| From 63343fe1dc388d1d545a8e55913ab07907ea0cae Mon Sep 17 00:00:00 2001 |
| From: Radu - Eosif Mihailescu <rmihailescu@google.com> |
| Date: Sun, 30 Apr 2017 09:44:23 -0700 |
| Subject: [PATCH 4/4] CHROMIUM: Enable large passwords to work over the |
| management interface as well |
| |
| - there is already preprocessor logic to allow 4k username/password fields |
| when compiling with --enable-pkcs11 |
| - the design of options.c/parse_line() prevents that from working properly |
| because the size checking in that function does not obey the |
| configuration-time #define |
| - this was never caught as the vast majority of PKCS#11 users have OpenVPN |
| read the (large) password object from PKCS#11 itself as oposed to feeding |
| same via the management interface |
| - current patch fixes all that :-) |
| |
| Signed-off-by: Radu - Eosif Mihailescu <rmihailescu@google.com> |
| Signed-off-by: Kevin Cernekee <cernekee@chromium.org> |
| --- |
| src/openvpn/options.c | 7 ++++++- |
| 1 file changed, 6 insertions(+), 1 deletion(-) |
| |
| diff --git a/src/openvpn/options.c b/src/openvpn/options.c |
| index dcb6ecfaaf86..44999c10de3a 100644 |
| --- a/src/openvpn/options.c |
| +++ b/src/openvpn/options.c |
| @@ -4226,7 +4226,12 @@ parse_line(const char *line, |
| bool backslash = false; |
| char in, out; |
| |
| - char parm[OPTION_PARM_SIZE]; |
| +# ifdef ENABLE_PKCS11 |
| +# define PARM_SIZE USER_PASS_LEN |
| +# else |
| +# define PARM_SIZE OPTION_PARM_SIZE |
| +# endif |
| + char parm[PARM_SIZE]; |
| unsigned int parm_len = 0; |
| |
| msglevel &= ~M_OPTERR; |
| -- |
| 2.13.0.rc0.306.g87b477812d-goog |
| |