git.feebdaed.xyz Git - 0xmirror/openvpn.git/commit

author	Arne Schwabe <arne@rfc2549.org>
	Thu, 30 Oct 2025 19:43:56 +0000 (20:43 +0100)
committer	Gert Doering <gert@greenie.muc.de>
	Thu, 30 Oct 2025 20:54:16 +0000 (21:54 +0100)
commit	3fbba254b8645d2d1241e59f6ebd05e85ce05b52
tree	9f1c4a05f71a9bbb3b5dcacd5c233e7c72bbd98b	tree \| snapshot
parent	cd4cac16555904ea8a8edcf0b669efb34f478609	commit \| diff

clean up environment variable handling in verify_user_pass_script

The username environment variable is already set by the
set_verify_user_pass_env function before the verify_user_pass_script
function is called, so this call is not doing anything but might erroneously
made people think that this needs to be cleaned up.

Also ensure that the password is clean from the env even in an error case.

Reported-by: Joshua Rogers <contact@joshua.hu>
Found-by: ZeroPath (https://zeropath.com/)
Change-Id: I6c502508026c6b85bb092ada4d16d985b20dd41f
Signed-off-by: Arne Schwabe <arne-openvpn@rfc2549.org>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1326
Message-Id: <20251030194402.1729-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg34069.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>