> > The intention to this patch is actually not directly tied to the fixes needed > to the --auth-gen-token handling at all. This is just to clarify the current > behaviour. > > In addition, it became clearer to me that the --auth-gen-token might be > perceived as a "one-stop-fix" for authentication plug-ins/scripts not > supporting auth-tokens. > > Further, the token expiry is an opt-in feature. It is something the > authentication script/plug-in need to handle, or explicitly enabled with > --auth-gen-token by providing an expiry timeout. > > Arne and I have discussed his patch today, and agreed upon a path forward of > fixing these issues as well and ensure that both OpenVPN 2 in client mode and > OpenVPN 3 based clients all behave in a similar way. This does also not rule > out that we might need to fix OpenVPN 3 as well. But consistent behaviour > across versions with a reasonably good user experience is the core goal. We > just need to take this carefully, step by step. > >
I think with my current new auth-token patch set, it makes auth-token a real feature instead of just a workaround. I will mark this one superseded. Arne
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
