From patchwork Mon Feb 19 19:28:22 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Selva Nair X-Patchwork-Id: 3625 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7001:a416:b0:559:d8ef:cc57 with SMTP id vo22csp1421313mab; Mon, 19 Feb 2024 11:29:26 -0800 (PST) X-Forwarded-Encrypted: i=2; AJvYcCXphrVQrvWoGoVCoHxOiH+jAT1U0SWyEE2qYrZFwt+DdFLc4baNGnYW/BHv14HNBcSddOl857LxQPVddWwmrLFuPVixDzw= X-Google-Smtp-Source: AGHT+IHos8N3dDLL6VvThf+GHB2ZHhLu6snAwQdDLWz3ejD9RIMOuvYX76TeFUIF4oOmlkvN7pGX X-Received: by 2002:a05:6a20:918e:b0:1a0:b355:ceb with SMTP id v14-20020a056a20918e00b001a0b3550cebmr249720pzd.2.1708370966367; Mon, 19 Feb 2024 11:29:26 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1708370966; cv=none; d=google.com; s=arc-20160816; b=WgRAAvIU7njoZt+NJ7cRZYPioZKxdftkJSkhEJs2dKx9zCIW+fFK1hy/4oK4nTlAhY 0BbN+ZxezG3bJl4iQZb6evntQrdmYhAcKFdOF2EU1rpzhFNEuZIIVcsZZUSzGj/cpgnb d2cUSW3oWokQOicHMvykeTVlGp28aMItIh6zcHPFdhlUtexUiu9/IvT6S1AH9GtFwa9G SqDGfonex/NJPS0Zc7ODS5R+USWTDERrgE5whL9vdxCJUdmQCC7rRG4DvH374qfN8ODM zyKsEejelEfUnfhgr1cAMxBlr5IEIX3hR0ZCSPvc33/+ZGK6Rb1HpwMhg/W/WbGQPpqv LN5g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:content-transfer-encoding:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:message-id:date:to:from:dkim-signature:dkim-signature :dkim-signature; bh=y2cFxOn/pTOjuVHUuq99HIKVuo0prF3aDICVqUhE/6M=; fh=4NbAC/LsuMLI0S0hprUlLSLCiHwg6SCAifhH718Jh0Q=; b=p8hW6k2acvtfZ9P1ghZHoaaeBCL4RDVPSXDnxZm1q7z+BbVCNLcuea3nW55dY9iynB lENjknll40BK4slj2h/JluCJzLphfC66FBJ94KBDY48Zlml6U1E2bBK8yN60uDhLOsJ+ 5cmYlq/Evzs8XEWkYgAHztIUAf5PHqguvIc44Rbx04DDoJgdnAsCHUMbCLPLDRcerzCv ebY3dROVd4laseQhSMewWv6Km/JIHi5l2fDDWg56j8Q0hDJsIeatz3/Sy/GgzAJEnvhm rQqUG/GqP192fxzUA1vk4fhTALQgPCQExrL7n1ZEGPt4BGdyMY9kwyzM6ptbd3yTeGYk T6DQ==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=GX77yv0D; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=aEQw67mr; dkim=neutral (body hash did not verify) header.i=@gmail.com header.s=20230601 header.b=bVRPyzMW; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id t190-20020a625fc7000000b006e46cc24704si1175779pfb.55.2024.02.19.11.29.26 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 19 Feb 2024 11:29:26 -0800 (PST) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=GX77yv0D; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=aEQw67mr; dkim=neutral (body hash did not verify) header.i=@gmail.com header.s=20230601 header.b=bVRPyzMW; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com) by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1rc9K1-00018X-C5; Mon, 19 Feb 2024 19:29:02 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1rc9Jz-00018I-So for openvpn-devel@lists.sourceforge.net; Mon, 19 Feb 2024 19:29:00 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:Message-Id: Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=N0tdww8NNx9XedU3vsgfZ04dhnHHCfkjJj21HkoSI/A=; b=GX77yv0DKPsNI8SuahCCSu1VeT GHIlBjOFjdugdThiHSTg5AWUMxDmV8lsbHnmGK9Z/cUyrBsTUyatAwaoQsffcYOEuxsIJkLhL21WG aoK0Syn4jS/fvqd53n8Yx6P8ZIhtgSThnQ7FU7h01Ut6QOOkpV7lWIICHv2aucH3fRws=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:Message-Id:Date:Subject:Cc:To:From :Sender:Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To: References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post: List-Owner:List-Archive; bh=N0tdww8NNx9XedU3vsgfZ04dhnHHCfkjJj21HkoSI/A=; b=a EQw67mrgHZyEab8UGNDcwvWXmSMZzobTiZTau/dVJJWsnPM7qk6wVxFd8z+5xF1Lj6sAPow0gB1hP W2r1zAHFbpOtwnATmehvRZboU/3MZqmBFF21Tl4FcaxeNNpqpGw+F6BWzO+oT9Iljgn0CEW2mrCH4 euAGcpRCOL38CSjM=; Received: from mail-oi1-f176.google.com ([209.85.167.176]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.95) id 1rc9Jo-0004yM-Ts for openvpn-devel@lists.sourceforge.net; Mon, 19 Feb 2024 19:28:54 +0000 Received: by mail-oi1-f176.google.com with SMTP id 5614622812f47-3c13d065170so121716b6e.1 for ; Mon, 19 Feb 2024 11:28:50 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1708370924; x=1708975724; darn=lists.sourceforge.net; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=N0tdww8NNx9XedU3vsgfZ04dhnHHCfkjJj21HkoSI/A=; b=bVRPyzMWACOzU/KISlmREKL+roK0erbxywE/a8ee+2TkzmmRpfVhJy6/qj1DEpK8Iw NWc7jrNbIbkb8LTmaoD9tB5WEUANwOInTQRcV7zlPnxen+wqfpxugulbPJzmzGFZlivC 3fSDAeyfboiwaWZQ/k5cJ3CE5AEnWSLLRC36hLkud04nm3XU7CPOTeY0p83TXdhIVm1g