Message ID | 20190510121114.30468-2-arne@rfc2549.org |
---|---|
State | Accepted |
Delegated to: | David Sommerseth |
Headers | show |
Series | Auth token patches v3 | expand |
On 10/05/2019 14:11, Arne Schwabe wrote: > This change is preperation for changing the way --genkey works. > --- > src/openvpn/crypto.c | 13 +++++++++++-- > src/openvpn/tls_crypt.c | 13 +++++++++++-- > 2 files changed, 22 insertions(+), 4 deletions(-) > > diff --git a/src/openvpn/crypto.c b/src/openvpn/crypto.c > index ff9dbfdc..eb56421b 100644 > --- a/src/openvpn/crypto.c > +++ b/src/openvpn/crypto.c > @@ -1465,8 +1465,13 @@ write_key_file(const int nkeys, const char *filename) > > buf_printf(&out, "%s\n", static_key_foot); > > + /* write key file to stdout if no filename given */ > + if (!filename || strcmp(filename, "")==0) > + { > + printf("%s\n", BPTR(&out)); > + } > /* write key file, now formatted in out, to file */ > - if (!buffer_write_file(filename, &out)) > + else if (!buffer_write_file(filename, &out)) > { > nbits = -1; > } > @@ -1870,7 +1875,11 @@ write_pem_key_file(const char *filename, const char *pem_name) > goto cleanup; > } > > - if (!buffer_write_file(filename, &server_key_pem)) > + if (!filename || strcmp(filename, "")==0) > + { > + printf("%s\n", BPTR(&server_key_pem)); > + } > + else if (!buffer_write_file(filename, &server_key_pem)) > { > msg(M_ERR, "ERROR: could not write key file"); > goto cleanup; > diff --git a/src/openvpn/tls_crypt.c b/src/openvpn/tls_crypt.c > index d6a82252..e8889e93 100644 > --- a/src/openvpn/tls_crypt.c > +++ b/src/openvpn/tls_crypt.c > @@ -697,7 +697,16 @@ tls_crypt_v2_write_client_key_file(const char *filename, > goto cleanup; > } > > - if (!buffer_write_file(filename, &client_key_pem)) > + const char *client_filename = filename; > + const char *client_inline = NULL; > + > + if (!filename || streq(filename, "")) > + { > + printf("%s\n", BPTR(&client_key_pem)); > + client_filename = INLINE_FILE_TAG; > + client_inline = (const char *)BPTR(&client_key_pem); > + } > + else if (!buffer_write_file(filename, &client_key_pem)) > { > msg(M_FATAL, "ERROR: could not write client key file"); > goto cleanup; > @@ -708,7 +717,7 @@ tls_crypt_v2_write_client_key_file(const char *filename, > struct buffer test_wrapped_client_key; > msg(D_GENKEY, "Testing client-side key loading..."); > tls_crypt_v2_init_client_key(&test_client_key, &test_wrapped_client_key, > - filename, NULL); > + client_filename, client_inline); > free_key_ctx_bi(&test_client_key); > > /* Sanity check: unwrap and load client key (as "server") */ > Acked-By: David Sommerseth <davids@openvpn.net>
Your patch has been applied to the master branch. (No further review done on my side, just basic compile / make check) commit f636d11ff50658c18e0b90b20d641dc54b63e517 Author: Arne Schwabe Date: Fri May 10 14:11:08 2019 +0200 Write key to stdout if filename is not given Acked-by: David Sommerseth <davids@openvpn.net> Message-Id: <20190510121114.30468-2-arne@rfc2549.org> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg18445.html Signed-off-by: Gert Doering <gert@greenie.muc.de> -- kind regards, Gert Doering
diff --git a/src/openvpn/crypto.c b/src/openvpn/crypto.c index ff9dbfdc..eb56421b 100644 --- a/src/openvpn/crypto.c +++ b/src/openvpn/crypto.c @@ -1465,8 +1465,13 @@ write_key_file(const int nkeys, const char *filename) buf_printf(&out, "%s\n", static_key_foot); + /* write key file to stdout if no filename given */ + if (!filename || strcmp(filename, "")==0) + { + printf("%s\n", BPTR(&out)); + } /* write key file, now formatted in out, to file */ - if (!buffer_write_file(filename, &out)) + else if (!buffer_write_file(filename, &out)) { nbits = -1; } @@ -1870,7 +1875,11 @@ write_pem_key_file(const char *filename, const char *pem_name) goto cleanup; } - if (!buffer_write_file(filename, &server_key_pem)) + if (!filename || strcmp(filename, "")==0) + { + printf("%s\n", BPTR(&server_key_pem)); + } + else if (!buffer_write_file(filename, &server_key_pem)) { msg(M_ERR, "ERROR: could not write key file"); goto cleanup; diff --git a/src/openvpn/tls_crypt.c b/src/openvpn/tls_crypt.c index d6a82252..e8889e93 100644 --- a/src/openvpn/tls_crypt.c +++ b/src/openvpn/tls_crypt.c @@ -697,7 +697,16 @@ tls_crypt_v2_write_client_key_file(const char *filename, goto cleanup; } - if (!buffer_write_file(filename, &client_key_pem)) + const char *client_filename = filename; + const char *client_inline = NULL; + + if (!filename || streq(filename, "")) + { + printf("%s\n", BPTR(&client_key_pem)); + client_filename = INLINE_FILE_TAG; + client_inline = (const char *)BPTR(&client_key_pem); + } + else if (!buffer_write_file(filename, &client_key_pem)) { msg(M_FATAL, "ERROR: could not write client key file"); goto cleanup; @@ -708,7 +717,7 @@ tls_crypt_v2_write_client_key_file(const char *filename, struct buffer test_wrapped_client_key; msg(D_GENKEY, "Testing client-side key loading..."); tls_crypt_v2_init_client_key(&test_client_key, &test_wrapped_client_key, - filename, NULL); + client_filename, client_inline); free_key_ctx_bi(&test_client_key); /* Sanity check: unwrap and load client key (as "server") */