What's new

OpenVpn rehash old passwords after adding new and reboot

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Scotovod

New Around Here
Affected device RT-AC5300
fw version 386.3_2, 386.2_6, 386.2_4

steps to reproduse
1. create one user
2. nvram show | grep vpn_serverx_clientlist view plain password
3. reboot router
4. nvram show | grep vpn_serverx_clientlist view hashed password
5. create second user
6. nvram show | grep vpn_serverx_clientlist view one hashed and one plain password
7. reboot router
8. nvram show | grep vpn_serverx_clientlist view one new hashed and one new rehashed (hash(hash)) password

expected
8. nvram show | grep vpn_serverx_clientlist - view new hashed and old hashed password
 
And? You've told us it's rehashed a prior password. Fine. For all I know, that's to be expected given the way it's implemented (maybe it rehashes all the entries when a new username/password is added by using all the prior username/passwords as salt). All that matters is whether username/passwords work. Are you claiming they don't? And it's because of this behavior?
 
And? You've told us it's rehashed a prior password. Fine. For all I know, that's to be expected given the way it's implemented (maybe it rehashes all the entries when a new username/password is added by using all the prior username/passwords as salt). All that matters is whether username/passwords work. Are you claiming they don't? And it's because of this behavior?
Yes is not working for old setting user/passw old user only auth by hash instead of real password (because hash of password rehashed as password)
 
The issue is already resolved in 386.4 following the merge of GPL 45958.
 

Similar threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top