summaryrefslogtreecommitdiff
path: root/lib/ldb/common/ldb_modules.c
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2012-08-29 11:29:44 +1000
committerAndrew Bartlett <abartlet@samba.org>2012-08-29 12:28:38 +1000
commit395b8e4d58e2815d9848f8a6390f23d8c7d10a91 (patch)
tree89ab021b953ab1d7687dcaf0954bab528a4de466 /lib/ldb/common/ldb_modules.c
parent17337cfec071f7f82fa4c50ace751d51277a4b20 (diff)
downloadsamba-395b8e4d58e2815d9848f8a6390f23d8c7d10a91.tar.gz
samba-395b8e4d58e2815d9848f8a6390f23d8c7d10a91.tar.bz2
samba-395b8e4d58e2815d9848f8a6390f23d8c7d10a91.zip
lib/ldb: Avoid printing secret attributes in ldb trace logs
These are printed when Samba has debug level 10, which is often used for debugging. Instead, print a note to say that this attribute has been skipped. Andrew Bartlett
Diffstat (limited to 'lib/ldb/common/ldb_modules.c')
-rw-r--r--lib/ldb/common/ldb_modules.c15
1 files changed, 14 insertions, 1 deletions
diff --git a/lib/ldb/common/ldb_modules.c b/lib/ldb/common/ldb_modules.c
index 8904d5a94a..440365688b 100644
--- a/lib/ldb/common/ldb_modules.c
+++ b/lib/ldb/common/ldb_modules.c
@@ -709,8 +709,21 @@ int ldb_module_send_entry(struct ldb_request *req,
if ((req->handle->ldb->flags & LDB_FLG_ENABLE_TRACING) &&
req->handle->nesting == 0) {
char *s;
+ struct ldb_ldif ldif;
+
+ ldif.changetype = LDB_CHANGETYPE_NONE;
+ ldif.msg = discard_const_p(struct ldb_message, msg);
+
ldb_debug_add(req->handle->ldb, "ldb_trace_response: ENTRY\n");
- s = ldb_ldif_message_string(req->handle->ldb, msg, LDB_CHANGETYPE_NONE, msg);
+
+ /*
+ * The choice to call
+ * ldb_ldif_write_redacted_trace_string() is CRITICAL
+ * for security. It ensures that we do not output
+ * passwords into debug logs
+ */
+
+ s = ldb_ldif_write_redacted_trace_string(req->handle->ldb, msg, &ldif);
ldb_debug_add(req->handle->ldb, "%s\n", s);
talloc_free(s);
ldb_debug_end(req->handle->ldb, LDB_DEBUG_TRACE);