From 71c182cce20ba859af13568c178bbf8eb56749e2 Mon Sep 17 00:00:00 2001
From: joshuakraitberg <joshua.kraitberg@gmail.com>
Date: Sun, 31 Oct 2021 12:37:39 -0400
Subject: [PATCH] Removed sensitive info (private keys) from being logged

---
 src/lib/Util.js      | 10 ++++++++--
 src/lib/WireGuard.js |  4 ++--
 2 files changed, 10 insertions(+), 4 deletions(-)

diff --git a/src/lib/Util.js b/src/lib/Util.js
index cf846ac8..ee40c5a3 100644
--- a/src/lib/Util.js
+++ b/src/lib/Util.js
@@ -52,9 +52,15 @@ module.exports = class Util {
     };
   }
 
-  static async exec(cmd) {
+  static async exec(cmd, hide=null) {
     // eslint-disable-next-line no-console
-    console.log(`$ ${cmd}`);
+
+    if (hide == null) {
+      console.log(`$ ${cmd}`);
+    } else {
+      // Don't log sensitive information
+      console.log(`$ ${cmd.replace(hide, "*HIDDEN*")}`);
+    }
 
     if (process.platform !== 'linux') {
       return '';
diff --git a/src/lib/WireGuard.js b/src/lib/WireGuard.js
index 18d51c4e..36a3ea68 100644
--- a/src/lib/WireGuard.js
+++ b/src/lib/WireGuard.js
@@ -37,7 +37,7 @@ module.exports = class WireGuard {
           debug('Configuration loaded.');
         } catch (err) {
           const privateKey = await Util.exec('wg genkey');
-          const publicKey = await Util.exec(`echo ${privateKey} | wg pubkey`);
+          const publicKey = await Util.exec(`echo ${privateKey} | wg pubkey`, privateKey);
           const address = WG_DEFAULT_ADDRESS.replace('x', '1');
 
           config = {
@@ -202,7 +202,7 @@ Endpoint = ${WG_HOST}:${WG_PORT}`;
     const config = await this.getConfig();
 
     const privateKey = await Util.exec('wg genkey');
-    const publicKey = await Util.exec(`echo ${privateKey} | wg pubkey`);
+    const publicKey = await Util.exec(`echo ${privateKey} | wg pubkey`, privateKey);
     const preSharedKey = await Util.exec('wg genpsk');
 
     // Calculate next IP