github
/
openvpn-gui
mirror of https://github.com/OpenVPN/openvpn-gui
1
0
Fork 0
Code Issues Releases Wiki Activity

Forget passwords while stopping persistent connections 

In case of persistent connections, openvpn.exe is still running
after a disconnect, and another user can restart it without needing
credentials using cached passwords. Avoid this by sending
"forget-passwords" to the management interface before disconnect.

Only persistent connections are affected.

In openvpn.exe versions >= 2.5.8, this will also clear cached
auth_token, if present.

Signed-off-by: Selva Nair <selva.nair@gmail.com>
pull/540/head
Selva Nair 2022-10-10 22:12:15 -04:00
parent be8a8cca12
commit d83ec473ef
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
openvpn.c
View File

@ -1809,6 +1809,7 @@ DisconnectDaemon(connection_t *c)
{
if (c->manage.connected > 1) /* connected and ready for input */
{
ManagementCommand(c, "forget-passwords", NULL, regular);
ManagementCommand(c, "hold on", NULL, regular);
ManagementCommand(c, "signal SIGHUP", NULL, regular);
}