aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJames Yonan <james@openvpn.net>2010-03-12 03:05:34 +0000
committerJames Yonan <james@openvpn.net>2010-03-12 03:05:34 +0000
commit8c7c6be4893ca15061e15ca1e5990c052d77a016 (patch)
tree08a389bea7c1898dc3d6db1bf5f5f621d09f3759
parentAdded stub directive "remote-ip-hint". (diff)
downloadopenvpn-8c7c6be4893ca15061e15ca1e5990c052d77a016.tar.xz
Modified ">PASSWORD:Verification Failed" management interface
notification to include a client reason string: >PASSWORD:Verification Failed: 'AUTH_TYPE' ['REASON_STRING'] git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@5468 e7ae566f-a301-0410-adde-c780ea21d3b5
-rw-r--r--manage.c7
-rw-r--r--manage.h2
-rw-r--r--push.c4
-rw-r--r--ssl.c2
4 files changed, 9 insertions, 6 deletions
diff --git a/manage.c b/manage.c
index f75aedd..e87d996 100644
--- a/manage.c
+++ b/manage.c
@@ -2273,9 +2273,12 @@ management_pre_tunnel_close (struct management *man)
}
void
-management_auth_failure (struct management *man, const char *type)
+management_auth_failure (struct management *man, const char *type, const char *reason)
{
- msg (M_CLIENT, ">PASSWORD:Verification Failed: '%s'", type);
+ if (reason)
+ msg (M_CLIENT, ">PASSWORD:Verification Failed: '%s' ['%s']", type, reason);
+ else
+ msg (M_CLIENT, ">PASSWORD:Verification Failed: '%s'", type);
}
static inline bool
diff --git a/manage.h b/manage.h
index 6d6d710..e5cbafd 100644
--- a/manage.h
+++ b/manage.h
@@ -435,7 +435,7 @@ void management_echo (struct management *man, const char *string, const bool pul
* OpenVPN calls here to indicate a password failure
*/
-void management_auth_failure (struct management *man, const char *type);
+void management_auth_failure (struct management *man, const char *type, const char *reason);
/*
* These functions drive the bytecount in/out counters.
diff --git a/push.c b/push.c
index 70bb9a3..149d25a 100644
--- a/push.c
+++ b/push.c
@@ -63,11 +63,11 @@ receive_auth_failed (struct context *c, const struct buffer *buffer)
#ifdef ENABLE_MANAGEMENT
if (management)
{
- const char *reason = UP_TYPE_AUTH;
+ const char *reason = NULL;
struct buffer buf = *buffer;
if (buf_string_compare_advance (&buf, "AUTH_FAILED,") && BLEN (&buf))
reason = BSTR (&buf);
- management_auth_failure (management, reason);
+ management_auth_failure (management, UP_TYPE_AUTH, reason);
}
#endif
}
diff --git a/ssl.c b/ssl.c
index 102b02e..1b275af 100644
--- a/ssl.c
+++ b/ssl.c
@@ -1639,7 +1639,7 @@ init_ssl (const struct options *options)
{
#ifdef ENABLE_MANAGEMENT
if (management && (ERR_GET_REASON (ERR_peek_error()) == EVP_R_BAD_DECRYPT))
- management_auth_failure (management, UP_TYPE_PRIVATE_KEY);
+ management_auth_failure (management, UP_TYPE_PRIVATE_KEY, NULL);
#endif
msg (M_WARN|M_SSL, "Cannot load private key file %s", options->priv_key_file);
goto err;