diff options
| author | David Sommerseth <dazo@users.sourceforge.net> | 2008-09-29 13:28:30 +0200 |
|---|---|---|
| committer | David Sommerseth <dazo@users.sourceforge.net> | 2008-09-29 13:28:30 +0200 |
| commit | 342068d6822a42aa93836896386b1ac9a332f853 (patch) | |
| tree | e098da57f1cf0c092dbe7440caa76c476e2ee49f | |
| parent | 2b2fc4600c383cfc465a634657b0f3837f664770 (diff) | |
| download | eurephia-342068d6822a42aa93836896386b1ac9a332f853.tar.gz eurephia-342068d6822a42aa93836896386b1ac9a332f853.tar.xz eurephia-342068d6822a42aa93836896386b1ac9a332f853.zip | |
Added password masking if SHOW_SECRETS not defined when dumping environment variables.
| -rw-r--r-- | Makefile.global | 2 | ||||
| -rw-r--r-- | eurephia-auth.c | 15 | ||||
| -rw-r--r-- | eurephia_log.h | 9 |
3 files changed, 17 insertions, 9 deletions
diff --git a/Makefile.global b/Makefile.global index 87ebb04..bce1ef1 100644 --- a/Makefile.global +++ b/Makefile.global @@ -9,7 +9,7 @@ CFLAGS += -g -Wall INCLUDE += -I ${topdir} -I. -I${OPENVPN_SRC_DIR} ifdef DEBUG - CFLAGS += -DENABLE_DEBUG + CFLAGS += -DENABLE_DEBUG # -DSHOW_SECRETS endif .SUFFIX=.c .o .so diff --git a/eurephia-auth.c b/eurephia-auth.c index 674496a..0be666d 100644 --- a/eurephia-auth.c +++ b/eurephia-auth.c @@ -58,12 +58,17 @@ static const char *plugin_type_name(const int type) } static void dump_env(FILE *f, const char *prefix, const char *envp[]) { - int i; - for (i = 0; envp[i]; i++) { - fprintf(f, "%s%s\n", prefix, envp[i]); - } + int i; + for (i = 0; envp[i]; i++) { +#ifdef SHOW_SECRETS + fprintf(f, "%s%s\n", prefix, envp[i]); +#else + fprintf(f, "%s%s\n", prefix , + (strncmp(envp[i], "password=", 9) == 0) ? "password=xxxxxxx" : envp[i]); +#endif // SHOW_SECRETS + } } -#endif +#endif // ENABLE_DEBUG // daemonize if "daemon" environment variable is set. diff --git a/eurephia_log.h b/eurephia_log.h index 33f4a59..5bc4654 100644 --- a/eurephia_log.h +++ b/eurephia_log.h @@ -32,14 +32,17 @@ #define LOG_PANIC 7 #ifdef ENABLE_DEBUG -#warning ################################################################ -#warning ## DEBUG LOGGING IS ENABLED - THIS COULD BE AN SECURITY ISSUE ## -#warning ################################################################ +#warning ###### DEBUG LOGGING IS ENABLED - THIS COULD BE AN SECURITY ISSUE ###### #define DEBUG(ctx, lvl, rest...) eurephia_log(ctx, LOG_DEBUG, lvl, ## rest); #else #define DEBUG(ctx, lvl, rest...) {}; #endif +#ifdef SHOW_SECRETS +#warning ##################################################################################################### +#warning ## DEBUG LOGGING WITH SHOW_SECRETS IS ENABLED - THIS WILL PUT PASSWORDS IN CLEAR TEXT IN LOG FILES ## +#warning ##################################################################################################### +#endif void eurephia_log(eurephiaCTX *ctx, int logdst, int loglvl, const char *fmt, ... ); #endif /* !EUREPHIA_LOG_H_ */ |