diff options
author | David Sommerseth <dazo@users.sourceforge.net> | 2008-09-19 18:00:31 +0200 |
---|---|---|
committer | David Sommerseth <dazo@users.sourceforge.net> | 2008-09-19 18:00:31 +0200 |
commit | 587028ddd4136637e3b94a877ecceae4217dfe72 (patch) | |
tree | 4428ff1483f41a450363c0bb379014c58710d72d /eurephia-auth.c | |
parent | 8f883490ce6ddfa8fe8f883817353b51000f886f (diff) | |
download | eurephia-587028ddd4136637e3b94a877ecceae4217dfe72.tar.gz eurephia-587028ddd4136637e3b94a877ecceae4217dfe72.tar.xz eurephia-587028ddd4136637e3b94a877ecceae4217dfe72.zip |
Improved code security. LOG_DEBUG statements are only compiled if DEBUG=1 is sent to make.
Since several parts of the code where LOG_DEBUG was used with eurephia_log(...)
contains security sensitive information (like logging password retrieved with
get_env(...)), all debug logging is now done via the DEBUG macro.
This macro will not produce any security relevant eurephia_log(...) statements
unless the source is compiled with -DENABLE_DEBUG. This is activated via
make by adding DEBUG=1 before the make targets. When not enabled, the
binaries will not do any debug logging at all.
Diffstat (limited to 'eurephia-auth.c')
-rw-r--r-- | eurephia-auth.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/eurephia-auth.c b/eurephia-auth.c index d1697f6..c4ac5b5 100644 --- a/eurephia-auth.c +++ b/eurephia-auth.c @@ -29,7 +29,7 @@ #include <eurephia.h> - +#ifdef ENABLE_DEBUG // To avoid compiler warnings when ENABLE_DEBUG is not defined static const char *plugin_type_name(const int type) { switch (type) @@ -56,7 +56,7 @@ static const char *plugin_type_name(const int type) return "(UNKNOWN PLUGIN CODE)"; } } - +#endif // daemonize if "daemon" environment variable is set. @@ -121,7 +121,7 @@ OPENVPN_EXPORT int openvpn_plugin_func_v1(openvpn_plugin_handle_t handle, return OPENVPN_PLUGIN_FUNC_ERROR; } - eurephia_log(ctx, LOG_DEBUG, 10, "openvpn_plugin_func_v1(ctx, %s, ...)", plugin_type_name(type)); + DEBUG(ctx, 10, "openvpn_plugin_func_v1(ctx, %s, ...)", plugin_type_name(type)); switch( type ) { case OPENVPN_PLUGIN_TLS_VERIFY: |