From: Tobias Brunner Date: Wed, 17 Apr 2013 13:51:11 +0000 (+0200) Subject: stroke: Fix prompt and error messages in passphrase callback X-Git-Tag: 5.1.0dr1~149^2~4 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=e240b03e68bff8c834e271238037e149d5e1379d;p=thirdparty%2Fstrongswan.git stroke: Fix prompt and error messages in passphrase callback --- diff --git a/src/libcharon/plugins/stroke/stroke_cred.c b/src/libcharon/plugins/stroke/stroke_cred.c index 7034100165..84d2262dbd 100644 --- a/src/libcharon/plugins/stroke/stroke_cred.c +++ b/src/libcharon/plugins/stroke/stroke_cred.c @@ -602,6 +602,8 @@ static err_t extract_secret(chunk_t *secret, chunk_t *line) typedef struct { /** socket we use for prompting */ FILE *prompt; + /** type of secret to unlock */ + int type; /** private key file */ char *path; /** number of tries */ @@ -609,12 +611,12 @@ typedef struct { } passphrase_cb_data_t; /** - * Callback function to receive Passphrases + * Callback function to receive passphrases */ static shared_key_t* passphrase_cb(passphrase_cb_data_t *data, - shared_key_type_t type, - identification_t *me, identification_t *other, - id_match_t *match_me, id_match_t *match_other) + shared_key_type_t type, identification_t *me, + identification_t *other, id_match_t *match_me, + id_match_t *match_other) { chunk_t secret; char buf[256]; @@ -628,13 +630,15 @@ static shared_key_t* passphrase_cb(passphrase_cb_data_t *data, { if (data->try > 5) { - fprintf(data->prompt, "PIN invalid, giving up.\n"); + fprintf(data->prompt, "Passphrase invalid, giving up.\n"); return NULL; } - fprintf(data->prompt, "PIN invalid!\n"); + fprintf(data->prompt, "Passphrase invalid!\n"); } data->try++; - fprintf(data->prompt, "Private key '%s' is encrypted.\n", data->path); + fprintf(data->prompt, "%s '%s' is encrypted.\n", + data->type == CRED_PRIVATE_KEY ? "Private key" : "PKCS#12 file", + data->path); fprintf(data->prompt, "Passphrase:\n"); if (fgets(buf, sizeof(buf), data->prompt)) { @@ -867,9 +871,10 @@ static bool load_from_file(chunk_t line, int line_nr, FILE *prompt, } if (secret.len == 7 && strneq(secret.ptr, "%prompt", 7)) { - callback_cred_t *cb = NULL; + callback_cred_t *cb; passphrase_cb_data_t pp_data = { .prompt = prompt, + .type = type, .path = path, .try = 1, }; @@ -881,9 +886,6 @@ static bool load_from_file(chunk_t line, int line_nr, FILE *prompt, return TRUE; } /* use callback credential set to prompt for the passphrase */ - pp_data.prompt = prompt; - pp_data.path = path; - pp_data.try = 1; cb = callback_cred_create_shared((void*)passphrase_cb, &pp_data); lib->credmgr->add_local_set(lib->credmgr, &cb->set, FALSE);