diff options
| author | Tim Potter <tpot@samba.org> | 2002-01-07 02:57:06 +0000 |
|---|---|---|
| committer | Tim Potter <tpot@samba.org> | 2002-01-07 02:57:06 +0000 |
| commit | 105e35a6e45188bd3a253c2df5cdd14ee9bfe53c (patch) | |
| tree | 67dbe38ff333484e5d0b15d4447c01efc75bf576 | |
| parent | 5f63565f2d7102d227cd69f7d788badad61d6860 (diff) | |
| download | samba-105e35a6e45188bd3a253c2df5cdd14ee9bfe53c.tar.gz samba-105e35a6e45188bd3a253c2df5cdd14ee9bfe53c.tar.bz2 samba-105e35a6e45188bd3a253c2df5cdd14ee9bfe53c.zip | |
Don't log the password in pam_sm_authenticate() unless DEBUG_PASSWORD is
defined. This is done with --enable-developer mode.
(This used to be commit caff5dc1d66953cb52f94cd6407778b23e1810eb)
| -rw-r--r-- | source3/nsswitch/pam_winbind.c | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/source3/nsswitch/pam_winbind.c b/source3/nsswitch/pam_winbind.c index b3dea202c2..7cb2cd8bf1 100644 --- a/source3/nsswitch/pam_winbind.c +++ b/source3/nsswitch/pam_winbind.c @@ -256,10 +256,18 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, return PAM_AUTHTOK_ERR; } - if (ctrl & PAM_DEBUG_ARG) + if (ctrl & PAM_DEBUG_ARG) { + + /* Let's not give too much away in the log file */ + +#ifdef DEBUG_PASSWORD _pam_log(LOG_INFO, "Verify user `%s' with password `%s'", username, password); - +#else + _pam_log(LOG_INFO, "Verify user `%s'", username); +#endif + } + /* Now use the username to look up password */ retval = user_lookup(username, password); switch (retval) { |