mirror of
https://github.com/OpenVPN/openvpn3.git
synced 2024-09-20 12:12:15 +02:00
fix reset of auth-token on AUTH_FAILED,SESSION
This is e.g. sent during renegotiation when the lifetime of an auth-token on the server has expired. Due to shortcut evaluation of the logical OR expression the call to can_retry_auth_with_cached_password() never happened with connections that use autologin(_session). Since the called function has side effects on the ClientCreds object, i.e. resetting the session_id to the saved password, an endless loop of retries with the expired auth-token followed. Signed-off-by: Heiko Hund <heiko@openvpn.net>
This commit is contained in:
parent
0c57e23aca
commit
468fcaf0ac
@ -637,8 +637,8 @@ namespace openvpn {
|
||||
// If session token problem (such as expiration), and we have a cached
|
||||
// password, retry with it. Otherwise, fail without retry.
|
||||
if (string::starts_with(reason, "SESSION:")
|
||||
&& (autologin_sessions
|
||||
|| (creds && creds->can_retry_auth_with_cached_password())))
|
||||
&& ((creds && creds->can_retry_auth_with_cached_password())
|
||||
|| autologin_sessions))
|
||||
{
|
||||
log_reason = "SESSION_AUTH_FAILED";
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user