On Thu, 2014-07-31 at 10:28 -0700, Kevin Cernekee wrote: > On Thu, Jul 31, 2014 at 9:29 AM, David Woodhouse <dwmw2 at infradead.org> wrote: > > On Tue, 2014-07-29 at 12:05 -0700, Kevin Cernekee wrote: > >> > >> 2) If --token-secret points to a file, read the file contents into > >> token_str. This would allow sdtid (XML) tokens to be used directly; > >> it may also be helpful in keeping token strings (basically keys) from > >> showing up in "ps". > > > > Let me know if the UTF-8 handling required for this is non-obvious. > > > > For Windows, hopefully your API accepts UTF-8 and will convert to use > > the "Unicode" functions internally? :) > > For an input string containing a CTF URI > (http://127.0.0.1/securid/ctf?ctfData=2328...) I would not expect to > see any non-ASCII characters. > > For an SDTID XML file, I call xmlReadMemory() with encoding set to > NULL (UTF-8). I'm thinking of the *filename* itself, that will be passed to stoken_import_rcfile() from libopenconnect (where it currently only passes NULL). Isn't that what you were proposing? On POSIX systems, I'd guess you want that filename in the locale charset, in which case libopenconnect will want to use openconnect_utf8_to_legacy() before handing it to you. Examples added recently all over the place :) On Windows... ick. OpenSSL and libopenconnect handle it by taking UTF-8 then converting to UTF-16 and using the wide-char API for themselves internally where necessary (for file access, etc.) -- dwmw2 -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 5745 bytes Desc: not available URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20140731/ea16da34/attachment.bin>
