mirror of
https://github.com/OpenVPN/openvpn.git
synced 2026-02-03 20:39:40 -05:00
manage: Do not trigger actions on management disconnect if not authenticated
Some checks failed
Build / Check code style with Uncrustify (push) Has been cancelled
Build / gcc-mingw - x64 - OSSL (push) Has been cancelled
Build / gcc-mingw - x86 - OSSL (push) Has been cancelled
Build / gcc - ubuntu-24.04 - OpenSSL 3.0.13 --enable-pkcs11 (push) Has been cancelled
Build / gcc - ubuntu-22.04 - OpenSSL 3.0.2 --enable-pkcs11 (push) Has been cancelled
Build / gcc - ubuntu-22.04 - mbed TLS 2.28.0 (push) Has been cancelled
Build / clang-asan - ubuntu-22.04 - mbedtls (push) Has been cancelled
Build / clang-asan - ubuntu-22.04 - openssl (push) Has been cancelled
Build / clang-asan - ubuntu-24.04 - mbedtls (push) Has been cancelled
Build / clang-asan - ubuntu-24.04 - openssl (push) Has been cancelled
Build / macos-13 - libressl - asan (push) Has been cancelled
Build / macos-13 - openssl@1.1 - asan (push) Has been cancelled
Build / macos-13 - openssl@3 - asan (push) Has been cancelled
Build / macos-14 - libressl - asan (push) Has been cancelled
Build / macos-14 - openssl@1.1 - asan (push) Has been cancelled
Build / macos-14 - openssl@3 - asan (push) Has been cancelled
Build / macos-15 - libressl - asan (push) Has been cancelled
Build / macos-15 - openssl@1.1 - asan (push) Has been cancelled
Build / macos-15 - openssl@3 - asan (push) Has been cancelled
Build / macos-13 - libressl - normal (push) Has been cancelled
Build / macos-13 - openssl@1.1 - normal (push) Has been cancelled
Build / macos-13 - openssl@3 - normal (push) Has been cancelled
Build / macos-14 - libressl - normal (push) Has been cancelled
Build / macos-14 - openssl@1.1 - normal (push) Has been cancelled
Build / macos-14 - openssl@3 - normal (push) Has been cancelled
Build / macos-15 - libressl - normal (push) Has been cancelled
Build / macos-15 - openssl@1.1 - normal (push) Has been cancelled
Build / macos-15 - openssl@3 - normal (push) Has been cancelled
Build / msbuild - amd64 - openssl (push) Has been cancelled
Build / msbuild - arm64 - openssl (push) Has been cancelled
Build / msbuild - x86 - openssl (push) Has been cancelled
Build / clang asan - ubuntu-22.04 - libressl (push) Has been cancelled
Build / gcc normal - ubuntu-22.04 - libressl (push) Has been cancelled
Build / mingw unittest argv - x64 - OSSL (push) Has been cancelled
Build / mingw unittest auth_token - x64 - OSSL (push) Has been cancelled
Build / mingw unittest buffer - x64 - OSSL (push) Has been cancelled
Build / mingw unittest crypto - x64 - OSSL (push) Has been cancelled
Build / mingw unittest cryptoapi - x64 - OSSL (push) Has been cancelled
Build / mingw unittest misc - x64 - OSSL (push) Has been cancelled
Build / mingw unittest ncp - x64 - OSSL (push) Has been cancelled
Build / mingw unittest packet_id - x64 - OSSL (push) Has been cancelled
Build / mingw unittest pkt - x64 - OSSL (push) Has been cancelled
Build / mingw unittest provider - x64 - OSSL (push) Has been cancelled
Build / mingw unittest tls_crypt - x64 - OSSL (push) Has been cancelled
Build / mingw unittest argv - x86 - OSSL (push) Has been cancelled
Build / mingw unittest auth_token - x86 - OSSL (push) Has been cancelled
Build / mingw unittest buffer - x86 - OSSL (push) Has been cancelled
Build / mingw unittest crypto - x86 - OSSL (push) Has been cancelled
Build / mingw unittest cryptoapi - x86 - OSSL (push) Has been cancelled
Build / mingw unittest misc - x86 - OSSL (push) Has been cancelled
Build / mingw unittest ncp - x86 - OSSL (push) Has been cancelled
Build / mingw unittest packet_id - x86 - OSSL (push) Has been cancelled
Build / mingw unittest pkt - x86 - OSSL (push) Has been cancelled
Build / mingw unittest provider - x86 - OSSL (push) Has been cancelled
Build / mingw unittest tls_crypt - x86 - OSSL (push) Has been cancelled
Some checks failed
Build / Check code style with Uncrustify (push) Has been cancelled
Build / gcc-mingw - x64 - OSSL (push) Has been cancelled
Build / gcc-mingw - x86 - OSSL (push) Has been cancelled
Build / gcc - ubuntu-24.04 - OpenSSL 3.0.13 --enable-pkcs11 (push) Has been cancelled
Build / gcc - ubuntu-22.04 - OpenSSL 3.0.2 --enable-pkcs11 (push) Has been cancelled
Build / gcc - ubuntu-22.04 - mbed TLS 2.28.0 (push) Has been cancelled
Build / clang-asan - ubuntu-22.04 - mbedtls (push) Has been cancelled
Build / clang-asan - ubuntu-22.04 - openssl (push) Has been cancelled
Build / clang-asan - ubuntu-24.04 - mbedtls (push) Has been cancelled
Build / clang-asan - ubuntu-24.04 - openssl (push) Has been cancelled
