feat(auth_nocache): support for auth-nocache #125
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* This option can be enabled on OpenVPN clients, to silence warnings like: ``` openvpn[12345]: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this ```
|
🎉 This PR is included in version 0.16.0 🎉 The release is available on GitHub release Your semantic-release bot 📦🚀 |
dimitry-unified-streaming
added a commit
to dimitry-unified-streaming/openvpn-formula
that referenced
this pull request
Dec 2, 2019
This fixes an embarrassing typo in saltstack-formulas#125, causing the `auth_nocache` setting not to work at all.
19 tasks
dimitry-unified-streaming
added a commit
to dimitry-unified-streaming/openvpn-formula
that referenced
this pull request
Dec 5, 2019
This fixes an embarrassing typo in saltstack-formulas#125, causing the `auth_nocache` setting not to work at all.
saltstack-formulas-travis
pushed a commit
that referenced
this pull request
Dec 6, 2019
## [0.16.1](v0.16.0...v0.16.1) (2019-12-06) ### Bug Fixes * **auth_nocache:** fix typo in client template ([c8f0971](c8f0971)), closes [#125](#125)
myii
pushed a commit
to myii/openvpn-formula
that referenced
this pull request
Dec 5, 2020
# [1.14.0](v1.13.0...v1.14.0) (2020-12-05) ### Bug Fixes * **adapters:** call `adapters.sls` in `init.sls` ([3ebcbe9](3ebcbe9)) * **auth_nocache:** fix typo in client template ([c8f0971](c8f0971)), closes [saltstack-formulas#125](https://github.com/myii/openvpn-formula/issues/125) * **centos:** install OpenSSL on CentOS ([7e4c8d6](7e4c8d6)) * **centos-6:** has only _one_ service 'openvpn' ([3d5723d](3d5723d)) * **config:** configurable distinction between server and client services ([18c4c4a](18c4c4a)) * **config:** script-security is a common option ([b1b482c](b1b482c)) * **config:** set tls-auth and tls-crypt independentyl of ta_content ([d3787b6](d3787b6)) * **config:** sub-mappings for client and server ([b30b23d](b30b23d)) * **config.sls:** fix `salt-lint` errors ([1b3f7f6](1b3f7f6)) * **debian-ish:** root owns the logs ([3276d3b](3276d3b)) * **dhparams:** allow generating Diffie Hellman parameters on Windows ([3802024](3802024)) * **fedora:** honor working directory & service name ([4f8e899](4f8e899)) * **freebsd:** load if_tap module ([d63581a](d63581a)) * **ifconfig_pool_persist.sls:** fix `salt-lint` errors ([6969083](6969083)) * **jinja:** don't call pillar.get ([33b98f5](33b98f5)) * **logging:** set replace=False and add dependencies for log files ([9b71fcf](9b71fcf)) * **macros:** use openvpn/macros.jinja ([637387e](637387e)) * **map.jinja:** fix `salt-lint` errors ([eabfc57](eabfc57)) * **network_manager_networks:** properly override port ([1d58ec6](1d58ec6)) * **network_manager_networks:** reduced pillar.get calls ([7ee9eed](7ee9eed)) * **release.config.js:** use full commit hash in commit link [skip ci] ([81d922d](81d922d)) * **repo:** provide EPEL repo configuration for `Amazon Linux-2` ([bfb29bd](bfb29bd)) * **service:** make sure the now obsolete systemd services are disabled ([2dfae46](2dfae46)) * **service:** removed trailing whitespace ([85d2458](85d2458)) * **service:** stop old service only if name is different to new service ([1724dfd](1724dfd)), closes [saltstack-formulas#119](https://github.com/myii/openvpn-formula/issues/119) * **service:** use OS-specific service name in multi-service setups ([b16756c](b16756c)) * **specs:** use boolean operator ([89fa956](89fa956)) * **tap-adapter.ps1:** work with alternate name `Local Area Connection` ([372b3b6](372b3b6)) * **test:** drop ' then$' ([62c2f70](62c2f70)) * **test:** dropped redundant permission checks ([9c3ea71](9c3ea71)) ### Continuous Integration * **cleanup:** dropped obsolete opensuse-leap-15 workaround ([1e1719d](1e1719d)) * **gemfile:** restrict `train` gem version until upstream fix [skip ci] ([ed6b7f0](ed6b7f0)) * **gemfile.lock:** add to repo with updated `Gemfile` [skip ci] ([0aa9fd6](0aa9fd6)) * **github:** add Windows testing using Actions ([2d4b79c](2d4b79c)) * **gitlab:** test `semantic-release` back to GitHub ([6dcf159](6dcf159)) * **gitlab:** use GitLab CI as Travis CI replacement ([c9e4a8c](c9e4a8c)) * **kitchen:** add kitchen file + testinfra ([9c5ee26](9c5ee26)) * **kitchen:** avoid using bootstrap for `master` instances [skip ci] ([6eb1b44](6eb1b44)) * **kitchen:** change `log_level` to `debug` instead of `info` ([e94c9ba](e94c9ba)) * **kitchen:** install required packages to bootstrapped `opensuse` [skip ci] ([b76dcc9](b76dcc9)) * **kitchen:** rename pillar ([4122fc0](4122fc0)) * **kitchen:** test/config/pillars: add jinja for user on debian >= 9 ([3c7f947](3c7f947)) * **kitchen:** use `debian-10-master-py3` instead of `develop` [skip ci] ([83e00e1](83e00e1)) * **kitchen:** use `develop` image until `master` is ready (`amazonlinux`) [skip ci] ([06a09f2](06a09f2)) * **kitchen:** use `saltimages` Docker Hub where available [skip ci] ([740ba4e](740ba4e)) * **kitchen:** use bootstrapped `opensuse` images until `2019.2.2` [skip ci] ([0db9651](0db9651)) * **kitchen+travis:** modify matrix to include `develop` platform ([91b5798](91b5798)) * **kitchen+travis:** remove `master-py2-arch-base-latest` [skip ci] ([9e7aa34](9e7aa34)) * **kitchen+travis:** replace EOL pre-salted images ([2577535](2577535)) * **kitchen+travis:** upgrade matrix after `2019.2.2` release [skip ci] ([4eb9d3b](4eb9d3b)) * **platform:** add `arch-base-latest` (commented out for now) [skip ci] ([75d7aaa](75d7aaa)) * **pre-commit:** add to formula [skip ci] ([95bbd5e](95bbd5e)) * **pre-commit:** enable/disable `rstcheck` as relevant [skip ci] ([92e02f2](92e02f2)) * **pre-commit:** finalise `rstcheck` configuration [skip ci] ([44e040d](44e040d)) * avoid `init_environment` failing due to saltstack/salt[#57628](https://github.com/myii/openvpn-formula/issues/57628) ([398932b](398932b)) * **specs:** increased readability ([b2c9cf1](b2c9cf1)) * **test data:** moved Pillar test data ([2fff1ee](2fff1ee)) * **testing:** added bin/kitchen ([15bea7b](15bea7b)) * **travis:** add notifications => zulip [skip ci] ([80930cd](80930cd)) * **travis:** apply changes from build config validation [skip ci] ([ea3336a](ea3336a)) * **travis:** exclude Fedora 29 from Travis CI ([4a1f9ed](4a1f9ed)) * **travis:** merge `rubocop` linter into main `lint` job ([9f82955](9f82955)) * **travis:** opt-in to `dpl v2` to complete build config validation [skip ci] ([bb43f31](bb43f31)) * **travis:** quote pathspecs used with `git ls-files` [skip ci] ([667bc1f](667bc1f)) * **travis:** run `shellcheck` during lint job [skip ci] ([9d63e36](9d63e36)) * **travis:** test based on template-formula and [saltstack-formulas#98](https://github.com/myii/openvpn-formula/issues/98) ([b9daf9b](b9daf9b)) * **travis:** update `salt-lint` config for `v0.0.10` [skip ci] ([d465b4f](d465b4f)) * **travis:** use `major.minor` for `semantic-release` version [skip