diff options
| author | james <james@e7ae566f-a301-0410-adde-c780ea21d3b5> | 2009-09-29 23:10:14 +0000 |
|---|---|---|
| committer | james <james@e7ae566f-a301-0410-adde-c780ea21d3b5> | 2009-09-29 23:10:14 +0000 |
| commit | 5733ef668ff51d7a553fb5bc76a1c4ff00352e27 (patch) | |
| tree | 25a355111e3442d04c35136456eaf741ac96f6e1 /ssl.h | |
| parent | Fixed a bug introduced in r4436 (2.1_rc17) where using the (diff) | |
| download | openvpn-5733ef668ff51d7a553fb5bc76a1c4ff00352e27.tar.xz | |
Added the ability for the server to provide a custom reason string
when an AUTH_FAILED message is returned to the client. This
string can be set by the server-side managment interface and read
by the client-side management interface.
For more info, see management/management-notes.txt, and look for
references to "client-reason-text".
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@5012 e7ae566f-a301-0410-adde-c780ea21d3b5
Diffstat (limited to '')
| -rw-r--r-- | ssl.h | 17 |
1 files changed, 16 insertions, 1 deletions
@@ -594,6 +594,11 @@ struct tls_multi char *locked_cn; #ifdef ENABLE_DEF_AUTH + /* + * An error message to send to client on AUTH_FAILED + */ + char *client_reason; + /* Time of last call to tls_authentication_status */ time_t tas_last; #endif @@ -695,7 +700,7 @@ int tls_authentication_status (struct tls_multi *multi, const int latency); void tls_deauthenticate (struct tls_multi *multi); #ifdef MANAGEMENT_DEF_AUTH -bool tls_authenticate_key (struct tls_multi *multi, const unsigned int mda_key_id, const bool auth); +bool tls_authenticate_key (struct tls_multi *multi, const unsigned int mda_key_id, const bool auth, const char *client_reason); #endif /* @@ -738,6 +743,16 @@ tls_set_single_session (struct tls_multi *multi) multi->opt.single_session = true; } +static inline const char * +tls_client_reason (struct tls_multi *multi) +{ +#ifdef ENABLE_DEF_AUTH + return multi->client_reason; +#else + return NULL; +#endif +} + #ifdef ENABLE_PF static inline bool |