git.ipfire.org Git - thirdparty/openvpn.git/commit

author	Selva Nair <selva.nair@gmail.com>
	Wed, 26 Oct 2022 18:55:43 +0000 (14:55 -0400)
committer	Gert Doering <gert@greenie.muc.de>
	Thu, 27 Oct 2022 06:18:30 +0000 (08:18 +0200)
commit	3d792ae9557b959e796710cf903866d205d979da
tree	c0c59d8e063a0023e6adf840a3b97d3a7d006378	tree
parent	5ad4b4b374f072459ab2436ed372c92d3a42d65d	commit \| diff

Purge auth-token as well while purging passwords

Starting from commit e61b401a auth-token is saved in a separate struct
from auth-user-pass and is not cleared when ssl_purge_auth() is called.
This makes "forget-passwords" sent to the management
interface or "--management-forget-disconnect" option not to work
as expected.

Purging caused by --auth-nocache is not affected
(auth-token is retained in that case as it should be).

Use case:
For Pre-Logon access and persistent connections on Windows, use of
"forget-passwords" before disconnect is probably the only way to
ensure that no credentials are left behind. Note that openvpn.exe
continues to run after disconnect in these cases.

Also, the original intent of "forget-passwords" appears to be to
clear all "passwords" that can be used to reconnect.

v2:
- call ssl_clean_auth_token() directly from manage.c instead
of amending ssl_purge_auth()
- Add a comment that ssl_purge_auth() does not clear auth-token

Signed-off-by: Selva Nair <selva.nair@gmail.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20221026185543.5378-1-selva.nair@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg25460.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
(cherry picked from commit ecad4839caf4c2fab9c6627ceeca9b9cb32e8929)

src/openvpn/manage.c		diff \| blob \| blame \| history
src/openvpn/ssl.h		diff \| blob \| blame \| history