Vici prompt

src/charon-cmd/cmd/cmd_creds.c

@@ -63,40 +63,42 @@ struct private_cmd_creds_t {
 	char *identity;
 };
 
-/**
- * Callback function to prompt for secret
- */
-static shared_key_t* callback_shared(private_cmd_creds_t *this,
-								shared_key_type_t type,
-								identification_t *me, identification_t *other,
-								id_match_t *match_me, id_match_t *match_other)
+CALLBACK(callback_shared, shared_key_t*,
+	private_cmd_creds_t *this, shared_key_type_t type, identification_t *me,
+	identification_t *other, const char *msg, id_match_t *match_me,
+	id_match_t *match_other)
 {
 	shared_key_t *shared;
-	char *label, *pwd = NULL;
+	const char *label = msg;
+	char buf[BUF_LEN], *pwd = NULL;
 
 	if (type == this->prompted)
 	{
 		return NULL;
 	}
-	switch (type)
+	if (!label || !*label)
 	{
-		case SHARED_EAP:
-			label = "EAP password: ";
-			break;
-		case SHARED_IKE:
-			label = "Preshared Key: ";
-			break;
-		case SHARED_PRIVATE_KEY_PASS:
-			label = "Password: ";
-			break;
-		case SHARED_PIN:
-			label = "PIN: ";
-			break;
-		default:
-			return NULL;
+		switch (type)
+		{
+			case SHARED_EAP:
+				label = "EAP password";
+				break;
+			case SHARED_IKE:
+				label = "Preshared Key";
+				break;
+			case SHARED_PRIVATE_KEY_PASS:
+				label = "Password";
+				break;
+			case SHARED_PIN:
+				label = "PIN";
+				break;
+			default:
+				return NULL;
+		}
 	}
+	snprintf(buf, sizeof(buf), "%s: ", label);
 #ifdef HAVE_GETPASS
-	pwd = getpass(label);
+	pwd = getpass(buf);
 #endif
 	if (!pwd || strlen(pwd) == 0)
 	{
@@ -288,7 +290,7 @@ cmd_creds_t *cmd_creds_create()
 		.creds = mem_cred_create(),
 		.prompted = SHARED_ANY,
 	);
-	this->cb = callback_cred_create_shared((void*)callback_shared, this);
+	this->cb = callback_cred_create_shared(callback_shared, this);
 
 	lib->credmgr->add_set(lib->credmgr, &this->creds->set);
 	lib->credmgr->add_set(lib->credmgr, &this->cb->set);

src/charon-nm/nm/nm_creds.c

@@ -270,7 +270,7 @@ METHOD(enumerator_t, shared_destroy, void,
 
 METHOD(credential_set_t, create_shared_enumerator, enumerator_t*,
 	private_nm_creds_t *this, shared_key_type_t type, identification_t *me,
-	identification_t *other)
+	identification_t *other, const char *msg)
 {
 	shared_enumerator_t *enumerator;
 	chunk_t key;

src/frontends/android/app/src/main/jni/libandroidbridge/backend/android_creds.c

@@ -249,10 +249,10 @@ METHOD(android_creds_t, add_username_password, void,
 
 METHOD(credential_set_t, create_shared_enumerator, enumerator_t*,
 	private_android_creds_t *this, shared_key_type_t type,
-	identification_t *me, identification_t *other)
+	identification_t *me, identification_t *other, const char *msg)
 {
 	return this->creds->set.create_shared_enumerator(&this->creds->set,
-													 type, me, other);
+													 type, me, other, msg);
 }
 
 METHOD(android_creds_t, load_user_certificate, certificate_t*,

src/frontends/osx/charon-xpc/xpc_channels.c

@@ -458,10 +458,10 @@ static shared_key_t *query_password(xpc_connection_t conn, identification_t *id)
 /**
  * Password query callback
  */
-static shared_key_t* password_cb(private_xpc_channels_t *this,
-								 shared_key_type_t type,
-								 identification_t *me, identification_t *other,
-								 id_match_t *match_me, id_match_t *match_other)
+CALLBACK(password_cb, shared_key_t*,
+	private_xpc_channels_t *this, shared_key_type_t type, identification_t *me,
+	identification_t *other, const char *msg, id_match_t *match_me,
+	id_match_t *match_other)
 {
 	shared_key_t *shared = NULL;
 	ike_sa_t *ike_sa;
@@ -537,8 +537,7 @@ xpc_channels_t *xpc_channels_create()
 		.lock = rwlock_create(RWLOCK_TYPE_DEFAULT),
 	);
 
