On Wed, 4 May 2005, Gerhard Wiesinger wrote: > Hello! > > Attached are 2 usability patches for password authentication on Windows, > one for OpenVPN 2.0.0 and OpenVPN-GUI 1.0. > > The patches provide the following functionality: > You can provide predefined usernames for password authentication, > backward compatibility is guaranteed. > > It looks like the following: > > Client Config looks like: > ========================= > # Ask for username and password > auth-user-pass user.up > > # Optionally the win32-gui switch can be set (see for combinations below) > win32-gui > > user.up contains: > ================= > username > password or stdin or gui (stdin and gui are reserverd keywords) > > When password is set, the password is taken. > When stdin or gui is set as the password the user is asked to provide the > password only (The username is not queried or is already predefined in the > GUI dialog and the focus is set to the password text field). > > # Usefull combinations are: > # disabled win32-gui with auth-user-pass username/gui (Best) > ============================================================ > OpenVPN Userauthentication Dialog (only one dialog appears) with the > following information: > > Username: gerhard (predefined as from user.up!!!) > Password: Enter the password here > > When a private key password is set, it is also queried. > > Username is taken from user.up > > # win32-gui with auth-user-pass username/stdin (Best) > ====================================================== > The following dialog pops up: > Enter Auth Password for user gerhard: Enter the username here > > When a private key password is set, it is also queried. > > Username is taken from user.up > > # win32-gui with auth-user-pass username/gui > ============================================ > Enter Auth Username [gerhard]: Enter the username here > Enter Auth Password: Enter the password here > > When a private key password is set, it is also queried. > > # Useless combinations are: > # disabled win32-gui with auth-user-pass username/stdin > ======================================================= > OpenVPN is blocked, since the GUI waits for input from stdin, but nothing > usefull is sent. > > Server side looks like: > ======================= > plugin /usr/share/openvpn/plugin/lib/openvpn-auth-pam.so login > > It has been tested with MinGW compiler, Windows 2000 and Linux as a > server unpatched (2.0.0). > > Please let me know whether you integrate the patches in the upcoming > OpenVPN 2.0.1 release.
Why would you want to add platform-specific GUI code to the OpenVPN core (as the non-GUI patch does), rather than coding the GUI functionality as a separate applet and communicating with the OpenVPN core via the management interface? It's a bit more work this way, but it has the advantage of decoupling the OpenVPN core from the platform-specific GUI elements. James
