On Mon, Jun 12, 2017 at 2:14 PM, Gert Doering <g...@greenie.muc.de> wrote:
> Hi,
>
> wading through my heap of mails that did not get proper attention...
>
> On Fri, May 05, 2017 at 02:24:02PM -0400, selva.n...@gmail.com wrote:
> > From: Selva Nair <selva.n...@gmail.com>
> >
> > If static challenge is in use, the password passed to the plugin by
> openvpn
> > is of the form "SCRV1:base64-pass:base64-response". Parse this string to
> > separate it into password and response and use them to respond to queries
> > in the pam conversation function.
> >
> > On the plugin parameters line the substitution keyword for the static
> > challenge response is "OTP". For example, for pam config named "test"
> that
> > prompts for "user", "password" and "pin", use
> >
> > plugin openvpn-auth-pam.so "test user USERNAME password PASSWORD pin OTP"
>
> What is the status of this one? Does it need updating after 1/2 got
> changed to v2 and v3 are these independent enough that 2/2 is standalone?
>
> From a cursory glance, it calls secure_memzero() which is now, I think,
> plugin_secure_memzero() - right?
>
>
> I also seem to remember discussions between you and David regarding
> base64 function exporting - what's the state on this?
>
I have a version 2 that uses exported base64 but waiting on the following
patch to get an NAK or ACK to finalize it.
https://www.mail-archive.com/openvpn-devel@lists.sourcefo
rge.net/msg14655.html
That would also help David's base64 export patch revised, reviewed and
merged. For background, see the thread
https://www.mail-archive.com/openvpn-devel@lists.
sourceforge.net/msg14577.html
Selva
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