-	this->creds = callback_cred_create_shared(
-								(callback_cred_shared_cb_t)password_cb, this);
+	this->creds = callback_cred_create_shared(password_cb, this);
 	lib->credmgr->add_set(lib->credmgr, &this->creds->set);
 
 	return &this->public;

src/libcharon/plugins/eap_aka_3gpp/eap_aka_3gpp_functions.c

@@ -69,7 +69,7 @@ bool eap_aka_3gpp_get_k_opc(identification_t *id, uint8_t k[AKA_K_LEN],
 	shared_key_t *shared;
 	chunk_t key;
 
-	shared = lib->credmgr->get_shared(lib->credmgr, SHARED_EAP, id, NULL);
+	shared = lib->credmgr->get_shared(lib->credmgr, SHARED_EAP, id, NULL, NULL);
 	if (!shared)
 	{
 		return FALSE;

src/libcharon/plugins/eap_aka_3gpp2/eap_aka_3gpp2_provider.c

@@ -52,7 +52,7 @@ bool eap_aka_3gpp2_get_k(identification_t *id, char k[AKA_K_LEN])
 	shared_key_t *shared;
 	chunk_t key;
 
-	shared = lib->credmgr->get_shared(lib->credmgr, SHARED_EAP, id, NULL);
+	shared = lib->credmgr->get_shared(lib->credmgr, SHARED_EAP, id, NULL, NULL);
 	if (shared == NULL)
 	{
 		return FALSE;

src/libcharon/plugins/eap_gtc/eap_gtc.c

@@ -19,7 +19,7 @@
 #include <daemon.h>
 #include <library.h>
 
-#define GTC_REQUEST_MSG "password"
+#define GTC_REQUEST_MSG "Password"
 
 typedef struct private_eap_gtc_t private_eap_gtc_t;
 
@@ -98,11 +98,20 @@ METHOD(eap_method_t, process_peer, status_t,
 {
 	eap_gtc_header_t *res;
 	shared_key_t *shared;
-	chunk_t key;
+	chunk_t msg, key;
+	char *msg_str = NULL;
 	size_t len;
 
+	msg = chunk_skip(in->get_data(in), 5);
+	if (msg.len)
+	{
+		chunk_printable(msg, &msg, '?');
+		msg_str = strndup(msg.ptr, msg.len);
+		free(msg.ptr);
+	}
 	shared = lib->credmgr->get_shared(lib->credmgr, SHARED_EAP,
-									  this->peer, this->server);
+									  this->peer, this->server, msg_str);
+	free(msg_str);
 	if (shared == NULL)
 	{
 		DBG1(DBG_IKE, "no EAP key found for '%Y' - '%Y'",

src/libcharon/plugins/eap_md5/eap_md5.c

@@ -85,7 +85,7 @@ static status_t hash_challenge(private_eap_md5_t *this, chunk_t *response,
 	chunk_t concat;
 	hasher_t *hasher;
 
-	shared = lib->credmgr->get_shared(lib->credmgr, SHARED_EAP, me, other);
+	shared = lib->credmgr->get_shared(lib->credmgr, SHARED_EAP, me, other, NULL);
 	if (shared == NULL)
 	{
 		DBG1(DBG_IKE, "no EAP key found for hosts '%Y' - '%Y'", me, other);

src/libcharon/plugins/eap_mschapv2/eap_mschapv2.c

@@ -757,7 +757,8 @@ static bool get_nt_hash(private_eap_mschapv2_t *this, identification_t *me,
 	chunk_t password;
 
 	/* try to find a stored NT_HASH first */
-	shared = lib->credmgr->get_shared(lib->credmgr, SHARED_NT_HASH, me, other);
+	shared = lib->credmgr->get_shared(lib->credmgr, SHARED_NT_HASH, me, other,
+									  NULL);
 	if (shared )
 	{
 		*nt_hash = chunk_clone(shared->get_key(shared));
@@ -766,7 +767,7 @@ static bool get_nt_hash(private_eap_mschapv2_t *this, identification_t *me,
 	}
 
 	/* fallback to plaintext password */
-	shared = lib->credmgr->get_shared(lib->credmgr, SHARED_EAP, me, other);
+	shared = lib->credmgr->get_shared(lib->credmgr, SHARED_EAP, me, other, NULL);
 	if (shared)
 	{
 		password = utf8_to_utf16le(shared->get_key(shared));

src/libcharon/plugins/ha/ha_tunnel.c

@@ -138,7 +138,7 @@ METHOD(enumerator_t, shared_enumerate, bool,
 
 METHOD(ha_creds_t, create_shared_enumerator, enumerator_t*,
 	ha_creds_t *this, shared_key_type_t type,
-	identification_t *me, identification_t *other)
+	identification_t *me, identification_t *other, const char *msg)
 {
 	shared_enum_t *enumerator;
 

