On Mon, Aug 06, 2018 at 09:26:46AM +0100, Ricardo Mestre wrote:
> Hi,
>
> The example file for ldpd(8) is using the reserved word "password" so we get
> this nice error below, and it's also mentioned in the manpage that we
> shouldn't
> use reserved words such as "password" for macros.
>
> skoll$ doas ldpd -dv -f /etc/examples/ldpd.conf
> /etc/examples/ldpd.conf:4: syntax error
> ...
> /etc/examples/ldpd.conf:26: macro 'password' not defined
> /etc/examples/ldpd.conf:26: syntax error
> ...
>
> Please find a diff to correct this, OK?
Can we remove this bad macro use instead? Putting sensitive data into a
macro is a bad example since it is logged when running in verbose mode.
I feel like the basic use of macros etc should be known to users of ldpd
since they encountered them in probably a lot of other daemons and in the
man page.
> Index: ldpd.conf
> ===================================================================
> RCS file: /cvs/src/etc/examples/ldpd.conf,v
> retrieving revision 1.2
> diff -u -p -u -r1.2 ldpd.conf
> --- ldpd.conf 5 Jun 2016 03:29:33 -0000 1.2
> +++ ldpd.conf 6 Aug 2018 08:08:13 -0000
> @@ -1,7 +1,7 @@
> # $OpenBSD: ldpd.conf,v 1.2 2016/06/05 03:29:33 renato Exp $
>
> # macros
> -password="secret"
> +pass="secret"
>
> # global configuration
> # router-id 10.0.0.1
> @@ -23,7 +23,7 @@ address-family ipv4 {
> }
>
> neighbor 192.168.1.10 {
> - password $password
> + password $pass
> }
>
> l2vpn CUST_A type vpls {
>
--
:wq Claudio
