lib/ldb: Avoid printing secret attributes in ldb trace logs

These are printed when Samba has debug level 10, which is often used for debugging.

Instead, print a note to say that this attribute has been skipped.

Andrew Bartlett

2 files changed, 9 insertions, 0 deletions

diff --git a/lib/ldb/include/ldb_module.h b/lib/ldb/include/ldb_module.h
index 6e14f4c3e8..be50c09210 100644
--- a/lib/ldb/include/ldb_module.h
+++ b/lib/ldb/include/ldb_module.h
@@ -55,6 +55,10 @@ struct ldb_module;
 /* an extended match rule that always fails to match */
 #define SAMBA_LDAP_MATCH_ALWAYS_FALSE "1.3.6.1.4.1.7165.4.5.1"
 
+/* The const char * const * pointer to a list of secret (password)
+ * attributes, not to be printed in trace messages */
+#define LDB_SECRET_ATTRIBUTE_LIST_OPAQUE "LDB_SECRET_ATTRIBUTE_LIST"
+
 /*
    these function pointers define the operations that a ldb module can intercept
 */
diff --git a/lib/ldb/include/ldb_private.h b/lib/ldb/include/ldb_private.h
index f07bbc956e..7de5ab73da 100644
--- a/lib/ldb/include/ldb_private.h
+++ b/lib/ldb/include/ldb_private.h
@@ -181,6 +181,8 @@ struct ldb_val ldb_binary_decode(TALLOC_CTX *mem_ctx, const char *str);
 const char *ldb_options_find(struct ldb_context *ldb, const char *options[],
 			     const char *option_name);
 
+/* The following definitions come from lib/ldb/common/ldb_ldif.c  */
+
 struct ldif_read_file_state {
 	FILE *f;
 	size_t line_no;
@@ -189,4 +191,7 @@ struct ldif_read_file_state {
 struct ldb_ldif *ldb_ldif_read_file_state(struct ldb_context *ldb, 
 					  struct ldif_read_file_state *state);
 
+char *ldb_ldif_write_redacted_trace_string(struct ldb_context *ldb, TALLOC_CTX *mem_ctx, 
+					   const struct ldb_ldif *ldif);
+
 #endif