Mercurial > pidgin.yaz

comparison libpurple/protocols/jabber/jabber.c @ 24858:3a4070656d61

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Don't log passwords for XMPP when using SASL PLAIN or old-style IQ Auth so that debug logs are clean. This doesn't affect DIGEST-MD5. Fixes #7836. committer: John Bailey <rekkanoryo@rekkanoryo.org>
author Paul Aurich <paul@darkrain42.org>
date Thu, 01 Jan 2009 17:27:54 +0000
parents 41e69c65b006
children b5c82724598c b874034d4df2 c0b42d6c2785 1d1d1829de11 9195955395b6 d29f9f946ba2 f0c2e27c7ae7 533a51295cbb 9ea6842536ba
comparison
equal deleted inserted replaced
24857:c260fe3ac5c8 24858:3a4070656d61
349 349
350 void jabber_send_raw(JabberStream *js, const char *data, int len) 350 void jabber_send_raw(JabberStream *js, const char *data, int len)
351 { 351 {
352 352
353 /* because printing a tab to debug every minute gets old */ 353 /* because printing a tab to debug every minute gets old */
354 if(strcmp(data, "\t")) 354 if(strcmp(data, "\t")) {
355 purple_debug(PURPLE_DEBUG_MISC, "jabber", "Sending%s: %s\n", 355 char *text = NULL, *last_part = NULL, *tag_start = NULL;
356 js->gsc ? " (ssl)" : "", data); 356
357 /* Because debug logs with plaintext passwords make me sad */
358 if(js->state != JABBER_STREAM_CONNECTED &&
359 /* Either <auth> or <query><password>... */
360 (((tag_start = strstr(data, "<auth ")) &&
361 strstr(data, "xmlns='urn:ietf:params:xml:ns:xmpp-sasl'")) ||
362 ((tag_start = strstr(data, "<query ")) &&
363 strstr(data, "xmlns='jabber:iq:auth'>") &&
364 (tag_start = strstr(tag_start, "<password>"))))) {
365 char *data_start, *tag_end = strchr(tag_start, '>');
366 text = g_strdup(data);
367
368 data_start = text + (tag_end - data) + 1;
369
370 last_part = strchr(data_start, '<');
371 *data_start = '\0';
372 }
373
374 purple_debug(PURPLE_DEBUG_MISC, "jabber", "Sending%s: %s%s%s\n",
375 js->gsc ? " (ssl)" : "", text ? text : data,
376 last_part ? "password removed" : "",
377 last_part ? last_part : "");
378
379 g_free(text);
380 }
357 381
358 /* If we've got a security layer, we need to encode the data, 382 /* If we've got a security layer, we need to encode the data,
359 * splitting it on the maximum buffer length negotiated */ 383 * splitting it on the maximum buffer length negotiated */
360 384
361 purple_signal_emit(my_protocol, "jabber-sending-text", js->gc, &data); 385 purple_signal_emit(my_protocol, "jabber-sending-text", js->gc, &data);