Re: [Openvpn-devel] [PATCH] auth-gen-token: Hardening memory cleanup on auth-token failuers

On 15/12/16 11:05, Gert Doering wrote: > Hi, > > On Wed, Dec 14, 2016 at 10:08:25PM +0100, Steffan Karger wrote: >> Looks good, but I think there's one more occurance you should >> incorporate in the patch: >> >> if (openvpn_base64_encode(tok, AUTH_TOKEN_SIZE, >>

Re: [Openvpn-devel] [PATCH] auth-gen-token: Hardening memory cleanup on auth-token failuers

Hi, On Wed, Dec 14, 2016 at 10:08:25PM +0100, Steffan Karger wrote: > Looks good, but I think there's one more occurance you should > incorporate in the patch: > > if (openvpn_base64_encode(tok, AUTH_TOKEN_SIZE, > >auth_token) < AUTH_TOKEN_SIZE) Under which

Re: [Openvpn-devel] [PATCH] auth-gen-token: Hardening memory cleanup on auth-token failuers

Hi, On 14-12-16 16:12, David Sommerseth wrote: > Further improve the memory management when a clients --auth-token > fails the server side token authentication enabled via --auth-gen-token. > > Signed-off-by: David Sommerseth > --- > src/openvpn/ssl_verify.c | 22

[Openvpn-devel] [PATCH] auth-gen-token: Hardening memory cleanup on auth-token failuers

Further improve the memory management when a clients --auth-token fails the server side token authentication enabled via --auth-gen-token. Signed-off-by: David Sommerseth --- src/openvpn/ssl_verify.c | 22 ++ 1 file changed, 18 insertions(+), 4