p,
+	char *result_buf, int minsize, int maxsize, const char *test_buf);
+int UI_add_info_string(UI *ui, const char *text);
+int UI_dup_info_string(UI *ui, const char *text);
+int UI_add_error_string(UI *ui, const char *text);
+int UI_dup_error_string(UI *ui, const char *text);
+
+/* Return the result associated with a prompt given with the index i. */
+const char *UI_get0_result(UI *ui, int i);
+
+/* When all strings have been added, process the whole thing. */
+int UI_process(UI *ui);
+
+/* Some methods may use extra data */
+#define UI_set_app_data(s,arg)         UI_set_ex_data(s,0,arg)
+#define UI_get_app_data(s)             UI_get_ex_data(s,0)
+int UI_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+	CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
+int UI_set_ex_data(UI *r,int idx,void *arg);
+void *UI_get_ex_data(UI *r, int idx);
+
+/* Use specific methods instead of the built-in one */
+void UI_set_default_method(const UI_METHOD *meth);
+const UI_METHOD *UI_get_default_method(void);
+const UI_METHOD *UI_get_method(UI *ui);
+const UI_METHOD *UI_set_method(UI *ui, const UI_METHOD *meth);
+
+/* The method with all the built-in thingies */
+UI_METHOD *UI_OpenSSL(void);
+
+
+/* ---------- For method writers ---------- */
+/* A method contains a number of functions that implement the low level
+   of the User Interface.  The functions are:
+
+	an opener	This function starts a session, maybe by opening
+			a channel to a tty, or by opening a window.
+	a writer	This function is called to write a given string,
+			maybe to the tty, maybe as a field label in a
+			window.
+	a reader	This function is called to read a given prompt,
+			maybe from the tty, maybe from a field in a
+			window.  Note that it's called wth all string
+			structures, not only the prompt ones, so it must
+			check such things itself.
+	a closer	This function closes the session, maybe by closing
+			the channel to the tty, or closing the window.
+
+   The way this is used, the opener is first called, then the writer for all
+   strings, then the reader for all strings and finally the closer.  Note that
+   if you want to prompt from a terminal or other command line interface, the
+   best is to have the reader also write the prompts instead of having the
+   writer do it.
+   All method functions take a UI as argument.  Additionally, the writer and
+   the reader take a UI_STRING. */
+
+/* The UI_STRING type is the data structure that contains all the needed info
+   about a string or a prompt, including test data for a verification prompt.
+*/
+DECLARE_STACK_OF(UI_STRING)
+typedef struct ui_string_st UI_STRING;
+
+/* The different types of strings that are currently supported.
+   This is only needed by method authors. */
+enum UI_string_types
+	{
+	UI_NONE=0,
+	UI_STRING_ECHO,		/* Prompt for a string */
+	UI_STRING_NOECHO,	/* Prompt for a hidden string */
+	UI_VERIFY_ECHO,		/* Prompt for a string and verify */
+	UI_VERIFY_NOECHO,	/* Prompt for a hidden string and verify */
+	UI_INFO,		/* Send info to the user */
+	UI_ERROR		/* Send an error message to the user */
+	};
+
+/* Create and manipulate methods */
+UI_METHOD *UI_create_method(void);
+int UI_method_set_opener(UI_METHOD *method, int (*opener)(UI *ui));
+int UI_method_set_writer(UI_METHOD *method, int (*writer)(UI *ui, UI_STRING *uis));
+int UI_method_set_reader(UI_METHOD *method, int (*reader)(UI *ui, UI_STRING *uis));
+int UI_method_set_closer(UI_METHOD *method, int (*closer)(UI *ui));
+int (*UI_method_get_opener(UI_METHOD *method))(UI*);
+int (*UI_method_get_writer(UI_METHOD *method))(UI*,UI_STRING*);
+int (*UI_method_get_reader(UI_METHOD *method))(UI*,UI_STRING*);
+int (*UI_method_get_closer(UI_METHOD *method))(UI*);
+
+/* The following functions are helpers for method writers to access relevant
+   data from a UI_STRING. */
+
+/* Return type type of the UI_STRING */
+enum UI_string_types UI_get_string_type(UI_STRING *uis);
+/* Return the actual string to output (the prompt, info or error) */
+const char *UI_get0_output_string(UI_STRING *uis);
+/* Return the result of a prompt */
+const char *UI_get0_result_string(UI_STRING *uis);
+/* Return the string to test the result against.  Only useful with verifies. */
+const char *UI_get0_test_string(UI_STRING *uis);
+/* Return the required minimum size of the result */
+int UI_get_result_minsize(UI_STRING *uis);
+/* Return the required maximum size of the result */
+int UI_get_result_maxsize(UI_STRING *uis);
+/* Set the result of a UI_STRING. */
+int UI_set_result(UI_STRING *uis, char *result);
+
+
+/* BEGIN ERROR CODES */
+/* The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_UI_strings(void);
+
+/* Error codes for the UI functions. */
+
+/* Function codes. */
+#define UI_F_GENERAL_ALLOCATE_STRING			 100
+#define UI_F_UI_DUP_ERROR_STRING			 101
+#define UI_F_UI_DUP_INFO_STRING				 102
+#define UI_F_UI_DUP_INPUT_STRING			 103
+#define UI_F_UI_DUP_VERIFY_STRING			 106
+#define UI_F_UI_GET0_RESULT				 107
+#define UI_F_UI_NEW_METHOD				 104
+#define UI_F_UI_SET_RESULT				 105
+
+/* Reason codes. */
+#define UI_R_INDEX_TOO_LARGE				 102
+#define UI_R_INDEX_TOO_SMALL				 103
+#define UI_R_RESULT_TOO_LARGE				 100
+#define UI_R_RESULT_TOO_SMALL				 101
+
+#ifdef  __cplusplus
+}
+#endif
+#endif

