Re: [Openvpn-devel] [PATCH] Adds client-auth-pending-extra management functionality.

Am 27.08.20 um 01:34 schrieb Eric Thorpe: > Hi Arne, > > The first we are trying to migrate across is U2F - > https://www.sparklabs.com/support/kb/article/yubikey-u2f-two-factor-authentication-with-openvpn-and-viscosity/ >

Re: [Openvpn-devel] [PATCH] Adds client-auth-pending-extra management functionality.

Hi Arne, The first we are trying to migrate across is U2F - https://www.sparklabs.com/support/kb/article/yubikey-u2f-two-factor-authentication-with-openvpn-and-viscosity/ Even thou

Re: [Openvpn-devel] [PATCH] Adds client-auth-pending-extra management functionality.

Am 26.08.20 um 03:15 schrieb Eric Thorpe: > Hi Arne, > > I'm happy to resubmit the patch with further documentation to what I > have already included with this patch, however I need to know what is > likely to be accepted. > > Per my previous question and example, is it acceptable to keep using >

Re: [Openvpn-devel] [PATCH] Adds client-auth-pending-extra management functionality.

Hi Arne, I'm happy to resubmit the patch with further documentation to what I have already included with this patch, however I need to know what is likely to be accepted. Per my previous question and example, is it acceptable to keep using CR_TEXT and document the C and CR flags, or, as I th

Re: [Openvpn-devel] [PATCH] Adds client-auth-pending-extra management functionality.

Am 25.08.20 um 01:58 schrieb Eric Thorpe: > Hi Arne, > >> - to avoid the 256 byte management limit and multiple commands use maybe >> the same approach as client-auth that allows a longer frame, you can >> still limit that to 1024. > To be clear here, it isn't so much the limitation of the managem

Re: [Openvpn-devel] [PATCH] Adds client-auth-pending-extra management functionality.

Hi Arne, - to avoid the 256 byte management limit and multiple commands use maybe the same approach as client-auth that allows a longer frame, you can still limit that to 1024. To be clear here, it isn't so much the limitation of the management or control channel, it's situations where a tun-mt

Re: [Openvpn-devel] [PATCH] Adds client-auth-pending-extra management functionality.

Am 24.08.20 um 09:59 schrieb Eric Thorpe: > Hi Arne, > > The main scenario this addresses is 2FA authentication which needs to > transmit very long responses such as those requiring keys. In these > cases, the responses can be upwards of 1500 bytes. Management is > restricted (currently) to 256 by

Re: [Openvpn-devel] [PATCH] Adds client-auth-pending-extra management functionality.

Hi Arne, The main scenario this addresses is 2FA authentication which needs to transmit very long responses such as those requiring keys. In these cases, the responses can be upwards of 1500 bytes. Management is restricted (currently) to 256 bytes and the control channel I believe to 1024, ho

Re: [Openvpn-devel] [PATCH] Adds client-auth-pending-extra management functionality.

Am 21.08.20 um 08:24 schrieb Eric Thorpe: > This allows extra INFO_PRE mesasges to be sent to a client during an > authentication stage. This may be required to send additional challenges, > or allow longer messages to be sent by breaking them up and sending in parts. Could you describe for what f

[Openvpn-devel] [PATCH] Adds client-auth-pending-extra management functionality.

This allows extra INFO_PRE mesasges to be sent to a client during an authentication stage. This may be required to send additional challenges, or allow longer messages to be sent by breaking them up and sending in parts. Signed-off-by: Eric Thorpe --- doc/management-notes.txt | 32 ++