[Openvpn-devel] [PATCH v6 4/7] Rewrite auth-token-gen to be based on HMAC based tokens

The previous auth-token implementation had a serious problem, especially when paired with an unpatched OpenVPN client that keeps trying the auth-token (commit e61b401a). The auth-token-gen implementation forgot the auth-token on reconnect, this lead to reconnect with auth-token never working. Thi

[Openvpn-devel] [PATCH v6 5/7] Implement a permanent session id in auth-token

From: Arne Schwabe This allows an external authentication method (e.g. management interface) to track the connection and distinguish a reconnection from multiple connections. Addtionally this now also checks to workaround a problem with OpenVPN 3 core that sometimes uses a username hint from the

[Openvpn-devel] [PATCH v6 6/7] Send indication that a session is expired to clients

From: Arne Schwabe This allows OpenVPN 3 core to fall back to the original authentication method. This commit changes man_def_auth_set_client_reason to auth_set_client_reason since it now used in more contexts. Also remove a FIXME about client_reason not being freed, as it is freed in tls_multi

[Openvpn-devel] [PATCH v6 7/7] Implement unit tests for auth-gen-token

From: Arne Schwabe Patch V2: adapt unit tests to other V2 patches Patch V4: Resolve rebase conflicts Patch V5: Add \ lost in rebase that broke compilation --- tests/unit_tests/openvpn/Makefile.am | 18 +- tests/unit_tests/openvpn/test_auth_token.c | 375 + 2 files chan