[MacPorts] #44041: openvpn2 @ 2.3.4 Expose configure option --enable-password-save
#44041: openvpn2 @ 2.3.4 Expose configure option --enable-password-save --------------------------+-------------------------------- Reporter: vbourachot@… | Owner: macports-tickets@… Type: enhancement | Status: new Priority: Normal | Milestone: MacPorts Future Component: ports | Version: 2.3.0 Keywords: | Port: openvpn2 --------------------------+-------------------------------- Expose openvpn configure option --enable-password-save via a variant.[[BR]] Variant name and description in the diff are taken from the openvpn configure script. -- Ticket URL: <https://trac.macports.org/ticket/44041> MacPorts <http://www.macports.org/> Ports system for OS X
#44041: openvpn2 @ 2.3.4 Expose configure option --enable-password-save ---------------------------+----------------------------- Reporter: vbourachot@… | Owner: julien.touche@… Type: enhancement | Status: new Priority: Normal | Milestone: MacPorts Future Component: ports | Version: 2.3.0 Resolution: | Keywords: haspatch Port: openvpn2 | ---------------------------+----------------------------- Changes (by pixilla@…): * keywords: => haspatch * owner: macports-tickets@… => julien.touche@… -- Ticket URL: <https://trac.macports.org/ticket/44041#comment:1> MacPorts <http://www.macports.org/> Ports system for OS X
#44041: openvpn2 @ 2.3.4 Expose configure option --enable-password-save ---------------------------+----------------------------- Reporter: vbourachot@… | Owner: julien.touche@… Type: enhancement | Status: new Priority: Normal | Milestone: MacPorts Future Component: ports | Version: 2.3.0 Resolution: | Keywords: haspatch Port: openvpn2 | ---------------------------+----------------------------- Comment (by pixilla@…): Any reason to not add "--enable-password-save" to default configure args or add the enable_password_save variant to default_variants? -- Ticket URL: <https://trac.macports.org/ticket/44041#comment:2> MacPorts <http://www.macports.org/> Ports system for OS X
#44041: openvpn2 @ 2.3.4 Expose configure option --enable-password-save ---------------------------+----------------------------- Reporter: vbourachot@… | Owner: julien.touche@… Type: enhancement | Status: new Priority: Normal | Milestone: MacPorts Future Component: ports | Version: 2.3.0 Resolution: | Keywords: haspatch Port: openvpn2 | ---------------------------+----------------------------- Comment (by vbourachot@…): Replying to [comment:2 pixilla@…]:
Any reason to not add "--enable-password-save" to default configure args or add the enable_password_save variant to default_variants?
My 2 cents from what I could read from openvpn support forums:[[BR]] A decision was made at some point to turn this feature off by default and allow enabling it via a configure option. I assume it was done on security concerns, since storing a passphrase or full credentials to a VPN in plain text is hardly a good security practice :) However, for those 'VPN that don't matter' (e.g., internet anonymity services, as opposed to a company VPN) and only support password authentication, it's really handy. I think allowing the user to separately configure via an optional variant is a good compromise. If one specifically asks for the variant, then one should know the security implications of using the feature. -- Ticket URL: <https://trac.macports.org/ticket/44041#comment:3> MacPorts <http://www.macports.org/> Ports system for OS X
#44041: openvpn2 @ 2.3.4 Expose configure option --enable-password-save ---------------------------+----------------------------- Reporter: vbourachot@… | Owner: julien.touche@… Type: enhancement | Status: new Priority: Normal | Milestone: MacPorts Future Component: ports | Version: 2.3.0 Resolution: | Keywords: haspatch Port: openvpn2 | ---------------------------+----------------------------- Comment (by pixilla@…): Replying to [comment:3 vbourachot@…]:
Replying to [comment:2 pixilla@…]:
Any reason to not add "--enable-password-save" to default configure args or add the enable_password_save variant to default_variants?
My 2 cents from what I could read from openvpn support forums:[[BR]] A decision was made at some point to turn this feature off by default and allow enabling it via a configure option. I assume it was done on security concerns, since storing a passphrase or full credentials to a VPN in plain text is hardly a good security practice :)
When built with "--enable-password-save" does openvpn automatically save passwords as plain text? -- Ticket URL: <https://trac.macports.org/ticket/44041#comment:4> MacPorts <http://www.macports.org/> Ports system for OS X
#44041: openvpn2 @ 2.3.4 Expose configure option --enable-password-save ---------------------------+----------------------------- Reporter: vbourachot@… | Owner: julien.touche@… Type: enhancement | Status: new Priority: Normal | Milestone: MacPorts Future Component: ports | Version: 2.3.0 Resolution: | Keywords: haspatch Port: openvpn2 | ---------------------------+----------------------------- Comment (by vbourachot@…): Replying to [comment:4 pixilla@…]:
When built with "--enable-password-save" does openvpn automatically save passwords as plain text? No, but it allows you to save your credentials to a text file and have the client read your vpn credentials from it.
-- Ticket URL: <https://trac.macports.org/ticket/44041#comment:5> MacPorts <http://www.macports.org/> Ports system for OS X
#44041: openvpn2 @ 2.3.4 Expose configure option --enable-password-save ---------------------------+----------------------------- Reporter: vbourachot@… | Owner: jul_bsd@… Type: enhancement | Status: new Priority: Normal | Milestone: MacPorts Future Component: ports | Version: 2.3.0 Resolution: | Keywords: haspatch Port: openvpn2 | ---------------------------+----------------------------- Changes (by jmr@…): * owner: julien.touche@… => jul_bsd@… -- Ticket URL: <https://trac.macports.org/ticket/44041#comment:6> MacPorts <http://www.macports.org/> Ports system for OS X
participants (1)
-
MacPorts