Skip to content

Commit

Permalink
feat: add --pk-password-file option
Browse files Browse the repository at this point in the history
Signed-off-by: Scruel Tao <scruelt@hotmail.com>
  • Loading branch information
scruel committed Mar 28, 2024
1 parent 1216f56 commit 07be546
Showing 1 changed file with 31 additions and 22 deletions.
53 changes: 31 additions & 22 deletions test/ovpncli/cli.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -929,27 +929,28 @@ int openvpn_client(int argc, char *argv[], const std::string *profile_content)
{
static const struct option longopts[] = {
// clang-format off
{ "username", required_argument, nullptr, 'u' },
{ "password", required_argument, nullptr, 'p' },
{ "response", required_argument, nullptr, 'r' },
{ "dc", required_argument, nullptr, 'D' },
{ "proto", required_argument, nullptr, 'P' },
{ "ipv6", required_argument, nullptr, '6' },
{ "server", required_argument, nullptr, 's' },
{ "port", required_argument, nullptr, 'R' },
{ "timeout", required_argument, nullptr, 't' },
{ "compress", required_argument, nullptr, 'c' },
{ "pk-password", required_argument, nullptr, 'z' },
{ "tvm-override", required_argument, nullptr, 'M' },
{ "proxy-host", required_argument, nullptr, 'h' },
{ "proxy-port", required_argument, nullptr, 'q' },
{ "proxy-username", required_argument, nullptr, 'U' },
{ "proxy-password", required_argument, nullptr, 'W' },
{ "peer-info", required_argument, nullptr, 'I' },
{ "acc-protos", required_argument, nullptr, 'K' },
{ "gremlin", required_argument, nullptr, 'G' },
{ "proxy-basic", no_argument, nullptr, 'B' },
{ "alt-proxy", no_argument, nullptr, 'A' },
{ "username", required_argument, nullptr, 'u' },
{ "password", required_argument, nullptr, 'p' },
{ "response", required_argument, nullptr, 'r' },
{ "dc", required_argument, nullptr, 'D' },
{ "proto", required_argument, nullptr, 'P' },
{ "ipv6", required_argument, nullptr, '6' },
{ "server", required_argument, nullptr, 's' },
{ "port", required_argument, nullptr, 'R' },
{ "timeout", required_argument, nullptr, 't' },
{ "compress", required_argument, nullptr, 'c' },
{ "pk-password", required_argument, nullptr, 'z' },
{ "pk-password-file", required_argument, nullptr, 'i' },
{ "tvm-override", required_argument, nullptr, 'M' },
{ "proxy-host", required_argument, nullptr, 'h' },
{ "proxy-port", required_argument, nullptr, 'q' },
{ "proxy-username", required_argument, nullptr, 'U' },
{ "proxy-password", required_argument, nullptr, 'W' },
{ "peer-info", required_argument, nullptr, 'I' },
{ "acc-protos", required_argument, nullptr, 'K' },
{ "gremlin", required_argument, nullptr, 'G' },
{ "proxy-basic", no_argument, nullptr, 'B' },
{ "alt-proxy", no_argument, nullptr, 'A' },
#if defined(ENABLE_KOVPN) || defined(ENABLE_OVPNDCO) || defined(ENABLE_OVPNDCOWIN)
{ "no-dco", no_argument, nullptr, 'd' },
#endif
Expand Down Expand Up @@ -1003,6 +1004,7 @@ int openvpn_client(int argc, char *argv[], const std::string *profile_content)
int timeout = 0;
std::string compress;
std::string privateKeyPassword;
std::string privateKeyPasswordFile;
std::string tlsVersionMinOverride;
std::string tlsCertProfileOverride;
std::string proxyHost;
Expand Down Expand Up @@ -1048,7 +1050,7 @@ int openvpn_client(int argc, char *argv[], const std::string *profile_content)
int ch;
optind = 1;

while ((ch = getopt_long(argc, argv, "6:ABCD:G:I:K:LM:P:QR:S:TU:W:X:YZ:ac:degh:jk:lmp:q:r:s:t:u:vwxz:", longopts, nullptr)) != -1)
while ((ch = getopt_long(argc, argv, "6:ABCD:G:I:K:LM:P:QR:S:TU:W:X:YZ:ac:degh:jk:lmp:q:r:s:t:u:vwxzi:", longopts, nullptr)) != -1)
{
switch (ch)
{
Expand Down Expand Up @@ -1117,6 +1119,9 @@ int openvpn_client(int argc, char *argv[], const std::string *profile_content)
case 'z':
privateKeyPassword = optarg;
break;
case 'i':
privateKeyPasswordFile = optarg;
break;
case 'M':
tlsVersionMinOverride = optarg;
break;
Expand Down Expand Up @@ -1257,6 +1262,9 @@ int openvpn_client(int argc, char *argv[], const std::string *profile_content)
config.connTimeout = timeout;
config.compressionMode = compress;
config.allowUnusedAddrFamilies = allowUnusedAddrFamilies;
if (privateKeyPassword.empty() && !privateKeyPasswordFile.empty()) {
privateKeyPassword = string::trim_crlf_copy(read_text_utf8(privateKeyPasswordFile));
}
config.privateKeyPassword = privateKeyPassword;
config.tlsVersionMinOverride = tlsVersionMinOverride;
config.tlsCertProfileOverride = tlsCertProfileOverride;
Expand Down Expand Up @@ -1470,6 +1478,7 @@ int openvpn_client(int argc, char *argv[], const std::string *profile_content)
std::cout << "--timeout, -t : timeout" << std::endl;
std::cout << "--compress, -c : compression mode (yes|no|asym)" << std::endl;
std::cout << "--pk-password, -z : private key password" << std::endl;
std::cout << "--pk-password-file, -i: private key password file, contains plaintext password in it" << std::endl;
std::cout << "--tvm-override, -M : tls-version-min override (disabled, default, tls_1_x)" << std::endl;
std::cout << "--legacy-algorithms, -L: Enable legacy algorithm (OpenSSL legacy provider)" << std::endl;
std::cout << "--non-preferred-algorithms, -Q: Enables non preferred data channel algorithms" << std::endl;
Expand Down

0 comments on commit 07be546

Please sign in to comment.