Hi.
On Sat, Apr 9, 2022 at 8:19 AM Gert Doering wrote:
> The openvpn tree itself brings a test script, "t_client.sh", which runs
> a number of OpenVPN instances, verifies that they come up, interface IPs
> are "as expected", and then runs pings to see if the tunnel works. There
> are no pre-def
Hello, devs.
I'm looking for tips on testing a dev branch of openvpn. I see I can fork
the github repo and enable actions to test that it builds on various OSs,
but what do you guys do for functional testing? Do you run a bunch of VMs
or docker containers and have them connect to each other? Any
On Tue, Mar 29, 2022 at 10:50 AM Gert Doering wrote:
> On Tue, Mar 29, 2022 at 06:21:37PM +0800, Tony He wrote:
> > 1. Add option "user nobody" to test ovpn-dco.
> > 2. Start openvpn, below is the log. Then we will see tun0 is still
> > there after openvpn exit. We must use the command "ip link d
On Thu, Mar 10, 2022 at 12:18 PM Gert Doering wrote:
> The actual plugin calls are no longer done with the "do them all"
> function plugin_call() (or plugin_call_ssl()) but plugin.c/plugin.h
> is changed to expose the "call one" function plugin_call_item(), and
> verify_user_pass_plugin() calls t
Hi Gert.
On Thu, Mar 10, 2022 at 3:13 PM Gert Doering wrote:
> Yes, your report triggered this work. I think I misunderstood the
> original scenario (I thought it involved two plugins both going
> "deferred"), but this patch introduces a "short circuit" approach
> to plugin authentication where
One of the behaviors that brought this to light was a user who had an LDAP
(non-deferred) plugin followed by a Duo MFA (deferred) plugin. He noted
that, even if the LDAP call returned failure, the Duo plugin was still
called. That would generate a push notification to his phone even though
the au
When evaluating authentication plugins, stop further evaluation
once the first failure is detected.
implementation notes: refactoring from a switch-case to an
if-else block allows the break statement to break out of the
outer for loop without additional control variables. Also,
moving the pr->n s
t; Hi,
>
> On Thu, Nov 11, 2021 at 01:23:43PM +, Pete Nelson wrote:
> > Thank you, Frank. Amended patch so it applies only to auth attempts.
> >
> > Not sure how patchwork handles this.. my intent is this amended patch
> > overwrites the patch from the OP.
> &g
ing wrote:
> Hi,
>
> On Thu, Nov 11, 2021 at 01:23:43PM +, Pete Nelson wrote:
> > Thank you, Frank. Amended patch so it applies only to auth attempts.
> >
> > Not sure how patchwork handles this.. my intent is this amended patch
> > overwrites the patch from the
;n = i;
-}
-
gc_free(&gc);
if (error)
--
2.17.1
On Wed, Nov 10, 2021 at 11:36 AM Frank Lichtenheld
wrote:
>
> Pete Nelson hat am 09.11.2021 20:47 geschrieben:
>
>
> When evaluating authentication plugins, stop further evaluation
> once the first fa
When evaluating authentication plugins, stop further evaluation
once the first failure is detected.
Implementation notes: Refactoring from a switch-case to an
if-else block allows the break statement to break out of the
outer for loop without additional control variables. Also,
moving the pr->n
11 matches
Mail list logo
