From 26adfd6d0d03af44a03f327478199f3009f2ad3c Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sun, 19 Apr 2020 17:37:38 +0200 Subject: openvpn: T2336: delete auth-user-pass file when interface is unused Unused means disabled or even deleted - there should be no secrets left-over. --- src/conf_mode/interfaces-openvpn.py | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'src') diff --git a/src/conf_mode/interfaces-openvpn.py b/src/conf_mode/interfaces-openvpn.py index c1c108aa5..e4360ce56 100755 --- a/src/conf_mode/interfaces-openvpn.py +++ b/src/conf_mode/interfaces-openvpn.py @@ -919,6 +919,10 @@ def verify(openvpn): def generate(openvpn): if openvpn['deleted'] or openvpn['disable']: + # delete old auth file if present + if os.path.isfile(openvpn['auth_user_pass_file']): + os.remove(openvpn['auth_user_pass_file']) + return None interface = openvpn['intf'] -- cgit v1.2.3