always allow an auth-token to replace a password

Previous to this auth-tokens would only be accepted with auto-login profiles, or when an old style dynamic challenge (CRV1) happened. Now, accepts the auth-token unconditionally, even if not user/pass authentication was configured before. Signed-off-by: Heiko Hund <heiko@openvpn.net>
2024-09-20 04:02:15 +02:00 · 2021-08-11 14:43:28 +02:00 · 2021-08-11 14:43:28 +02:00 · 7c58e466d2
commit 7c58e466d2
parent 4a95802798
1 changed files with 3 additions and 0 deletions
--- a/openvpn/client/cliproto.hpp
+++ b/openvpn/client/cliproto.hpp
@ -526,6 +526,9 @@ namespace openvpn {
 #else
 		  OPENVPN_LOG("Session token: [redacted]");
 #endif
+		  autologin_sessions = true;
+		  conf().set_xmit_creds(true);
+		  creds->set_replace_password_with_session_id(true);
 		  creds->set_session_id(username, sess_id);
 		}
 	    }