Build / macos-13 - libressl - asan (push) Has been cancelled
Build / macos-13 - openssl@1.1 - asan (push) Has been cancelled
Build / macos-13 - openssl@3 - asan (push) Has been cancelled
Build / macos-14 - libressl - asan (push) Has been cancelled
Build / macos-14 - openssl@1.1 - asan (push) Has been cancelled
Build / macos-14 - openssl@3 - asan (push) Has been cancelled
Build / macos-15 - libressl - asan (push) Has been cancelled
Build / macos-15 - openssl@1.1 - asan (push) Has been cancelled
Build / macos-15 - openssl@3 - asan (push) Has been cancelled
Build / macos-13 - libressl - normal (push) Has been cancelled
Build / macos-13 - openssl@1.1 - normal (push) Has been cancelled
Build / macos-13 - openssl@3 - normal (push) Has been cancelled
Build / macos-14 - libressl - normal (push) Has been cancelled
Build / macos-14 - openssl@1.1 - normal (push) Has been cancelled
Build / macos-14 - openssl@3 - normal (push) Has been cancelled
Build / macos-15 - libressl - normal (push) Has been cancelled
Build / macos-15 - openssl@1.1 - normal (push) Has been cancelled
Build / macos-15 - openssl@3 - normal (push) Has been cancelled
Build / msbuild - amd64 - openssl (push) Has been cancelled
Build / msbuild - arm64 - openssl (push) Has been cancelled
Build / msbuild - x86 - openssl (push) Has been cancelled
Build / clang asan - ubuntu-22.04 - libressl (push) Has been cancelled
Build / gcc normal - ubuntu-22.04 - libressl (push) Has been cancelled
Build / mingw unittest argv - x64 - OSSL (push) Has been cancelled
Build / mingw unittest auth_token - x64 - OSSL (push) Has been cancelled
Build / mingw unittest buffer - x64 - OSSL (push) Has been cancelled
Build / mingw unittest crypto - x64 - OSSL (push) Has been cancelled
Build / mingw unittest cryptoapi - x64 - OSSL (push) Has been cancelled
Build / mingw unittest misc - x64 - OSSL (push) Has been cancelled
Build / mingw unittest ncp - x64 - OSSL (push) Has been cancelled
Build / mingw unittest packet_id - x64 - OSSL (push) Has been cancelled
Build / mingw unittest pkt - x64 - OSSL (push) Has been cancelled
Build / mingw unittest provider - x64 - OSSL (push) Has been cancelled
Build / mingw unittest tls_crypt - x64 - OSSL (push) Has been cancelled
Build / mingw unittest argv - x86 - OSSL (push) Has been cancelled
Build / mingw unittest auth_token - x86 - OSSL (push) Has been cancelled
Build / mingw unittest buffer - x86 - OSSL (push) Has been cancelled
Build / mingw unittest crypto - x86 - OSSL (push) Has been cancelled
Build / mingw unittest cryptoapi - x86 - OSSL (push) Has been cancelled
Build / mingw unittest misc - x86 - OSSL (push) Has been cancelled
Build / mingw unittest ncp - x86 - OSSL (push) Has been cancelled
Build / mingw unittest packet_id - x86 - OSSL (push) Has been cancelled
Build / mingw unittest pkt - x86 - OSSL (push) Has been cancelled
Build / mingw unittest provider - x86 - OSSL (push) Has been cancelled
Build / mingw unittest tls_crypt - x86 - OSSL (push) Has been cancelled
If the management interface requires authentication via password
and the remote did not specify it, do not do trigger actions
requested by --management-forget-disconnect and --management-signal
on disconnect.
Reported-By: Joshua Rogers <contact@joshua.hu>
Found-By: ZeroPath (https://zeropath.com)
Github: openvpn-private-issues#5
Change-Id: I575d65912ce9065a0b0868e73998b4a9aece62af
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Arne Schwabe <arne-openvpn@rfc2549.org>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1484
Message-Id: <20260122125707.108048-1-frank@lichtenheld.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg35390.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
(cherry picked from commit 4bf05d487c)
This commit is contained in:
Frank Lichtenheld
Gert Doering
parent
78c3997452
commit
bb27e40799
1 changed files with 3 additions and 2 deletions
|
|
@ -2005,13 +2005,14 @@ man_reset_client_socket(struct management *man, const bool exiting)
|
|||
}
|
||||
if (!exiting)
|
||||
{
|
||||
if (man->settings.flags & MF_FORGET_DISCONNECT)
|
||||
if (man->settings.flags & MF_FORGET_DISCONNECT && !man_password_needed(man))
|
||||
{
|
||||
msg(D_MANAGEMENT, "MANAGEMENT: Reset authentication on disconnect");
|
||||
ssl_purge_auth(false);
|
||||
(void)ssl_clean_auth_token();
|
||||
}
|
||||
|
||||
if (man->settings.flags & MF_SIGNAL)
|
||||
if (man->settings.flags & MF_SIGNAL && !man_password_needed(man))
|
||||
{
|
||||
int mysig = man_mod_signal(man, SIGUSR1);
|
||||
if (mysig >= 0)
|
||||
|
|
|
|||
Loading…
Reference in a new issue