dovecot: auth_debug: Hide passwords from "cache hit" log lines if
dovecot at dovecot.org
dovecot at dovecot.org
Thu Feb 21 15:38:46 EET 2008
details: http://hg.dovecot.org/dovecot/rev/14335cfd2fd2
changeset: 7274:14335cfd2fd2
user: Timo Sirainen <tss at iki.fi>
date: Thu Feb 21 15:40:10 2008 +0200
description:
auth_debug: Hide passwords from "cache hit" log lines if
auth_debug_passwords=no
diffstat:
1 file changed, 16 insertions(+), 2 deletions(-)
src/auth/passdb-cache.c | 18 ++++++++++++++++--
diffs (42 lines):
diff -r c5a666d16a81 -r 14335cfd2fd2 src/auth/passdb-cache.c
--- a/src/auth/passdb-cache.c Thu Feb 21 15:36:05 2008 +0200
+++ b/src/auth/passdb-cache.c Thu Feb 21 15:40:10 2008 +0200
@@ -8,6 +8,20 @@
#include <stdlib.h>
struct auth_cache *passdb_cache = NULL;
+
+static void
+passdb_cache_log_hit(struct auth_request *request, const char *value)
+{
+ const char *p;
+
+ if (!request->auth->verbose_debug_passwords &&
+ *value != '\0' && *value != '\t') {
+ /* hide the password */
+ p = strchr(value, '\t');
+ value = t_strconcat("<hidden>", p, NULL);
+ }
+ auth_request_log_debug(request, "cache", "hit: %s", value);
+}
bool passdb_cache_verify_plain(struct auth_request *request, const char *key,
const char *password,
@@ -28,7 +42,7 @@ bool passdb_cache_verify_plain(struct au
value == NULL ? "miss" : "expired");
return FALSE;
}
- auth_request_log_debug(request, "cache", "hit: %s", value);
+ passdb_cache_log_hit(request, value);
if (*value == '\0') {
/* negative cache entry */
@@ -88,7 +102,7 @@ bool passdb_cache_lookup_credentials(str
value == NULL ? "miss" : "expired");
return FALSE;
}
- auth_request_log_debug(request, "cache", "hit: %s", value);
+ passdb_cache_log_hit(request, value);
if (*value == '\0') {
/* negative cache entry */
More information about the dovecot-cvs
mailing list