Skip to content

Commit 15c7da2

Browse files
scruelscruel
committed
feat: add --pk-password-file option
1 parent 1216f56 commit 15c7da2

File tree

1 file changed

+32
-22
lines changed

1 file changed

+32
-22
lines changed

test/ovpncli/cli.cpp

Lines changed: 32 additions & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -929,27 +929,28 @@ int openvpn_client(int argc, char *argv[], const std::string *profile_content)
929929
{
930930
static const struct option longopts[] = {
931931
// clang-format off
932-
{ "username", required_argument, nullptr, 'u' },
933-
{ "password", required_argument, nullptr, 'p' },
934-
{ "response", required_argument, nullptr, 'r' },
935-
{ "dc", required_argument, nullptr, 'D' },
936-
{ "proto", required_argument, nullptr, 'P' },
937-
{ "ipv6", required_argument, nullptr, '6' },
938-
{ "server", required_argument, nullptr, 's' },
939-
{ "port", required_argument, nullptr, 'R' },
940-
{ "timeout", required_argument, nullptr, 't' },
941-
{ "compress", required_argument, nullptr, 'c' },
942-
{ "pk-password", required_argument, nullptr, 'z' },
943-
{ "tvm-override", required_argument, nullptr, 'M' },
944-
{ "proxy-host", required_argument, nullptr, 'h' },
945-
{ "proxy-port", required_argument, nullptr, 'q' },
946-
{ "proxy-username", required_argument, nullptr, 'U' },
947-
{ "proxy-password", required_argument, nullptr, 'W' },
948-
{ "peer-info", required_argument, nullptr, 'I' },
949-
{ "acc-protos", required_argument, nullptr, 'K' },
950-
{ "gremlin", required_argument, nullptr, 'G' },
951-
{ "proxy-basic", no_argument, nullptr, 'B' },
952-
{ "alt-proxy", no_argument, nullptr, 'A' },
932+
{ "username", required_argument, nullptr, 'u' },
933+
{ "password", required_argument, nullptr, 'p' },
934+
{ "response", required_argument, nullptr, 'r' },
935+
{ "dc", required_argument, nullptr, 'D' },
936+
{ "proto", required_argument, nullptr, 'P' },
937+
{ "ipv6", required_argument, nullptr, '6' },
938+
{ "server", required_argument, nullptr, 's' },
939+
{ "port", required_argument, nullptr, 'R' },
940+
{ "timeout", required_argument, nullptr, 't' },
941+
{ "compress", required_argument, nullptr, 'c' },
942+
{ "pk-password", required_argument, nullptr, 'z' },
943+
{ "pk-password-file", required_argument, nullptr, 'i' },
944+
{ "tvm-override", required_argument, nullptr, 'M' },
945+
{ "proxy-host", required_argument, nullptr, 'h' },
946+
{ "proxy-port", required_argument, nullptr, 'q' },
947+
{ "proxy-username", required_argument, nullptr, 'U' },
948+
{ "proxy-password", required_argument, nullptr, 'W' },
949+
{ "peer-info", required_argument, nullptr, 'I' },
950+
{ "acc-protos", required_argument, nullptr, 'K' },
951+
{ "gremlin", required_argument, nullptr, 'G' },
952+
{ "proxy-basic", no_argument, nullptr, 'B' },
953+
{ "alt-proxy", no_argument, nullptr, 'A' },
953954
#if defined(ENABLE_KOVPN) || defined(ENABLE_OVPNDCO) || defined(ENABLE_OVPNDCOWIN)
954955
{ "no-dco", no_argument, nullptr, 'd' },
955956
#endif
@@ -1003,6 +1004,7 @@ int openvpn_client(int argc, char *argv[], const std::string *profile_content)
10031004
int timeout = 0;
10041005
std::string compress;
10051006
std::string privateKeyPassword;
1007+
std::string privateKeyPasswordFile;
10061008
std::string tlsVersionMinOverride;
10071009
std::string tlsCertProfileOverride;
10081010
std::string proxyHost;
@@ -1048,7 +1050,7 @@ int openvpn_client(int argc, char *argv[], const std::string *profile_content)
10481050
int ch;
10491051
optind = 1;
10501052

1051-
while ((ch = getopt_long(argc, argv, "6:ABCD:G:I:K:LM:P:QR:S:TU:W:X:YZ:ac:degh:jk:lmp:q:r:s:t:u:vwxz:", longopts, nullptr)) != -1)
1053+
while ((ch = getopt_long(argc, argv, "6:ABCD:G:I:K:LM:P:QR:S:TU:W:X:YZ:ac:degh:jk:lmp:q:r:s:t:u:vwxzi:", longopts, nullptr)) != -1)
10521054
{
10531055
switch (ch)
10541056
{
@@ -1117,6 +1119,9 @@ int openvpn_client(int argc, char *argv[], const std::string *profile_content)
11171119
case 'z':
11181120
privateKeyPassword = optarg;
11191121
break;
1122+
case 'i':
1123+
privateKeyPasswordFile = optarg;
1124+
break;
11201125
case 'M':
11211126
tlsVersionMinOverride = optarg;
11221127
break;
@@ -1257,6 +1262,10 @@ int openvpn_client(int argc, char *argv[], const std::string *profile_content)
12571262
config.connTimeout = timeout;
12581263
config.compressionMode = compress;
12591264
config.allowUnusedAddrFamilies = allowUnusedAddrFamilies;
1265+
if (privateKeyPassword.empty() && !privateKeyPasswordFile.empty()) {
1266+
privateKeyPassword = string::trim_crlf_copy(read_text_utf8(privateKeyPasswordFile));
1267+
}
1268+
std::cout << "privateKeyPassword:" << privateKeyPassword << std::endl;
12601269
config.privateKeyPassword = privateKeyPassword;
12611270
config.tlsVersionMinOverride = tlsVersionMinOverride;
12621271
config.tlsCertProfileOverride = tlsCertProfileOverride;
@@ -1470,6 +1479,7 @@ int openvpn_client(int argc, char *argv[], const std::string *profile_content)
14701479
std::cout << "--timeout, -t : timeout" << std::endl;
14711480
std::cout << "--compress, -c : compression mode (yes|no|asym)" << std::endl;
14721481
std::cout << "--pk-password, -z : private key password" << std::endl;
1482+
std::cout << "--pk-password-file, -i: private key password file, contains plaintext password in it" << std::endl;
14731483
std::cout << "--tvm-override, -M : tls-version-min override (disabled, default, tls_1_x)" << std::endl;
14741484
std::cout << "--legacy-algorithms, -L: Enable legacy algorithm (OpenSSL legacy provider)" << std::endl;
14751485
std::cout << "--non-preferred-algorithms, -Q: Enables non preferred data channel algorithms" << std::endl;

0 commit comments

Comments
 (0)