Hi all! noble-updates user here, and this has inadvertently broken my MFA login where the server responds with a challenge response with 'echo' flag set.
The patch now calls `keyfile_add_entry_info` with `is_secret` set to `!need_challengeresponse_echo` which in turn returns `IsSecret=false` to the Network Manager UI (which in my case is nmcli, but it would be the same with the GUI). However, thanks to https://github.com/NetworkManager/NetworkManager/blob/main/src/libnmc- base/nm-secret-agent-simple.c#L628 this means that this is completely ignored as if `ShouldAsk` was set to false. The client re-attempts login and gets stuck in a loop until NM times out starting the connection. I appreciate you'll probably want me to file a new bug report, but I can see one of options for this: 1. A bug to replace `!need_challengeresponse_echo` with TRUE in this patch. 2. A bug that we need some or all of the upstream https://github.com/NetworkManager/NetworkManager-openvpn/commit/b45ecc167247b8357c7c40c74cc5d1c85d8f4886 patch applied which ensures this is always asked for. 3. Something else? (Separately, it's a pity this didn't also include https://github.com/NetworkManager/NetworkManager- openvpn/commit/cd279d4975a40103fb3c1e8f9df8b49711c08e6d to fix the typos in that initial commit! I don't think it's a _huge_ issue, but some users might end up with the name 'challenage-response' stored against config for this plugin which will not survive upgrading to when it was fixed). -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2076101 Title: [SRU] Gnome openvpn saves authenticator code as password To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/network-manager-openvpn/+bug/2076101/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
