Opened 9 years ago

Closed 6 years ago

#179 closed Patch submission (duplicate)

OpenVPN won't send AUTH_FAILED if client-connect plugin exited successfully but script not

Reported by: ValdikSS Owned by:
Priority: minor Milestone:
Component: Generic / unclassified Version: OpenVPN 2.2.1 (Community Ed)
Severity: Not set (select this one, unless your'e a OpenVPN developer) Keywords: client-connect, plugin
Cc:

Description

I have radiusplugin and client-connect script. Radiusplugin is used only for accounting and some kind of authorization is managed by client-connect script. If you disable radiusplugin and client-connect script will exit with error code 1, client would be disconnected with AUTH_FAILED, but if radiusplugin client-connect function returns 0 and script returns 1, client would constantly send PUSH_REQUESTs and nothing more.
It can be fixed running client-connect script before plugin's client-connect. Patch included.

Change History (2)

comment:1 Changed 7 years ago by Gert Döring

Wouldn't "just swap the order the things are run" break it for someone else? What if you change the order, client-connect script succeeds but plugin connect fails?

No, a proper patch would need to take the return code of both into account, requiring both to succeed (if both are enabled).

(Uh, your text says "patch included", but there is none attached...)

comment:2 in reply to:  1 Changed 6 years ago by Steffan Karger

Resolution: duplicate
Status: newclosed

Duplicate of #180.

Note: See TracTickets for help on using tickets.