On 13/10/2020 22:47, Gert Doering wrote:
> To pass username + password to verify_user_pass_script(), OpenVPN
> can either put both into environment, or create a temp file, and
> pass that file name to the "user-pass-verify" script. The file
> name is initialized as "", so if no file is desired, it
Patch has been applied to the master and release/2.5 branch.
I have beaten this somewhat on the server torture bench, having
a config with plugin-auth-pam (deferred), auth-user-pass-verify *and*
auth-gen-token, testing both "via-env" (script-security 3 needed!)
and "via-file", testing script succe