Actions
Bug #12509
open
Deffered authentication does not work with auth-gen-token external-auth or pusk "auth-token"
Status:
New
Priority:
Normal
Assignee:
-
Category:
OpenVPN
Target version:
-
Start date:
Due date:
% Done:
0%
Estimated time:
Plus Target Version:
Release Notes:
Default
Affected Version:
Affected Architecture:
Description
I am able to use properly deferred authentication on normal login.
Problem rises when I try to use auth-gen-token 0 external-auth (so that I can do additional validation in auth-user-pass-verify script) or by pushing custom auth-token.
Even though script gets triggered in those cases, no matter how I return result (either through control file or exit code=0).
Sample code used below (always authenticates user just a sample).
```
reneg-sec 30
auth-gen-token 0 external-auth
plugin /usr/local/lib/openvpn/plugins/openvpn-plugin-auth-script.so /auth/wrapper.sh
```
wrapper.sh
```
#!/bin/sh
php /auth/auth.php
```
auth.php
```
$controlFile = getenv('auth_control_file');
if(isset($_SERVER['session_state']) && $_SERVER['session_state'] === 'Authenticated') {
if ($controlFile) {
file_put_contents($controlFile, "1");
exit(0);
}exit(0);
} elseif($_SERVER['session_state'] === 'Initial') {
if ($controlFile) {
file_put_contents($controlFile, "1");
exit(0);
}exit(0);
}if ($controlFile) {
file_put_contents($controlFile, "0");
exit(0);
}
exit(1);
```
Updated by
Actions