Message ID | 1533696271-21799-2-git-send-email-selva.nair@gmail.com |
---|---|
State | Accepted |
Headers | show |
Series | [Openvpn-devel,1/2] Bump version of openvpn plugin argument structs to 5 | expand |
Acked-by: Gert Doering <gert@greenie.muc.de> Looks good and passes my use case ("PIN set, OTP empty"). So it was not a bug in the openvpn client at all, I just misread the logs. Since I join PIN+OTP into one string passed to PAM anyway, I also tested "PIN empty, OTP set" and that works just as well. Thanks. Your patch has been applied to the master branch. commit 7a8109023f4c345fe12f23421c5fa7e88e1ea85b Author: Selva Nair Date: Tue Aug 7 22:44:31 2018 -0400 Accept empty password and/or response in auth-pam plugin Signed-off-by: Selva Nair <selva.nair@gmail.com> Acked-by: Gert Doering <gert@greenie.muc.de> Message-Id: <1533696271-21799-2-git-send-email-selva.nair@gmail.com> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg17382.html Signed-off-by: Gert Doering <gert@greenie.muc.de> -- kind regards, Gert Doering ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
diff --git a/src/plugins/auth-pam/auth-pam.c b/src/plugins/auth-pam/auth-pam.c index 1324307..88b5320 100644 --- a/src/plugins/auth-pam/auth-pam.c +++ b/src/plugins/auth-pam/auth-pam.c @@ -310,11 +310,11 @@ split_scrv1_password(struct user_pass *up) *resp++ = '\0'; int n = plugin_base64_decode(pass, up->password, sizeof(up->password)-1); - if (n > 0) + if (n >= 0) { up->password[n] = '\0'; n = plugin_base64_decode(resp, up->response, sizeof(up->response)-1); - if (n > 0) + if (n >= 0) { up->response[n] = '\0'; if (DEBUG(up->verb))