From: Selva Nair <selva.n...@gmail.com> Check the config file location and command line options first and membership in OpenVPNAdministrators group after that as the latter could be a slow process for active directory users.
When connection to domain controllers is poor or unavailable, checking the group membership is slow and causes timeouts in the GUI (Trac 1051). However, in cases where the config is in the global directory, no group membership check should be required. The re-ordering here avoids the redundant check in such cases. In addition to this, its also proposed to improve the timeout handling in the GUI, but this change is still useful as it should completely eliminate the timeout issue for many users. Also see: https://github.com/OpenVPN/openvpn-gui/issues/332 Signed-off-by: Selva Nair <selva.n...@gmail.com> --- src/openvpnserv/interactive.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/openvpnserv/interactive.c b/src/openvpnserv/interactive.c index 6e72a14..dafd5c6 100644 --- a/src/openvpnserv/interactive.c +++ b/src/openvpnserv/interactive.c @@ -1581,8 +1581,8 @@ RunOpenvpn(LPVOID p) } /* Check user is authorized or options are white-listed */ - if (!IsAuthorizedUser(ovpn_user->User.Sid, imp_token, settings.ovpn_admin_group) - && !ValidateOptions(pipe, sud.directory, sud.options)) + if (!ValidateOptions(pipe, sud.directory, sud.options) + && !IsAuthorizedUser(ovpn_user->User.Sid, imp_token, settings.ovpn_admin_group) { goto out; } -- 2.1.4 _______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
