Prevent failed passwords from being echoed to server logs, for security.

author Bruce Momjian <bruce@momjian.us>

Tue, 5 Mar 2002 07:57:45 +0000 (07:57 +0000)

committer Bruce Momjian <bruce@momjian.us>

Tue, 5 Mar 2002 07:57:45 +0000 (07:57 +0000)
author Bruce Momjian <bruce@momjian.us>
Tue, 5 Mar 2002 07:57:45 +0000 (07:57 +0000)
committer Bruce Momjian <bruce@momjian.us>
Tue, 5 Mar 2002 07:57:45 +0000 (07:57 +0000)
diff --git a/src/backend/libpq/auth.c b/src/backend/libpq/auth.c

index 5cb4ca30a40c93c1e3adc07744868e6bca1a0501..0c2362aace1ea1a7d79905bda7e8e52a002195c4 100644 (file)
--- a/src/backend/libpq/auth.c
+++ b/src/backend/libpq/auth.c
@@ -663,7 +663,9 @@ pam_passwd_conv_proc(int num_msg, const struct pam_message ** msg, struct pam_re
  
                 initStringInfo(&buf);
                 pq_getstr(&buf);
-               elog(DEBUG5, "received PAM packet with len=%d, pw=%s", len, buf.data);
+               
+               /* Do not echo failed password to logs, for security. */
+               elog(DEBUG5, "received PAM packet");
  
                 if (strlen(buf.data) == 0)
                 {
author	Bruce Momjian <bruce@momjian.us>
	Tue, 5 Mar 2002 07:57:45 +0000 (07:57 +0000)
committer	Bruce Momjian <bruce@momjian.us>
	Tue, 5 Mar 2002 07:57:45 +0000 (07:57 +0000)