shadowsocksserver: Mark secret strings in privileged actions

Tests: - Run affected privileged actions through UI and notice that secret strings are not logged. Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org> Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
2026-01-21 07:55:00 +00:00 · 2024-08-04 11:02:26 -07:00 · 2024-08-04 11:02:26 -07:00 · 39d0c03700
commit 39d0c03700
parent 4c352619a5
2 changed files with 5 additions and 8 deletions
--- a/plinth/modules/shadowsocksserver/privileged.py
+++ b/plinth/modules/shadowsocksserver/privileged.py
@ -8,7 +8,7 @@ import random
 import string

 from plinth import action_utils
-from plinth.actions import privileged
+from plinth.actions import privileged, secret_str

 SHADOWSOCKS_CONFIG_SYMLINK = '/etc/shadowsocks-libev/fbxserver.json'
 SHADOWSOCKS_CONFIG_ACTUAL = \
@ -68,8 +68,9 @@ def _merge_config(config):


@privileged
-def merge_config(config: dict[str, str]):
+def merge_config(password: secret_str, method: str):
    """Configure Shadowsocks Server."""
+    config = {'password': password, 'method': method}
    _merge_config(config)

    # Don't try_restart because initial configuration may not be valid so
--- a/plinth/modules/shadowsocksserver/views.py
+++ b/plinth/modules/shadowsocksserver/views.py
@ -43,12 +43,8 @@ class ShadowsocksServerAppView(views.AppView):

        if old_status['password'] != new_status['password'] or \
           old_status['method'] != new_status['method']:
-            new_config = {
-                'password': new_status['password'],
-                'method': new_status['method'],
-            }
-
-            privileged.merge_config(new_config)
+            privileged.merge_config(new_status['password'],
+                                    new_status['method'])
            messages.success(self.request, _('Configuration updated'))

        return super().form_valid(form)