Hi, On Sun, Feb 03, 2019 at 06:39:02PM +0100, Jonathan Keuser wrote: > I have the following problem: > I'm using the config parameter auth-user-pass-verify to authenticate my users > against ldap. While the "auth-user-pass-verify"-script is executeded, there > goes > no traffic through my VPN tunnel. If the script takes some seconds 'cause one > of > my ldap servers is in maintenance, the whole communication is stalled. > > Is this a known issue/bug? How can this be avoid?
This is a known issue, as script execution is synchronous (thus, everything
will wait until the script is finished).
Now - since this is a known issues, *some* bits can be executed
asynchronously. I know that at least auth *plugins* can execute
async (= openvpn will continue, and pick up the results later), and
there is work in progress for client-connect plugins and scripts.
From what I read in the changelogs, "async auth" seems to be a pure
plugin thing...
commit 47ae8457f9e9c2bb0f5c1e8f28822e1bbc16c196
Date: Wed Jun 4 05:16:44 2008 +0000
Support asynchronous authentication by plugins by allowing
OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY to return
OPENVPN_PLUGIN_FUNC_DEFERRED. See comments in
openvpn-plugin.h for documentation. Enabled by ENABLE_DEF_AUTH.
... but maybe I'm overlooking something... JJK, Dazo?
gert
--
"If was one thing all people took for granted, was conviction that if you
feed honest figures into a computer, honest figures come out. Never doubted
it myself till I met a computer with a sense of humor."
Robert A. Heinlein, The Moon is a Harsh Mistress
Gert Doering - Munich, Germany g...@greenie.muc.de
signature.asc
Description: PGP signature
_______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