ci] ([4099f15](4099f15)) * **travis:** use build config validation (beta) [skip ci] ([d2f7fe2](d2f7fe2)) * **workflows/commitlint:** add to repo [skip ci] ([5900915](5900915)) * merge travis matrix, add `salt-lint` & `rubocop` to `lint` job ([d7f1607](d7f1607)) * merge travis matrix, add `salt-lint` & `rubocop` to `lint` job ([70dab6c](70dab6c)) * **yamllint:** add rule `empty-values` & use new `yaml-files` setting ([a437b3b](a437b3b)) * use `dist: bionic` & apply `opensuse-leap-15` SCP error workaround ([5e02797](5e02797)) ### Documentation * add steps required for testing using Vagrant ([0229d14](0229d14)) * **contributing:** remove to use org-level file instead [skip ci] ([8703eb5](8703eb5)) * **pillar.example:** update with quoted "yes" for comp-lzo ([1b49b24](1b49b24)) * **readme:** update link to `CONTRIBUTING` [skip ci] ([a72049f](a72049f)) ### Features * **auth_gen_token:** support for auth-gen-token ([333edd7](333edd7)) * **auth_nocache:** support for auth-nocache ([c21b7f5](c21b7f5)) * **syslog:** support for syslog ([24b370c](24b370c)) * **yamllint:** include for this repo and apply rules throughout ([4355ac6](4355ac6)) ### Performance Improvements * **travis:** improve `salt-lint` invocation [skip ci] ([26838e5](26838e5)) ### Tests * **map:** verify `map.jinja` dump using `_mapdata` state ([ecac1b1](ecac1b1)) * add test for auth-nocache option ([79c1055](79c1055)) * **kitchen:** debian and ubuntu use different paths now ([dfd784e](dfd784e)) * **pillar:** set 'status' to fix kitchen tests ([07bb5b6](07bb5b6)) * **windows:** add local testing of Windows using Vagrant/Virtualbox ([96c3001](96c3001))
myii
pushed a commit
to myii/openvpn-formula
that referenced
this pull request
Dec 5, 2020
# [1.14.0](v1.13.0...v1.14.0) (2020-12-05) ### Bug Fixes * **adapters:** call `adapters.sls` in `init.sls` ([3ebcbe9](3ebcbe9)) * **auth_nocache:** fix typo in client template ([c8f0971](c8f0971)), closes [saltstack-formulas#125](https://github.com/myii/openvpn-formula/issues/125) * **centos:** install OpenSSL on CentOS ([7e4c8d6](7e4c8d6)) * **centos-6:** has only _one_ service 'openvpn' ([3d5723d](3d5723d)) * **config:** configurable distinction between server and client services ([18c4c4a](18c4c4a)) * **config:** script-security is a common option ([b1b482c](b1b482c)) * **config:** set tls-auth and tls-crypt independentyl of ta_content ([d3787b6](d3787b6)) * **config:** sub-mappings for client and server ([b30b23d](b30b23d)) * **config.sls:** fix `salt-lint` errors ([1b3f7f6](1b3f7f6)) * **debian-ish:** root owns the logs ([3276d3b](3276d3b)) * **dhparams:** allow generating Diffie Hellman parameters on Windows ([3802024](3802024)) * **fedora:** honor working directory & service name ([4f8e899](4f8e899)) * **freebsd:** load if_tap module ([d63581a](d63581a)) * **gitlab:** use Travis instances ([44f6bc1](44f6bc1)) * **ifconfig_pool_persist.sls:** fix `salt-lint` errors ([6969083](6969083)) * **jinja:** don't call pillar.get ([33b98f5](33b98f5)) * **logging:** set replace=False and add dependencies for log files ([9b71fcf](9b71fcf)) * **macros:** use openvpn/macros.jinja ([637387e](637387e)) * **map.jinja:** fix `salt-lint` errors ([eabfc57](eabfc57)) * **network_manager_networks:** properly override port ([1d58ec6](1d58ec6)) * **network_manager_networks:** reduced pillar.get calls ([7ee9eed](7ee9eed)) * **release.config.js:** use full commit hash in commit link [skip