From patchwork Tue Feb 20 17:52:15 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Selva Nair <selva.nair@gmail.com>
X-Patchwork-Id: 3626
Return-Path: <openvpn-devel-bounces@lists.sourceforge.net>
Delivered-To: patchwork@openvpn.net
Received: by 2002:a05:7001:a416:b0:559:d8ef:cc57 with SMTP id
 vo22csp1969971mab;
        Tue, 20 Feb 2024 09:54:40 -0800 (PST)
X-Forwarded-Encrypted: i=2;
 AJvYcCUD0ygiJHEmFLR3cZfYJ/wI3WD4jcsMyUZMAPbelq/dxBRv8hNGFuAz7an73imGAJG/3jaQvjdxuY2TZEzutA0O6Qcq+G8=
X-Google-Smtp-Source: 
 AGHT+IHOTnps6l9CUZIgp66cRH7paNJCgAlsS/8b64dwPxL26xmHCkCW84/UNk/YYTkMVSPJJTlE
X-Received: by 2002:a05:6a21:999a:b0:1a0:b46e:3f18 with SMTP id
 ve26-20020a056a21999a00b001a0b46e3f18mr2718295pzb.2.1708451680051;
        Tue, 20 Feb 2024 09:54:40 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1708451680; cv=none;
        d=google.com; s=arc-20160816;
        b=LxdvBmcLcwT9nx3Wnqlbnvs/4SnK6rHHtwn+flVYaaJiaMOMW6ZVGdk9hMzvmJMV1G
         Ml1gNJYnc5JER5VVTx2b5d70Ak5dxnuIRIBJ/SSRTCQ6JJBzvyR/OPRb5zVJPCK4R9Dg
         xDtMUgkP+VFfQO37wVapCES0I1ZShXV4TfZ2+BqazSD+udwJXs35JfS0AP6WfjrePu/B
         BLZHu2FY3hq9a3eFJCl/AwB5t45sPHbPQ/zioqnFgLi8dLkYBoGgt7d/t4KtS5wo9ajj
         20Pixxwv3WFyG7TI4RgABBHqN6Tch46HwbPBivPiqznBhGYPneeFCxZMedOIYy3lsUrz
         TumQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=errors-to:content-transfer-encoding:list-subscribe:list-help
         :list-post:list-archive:list-unsubscribe:list-id:precedence:subject
         :mime-version:references:in-reply-to:message-id:date:to:from
         :dkim-signature:dkim-signature:dkim-signature;
        bh=zvQH2Ured4WKmGvhw2bCJIWUIgyYEMi/YMrM7ZyiCzE=;
        fh=4NbAC/LsuMLI0S0hprUlLSLCiHwg6SCAifhH718Jh0Q=;
        b=q7y6+hPeFQcR8dwnP05A77HAx5UAerLwG9tH8sk3coRrJsxf7UxYfxMU8T2ytZzDId
         8O8qRezC79ka86XRc33ELddSi7R+gPeP/DUZ2WOjpSTrVDqnnWlOcnzhNBGjzshTHN6n
         jZDYSR07TYw73JfifcTOJ5M7ie6+n5Yc2qK8ABwauNxrLE/spTQ3BZLDVRGi5hiP7uwo
         9p2qxlFxNebVDyFErDBwXaDoATrAvmjZ7eu+tCVoORWKeGFkoiRLJtb72xDVBc5XRcsH
         DML5FTPmtvqLkdlHy8FByONm3SSoi2gdA55WfTKnieNY6B16TL5Rt2CSkNiEQtvlPAxq
         NtmA==;
        dara=google.com
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=neutral (body hash did not verify) header.i=@sourceforge.net
 header.s=x header.b=CcjogT2h;
       dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x
 header.b=Cn+kO7Qs;
       dkim=neutral (body hash did not verify) header.i=@gmail.com
 header.s=20230601 header.b=M8G3t8Dh;
       spf=pass (google.com: domain of
 openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
 permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net;
       dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7])
        by mx.google.com with ESMTPS id
 f7-20020a056a00238700b006e11d34903csi6707491pfc.344.2024.02.20.09.54.39
        (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);
        Tue, 20 Feb 2024 09:54:40 -0800 (PST)
Received-SPF: pass (google.com: domain of
 openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
 permitted sender) client-ip=216.105.38.7;
Authentication-Results: mx.google.com;
       dkim=neutral (body hash did not verify) header.i=@sourceforge.net
 header.s=x header.b=CcjogT2h;
       dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x
 header.b=Cn+kO7Qs;
       dkim=neutral (body hash did not verify) header.i=@gmail.com