S25w2X0U8Ghzer6QpS/EEc7cWeBrLNjWqx7DLCt76jWzFAgZrKtjrtL0IF2bPeo6X6Jx xjtx72F2OYtzQFe2JJTPf+Xbu0922cEjoqkrG7nKxrRpPuAAu33U6oXAvr3SW5BWlteD z/qw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708370924; x=1708975724; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=N0tdww8NNx9XedU3vsgfZ04dhnHHCfkjJj21HkoSI/A=; b=s4cF8xX1mM/+/hdJCPgL13NeB/V0JdYaL5V5ykZIx7Qq8BO92eXBeLFuxPzK6szD2x Go0HWakrHy1Mt9AywmUCRniokGA+wosy1L8QilSpLSCdJvpLJcNibnJppeJnCC0SIkjV hOXaSixlFVltk/PXaeFdqkPdumprtO5wDQvCrHrktd5Q4dXU0bwWF+2RWvwX2FCeS/k5 9k7qFQFmbOn61mvlfzNIfat9KUck5c+sCmnUP/LmTJ/R76gZ/amsGEwQSxfK7M93eR3s LdZTnHs2csTD+OBzYVvv9iahAzL6m40T8Kgu8VJ70QbDMI/tTsNYRNueMDnr+UIgzeP2 GkZw== X-Gm-Message-State: AOJu0YwX6rpLMMYGjmRn+Rzh03GBcEUrZVMJu1Ogsu3EaKXzNuPhLjDg BwhEV6SjpZaFdxHSogCGHMrVoMM9m3pIko90FzLZ4bM8AkWsC4uB3ViAEaESVpE= X-Received: by 2002:a05:6808:1511:b0:3c1:3942:d6eb with SMTP id u17-20020a056808151100b003c13942d6ebmr12549931oiw.4.1708370924403; Mon, 19 Feb 2024 11:28:44 -0800 (PST) Received: from uranus.sansel.ca ([70.48.195.131]) by smtp.gmail.com with ESMTPSA id mf4-20020a0562145d8400b0068f5de5d61csm2059022qvb.96.2024.02.19.11.28.43 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 19 Feb 2024 11:28:43 -0800 (PST) From: selva.nair@gmail.com To: openvpn-devel@lists.sourceforge.net Date: Mon, 19 Feb 2024 14:28:22 -0500 Message-Id: <20240219192822.2477258-1-selva.nair@gmail.com> X-Mailer: git-send-email 2.34.1 MIME-Version: 1.0 X-Spam-Score: -0.2 (/) X-Spam-Report: Spam detection software, running on the system "util-spamd-1.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Selva Nair Commits 7d48d31b, 39619b7f added support for inlining username and, optionally, password. Add a description of its usage in the man page. Change-Id: I7a1765661f7676eeba8016024080fd1026220ced Signed-off-by: Selva Nair --- Does this have to go through gerrit? Content analysis details: (-0.2 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider [selva.nair[at]gmail.com] -0.0 SPF_PASS SPF: sender matches SPF record -0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2) [209.85.167.176 listed in wl.mailspike.net] -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [209.85.167.176 listed in list.dnswl.org] -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.0 T_SCC_BODY_TEXT_LINE No description available. X-Headers-End: 1rc9Jo-0004yM-Ts Subject: [Openvpn-devel] [PATCH] Document that auth-user-pass may be inlined X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1791356794309101132?= X-GMAIL-MSGID: =?utf-8?q?1791356794309101132?= From: Selva Nair Commits 7d48d31b, 39619b7f added support for inlining username and, optionally, password. Add a description of its usage in the man page. Change-Id: I7a1765661f7676eeba8016024080fd1026220ced Signed-off-by: Selva Nair Acked-by: Antonio Quartulli --- Does this have to go through gerrit? doc/man-sections/client-options.rst | 11 +++++++++++ doc/man-sections/inline-files.rst | 2 +- 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/doc/man-sections/client-options.rst b/doc/man-sections/client-options.rst index b92b1a46..b75fe5bd 100644 --- a/doc/man-sections/client-options.rst +++ b/doc/man-sections/client-options.rst @@ -73,6 +73,17 @@ configuration. If ``up`` is omitted, username/password will be prompted from the console. + This option can also be inlined + :: + + + username + [password] + + + where password is optional, and will be prompted from the console if + missing. + The server configuration must specify an ``--auth-user-pass-verify`` script to verify the username/password provided by the client. diff --git a/doc/man-sections/inline-files.rst b/doc/man-sections/inline-files.rst index f46301e8..ad02c855 100644 --- a/doc/man-sections/inline-files.rst +++ b/doc/man-sections/inline-files.rst @@ -5,7 +5,7 @@ OpenVPN allows including files in the main configuration for the ``--ca``, ``--cert``, ``--dh``, ``--extra-certs``, ``--key``, ``--pkcs12``, ``--crl-verify``, ``--http-proxy-user-pass``, ``--tls-auth``, ``--auth-gen-token-secret``, ``--peer-fingerprint``, ``--tls-crypt``, -``--tls-crypt-v2`` and ``--verify-hash`` options. +``--tls-crypt-v2``, ``--verify-hash`` and ``auth-user-pass`` options. Each inline file started by the line ````