diff options
author | Steffan Karger <steffan@karger.me> | 2015-05-23 15:02:25 +0200 |
---|---|---|
committer | Gert Doering <gert@greenie.muc.de> | 2015-05-23 21:21:33 +0200 |
commit | 6f789d2ec6b6aacb46ab27f1482222c6981faab6 (patch) | |
tree | e59cecb7a75a41ca8160ac4a1a48e0f833d4a87d /src | |
parent | 7b285112d22f74c19dd5b1476ddbf1bd83339c84 (diff) | |
download | openvpn-6f789d2ec6b6aacb46ab27f1482222c6981faab6.tar.gz openvpn-6f789d2ec6b6aacb46ab27f1482222c6981faab6.tar.xz openvpn-6f789d2ec6b6aacb46ab27f1482222c6981faab6.zip |
Re-read auth-user-pass file on (re)connect if required
Fixes trac #225 ('--auth-user-pass FILE' and '--auth-nocache' problem).
This patch is based on the changes suggested by ye_olde_iron in the trac
ticket. Also added a note to the manpage to inform people to use
absolute paths when combining --auth-user-pass file and --auth-nocache.
Signed-off-by: Steffan Karger <steffan@karger.me>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1432386145-15045-1-git-send-email-steffan@karger.me>
URL: http://article.gmane.org/gmane.network.openvpn.devel/9717
Signed-off-by: Gert Doering <gert@greenie.muc.de>
(cherry picked from commit ac1cb5bfbb9e09e79fd737bc57999d968d77c5ad)
Diffstat (limited to 'src')
-rw-r--r-- | src/openvpn/init.c | 1 | ||||
-rw-r--r-- | src/openvpn/ssl.c | 4 | ||||
-rw-r--r-- | src/openvpn/ssl_common.h | 1 |
3 files changed, 4 insertions, 2 deletions
diff --git a/src/openvpn/init.c b/src/openvpn/init.c index ce0a865..1bddd18 100644 --- a/src/openvpn/init.c +++ b/src/openvpn/init.c @@ -2276,6 +2276,7 @@ do_init_crypto_tls (struct context *c, const unsigned int flags) to.tmp_dir = options->tmp_dir; if (options->ccd_exclusive) to.client_config_dir_exclusive = options->client_config_dir; + to.auth_user_pass_file = options->auth_user_pass_file; #endif #ifdef ENABLE_X509_TRACK diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c index 423aedb..a17c738 100644 --- a/src/openvpn/ssl.c +++ b/src/openvpn/ssl.c @@ -1905,9 +1905,9 @@ key_method_2_write (struct buffer *buf, struct tls_session *session) if (auth_user_pass_enabled) { #ifdef ENABLE_CLIENT_CR - auth_user_pass_setup (NULL, session->opt->sci); + auth_user_pass_setup (session->opt->auth_user_pass_file, session->opt->sci); #else - auth_user_pass_setup (NULL, NULL); + auth_user_pass_setup (session->opt->auth_user_pass_file, NULL); #endif if (!write_string (buf, auth_user_pass.username, -1)) goto error; diff --git a/src/openvpn/ssl_common.h b/src/openvpn/ssl_common.h index eb09983..449172d 100644 --- a/src/openvpn/ssl_common.h +++ b/src/openvpn/ssl_common.h @@ -277,6 +277,7 @@ struct tls_options const char *auth_user_pass_verify_script; bool auth_user_pass_verify_script_via_file; const char *tmp_dir; + const char *auth_user_pass_file; /* use the client-config-dir as a positive authenticator */ const char *client_config_dir_exclusive; |