crypto/ui/ui_compat.c

+/* crypto/ui/ui_compat.c */ /* This was previously crypto/des/read2pwd.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <openssl/des.h>
+#include <openssl/ui.h>
+
+int des_read_password(des_cblock *key, const char *prompt, int verify)
+	{
+	int ok;
+	char buf[BUFSIZ],buff[BUFSIZ];
+	UI *ui;
+
+	ui = UI_new();
+	UI_add_input_string(ui,prompt,0,buf,0,BUFSIZ-1);
+	if (verify)
+		UI_add_verify_string(ui,prompt,0,buff,0,BUFSIZ-1,buf);
+	if ((ok=UI_process(ui)) == 0)
+		des_string_to_key(buf,key);
+	UI_free(ui);
+	memset(buf,0,BUFSIZ);
+	memset(buff,0,BUFSIZ);
+	return(ok);
+	}
+
+int des_read_2passwords(des_cblock *key1, des_cblock *key2, const char *prompt,
+	     int verify)
+	{
+	int ok;
+	char buf[BUFSIZ],buff[BUFSIZ];
+	UI *ui;
+
+	ui = UI_new();
+	UI_add_input_string(ui,prompt,0,buf,0,BUFSIZ-1);
+	if (verify)
+		UI_add_verify_string(ui,prompt,0,buff,0,BUFSIZ-1,buf);
+	if ((ok=UI_process(ui)) == 0)
+		des_string_to_2keys(buf,key1,key2);
+	UI_free(ui);
+	memset(buf,0,BUFSIZ);
+	memset(buff,0,BUFSIZ);
+	return(ok);
+	}

crypto/ui/ui_err.c

+/* crypto/ui/ui_err.c */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/* NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include <openssl/ui.h>
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+static ERR_STRING_DATA UI_str_functs[]=
+	{
+{ERR_PACK(0,UI_F_GENERAL_ALLOCATE_STRING,0),	"GENERAL_ALLOCATE_STRING"},
+{ERR_PACK(0,UI_F_UI_DUP_ERROR_STRING,0),	"UI_dup_error_string"},
+{ERR_PACK(0,UI_F_UI_DUP_INFO_STRING,0),	"UI_dup_info_string"},
+{ERR_PACK(0,UI_F_UI_DUP_INPUT_STRING,0),	"UI_dup_input_string"},
+{ERR_PACK(0,UI_F_UI_DUP_VERIFY_STRING,0),	"UI_dup_verify_string"},
+{ERR_PACK(0,UI_F_UI_GET0_RESULT,0),	"UI_get0_result"},
+{ERR_PACK(0,UI_F_UI_NEW_METHOD,0),	"UI_new_method"},
+{ERR_PACK(0,UI_F_UI_SET_RESULT,0),	"UI_set_result"},
+{0,NULL}
+	};
+
+static ERR_STRING_DATA UI_str_reasons[]=
+	{
+{UI_R_INDEX_TOO_LARGE                    ,"index too large"},
+{UI_R_INDEX_TOO_SMALL                    ,"index too small"},
+{UI_R_RESULT_TOO_LARGE                   ,"result too large"},
+{UI_R_RESULT_TOO_SMALL                   ,"result too small"},
+{0,NULL}
+	};
+
+#endif
+
+void ERR_load_UI_strings(void)
+	{
+	static int init=1;
+
+	if (init)
+		{
+		init=0;
+#ifndef OPENSSL_NO_ERR
+		ERR_load_strings(ERR_LIB_UI,UI_str_functs);
+		ERR_load_strings(ERR_LIB_UI,UI_str_reasons);
+#endif
+
+		}
+	}

