Opened 12 years ago
Closed 9 years ago
#248 closed Patch submission (fixed)
Fix --askpass not allowing for password input via stdin
Reported by: | jgeboski | Owned by: | |
---|---|---|---|
Priority: | major | Milestone: | release 2.3.8 |
Component: | Generic / unclassified | Version: | OpenVPN git master branch (Community Ed) |
Severity: | Not set (select this one, unless your'e a OpenVPN developer) | Keywords: | askpass |
Cc: |
Description
I was recently writing a small script to use to get my VPN session authenticated. I saw the --askpass option in the manual, which I intended to use with --daemon. However, I quickly ran into an error with the --askpass parameter.
# openvpn --config client.conf --askpass Options error: --askpass fails with 'stdin': No such file or directory Options error: Please correct these errors. Use --help for more information.
This patch resolves --askpass treating stdin as a file during the file access check. In turn, this leads to openvpn failing to start if this option is set to stdin.
By default, --askpass reads the certificate's password from stdin rather than a file. Without passing the CHKACC_ACPTSTDIN flag to check_file_access(), stdin is marked as being a nonexistent file.
James
Attachments (1)
Change History (3)
Changed 12 years ago by
Attachment: | 0001-Fix-askpass-not-allowing-for-password-input-via-stdi.patch added |
---|
comment:1 Changed 11 years ago by
Keywords: | stdin removed |
---|---|
Milestone: | → release 2.4 |
Priority: | minor → major |
comment:2 Changed 9 years ago by
Milestone: | release 2.4 → release 2.3.8 |
---|---|
Resolution: | → fixed |
Status: | new → closed |
It most definitely is a bug, but up to 2.3.7 "--askpass stdin" was sort of a not-really-needed corner case - with the --daemon change in 2.3.7 (and recent git master), we actually need this, so rediscovered this bug...
commit 4e1e3ba1d8582a1e95dd6f9564e97c99784959a7 (master)
commit 4d093fff305a3054d88ae2c803665cf90d512c7e (release/2.3)
Author: James Geboski
Date: Tue Jan 8 17:52:57 2013 -0500
Fix --askpass not allowing for password input via stdin
Signed-off-by: James Geboski <jgeboski@…>
Acked-by: Steffan Karger <steffan.karger@…>
Signed-off-by: Gert Doering <gert@…>
Message-Id: <55A41225.2020705@…>
URL: http://article.gmane.org/gmane.network.openvpn.devel/9918
will be in 2.3.8, to be released "soonish".
I can reproduce this on 2.3.2 too. The man-page says the following:
This works:
While this does not:
So this looks like a bug.