Commit16d6615

committed

Prevent failed passwords from being echoed to server logs, for security.

1 parentafc732e commit16d6615Copy full SHA for 16d6615

File tree

-3

lines changed

-3

lines changed

Lines changed: 3 additions & 3 deletions

Original file line number	Diff line number	Diff line change
`@@ -8,7 +8,7 @@`
`8`	`8`	`*`
`9`	`9`	`*`
`10`	`10`	`* IDENTIFICATION`
`11`		`- * $Header: /cvsroot/pgsql/src/backend/libpq/auth.c,v 1.77 2002/03/04 01:46:02 tgl Exp $`
	`11`	`+ * $Header: /cvsroot/pgsql/src/backend/libpq/auth.c,v 1.78 2002/03/05 06:52:05 momjian Exp $`
`12`	`12`	`*`
`13`	`13`	`*-------------------------------------------------------------------------`
`14`	`14`	`*/`
`@@ -805,8 +805,8 @@ recv_and_check_password_packet(Port *port)`
`805`	`805`	`returnSTATUS_EOF;`
`806`	`806`	`}`
`807`	`807`
`808`		`-elog(DEBUG5,"received password packet with len=%d, pw=%s",`
`809`		`-len,buf.data);`
	`808`	`+/* Do not echo failed password to logs, for security. */`
	`809`	`+elog(DEBUG5,"received password packet");`
`810`	`810`
`811`	`811`	`result=checkPassword(port,port->user,buf.data);`
`812`	`812`	`pfree(buf.data);`

Comments

(0)