From b8190ecb33f8949f1b881c1cd240e8c1ea4fe144 Mon Sep 17 00:00:00 2001
From: Selva Nair <selva.nair@gmail.com>
Date: Tue, 22 Jan 2019 10:50:32 -0500
Subject: [PATCH] White-list pull-filter and script-security in interactive
 service

This allows the Windows GUI to use these options on the command
line without triggering user authorization errors.

Useful for
(i) ignoring certain pushed options such as "route-method" which
could otherwise bypass the interactive service
(ii) enforcing a safer script-security setting from the GUI

See also:
https://github.com/OpenVPN/openvpn-gui/issues/235#issuecomment-456142928

Signed-off-by: Selva Nair <selva.nair@gmail.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1548172232-11268-1-git-send-email-selva.nair@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg18154.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
(cherry picked from commit 0d94d433438f239ff7cf0749f765a503c698f5e8)
---
 src/openvpnserv/validate.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/openvpnserv/validate.c b/src/openvpnserv/validate.c
index 653bd12c5..d35938cf0 100644
--- a/src/openvpnserv/validate.c
+++ b/src/openvpnserv/validate.c
@@ -44,6 +44,8 @@ static const WCHAR *white_list[] =
     L"setenv",
     L"service",
     L"verb",
+    L"pull-filter",
+    L"script-security",
 
     NULL                                /* last value */
 };
-- 
2.47.2