|
|
c0re dumped wrote:
> So, I did a shell script to do this and noticed a strange behavior:
>
> When I pass DOMAIN\USER on the XP client the '\' is replaced by an
> '_'. Is my client or my server that are doing this replacement ?
Per the man page's entry on auth-user-pass-verify:
"""
To protect against a client passing a maliciously formed username or
password string, the username string must consist only of these
characters: alphanumeric, underbar ('_'), dash ('-'), dot ('.'), or at
('@'). The password string can consist of any printable characters
except for CR or LF. Any illegal characters in either the username or
password string will be converted to underbar ('_').
"""
Since this is documented under auth-user-pass-verify rather than
auth-user-pass, I infer that this stripping is done server-side, and
that it might be bypassed by using an authentication plugin rather than
an authentication script. You'll need to verify such yourself, however.
______________________
OpenVPN mailing lists
https://lists.sourceforge.net/lists/listinfo/openvpn-users
Warning: require_once(../../../archive_common.php) [function.require-once]: failed to open stream: No such file or directory in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2006-11/msg00036.html on line 195
Fatal error: require_once() [function.require]: Failed opening required '../../../archive_common.php' (include_path='/usr/local/lib/php') in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2006-11/msg00036.html on line 195
|