search

threerings / openvpn-auth-ldap

Implements username/password authentication via LDAP for OpenVPN 2.x.
Other
135 stars 63 forks source link

Compatability with auth-user-pass-optional #32

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago 
Hello,

I'm trying to set up OpenVPN server which authenticates via certificate OR LDAP 
(not the both in the same time). I'm trying to archive this via using 
auth-user-pass-optional option in openvpn config.

As documentation says "When this option is used, and a connecting client does 
not submit a username/password, the user-defined authentication module/script 
will see the username and password as being set to empty strings (""). The 
authentication module/script MUST have logic to detect this condition and 
respond accordingly."

But as I can see in logs LDAP plugin tries to perform bind auth with empty 
username. And obviously it fails.

Could the plugin be adapted to cope with auth-user-pass-optional case?

Original issue reported on code.google.com by z0r...@gmail.com on 31 May 2013 at 3:53

docwhat commented 8 years ago

Is there an ETA on this? Because this is the only "working" LDAP auth plugin at the moment.

docwhat commented 8 years ago

cc: @threerings -- Because I'm not seeing much work on this since it was imported.

berkayguclu commented 1 year ago

Hi,

We encountered this problem while trying to set up the OpenVPN via certificate or LDAP authentication. Solved the problem by writing a new verification script and using it with auth-user-pass-verify parameter.

You can find the script here if you want to try: https://github.com/ozguryazilimas/openvpn-ldap