Hi, Has anyone got patches to add password agent support to openvpn? I don't see any patches in Fedora at least.
I've got a user whose reporting that they cannot enable this option in their openvpn setup. >From what I cant tell from a brief inspection it's just a matter of hacking the get_console_input() method, although this is used to get both username and password on occasions which the password agent stuff doesn't really support. It would seem like a relatively trivial thing to support (optionally asking for username) so it seems odd to me that it's left out of the spec when it could so simply have been included even if it wouldn't have been used for the current use cases. Can someone explain: a) If username should be added and support added to openvpn to use this mechanism for password auth and certificate password input. b) If username should not be added and this is just totally insane generally - and if so, why. FWIW, it seems that "stdin" is used for a few things in openvpn: 1. OK confirmation (it seems that any input from the user would do) 2. A "response" from a challenge. 3. A username+password combo. 4. A pkcs11 "pin" (or the word 'cancel' which is lame but could probably be done more gracefully with agents). These do all seem to fall within what could be argued as valid uses for the password agent system, albeit they are extending it somewhat. Thoughts on how best to solve this problem greatly appreciated. Col -- Colin Guthrie gmane(at)colin.guthr.ie http://colin.guthr.ie/ Day Job: Tribalogic Limited http://www.tribalogic.net/ Open Source: Mageia Contributor http://www.mageia.org/ PulseAudio Hacker http://www.pulseaudio.org/ Trac Hacker http://trac.edgewall.org/ _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