src/libcharon/plugins/load_tester/load_tester_creds.c

@@ -428,7 +428,7 @@ CALLBACK(shared_filter, bool,
 
 METHOD(credential_set_t, create_shared_enumerator, enumerator_t*,
 	private_load_tester_creds_t *this, shared_key_type_t type,
-	identification_t *me, identification_t *other)
+	identification_t *me, identification_t *other, const char *msg)
 {
 	shared_key_t *shared;
 

src/libcharon/plugins/sql/sql_cred.c

@@ -271,7 +271,7 @@ METHOD(enumerator_t, shared_enumerator_destroy, void,
 
 METHOD(credential_set_t, create_shared_enumerator, enumerator_t*,
 	   private_sql_cred_t *this, shared_key_type_t type,
-	   identification_t *me, identification_t *other)
+	   identification_t *me, identification_t *other, const char *msg)
 {
 	shared_enumerator_t *e;
 	bool me_defined, other_defined;

src/libcharon/plugins/stroke/stroke_cred.c

@@ -690,10 +690,10 @@ typedef struct {
 /**
  * Callback function to receive passphrases
  */
-static shared_key_t* passphrase_cb(passphrase_cb_data_t *data,
-								   shared_key_type_t type, identification_t *me,
-								   identification_t *other, id_match_t *match_me,
-								   id_match_t *match_other)
+CALLBACK(passphrase_cb, shared_key_t*,
+	passphrase_cb_data_t *data, shared_key_type_t type, identification_t *me,
+	identification_t *other, const char *msg, id_match_t *match_me,
+	id_match_t *match_other)
 {
 	static const int max_tries = 3;
 	shared_key_t *shared;
@@ -765,9 +765,10 @@ typedef struct {
 /**
  * Callback function to receive PINs
  */
-static shared_key_t* pin_cb(pin_cb_data_t *data, shared_key_type_t type,
-							identification_t *me, identification_t *other,
-							id_match_t *match_me, id_match_t *match_other)
+CALLBACK(pin_cb, shared_key_t*,
+	pin_cb_data_t *data, shared_key_type_t type, identification_t *me,
+	identification_t *other, const char *msg, id_match_t *match_me,
+	id_match_t *match_other)
 {
 	chunk_t secret;
 	char buf[256];
@@ -880,7 +881,7 @@ static bool load_pin(mem_cred_t *secrets, chunk_t line, int line_nr,
 			.card = smartcard,
 			.keyid = chunk,
 		};
-		cb = callback_cred_create_shared((void*)pin_cb, &pin_data);
+		cb = callback_cred_create_shared(pin_cb, &pin_data);
 		lib->credmgr->add_local_set(lib->credmgr, &cb->set, FALSE);
 	}
 	else
@@ -999,7 +1000,7 @@ static bool load_from_file(chunk_t line, int line_nr, FILE *prompt,
 		pp_data.cache = mem_cred_create();
 		lib->credmgr->add_local_set(lib->credmgr, &pp_data.cache->set, FALSE);
 		/* use callback credential set to prompt for the passphrase */
-		cb = callback_cred_create_shared((void*)passphrase_cb, &pp_data);
+		cb = callback_cred_create_shared(passphrase_cb, &pp_data);
 		lib->credmgr->add_local_set(lib->credmgr, &cb->set, FALSE);
 
 		*result = lib->creds->create(lib->creds, type, subtype,

src/libcharon/plugins/uci/uci_creds.c

@@ -118,7 +118,7 @@ METHOD(enumerator_t, shared_enumerator_destroy, void,
 
 METHOD(credential_set_t, create_shared_enumerator, enumerator_t*,
 	private_uci_creds_t *this, shared_key_type_t type,
-	identification_t *me, identification_t *other)
+	identification_t *me, identification_t *other, const char *msg)
 {
 	shared_enumerator_t *e;
 

src/libcharon/plugins/vici/Makefile.am

@@ -28,7 +28,8 @@ libstrongswan_vici_la_SOURCES = \
 	vici_attribute.h vici_attribute.c \
 	vici_authority.h vici_authority.c \
 	vici_logger.h vici_logger.c \
-	vici_plugin.h vici_plugin.c
+	vici_plugin.h vici_plugin.c \
+	vici_prompt.h vici_prompt.c
 
 libstrongswan_vici_la_LDFLAGS = -module -avoid-version
 

src/libcharon/plugins/vici/suites/test_event.c

@@ -125,7 +125,7 @@ START_TEST(test_raise_events)
 	ck_assert(dispatcher);
 
