Until now, when HTTP proxy user and password were specified inline,
it was assumed that both creds were specified. A missing password would
result in an empty password being stored.
This behaviour is not ideal, as we want to allow the user to store the
username, but let the password be entered via stdin.
This affects both http proxy and authentication inline'd creds.
Signed-off-by: Antonio Quartulli <a...@unstable.cc>
---
Changes.rst | 4 +++-
src/openvpn/misc.c | 5 +++++
2 files changed, 8 insertions(+), 1 deletion(-)
diff --git a/Changes.rst b/Changes.rst
index 2967533a..2daa97fb 100644
--- a/Changes.rst
+++ b/Changes.rst
@@ -89,7 +89,9 @@ Data channel offloading with ovpn-dco
Inline auth username and password
Username and password can now be specified inline in the configuration file
- within the <auth-user-pass></auth-user-pass> tags.
+ within the <auth-user-pass></auth-user-pass> tags. If the password is
+ missing OpenVPN will prompt for input via stdin. This applies to inline'd
+ http-proxy-user-pass too.
Deprecated features
diff --git a/src/openvpn/misc.c b/src/openvpn/misc.c
index 07f6e202..50f7f975 100644
--- a/src/openvpn/misc.c
+++ b/src/openvpn/misc.c
@@ -197,6 +197,11 @@ get_user_pass_cr(struct user_pass *up,
buf_parse(&buf, '\n', up->username, USER_PASS_LEN);
}
buf_parse(&buf, '\n', up->password, USER_PASS_LEN);
+
+ if (strlen(up->password) == 0)
+ {
+ password_from_stdin = 1;
+ }
}
/*
* Read from auth file unless this is a dynamic challenge request.
--
2.35.1
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