 header.s=20230601 header.b=M8G3t8Dh;
       spf=pass (google.com: domain of
 openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
 permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net;
       dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com)
	by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.95)
	(envelope-from <openvpn-devel-bounces@lists.sourceforge.net>)
	id 1rcUJq-00008U-DI;
	Tue, 20 Feb 2024 17:54:15 +0000
Received: from [172.30.20.202] (helo=mx.sourceforge.net)
 by sfs-ml-2.v29.lw.sourceforge.com with esmtps (TLS1.2) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95)
 (envelope-from <selva.nair@gmail.com>) id 1rcUJo-00008E-D5
 for openvpn-devel@lists.sourceforge.net;
 Tue, 20 Feb 2024 17:54:12 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
 d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References:
 In-Reply-To:Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:
 Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:
 Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:
 List-Subscribe:List-Post:List-Owner:List-Archive;
 bh=LbcyI3Y4cuLzbaNa7UyfeP42/XNuPHcbCW7+dOc55WI=; b=CcjogT2ho8O7A6Dum5gX9oCnWT
 zdUKg5XYxESgx06MWwfDjn9xCw/QyZ4H9gmVORx98I9zHciVZDXYtfYtNvXUwNxKJnUDBUsZ39iIJ
 pD/KkAKEcS5THEQ8IvK1cay4vusDduiYPIJAX2OD/ORJA2YpvKrvkWgBkeOCP6FWTRPU=;
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x
 ;
 h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-Id:
 Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID:
 Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
 :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
 List-Post:List-Owner:List-Archive;
 bh=LbcyI3Y4cuLzbaNa7UyfeP42/XNuPHcbCW7+dOc55WI=; b=Cn+kO7QsTuqfGWiYCM0UAwh/ZM
 WZZf5rUwg2+smlJtOt9m+UDNynUf6SdCI8jBsGTbyvutZ+rBS311CC7VdC79wHWSQhTgaQ0M7TVSt
 wwneXK5IQN9FjAETg/BRCIIdJQkbQqdQUjoSFN+Dwv5/hPipB326KcpspKhhZ4tDpHnw=;
Received: from mail-yb1-f176.google.com ([209.85.219.176])
 by sfi-mx-2.v28.lw.sourceforge.com with esmtps
 (TLS1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.95)
 id 1rcUJj-0001af-B4 for openvpn-devel@lists.sourceforge.net;
 Tue, 20 Feb 2024 17:54:12 +0000
Received: by mail-yb1-f176.google.com with SMTP id
 3f1490d57ef6-d9beb86634dso1350659276.1
 for <openvpn-devel@lists.sourceforge.net>;
 Tue, 20 Feb 2024 09:54:08 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=gmail.com; s=20230601; t=1708451643; x=1709056443;
 darn=lists.sourceforge.net;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=LbcyI3Y4cuLzbaNa7UyfeP42/XNuPHcbCW7+dOc55WI=;
 b=M8G3t8DhYFFH1W2VMO1+akZSrK/2Pr7GRvxBXRrJ/4RD0msr0DxlhfH4MaxkfELx+M
 dhbtbFwIRI7govmMBvq/jaJGFxkm2v6QCIJGOIj8SLmC2quUED4nQM5D5kfluzoIM4es
 xEsg69/mCGiiLIbQfZCw1v2lpX23AaPtFOUw8pIJbYC5UjQN5nn5ve8DHTUP0IpTC5eX
 Gsrt16TsbteTsFpyXngmJFZqxOWLqywc4DoM81vpr/9yu/vT5JpWIc3WBv6Up7M4PGT3
 XR5k2fH3wiaSy2eJrYR3Ms5LQtUJPt3PFRx69YUDLo9PRyJKnFP9S5AsJ1jBfc8gt8jg
 cpdw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1708451643; x=1709056443;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
 :subject:date:message-id:reply-to;
 bh=LbcyI3Y4cuLzbaNa7UyfeP42/XNuPHcbCW7+dOc55WI=;
 b=EfPZ/C49ELXn8/rZ4loOZ8GwSazrF1TIrtVMpKTDyuY5lFgzP/PsYJrD0MtXWKTLpa
 XStATLQciUMn9spxwgfjApOHRyjePjzDcdCDL59oRa0+yRN/NgcSu9o+CWjqKkb3rJ0Q
 S6khZRnEUoiHt3AEdvml22WrHe3Sc9uHCEvbI3k6V66m+ySnIWs1Z7iG6mCbgUHA6HuB
 azkeX57AuyKkDHpM/w72b/Sm+5+75roRCMwX0qdQOV5JpRX77yUTBZ+2p9PFO8qYO7Ds
