subject:"\[Openvpn\-devel\] \[PATCH\] auth\-token\: Ensure tokens are always wiped on de\-auth"

Re: [Openvpn-devel] [PATCH] auth-token: Ensure tokens are always wiped on de-auth

2017-03-28 Thread David Sommerseth

On 28/03/17 22:24, Steffan Karger wrote: > Hi, > > On 28-03-17 21:19, David Sommerseth wrote: >> If tls_deauthenticate() was called, it could in some scenarios leave the >> authentication token for a session in memory. This change just ensures >> auth-tokens are always wiped as soon as a TLS sess

Re: [Openvpn-devel] [PATCH] auth-token: Ensure tokens are always wiped on de-auth

2017-03-28 Thread Steffan Karger

Hi, On 28-03-17 21:19, David Sommerseth wrote: > If tls_deauthenticate() was called, it could in some scenarios leave the > authentication token for a session in memory. This change just ensures > auth-tokens are always wiped as soon as a TLS session is considered > broken. > > Signed-off-by: Da

[Openvpn-devel] [PATCH] auth-token: Ensure tokens are always wiped on de-auth

2017-03-28 Thread David Sommerseth

If tls_deauthenticate() was called, it could in some scenarios leave the authentication token for a session in memory. This change just ensures auth-tokens are always wiped as soon as a TLS session is considered broken. Signed-off-by: David Sommerseth --- The wipe_auth_token() function is othe

Re: [Openvpn-devel] [PATCH] auth-token: Ensure tokens are always wiped on de-auth

Re: [Openvpn-devel] [PATCH] auth-token: Ensure tokens are always wiped on de-auth

[Openvpn-devel] [PATCH] auth-token: Ensure tokens are always wiped on de-auth

3 matches

Site Navigation

Mail list logo

Footer information