ci] ([81d922d](81d922d)) * **repo:** provide EPEL repo configuration for `Amazon Linux-2` ([bfb29bd](bfb29bd)) * **service:** make sure the now obsolete systemd services are disabled ([2dfae46](2dfae46)) * **service:** removed trailing whitespace ([85d2458](85d2458)) * **service:** stop old service only if name is different to new service ([1724dfd](1724dfd)), closes [saltstack-formulas#119](https://github.com/myii/openvpn-formula/issues/119) * **service:** use OS-specific service name in multi-service setups ([b16756c](b16756c)) * **specs:** use boolean operator ([89fa956](89fa956)) * **tap-adapter.ps1:** work with alternate name `Local Area Connection` ([372b3b6](372b3b6)) * **test:** drop ' then$' ([62c2f70](62c2f70)) * **test:** dropped redundant permission checks ([9c3ea71](9c3ea71)) ### Continuous Integration * **cleanup:** dropped obsolete opensuse-leap-15 workaround ([1e1719d](1e1719d)) * **gemfile:** restrict `train` gem version until upstream fix [skip ci] ([ed6b7f0](ed6b7f0)) * **gemfile.lock:** add to repo with updated `Gemfile` [skip ci] ([0aa9fd6](0aa9fd6)) * **github:** add Windows testing using Actions ([2d4b79c](2d4b79c)) * **gitlab:** test `semantic-release` back to GitHub ([0ead7f1](0ead7f1)) * **gitlab:** use GitLab CI as Travis CI replacement ([c9e4a8c](c9e4a8c)) * **kitchen:** add kitchen file + testinfra ([9c5ee26](9c5ee26)) * **kitchen:** avoid using bootstrap for `master` instances [skip ci] ([6eb1b44](6eb1b44)) * **kitchen:** change `log_level` to `debug` instead of `info` ([e94c9ba](e94c9ba)) * **kitchen:** install required packages to bootstrapped `opensuse` [skip ci] ([b76dcc9](b76dcc9)) * **kitchen:** rename pillar ([4122fc0](4122fc0)) * **kitchen:** test/config/pillars: add jinja for user on debian >= 9 ([3c7f947](3c7f947)) * **kitchen:** use `debian-10-master-py3` instead of `develop` [skip ci] ([83e00e1](83e00e1)) * **kitchen:** use `develop` image until `master` is ready (`amazonlinux`) [skip ci] ([06a09f2](06a09f2)) * **kitchen:** use `saltimages` Docker Hub where available [skip ci] ([740ba4e](740ba4e)) * **kitchen:** use bootstrapped `opensuse` images until `2019.2.2` [skip ci] ([0db9651](0db9651)) * **kitchen+travis:** modify matrix to include `develop` platform ([91b5798](91b5798)) * **kitchen+travis:** remove `master-py2-arch-base-latest` [skip ci] ([9e7aa34](9e7aa34)) * **kitchen+travis:** replace EOL pre-salted images ([2577535](2577535)) * **kitchen+travis:** upgrade matrix after `2019.2.2` release [skip ci] ([4eb9d3b](4eb9d3b)) * **platform:** add `arch-base-latest` (commented out for now) [skip ci] ([75d7aaa](75d7aaa)) * **pre-commit:** add to formula [skip ci] ([95bbd5e](95bbd5e)) * **pre-commit:** enable/disable `rstcheck` as relevant [skip ci] ([92e02f2](92e02f2)) * **pre-commit:** finalise `rstcheck` configuration [skip ci] ([44e040d](44e040d)) * avoid `init_environment` failing due to saltstack/salt[#57628](https://github.com/myii/openvpn-formula/issues/57628) ([398932b](398932b)) * **specs:** increased readability ([b2c9cf1](b2c9cf1)) * **test data:** moved Pillar test data ([2fff1ee](2fff1ee)) * **testing:** added bin/kitchen ([15bea7b](15bea7b)) * **travis:** add notifications => zulip [skip ci] ([80930cd](80930cd)) * **travis:** apply changes from build config validation [skip ci] ([ea3336a](ea3336a)) * **travis:** exclude Fedora 29 from Travis CI ([4a1f9ed](4a1f9ed)) * **travis:** merge `rubocop` linter into main `lint` job ([9f82955](9f82955)) * **travis:** opt-in to `dpl v2` to complete build config validation [skip ci] ([bb43f31](bb43f31)) * **travis:** quote pathspecs used with `git ls-files` [skip ci] ([667bc1f](667bc1f)) * **travis:** run `shellcheck` during lint job [skip ci] ([9d63e36](9d63e36)) * **travis:** test based on template-formula and [saltstack-formulas#98](https://github.com/myii/openvpn-formula/issues/98) ([b9daf9b](b9daf9b)) * **travis:** update `salt-lint` config for `v0.0.10` [skip ci] ([d465b4f](d465b4f)) * **travis:** use `major.minor` for `semantic-release` version [skip ci] ([4099f15](4099f15)) * **travis:** use build config validation (beta) [skip ci] ([d2f7fe2](d2f7fe2)) * **workflows/commitlint:** add to repo [skip ci] ([5900915](5900915)) * merge travis matrix, add `salt-lint` & `rubocop` to `lint` job ([d7f1607](d7f1607)) * merge travis matrix, add `salt-lint` & `rubocop` to `lint` job ([70dab6c](70dab6c)) * **yamllint:** add rule `empty-values` & use new `yaml-files` setting ([a437b3b](a437b3b)) * use `dist: bionic` & apply `opensuse-leap-15` SCP error workaround ([5e02797](5e02797)) ### Documentation * add steps required for testing using Vagrant ([0229d14](0229d14)) * **contributing:** remove to use org-level file instead [skip ci] ([8703eb5](8703eb5)) * **pillar.example:** update with quoted "yes" for comp-lzo ([1b49b24](1b49b24)) * **readme:** update link to `CONTRIBUTING` [skip ci] ([a72049f](a72049f)) ### Features * **auth_gen_token:** support for auth-gen-token ([333edd7](333edd7)) * **auth_nocache:** support for auth-nocache ([c21b7f5](c21b7f5)) * **syslog:** support for syslog ([24b370c](24b370c)) * **yamllint:** include for this repo and apply rules throughout ([4355ac6](4355ac6)) ### Performance Improvements * **travis:** improve `salt-lint` invocation [skip ci] ([26838e5](26838e5)) ### Tests * **map:** verify `map.jinja` dump using `_mapdata` state ([ecac1b1](ecac1b1)) * add test for auth-nocache option ([79c1055](79c1055)) * **kitchen:** debian and ubuntu use different paths now ([dfd784e](dfd784e)) * **pillar:** set 'status' to fix kitchen tests ([07bb5b6](07bb5b6)) * **windows:** add local testing of Windows using Vagrant/Virtualbox ([96c3001](96c3001))
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
PR progress checklist (to be filled in by reviewers)
What type of PR is this?
Primary type
[build]Changes related to the build system[chore]Changes to the build process or auxiliary tools and libraries such as documentation generation[ci]Changes to the continuous integration configuration[feat]A new feature[fix]A bug fix[perf]A code change that improves performance[refactor]A code change that neither fixes a bug nor adds a feature[revert]A change used to revert a previous commit[style]Changes that do not affect the meaning of the code (white-space, formatting, missing semi-colons, etc.)Secondary type
[docs]Documentation changes[test]Adding missing or correcting existing testsDoes this PR introduce a
BREAKING CHANGE?No.
Related issues and/or pull requests
Describe the changes you're proposing
This enables adding a
auto-nocacheline in OpenVPN client config files. The pillar name isauth_nocache, similar to otherauth_related settings.Pillar / config required to test the proposed changes
Debug log showing how the proposed changes work
Documentation checklist
README(e.g.Available states).pillar.example.Testing checklist
state_top).Additional context