Hi, On 29-10-17 16:57, James Bottomley wrote: > On Sun, 2017-10-29 at 23:15 +0800, Antonio Quartulli wrote: >> James, >> >> could you please resend a full patch, so to have a better overview of >> the whole change? > > Sure thing. It's below.
Feature makes sense, so feature-ACK. An early question though: > --- a/src/openvpn/crypto_openssl.c > +++ b/src/openvpn/crypto_openssl.c > @@ -969,4 +969,59 @@ hmac_ctx_final(HMAC_CTX *ctx, uint8_t *dst) > HMAC_Final(ctx, dst, &in_hmac_len); > } > > +#ifdef HAVE_OPENSSL_ENGINE > +static int > +ui_read(UI *ui, UI_STRING *uis) > +{ > + SSL_CTX *ctx = UI_get0_user_data(ui); > + > + if (UI_get_string_type(uis) == UIT_PROMPT) { > + pem_password_cb *cb = SSL_CTX_get_default_passwd_cb(ctx); > + void *d = SSL_CTX_get_default_passwd_cb_userdata(ctx); > + char password[64]; > + > + cb(password, sizeof(password), 0, d); > + UI_set_result(ui, uis, password); > + > + return 1; > + } > + return 0; > +} > +#endif This looks like it should use our user query wrappers from (e.g.) console.h. David, you're the expert here, what should James use to query for passwords? -Steffan ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel