cyberninjas / openvpn-auth-aad Goto Github PK
View Code? Open in Web Editor NEWAzure Active Directory OpenVPN Plugin
License: GNU General Public License v2.0
openvpn-auth-aad's People
Contributors
Stargazers
Watchers
Forkers
sassynopenvpn-auth-aad's Issues
PLUGIN_INIT: could not load plugin shared object auth-aad.so
Copied auth-aad.so to the server, and edited /etc/openvpn/server.conf,
plugin /usr/lib/x86_64-linux-gnu/openvpn/plugins/auth-aad.so USERNAME
Then started the server,
/etc/init.d/openvpn start
tail -f /var/log/openvpn/openvpn.log
Fri Jun 14 18:44:12 2019 us=374964 PLUGIN_INIT: could not load plugin shared object /usr/lib/x86_64-linux-gnu/openvpn/plugins/auth-aad.so: /usr/lib/x86_64-linux-gnu/openvpn/plugins/auth-aad.so: undefined symbol: curl_global_cleanup
Fri Jun 14 18:44:12 2019 us=375005 Exiting due to fatal errorwrite to TUN/TAP : Unknown error (code=122)
Mon Jul 01 13:41:15 2019 us=420916 Current Parameter Settings:
Mon Jul 01 13:41:15 2019 us=424790 config = 'openvpn-testing.ovpn'
Mon Jul 01 13:41:15 2019 us=424790 mode = 0
Mon Jul 01 13:41:15 2019 us=424790 show_ciphers = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 show_digests = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 show_engines = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 genkey = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 key_pass_file = '[UNDEF]'
Mon Jul 01 13:41:15 2019 us=424790 show_tls_ciphers = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 connect_retry_max = 0
Mon Jul 01 13:41:15 2019 us=424790 Connection profiles [0]:
Mon Jul 01 13:41:15 2019 us=424790 proto = udp
Mon Jul 01 13:41:15 2019 us=424790 local = '[UNDEF]'
Mon Jul 01 13:41:15 2019 us=424790 local_port = '[UNDEF]'
Mon Jul 01 13:41:15 2019 us=424790 remote = '192.168.88.129'
Mon Jul 01 13:41:15 2019 us=424790 remote_port = '1194'
Mon Jul 01 13:41:15 2019 us=424790 remote_float = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 bind_defined = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 bind_local = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 bind_ipv6_only = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 connect_retry_seconds = 5
Mon Jul 01 13:41:15 2019 us=424790 connect_timeout = 120
Mon Jul 01 13:41:15 2019 us=424790 socks_proxy_server = '[UNDEF]'
Mon Jul 01 13:41:15 2019 us=424790 socks_proxy_port = '[UNDEF]'
Mon Jul 01 13:41:15 2019 us=424790 tun_mtu = 1500
Mon Jul 01 13:41:15 2019 us=424790 tun_mtu_defined = ENABLED
Mon Jul 01 13:41:15 2019 us=424790 link_mtu = 1500
Mon Jul 01 13:41:15 2019 us=424790 link_mtu_defined = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 tun_mtu_extra = 0
Mon Jul 01 13:41:15 2019 us=424790 tun_mtu_extra_defined = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 mtu_discover_type = -1
Mon Jul 01 13:41:15 2019 us=424790 fragment = 0
Mon Jul 01 13:41:15 2019 us=424790 mssfix = 1450
Mon Jul 01 13:41:15 2019 us=424790 explicit_exit_notification = 0
Mon Jul 01 13:41:15 2019 us=424790 Connection profiles END
Mon Jul 01 13:41:15 2019 us=424790 remote_random = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 ipchange = '[UNDEF]'
Mon Jul 01 13:41:15 2019 us=424790 dev = 'tun'
Mon Jul 01 13:41:15 2019 us=424790 dev_type = '[UNDEF]'
Mon Jul 01 13:41:15 2019 us=424790 dev_node = '[UNDEF]'
Mon Jul 01 13:41:15 2019 us=424790 lladdr = '[UNDEF]'
Mon Jul 01 13:41:15 2019 us=424790 topology = 1
Mon Jul 01 13:41:15 2019 us=424790 ifconfig_local = '[UNDEF]'
Mon Jul 01 13:41:15 2019 us=424790 ifconfig_remote_netmask = '[UNDEF]'
Mon Jul 01 13:41:15 2019 us=424790 ifconfig_noexec = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 ifconfig_nowarn = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 ifconfig_ipv6_local = '[UNDEF]'
Mon Jul 01 13:41:15 2019 us=424790 ifconfig_ipv6_netbits = 0
Mon Jul 01 13:41:15 2019 us=424790 ifconfig_ipv6_remote = '[UNDEF]'
Mon Jul 01 13:41:15 2019 us=424790 shaper = 0
Mon Jul 01 13:41:15 2019 us=424790 mtu_test = 0
Mon Jul 01 13:41:15 2019 us=424790 mlock = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 keepalive_ping = 0
Mon Jul 01 13:41:15 2019 us=424790 keepalive_timeout = 0
Mon Jul 01 13:41:15 2019 us=424790 inactivity_timeout = 0
Mon Jul 01 13:41:15 2019 us=424790 ping_send_timeout = 0
Mon Jul 01 13:41:15 2019 us=424790 ping_rec_timeout = 0
Mon Jul 01 13:41:15 2019 us=424790 ping_rec_timeout_action = 0
Mon Jul 01 13:41:15 2019 us=424790 ping_timer_remote = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 remap_sigusr1 = 0
Mon Jul 01 13:41:15 2019 us=424790 persist_tun = ENABLED
Mon Jul 01 13:41:15 2019 us=424790 persist_local_ip = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 persist_remote_ip = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 persist_key = ENABLED
Mon Jul 01 13:41:15 2019 us=424790 passtos = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 resolve_retry_seconds = 1000000000
Mon Jul 01 13:41:15 2019 us=424790 resolve_in_advance = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 username = '[UNDEF]'
Mon Jul 01 13:41:15 2019 us=424790 groupname = '[UNDEF]'
Mon Jul 01 13:41:15 2019 us=424790 chroot_dir = '[UNDEF]'
Mon Jul 01 13:41:15 2019 us=424790 cd_dir = '[UNDEF]'
Mon Jul 01 13:41:15 2019 us=424790 writepid = '[UNDEF]'
Mon Jul 01 13:41:15 2019 us=424790 up_script = '[UNDEF]'
Mon Jul 01 13:41:15 2019 us=424790 down_script = '[UNDEF]'
Mon Jul 01 13:41:15 2019 us=424790 down_pre = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 up_restart = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 up_delay = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 daemon = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 inetd = 0
Mon Jul 01 13:41:15 2019 us=424790 log = ENABLED
Mon Jul 01 13:41:15 2019 us=424790 suppress_timestamps = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 machine_readable_output = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 nice = 0
Mon Jul 01 13:41:15 2019 us=424790 verbosity = 5
Mon Jul 01 13:41:15 2019 us=424790 mute = 0
Mon Jul 01 13:41:15 2019 us=424790 gremlin = 0
Mon Jul 01 13:41:15 2019 us=424790 status_file = '[UNDEF]'
Mon Jul 01 13:41:15 2019 us=424790 status_file_version = 1
Mon Jul 01 13:41:15 2019 us=424790 status_file_update_freq = 60
Mon Jul 01 13:41:15 2019 us=424790 occ = ENABLED
Mon Jul 01 13:41:15 2019 us=424790 rcvbuf = 0
Mon Jul 01 13:41:15 2019 us=424790 sndbuf = 0
Mon Jul 01 13:41:15 2019 us=424790 sockflags = 0
Mon Jul 01 13:41:15 2019 us=424790 fast_io = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 comp.alg = 0
Mon Jul 01 13:41:15 2019 us=424790 comp.flags = 0
Mon Jul 01 13:41:15 2019 us=424790 route_script = '[UNDEF]'
Mon Jul 01 13:41:15 2019 us=424790 route_default_gateway = '[UNDEF]'
Mon Jul 01 13:41:15 2019 us=424790 route_default_metric = 0
Mon Jul 01 13:41:15 2019 us=424790 route_noexec = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 route_delay = 5
Mon Jul 01 13:41:15 2019 us=424790 route_delay_window = 30
Mon Jul 01 13:41:15 2019 us=424790 route_delay_defined = ENABLED
Mon Jul 01 13:41:15 2019 us=424790 route_nopull = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 route_gateway_via_dhcp = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 allow_pull_fqdn = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 management_addr = '127.0.0.1'
Mon Jul 01 13:41:15 2019 us=424790 management_port = '25340'
Mon Jul 01 13:41:15 2019 us=424790 management_user_pass = 'stdin'
Mon Jul 01 13:41:15 2019 us=424790 management_log_history_cache = 250
Mon Jul 01 13:41:15 2019 us=424790 management_echo_buffer_size = 100
Mon Jul 01 13:41:15 2019 us=424790 management_write_peer_info_file = '[UNDEF]'
Mon Jul 01 13:41:15 2019 us=424790 management_client_user = '[UNDEF]'
Mon Jul 01 13:41:15 2019 us=424790 management_client_group = '[UNDEF]'
Mon Jul 01 13:41:15 2019 us=424790 management_flags = 6
Mon Jul 01 13:41:15 2019 us=424790 shared_secret_file = '[UNDEF]'
Mon Jul 01 13:41:15 2019 us=424790 key_direction = not set
Mon Jul 01 13:41:15 2019 us=424790 ciphername = 'BF-CBC'
Mon Jul 01 13:41:15 2019 us=424790 ncp_enabled = ENABLED
Mon Jul 01 13:41:15 2019 us=424790 ncp_ciphers = 'AES-256-GCM:AES-128-GCM'
Mon Jul 01 13:41:15 2019 us=424790 authname = 'SHA1'
Mon Jul 01 13:41:15 2019 us=424790 prng_hash = 'SHA1'
Mon Jul 01 13:41:15 2019 us=424790 prng_nonce_secret_len = 16
Mon Jul 01 13:41:15 2019 us=424790 keysize = 0
Mon Jul 01 13:41:15 2019 us=424790 engine = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 replay = ENABLED
Mon Jul 01 13:41:15 2019 us=424790 mute_replay_warnings = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 replay_window = 64
Mon Jul 01 13:41:15 2019 us=424790 replay_time = 15
Mon Jul 01 13:41:15 2019 us=424790 packet_id_file = '[UNDEF]'
Mon Jul 01 13:41:15 2019 us=424790 use_iv = ENABLED
Mon Jul 01 13:41:15 2019 us=424790 test_crypto = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 tls_server = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 tls_client = ENABLED
Mon Jul 01 13:41:15 2019 us=424790 key_method = 2
Mon Jul 01 13:41:15 2019 us=424790 ca_file = 'openvpn-testing.crt'
Mon Jul 01 13:41:15 2019 us=424790 ca_path = '[UNDEF]'
Mon Jul 01 13:41:15 2019 us=424790 dh_file = '[UNDEF]'
Mon Jul 01 13:41:15 2019 us=424790 cert_file = '[UNDEF]'
Mon Jul 01 13:41:15 2019 us=424790 extra_certs_file = '[UNDEF]'
Mon Jul 01 13:41:15 2019 us=424790 priv_key_file = '[UNDEF]'
Mon Jul 01 13:41:15 2019 us=424790 pkcs12_file = '[UNDEF]'
Mon Jul 01 13:41:15 2019 us=424790 cryptoapi_cert = '[UNDEF]'
Mon Jul 01 13:41:15 2019 us=424790 cipher_list = '[UNDEF]'
Mon Jul 01 13:41:15 2019 us=424790 tls_cert_profile = '[UNDEF]'
Mon Jul 01 13:41:15 2019 us=424790 tls_verify = '[UNDEF]'
Mon Jul 01 13:41:15 2019 us=424790 tls_export_cert = '[UNDEF]'
Mon Jul 01 13:41:15 2019 us=424790 verify_x509_type = 0
Mon Jul 01 13:41:15 2019 us=424790 verify_x509_name = '[UNDEF]'
Mon Jul 01 13:41:15 2019 us=424790 crl_file = '[UNDEF]'
Mon Jul 01 13:41:15 2019 us=424790 ns_cert_type = 0
Mon Jul 01 13:41:15 2019 us=424790 remote_cert_ku[i] = 0
Mon Jul 01 13:41:15 2019 us=424790 remote_cert_ku[i] = 0
Mon Jul 01 13:41:15 2019 us=424790 remote_cert_ku[i] = 0
Mon Jul 01 13:41:15 2019 us=424790 remote_cert_ku[i] = 0
Mon Jul 01 13:41:15 2019 us=424790 remote_cert_ku[i] = 0
Mon Jul 01 13:41:15 2019 us=424790 remote_cert_ku[i] = 0
Mon Jul 01 13:41:15 2019 us=424790 remote_cert_ku[i] = 0
Mon Jul 01 13:41:15 2019 us=424790 remote_cert_ku[i] = 0
Mon Jul 01 13:41:15 2019 us=424790 remote_cert_ku[i] = 0
Mon Jul 01 13:41:15 2019 us=424790 remote_cert_ku[i] = 0
Mon Jul 01 13:41:15 2019 us=424790 remote_cert_ku[i] = 0
Mon Jul 01 13:41:15 2019 us=424790 remote_cert_ku[i] = 0
Mon Jul 01 13:41:15 2019 us=424790 remote_cert_ku[i] = 0
Mon Jul 01 13:41:15 2019 us=424790 remote_cert_ku[i] = 0
Mon Jul 01 13:41:15 2019 us=424790 remote_cert_ku[i] = 0
Mon Jul 01 13:41:15 2019 us=424790 remote_cert_ku[i] = 0
Mon Jul 01 13:41:15 2019 us=424790 remote_cert_eku = '[UNDEF]'
Mon Jul 01 13:41:15 2019 us=424790 ssl_flags = 0
Mon Jul 01 13:41:15 2019 us=424790 tls_timeout = 2
Mon Jul 01 13:41:15 2019 us=424790 renegotiate_bytes = -1
Mon Jul 01 13:41:15 2019 us=424790 renegotiate_packets = 0
Mon Jul 01 13:41:15 2019 us=424790 renegotiate_seconds = 3600
Mon Jul 01 13:41:15 2019 us=424790 handshake_window = 60
Mon Jul 01 13:41:15 2019 us=424790 transition_window = 3600
Mon Jul 01 13:41:15 2019 us=424790 single_session = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 push_peer_info = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 tls_exit = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 tls_auth_file = '[UNDEF]'
Mon Jul 01 13:41:15 2019 us=424790 tls_crypt_file = '[UNDEF]'
Mon Jul 01 13:41:15 2019 us=424790 pkcs11_protected_authentication = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 pkcs11_protected_authentication = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 pkcs11_protected_authentication = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 pkcs11_protected_authentication = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 pkcs11_protected_authentication = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 pkcs11_protected_authentication = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 pkcs11_protected_authentication = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 pkcs11_protected_authentication = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 pkcs11_protected_authentication = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 pkcs11_protected_authentication = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 pkcs11_protected_authentication = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 pkcs11_protected_authentication = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 pkcs11_protected_authentication = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 pkcs11_protected_authentication = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 pkcs11_protected_authentication = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 pkcs11_protected_authentication = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 pkcs11_private_mode = 00000000
Mon Jul 01 13:41:15 2019 us=424790 pkcs11_private_mode = 00000000
Mon Jul 01 13:41:15 2019 us=424790 pkcs11_private_mode = 00000000
Mon Jul 01 13:41:15 2019 us=424790 pkcs11_private_mode = 00000000
Mon Jul 01 13:41:15 2019 us=424790 pkcs11_private_mode = 00000000
Mon Jul 01 13:41:15 2019 us=424790 pkcs11_private_mode = 00000000
Mon Jul 01 13:41:15 2019 us=424790 pkcs11_private_mode = 00000000
Mon Jul 01 13:41:15 2019 us=424790 pkcs11_private_mode = 00000000
Mon Jul 01 13:41:15 2019 us=424790 pkcs11_private_mode = 00000000
Mon Jul 01 13:41:15 2019 us=424790 pkcs11_private_mode = 00000000
Mon Jul 01 13:41:15 2019 us=424790 pkcs11_private_mode = 00000000
Mon Jul 01 13:41:15 2019 us=424790 pkcs11_private_mode = 00000000
Mon Jul 01 13:41:15 2019 us=424790 pkcs11_private_mode = 00000000
Mon Jul 01 13:41:15 2019 us=424790 pkcs11_private_mode = 00000000
Mon Jul 01 13:41:15 2019 us=424790 pkcs11_private_mode = 00000000
Mon Jul 01 13:41:15 2019 us=424790 pkcs11_private_mode = 00000000
Mon Jul 01 13:41:15 2019 us=424790 pkcs11_cert_private = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 pkcs11_cert_private = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 pkcs11_cert_private = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 pkcs11_cert_private = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 pkcs11_cert_private = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 pkcs11_cert_private = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 pkcs11_cert_private = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 pkcs11_cert_private = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 pkcs11_cert_private = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 pkcs11_cert_private = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 pkcs11_cert_private = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 pkcs11_cert_private = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 pkcs11_cert_private = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 pkcs11_cert_private = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 pkcs11_cert_private = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 pkcs11_cert_private = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 pkcs11_pin_cache_period = -1
Mon Jul 01 13:41:15 2019 us=424790 pkcs11_id = '[UNDEF]'
Mon Jul 01 13:41:15 2019 us=424790 pkcs11_id_management = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 server_network = 0.0.0.0
Mon Jul 01 13:41:15 2019 us=424790 server_netmask = 0.0.0.0
Mon Jul 01 13:41:15 2019 us=424790 server_network_ipv6 = ::
Mon Jul 01 13:41:15 2019 us=424790 server_netbits_ipv6 = 0
Mon Jul 01 13:41:15 2019 us=424790 server_bridge_ip = 0.0.0.0
Mon Jul 01 13:41:15 2019 us=424790 server_bridge_netmask = 0.0.0.0
Mon Jul 01 13:41:15 2019 us=424790 server_bridge_pool_start = 0.0.0.0
Mon Jul 01 13:41:15 2019 us=424790 server_bridge_pool_end = 0.0.0.0
Mon Jul 01 13:41:15 2019 us=424790 ifconfig_pool_defined = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 ifconfig_pool_start = 0.0.0.0
Mon Jul 01 13:41:15 2019 us=424790 ifconfig_pool_end = 0.0.0.0
Mon Jul 01 13:41:15 2019 us=424790 ifconfig_pool_netmask = 0.0.0.0
Mon Jul 01 13:41:15 2019 us=424790 ifconfig_pool_persist_filename = '[UNDEF]'
Mon Jul 01 13:41:15 2019 us=424790 ifconfig_pool_persist_refresh_freq = 600
