On 03/12/17 17:57, Илья Шипицин wrote: > Hello, > > I noticed strange "TLS Auth Error: Auth Username/Password verification > failed for peer" when I restarted openvpn server. > > deeper digging into that discovered the following flow > > 1) client is authenticated via login/password --> auth token is assigned > 2) reauth is done via username/token (token is kept in server memory) > 3) server is restarted > 4) username/token is passed to auth program --> auth failed > > so..
shouldn't the client re-start its session after the server has been restarted and so restart with auth/pass right away instead of trying the token? > > 1) shouldn't client retry auth with username/password if username/token is > failed ? > 2) shouldn't server just fail token and not pass it to "extrenla script" ? > > Cheers, > Ilya Shipitsin > > > > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > > > > _______________________________________________ > Openvpn-devel mailing list > Openvpn-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/openvpn-devel > -- Antonio Quartulli
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
