mirror of
https://github.com/OpenVPN/openvpn.git
synced 2024-09-20 12:02:28 +02:00
OpenVPN is an open source VPN daemon
9b0f1df256
Trying to keep the footrpint small, this patch adds to the convoluted code-flow in get_user_pass_cr(). Cleanup left for later. -----8<----- Currently prompting for a response to static-challenge gets skipped when the username and passowrd are read from a file. Further, dynamic challenge gets wrongly handled as if its a username/password request. The Fix: - Add yet another flag in get_user_pass_cr() to set when prompting of response from console is needed. - In receive_auth_failed(), the challenge text received from server _always_ copied to the auth_challenge buffer: this is needed to trigger prompting from console when required. - Also show the challenge text instead of an opaque "Response:" at the prompt. While at it, also remove the special treatment of authfile == "management" in get_user_pass_cr(). The feature implied by that test does not exist. Tested: - username and optionally password from file, rest from console - the above with a static challenge - the above with a dynamic challenge - all of the above with systemd in place of console - all from management with and without static/dynamic challenge. Thanks to Wayne Davison <wayne@opencoder.net> for pointing out the issue with challenge-response, and an initial patch. Signed-off-by: Selva Nair <selva.nair@gmail.com> Acked-by: Steffan Karger <steffan.karger@fox-it.com> Message-Id: <1450638773-11376-1-git-send-email-selva.nair@gmail.com> URL: http://article.gmane.org/gmane.network.openvpn.devel/10868 Signed-off-by: Gert Doering <gert@greenie.muc.de> |
||
---|---|---|
build | ||
contrib | ||
debug | ||
distro | ||
doc | ||
include | ||
m4 | ||
sample | ||
src | ||
tests | ||
.gitattributes | ||
.gitignore | ||
.mailmap | ||
.svncommitters | ||
AUTHORS | ||
ChangeLog | ||
Changes.rst | ||
compat.m4 | ||
config-msvc-version.h.in | ||
config-msvc.h | ||
configure.ac | ||
CONTRIBUTING.rst | ||
COPYING | ||
COPYRIGHT.GPL | ||
INSTALL | ||
INSTALL-win32.txt | ||
Makefile.am | ||
msvc-build.bat | ||
msvc-dev.bat | ||
msvc-env.bat | ||
NEWS | ||
openvpn.sln | ||
PORTS | ||
README | ||
README.ec | ||
README.IPv6 | ||
README.polarssl | ||
TODO.IPv6 | ||
version.m4 | ||
version.sh.in |
OpenVPN -- A Secure tunneling daemon Copyright (C) 2002-2010 OpenVPN Technologies, Inc. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License version 2 as published by the Free Software Foundation. ************************************************************************* For the latest version of OpenVPN, go to: http://openvpn.net/ To Build and Install, ./configure make make install or see the file INSTALL for more info. ************************************************************************* For detailed information on OpenVPN, including examples, see the man page http://openvpn.net/man.html For a sample VPN configuration, see http://openvpn.net/howto.html For a description of OpenVPN's underlying protocol, see the file ssl.h included in the source distribution. ************************************************************************* Other Files & Directories: * INSTALL-win32.txt -- installation instructions for Windows * configure.ac -- script to rebuild our configure script and makefile. * sample/sample-scripts/verify-cn A sample perl script which can be used with OpenVPN's --tls-verify option to provide a customized authentication test on embedded X509 certificate fields. * sample/sample-keys/ Sample RSA keys and certificates. DON'T USE THESE FILES FOR ANYTHING OTHER THAN TESTING BECAUSE THEY ARE TOTALLY INSECURE. * sample/sample-config-files/ A collection of OpenVPN config files and scripts from the HOWTO at http://openvpn.net/howto.html ************************************************************************* Note that easy-rsa and tap-windows are now maintained in their own subprojects. Their source code is available here: https://github.com/OpenVPN/easy-rsa https://github.com/OpenVPN/tap-windows The old cross-compilation environment (domake-win) and the Python-based buildsystem have been replaced with openvpn-build: https://github.com/OpenVPN/openvpn-build See the INSTALL file for usage information.