On 26/02/2021 14:48, Arne Schwabe wrote:
This patch also refactors the if condition that checks the result of the authentication since that has become quite unreadable. It renames s1/s2 and extracts some parts of the condition into individual variables to make the condition better understandlePatch V2: add refactoring of the if condition Signed-off-by: Arne Schwabe <a...@rfc2549.org> --- Changes.rst | 12 +++++ doc/man-sections/script-options.rst | 14 ++++- src/openvpn/ssl.c | 2 - src/openvpn/ssl_verify.c | 84 +++++++++++++++++++++-------- 4 files changed, 87 insertions(+), 25 deletions(-)
I've just looked at the code/diff this time. One good and one ugly.The good one: The C code looks fine, and is good to go. ENABLE_DEF_AUTH is goe, which was my only complaint.
The ugly one: Documentation is still incorrect. From the diff:
+··When·deferred·authentication·is·in·use,·the·script·can·also·request
+··pending·authentication·by·writing·to·the·file·specified·by·the
+··:code:`auth_pending_file`.·The·first·line·must·be·the·timeout·in
+··seconds·and·the·second·line·the·EXTRA·as·documented·in·the
+··``client-pending-auth``·section·of·`doc/management.txt`.
This does not match what the TOTP auth-pending demo code does:
+def·write_auth_pending(timeout,·method,·extra):
+····with·open(os.environ['auth_pending_file'],·'w')·as·auth_pending:
+········auth_pending.write("%d\n%s\n%s"·%·(timeout,·method,·extra))
The documentation does not mention the "method" part.
There are also a few nitpicks in the patch 11/11 which I did not see on
the ML so far.
<https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg21528.html> Message-Id: <d5a5d7b8-662f-ef51-4081-027fcb8ce...@sf.lists.topphemmelig.net> -- kind regards, David Sommerseth OpenVPN Inc
OpenPGP_signature
Description: OpenPGP digital signature
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