crypto/ui/ui_lib.c

+/* crypto/ui/ui_lib.c -*- mode:C; c-file-style: "eay" -*- */
+/* Written by Richard Levitte (levitte@stacken.kth.se) for the OpenSSL
+ * project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <string.h>
+
+#include <openssl/ui.h>
+#include <openssl/err.h>
+#include "ui_locl.h"
+
+IMPLEMENT_STACK_OF(UI_STRING_ST)
+
+static const UI_METHOD *default_UI_meth=NULL;
+static int ui_meth_num=0;
+static STACK_OF(CRYPTO_EX_DATA_FUNCS) *ui_meth=NULL;
+
+UI *UI_new(void)
+	{
+	return(UI_new_method(NULL));
+	}
+
+UI *UI_new_method(const UI_METHOD *method)
+	{
+	UI *ret;
+
+	ret=(UI *)OPENSSL_malloc(sizeof(UI));
+	if (ret == NULL)
+		{
+		UIerr(UI_F_UI_NEW_METHOD,ERR_R_MALLOC_FAILURE);
+		return NULL;
+		}
+	if (method == NULL)
+		ret->meth=UI_get_default_method();
+	else
+		ret->meth=method;
+
+	ret->strings=NULL;
+	return ret;
+	}
+
+static void free_string(void *data)
+	{
+	UI_STRING *uis = (UI_STRING *)data;
+	if (uis->flags & OUT_STRING_FREEABLE)
+		OPENSSL_free((char *)uis->out_string);
+	OPENSSL_free(uis);
+	}
+
+void UI_free(UI *ui)
+	{
+	sk_UI_STRING_pop_free(ui->strings,free_string);
+	OPENSSL_free(ui);
+	}
+
+static int allocate_string_stack(UI *ui)
+	{
+	if (ui->strings == NULL)
+		{
+		ui->strings=sk_UI_STRING_new_null();
+		if (ui->strings == NULL)
+			{
+			return -1;
+			}
+		}
+	return 0;
+	}
+
+static int general_allocate_string(UI *ui, const char *prompt,
+	int prompt_freeable, enum UI_string_types type,
+	char *result_buf, int minsize, int maxsize, const char *test_buf)
+	{
+	int ret=-1;
+
+	if (prompt == NULL)
+		{
+		UIerr(UI_F_GENERAL_ALLOCATE_STRING,ERR_R_PASSED_NULL_PARAMETER);
+		}
+	else if (allocate_string_stack(ui) >= 0)
+		{
+		UI_STRING *s=(UI_STRING *)OPENSSL_malloc(sizeof(UI_STRING));
+		s->out_string=prompt;
+		s->flags=prompt_freeable ? OUT_STRING_FREEABLE : 0;
+		s->type=type;
+		s->result_buf=result_buf;
+		s->result_minsize=minsize;
+		s->result_maxsize=maxsize;
+		s->test_buf=test_buf;
+		ret=sk_UI_STRING_push(ui->strings, s);
+		}
+	return ret;
+	}
+
+/* Returns the index to the place in the stack or 0 for error.  Uses a
+   direct reference to the prompt.  */
+int UI_add_input_string(UI *ui, const char *prompt, int echo_p,
+	char *result_buf, int minsize, int maxsize)
+	{
+	return general_allocate_string(ui, prompt, 0,
+		echo_p?UI_STRING_ECHO:UI_STRING_NOECHO,
+		result_buf, minsize, maxsize, NULL);
+	}
+
+/* Same as UI_add_input_string(), excepts it takes a copy of the prompt */
+int UI_dup_input_string(UI *ui, const char *prompt, int echo_p,
+	char *result_buf, int minsize, int maxsize)
+	{
+	char *prompt_copy=NULL;
+
+	if (prompt)
+		{
+		prompt_copy=strdup(prompt);
+		if (prompt_copy == NULL)
+			{
+			UIerr(UI_F_UI_DUP_INPUT_STRING,ERR_R_MALLOC_FAILURE);
+			return 0;
+			}
+		}
+	
+	return general_allocate_string(ui, prompt, 1,
+		echo_p?UI_STRING_ECHO:UI_STRING_NOECHO,
+		result_buf, minsize, maxsize, NULL);
+	}
+
+int UI_add_verify_string(UI *ui, const char *prompt, int echo_p,
+	char *result_buf, int minsize, int maxsize, const char *test_buf)
+	{
+	return general_allocate_string(ui, prompt, 0,
+		echo_p?UI_VERIFY_ECHO:UI_VERIFY_NOECHO,
+		result_buf, minsize, maxsize, test_buf);
+	}
+
+int UI_dup_verify_string(UI *ui, const char *prompt, int echo_p,
+	char *result_buf, int minsize, int maxsize, const char *test_buf)
+	{
+	char *prompt_copy=NULL;
+
+	if (prompt)
+		{
+		prompt_copy=strdup(prompt);
+		if (prompt_copy == NULL)
+			{
+			UIerr(UI_F_UI_DUP_VERIFY_STRING,ERR_R_MALLOC_FAILURE);
+			return -1;
+			}
+		}
+	
+	return general_allocate_string(ui, prompt, 1,
+		echo_p?UI_VERIFY_ECHO:UI_VERIFY_NOECHO,
+		result_buf, minsize, maxsize, test_buf);
+	}
+
+int UI_add_info_string(UI *ui, const char *text)
+	{
+	return general_allocate_string(ui, text, 0, UI_INFO, NULL, 0, 0, NULL);
+	}
+
+int UI_dup_info_string(UI *ui, const char *text)
+	{
+	char *text_copy=NULL;
+
+	if (text)
+		{
+		text_copy=strdup(text);
+		if (text_copy == NULL)
+			{
+			UIerr(UI_F_UI_DUP_INFO_STRING,ERR_R_MALLOC_FAILURE);
+			return -1;
+			}
+		}
+
+	return general_allocate_string(ui, text, 1, UI_INFO, NULL, 0, 0, NULL);
+	}
+
+int UI_add_error_string(UI *ui, const char *text)
+	{
+	return general_allocate_string(ui, text, 0, UI_ERROR, NULL, 0, 0,
+		NULL);
+	}
+
+int UI_dup_error_string(UI *ui, const char *text)
+	{
+	char *text_copy=NULL;
+
+	if (text)
+		{
+		text_copy=strdup(text);
+		if (text_copy == NULL)
+			{
+			UIerr(UI_F_UI_DUP_ERROR_STRING,ERR_R_MALLOC_FAILURE);
+			return -1;
+			}
+		}
+	return general_allocate_string(ui, text_copy, 1, UI_ERROR, NULL, 0, 0,
+		NULL);
+	}
+
+const char *UI_get0_result(UI *ui, int i)
+	{
+	if (i < 0)
+		{
+		UIerr(UI_F_UI_GET0_RESULT,UI_R_INDEX_TOO_SMALL);
+		return NULL;
+		}
+	if (i >= sk_UI_STRING_num(ui->strings))
+		{
+		UIerr(UI_F_UI_GET0_RESULT,UI_R_INDEX_TOO_LARGE);
+		return NULL;
+		}
+	return UI_get0_result_string(sk_UI_STRING_value(ui->strings, i));
+	}
+
+int UI_process(UI *ui)
+	{
+	int i, ok=0;
+
+	if (ui->meth->ui_open_session && !ui->meth->ui_open_session(ui))
+		return -1;
+
+	for(i=0; i<sk_UI_STRING_num(ui->strings); i++)
+		{
+		if (ui->meth->ui_write_string
+			&& !ui->meth->ui_write_string(ui,
+				sk_UI_STRING_value(ui->strings, i)))
+			{
+			ok=-1;
+			goto err;
+			}
+		}
+
+	for(i=0; i<sk_UI_STRING_num(ui->strings); i++)
+		{
+		if (ui->meth->ui_read_string
+			&& !ui->meth->ui_read_string(ui,
+				sk_UI_STRING_value(ui->strings, i)))
+			{
+			ok=-1;
+			goto err;
+			}
+		}
+ err:
+	if (ui->meth->ui_close_session && !ui->meth->ui_close_session(ui))
+		return -1;
+	return ok;
+	}
+
+int UI_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+	     CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
+        {
+	ui_meth_num++;
+	return(CRYPTO_get_ex_new_index(ui_meth_num-1,
+		&ui_meth,argl,argp,new_func,dup_func,free_func));
+        }
+
+int UI_set_ex_data(UI *r, int idx, void *arg)
+	{
+	return(CRYPTO_set_ex_data(&r->ex_data,idx,arg));
+	}
+
+void *UI_get_ex_data(UI *r, int idx)
+	{
+	return(CRYPTO_get_ex_data(&r->ex_data,idx));
+	}
+
+void UI_set_default_method(const UI_METHOD *meth)
+	{
+	default_UI_meth=meth;
+	}
+
+const UI_METHOD *UI_get_default_method(void)
+	{
+	if (default_UI_meth == NULL)
+		{
+		default_UI_meth=UI_OpenSSL();
+		}
+	return default_UI_meth;
+	}
+
+const UI_METHOD *UI_get_method(UI *ui)
+	{
+	return ui->meth;
+	}
+
+const UI_METHOD *UI_set_method(UI *ui, const UI_METHOD *meth)
+	{
+	ui->meth=meth;
+	return ui->meth;
+	}
+
+
+UI_METHOD *UI_create_method(void)
+	{
+	return (UI_METHOD *)OPENSSL_malloc(sizeof(UI_METHOD));
+	}
+
+int UI_method_set_opener(UI_METHOD *method, int (*opener)(UI *ui))
+	{
+	if (method)
+		{
+		method->ui_open_session = opener;
+		return 0;
+		}
+	else
+		return -1;
+	}
+
+int UI_method_set_writer(UI_METHOD *method, int (*writer)(UI *ui, UI_STRING *uis))
+	{
+	if (method)
+		{
+		method->ui_write_string = writer;
+		return 0;
+		}
+	else
+		return -1;
+	}
+
+int UI_method_set_reader(UI_METHOD *method, int (*reader)(UI *ui, UI_STRING *uis))
+	{
+	if (method)
+		{
+		method->ui_read_string = reader;
+		return 0;
+		}
+	else
+		return -1;
+	}
+
+int UI_method_set_closer(UI_METHOD *method, int (*closer)(UI *ui))
+	{
+	if (method)
+		{
+		method->ui_close_session = closer;
+		return 0;
+		}
+	else
+		return -1;
+	}
+
+int (*UI_method_get_opener(UI_METHOD *method))(UI*)
+	{
+	if (method)
+		return method->ui_open_session;
+	else
+		return NULL;
+	}
+
+int (*UI_method_get_writer(UI_METHOD *method))(UI*,UI_STRING*)
+	{
+	if (method)
+		return method->ui_write_string;
+	else
+		return NULL;
+	}
+
+int (*UI_method_get_reader(UI_METHOD *method))(UI*,UI_STRING*)
+	{
+	if (method)
+		return method->ui_read_string;
+	else
+		return NULL;
+	}
+
+int (*UI_method_get_closer(UI_METHOD *method))(UI*)
+	{
+	if (method)
+		return method->ui_close_session;
+	else
+		return NULL;
+	}
+
+enum UI_string_types UI_get_string_type(UI_STRING *uis)
+	{
+	if (!uis)
+		return UI_NONE;
+	return uis->type;
+	}
+
+const char *UI_get0_output_string(UI_STRING *uis)
+	{
+	if (!uis)
+		return NULL;
+	return uis->out_string;
+	}
+
+const char *UI_get0_result_string(UI_STRING *uis)
+	{
+	if (!uis)
+		return NULL;
+	switch(uis->type)
+		{
+	case UI_STRING_ECHO:
+	case UI_STRING_NOECHO:
+	case UI_VERIFY_ECHO:
+	case UI_VERIFY_NOECHO:
+		return uis->result_buf;
+	default:
+		return NULL;
+		}
+	}
+
+const char *UI_get0_test_string(UI_STRING *uis)
+	{
+	if (!uis)
+		return NULL;
+	return uis->test_buf;
+	}
+
+int UI_get_result_minsize(UI_STRING *uis)
+	{
+	if (!uis)
+		return -1;
+	return uis->result_minsize;
+	}
+
+int UI_get_result_maxsize(UI_STRING *uis)
+	{
+	if (!uis)
+		return -1;
+	return uis->result_maxsize;
+	}
+
+int UI_set_result(UI_STRING *uis, char *result)
+	{
+	int l = strlen(result);
+
+	if (!uis)
+		return -1;
+	if (l < uis->result_minsize)
+		{
+		UIerr(UI_F_UI_SET_RESULT,UI_R_RESULT_TOO_SMALL);
+		return -1;
+		}
+	if (l > uis->result_maxsize)
+		{
+		UIerr(UI_F_UI_SET_RESULT,UI_R_RESULT_TOO_LARGE);
+		return -1;
+		}
+
+	if (!uis->result_buf)
+		{
+		uis->result_buf = OPENSSL_malloc(uis->result_maxsize+1);
+		}
+
+	if (!uis->result_buf)
+		{
+		UIerr(UI_F_UI_NEW_METHOD,ERR_R_MALLOC_FAILURE);
+		return -1;
+		}
+
+	strcpy(uis->result_buf, result);
+	return 0;
+	}

