]> git.ipfire.org Git - thirdparty/openvpn.git/commit
backport: Ignore auth-nocache for auth-user-pass if auth-token is pushed
authorDavid Sommerseth <davids@openvpn.net>
Sat, 25 Feb 2017 13:10:29 +0000 (14:10 +0100)
committerDavid Sommerseth <davids@openvpn.net>
Mon, 19 Jun 2017 10:11:01 +0000 (12:11 +0200)
commit199ef1321c77c43ca5151119bef65c7a3d8b716f
treee0482b19eb3522485d96af1430853e49507ac5fe
parent4d343fbe9166e14187775567db00c0a91017df83
backport: Ignore auth-nocache for auth-user-pass if auth-token is pushed

This is a backport to release/2.3 of the following commit:

commit 571165360db0392fa83ec8e6f8de145f623c53fe
Author: Antonio Quartulli <a@unstable.cc>
Date:   Sat Feb 25 08:40:14 2017 +0800

    When the auth-token option is pushed from the server to the client,
    the latter has to ignore the auth-nocache directive (if specified).

    The password will now be substituted by the unique token, therefore
    it can't be wiped out, otherwise the next renegotiation will fail.

    Trac: #840
Cc: David Sommerseth <openvpn@sf.lists.topphemmelig.net>
Signed-off-by: Antonio Quartulli <a@unstable.cc>
Acked-by: Arne Schwabe <arne@rfc2549.org>
    Message-Id: <20170225004014.28638-1-a@unstable.cc>
    URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg14194.html
Signed-off-by: David Sommerseth <davids@openvpn.net>
Signed-off-by: David Sommerseth <davids@openvpn.net>
Acked-By: Arne Schwabe <arne@rfc2549.org>
Message-Id: <f7ac719e-0b28-4c4d-5e8a-2932827789b6@sf.lists.topphemmelig.net>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg14201.html
Signed-off-by: David Sommerseth <davids@openvpn.net>
src/openvpn/init.c
src/openvpn/misc.c
src/openvpn/misc.h
src/openvpn/ssl.c
src/openvpn/ssl.h