[Openvpn-devel,v2,1/2] Move querying username/password from management to a function

Message ID 1585591527-23734-1-git-send-email-selva.nair@gmail.com
State Accepted
Headers show
Series
  • [Openvpn-devel,v2,1/2] Move querying username/password from management to a function
Related show

Commit Message

Selva Nair March 30, 2020, 6:05 p.m.
From: Selva Nair <selva.nair@gmail.com>

This helps the next patch. No functionality changes, only
refactoring.

Signed-off-by: Selva Nair <selva.nair@gmail.com>
---
No changes from v1

 src/openvpn/misc.c | 54 ++++++++++++++++++++++++++++++++++--------------------
 1 file changed, 34 insertions(+), 20 deletions(-)

Comments

Gert Doering April 3, 2020, 8:12 a.m. | #1
Your patch has been applied to the master branch.

Stared-at-code, test compiled on linux and MinGW.  Really just moving
code, though "git show --colour-moved=zebra" does not really want to
show it.

I've tried to apply it to release/2.4 (as it's a prerequisite for 
the next patch, which I consider a bugfix) but there are massive
merge conflicts due to #ifdef ENABLE_CLIENT_CR and #ifdef ENABLE_CRYPTO
still present.  So if you could send a backport of both 1v2 + 2v2 to
2.4 (possibly as a joint patch?), as soon as both are merged, that would 
be appreciated.

Acked-by: Gert Doering <gert@greenie.muc.de>

commit 8e5d30cf47da63040114c00eab838bbb1c520781 (master)
Author: Selva Nair
Date:   Mon Mar 30 14:05:26 2020 -0400

     Move querying username/password from management to a function

     Signed-off-by: Selva Nair <selva.nair@gmail.com>
     Acked-by: Gert Doering <gert@greenie.muc.de>
     Message-Id: <1585591527-23734-1-git-send-email-selva.nair@gmail.com>
     URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg19656.html
     Signed-off-by: Gert Doering <gert@greenie.muc.de>


--
kind regards,

Gert Doering

Patch

diff --git a/src/openvpn/misc.c b/src/openvpn/misc.c
index 1931149..0d5ac30 100644
--- a/src/openvpn/misc.c
+++ b/src/openvpn/misc.c
@@ -116,6 +116,38 @@  hostname_randomize(const char *hostname, struct gc_arena *gc)
 #undef n_rnd_bytes
 }
 
+#ifdef ENABLE_MANAGEMENT
+/* Get username/password from the management interface */
+static bool
+auth_user_pass_mgmt(struct user_pass *up, const char *prefix, const unsigned int flags,
+                    const char *auth_challenge)
+{
+    const char *sc = NULL;
+
+    if (flags & GET_USER_PASS_PREVIOUS_CREDS_FAILED)
+    {
+        management_auth_failure(management, prefix, "previous auth credentials failed");
+    }
+
+    if (auth_challenge && (flags & GET_USER_PASS_STATIC_CHALLENGE))
+    {
+        sc = auth_challenge;
+    }
+    if (!management_query_user_pass(management, up, prefix, flags, sc))
+    {
+        if ((flags & GET_USER_PASS_NOFATAL) != 0)
+        {
+            return false;
+        }
+        else
+        {
+            msg(M_FATAL, "ERROR: could not read %s username/password/ok/string from management interface", prefix);
+        }
+    }
+    return true;
+}
+#endif
+
 /*
  * Get and store a username/password
  */
@@ -149,28 +181,10 @@  get_user_pass_cr(struct user_pass *up,
             && (!from_authfile && (flags & GET_USER_PASS_MANAGEMENT))
             && management_query_user_pass_enabled(management))
         {
-            const char *sc = NULL;
             response_from_stdin = false;
-
-            if (flags & GET_USER_PASS_PREVIOUS_CREDS_FAILED)
+            if (!auth_user_pass_mgmt(up, prefix, flags, auth_challenge))
             {
-                management_auth_failure(management, prefix, "previous auth credentials failed");
-            }
-
-            if (auth_challenge && (flags & GET_USER_PASS_STATIC_CHALLENGE))
-            {
-                sc = auth_challenge;
-            }
-            if (!management_query_user_pass(management, up, prefix, flags, sc))
-            {
-                if ((flags & GET_USER_PASS_NOFATAL) != 0)
-                {
-                    return false;
-                }
-                else
-                {
-                    msg(M_FATAL, "ERROR: could not read %s username/password/ok/string from management interface", prefix);
-                }
+                return false;
             }
         }
         else