Hi, On Tue, Mar 17, 2020 at 6:25 AM Gert Doering <g...@greenie.muc.de> wrote: > > Hi, > > On Tue, Mar 17, 2020 at 11:06:53AM +0100, David Sommerseth wrote: > > On 16/03/2020 14:48, Selva Nair wrote: > > [...snip...] > > >> I would just rephrase it to say: > > >> > > >> OpenVPN GUI v11 and newer uses its own internal username/password > > >> storage > > >> independent of the --auth-user-pass file provided. The file argument > > >> is > > >> ignored on such installations. > > > > > > I wish it behaved like that. Unfortunately the file argument is not > > > ignored in such cases. If the file has only username, openvpn.exe > > > reads it from the file and then fails to prompt for password as there > > > is no console available. > > > > Ouch ... that is a pointless misbehavior. Lets try to fix that. > > Have you recovered from your latest adventures in "password query code > in OpenVPN" already? :-) > > Not sure if the management commands permit the "we have a username but > no password" flow today... Arne, Selva? > > But yes, this needs to be either a clear error, or "work correctly" > > > > I propose to change this behaviour to: if --management-query-passwords > > > is set (which the GUI does), ignore the file given in auth-user-pass > > > and prompt both username and password from management. I think its > > > only logical for a later option (in this case the one set by the GUI) > > > to override a previous one. Anyway we do already ignore it if the file > > > is "stdin". > > > > Agreed! > > No, as this will break working configs *if* both username + password > are in the file (did we ever merge the "inline auth-user-pass" patch?).
See the patch in mail for what looks like an acceptable solution to me. Selva _______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
