[lets try unencrypted this time.]
On 15/12/16 22:52, Steffan Karger wrote:
> Hi,
>
> On 15 December 2016 at 13:22, David Sommerseth <dav...@openvpn.net> wrote:
>> Further improve the memory management when a clients --auth-token
>> fails the server side token authentication enabled via --auth-gen-token.
>>
>> v2 - Add ASSERT() if base64 encoding of token fails
>
> This will need rebasing because of the reformatting.
>
>> @@ -1255,24 +1269,11 @@ verify_user_pass(struct user_pass *up, struct
>> tls_multi *multi,
>> /* The token should be longer than the input when
>> * being base64 encoded
>> */
>> - if( openvpn_base64_encode(tok, AUTH_TOKEN_SIZE,
>> - &multi->auth_token) < AUTH_TOKEN_SIZE)
>> - {
>> - msg(D_TLS_ERRORS, "BASE64 encoding of token failed. "
>> - "No auth-token will be activated now");
>> [...]
>> + ASSERT(openvpn_base64_encode(tok, AUTH_TOKEN_SIZE,
>> + &multi->auth_token) <
>> AUTH_TOKEN_SIZE);
>
> Uhm, I think the < should be a > now?
> *facepalm* I was completely sure I had tested it. I really did run tests. I just ran the server and client on the opposite hosts. So the VM which had not been updated which should run the client ran the server mode instead ... thus no issues :/ I'll send a v3 patch now. -- kind regards, David Sommerseth OpenVPN Technologies, Inc
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