Mon Jul 01 13:41:15 2019 us=424790 ifconfig_ipv6_pool_defined = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 ifconfig_ipv6_pool_base = ::
Mon Jul 01 13:41:15 2019 us=424790 ifconfig_ipv6_pool_netbits = 0
Mon Jul 01 13:41:15 2019 us=424790 n_bcast_buf = 256
Mon Jul 01 13:41:15 2019 us=424790 tcp_queue_limit = 64
Mon Jul 01 13:41:15 2019 us=424790 real_hash_size = 256
Mon Jul 01 13:41:15 2019 us=424790 virtual_hash_size = 256
Mon Jul 01 13:41:15 2019 us=424790 client_connect_script = '[UNDEF]'
Mon Jul 01 13:41:15 2019 us=424790 learn_address_script = '[UNDEF]'
Mon Jul 01 13:41:15 2019 us=424790 client_disconnect_script = '[UNDEF]'
Mon Jul 01 13:41:15 2019 us=424790 client_config_dir = '[UNDEF]'
Mon Jul 01 13:41:15 2019 us=424790 ccd_exclusive = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 tmp_dir = 'C:\Users\JNCHI\AppData\Local\Temp\'
Mon Jul 01 13:41:15 2019 us=424790 push_ifconfig_defined = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 push_ifconfig_local = 0.0.0.0
Mon Jul 01 13:41:15 2019 us=424790 push_ifconfig_remote_netmask = 0.0.0.0
Mon Jul 01 13:41:15 2019 us=424790 push_ifconfig_ipv6_defined = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 push_ifconfig_ipv6_local = ::/0
Mon Jul 01 13:41:15 2019 us=424790 push_ifconfig_ipv6_remote = ::
Mon Jul 01 13:41:15 2019 us=424790 enable_c2c = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 duplicate_cn = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 cf_max = 0
Mon Jul 01 13:41:15 2019 us=424790 cf_per = 0
Mon Jul 01 13:41:15 2019 us=424790 max_clients = 1024
Mon Jul 01 13:41:15 2019 us=424790 max_routes_per_client = 256
Mon Jul 01 13:41:15 2019 us=424790 auth_user_pass_verify_script = '[UNDEF]'
Mon Jul 01 13:41:15 2019 us=424790 auth_user_pass_verify_script_via_file = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 auth_token_generate = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 auth_token_lifetime = 0
Mon Jul 01 13:41:15 2019 us=424790 client = ENABLED
Mon Jul 01 13:41:15 2019 us=424790 pull = ENABLED
Mon Jul 01 13:41:15 2019 us=424790 auth_user_pass_file = 'stdin'
Mon Jul 01 13:41:15 2019 us=424790 show_net_up = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 route_method = 3
Mon Jul 01 13:41:15 2019 us=424790 block_outside_dns = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 ip_win32_defined = DISABLED
Mon Jul 01 13:41:15 2019 us=424790 ip_win32_type = 3
Mon Jul 01 13:41:15 2019 us=424790 dhcp_masq_offset = 0
Mon Jul 01 13:41:15 2019 us=424790 dhcp_lease_time = 31536000
Mon Jul 01 13:41:15 2019 us=428695 tap_sleep = 0
Mon Jul 01 13:41:15 2019 us=428695 dhcp_options = DISABLED
Mon Jul 01 13:41:15 2019 us=428695 dhcp_renew = DISABLED
Mon Jul 01 13:41:15 2019 us=428695 dhcp_pre_release = DISABLED
Mon Jul 01 13:41:15 2019 us=428695 domain = '[UNDEF]'
Mon Jul 01 13:41:15 2019 us=428695 netbios_scope = '[UNDEF]'
Mon Jul 01 13:41:15 2019 us=428695 netbios_node_type = 0
Mon Jul 01 13:41:15 2019 us=428695 disable_nbt = DISABLED
Mon Jul 01 13:41:15 2019 us=428695 OpenVPN 2.4.6 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Apr 26 2018
Mon Jul 01 13:41:15 2019 us=428695 Windows version 6.2 (Windows 8 or greater) 64bit
Mon Jul 01 13:41:15 2019 us=428695 library versions: OpenSSL 1.1.0h 27 Mar 2018, LZO 2.10
Enter Management Password:
Mon Jul 01 13:41:15 2019 us=428695 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Mon Jul 01 13:41:15 2019 us=428695 Need hold release from management interface, waiting...
Mon Jul 01 13:41:15 2019 us=871259 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Mon Jul 01 13:41:15 2019 us=975368 MANAGEMENT: CMD 'state on'
Mon Jul 01 13:41:15 2019 us=975368 MANAGEMENT: CMD 'log all on'
Mon Jul 01 13:41:16 2019 us=208526 MANAGEMENT: CMD 'echo all on'
Mon Jul 01 13:41:16 2019 us=212428 MANAGEMENT: CMD 'bytecount 5'
Mon Jul 01 13:41:16 2019 us=212428 MANAGEMENT: CMD 'hold off'
Mon Jul 01 13:41:16 2019 us=217854 MANAGEMENT: CMD 'hold release'
Mon Jul 01 13:41:21 2019 us=669323 MANAGEMENT: CMD 'username "Auth" "jnchi"'
Mon Jul 01 13:41:21 2019 us=692733 MANAGEMENT: CMD 'password [...]'
