Re: [Openvpn-devel] [PATCH v2] auth-token: Ensure tokens are always wiped on de-auth

Hi, On 28-03-17 22:53, David Sommerseth wrote: > If tls_deauthenticate() was called, it could in some scenarios leave the > authentication token for a session in memory. This change just ensures > auth-tokens are always wiped as soon as a TLS session is considered > broken. > > Signed-off-by: Da

[Openvpn-devel] [PATCH v2] auth-token: Ensure tokens are always wiped on de-auth

If tls_deauthenticate() was called, it could in some scenarios leave the authentication token for a session in memory. This change just ensures auth-tokens are always wiped as soon as a TLS session is considered broken. Signed-off-by: David Sommerseth --- The wipe_auth_token() function is othe