Hi,
On 29-10-17 16:57, James Bottomley wrote:
> On Sun, 2017-10-29 at 23:15 +0800, Antonio Quartulli wrote:
>> James,
>>
>> could you please resend a full patch, so to have a better overview of
>> the whole change?
>
> Sure thing. It's below.
Feature makes sense, so feature-ACK. An early question though:
> --- a/src/openvpn/crypto_openssl.c
> +++ b/src/openvpn/crypto_openssl.c
> @@ -969,4 +969,59 @@ hmac_ctx_final(HMAC_CTX *ctx, uint8_t *dst)
> HMAC_Final(ctx, dst, &in_hmac_len);
> }
>
> +#ifdef HAVE_OPENSSL_ENGINE
> +static int
> +ui_read(UI *ui, UI_STRING *uis)
> +{
> + SSL_CTX *ctx = UI_get0_user_data(ui);
> +
> + if (UI_get_string_type(uis) == UIT_PROMPT) {
> + pem_password_cb *cb = SSL_CTX_get_default_passwd_cb(ctx);
> + void *d = SSL_CTX_get_default_passwd_cb_userdata(ctx);
> + char password[64];
> +
> + cb(password, sizeof(password), 0, d);
> + UI_set_result(ui, uis, password);
> +
> + return 1;
> + }
> + return 0;
> +}
> +#endif
This looks like it should use our user query wrappers from (e.g.)
console.h. David, you're the expert here, what should James use to
query for passwords?
-Steffan
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
