[dovecot-cvs] dovecot/src/auth auth-client-connection.c, 1.43, 1.44 auth.h, 1.22, 1.23 passdb-ldap.c, 1.44, 1.45

Sat Jul 1 21:40:42 EEST 2006

Update of /var/lib/cvs/dovecot/src/auth
In directory talvi:/tmp/cvs-serv31530

Modified Files:
	auth-client-connection.c auth.h passdb-ldap.c 
Log Message:
Moved the <hidden> string into a macro. Hide the password also from LDAP
replies.



Index: auth-client-connection.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/auth-client-connection.c,v
retrieving revision 1.43
retrieving revision 1.44
diff -u -d -r1.43 -r1.44

--- auth-client-connection.c	5 May 2006 15:07:04 -0000	1.43
+++ auth-client-connection.c	1 Jul 2006 18:40:34 -0000	1.44
@@ -33,7 +33,8 @@
 	p += 6;
 
 	p2 = strchr(p, '\t');
-	return t_strconcat(t_strdup_until(line, p), "<hidden>", p2, NULL);
+	return t_strconcat(t_strdup_until(line, p), PASSWORD_HIDDEN_STR,
+			   p2, NULL);
 }
 
 static void auth_client_send(struct auth_client_connection *conn,
@@ -147,7 +148,8 @@
 	p += 6;
 
 	p2 = strchr(p, '\t');
-	return t_strconcat(t_strdup_until(line, p), "<hidden>", p2, NULL);
+	return t_strconcat(t_strdup_until(line, p), PASSWORD_HIDDEN_STR,
+			   p2, NULL);
 }
 
 static const char *cont_line_hide_pass(const char *line)
@@ -158,7 +160,7 @@
 	if (p == NULL)
 		return line;
 
-	return t_strconcat(t_strdup_until(line, p), "<hidden>", NULL);
+	return t_strconcat(t_strdup_until(line, p), PASSWORD_HIDDEN_STR, NULL);
 }
 
 static bool

Index: auth.h
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/auth.h,v
retrieving revision 1.22
retrieving revision 1.23
diff -u -d -r1.22 -r1.23
--- auth.h	12 Apr 2006 14:37:02 -0000	1.22
+++ auth.h	1 Jul 2006 18:40:34 -0000	1.23
@@ -1,6 +1,8 @@
 #ifndef __AUTH_H
 #define __AUTH_H
 
+#define PASSWORD_HIDDEN_STR "<hidden>"
+
 struct auth_passdb {
 	struct auth *auth;
 	struct auth_passdb *next;

Index: passdb-ldap.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/passdb-ldap.c,v
retrieving revision 1.44
retrieving revision 1.45
diff -u -d -r1.44 -r1.45
--- passdb-ldap.c	9 Apr 2006 17:29:10 -0000	1.44
+++ passdb-ldap.c	1 Jul 2006 18:40:34 -0000	1.45
@@ -38,6 +38,7 @@
 ldap_query_save_result(struct ldap_connection *conn, LDAPMessage *entry,
 		       struct auth_request *auth_request)
 {
+	struct auth *auth = auth_request->auth;
 	BerElement *ber;
 	const char *name;
 	char *attr, **vals;
@@ -49,7 +50,7 @@
 		name = hash_lookup(conn->pass_attr_map, attr);
 		vals = ldap_get_values(conn->ld, entry, attr);
 
-		if (auth_request->auth->verbose_debug) {
+		if (auth->verbose_debug) {
 			if (debug == NULL)
 				debug = t_str_new(256);
 			else
@@ -64,7 +65,13 @@
 				if (debug != NULL) {
 					if (i != 0)
 						str_append_c(debug, '/');
-					str_append(debug, vals[i]);
+					if (auth->verbose_debug_passwords ||
+					    strcmp(name, "password") != 0)
+						str_append(debug, vals[i]);
+					else {
+						str_append(debug,
+							   PASSWORD_HIDDEN_STR);
+					}
 				}
 				auth_request_set_field(auth_request,
 						name, vals[i],

