Hi, I've been reading around the code just for interest and, while I can't fix this maybe this could help:
(From openvpn-plugin.h comments) * New Client Connection: * * FUNC: openvpn_plugin_client_constructor_v1 * FUNC: openvpn_plugin_func_v1 OPENVPN_PLUGIN_ENABLE_PF * FUNC: openvpn_plugin_func_v1 OPENVPN_PLUGIN_TLS_VERIFY (called once for every cert * in the server chain) * FUNC: openvpn_plugin_func_v1 OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY * FUNC: openvpn_plugin_func_v1 OPENVPN_PLUGIN_TLS_FINAL * FUNC: openvpn_plugin_func_v1 OPENVPN_PLUGIN_IPCHANGE * * [If OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY returned OPENVPN_PLUGIN_FUNC_DEFERRED, * we don't proceed until authentication is verified via auth_control_file] * * FUNC: openvpn_plugin_func_v1 OPENVPN_PLUGIN_CLIENT_CONNECT_V2 * FUNC: openvpn_plugin_func_v1 OPENVPN_PLUGIN_LEARN_ADDRESS * * [Client session ensues] * * For each "TLS soft reset", according to reneg-sec option (or similar): * * FUNC: openvpn_plugin_func_v1 OPENVPN_PLUGIN_ENABLE_PF * * FUNC: openvpn_plugin_func_v1 OPENVPN_PLUGIN_TLS_VERIFY (called once for every cert * in the server chain) * FUNC: openvpn_plugin_func_v1 OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY * FUNC: openvpn_plugin_func_v1 OPENVPN_PLUGIN_TLS_FINAL * * [If OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY returned OPENVPN_PLUGIN_FUNC_DEFERRED, * we expect that authentication is verified via auth_control_file within * the number of seconds defined by the "hand-window" option. Data channel traffic * will continue to flow uninterrupted during this period.] So an issue in the implementation or else might cause this problem? The conection is established correctly at first but then it's DEFERRED (from the start or during runtime(?)) the tunnel might remain up until a TLS soft reset is received? I don't know if I'm making any sense or not actually with this. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1578712 Title: Periodic failure of client authorisation To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openvpn/+bug/1578712/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
