aboutsummaryrefslogtreecommitdiff
path: root/ssl.c
diff options
context:
space:
mode:
authorDavid Sommerseth <dazo@users.sourceforge.net>2010-11-13 00:46:13 +0100
committerDavid Sommerseth <dazo@users.sourceforge.net>2010-11-13 00:46:13 +0100
commit22178d05f7912fd51a21a32387982394447d90f6 (patch)
tree3f8fe69338e7a4139909de9c2d60d1f908771b94 /ssl.c
parentClarified --explicit-exit-notify man page entry (diff)
parentVersion 2.1.3b (diff)
downloadopenvpn-22178d05f7912fd51a21a32387982394447d90f6.tar.xz
Merge branch 'svn-BETA21' into bugfix2.1
Diffstat (limited to 'ssl.c')
-rw-r--r--ssl.c27
1 files changed, 27 insertions, 0 deletions
diff --git a/ssl.c b/ssl.c
index b2886eb..385353e 100644
--- a/ssl.c
+++ b/ssl.c
@@ -286,6 +286,10 @@ pem_password_callback (char *buf, int size, int rwflag, void *u)
static bool auth_user_pass_enabled; /* GLOBAL */
static struct user_pass auth_user_pass; /* GLOBAL */
+#ifdef ENABLE_CLIENT_CR
+static char *auth_challenge; /* GLOBAL */
+#endif
+
void
auth_user_pass_setup (const char *auth_file)
{
@@ -294,6 +298,8 @@ auth_user_pass_setup (const char *auth_file)
{
#if AUTO_USERID
get_user_pass_auto_userid (&auth_user_pass, auth_file);
+#elif defined(ENABLE_CLIENT_CR)
+ get_user_pass_cr (&auth_user_pass, auth_file, UP_TYPE_AUTH, GET_USER_PASS_MANAGEMENT|GET_USER_PASS_SENSITIVE, auth_challenge);
#else
get_user_pass (&auth_user_pass, auth_file, UP_TYPE_AUTH, GET_USER_PASS_MANAGEMENT|GET_USER_PASS_SENSITIVE);
#endif
@@ -321,8 +327,29 @@ ssl_purge_auth (void)
#endif
purge_user_pass (&passbuf, true);
purge_user_pass (&auth_user_pass, true);
+#ifdef ENABLE_CLIENT_CR
+ ssl_purge_auth_challenge();
+#endif
+}
+
+#ifdef ENABLE_CLIENT_CR
+
+void
+ssl_purge_auth_challenge (void)
+{
+ free (auth_challenge);
+ auth_challenge = NULL;
}
+void
+ssl_put_auth_challenge (const char *cr_str)
+{
+ ssl_purge_auth_challenge();
+ auth_challenge = string_alloc(cr_str, NULL);
+}
+
+#endif
+
/*
* OpenSSL callback to get a temporary RSA key, mostly
* used for export ciphers.