Fix using management interface to get passwords.

Commits da9b292733 and
315f6fbc7f broke the use case where we are
asking password from the management client. The password is always asked
before daemonization. With this fix we avoid this and ask it via management
interface in the same spot as before the mentioned commits. Tested on Linux.

v2: This patch was first submitted by Christian Pellegrin (from Google),
and reworked by Steffan Karger (from the OpenVPN team) to also work for
setups with --management-query-passwords but without --auth-user-pass.

Signed-off-by: Steffan Karger <steffan@karger.me>
Signed-off-by: Christian Pellegrin <chripell@google.com>
Tested-by: Christian Pellegrin <chripell@google.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <55A6C46C.5080601@karger.me>
URL: http://article.gmane.org/gmane.network.openvpn.devel/9927
Signed-off-by: Gert Doering <gert@greenie.muc.de>

src/openvpn/openvpn.c

@@ -229,8 +229,12 @@ openvpn_main (int argc, char *argv[])
 	  if (do_test_crypto (&c.options))
 	    break;
 
-	  /* Query passwords before becoming a daemon */
-	  init_query_passwords (&c);
+	  /* Query passwords before becoming a daemon if we don't use the
+	   * management interface to get them. */
+#ifdef ENABLE_MANAGEMENT
+	  if (!(c.options.management_flags & MF_QUERY_PASSWORDS))
+#endif
+	    init_query_passwords (&c);
 
 	  /* become a daemon if --daemon */
 	  if (c.first_time)
@@ -243,6 +247,9 @@ openvpn_main (int argc, char *argv[])
 	  /* open management subsystem */
 	  if (!open_management (&c))
 	    break;
+	  /* query for passwords through management interface, if needed */
+	  if (c.options.management_flags & MF_QUERY_PASSWORDS)
+	    init_query_passwords (&c);
 #endif
 
 	  /* set certain options as environmental variables */