Project

General

Profile

Bug #9727

status.php: Sanitize influx_pass

Added by Viktor Gurov 9 months ago. Updated 6 months ago.

Status:
Resolved
Priority:
Normal
Assignee:
Category:
Web Interface
Target version:
Start date:
09/05/2019
Due date:
% Done:

100%

Estimated time:
Affected Version:
All
Affected Architecture:

Description

config-sanitized.xml keep hash of influx_pass (Telegraf package):
$ grep influx config-sanitized.xml
<influx_server>10.1.1.1</influx_server>
<influx_db>InDB</influx_db>
<influx_user>dbuser1</influx_user>
<influx_pass>cGFzczEyMw==</influx_pass>

2.5.0-DEVELOPMENT (amd64)
built on Wed Sep 04 20:39:01 EDT 2019
FreeBSD 12.0-RELEASE-p10

Associated revisions

Revision 8bc944bb (diff)
Added by Jim Pingle 9 months ago

status.php: Sanitize influx_pass and cert_key. Fixes #9727 Fixes #9728

Revision f314a7d9 (diff)
Added by Jim Pingle 9 months ago

status.php: Sanitize influx_pass and cert_key. Fixes #9727 Fixes #9728

(cherry picked from commit 8bc944bbcba57f74934b87dcea4e7621f0743584)

History

#1 Updated by Jim Pingle 9 months ago

  • Project changed from pfSense Packages to pfSense
  • Subject changed from influx_pass in config-sanitized.xml to status.php: Sanitize influx_pass
  • Category changed from Telegraf to Web Interface
  • Affected Version changed from 2.5.0 to All

This is in status.php, not the package.

#2 Updated by Jim Pingle 9 months ago

  • Assignee set to Jim Pingle

#3 Updated by Jim Pingle 9 months ago

  • Status changed from New to Feedback
  • % Done changed from 0 to 100

#4 Updated by Viktor Gurov 8 months ago

Jim Pingle wrote:

Applied in changeset 8bc944bbcba57f74934b87dcea4e7621f0743584.

<influx_pass>xxxxx</influx_pass>

ok now
Resolved

#5 Updated by Jim Pingle 8 months ago

  • Status changed from Feedback to Resolved

#6 Updated by Jim Pingle 6 months ago

  • Private changed from Yes to No

#7 Updated by Jim Pingle 6 months ago

  • Target version changed from 2.5.0 to 2.4.5

#8 Updated by Jim Pingle 6 months ago

  • Status changed from Resolved to Feedback

Needs checked and/or tested again on 2.4.5 snapshots

#9 Updated by Viktor Gurov 6 months ago

Jim Pingle wrote:

Needs checked and/or tested again on 2.4.5 snapshots

tested on 2.4.5.a.20191209.0732

Resolved

#10 Updated by Jim Pingle 6 months ago

  • Status changed from Feedback to Resolved

Also available in: Atom PDF