$OpenBSD: patch-src_core_network-openssl_c,v 1.3 2010/05/19 15:04:28 sthen Exp $
--- src/core/network-openssl.c.orig	Sat Apr  3 18:19:38 2010
+++ src/core/network-openssl.c	Sun Apr  4 16:34:00 2010
@@ -43,6 +43,8 @@ typedef struct
 	const char *hostname;
 } GIOSSLChannel;
 
+void irssi_redraw(void);
+
 static int ssl_inited = FALSE;
 
 static void irssi_ssl_free(GIOChannel *handle)
@@ -374,6 +376,17 @@ static GIOFuncs irssi_ssl_channel_funcs = {
     irssi_ssl_get_flags
 };
 
+static int getpass_cb(char *buf, int size, int rwflag, void *keyname)
+{
+	char *pp, prompt[256];
+	snprintf(prompt, 256, "Enter Passphrase for %s:", keyname);
+	pp = getpass(prompt);
+	strncpy(buf, pp, size);
+	buf[size - 1] = '\0';
+	irssi_redraw();
+	return(strlen(buf));
+}
+
 static gboolean irssi_ssl_init(void)
 {
 	SSL_library_init();
@@ -412,6 +425,8 @@ static GIOChannel *irssi_ssl_get_iochannel(GIOChannel 
 		scert = convert_home(mycert);
 		if (mypkey && *mypkey)
 			spkey = convert_home(mypkey);
+		SSL_CTX_set_default_passwd_cb(ctx, getpass_cb);
+		SSL_CTX_set_default_passwd_cb_userdata(ctx, mypkey?mypkey:mycert);
 		if (! SSL_CTX_use_certificate_file(ctx, scert, SSL_FILETYPE_PEM))
 			g_warning("Loading of client certificate '%s' failed", mycert);
 		else if (! SSL_CTX_use_PrivateKey_file(ctx, spkey ? spkey : scert, SSL_FILETYPE_PEM))
