Closed code-consensus closed 1 month ago
schwabe
commented
1 month ago This might not be true in your specifc configuration as your server might be using auth-token or similar but is stil generally true. Any VPN that requires username/password on renegotation will fail as without auth-nocache, the app would need to query username and password from the user.
code-consensus
commented
1 month ago Hi @schwabe , thank you so much for responding so quickly!!
In my instance, I have auth-user-pass in the config file, and then in the detailed connection log there is a "auth_token_generate = DISABLED" and "auth_token_lifetime = 0" (is that what you meant by auth-token coming from the server?).
In any case, could it be given as an option to the user to allow to be added? In the instance that the server allows it, then at least the user can then avoid the warning message.
General information
Description of the issue
In an older version of the app, the auth-nocache option would cause the VPN to "fail upon renegotiation...since the app does not handle this", as explained by @schwabe in #574 in 2016. As a result, as explained in the same issue, the app ignores any auth-nocache line when importing a .ovpn file and creating a profile. But the consequence of this is that the user gets a warning message about caching passwords in memory every time they connect.
However, the app no longer seems to have the problem of failing renegotiation. Inserting the line "auth-nocache" manually into the Custom Options of a profile does not result in the VPN failing at any point. I have imported many profiles and added that line manually, and have never experienced this on any profile.
The request is to not ignore the auth-nocache option when importing a config file, and so for the app to pass it on to the Custom Options. This way the user can avoid getting the warning message when connecting, without having to manually add the line back in each time after importing a profile.
Log (if applicable)
Configuration file