From 4c352619a578d516b5313e1cc78ef25fcb61b229 Mon Sep 17 00:00:00 2001 From: Sunil Mohan Adapa Date: Sun, 4 Aug 2024 11:01:34 -0700 Subject: [PATCH] shadowsocks: Mark secret strings in privileged actions Tests: - Run affected privileged actions through UI and notice that secret strings are not logged. Signed-off-by: Sunil Mohan Adapa Reviewed-by: James Valleroy --- plinth/modules/shadowsocks/privileged.py | 5 +++-- plinth/modules/shadowsocks/views.py | 3 +-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/plinth/modules/shadowsocks/privileged.py b/plinth/modules/shadowsocks/privileged.py index 1776cc6d9..97b38d112 100644 --- a/plinth/modules/shadowsocks/privileged.py +++ b/plinth/modules/shadowsocks/privileged.py @@ -9,7 +9,7 @@ import string from shutil import move from plinth import action_utils -from plinth.actions import privileged +from plinth.actions import privileged, secret_str SHADOWSOCKS_CONFIG_SYMLINK = '/etc/shadowsocks-libev/freedombox.json' SHADOWSOCKS_CONFIG_ACTUAL = \ @@ -85,8 +85,9 @@ def _merge_config(config): @privileged -def merge_config(config: dict[str, int | str]): +def merge_config(config: dict[str, int | str], password: secret_str): """Configure Shadowsocks Client.""" + config['password'] = password _merge_config(config) # Don't try_restart because initial configuration may not be valid so diff --git a/plinth/modules/shadowsocks/views.py b/plinth/modules/shadowsocks/views.py index b0a9c955a..e9c41b833 100644 --- a/plinth/modules/shadowsocks/views.py +++ b/plinth/modules/shadowsocks/views.py @@ -45,11 +45,10 @@ class ShadowsocksAppView(views.AppView): 'local_port': 1080, 'server': new_status['server'], 'server_port': new_status['server_port'], - 'password': new_status['password'], 'method': new_status['method'], } - privileged.merge_config(new_config) + privileged.merge_config(new_config, new_status['password']) messages.success(self.request, _('Configuration updated')) return super().form_valid(form)