diff options
author | Andrew Bartlett <abartlet@samba.org> | 2012-08-31 11:19:54 +1000 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2012-08-31 14:30:38 +1000 |
commit | a5d57a04c2e515212cc1f2b51c9a02acb33a79ba (patch) | |
tree | 63f6aef524b210ae38b770407e5894e5da614870 /auth/credentials | |
parent | a3b67e5299e9d975b7216e398311420a9524f926 (diff) | |
download | samba-a5d57a04c2e515212cc1f2b51c9a02acb33a79ba.tar.gz samba-a5d57a04c2e515212cc1f2b51c9a02acb33a79ba.tar.bz2 samba-a5d57a04c2e515212cc1f2b51c9a02acb33a79ba.zip |
auth/credentials: Do not print passwords in a talloc memory dump
The fact that a password was created here is enough information, so
overwrite with the function name and line.
Andrew Bartlett
Diffstat (limited to 'auth/credentials')
-rw-r--r-- | auth/credentials/credentials.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/auth/credentials/credentials.c b/auth/credentials/credentials.c index 05f0a624db..e6361239e9 100644 --- a/auth/credentials/credentials.c +++ b/auth/credentials/credentials.c @@ -371,6 +371,10 @@ _PUBLIC_ bool cli_credentials_set_password(struct cli_credentials *cred, { if (obtained >= cred->password_obtained) { cred->password = talloc_strdup(cred, val); + if (cred->password) { + /* Don't print the actual password in talloc memory dumps */ + talloc_set_name_const(cred->password, "password set via cli_credentials_set_password"); + } cred->password_obtained = obtained; cli_credentials_invalidate_ccache(cred, cred->password_obtained); @@ -416,6 +420,10 @@ _PUBLIC_ bool cli_credentials_set_old_password(struct cli_credentials *cred, enum credentials_obtained obtained) { cred->old_password = talloc_strdup(cred, val); + if (cred->old_password) { + /* Don't print the actual password in talloc memory dumps */ + talloc_set_name_const(cred->old_password, "password set via cli_credentials_set_old_password"); + } return true; } |