crypto/ui/ui_locl.h

+/* crypto/ui/ui.h -*- mode:C; c-file-style: "eay" -*- */
+/* Written by Richard Levitte (levitte@stacken.kth.se) for the OpenSSL
+ * project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_UI_LOCL_H
+#define HEADER_UI_LOCL_H
+
+#include <openssl/ui.h>
+
+struct ui_method_st
+	{
+	const char *name;
+
+	/* All the functions return 1 for success and 0 for failure */
+	int (*ui_open_session)(UI *ui);	/* Open whatever channel for this,
+					   be it the console, an X window
+					   or whatever.
+					   This function should use the
+					   ex_data structure to save
+					   intermediate data. */
+	int (*ui_read_string)(UI *ui, UI_STRING *uis);
+	int (*ui_write_string)(UI *ui, UI_STRING *uis);
+	int (*ui_close_session)(UI *ui);
+	};
+
+struct ui_string_st
+	{
+	const char *out_string;	/* Input */
+	enum UI_string_types type; /* Input */
+
+	/* The following parameters are completely irrelevant for UI_INFO,
+	   and can therefore be set to 0 ro NULL */
+	char *result_buf;	/* Input and Output: If not NULL, user-defined
+				   with size in result_maxsize.  Otherwise, it
+				   may be allocated by the UI routine, meaning
+				   result_minsize is going to be overwritten.*/
+	int result_minsize;	/* Input: minimum required size of the result*/
+	int result_maxsize;	/* Input: maximum permitted size of the
+				   result */
+
+	const char *test_buf;	/* Input: test string to verify against */
+
+#define OUT_STRING_FREEABLE 0x01
+	int flags;
+	};
+
+struct ui_st
+	{
+	const UI_METHOD *meth;
+	STACK_OF(UI_STRING) *strings; /* We might want to prompt for more
+					 than one thing at a time, and
+					 with different echoing status.  */
+	CRYPTO_EX_DATA ex_data;
+	};
+
+#endif

