Redact "echo" directive strings from log, since

these strings (going forward) could conceivably contain security-sensitive data. Version 2.1.7 git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@7480 e7ae566f-a301-0410-adde-c780ea21d3b5
2024-09-20 03:52:28 +02:00 · 2011-07-28 01:29:12 +00:00 · 2011-07-28 01:29:12 +00:00 · 429ab79520
commit 429ab79520
parent 20fc33707e
2 changed files with 9 additions and 0 deletions
--- a/misc.c
+++ b/misc.c
@ -2408,6 +2408,11 @@ sanitize_control_message(const char *str, struct gc_arena *gc)
 	  cp += 7;
 	  redact = true;
 	}
+      else if (c == 'e' && !strncmp(cp, "echo ", 5))
+	{
+	  cp += 4;
+	  redact = true;
+	}
      else
 	{
 	  if (c == ',') /* end of session id? */
--- a/options.c
+++ b/options.c
@ -3886,9 +3886,13 @@ add_option (struct options *options,
 	}
      if (good)
 	{
+#if 0
+	  /* removed for now since ECHO can potentially include
+	     security-sensitive strings */
 	  msg (M_INFO, "%s:%s",
 	       pull_mode ? "ECHO-PULL" : "ECHO",
 	       BSTR (&string));
+#endif
 #ifdef ENABLE_MANAGEMENT
 	  if (management)
 	    management_echo (management, BSTR (&string), pull_mode);