Mon Jul 01 13:41:21 2019 us=692733 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Mon Jul 01 13:41:21 2019 us=696637 Control Channel MTU parms [ L:1621 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Mon Jul 01 13:41:21 2019 us=696637 Data Channel MTU parms [ L:1621 D:1450 EF:121 EB:406 ET:0 EL:3 ]
Mon Jul 01 13:41:21 2019 us=696637 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1541,tun-mtu 1500,proto UDPv4,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
Mon Jul 01 13:41:21 2019 us=696637 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1541,tun-mtu 1500,proto UDPv4,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Mon Jul 01 13:41:21 2019 us=696637 TCP/UDP: Preserving recently used remote address: [AF_INET]192.168.88.129:1194
Mon Jul 01 13:41:21 2019 us=696637 Socket Buffers: R=[65536->65536] S=[65536->65536]
Mon Jul 01 13:41:21 2019 us=696637 UDP link local: (not bound)
Mon Jul 01 13:41:21 2019 us=696637 UDP link remote: [AF_INET]192.168.88.129:1194
Mon Jul 01 13:41:21 2019 us=696637 MANAGEMENT: >STATE:1562002881,WAIT,,,,,,
Mon Jul 01 13:41:21 2019 us=700541 MANAGEMENT: >STATE:1562002881,AUTH,,,,,,
Mon Jul 01 13:41:21 2019 us=700541 TLS: Initial packet from [AF_INET]192.168.88.129:1194, sid=c08e018a 7f946ca1
Mon Jul 01 13:41:21 2019 us=704445 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Mon Jul 01 13:41:21 2019 us=716157 VERIFY OK: depth=1, C=US, ST=CA, L=SanFrancisco, O=Fort-Funston, OU=MyOrganizationalUnit, CN=Fort-Funston CA, name=EasyRSA, [email protected]
Mon Jul 01 13:41:21 2019 us=716157 VERIFY OK: depth=0, C=US, ST=CA, L=SanFrancisco, O=Fort-Funston, OU=MyOrganizationalUnit, CN=server, name=EasyRSA, [email protected]
Mon Jul 01 13:41:21 2019 us=727869 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1541', remote='link-mtu 1558'
Mon Jul 01 13:41:21 2019 us=727869 WARNING: 'cipher' is used inconsistently, local='cipher BF-CBC', remote='cipher AES-256-CBC'
Mon Jul 01 13:41:21 2019 us=727869 WARNING: 'keysize' is used inconsistently, local='keysize 128', remote='keysize 256'
Mon Jul 01 13:41:21 2019 us=727869 WARNING: 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
Mon Jul 01 13:41:21 2019 us=727869 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Mon Jul 01 13:41:21 2019 us=727869 [server] Peer Connection Initiated with [AF_INET]192.168.88.129:1194
Mon Jul 01 13:41:22 2019 us=771232 MANAGEMENT: >STATE:1562002882,GET_CONFIG,,,,,,
Mon Jul 01 13:41:22 2019 us=771232 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Mon Jul 01 13:41:27 2019 us=811814 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Mon Jul 01 13:41:32 2019 us=858921 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Mon Jul 01 13:41:37 2019 us=887205 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Mon Jul 01 13:41:42 2019 us=920669 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Mon Jul 01 13:41:48 2019 us=72612 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Mon Jul 01 13:41:48 2019 us=76517 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 208.67.220.220,dhcp-option DNS 208.67.222.222,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5,peer-id 0,cipher AES-256-GCM'
Mon Jul 01 13:41:48 2019 us=76517 OPTIONS IMPORT: timers and/or timeouts modified
Mon Jul 01 13:41:48 2019 us=76517 OPTIONS IMPORT: --ifconfig/up options modified
Mon Jul 01 13:41:48 2019 us=76517 OPTIONS IMPORT: route options modified
Mon Jul 01 13:41:48 2019 us=76517 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Mon Jul 01 13:41:48 2019 us=76517 OPTIONS IMPORT: peer-id set
Mon Jul 01 13:41:48 2019 us=76517 OPTIONS IMPORT: adjusting link_mtu to 1624
Mon Jul 01 13:41:48 2019 us=76517 OPTIONS IMPORT: data channel crypto options modified
Mon Jul 01 13:41:48 2019 us=76517 Data Channel: using negotiated cipher 'AES-256-GCM'
Mon Jul 01 13:41:48 2019 us=76517 Data Channel MTU parms [ L:1552 D:1450 EF:52 EB:406 ET:0 EL:3 ]
Mon Jul 01 13:41:48 2019 us=76517 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Mon Jul 01 13:41:48 2019 us=76517 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Mon Jul 01 13:41:48 2019 us=76517 interactive service msg_channel=736
Mon Jul 01 13:41:48 2019 us=88221 ROUTE_GATEWAY 192.168.1.99/255.255.255.0 I=9 HWADDR=8c:ae:4c:e6:62:72
