Actions
Bug #11767
closed
Sanitize OpenVPN Client Export certificate password in status output
Start date:
04/01/2021
Due date:
% Done:
100%
Estimated time:
Plus Target Version:
21.05
Release Notes:
Default
Affected Version:
2.5.0
Affected Architecture:
Description
Certificate Password (Password used to protect the certificate file contents) `<pass>` is not sanitized from status_output
Updated by Viktor Gurov over 4 years ago
- Project changed from pfSense Packages to pfSense
- Subject changed from Certificate Password is not sanitized from status_output to OpenVPN Client Export - Certificate Password is not sanitized from status_output
- Category changed from OpenVPN Client Export to Diagnostics
- Release Notes set to Default
example:
<vpn_openvpn_export>
<serverconfig>
<item>
<pass>password12345</pass>
<proxypass>xxxx</proxypass>
<server>1</server>
<useaddr>servermagichost</useaddr>
<useaddr_hostname></useaddr_hostname>
<verifyservercn>auto</verifyservercn>
<blockoutsidedns></blockoutsidedns>
<legacy></legacy>
<randomlocalport></randomlocalport>
<usepkcs11></usepkcs11>
<pkcs11providers></pkcs11providers>
<usetoken>yes</usetoken>
<usepass>yes</usepass>
<useproxy></useproxy>
<useproxytype>socks</useproxytype>
<proxyaddr>10.2.2.2</proxyaddr>
<proxyport>3128</proxyport>
<silent></silent>
<useproxypass>basic</useproxypass>
<proxyuser>oproxyuser1</proxyuser>
<advancedoptions></advancedoptions>
</item>
</serverconfig>
Updated by Viktor Gurov over 4 years ago
- Affected Version set to 2.5.0
Updated by Jim Pingle over 4 years ago
- Status changed from New to Pull Request Review
- Target version set to CE-Next
Updated by Viktor Gurov over 4 years ago
- Status changed from Pull Request Review to Feedback
- % Done changed from 0 to 100
Applied in changeset eea0b39cf362c2da011d2bf7f9b3a5f86ce7b2da.
Updated by Jim Pingle over 4 years ago
- Target version changed from CE-Next to 2.6.0
Updated by Jim Pingle over 4 years ago
- Subject changed from OpenVPN Client Export - Certificate Password is not sanitized from status_output to Sanitize OpenVPN Client Export certificate password in status output
Updated by Jim Pingle over 4 years ago
- Target version changed from 2.6.0 to 2.5.2
Updated by Jim Pingle over 4 years ago
- Status changed from Feedback to Closed
- Assignee set to Viktor Gurov
Works. Password is sanitized in the output.
<vpn_openvpn_export>
<serverconfig>
<item>
<pass>xxxxx</pass>
<proxypass>xxxxx</proxypass>
<server>3</server>
<useaddr>serveraddr</useaddr>
<useaddr_hostname></useaddr_hostname>
<verifyservercn>auto</verifyservercn>
<blockoutsidedns></blockoutsidedns>
<legacy></legacy>
<randomlocalport></randomlocalport>
<usepkcs11></usepkcs11>
<pkcs11providers></pkcs11providers>
<usetoken></usetoken>
<usepass>yes</usepass>
<useproxy></useproxy>
<useproxytype>http</useproxytype>
<proxyaddr></proxyaddr>
<proxyport></proxyport>
<silent></silent>
<useproxypass>none</useproxypass>
<proxyuser>xxxxx</proxyuser>
<advancedoptions></advancedoptions>
</item>
</serverconfig>
<defaultsettings></defaultsettings>
</vpn_openvpn_export>
Actions