summaryrefslogtreecommitdiff
path: root/auth/credentials
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2012-08-31 11:19:54 +1000
committerAndrew Bartlett <abartlet@samba.org>2012-08-31 14:30:38 +1000
commita5d57a04c2e515212cc1f2b51c9a02acb33a79ba (patch)
tree63f6aef524b210ae38b770407e5894e5da614870 /auth/credentials
parenta3b67e5299e9d975b7216e398311420a9524f926 (diff)
downloadsamba-a5d57a04c2e515212cc1f2b51c9a02acb33a79ba.tar.gz
samba-a5d57a04c2e515212cc1f2b51c9a02acb33a79ba.tar.bz2
samba-a5d57a04c2e515212cc1f2b51c9a02acb33a79ba.zip
auth/credentials: Do not print passwords in a talloc memory dump
The fact that a password was created here is enough information, so overwrite with the function name and line. Andrew Bartlett
Diffstat (limited to 'auth/credentials')
-rw-r--r--auth/credentials/credentials.c8
1 files changed, 8 insertions, 0 deletions
diff --git a/auth/credentials/credentials.c b/auth/credentials/credentials.c
index 05f0a624db..e6361239e9 100644
--- a/auth/credentials/credentials.c
+++ b/auth/credentials/credentials.c
@@ -371,6 +371,10 @@ _PUBLIC_ bool cli_credentials_set_password(struct cli_credentials *cred,
{
if (obtained >= cred->password_obtained) {
cred->password = talloc_strdup(cred, val);
+ if (cred->password) {
+ /* Don't print the actual password in talloc memory dumps */
+ talloc_set_name_const(cred->password, "password set via cli_credentials_set_password");
+ }
cred->password_obtained = obtained;
cli_credentials_invalidate_ccache(cred, cred->password_obtained);
@@ -416,6 +420,10 @@ _PUBLIC_ bool cli_credentials_set_old_password(struct cli_credentials *cred,
enum credentials_obtained obtained)
{
cred->old_password = talloc_strdup(cred, val);
+ if (cred->old_password) {
+ /* Don't print the actual password in talloc memory dumps */
+ talloc_set_name_const(cred->old_password, "password set via cli_credentials_set_old_password");
+ }
return true;
}