 HUFzbR2IfDf2GykWWT3CnCSquEg7FEZJbx3IzINY1NRGCeRB8r2TtzgPRJkURqNQd7t+
 hq4w==
X-Gm-Message-State: AOJu0YwRJvav7qYZnNn9aqBAYeNwALPmkBh05Rb4fE/hHDMezC5bIdsE
 XS4texDtAQ4IuHdSntRhcgLipND0L0ZC107B3Ywi/ervRKgy637tjzzC9KuLRkA=
X-Received: by 2002:a25:2f96:0:b0:dc7:4aa8:865a with SMTP id
 v144-20020a252f96000000b00dc74aa8865amr7545014ybv.3.1708451642782;
 Tue, 20 Feb 2024 09:54:02 -0800 (PST)
Received: from uranus.sansel.ca ([70.48.195.131])
 by smtp.gmail.com with ESMTPSA id
 u20-20020ae9c014000000b0078775b4cbd2sm912017qkk.92.2024.02.20.09.54.02
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Tue, 20 Feb 2024 09:54:02 -0800 (PST)
From: selva.nair@gmail.com
To: openvpn-devel@lists.sourceforge.net
Date: Tue, 20 Feb 2024 12:52:15 -0500
Message-Id: <20240220175215.2731491-1-selva.nair@gmail.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20240219192822.2477258-1-selva.nair@gmail.com>
References: <20240219192822.2477258-1-selva.nair@gmail.com>
MIME-Version: 1.0
X-Spam-Score: -0.2 (/)
X-Spam-Report: Spam detection software,
 running on the system "util-spamd-1.v13.lw.sourceforge.com",
 has NOT identified this incoming email as spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 the administrator of that system for details.
 Content preview:  From: Selva Nair Commits 7d48d31b, 39619b7f added support
 for inlining username and, optionally, password. Add a description of its
 usage in the man page. Github: resolves OpenVPN/openvpn#370
 Content analysis details:   (-0.2 points, 6.0 required)
 pts rule name              description
 ---- ----------------------
 --------------------------------------------------
 -0.0 RCVD_IN_DNSWL_NONE     RBL: Sender listed at https://www.dnswl.org/,
 no trust [209.85.219.176 listed in list.dnswl.org]
 0.0 FREEMAIL_FROM          Sender email is commonly abused enduser mail
 provider [selva.nair[at]gmail.com]
 -0.0 SPF_PASS               SPF: sender matches SPF record
 0.0 SPF_HELO_NONE          SPF: HELO does not publish an SPF Record
 -0.0 RCVD_IN_MSPIKE_H2      RBL: Average reputation (+2)
 [209.85.219.176 listed in wl.mailspike.net]
 -0.1 DKIM_VALID_AU          Message has a valid DKIM or DK signature from
 author's domain
 0.1 DKIM_SIGNED            Message has a DKIM or DK signature,
 not necessarily
 valid
 -0.1 DKIM_VALID_EF          Message has a valid DKIM or DK signature from
 envelope-from domain
 -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
 -0.0 T_SCC_BODY_TEXT_LINE   No description available.
X-Headers-End: 1rcUJj-0001af-B4
Subject: [Openvpn-devel] [PATCH v2] Document that auth-user-pass may be
 inlined
X-BeenThere: openvpn-devel@lists.sourceforge.net
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <openvpn-devel.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/options/openvpn-devel>,
 <mailto:openvpn-devel-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: 
 <http://sourceforge.net/mailarchive/forum.php?forum_name=openvpn-devel>
List-Post: <mailto:openvpn-devel@lists.sourceforge.net>
List-Help: <mailto:openvpn-devel-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/openvpn-devel>,
 <mailto:openvpn-devel-request@lists.sourceforge.net?subject=subscribe>
Errors-To: openvpn-devel-bounces@lists.sourceforge.net
X-getmail-retrieved-from-mailbox: Inbox
X-GMAIL-THRID: =?utf-8?q?1791356794309101132?=
X-GMAIL-MSGID: =?utf-8?q?1791441428579347276?=