 	dispatcher->manage_event(dispatcher, "event", TRUE);
-	dispatcher->manage_command(dispatcher, "raise", raise_cb, dispatcher);
+	dispatcher->manage_command(dispatcher, "raise", raise_cb, dispatcher, NULL, NULL);
 
 	vici_init();
 	conn = vici_connect(URI);
@@ -142,7 +142,7 @@ START_TEST(test_raise_events)
 	vici_disconnect(conn);
 
 	dispatcher->manage_event(dispatcher, "event", FALSE);
-	dispatcher->manage_command(dispatcher, "raise", NULL, NULL);
+	dispatcher->manage_command(dispatcher, "raise", NULL, NULL, NULL, NULL);
 
 	lib->processor->cancel(lib->processor);
 	dispatcher->destroy(dispatcher);

src/libcharon/plugins/vici/suites/test_request.c

@@ -105,7 +105,7 @@ START_TEST(test_echo)
 	dispatcher = vici_dispatcher_create(URI);
 	ck_assert(dispatcher);
 
-	dispatcher->manage_command(dispatcher, "echo", echo_cb, (void*)(uintptr_t)1);
+	dispatcher->manage_command(dispatcher, "echo", echo_cb, (void*)(uintptr_t)1, NULL, NULL);
 
 	vici_init();
 	conn = vici_connect(URI);
@@ -120,7 +120,7 @@ START_TEST(test_echo)
 
 	vici_disconnect(conn);
 
-	dispatcher->manage_command(dispatcher, "echo", NULL, NULL);
+	dispatcher->manage_command(dispatcher, "echo", NULL, NULL, NULL, NULL);
 
 	lib->processor->cancel(lib->processor);
 	dispatcher->destroy(dispatcher);
@@ -152,7 +152,7 @@ START_TEST(test_missing)
 
 	vici_disconnect(conn);
 
-	dispatcher->manage_command(dispatcher, "echo", NULL, NULL);
+	dispatcher->manage_command(dispatcher, "echo", NULL, NULL, NULL, NULL);
 
 	lib->processor->cancel(lib->processor);
 	dispatcher->destroy(dispatcher);
@@ -181,7 +181,7 @@ START_TEST(test_stress)
 	dispatcher = vici_dispatcher_create(URI);
 	ck_assert(dispatcher);
 
-	dispatcher->manage_command(dispatcher, "echo", echo_cb, (void*)(uintptr_t)1);
+	dispatcher->manage_command(dispatcher, "echo", echo_cb, (void*)(uintptr_t)1, NULL, NULL);
 	dispatcher->manage_event(dispatcher, "dummy", TRUE);
 
 	vici_init();
@@ -214,7 +214,7 @@ START_TEST(test_stress)
 
 	vici_disconnect(conn);
 
-	dispatcher->manage_command(dispatcher, "echo", NULL, NULL);
+	dispatcher->manage_command(dispatcher, "echo", NULL, NULL, NULL, NULL);
 	dispatcher->manage_event(dispatcher, "dummy", FALSE);
 
 	lib->processor->cancel(lib->processor);

src/libcharon/plugins/vici/vici_attribute.c

@@ -729,7 +729,7 @@ static void manage_command(private_vici_attribute_t *this,
 						   char *name, vici_command_cb_t cb, bool reg)
 {
 	this->dispatcher->manage_command(this->dispatcher, name,
-									 reg ? cb : NULL, this);
+									 reg ? cb : NULL, this, NULL, NULL);
 }
 
 /**

src/libcharon/plugins/vici/vici_authority.c

@@ -713,7 +713,7 @@ static void manage_command(private_vici_authority_t *this,
 						   char *name, vici_command_cb_t cb, bool reg)
 {
 	this->dispatcher->manage_command(this->dispatcher, name,
-									 reg ? cb : NULL, this);
+									 reg ? cb : NULL, this, NULL, NULL);
 }
 
 /**

src/libcharon/plugins/vici/vici_config.c

@@ -2721,7 +2721,7 @@ static void manage_command(private_vici_config_t *this,
 						   char *name, vici_command_cb_t cb, bool reg)
 {
 	this->dispatcher->manage_command(this->dispatcher, name,
-									 reg ? cb : NULL, this);
+									 reg ? cb : NULL, this, NULL, NULL);
 }
 
 /**

src/libcharon/plugins/vici/vici_control.c

@@ -693,7 +693,7 @@ static void manage_command(private_vici_control_t *this,
 						   char *name, vici_command_cb_t cb, bool reg)
 {
 	this->dispatcher->manage_command(this->dispatcher, name,
-									 reg ? cb : NULL, this);
+									 reg ? cb : NULL, this, NULL, NULL);
 }
 
 /**