Hi
On Tue, Aug 7, 2018 at 5:01 PM, Gert Doering wrote:
>
>> > in the LinOTP URL - so, it didn't decode it, because the second ':'
>> > was missing (if I put a blank in there, I get pass=mypin%20).
>> >
>> > Is this intentional? Should it be that way?
>>
>> If you are constructing the SCRV1: line
Hi,
On Tue, Aug 07, 2018 at 03:38:43PM -0400, Selva Nair wrote:
> > If I press return at the challenge prompt, it seems the SCRV1: string
> > is not formed the way the plugin wants it, and I end up with
> >
> > pass=SCRV1%3AMTE5NQ%3D%3D
>
> How to format this if response is empty is not clearly
Hi,
Correcting myself...
>> Found an interesting caveat which should be addressed, I think.
>>
>> Our system (LinOTP) knows "PIN+OTP" or "PIN" as valid input, the
>> latter leading to "send me a token by SMS/e-mail/...".
>>
>> If I press return at the challenge prompt, it seems the SCRV1: string
Hi,
On Tue, Aug 7, 2018 at 3:07 PM, Gert Doering wrote:
> Hi,
>
> On Tue, Aug 07, 2018 at 08:59:37PM +0200, Gert Doering wrote:
>> > v2: Depends on the base64 export patch
>> > v3: match password string with "SCRV1:" instead of "SCRV1"
>> > (pointed out by Joe Bell )
>>
>> Nicely works and does w
Hi,
On Tue, Aug 7, 2018 at 2:59 PM, Gert Doering wrote:
...some good comments snipped...
>
> There's another catch which we might want to at least document: if you
> build this plugin and run it from a slightly older openvpn binary which
> doesn't export the base64 functions, it will core dump
Hi,
On Tue, Aug 07, 2018 at 08:59:37PM +0200, Gert Doering wrote:
> > v2: Depends on the base64 export patch
> > v3: match password string with "SCRV1:" instead of "SCRV1"
> > (pointed out by Joe Bell )
>
> Nicely works and does what it says on the lid. So...
Talking to myself a lot, lately...
Hi,
On Tue, Jul 24, 2018 at 10:34:53PM -0400, selva.n...@gmail.com wrote:
> From: Selva Nair
>
> If static challenge is in use, the password passed to the plugin by openvpn
> is of the form "SCRV1:base64-pass:base64-response". Parse this string to
> separate it into password and response and use
HI
On Tue, Jul 31, 2018 at 3:07 AM, David Sommerseth
wrote:
> On 30/07/18 16:58, Selva Nair wrote:
>> Hi,
>>
>> On Mon, Jul 30, 2018 at 10:31 AM, Antonio Quartulli wrote:
>>> Hi,
>>>
>>> On 30/07/18 04:16, Selva Nair wrote:
Yes that's the base64 patch. What is stopping it is not the
di
On 30/07/18 16:58, Selva Nair wrote:
> Hi,
>
> On Mon, Jul 30, 2018 at 10:31 AM, Antonio Quartulli wrote:
>> Hi,
>>
>> On 30/07/18 04:16, Selva Nair wrote:
>>> Yes that's the base64 patch. What is stopping it is not the
>>> disagreement on that patch but an "error" [*] in the plugin header
>>> th
Hi,
On Mon, Jul 30, 2018 at 10:31 AM, Antonio Quartulli wrote:
> Hi,
>
> On 30/07/18 04:16, Selva Nair wrote:
>> Yes that's the base64 patch. What is stopping it is not the
>> disagreement on that patch but an "error" [*] in the plugin header
>> that I had discovered. David wants to fix that bef
Hi,
On 30/07/18 04:16, Selva Nair wrote:
> Yes that's the base64 patch. What is stopping it is not the
> disagreement on that patch but an "error" [*] in the plugin header
> that I had discovered. David wants to fix that before this one, but
> it seems he is too busy with other things.
>
> And t
Hi,
On Sun, Jul 29, 2018 at 3:34 PM, Gert Doering wrote:
> Hi,
>
> On Tue, Jul 24, 2018 at 10:34:53PM -0400, selva.n...@gmail.com wrote:
>> From: Selva Nair
>>
>> If static challenge is in use, the password passed to the plugin by openvpn
>> is of the form "SCRV1:base64-pass:base64-response". Pa
Hi,
On Tue, Jul 24, 2018 at 10:34:53PM -0400, selva.n...@gmail.com wrote:
> From: Selva Nair
>
> If static challenge is in use, the password passed to the plugin by openvpn
> is of the form "SCRV1:base64-pass:base64-response". Parse this string to
> separate it into password and response and use
On Wed, Jul 25, 2018 at 4:43 PM, Gert Doering wrote:
> Hi,
>
> On Wed, Jul 25, 2018 at 04:31:05PM -0500, Joe Bell wrote:
> > I don't know if it is appropriate to reply to this post in this manner,
>
> It is and it helps :-)
>
> We want test reports, as in "I am using this, because it is a useful
Hi,
On Wed, Jul 25, 2018 at 04:31:05PM -0500, Joe Bell wrote:
> I don't know if it is appropriate to reply to this post in this manner,
It is and it helps :-)
We want test reports, as in "I am using this, because it is a useful
feature for me, and it works fine!" - not as strong as a full code
I don't know if it is appropriate to reply to this post in this manner, but
Selva's static challenge response in the PAM plugin would be a great
addition; I've applied this and the base64 patch and can successfully use
the implementation with Tunnelblick (which is supporting static-challenge
as of
From: Selva Nair
If static challenge is in use, the password passed to the plugin by openvpn
is of the form "SCRV1:base64-pass:base64-response". Parse this string to
separate it into password and response and use them to respond to queries
in the pam conversation function.
On the plugin paramete
17 matches
Mail list logo
