[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

Re: [Openvpn-users] Sending log messages to client from auth-user-pass-verify script

  • Subject: Re: [Openvpn-users] Sending log messages to client from auth-user-pass-verify script
  • From: "Sverre Johan Tøvik" <macnetic@xxxxxxxxx>
  • Date: Thu, 6 Dec 2007 16:50:55 +0100

Hi Jan,

I see an "AUTH: Received AUTH_FAILED control message", which is the same message as when an invalid username/password is used. I wouldn't mind writing a patch, but I'd rather not have to distribute a custom version of OpenVPN. Do you know if client side logging is possible with the plugin API? If so, I might just make a plugin which does the username/cn check. I just checked out the example "simple" plugin, looks easy enough.


On Dec 6, 2007 4:22 PM, Jan Just Keijser < janjust@xxxxxxxxx> wrote:
Hi Sverre,

I don't think so... it would require a (not too difficult) patch to the
openvpn software.
what do you see now when there's a username-common-name mismatch?



Sverre Johan Tøvik wrote:
> Hi,
> The subject says it all really. Is it possible to send output from an
> auth-user-pass-verify script to the client side log? I've added an
> auth-user-pass-verify script to verify that the username matches
> the common name from the client cert, and added some output so that
> these errors show up in the server log. However, I'd like this to show
> up in the client side log also.