On 26/01/17 19:45, Gert Doering wrote:
> Hi,
> On Thu, Jan 26, 2017 at 07:36:32PM +0100, David Sommerseth wrote:
>> Anyhow ... quick-fix/workaround: Don't use --auth-nocache
> What happens if you have --auth-nocache, the server sends a token, and
> the token expires?  Will the client get something back that it can
> understand as "oh, I need to ask for a new password!"?
> (Sorry, I know I *should* have tested this long ago... :-) )

The when --auth-nocache is in use, the contents of password field in
struct user_pass is wiped and later ignored, regardless if the server
sent an --auth-token or not.

kind regards,

David Sommerseth

Attachment: signature.asc
Description: OpenPGP digital signature

Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
Openvpn-users mailing list

Reply via email to