Hi, On Wed, Feb 7, 2018 at 3:30 PM, Илья Шипицин <chipits...@gmail.com> wrote: > > > 2018-02-08 1:21 GMT+05:00 Selva Nair <selva.n...@gmail.com>: >> >> Hi, >> >> On Wed, Feb 7, 2018 at 2:58 PM, David Sommerseth >> <open...@sf.lists.topphemmelig.net> wrote: >> > On 07/02/18 20:32, Илья Шипицин wrote: >> >> After auth-token were introduced, when user press "Reconnect", it leads >> >> to >> >> auth fail (saved password is forgotten), we run about 1000 users, >> >> nobody >> >> complains. >> > >> > This is actually expected, I'd say - but smells like a bug on the server >> > side >> > authentication. >> > >> > Selva may correct me if I'm wrong, but my understanding of it when >> > clicking >> > "Reconnect", the local OpenVPN process which caches the auth-token is >> > stopped >> > and a new OpenVPN process is started. The client should in this case >> > ask for >> > username/password again. So in this case, the server side should treat >> > this >> > connection as a fresh connection with no initial state. >> >> GUI's reconnect button is wired to send a SIGHUP to the client openvpn >> process. The problem is that if auth-token is in use, the client >> openvpn.exe does not forget it it when restarting the connection by >> SIGHUP or SIGUSR1 -- I think it should but it doesn't. That leads to >> an AUTH_FAILED from server. The GUI has hard time distinguishing >> between reasons for AUTH_FAILED, so it just assumes that password >> verification failed and clears the saved password and prompts for a >> new one. Obviously users are not happy. > > > users don't care :) > > if they we ever unhappy, we should fix it. > > currently, I'm open to ideas how to perform a (proper) investigation in > order to actually remove "Reconnect" button
I do not understand why you keep harping about removing the reconnect button. If you are angry with auth-token do not take it out on the wrong victim. Its not reconnect button's fault. In fact if your users do not use it, why bother? Selva ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
