On Thu, Dec 17, 2015 at 1:22 PM, Selva Nair wrote:
> (a) leave as is and document that challenge-response is incompatible with
> user and pass from file
>
If people lean this way I think the code would still need to be changed to
fail instead of endlessly looping, sending bad answers back to the
On Tue, Dec 15, 2015 at 7:09 PM, Selva Nair wrote:
> This doesn't work: it messes up any response already read from the
> management interface.
>
Given what options? I tested --management with --management-query-passwords
without issue. Are you combining that with --auth-user-pass FILENAME? I
c
Fix the indentation on the code block that got moved out of an unneeded
"if".
---
src/openvpn/misc.c | 116 ++---
1 file changed, 58 insertions(+), 58 deletions(-)
diff --git a/src/openvpn/misc.c b/src/openvpn/misc.c
index e0aa5f9..517a2eb 100644
--
Two buffers used for username/password prompting can be moved into a
deeper block so that they don't get set if they are not going to be
used.
---
src/openvpn/misc.c | 17 +
1 file changed, 9 insertions(+), 8 deletions(-)
diff --git a/src/openvpn/misc.c b/src/openvpn/misc.c
index
The code that reads the challenge response (both dynamic & static) will
not prompt the user if the username and password information was read
from a file. In the latest code this can be fixed by simply removing
the "if (username_from_stdin || password_from_stdin)" condition because
all the deeper
On Tue, Dec 15, 2015 at 12:51 PM, Selva Nair wrote:
> This could be a small ~2 line patch -- easier to review and test.
>
I'll post a 3-part patch as a reply to this email. They are: (1) the "if"
removal that fixes the bug, (2) the prompt buffer moves, and (3) the
reindentation. If you end up w
On Mon, Dec 14, 2015 at 4:10 PM, Selva Nair wrote:
> I took a quick look and it seems a simplified patch that addresses the
> most critical-sounding issue (challenge/reponse not prompted for
> from stdin) may be more useful.
>
That's exactly what that patch is.
>From the cover-letter to the pat
On Thu, Dec 10, 2015 at 8:57 AM, Wayne Davison wrote:
> src/openvpn/misc.c | 119
> +
> 1 file changed, 57 insertions(+), 62 deletions(-)
>
Any questions I can answer about this patch? This is such a
straight-forward bug with
Must be applied after the patch to fix CR prompting.
---
doc/openvpn.8 | 8 +++-
src/openvpn/misc.c | 19 +--
2 files changed, 20 insertions(+), 7 deletions(-)
diff --git a/doc/openvpn.8 b/doc/openvpn.8
index 1b9dcae..e806930 100644
--- a/doc/openvpn.8
+++ b/doc/openvpn
---
src/openvpn/misc.c | 119 +
1 file changed, 57 insertions(+), 62 deletions(-)
diff --git a/src/openvpn/misc.c b/src/openvpn/misc.c
index bc411bf..83e10f7 100644
--- a/src/openvpn/misc.c
+++ b/src/openvpn/misc.c
@@ -1132,74 +1132,69 @@ get_us
On Thu, Dec 10, 2015 at 8:28 AM, Arne Schwabe wrote:
> The scenario read the password from file and then ask the password per
> console seems a bit strange.
>
You mean read the password from a file and then ask for the CR from the
console. If someone combines a server that issues a challenge wi
---
src/openvpn/misc.c | 120 ++---
1 file changed, 60 insertions(+), 60 deletions(-)
diff --git a/src/openvpn/misc.c b/src/openvpn/misc.c
index a6915ac..af64cb0 100644
--- a/src/openvpn/misc.c
+++ b/src/openvpn/misc.c
@@ -1105,11 +1105,11 @@ get_us
Fixes a bug where there is no prompt for a dynamic (or static) challenge
response when combining "--auth-retry interact" (or --static-challenge)
with --auth-user-pass and the password is read from the file. It also
extends the reading from the file to allow a response to be provided on
the line aft
There is a bug in the challenge/response code when the username & password
is read from a file -- the response is never prompted for. This bug affects
older versions, including 2.3.8. The following patchset applies to master,
and uses a similar bool idiom as what has been added for user & pass.
14 matches
Mail list logo
