Opened 13 years ago
Closed 11 years ago
#150 closed Bug / Defect (fixed)
Verify that PolarSSL refactoring has not affected authentication functions
Reported by: | Samuli Seppänen | Owned by: | David Sommerseth |
---|---|---|---|
Priority: | major | Milestone: | release 2.3 |
Component: | Generic / unclassified | Version: | OpenVPN git master branch (Community Ed) |
Severity: | Not set (select this one, unless your'e a OpenVPN developer) | Keywords: | |
Cc: |
Description
A patch that was originally a part of the PolarSSL patchset significantly refactores username and password authentication code. As this patch may have security implications, it was ACKed on the condition that all possible auth modes are tested. This includes auth driven by scripts, plugins and management interface.
Change History (2)
comment:1 Changed 12 years ago by
Owner: | set to David Sommerseth |
---|---|
Status: | new → accepted |
comment:2 Changed 11 years ago by
Resolution: | → fixed |
---|---|
Status: | accepted → closed |
Note: See
TracTickets for help on using
tickets.
I have been running 2.3-alphas together with eurephia for username/password and certificate authentication for some months, without any issues. I would consider this refactoring safe.