From 7482dc157b62c2a49a0d74e4d6d1496d8201e980 Mon Sep 17 00:00:00 2001
From: James Geboski <jgeboski@gmail.com>
Date: Tue, 8 Jan 2013 17:52:57 -0500
Subject: [PATCH] Fix --askpass not allowing for password input via stdin
This resolves --askpass treating stdin as a file during the file access
check. In turn, this leads to openvpn failing to start if this option is
set to stdin.
By default, --askpass reads the certificate's password from stdin rather
than a file. Without passing the CHKACC_ACPTSTDIN flag to
check_file_access(), stdin is marked as being a nonexistent file.
Signed-off-by: James Geboski <jgeboski@gmail.com>
---
src/openvpn/options.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/openvpn/options.c b/src/openvpn/options.c
index 8ca41a3..5a72871 100644
|
a
|
b
|
options_postprocess_filechecks (struct options *options) |
| 2693 | 2693 | |
| 2694 | 2694 | /* ** Password files ** */ |
| 2695 | 2695 | #ifdef ENABLE_SSL |
| 2696 | | errs |= check_file_access (CHKACC_FILE, options->key_pass_file, R_OK, |
| | 2696 | errs |= check_file_access (CHKACC_FILE|CHKACC_ACPTSTDIN, |
| | 2697 | options->key_pass_file, R_OK, |
| 2697 | 2698 | "--askpass"); |
| 2698 | 2699 | #endif /* ENABLE_SSL */ |
| 2699 | 2700 | #ifdef ENABLE_MANAGEMENT |
