Opened 5 years ago

Last modified 4 years ago

#420 assigned Feature Wish

plugin API: allow for temporary failure

Reported by: AL13N Owned by: David Sommerseth
Priority: major Milestone:
Component: Generic / unclassified Version:
Severity: Not set (select this one, unless your'e a OpenVPN developer) Keywords:
Cc:

Description

I notice in the plugin api that we can only return success and failure, not something like temporary failure (retry later).

the idea is that you want auth-retry to be none, because you don't want clients to keep retrying when they are set with wrong passwords.

however, when you need maintenance on your ldap server (with the auth-ldap) plugin, or via the verify script, and you turn off the ldap server for a few minutes, reconnects of existing tunnels will fail and exit.

i like the plugin api (and the verify script) to be able to return a 3rd state (temporary failure), which still registers as failed, but still allows the authentication to retry after some time, even if the auth-retry is off.

This allows for example: maintenance on an authentication server, where clients don't automatically re-authenticate.

Change History (2)

comment:1 Changed 5 years ago by Samuli Seppänen

Owner: set to David Sommerseth
Status: newassigned
Version: 2.2.2

comment:2 Changed 4 years ago by Samuli Seppänen

Dazo: any thoughts on this?

Note: See TracTickets for help on using tickets.