Add openconnect_set_key_password()

For auto-provisioning via NetworkManager it's actually quite useful to be
able to set vpninfo->cert_password and have that special case handled,
instead of having to inject the password into the user's keyring somehow.

It's either that or revise the FSID hack...

Signed-off-by: David Woodhouse <dwmw2@infradead.org>

diff --git a/libopenconnect.map.in b/libopenconnect.map.in
index 9b0b86c7184c4af10267fdf41ec991fc0541b2ef..38204b7aa5c32c7ad23eb5ddca4cd5b560293b1a 100644 (file)
--- a/libopenconnect.map.in
+++ b/libopenconnect.map.in
@@ -99,6 +99,7 @@ OPENCONNECT_5_5 {
        openconnect_get_supported_protocols;
        openconnect_free_supported_protocols;
        openconnect_has_tss2_blob_support;
+       openconnect_set_key_password;
 } OPENCONNECT_5_4;
 
 OPENCONNECT_PRIVATE {

diff --git a/library.c b/library.c
index eb657dedbb50c10cc5014d9b2b3d422c8ab3229b..7516f1a9e61f98de9c0dcfe45153233235274ec2 100644 (file)
--- a/library.c
+++ b/library.c
@@ -655,6 +655,13 @@ void openconnect_set_cert_expiry_warning(struct openconnect_info *vpninfo,
        vpninfo->cert_expire_warning = seconds;
 }
 
+int openconnect_set_key_password(struct openconnect_info *vpninfo, const char *pass)
+{
+       STRDUP(vpninfo->cert_password, pass);
+
+       return 0;
+}
+
 void openconnect_set_pfs(struct openconnect_info *vpninfo, unsigned val)
 {
        vpninfo->pfs = val;

diff --git a/openconnect.h b/openconnect.h
index eab45f3a72cf4cd3eb70068a8350e3de98db5a3c..02c199306f0ebe0c23f89b5c9d3e3843cab92e3d 100644 (file)
--- a/openconnect.h
+++ b/openconnect.h
@@ -37,6 +37,7 @@ extern "C" {
 
 /*
  * API version 5.5:
+ *  - add openconnect_set_key_password()
  *  - Add openconnect_has_tss2_blob_support()
  *  - Add openconnect_get_supported_protocols()
  *  - Add openconnect_free_supported_protocols()
@@ -513,6 +514,7 @@ int openconnect_set_mobile_info(struct openconnect_info *vpninfo,
                                const char *mobile_device_uniqueid);
 int openconnect_set_client_cert(struct openconnect_info *, const char *cert,
                                const char *sslkey);
+int openconnect_set_key_password(struct openconnect_info *vpninfo, const char *pass);
 const char *openconnect_get_ifname(struct openconnect_info *);
 void openconnect_set_reqmtu(struct openconnect_info *, int reqmtu);
 void openconnect_set_dpd(struct openconnect_info *, int min_seconds);