crypto/ui/ui_openssl.c

+/* crypto/ui/ui_openssl.c -*- mode:C; c-file-style: "eay" -*- */
+/* Written by Richard Levitte (levitte@stacken.kth.se) for the OpenSSL
+ * project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#if !defined(MSDOS) && !defined(VMS) && !defined(WIN32)
+#include <openssl/opensslconf.h>
+#ifdef OPENSSL_UNISTD
+# include OPENSSL_UNISTD
+#else
+# include <unistd.h>
+#endif
+/* If unistd.h defines _POSIX_VERSION, we conclude that we
+ * are on a POSIX system and have sigaction and termios. */
+#if defined(_POSIX_VERSION)
+
+# define SIGACTION
+# if !defined(TERMIOS) && !defined(TERMIO) && !defined(SGTTY)
+# define TERMIOS
+# endif
+
+#endif
+#endif
+
+/* #define SIGACTION */ /* Define this if you have sigaction() */
+
+#ifdef WIN16TTY
+#undef WIN16
+#undef _WINDOWS
+#include <graph.h>
+#endif
+
+/* 06-Apr-92 Luke Brennan    Support for VMS */
+#include "ui_locl.h"
+#include "cryptlib.h"
+#include <signal.h>
+#include <stdio.h>
+#include <string.h>
+#include <setjmp.h>
+#include <errno.h>
+
+#ifdef VMS			/* prototypes for sys$whatever */
+#include <starlet.h>
+#ifdef __DECC
+#pragma message disable DOLLARID
+#endif
+#endif
+
+#ifdef WIN_CONSOLE_BUG
+#include <windows.h>
+#include <wincon.h>
+#endif
+
+
+/* There are 5 types of terminal interface supported,
+ * TERMIO, TERMIOS, VMS, MSDOS and SGTTY
+ */
+
+#if defined(__sgi) && !defined(TERMIOS)
+#define TERMIOS
+#undef  TERMIO
+#undef  SGTTY
+#endif
+
+#if defined(linux) && !defined(TERMIO)
+#undef  TERMIOS
+#define TERMIO
+#undef  SGTTY
+#endif
+
+#ifdef _LIBC
+#undef  TERMIOS
+#define TERMIO
+#undef  SGTTY
+#endif
+
+#if !defined(TERMIO) && !defined(TERMIOS) && !defined(VMS) && !defined(MSDOS) && !defined(MAC_OS_pre_X) && !defined(MAC_OS_GUSI_SOURCE)
+#undef  TERMIOS
+#undef  TERMIO
+#define SGTTY
+#endif
+
+#ifdef TERMIOS
+#include <termios.h>
+#define TTY_STRUCT		struct termios
+#define TTY_FLAGS		c_lflag
+#define	TTY_get(tty,data)	tcgetattr(tty,data)
+#define TTY_set(tty,data)	tcsetattr(tty,TCSANOW,data)
+#endif
+
+#ifdef TERMIO
+#include <termio.h>
+#define TTY_STRUCT		struct termio
+#define TTY_FLAGS		c_lflag
+#define TTY_get(tty,data)	ioctl(tty,TCGETA,data)
+#define TTY_set(tty,data)	ioctl(tty,TCSETA,data)
+#endif
+
+#ifdef SGTTY
+#include <sgtty.h>
+#define TTY_STRUCT		struct sgttyb
+#define TTY_FLAGS		sg_flags
+#define TTY_get(tty,data)	ioctl(tty,TIOCGETP,data)
+#define TTY_set(tty,data)	ioctl(tty,TIOCSETP,data)
+#endif
+
+#if !defined(_LIBC) && !defined(MSDOS) && !defined(VMS) && !defined(MAC_OS_pre_X)
+#include <sys/ioctl.h>
+#endif
+
+#ifdef MSDOS
+#include <conio.h>
+#define fgets(a,b,c) noecho_fgets(a,b,c)
+#endif
+
+#ifdef VMS
+#include <ssdef.h>
+#include <iodef.h>
+#include <ttdef.h>
+#include <descrip.h>
+struct IOSB {
+	short iosb$w_value;
+	short iosb$w_count;
+	long  iosb$l_info;
+	};
+#endif
+
+#if defined(MAC_OS_pre_X) || defined(MAC_OS_GUSI_SOURCE)
+/*
+ * This one needs work. As a matter of fact the code is unoperational
+ * and this is only a trick to get it compiled.
+ *					<appro@fy.chalmers.se>
+ */
+#define TTY_STRUCT int
+#endif
+
+#ifndef NX509_SIG
+#define NX509_SIG 32
+#endif
+
+
+/* Define globals.  They are protected by a lock */
+#ifdef SIGACTION
+static struct sigaction savsig[NX509_SIG];
+#else
+static void (*savsig[NX509_SIG])(int );
+#endif
+static jmp_buf save;
+
+#ifdef VMS
+static struct IOSB iosb;
+static $DESCRIPTOR(terminal,"TT");
+static long tty_orig[3], tty_new[3];
+static long status;
+static unsigned short channel = 0;
+#else
+#ifndef MSDOS
+static TTY_STRUCT tty_orig,tty_new;
+#endif
+#endif
+static FILE *tty;
+static int is_a_tty;
+
+/* Declare static functions */
+static void read_till_nl(FILE *);
+static void recsig(int);
+static void pushsig(void);
+static void popsig(void);
+#if defined(MSDOS) && !defined(WIN16)
+static int noecho_fgets(char *buf, int size, FILE *tty);
+#endif
+static int read_string_inner(UI *ui, UI_STRING *uis, int echo);
+
+static int read_string(UI *ui, UI_STRING *uis);
+
+static int open_console(UI *ui);
+static int echo_console(UI *ui);
+static int noecho_console(UI *ui);
+static int close_console(UI *ui);
+
+static UI_METHOD ui_openssl =
+	{
+	"OpenSSL default user interface",
+	open_console,
+	read_string,
+	NULL,			/* The reader function writes as well */
+	close_console,
+	};
+
+/* The method with all the built-in thingies */
+UI_METHOD *UI_OpenSSL(void)
+	{
+	return &ui_openssl;
+	}
+
+static int read_string(UI *ui, UI_STRING *uis)
+	{
+	switch (UI_get_string_type(uis))
+		{
+	case UI_VERIFY_NOECHO:
+		fprintf(tty,"Verifying - %s",
+			UI_get0_output_string(uis));
+		fflush(tty);
+		if (read_string_inner(ui, uis, 0) == 0)
+			return 0;
+		if (strcmp(UI_get0_result_string(uis),
+			UI_get0_test_string(uis)) != 0)
+			{
+			fprintf(tty,"Verify failure\n");
+			fflush(tty);
+			return 0;
+			}
+		break;
+	case UI_VERIFY_ECHO:
+		fprintf(tty,"Verifying - %s",
+			UI_get0_output_string(uis));
+		fflush(tty);
+		if (read_string_inner(ui, uis, 1) == 0)
+			return 0;
+		if (strcmp(UI_get0_result_string(uis),
+			UI_get0_test_string(uis)) != 0)
+			{
+			fprintf(tty,"Verify failure\n");
+			fflush(tty);
+			return 0;
+			}
+		break;
+	case UI_STRING_NOECHO:
+		fputs(UI_get0_output_string(uis), tty);
+		fflush(tty);
+		return read_string_inner(ui, uis, 0);
+	case UI_STRING_ECHO:
+		fputs(UI_get0_output_string(uis), tty);
