Hi Gert et al,
On 15/06/17 09:47, Gert Doering wrote:
Hi,
On Thu, Jun 15, 2017 at 12:50:40PM +1000, Steven Haigh wrote:
I'm just trying to figure out if its expected behaviour to have the
'username' set in the environment when using the auth-user-pass-verify
script.
The code in question (ssl_
Hi,
On Fri, Jun 16, 2017 at 12:01:03AM +0200, David Sommerseth wrote:
> > That still poses the question, is a plugin supposed to be able to alter the
> > environment presented to the auth-user-pass-verify script?
>
> You have discovered something I've not been thinking of. But yes,
> plug-ins c
> On 16 Jun 2017, at 06:01, David Sommerseth
> wrote:
> That said ... this needs to be changed, I think it makes sense to take
> some action to reduce this possibility. By manipulating pointers
> provided to you via the the plug-in interface, you can make the OpenVPN
> process crash and burn ..
On 15/06/17 18:11, Steven Haigh wrote:
> On Thursday, 15 June 2017 5:47:39 PM AEST Gert Doering wrote:
>> Hi,
>>
>> On Thu, Jun 15, 2017 at 12:50:40PM +1000, Steven Haigh wrote:
[...snip...]
>>
>> old:
>>
>> else
>> {
>> setenv_str(session->opt->es, "username", up->usern
On Thursday, 15 June 2017 5:47:39 PM AEST Gert Doering wrote:
> Hi,
>
> On Thu, Jun 15, 2017 at 12:50:40PM +1000, Steven Haigh wrote:
> > I'm just trying to figure out if its expected behaviour to have the
> > 'username' set in the environment when using the auth-user-pass-verify
> > script.
>
>
Hi,
On Thu, Jun 15, 2017 at 12:50:40PM +1000, Steven Haigh wrote:
> I'm just trying to figure out if its expected behaviour to have the
> 'username' set in the environment when using the auth-user-pass-verify
> script.
The code in question (ssl_verify.c) is older than the involvement of
any of
Hi all,
I'm just trying to figure out if its expected behaviour to have the
'username' set in the environment when using the auth-user-pass-verify
script.
My observations with 2.4.2 seems that even when auth-user-pass-verify is
called with via-file, the username is set in the environment. Th
