For what its worth, further testing has shown that this works fine with
~8 hours connection and 'reneg-sec 1800'
More than happy to call this resolved.
On 2017-07-08 00:01, Antonio Quartulli wrote:
With the introduction of the wait_for_push field in the auth_user_pass
structure, we have to make sure that such field is not accidentally
erased when the management asks the user for user/pass.
Erasing such field would mess up the logic introduced by
("Ignore auth-nocache for auth-user-pass if auth-token is pushed").
Thanks to David Sommerseth for the preliminary analysis and debugging.
Reported-by: Steven Haigh <net...@crc.id.au>
Signed-off-by: Antonio Quartulli <a...@unstable.cc>
Tested-by: Steven Haigh <net...@crc.id.au>
---
src/openvpn/manage.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/openvpn/manage.c b/src/openvpn/manage.c
index c2e8dc72..e850e0a4 100644
--- a/src/openvpn/manage.c
+++ b/src/openvpn/manage.c
@@ -3504,7 +3504,9 @@ management_query_user_pass(struct management
*man,
*/
if (ret)
{
- man->connection.up_query.nocache = up->nocache; /*
preserve caller's nocache setting */
+ /* preserve caller's settings */
+ man->connection.up_query.nocache = up->nocache;
+ man->connection.up_query.wait_for_push =
up->wait_for_push;
*up = man->connection.up_query;
}
secure_memzero(&man->connection.up_query,
sizeof(man->connection.up_query));
--
Steven Haigh
? net...@crc.id.au ? http://www.crc.id.au
? +61 (3) 9001 6090 ? 0412 935 897
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
