On 13/10/16 21:59, David Sommerseth wrote: > If --auth-gen-token has been enabled and a token has been generated, > ensure this token is pushed to the client using the 'auth-token' option. > > Signed-off-by: David Sommerseth <[email protected]> > --- > src/openvpn/misc.c | 5 +++++ > src/openvpn/push.c | 9 ++++++++- > src/openvpn/ssl_common.h | 2 ++ > 3 files changed, 15 insertions(+), 1 deletion(-) > > diff --git a/src/openvpn/misc.c b/src/openvpn/misc.c > index 225f0bf..b74ac9d 100644 > --- a/src/openvpn/misc.c > +++ b/src/openvpn/misc.c > @@ -2073,6 +2073,11 @@ sanitize_control_message(const char *src, struct > gc_arena *gc) > skip = 4; > redact = true; > } > + else if (!check_debug_level(D_SHOW_KEYS) && (c == 'a' && !strncmp(src, > "auth-token ", 11))) > + { > + skip = 10; > + redact = true; > + }
This magic here should probably be explained in the commit message. It basically removes the auth-token value from the log file, unless --verb is set to 7 or higher and debug logging have not been disabled (configure --disable-debug). -- kind regards, David Sommerseth
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________ Openvpn-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-devel
