Improved code security. LOG_DEBUG statements are only compiled if DEBUG=1 is sent to make.

Since several parts of the code where LOG_DEBUG was used with eurephia_log(...)
contains security sensitive information (like logging password retrieved with
get_env(...)), all debug logging is now done via the DEBUG macro.

This macro will not produce any security relevant eurephia_log(...) statements
unless the source is compiled with -DENABLE_DEBUG.  This is activated via
make by adding DEBUG=1 before the make targets.  When not enabled, the
binaries will not do any debug logging at all.

1 files changed, 3 insertions, 3 deletions

diff --git a/eurephia-auth.c b/eurephia-auth.c
index d1697f6..c4ac5b5 100644
--- a/eurephia-auth.c
+++ b/eurephia-auth.c
@@ -29,7 +29,7 @@
 #include <eurephia.h>
 
 
-
+#ifdef ENABLE_DEBUG // To avoid compiler warnings when ENABLE_DEBUG is not defined
 static const char *plugin_type_name(const int type)
 {
   switch (type)
@@ -56,7 +56,7 @@ static const char *plugin_type_name(const int type)
       return "(UNKNOWN PLUGIN CODE)";
     }
 }
-
+#endif
 
 
 // daemonize if "daemon" environment variable is set.
@@ -121,7 +121,7 @@ OPENVPN_EXPORT int openvpn_plugin_func_v1(openvpn_plugin_handle_t handle,
                 return OPENVPN_PLUGIN_FUNC_ERROR;
         }
 
-        eurephia_log(ctx, LOG_DEBUG, 10, "openvpn_plugin_func_v1(ctx, %s, ...)", plugin_type_name(type));
+        DEBUG(ctx, 10, "openvpn_plugin_func_v1(ctx, %s, ...)", plugin_type_name(type));
 
         switch( type ) {
         case OPENVPN_PLUGIN_TLS_VERIFY: