From 87356242baf10c8b2a94d9013e436ed2a0dada53 Mon Sep 17 00:00:00 2001 From: Bernhard Schmidt Date: Wed, 20 Feb 2019 14:11:46 +0100 Subject: New upstream version 2.4.7 --- src/openvpn/misc.c | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) (limited to 'src/openvpn/misc.c') diff --git a/src/openvpn/misc.c b/src/openvpn/misc.c index 77bb671..581a890 100644 --- a/src/openvpn/misc.c +++ b/src/openvpn/misc.c @@ -1261,7 +1261,7 @@ purge_user_pass(struct user_pass *up, const bool force) * don't show warning if the pass has been replaced by a token: this is an * artificial "auth-nocache" */ - else if (!warn_shown && (!up->tokenized)) + else if (!warn_shown) { msg(M_WARN, "WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this"); warn_shown = true; @@ -1269,14 +1269,18 @@ purge_user_pass(struct user_pass *up, const bool force) } void -set_auth_token(struct user_pass *up, const char *token) +set_auth_token(struct user_pass *up, struct user_pass *tk, const char *token) { - if (token && strlen(token) && up && up->defined && !up->nocache) + + if (token && strlen(token) && up && up->defined) { - CLEAR(up->password); - strncpynt(up->password, token, USER_PASS_LEN); - up->tokenized = true; + strncpynt(tk->password, token, USER_PASS_LEN); + strncpynt(tk->username, up->username, USER_PASS_LEN); + tk->defined = true; } + + /* Cleans user/pass for nocache */ + purge_user_pass(up, false); } /* -- cgit v1.2.3