Prevent failed passwords from being echoed to server logs, for security.

bmomjian · bmomjian · commit af41101a40af · 2002-03-05T07:57:45.000Z
diff --git a/src/backend/libpq/auth.c b/src/backend/libpq/auth.c
@@ -8,7 +8,7 @@
  *
  *
  * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/backend/libpq/auth.c,v 1.78 2002/03/05 06:52:05 momjian Exp $
+ *	  $Header: /cvsroot/pgsql/src/backend/libpq/auth.c,v 1.79 2002/03/05 07:57:45 momjian Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -663,7 +663,9 @@ pam_passwd_conv_proc(int num_msg, const struct pam_message ** msg, struct pam_re
 
 		initStringInfo(&buf);
 		pq_getstr(&buf);
-		elog(DEBUG5, "received PAM packet with len=%d, pw=%s", len, buf.data);
+		
+		/* Do not echo failed password to logs, for security. */
+		elog(DEBUG5, "received PAM packet");
 
 		if (strlen(buf.data) == 0)
 		{

Original file line number	Diff line number	Diff line change
`@@ -8,7 +8,7 @@`
`8`	`8`	`*`
`9`	`9`	`*`
`10`	`10`	`* IDENTIFICATION`
`11`		`- * $Header: /cvsroot/pgsql/src/backend/libpq/auth.c,v 1.78 2002/03/05 06:52:05 momjian Exp $`
	`11`	`+ * $Header: /cvsroot/pgsql/src/backend/libpq/auth.c,v 1.79 2002/03/05 07:57:45 momjian Exp $`
`12`	`12`	`*`
`13`	`13`	`*-------------------------------------------------------------------------`
`14`	`14`	`*/`
`@@ -663,7 +663,9 @@ pam_passwd_conv_proc(int num_msg, const struct pam_message ** msg, struct pam_re`
`663`	`663`
`664`	`664`	`initStringInfo(&buf);`
`665`	`665`	`pq_getstr(&buf);`
`666`		`- elog(DEBUG5, "received PAM packet with len=%d, pw=%s", len, buf.data);`
	`666`	`+`
	`667`	`+ /* Do not echo failed password to logs, for security. */`
	`668`	`+ elog(DEBUG5, "received PAM packet");`
`667`	`669`
`668`	`670`	`if (strlen(buf.data) == 0)`
`669`	`671`	`{`