White-list pull-filter and script-security in interactive service

This allows the Windows GUI to use these options on the command
line without triggering user authorization errors.

Useful for
(i) ignoring certain pushed options such as "route-method" which
could otherwise bypass the interactive service
(ii) enforcing a safer script-security setting from the GUI

See also:
https://github.com/OpenVPN/openvpn-gui/issues/235#issuecomment-456142928

Signed-off-by: Selva Nair <selva.nair@gmail.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1548172232-11268-1-git-send-email-selva.nair@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg18154.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>

diff --git a/src/openvpnserv/validate.c b/src/openvpnserv/validate.c
index 9e1d7d2ded667708944ddd6f817d3391a2509f04..9b017700e0f6cba89d92b5ee101a76843500e0e6 100644 (file)
--- a/src/openvpnserv/validate.c
+++ b/src/openvpnserv/validate.c
@@ -44,6 +44,8 @@ static const WCHAR *white_list[] =
     L"setenv",
     L"service",
     L"verb",
+    L"pull-filter",
+    L"script-security",
 
     NULL                                /* last value */
 };