diff options
| author | Steffan Karger <steffan@karger.me> | 2015-07-15 22:13:52 +0200 |
|---|---|---|
| committer | Gert Doering <gert@greenie.muc.de> | 2015-07-21 11:41:35 +0200 |
| commit | 710bfb8aa99a591c14dfe033530a99289f943083 (patch) | |
| tree | d5116d773de154d384831e8f241f9966453b2adb | |
| parent | dda40aedfb87d77afcef52376cd3e4778ba0370b (diff) | |
| download | openvpn-710bfb8aa99a591c14dfe033530a99289f943083.tar.gz openvpn-710bfb8aa99a591c14dfe033530a99289f943083.tar.xz openvpn-710bfb8aa99a591c14dfe033530a99289f943083.zip | |
Fix using management interface to get passwords.
Commits da9b292733e929a2900dc32d37f0424c3d588366 and
315f6fbc7f657a7f1127628bd714f468709d5185 broke the use case where we are
asking password from the management client. The password is always asked
before daemonization. With this fix we avoid this and ask it via management
interface in the same spot as before the mentioned commits. Tested on Linux.
v2: This patch was first submitted by Christian Pellegrin (from Google),
and reworked by Steffan Karger (from the OpenVPN team) to also work for
setups with --management-query-passwords but without --auth-user-pass.
Signed-off-by: Steffan Karger <steffan@karger.me>
Signed-off-by: Christian Pellegrin <chripell@google.com>
Tested-by: Christian Pellegrin <chripell@google.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <55A6C46C.5080601@karger.me>
URL: http://article.gmane.org/gmane.network.openvpn.devel/9927
Signed-off-by: Gert Doering <gert@greenie.muc.de>
(cherry picked from commit d4fbe287fc2ddbef05fdfe22adc641859a8a7412)
| -rw-r--r-- | src/openvpn/openvpn.c | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/src/openvpn/openvpn.c b/src/openvpn/openvpn.c index d05acde..32e326e 100644 --- a/src/openvpn/openvpn.c +++ b/src/openvpn/openvpn.c @@ -229,8 +229,12 @@ openvpn_main (int argc, char *argv[]) if (do_test_crypto (&c.options)) break; - /* Query passwords before becoming a daemon */ - init_query_passwords (&c); + /* Query passwords before becoming a daemon if we don't use the + * management interface to get them. */ +#ifdef ENABLE_MANAGEMENT + if (!(c.options.management_flags & MF_QUERY_PASSWORDS)) +#endif + init_query_passwords (&c); /* become a daemon if --daemon */ if (c.first_time) @@ -243,6 +247,9 @@ openvpn_main (int argc, char *argv[]) /* open management subsystem */ if (!open_management (&c)) break; + /* query for passwords through management interface, if needed */ + if (c.options.management_flags & MF_QUERY_PASSWORDS) + init_query_passwords (&c); #endif /* set certain options as environmental variables */ |