Skip to content
Snippets Groups Projects
Commit 16d6615b authored by Bruce Momjian's avatar Bruce Momjian
Browse files

Prevent failed passwords from being echoed to server logs, for security.

parent afc732e6
No related branches found
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
src/backend/libpq/auth.c
+ 3
3
View file @ 16d6615b
...@@ -8,7 +8,7 @@ ...@@ -8,7 +8,7 @@
* *
* *
* IDENTIFICATION * IDENTIFICATION
* $Header: /cvsroot/pgsql/src/backend/libpq/auth.c,v 1.77 2002/03/04 01:46:02 tgl Exp $ * $Header: /cvsroot/pgsql/src/backend/libpq/auth.c,v 1.78 2002/03/05 06:52:05 momjian Exp $
* *
*------------------------------------------------------------------------- *-------------------------------------------------------------------------
*/ */
...@@ -805,8 +805,8 @@ recv_and_check_password_packet(Port *port) ...@@ -805,8 +805,8 @@ recv_and_check_password_packet(Port *port)
return STATUS_EOF; return STATUS_EOF;
} }
elog(DEBUG5, "received password packet with len=%d, pw=%s", /* Do not echo failed password to logs, for security. */
len, buf.data); elog(DEBUG5, "received password packet");
result = checkPassword(port, port->user, buf.data); result = checkPassword(port, port->user, buf.data);
pfree(buf.data); pfree(buf.data);
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment