$OpenBSD: patch-src_core_network-openssl_c,v 1.2 2009/05/23 17:47:01 martynas Exp $
--- src/core/network-openssl.c.orig	Tue Mar 31 22:50:02 2009
+++ src/core/network-openssl.c	Sun Apr  5 01:25:29 2009
@@ -41,6 +41,8 @@ typedef struct
 	unsigned int verify:1;
 } GIOSSLChannel;
 
+void irssi_redraw(void);
+
 static SSL_CTX *ssl_ctx = NULL;
 
 static void irssi_ssl_free(GIOChannel *handle)
@@ -225,6 +227,17 @@ static GIOFuncs irssi_ssl_channel_funcs = {
     irssi_ssl_get_flags
 };
 
+static int getpass_cb(char *buf, int size, int rwflag, void *keyname)
+{
+	char *pp, prompt[256];
+	snprintf(prompt, 256, "Enter Passphrase for %s:", keyname);
+	pp = getpass(prompt);
+	strncpy(buf, pp, size);
+	buf[size - 1] = '\0';
+	irssi_redraw();
+	return(strlen(buf));
+}
+
 static gboolean irssi_ssl_init(void)
 {
 	SSL_library_init();
@@ -266,6 +279,8 @@ static GIOChannel *irssi_ssl_get_iochannel(GIOChannel 
 		scert = convert_home(mycert);
 		if (mypkey && *mypkey)
 			spkey = convert_home(mypkey);
+		SSL_CTX_set_default_passwd_cb(ctx, getpass_cb);
+		SSL_CTX_set_default_passwd_cb_userdata(ctx, mypkey?mypkey:mycert);
 		if (! SSL_CTX_use_certificate_file(ctx, scert, SSL_FILETYPE_PEM))
 			g_warning("Loading of client certificate '%s' failed", mycert);
 		else if (! SSL_CTX_use_PrivateKey_file(ctx, spkey ? spkey : scert, SSL_FILETYPE_PEM))
