Thanks for looking into this - and I agree with the conclusion on
keeping the scope of this patch to "purge this", not refactor the
overall code to get rid of that copy completely.
I have not tested this "for real" as I do not currently have a proxy
setup that requires authentication - just stared at the code, and run
the normal client->proxy tests (and nothing broke).
Your patch has been applied to the master and release/2.6 branch
(useful and fairly isolated change, adding a bit of hardening).
commit dbe7e456954bf001420c4552c2b6e184ec6e068c (master)
commit 534609a2a7f0dcd56c8eab764c9c9c99834dcc6f (release/2.6)
Author: Selva Nair
Date: Thu Sep 5 12:07:24 2024 +0200
proxy.c: Clear sensitive data after use
Signed-off-by: Selva Nair <selva.n...@gmail.com>
Acked-by: Frank Lichtenheld <fr...@lichtenheld.com>
Message-Id: <20240905100724.4105-1-g...@greenie.muc.de>
URL:
https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg29061.html
Signed-off-by: Gert Doering <g...@greenie.muc.de>
--
kind regards,
Gert Doering
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