+		fflush(tty);
+		return read_string_inner(ui, uis, 1);
+	default:
+		fputs(UI_get0_output_string(uis), tty);
+		fflush(tty);
+		break;
+		}
+	return 1;
+	}
+
+
+/* Internal functions to read a string without echoing */
+static void read_till_nl(FILE *in)
+	{
+#define SIZE 4
+	char buf[SIZE+1];
+
+	do	{
+		fgets(buf,SIZE,in);
+		} while (strchr(buf,'\n') == NULL);
+	}
+
+static int read_string_inner(UI *ui, UI_STRING *uis, int echo)
+	{
+	static int ps;
+	int ok;
+	char *result = OPENSSL_malloc(BUFSIZ);
+	int maxsize = BUFSIZ-1;
+
+#ifndef WIN16
+	if (setjmp(save))
+		{
+		ok=0;
+		goto error;
+		}
+	ok=0;
+	ps=0;
+
+	pushsig();
+	ps=1;
+
+	if (!echo) noecho_console(ui);
+	ps=2;
+
+	while (!ok)
+		{
+		char *p;
+
+		result[0]='\0';
+		fgets(result,maxsize,tty);
+		if (feof(tty)) goto error;
+		if (ferror(tty)) goto error;
+		if ((p=(char *)strchr(result,'\n')) != NULL)
+			*p='\0';
+		else	read_till_nl(tty);
+		if (UI_set_result(uis, result) >= 0)
+			ok=1;
+		}
+
+error:
+	if (!echo) fprintf(tty,"\n");
+	if (ps >= 2 && !echo)
+		echo_console(ui);
+
+	if (ps >= 1)
+		popsig();
+#else
+	memset(result,0,BUFSIZ);
+	ok=1;
+#endif
+
+	OPENSSL_free(result);
+	return ok;
+	}
+
+
+/* Internal functions to open, handle and close a channel to the console.  */
+static int open_console(UI *ui)
+	{
+	CRYPTO_w_lock(CRYPTO_LOCK_UI);
+	is_a_tty = 1;
+
+#ifdef MSDOS
+	if ((tty=fopen("con","w+")) == NULL)
+		tty=stdin;
+#elif defined(MAC_OS_pre_X)
+	tty=stdin;
+#else
+	if ((tty=fopen("/dev/tty","w+")) == NULL)
+		tty=stdin;
+#endif
+
+#if defined(TTY_get) && !defined(VMS)
+	if (TTY_get(fileno(tty),&tty_orig) == -1)
+		{
+#ifdef ENOTTY
+		if (errno == ENOTTY)
+			is_a_tty=0;
+		else
+#endif
+#ifdef EINVAL
+		/* Ariel Glenn ariel@columbia.edu reports that solaris
+		 * can return EINVAL instead.  This should be ok */
+		if (errno == EINVAL)
+			is_a_tty=0;
+		else
+#endif
+			return 0;
+		}
+#endif
+#ifdef VMS
+	status = sys$assign(&terminal,&channel,0,0);
+	if (status != SS$_NORMAL)
+		return 0;
+	status=sys$qiow(0,channel,IO$_SENSEMODE,&iosb,0,0,tty_orig,12,0,0,0,0);
+	if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL))
+		return 0;
+#endif
+	return 1;
+	}
+
+static int noecho_console(UI *ui)
+	{
+#ifdef TTY_FLAGS
+	memcpy(&(tty_new),&(tty_orig),sizeof(tty_orig));
+	tty_new.TTY_FLAGS &= ~ECHO;
+#endif
+
+#if defined(TTY_set) && !defined(VMS)
+	if (is_a_tty && (TTY_set(fileno(tty),&tty_new) == -1))
+		return 0;
+#endif
+#ifdef VMS
+	tty_new[0] = tty_orig[0];
+	tty_new[1] = tty_orig[1] | TT$M_NOECHO;
+	tty_new[2] = tty_orig[2];
+	status = sys$qiow(0,channel,IO$_SETMODE,&iosb,0,0,tty_new,12,0,0,0,0);
+	if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL))
+		return 0;
+#endif
+	return 1;
+	}
+
+static int echo_console(UI *ui)
+	{
+#if defined(TTY_set) && !defined(VMS)
+	memcpy(&(tty_new),&(tty_orig),sizeof(tty_orig));
+	tty_new.TTY_FLAGS |= ECHO;
+#endif
+
+#if defined(TTY_set) && !defined(VMS)
+	if (is_a_tty && (TTY_set(fileno(tty),&tty_new) == -1))
+		return 0;
+#endif
+#ifdef VMS
+	tty_new[0] = tty_orig[0];
+	tty_new[1] = tty_orig[1] & ~TT$M_NOECHO;
+	tty_new[2] = tty_orig[2];
+	status = sys$qiow(0,channel,IO$_SETMODE,&iosb,0,0,tty_new,12,0,0,0,0);
+	if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL))
+		return 0;
+#endif
+	return 1;
+	}
+
+static int close_console(UI *ui)
+	{
+	if (stdin != tty) fclose(tty);
+#ifdef VMS
+	status = sys$dassgn(channel);
+#endif
+	CRYPTO_w_unlock(CRYPTO_LOCK_UI);
+
+	return 1;
+	}
+
+
+/* Internal functions to handle signals and act on them */
+static void pushsig(void)
+	{
+	int i;
+#ifdef SIGACTION
+	struct sigaction sa;
+
+	memset(&sa,0,sizeof sa);
+	sa.sa_handler=recsig;
+#endif
+
+	for (i=1; i<NX509_SIG; i++)
+		{
+#ifdef SIGUSR1
+		if (i == SIGUSR1)
+			continue;
+#endif
+#ifdef SIGUSR2
+		if (i == SIGUSR2)
+			continue;
+#endif
+#ifdef SIGKILL
+		if (i == SIGKILL) /* We can't make any action on that. */
+			continue;
+#endif
+#ifdef SIGACTION
+		sigaction(i,&sa,&savsig[i]);
+#else
+		savsig[i]=signal(i,recsig);
+#endif
+		}
+
+#ifdef SIGWINCH
+	signal(SIGWINCH,SIG_DFL);
+#endif
+	}
+
+static void popsig(void)
+	{
+	int i;
+
+	for (i=1; i<NX509_SIG; i++)
+		{
+#ifdef SIGUSR1
+		if (i == SIGUSR1)
+			continue;
+#endif
+#ifdef SIGUSR2
+		if (i == SIGUSR2)
+			continue;
+#endif
+#ifdef SIGACTION
+		sigaction(i,&savsig[i],NULL);
+#else
+		signal(i,savsig[i]);
+#endif
+		}
+	}
+
+static void recsig(int i)
+	{
+	longjmp(save,1);
+#ifdef LINT
+	i=i;
+#endif
+	}
+
+
+/* Internal functions specific for Windows */
+#if defined(MSDOS) && !defined(WIN16)
+static int noecho_fgets(char *buf, int size, FILE *tty)
+	{
+	int i;
+	char *p;
+
+	p=buf;
+	for (;;)
+		{
+		if (size == 0)
+			{
+			*p='\0';
+			break;
+			}
+		size--;
+#ifdef WIN16TTY
+		i=_inchar();
+#else
+		i=getch();
+#endif
+		if (i == '\r') i='\n';
+		*(p++)=i;
+		if (i == '\n')
+			{
+			*p='\0';
+			break;
+			}
+		}
+#ifdef WIN_CONSOLE_BUG
+/* Win95 has several evil console bugs: one of these is that the
+ * last character read using getch() is passed to the next read: this is
+ * usually a CR so this can be trouble. No STDIO fix seems to work but
+ * flushing the console appears to do the trick.
+ */
+		{
+			HANDLE inh;
+			inh = GetStdHandle(STD_INPUT_HANDLE);
+			FlushConsoleInputBuffer(inh);
+		}
+#endif
+	return(strlen(buf));
+	}
+#endif

