Prevent failed passwords from being echoed to server logs, for security.

author Bruce Momjian <bruce@momjian.us>

Tue, 5 Mar 2002 07:57:45 +0000 (07:57 +0000)

committer Bruce Momjian <bruce@momjian.us>

Tue, 5 Mar 2002 07:57:45 +0000 (07:57 +0000)
author Bruce Momjian <bruce@momjian.us>
Tue, 5 Mar 2002 07:57:45 +0000 (07:57 +0000)
committer Bruce Momjian <bruce@momjian.us>
Tue, 5 Mar 2002 07:57:45 +0000 (07:57 +0000)
diff --git a/src/backend/libpq/auth.c b/src/backend/libpq/auth.c

index 7c090b933297cad5daeb48a358da11bb9a462b6f..637e2a623ebe0d0c694ad10a72e04c7054c82ab0 100644 (file)
--- a/src/backend/libpq/auth.c
+++ b/src/backend/libpq/auth.c
@@ -8,7 +8,7 @@
   *
   *
   * IDENTIFICATION
- *       $Header: /cvsroot/pgsql/src/backend/libpq/auth.c,v 1.78 2002/03/05 06:52:05 momjian Exp $
+ *       $Header: /cvsroot/pgsql/src/backend/libpq/auth.c,v 1.79 2002/03/05 07:57:45 momjian Exp $
   *
   *-------------------------------------------------------------------------
   */
@@ -663,7 +663,9 @@ pam_passwd_conv_proc(int num_msg, const struct pam_message ** msg, struct pam_re
  
                 initStringInfo(&buf);
                 pq_getstr(&buf);
-               elog(DEBUG5, "received PAM packet with len=%d, pw=%s", len, buf.data);
+               
+               /* Do not echo failed password to logs, for security. */
+               elog(DEBUG5, "received PAM packet");
  
                 if (strlen(buf.data) == 0)
                 {
author	Bruce Momjian <bruce@momjian.us>
	Tue, 5 Mar 2002 07:57:45 +0000 (07:57 +0000)
committer	Bruce Momjian <bruce@momjian.us>
	Tue, 5 Mar 2002 07:57:45 +0000 (07:57 +0000)