diff options
| author | james <james@e7ae566f-a301-0410-adde-c780ea21d3b5> | 2008-09-06 09:42:17 +0000 |
|---|---|---|
| committer | james <james@e7ae566f-a301-0410-adde-c780ea21d3b5> | 2008-09-06 09:42:17 +0000 |
| commit | b8fb090c167ff500a8d702f612a42914d4f0bb03 (patch) | |
| tree | 982fe657f91c834bc17d1e81f04672323a2dda1a /errlevel.h | |
| parent | Added --allow-pull-fqdn option which allows client to pull DNS names (diff) | |
| download | openvpn-b8fb090c167ff500a8d702f612a42914d4f0bb03.tar.xz | |
2.1_rc8 and earlier did implicit shell expansion on script
arguments since all scripts were called by system().
The security hardening changes made to 2.1_rc9 no longer
use system(), but rather use the safer execve or CreateProcess
system calls. The security hardening also introduced a
backward incompatibility with 2.1_rc8 and earlier in that
script parameters were no longer shell-expanded, so
for example:
client-connect "docc CLIENT-CONNECT"
would fail to work because execve would try to execute
a script called "docc CLIENT-CONNECT" instead of "docc"
with "CLIENT-CONNECT" as the first argument.
This patch fixes the issue, bringing the script argument
semantics back to pre 2.1_rc9 behavior in order to preserve
backward compatibility while still using execve or CreateProcess
to execute the script/executable.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3311 e7ae566f-a301-0410-adde-c780ea21d3b5
Diffstat (limited to 'errlevel.h')
| -rw-r--r-- | errlevel.h | 1 |
1 files changed, 1 insertions, 0 deletions
@@ -75,6 +75,7 @@ #define D_CLOSE LOGLEV(2, 22, 0) /* show socket and TUN/TAP close */ #define D_SHOW_OCC_HASH LOGLEV(2, 23, 0) /* show MD5 hash of option compatibility string */ #define D_PROXY LOGLEV(2, 24, 0) /* show http proxy control packets */ +#define D_ARGV LOGLEV(2, 25, 0) /* show struct argv errors */ #define D_TLS_DEBUG_LOW LOGLEV(3, 20, 0) /* low frequency info from tls_session routines */ #define D_GREMLIN LOGLEV(3, 30, 0) /* show simulated outage info from gremlin module */ |