multiple: improve 2FA challenge support (!66) · Merge requests · GNOME / NetworkManager-openvpn

blimus requested to merge blimus/NetworkManager-openvpn:dc/2fa-challenge-response into main Mar 06, 2023

This patch improves the support of OpenVPNs dynamic challenge/response protocol. The response is no longer stored in the NMOpenvpnPluginIOData 'password' field, which stops the annoying issue of the 2FA response overwriting the password in the users keyring.

If the 'E' flag is present in the OpenVPN challenge (indicates if the response should be echoed), it will now be respected.

Also avoid that the challenge-response is saved to the NM profile.

Depends on NetworkManager's MR: https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1842

Tested with nmcli, nmtui, nm-applet and GNOME control center. Echo mode works on nmcli and nmtui, and it doesn't work with nm-applet and GNOME control center (they would need to adapt) but the connection can be stablished.

Edited Jan 23, 2024 by Íñigo Huguet

multiple: improve 2FA challenge support

Merge request reports