dovecot-2.1: lib-auth: When debug logging auth input, hide value...
dovecot at dovecot.org
dovecot at dovecot.org
Tue Sep 6 17:04:39 EEST 2011
details: http://hg.dovecot.org/dovecot-2.1/rev/1180505cdcdb
changeset: 13408:1180505cdcdb
user: Timo Sirainen <tss at iki.fi>
date: Tue Sep 06 17:03:06 2011 +0300
description:
lib-auth: When debug logging auth input, hide values of all fields containing "pass" in key.
diffstat:
src/lib-auth/auth-master.c | 37 ++++++++++++++++++++++++++++++++++++-
1 files changed, 36 insertions(+), 1 deletions(-)
diffs (55 lines):
diff -r 7b115033405d -r 1180505cdcdb src/lib-auth/auth-master.c
--- a/src/lib-auth/auth-master.c Tue Sep 06 17:01:29 2011 +0300
+++ b/src/lib-auth/auth-master.c Tue Sep 06 17:03:06 2011 +0300
@@ -157,6 +157,39 @@
return -1;
}
+static const char *const *args_hide_passwords(const char *const *args)
+{
+ ARRAY_TYPE(const_string) new_args;
+ const char *p, *p2;
+ unsigned int i;
+
+ /* if there are any keys that contain "pass" string */
+ for (i = 0; args[i] != NULL; i++) {
+ p = strstr(args[i], "pass");
+ if (p != NULL && p < strchr(args[i], '='))
+ break;
+ }
+ if (args[i] == NULL)
+ return args;
+
+ /* there are. replace their values with <hidden> */
+ t_array_init(&new_args, i + 16);
+ array_append(&new_args, args, i);
+ for (; args[i] != NULL; i++) {
+ p = strstr(args[i], "pass");
+ p2 = strchr(args[i], '=');
+ if (p != NULL && p < p2) {
+ p = t_strconcat(t_strdup_until(args[i], p2),
+ "=<hidden>", NULL);
+ array_append(&new_args, &p, 1);
+ } else {
+ array_append(&new_args, &args[i], 1);
+ }
+ }
+ (void)array_append_space(&new_args);
+ return array_idx(&new_args, 0);
+}
+
static bool auth_lookup_reply_callback(const char *cmd, const char *const *args,
void *context)
{
@@ -185,8 +218,10 @@
}
}
}
- if (debug)
+ if (debug) {
+ args = args_hide_passwords(args);
i_debug("auth input: %s", t_strarray_join(args, " "));
+ }
return TRUE;
}
More information about the dovecot-cvs
mailing list