Mon Jul 01 13:41:48 2019 us=107741 open_tun
Mon Jul 01 13:41:48 2019 us=107741 TAP-WIN32 device [Ethernet 2] opened: \\.\Global\{19FE718C-A779-49C4-B127-D660A38AD2B3}.tap
Mon Jul 01 13:41:48 2019 us=107741 TAP-Windows Driver Version 9.21
Mon Jul 01 13:41:48 2019 us=107741 TAP-Windows MTU=1500
Mon Jul 01 13:41:48 2019 us=111646 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.8.0.6/255.255.255.252 on interface {19FE718C-A779-49C4-B127-D660A38AD2B3} [DHCP-serv: 10.8.0.5, lease-time: 31536000]
Mon Jul 01 13:41:48 2019 us=111646 DHCP option string: 0608d043 dcdcd043 dede
Mon Jul 01 13:41:48 2019 us=115550 Successful ARP Flush on interface [5] {19FE718C-A779-49C4-B127-D660A38AD2B3}
Mon Jul 01 13:41:48 2019 us=131166 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Mon Jul 01 13:41:48 2019 us=131166 MANAGEMENT: >STATE:1562002908,ASSIGN_IP,,10.8.0.6,,,,
Mon Jul 01 13:41:53 2019 us=332893 TEST ROUTES: 2/2 succeeded len=1 ret=1 a=0 u/d=up
Mon Jul 01 13:41:53 2019 us=336742 C:\WINDOWS\system32\route.exe ADD 192.168.88.129 MASK 255.255.255.255 192.168.1.99
Mon Jul 01 13:41:53 2019 us=336742 Route addition via service succeeded
Mon Jul 01 13:41:53 2019 us=336742 C:\WINDOWS\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 10.8.0.5
Mon Jul 01 13:41:53 2019 us=344550 Route addition via service succeeded
Mon Jul 01 13:41:53 2019 us=344550 C:\WINDOWS\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 10.8.0.5
Mon Jul 01 13:41:53 2019 us=348454 Route addition via service succeeded
Mon Jul 01 13:41:53 2019 us=348454 MANAGEMENT: >STATE:1562002913,ADD_ROUTES,,,,,,
Mon Jul 01 13:41:53 2019 us=348454 C:\WINDOWS\system32\route.exe ADD 10.8.0.1 MASK 255.255.255.255 10.8.0.5
Mon Jul 01 13:41:53 2019 us=352358 Route addition via service succeeded
Mon Jul 01 13:41:53 2019 us=352358 Initialization Sequence Completed
Mon Jul 01 13:41:53 2019 us=352358 MANAGEMENT: >STATE:1562002913,CONNECTED,SUCCESS,10.8.0.6,192.168.88.129,1194,,
Mon Jul 01 13:42:08 2019 us=676633 write to TUN/TAP : Unknown error (code=122)
Mon Jul 01 13:42:18 2019 us=695338 write to TUN/TAP : Unknown error (code=122)
Mon Jul 01 13:42:28 2019 us=734996 write to TUN/TAP : Unknown error (code=122)
Mon Jul 01 13:42:38 2019 us=785274 write to TUN/TAP : Unknown error (code=122)
Mon Jul 01 13:42:48 2019 us=904885 write to TUN/TAP : Unknown error (code=122)
Mon Jul 01 13:42:59 2019 us=253862 write to TUN/TAP : Unknown error (code=122)
Mon Jul 01 13:43:09 2019 us=519640 write to TUN/TAP : Unknown error (code=122)
Mon Jul 01 13:43:19 2019 us=703870 write to TUN/TAP : Unknown error (code=122)
Mon Jul 01 13:43:29 2019 us=899488 write to TUN/TAP : Unknown error (code=122)
Mon Jul 01 13:43:40 2019 us=248656 write to TUN/TAP : Unknown error (code=122)
Mon Jul 01 13:43:50 2019 us=341724 write to TUN/TAP : Unknown error (code=122)
Mon Jul 01 13:44:00 2019 us=528679 write to TUN/TAP : Unknown error (code=122)
Mon Jul 01 13:44:10 2019 us=683019 write to TUN/TAP : Unknown error (code=122)
Mon Jul 01 13:44:20 2019 us=906562 write to TUN/TAP : Unknown error (code=122)
Mon Jul 01 13:44:22 2019 us=402517 TCP/UDP: Closing socket
Mon Jul 01 13:44:22 2019 us=402517 C:\WINDOWS\system32\route.exe DELETE 10.8.0.1 MASK 255.255.255.255 10.8.0.5
Mon Jul 01 13:44:22 2019 us=410323 Route deletion via service succeeded
Mon Jul 01 13:44:22 2019 us=410323 C:\WINDOWS\system32\route.exe DELETE 192.168.88.129 MASK 255.255.255.255 192.168.1.99
Mon Jul 01 13:44:22 2019 us=418131 Route deletion via service succeeded
Mon Jul 01 13:44:22 2019 us=418131 C:\WINDOWS\system32\route.exe DELETE 0.0.0.0 MASK 128.0.0.0 10.8.0.5
Mon Jul 01 13:44:22 2019 us=425938 Route deletion via service succeeded
Mon Jul 01 13:44:22 2019 us=425938 C:\WINDOWS\system32\route.exe DELETE 128.0.0.0 MASK 128.0.0.0 10.8.0.5
Mon Jul 01 13:44:22 2019 us=433748 Route deletion via service succeeded
Mon Jul 01 13:44:22 2019 us=433748 Closing TUN/TAP interface
Mon Jul 01 13:44:22 2019 us=461074 TAP: DHCP address released
Mon Jul 01 13:44:22 2019 us=468883 SIGTERM[hard,] received, process exiting
Mon Jul 01 13:44:22 2019 us=468883 MANAGEMENT: >STATE:1562003062,EXITING,SIGTERM,,,,,