makevms.com

@@ -424,7 +424,7 @@ $ SDIRS := ,MD2,MD4,MD5,SHA,MDC2,HMAC,RIPEMD,-
    DES,RC2,RC4,RC5,IDEA,BF,CAST,-
    BN,EC,RSA,DSA,DH,DSO,ENGINE,RIJNDAEL,-
    BUFFER,BIO,STACK,LHASH,RAND,ERR,OBJECTS,-
-   EVP,ASN1,PEM,X509,X509V3,CONF,TXT_DB,PKCS7,PKCS12,COMP,OCSP
+   EVP,ASN1,PEM,X509,X509V3,CONF,TXT_DB,PKCS7,PKCS12,COMP,OCSP,UI
 $ EXHEADER_ := crypto.h,tmdiff.h,opensslv.h,opensslconf.h,ebcdic.h,symhacks.h
 $ EXHEADER_MD2 := md2.h
 $ EXHEADER_MD4 := md4.h
@@ -466,6 +466,7 @@ $ EXHEADER_PKCS7 := pkcs7.h
 $ EXHEADER_PKCS12 := pkcs12.h
 $ EXHEADER_COMP := comp.h
 $ EXHEADER_OCSP := ocsp.h
+$ EXHEADER_UI := ui.h
 $
 $ I = 0
 $ LOOP_SDIRS: 

util/mkdef.pl

@@ -243,6 +243,7 @@ $crypto.=" crypto/x509v3/x509v3.h";
 $crypto.=" crypto/rand/rand.h";
 $crypto.=" crypto/comp/comp.h" ; # unless $no_comp;
 $crypto.=" crypto/ocsp/ocsp.h";
+$crypto.=" crypto/ui/ui.h";
 $crypto.=" crypto/tmdiff.h";
 
 my $symhacks="crypto/symhacks.h";