_("Failed to decrypt PKCS#12 certificate file\n"));
free(pass);
vpninfo->cert_password = NULL;
- err = request_passphrase(vpninfo, &pass,
+ err = request_passphrase(vpninfo, "openconnect_pkcs12", &pass,
_("Enter PKCS#12 pass phrase:"));
if (err) {
gnutls_pkcs12_deinit(p12);
if (err != TPM_E_AUTHFAIL)
goto out_srkpol;
- err = request_passphrase(vpninfo, &pass, _("Enter TPM SRK PIN:"));
+ err = request_passphrase(vpninfo, "openconnect_tpm_srk",
+ &pass, _("Enter TPM SRK PIN:"));
if (err)
goto out_srkpol;
}
goto out_key_policy;
}
}
- err = request_passphrase(vpninfo, &pass, _("Enter TPM key PIN:"));
+ err = request_passphrase(vpninfo, "openconnect_tpm_key",
+ &pass, _("Enter TPM key PIN:"));
if (err)
goto out_key_policy;
_("Failed to decrypt PKCS#8 certificate file\n"));
free(pass);
}
- err = request_passphrase(vpninfo, &pass,
- _("Enter PEM pass phrase:"));
+ err = request_passphrase(vpninfo, "openconnect_pem",
+ &pass, _("Enter PEM pass phrase:"));
if (err) {
ret = -EINVAL;
goto out;
/* ssl.c */
int connect_https_socket(struct openconnect_info *vpninfo);
-int request_passphrase(struct openconnect_info *vpninfo,
+int request_passphrase(struct openconnect_info *vpninfo, const char *label,
char **response, const char *fmt, ...);
int __attribute__ ((format (printf, 2, 3)))
openconnect_SSL_printf(struct openconnect_info *vpninfo, const char *fmt, ...);
memset(ui_data, 0, sizeof(*ui_data));
ui_data->last_opt = &ui_data->form.opts;
ui_data->vpninfo = vpninfo;
+ ui_data->form.auth_id = (char *)"openssl_ui";
UI_add_user_data(ui, ui_data);
return 1;
if (vpninfo->cert_password) {
pass = vpninfo->cert_password;
vpninfo->cert_password = NULL;
- } else if (request_passphrase(vpninfo, &pass,
- _("Enter PEM pass phrase:")))
+ } else if (request_passphrase(vpninfo, "openconnect_pem",
+ &pass, _("Enter PEM pass phrase:")))
return -1;
plen = strlen(pass);
when PKCS12_parse() returns an error, but *ca is left pointing
to the freed memory. */
ca = NULL;
- if (!pass && request_passphrase(vpninfo, &pass,
+ if (!pass && request_passphrase(vpninfo, "openconnect_pkcs12", &pass,
_("Enter PKCS#12 pass phrase:")) < 0) {
PKCS12_free(p12);
return -EINVAL;
}
-int request_passphrase(struct openconnect_info *vpninfo,
+int request_passphrase(struct openconnect_info *vpninfo, const char *label,
char **response, const char *fmt, ...)
{
struct oc_auth_form f;
vsnprintf(buf, 1023, fmt, args);
va_end(args);
- f.auth_id = (char *)"ssl_certificate";
+ f.auth_id = (char *)label;
f.opts = &o;
o.next = NULL;
o.type = OC_FORM_OPT_PASSWORD;
- o.name = (char *)"passphrase";
+ o.name = (char *)label;
o.label = buf;
o.value = NULL;