Use correct length when prompting for password.

[openssl.git] / apps / apps.c

diff --git a/apps/apps.c b/apps/apps.c
index 984582111c6a7bf858b93bf9e66062c8e1606c36..b82882aa0cb08da2b5a36202fd606384b4be0267 100644 (file)
--- a/apps/apps.c
+++ b/apps/apps.c
@@ -118,7 +118,7 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
-#if !defined(OPENSSL_SYSNAME_WIN32) && !defined(NETWARE_CLIB)
+#if !defined(OPENSSL_SYSNAME_WIN32) && !defined(OPENSSL_SYSNAME_WINCE) && !defined(NETWARE_CLIB)
 #include <strings.h>
 #endif
 #include <sys/types.h>
@@ -588,12 +588,12 @@ int password_callback(char *buf, int bufsiz, int verify,
 
                if (ok >= 0)
                        ok = UI_add_input_string(ui,prompt,ui_flags,buf,
-                               PW_MIN_LENGTH,BUFSIZ-1);
+                               PW_MIN_LENGTH,bufsiz-1);
                if (ok >= 0 && verify)
                        {
                        buff = (char *)OPENSSL_malloc(bufsiz);
                        ok = UI_add_verify_string(ui,prompt,ui_flags,buff,
-                               PW_MIN_LENGTH,BUFSIZ-1, buf);
+                               PW_MIN_LENGTH,bufsiz-1, buf);
                        }
                if (ok >= 0)
                        do
@@ -2864,6 +2864,9 @@ void jpake_client_auth(BIO *out, BIO *conn, const char *secret)
 
        BIO_puts(out, "JPAKE authentication succeeded, setting PSK\n");
 
+       if (psk_key)
+               OPENSSL_free(psk_key);
+
        psk_key = BN_bn2hex(JPAKE_get_shared_key(ctx));
 
        BIO_pop(bconn);
@@ -2893,6 +2896,9 @@ void jpake_server_auth(BIO *out, BIO *conn, const char *secret)
 
        BIO_puts(out, "JPAKE authentication succeeded, setting PSK\n");
 
+       if (psk_key)
+               OPENSSL_free(psk_key);
+
        psk_key = BN_bn2hex(JPAKE_get_shared_key(ctx));
 
        BIO_pop(bconn);
@@ -2903,7 +2909,7 @@ void jpake_server_auth(BIO *out, BIO *conn, const char *secret)
 
 #endif
 
-#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
+#ifndef OPENSSL_NO_TLSEXT
 /* next_protos_parse parses a comma separated list of strings into a string
  * in a format suitable for passing to SSL_CTX_set_next_protos_advertised.
  *   outlen: (output) set to the length of the resulting buffer on success.
@@ -2945,7 +2951,7 @@ unsigned char *next_protos_parse(unsigned short *outlen, const char *in)
        *outlen = len + 1;
        return out;
        }
-#endif  /* !OPENSSL_NO_TLSEXT && !OPENSSL_NO_NEXTPROTONEG */
+#endif  /* ndef OPENSSL_NO_TLSEXT */
 
 void print_cert_checks(BIO *bio, X509 *x,
                                const unsigned char *checkhost,
@@ -3127,7 +3133,7 @@ double app_tminterval(int stop,int usertime)
 
        if (proc==NULL)
                {
-               if (GetVersion() < 0x80000000)
+               if (check_winnt())
                        proc = OpenProcess(PROCESS_QUERY_INFORMATION,FALSE,
                                                GetCurrentProcessId());
                if (proc==NULL) proc = (HANDLE)-1;