From af41101a40af4c067b0f32ee2d64d976389caf26 Mon Sep 17 00:00:00 2001
From: Bruce Momjian <bruce@momjian.us>
Date: Tue, 5 Mar 2002 07:57:45 +0000
Subject: [PATCH]  Prevent failed passwords from being echoed to server logs,
 for security.

---
 src/backend/libpq/auth.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/backend/libpq/auth.c b/src/backend/libpq/auth.c
index 7c090b93329..637e2a623eb 100644
--- a/src/backend/libpq/auth.c
+++ b/src/backend/libpq/auth.c
@@ -8,7 +8,7 @@
  *
  *
  * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/backend/libpq/auth.c,v 1.78 2002/03/05 06:52:05 momjian Exp $
+ *	  $Header: /cvsroot/pgsql/src/backend/libpq/auth.c,v 1.79 2002/03/05 07:57:45 momjian Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -663,7 +663,9 @@ pam_passwd_conv_proc(int num_msg, const struct pam_message ** msg, struct pam_re
 
 		initStringInfo(&buf);
 		pq_getstr(&buf);
-		elog(DEBUG5, "received PAM packet with len=%d, pw=%s", len, buf.data);
+		
+		/* Do not echo failed password to logs, for security. */
+		elog(DEBUG5, "received PAM packet");
 
 		if (strlen(buf.data) == 0)
 		{
-- 
GitLab