I'm trying to implement dynamic challenge/response in Tunnelblick and
have some questions. I've been using the management-interface
documentation [1] as my guide.
1. Is what the management interface sends something like (all on one line):
>PASSWORD:Verification Failed: 'Auth'
>['CRV1:R,E:Om01u7Fh4LrGBS7uh0SWmzwabUiGiW6l:Y3Ix:Please enter token PIN:']
and not just the challenge all by itself?
2. Is the final ":" in the above part of the prompt to be shown to the
user, or is it a delimiter showing the end of the prompt?
3. Is the response back to the management interface really like this:
Username: cr1 ("Y3Ix" base64 decoded)
Password: CRV1::Om01u7Fh4LrGBS7uh0SWmzwabUiGiW6l::8675309
I ask because the syntax for the username/password for a
NON-challenge/response response back to the management interface is
username "Auth" THE_USERNAME
password "Auth" THE_PASSWORD
which has "username" and "password" in lower-case and without the ":"s.
4. Can the Username and Password fields sent to the OpenVPN management
interface be quoted (and must double-quotes within the fields be
escaped), as with the NON-challenge/response response?
Thanks,
Jon Bullard
[1]
https://openvpn.net/index.php/open-source/documentation/miscellaneous/79-management-interface.html
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
