database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-07-08 11:42:09 +03:00
Code Activity

Prevent failed passwords from being echoed to server logs, for security.

Browse Source
This commit is contained in:
Bruce Momjian
2002-03-05 07:57:45 +00:00
parent 16d6615b41
commit af41101a40
1 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/backend/libpq/auth.c
View File

@ -8,7 +8,7 @@
* *
* *
* IDENTIFICATION * IDENTIFICATION
* $Header: /cvsroot/pgsql/src/backend/libpq/auth.c,v 1.78 2002/03/05 06:52:05 momjian Exp $ * $Header: /cvsroot/pgsql/src/backend/libpq/auth.c,v 1.79 2002/03/05 07:57:45 momjian Exp $
* *
*------------------------------------------------------------------------- *-------------------------------------------------------------------------
*/ */
@ -663,7 +663,9 @@ pam_passwd_conv_proc(int num_msg, const struct pam_message ** msg, struct pam_re
initStringInfo(&buf); initStringInfo(&buf);
pq_getstr(&buf); pq_getstr(&buf);
elog(DEBUG5, "received PAM packet with len=%d, pw=%s", len, buf.data);
/* Do not echo failed password to logs, for security. */
elog(DEBUG5, "received PAM packet");
if (strlen(buf.data) == 0) if (strlen(buf.data) == 0)
{ {