2017-12-03 15:06 GMT+05:00 Antonio Quartulli <a...@unstable.cc>:
>
>
> On 03/12/17 17:57, Илья Шипицин wrote:
> > Hello,
> >
> > I noticed strange "TLS Auth Error: Auth Username/Password verification
> > failed for peer" when I restarted openvpn server.
> >
> > deeper digging into that discovered the following flow
> >
> > 1) client is authenticated via login/password --> auth token is assigned
> > 2) reauth is done via username/token (token is kept in server memory)
> > 3) server is restarted
> > 4) username/token is passed to auth program --> auth failed
> >
> > so..
>
> shouldn't the client re-start its session after the server has been
> restarted and so restart with auth/pass right away instead of trying the
> token?
>
it should (I meant that by "1)"), however it does not.
I tried openvpn-server from git master and openvpn 2.4.4 from official
windows installer.
(I'll try linux later)
does it restart in your case ?
>
> >
> > 1) shouldn't client retry auth with username/password if username/token
> is
> > failed ?
> > 2) shouldn't server just fail token and not pass it to "extrenla script"
> ?
> >
> > Cheers,
> > Ilya Shipitsin
> >
> >
> >
> > ------------------------------------------------------------
> ------------------
> > Check out the vibrant tech community on one of the world's most
> > engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> >
> >
> >
> > _______________________________________________
> > Openvpn-devel mailing list
> > Openvpn-devel@lists.sourceforge.net
> > https://lists.sourceforge.net/lists/listinfo/openvpn-devel
> >
>
> --
> Antonio Quartulli
>
>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
