summaryrefslogtreecommitdiff
path: root/python
diff options
context:
space:
mode:
authorYuriy Andamasov <yuriy@vyos.io>2026-06-02 17:51:54 +0300
committerChristian Breunig <christian@breunig.cc>2026-06-04 21:41:34 +0200
commit98bea7f563896531914eb517281af9d04819dfaf (patch)
treed6275e205aa2db273eaf1f63aac176f948ff611b /python
parente238afbd6bc272b02b426f1b16fe8d16f6069c05 (diff)
downloadvyos-1x-98bea7f563896531914eb517281af9d04819dfaf.tar.gz
vyos-1x-98bea7f563896531914eb517281af9d04819dfaf.zip
remote: T8956: stop leaking URL credentials in TftpC.upload()
TftpC.upload() printed `{command} "{urlstring}"` to stdout before running the command. This was debug code from the time where VRF support was added. As TFTP has no authentication - no credentials got leaked.
Diffstat (limited to 'python')
-rw-r--r--python/vyos/remote.py1
1 files changed, 0 insertions, 1 deletions
diff --git a/python/vyos/remote.py b/python/vyos/remote.py
index b69e8d32b..3be87e179 100644
--- a/python/vyos/remote.py
+++ b/python/vyos/remote.py
@@ -476,7 +476,6 @@ class TftpC:
vrf=self.vrf).encode())
def upload(self, location: str):
- print(f'{self.command} "{self.urlstring}"')
with open(location, 'rb') as f:
cmd(f'{self.command} --upload-file - "{self.urlstring}"',
input=f.read(), vrf=self.vrf)