From: James Yonan <james@openvpn.net>
Date: Fri, 12 Mar 2010 03:05:34 +0000 (+0000)
Subject: Modified ">PASSWORD:Verification Failed" management interface
X-Git-Tag: v2.2-beta1~27
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8c7c6be4893ca15061e15ca1e5990c052d77a016;p=thirdparty%2Fopenvpn.git

Modified ">PASSWORD:Verification Failed" management interface
notification to include a client reason string:

  >PASSWORD:Verification Failed: 'AUTH_TYPE' ['REASON_STRING']


git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@5468 e7ae566f-a301-0410-adde-c780ea21d3b5
---

diff --git a/manage.c b/manage.c
index f75aedd9b..e87d996d3 100644
--- a/manage.c
+++ b/manage.c
@@ -2273,9 +2273,12 @@ management_pre_tunnel_close (struct management *man)
 }
 
 void
-management_auth_failure (struct management *man, const char *type)
+management_auth_failure (struct management *man, const char *type, const char *reason)
 {
-  msg (M_CLIENT, ">PASSWORD:Verification Failed: '%s'", type);
+  if (reason)
+    msg (M_CLIENT, ">PASSWORD:Verification Failed: '%s' ['%s']", type, reason);
+  else
+    msg (M_CLIENT, ">PASSWORD:Verification Failed: '%s'", type);
 }
 
 static inline bool
diff --git a/manage.h b/manage.h
index 6d6d710cf..e5cbafdaf 100644
--- a/manage.h
+++ b/manage.h
@@ -435,7 +435,7 @@ void management_echo (struct management *man, const char *string, const bool pul
  * OpenVPN calls here to indicate a password failure
  */
 
-void management_auth_failure (struct management *man, const char *type);
+void management_auth_failure (struct management *man, const char *type, const char *reason);
 
 /*
  * These functions drive the bytecount in/out counters.
diff --git a/push.c b/push.c
index 70bb9a3ba..149d25a54 100644
--- a/push.c
+++ b/push.c
@@ -63,11 +63,11 @@ receive_auth_failed (struct context *c, const struct buffer *buffer)
 #ifdef ENABLE_MANAGEMENT
       if (management)
 	{
-	  const char *reason = UP_TYPE_AUTH;
+	  const char *reason = NULL;
 	  struct buffer buf = *buffer;
 	  if (buf_string_compare_advance (&buf, "AUTH_FAILED,") && BLEN (&buf))
 	    reason = BSTR (&buf);
-	  management_auth_failure (management, reason);
+	  management_auth_failure (management, UP_TYPE_AUTH, reason);
 	}
 #endif
     }
diff --git a/ssl.c b/ssl.c
index 102b02e2d..1b275afea 100644
--- a/ssl.c
+++ b/ssl.c
@@ -1639,7 +1639,7 @@ init_ssl (const struct options *options)
 		{
 #ifdef ENABLE_MANAGEMENT
 		  if (management && (ERR_GET_REASON (ERR_peek_error()) == EVP_R_BAD_DECRYPT))
-		    management_auth_failure (management, UP_TYPE_PRIVATE_KEY);
+		    management_auth_failure (management, UP_TYPE_PRIVATE_KEY, NULL);
 #endif
 		  msg (M_WARN|M_SSL, "Cannot load private key file %s", options->priv_key_file);
 		  goto err;