Am 20.10.22 um 00:46 schrieb selva.n...@gmail.com:
From: Selva Nair <selva.n...@gmail.com>
Starting from commit e61b401a auth-token is saved in a separate struct
from auth-user-pass and is not cleared when ssl_purge_auth() is called.
This makes "forget-passwords" sent to the management
interface or "--management-forget-disconnect" option not to work
as expected.
Purging caused by --auth-nocache is not affected
(auth-token is retained in that case as it should be).
Use case:
For Pre-Logon access and persistent connections on Windows, use of
"forget-passwords" before disconnect is probably the only way to
ensure that no credentials are left behind. Note that openvpn.exe
continues to run after disconnect in these cases.
Also, the original intent of "forget-passwords" appears to be to
clear all "passwords" that can be used to reconnect.
I had to first figure out what forget-password actually but yes this
commit is correct for that obscure feature.
Acked-By: Arne Schwabe <a...@rfc2549.org>
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
