On 26/01/17 19:45, Gert Doering wrote: > Hi, > > On Thu, Jan 26, 2017 at 07:36:32PM +0100, David Sommerseth wrote: >> Anyhow ... quick-fix/workaround: Don't use --auth-nocache > > What happens if you have --auth-nocache, the server sends a token, and > the token expires? Will the client get something back that it can > understand as "oh, I need to ask for a new password!"? > > (Sorry, I know I *should* have tested this long ago... :-) )
The when --auth-nocache is in use, the contents of password field in struct user_pass is wiped and later ignored, regardless if the server sent an --auth-token or not. -- kind regards, David Sommerseth
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users