Hi,
So I'm giving this one another look again. I started now by trying to use this feature manually, to see that each step works as expected. But this time I also discovered a few other details. On 09/11/2019 16:13, Arne Schwabe wrote: > When a client announces its support to support text based > challenge/response via IV_SOO=cr_text,the client needs to also Just reminding of the IV_SOO -> IV_SSO typo-fix ... and it should also be 'crtext', not 'cr_text'. The former is what is used in the management notes. The more I dive into this, I'm also not sure IV_SSO is the proper term. As it is actually defines additional authentication mechanisms, where SSO (Single Sign-on) is just one potential user of this feature. What about just using IV_AUTH? (knowing this will change the prior patches) [...snip...] > diff --git a/doc/management-notes.txt b/doc/management-notes.txt > index 17645c1d..e380ca2b 100644 > --- a/doc/management-notes.txt > +++ b/doc/management-notes.txt > @@ -806,6 +806,14 @@ To accept connecting to the host and port directly, use > this command: > > proxy NONE > > +COMMAND -- cr-response (OpenVPN 2.5 or higher) > +------------------------------------------------- > +Provides support for sending responses a challenge/response > +query via INFOMSG,CR_TEXT. The response should be base64 encoded: > + > + cr-response SGFsbG8gV2VsdCE= > + > + Could we please have more documentation how to use to enable and use this feature properly? Similar to the examples later down for both the static and dynamic challenge protocols. This does not need to happen in this patch though, as this is also tightly connected to the next patches. > +static bool > +management_callback_send_cc_mesage(void *arg, I didn't spot this earlier, but there's a typo in the function name; it is 'message' with two 's'. > static bool > management_callback_remote_cmd(void *arg, const char **p) > @@ -3990,6 +4028,7 @@ init_management_callback_p2p(struct context *c) > cb.show_net = management_show_net_callback; > cb.proxy_cmd = management_callback_proxy_cmd; > cb.remote_cmd = management_callback_remote_cmd; > + cb.send_cc_message = management_callback_send_cc_mesage; Same typo here in the callback function name; which is why it compiles ;-) -- kind regards, David Sommerseth OpenVPN Inc _______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
