GitList

Browse code

White-list pull-filter and script-security in interactive service

This allows the Windows GUI to use these options on the command
line without triggering user authorization errors.

Useful for
(i) ignoring certain pushed options such as "route-method" which
could otherwise bypass the interactive service
(ii) enforcing a safer script-security setting from the GUI

See also:
https://github.com/OpenVPN/openvpn-gui/issues/235#issuecomment-456142928

Signed-off-by: Selva Nair <selva.nair@gmail.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1548172232-11268-1-git-send-email-selva.nair@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg18154.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>

Selva Nair authored on 2019/01/23 00:50:32
Showing 1 changed files

src/openvpnserv/validate.c index 9e1d7d2..9b01770 100644

src/openvpnserv/validate.c

History View file @ 0d94d43

@@ -44,6 +44,8 @@ static const WCHAR *white_list[] =
                          L"setenv",
                          L"service",
                          L"verb",
                     +    L"pull-filter",
                     +    L"script-security",
                          NULL                                /* last value */
                      };