From 68606812dc2f243b17c8a642db5c8c4a50c218da Mon Sep 17 00:00:00 2001
From: Brendan O'Dea <bod@optus.net>
Date: Mon, 9 May 2005 08:53:50 +0000
Subject: [PATCH] "show running-config" output contains clear-text shared
 secrets; require enable

---
 Changes     | 4 +++-
 cli.c       | 4 ++--
 l2tpns.spec | 2 +-
 3 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/Changes b/Changes
index 3d6cc27..414cfbb 100644
--- a/Changes
+++ b/Changes
@@ -1,4 +1,4 @@
-* Sun May 8 2005 Brendan O'Dea <bod@optusnet.com.au> 2.1.0
+* Mon May 9 2005 Brendan O'Dea <bod@optusnet.com.au> 2.1.0
 - Add IPv6 support from Jonathan McDowell.
 - Add CHAP support from Jordan Hrycaj.
 - Add interim accounting support from Vladislav Bjelic.
@@ -58,6 +58,8 @@
   fails.
 - Don't process C_LASTSEEN unless we're a master (otherwise a crashed
   master kills all slaves once restarted).
+- Make "show running-config" a privileged command (contains clear text
+  shared secrets).
 
 * Fri Dec 17 2004 Brendan O'Dea <bod@optusnet.com.au> 2.0.13
 - Better cluster master collision resolution: keep a counter of state
diff --git a/cli.c b/cli.c
index 495222d..886bf1f 100644
--- a/cli.c
+++ b/cli.c
@@ -2,7 +2,7 @@
 // vim: sw=8 ts=8
 
 char const *cvs_name = "$Name:  $";
-char const *cvs_id_cli = "$Id: cli.c,v 1.56 2005-05-05 10:02:07 bodea Exp $";
+char const *cvs_id_cli = "$Id: cli.c,v 1.57 2005-05-09 08:53:50 bodea Exp $";
 
 #include <stdio.h>
 #include <stdarg.h>
@@ -149,7 +149,7 @@ void init_cli(char *hostname)
 	cli_register_command(cli, c, "plugins", cmd_show_plugins, PRIVILEGE_UNPRIVILEGED, MODE_EXEC, "List all installed plugins");
 	cli_register_command(cli, c, "pool", cmd_show_pool, PRIVILEGE_UNPRIVILEGED, MODE_EXEC, "Show the IP address allocation pool");
 	cli_register_command(cli, c, "radius", cmd_show_radius, PRIVILEGE_UNPRIVILEGED, MODE_EXEC, "Show active radius queries");
-	cli_register_command(cli, c, "running-config", cmd_show_run, PRIVILEGE_UNPRIVILEGED, MODE_EXEC, "Show the currently running configuration");
+	cli_register_command(cli, c, "running-config", cmd_show_run, PRIVILEGE_PRIVILEGED, MODE_EXEC, "Show the currently running configuration");
 	cli_register_command(cli, c, "session", cmd_show_session, PRIVILEGE_UNPRIVILEGED, MODE_EXEC, "Show a list of sessions or details for a single session");
 	cli_register_command(cli, c, "tbf", cmd_show_tbf, PRIVILEGE_UNPRIVILEGED, MODE_EXEC, "List all token bucket filters in use");
 	cli_register_command(cli, c, "throttle", cmd_show_throttle, PRIVILEGE_UNPRIVILEGED, MODE_EXEC, "List all throttled sessions and associated TBFs");
diff --git a/l2tpns.spec b/l2tpns.spec
index 883f14a..64ebd47 100644
--- a/l2tpns.spec
+++ b/l2tpns.spec
@@ -43,5 +43,5 @@ rm -rf %{buildroot}
 %attr(644,root,root) /usr/share/man/man[58]/*
 
 %changelog
-* Sun May 8 2005 Brendan O'Dea <bod@optusnet.com.au> 2.1.0-1
+* Mon May 9 2005 Brendan O'Dea <bod@optusnet.com.au> 2.1.0-1
 - 2.1.0 release, see /usr/share/doc/l2tpns-2.1.0/Changes
-- 
2.20.1