From: Selva Nair <selva.nair@gmail.com>

Commits 7d48d31b, 39619b7f added support for inlining username
and, optionally, password.
Add a description of its usage in the man page.

Github: resolves OpenVPN/openvpn#370

Change-Id: I7a1765661f7676eeba8016024080fd1026220ced
Signed-off-by: Selva Nair <selva.nair@gmail.com>
Acked-by: Antonio Quartulli <a@unstable.cc>
---
v2: Add '--' prefix when referring to auth-user-pass
and mention related github issue
 doc/man-sections/client-options.rst | 11 +++++++++++
 doc/man-sections/inline-files.rst   |  2 +-
 2 files changed, 12 insertions(+), 1 deletion(-)

diff --git a/doc/man-sections/client-options.rst b/doc/man-sections/client-options.rst
index b92b1a46..b75fe5bd 100644
--- a/doc/man-sections/client-options.rst
+++ b/doc/man-sections/client-options.rst
@@ -73,6 +73,17 @@ configuration.
   If ``up`` is omitted, username/password will be prompted from the
   console.
 
+  This option can also be inlined
+  ::
+
+    <auth-user-pass>
+    username
+    [password]
+    </auth-user-pass>
+
+  where password is optional, and will be prompted from the console if
+  missing.
+
   The server configuration must specify an ``--auth-user-pass-verify``
   script to verify the username/password provided by the client.
 
diff --git a/doc/man-sections/inline-files.rst b/doc/man-sections/inline-files.rst
index f46301e8..4dba73c9 100644
--- a/doc/man-sections/inline-files.rst
+++ b/doc/man-sections/inline-files.rst
@@ -5,7 +5,7 @@ OpenVPN allows including files in the main configuration for the ``--ca``,
 ``--cert``, ``--dh``, ``--extra-certs``, ``--key``, ``--pkcs12``,
 ``--crl-verify``, ``--http-proxy-user-pass``, ``--tls-auth``,
 ``--auth-gen-token-secret``, ``--peer-fingerprint``, ``--tls-crypt``,
-``--tls-crypt-v2`` and ``--verify-hash`` options.
+``--tls-crypt-v2``, ``--verify-hash`` and ``--auth-user-pass`` options.
 
 Each inline file started by the line ``<option>`` and ended by the line
 ``</option>``