From: David Sommerseth <davids@openvpn.net>
Date: Thu, 11 Aug 2016 14:33:55 +0000 (+0200)
Subject: systemd: Do not mask usernames when querying for it via systemd-ask-password
X-Git-Tag: v2.4_alpha1~7
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=8ba3e25897af5c7bd7b4f706961e9528d6988d83;p=thirdparty%2Fopenvpn.git

systemd: Do not mask usernames when querying for it via systemd-ask-password

In systemd after version 216, systemd-ask-password will support --echo
which
will avoid masking the user input.  As OpenVPN uses this mechanism
collecting
usernames when systemd is available, this will avoid the input of
usernames to
be masked.

This patch also adds the --icon argument, which is aimed at graphical
inputs.
For example when OpenVPN is started at system boot-time using a graphical
boot
interface such as Plymouth.

  [v2 - Avoid pkg.m4 hacks and use pkgconfig/autoconf methods to flag
        if systemd is recent enough for --echo support]

Signed-off-by: David Sommerseth <davids@openvpn.net>
Acked-by: Selva Nair <selva.nair@gmail.com>
Message-Id: 1470926035-434-1-git-send-email-davids@openvpn.net
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg12405.html
---

diff --git a/configure.ac b/configure.ac
index 770c24da4..357ba29e8 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1023,6 +1023,12 @@ if test "$enable_systemd" = "yes" ; then
                       [],
                       [PKG_CHECK_MODULES([libsystemd], [libsystemd-daemon])]
                       )
+
+    PKG_CHECK_EXISTS( [libsystemd > 216],
+                     [AC_DEFINE([SYSTEMD_NEWER_THAN_216], [1],
+                           [systemd is newer than v216])]
+                    )
+
     AC_CHECK_HEADERS(systemd/sd-daemon.h,
        ,
        [
diff --git a/src/openvpn/console_systemd.c b/src/openvpn/console_systemd.c
index 67cb51bfd..9cd7575b1 100644
--- a/src/openvpn/console_systemd.c
+++ b/src/openvpn/console_systemd.c
@@ -64,6 +64,14 @@ get_console_input_systemd (const char *prompt, const bool echo, char *input, con
 
     argv_init (&argv);
     argv_printf (&argv, SYSTEMD_ASK_PASSWORD_PATH);
+#ifdef SYSTEMD_NEWER_THAN_216
+    /* the --echo support arrived in upstream systemd 217 */
+    if( echo )
+    {
+	argv_printf_cat(&argv, "--echo");
+    }
+#endif
+    argv_printf_cat (&argv, "--icon network-vpn");
     argv_printf_cat (&argv, "%s", prompt);
 
     if ((std_out = openvpn_popen (&argv, NULL)) < 0) {