reynir/reynir.dk
1
0
Fork 0
Code Issues 5 Pull requests Packages Projects Releases Wiki Activity

Add a conclusion to OpenVPN article

Browse source
This commit is contained in:
Reynir Björnsson 2024-08-22 10:05:28 +02:00
parent f23f0eae27
commit c363e84b96
1 changed files with 11 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
posts/2024-08-21-OpenVPN-and-MirageVPN.markdown
View file

@ -215,6 +215,17 @@ Unfortunately, it turns out that especially for the `AUTH_FAILED` control channe
If 2FA is implemented using the script mechanism sending custom messages they easily end with a newline asking the client to enter the verification code. If 2FA is implemented using the script mechanism sending custom messages they easily end with a newline asking the client to enter the verification code.
I believe in 2.6.12 the client tolerates trailing newline characters. I believe in 2.6.12 the client tolerates trailing newline characters.
## Conclusion
The first bug, the timer rescheduling bug, is at least 20 years old!
It hasn't always been exploitable, but the bug itself goes back as far as the git history does.
I haven't attempted further software archeology to find the exact time of introduction.
Either way, it's old and gone unnoticed for quite a while.
I think this shows that diversity in implementations is a great way to exercise corner cases, push forward (protocol) documentation efforts and get thorough code review by motivated peers.
This work was funded by [the EU NGI Assure Fund through NLnet](https://nlnet.nl/project/MirageVPN/).
In my opinion, this shows that funding one open source project can have a positive impact on other open source projects, too.
<!-- XXX: contact assumes reynir.dk --> <!-- XXX: contact assumes reynir.dk -->
[robur]: https://robur.coop/ [robur]: https://robur.coop/
[miragevpn-server]: https://blog.robur.coop/articles/miragevpn-server.html [miragevpn-server]: https://blog.robur.coop/articles/miragevpn-server.html