On 01/10/2019 13:11, Gert Doering wrote:
> The patch itself looks like a very nice approach to the problem with
> "how can we communicate authentication fail reasons to the client?" issue
> that had a few (fairly intrusiv) patch sets flying around... someone 
> needs to go through the open patches and see what has become obsolete.

This patch should obsolete the older patches resolving the same issue.

It's a simpler approach, storing the reason in a session context object which
is then picked up when sending AUTH_FAILED.  I had one more intrusive change,
which changed the internal APIs fairly much, an approach not even I didn't
really liked that much.  I don't think there were any other proposals on the
mailing list.

I don't know what the various GUIs does, but they should also now be able to
pick up these rejections via the management interface as well; even on 2.4.x
clients connecting to a server with this patch.

kind regards,

David Sommerseth
OpenVPN Inc

Attachment: signature.asc
Description: OpenPGP digital signature

Openvpn-devel mailing list

Reply via email to