On 10/23/24 18:25, Selva Nair wrote:
Wouldn't pushing "HALT" instead of "AUTH_FAILED" work in this case?
As in the management command "client-kill {cid} HALT" which calls
send_restart() with kill_msg = "HALT".
Possibly, however the intent has always been to use this feature to
reject (authoriz
On 10/23/24 17:50, Gert Doering wrote:
OK, so I see what is happening - you're sending an AUTH_FAILED "out of
the blue", not in response to a client handshake, right?
Exactly. In response to a client handshake there's no problem.
OpenVPN 2 *should* invalidate the token upon the reconnect (and
On 10/23/24 17:43, Gert Doering wrote:
Hi,
On Wed, Oct 23, 2024 at 05:40:43PM +0300, Razvan Cojocaru wrote:
In this case, we want to disconnect the client and it should stay
disconnected. A simple AUTH_FAILED for this scenario will have the client
attempt another connection. But if we
On 10/23/24 17:23, Gert Doering wrote:
Hi,
On Wed, Oct 23, 2024 at 04:49:03PM +0300, Razvan Cojocaru wrote:
This in turn allows the server to signal to the client that it
should no longer attempt to reconnect, if it wants to keep the
client out after an AUTH_FAILED.
This should not be
This in turn allows the server to signal to the client that it
should no longer attempt to reconnect, if it wants to keep the
client out after an AUTH_FAILED.
Signed-off-by: Razvan Cojocaru
---
src/openvpn/misc.c | 5 +
1 file changed, 5 insertions(+)
diff --git a/src/openvpn/misc.c b/src