WRWWRWRWRWRWRWWRWRWRWRWRWRRWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWRwrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWRwrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWRwrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWRwrWrWrWrWrWrWrWrWrWrWrWrWrWRwWRwrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWRwrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWRwrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWRwrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWRwrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWRwrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWRwrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWRwrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWRwrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWrWRwrWrWrWrWrWrWrWrWrW
Only ET_DYN and ET_EXEC can be loaded
tail -n1 /var/log/openvpn/openvpn.log
Wed Jun 12 19:30:25 2019 us=547048 PLUGIN_INIT: could not load plugin shared object /usr/lib/x86_64-linux-gnu/openvpn/plugins/auth-aad.so: /usr/lib/x86_64-linux-gnu/openvpn/plugins/auth-aad.so: only ET_DYN and ET_EXEC can be loaded
Use pre-shared key for password field
- Add pre-shared key parameter to config file.
{
"pre-shared-key": "e1Eph@nt"
}- Check the key before deferring authentication.
Source: https://github.com/CyberNinjas/openvpn-auth-aad/blob/master/auth_aad.c#L118
Replace bundled pam_aad with dlopen call to shared library
Updates to pam_aad require recompiling the plugin. By calling dlopen on the installed version of the pam_aad module, this is no longer required.
Clarify documentation for platform-specific plugins directory
Failed to build on launchpad
dpkg-buildpackage
-----------------
dpkg-buildpackage: info: source package openvpn-auth-aad
dpkg-buildpackage: info: source version 0.0.1-0~201906191925~ubuntu18.04.1
dpkg-buildpackage: info: source distribution bionic
dpkg-source --before-build openvpn-auth-aad-0.0.1
dpkg-buildpackage: info: host architecture amd64
fakeroot debian/rules clean
dh clean
dh_auto_clean
make -j1 clean
make[1]: Entering directory '/<<PKGBUILDDIR>>'
make[1]: Leaving directory '/<<PKGBUILDDIR>>'
dh_clean
debian/rules build
dh build
dh_update_autotools_config
debian/rules override_dh_auto_configure
make[1]: Entering directory '/<<PKGBUILDDIR>>'
/bin/sh ./bootstrap.sh
./bootstrap.sh: 3: ./bootstrap.sh: git: not found
autoreconf: 'configure.ac' or 'configure.in' is required
debian/rules:9: recipe for target 'override_dh_auto_configure' failed
make[1]: *** [override_dh_auto_configure] Error 1
make[1]: Leaving directory '/<<PKGBUILDDIR>>'
debian/rules:6: recipe for target 'build' failed
make: *** [build] Error 2
dpkg-buildpackage: error: debian/rules build subprocess returned exit status 2
--------------------------------------------------------------------------------
Build finished at 20190619-1951Source: buildlog
Support OpenVPN Challenge/Response protocol
pam_aad introduce a function by sending a mail with the device code to the user, because not all apps supporting interactive authentication.
But OpenVPN support interactive authentication, if a plugin would handle the dynamic challenges.
You could read some basic about static challenges (designed for OTPs) at the manual (look for static-challenge here).
In the management interface documentation, the dynamic challenges are described here, too. (Look for Challenge/Response Protocol).
The Challenge Request could be something like:
PIN: 46433 - Enter the code at https://aka.ms/devicelogin. Type "OK" to continue.
If the user respond with an "OK", with plugin could assume that the user does the authentication at MS and look if the verification was successful.
Problem: It looks like this feature isn't documented well since it's designed for enterprise OpenVPN only (OpenVPN Access Server).
Dynamic Challenges can be send to the client by the AUTH_FAILED command including a formatted error message like
CRV1:R,E:PG_09HT0rZcjdFd6GnA:bG9uZG9u:Enter Authenticator Code
The management interface documentation documents the format of the error message well.
I don't know if it's possible that a plugin can set the client_reason field that handling the AUTH_FAILED error message.
Related links:
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.