GitList

Browse code

fix regression: query password before becoming daemon

The init sequence was changed to daemonize before the crypto init to fix
issues on FreeBSD some commits ago. This introduced a regression where
we would no longer query for passwords before daemonizing, as described
in trac #574 and #576.

This commit restores the correct order, and adds a bit of const
correctness since we're touching this now code anyway.

Signed-off-by: Steffan Karger <steffan@karger.me>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1436477759-5884-1-git-send-email-steffan@karger.me>
URL: http://article.gmane.org/gmane.network.openvpn.devel/9901
Signed-off-by: Gert Doering <gert@greenie.muc.de>
(cherry picked from commit 315f6fbc7f657a7f1127628bd714f468709d5185)

Steffan Karger authored on 2015/07/10 06:35:59
Showing 3 changed files

src/openvpn/init.c index 7a2c69b..71c91a2 100644
src/openvpn/init.h index d1908ed..a819bd2 100644
src/openvpn/openvpn.c index 00bd570..d05acde 100644

src/openvpn/init.c

History View file @ 7bde2e1

@@ -389,8 +389,8 @@ next_connection_entry (struct context *c)
                      /*
                       * Query for private key and auth-user-pass username/passwords
                       */
                     -static void
                     -init_query_passwords (struct context *c)
                     +void
                     +init_query_passwords (const struct context *c)
+                     {
                      #if defined(ENABLE_CRYPTO) && defined(ENABLE_SSL)
                        /* Certificate password input */
@@ -520,8 +520,6 @@ context_init_1 (struct context *c)
                        init_connection_list (c);
                     -  init_query_passwords (c);
+                    -
                      #if defined(ENABLE_PKCS11)
                        if (c->first_time) {
                          int i;

src/openvpn/init.h

History View file @ 7bde2e1

@@ -63,6 +63,11 @@ void init_instance_handle_signals (struct context *c, const struct env_set *env,
                      void init_instance (struct context *c, const struct env_set *env, const unsigned int flags);
                     +/**
                     + * Query for private key and auth-user-pass username/passwords.
                     + */
                     +void init_query_passwords (const struct context *c);
+                    +
                      void do_route (const struct options *options,
                      	       struct route_list *route_list,
                      	       struct route_ipv6_list *route_ipv6_list,

src/openvpn/openvpn.c

History View file @ 7bde2e1

@@ -228,7 +228,10 @@ openvpn_main (int argc, char *argv[])
                      	  /* test crypto? */
                      	  if (do_test_crypto (&c.options))
                      	    break;
+                    -
+                    +
                     +	  /* Query passwords before becoming a daemon */
                     +	  init_query_passwords (&c);
+                    +
                      	  /* become a daemon if --daemon */
                      	  if (c.first_time)
+                     	    {