Project

General

Profile

Actions

Bug #15490

closed

Sanitize RFC 2136 Dynamic DNS update keys in ``status.php`` output

Added by Lev Prokofev 8 months ago. Updated about 1 month ago.

Status:
Resolved
Priority:
Normal
Assignee:
Category:
Diagnostics
Target version:
Start date:
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
24.11
Release Notes:
Default
Affected Version:
Affected Architecture:

Description

The keys inside the <dnsupdates> should be sanitized because restoring the client's config for test purposes can cause a lot of issues if the test system has internet access.
For example, after the DYDNS update the remote VPN clients will be not able to connect before the DNS receives a fresh update.

Actions #1

Updated by Jim Pingle 8 months ago

  • Subject changed from rfc2136 keys are not sanitezed in Status output to Sanitize RFC 2136 Dynamic DNS update keys in ``status.php`` output
  • Category changed from Logging to Diagnostics
  • Assignee set to Jim Pingle
  • Target version set to 2.8.0
  • Plus Target Version set to 24.07

Specifically the tag is <keydata> that should be sanitized. (dnsupdates/dnsupdate/<idx>/keydata)

Actions #2

Updated by Kris Phillips 7 months ago

I can confirm this behavior on 24.03.

Actions #3

Updated by Jim Pingle 7 months ago

  • Plus Target Version changed from 24.07 to 24.08
Actions #4

Updated by Jim Pingle 3 months ago

  • Status changed from New to Feedback
  • % Done changed from 0 to 100
Actions #5

Updated by Jim Pingle 2 months ago

  • Plus Target Version changed from 24.08 to 24.11
Actions #6

Updated by Jim Pingle about 1 month ago

  • Status changed from Feedback to Resolved

Status output config.xml has the key data redacted on current builds:

            <keydata>xxxxx</keydata>
Actions

Also available in: Atom PDF