commit | b26347a48e976a890210bb5fcc28892ac7df42e9 | [log] [tgz] |
---|---|---|
author | Paul Stewart <pstew@chromium.org> | Fri Aug 02 19:12:09 2013 |
committer | ChromeBot <chrome-bot@google.com> | Mon Aug 05 20:38:44 2013 |
tree | 40602f8e43cb8288f09f31b094d007a2174434f9 | |
parent | d256b397048f885849cfdcef746df596b836560c [diff] |
shill: OpenVPNDriver: Write a configuration file Instead of passing configuration to OpenVPN using command line options, write out a configuration file instead. This config file is owned by root created in a run directory that is not readable by any other users. Although OpenVPN drops privileges, it reads its configuration before doing so. The configuration file is removed with the regular OpenVPNDriver cleanup process. As a side effect of this, all added options in the OpenVPNDriver and OpenVPNManagementServer now lose their "--" prefix. BUG=chromium:217624 TEST=Unit tests, network_VPNConnect.openvpn_user_pass Change-Id: I6424ccafb5764428b1ee8fc2ad41177a6d2b3c52 Reviewed-on: https://gerrit.chromium.org/gerrit/64368 Commit-Queue: Paul Stewart <pstew@chromium.org> Reviewed-by: Paul Stewart <pstew@chromium.org> Tested-by: Paul Stewart <pstew@chromium.org>