Hi,
On Wed, Feb 8, 2017 at 10:01 PM, Antonio Quartulli <a...@unstable.cc> wrote:
> On Wed, Feb 08, 2017 at 02:25:44PM -0500, selva.n...@gmail.com wrote:
> > From: Selva Nair <selva.n...@gmail.com>
> >
> > - Keep the username even if auth-nocache is specified so that
> > any auth_token pushed by the server could be utilized
>
> This means that even when using no auth-token the username will be cached.
> Can this be a security concern?
>
I would consider username as not sensitive material although not sure
everyone would agree. Unfortunately there is no way to know in advance that
auth-token may get pushed so I can't think of a good way of avoiding this.
A not so secure approach (I considered this first) would be to delay
clearing the username/password to post pushed-options processing, but then
one has to handle cases like what if the push reply never arrives and so
on.. In general its always better to clear sensitive data at the earliest.
The way out would be to do one more purge_user_pass(.., false) after push
processing.. sigh.. will go there only if absolutely necessary.
Selva
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
