Mercurial > pidgin.yaz
comparison libpurple/protocols/jabber/jabber.c @ 24858:3a4070656d61
Don't log passwords for XMPP when using SASL PLAIN or old-style IQ Auth so
that debug logs are clean. This doesn't affect DIGEST-MD5. Fixes #7836.
committer: John Bailey <rekkanoryo@rekkanoryo.org>
author | Paul Aurich <paul@darkrain42.org> |
---|---|
date | Thu, 01 Jan 2009 17:27:54 +0000 |
parents | 41e69c65b006 |
children | b5c82724598c b874034d4df2 c0b42d6c2785 1d1d1829de11 9195955395b6 d29f9f946ba2 f0c2e27c7ae7 533a51295cbb 9ea6842536ba |
comparison
equal
deleted
inserted
replaced
24857:c260fe3ac5c8 | 24858:3a4070656d61 |
---|---|
349 | 349 |
350 void jabber_send_raw(JabberStream *js, const char *data, int len) | 350 void jabber_send_raw(JabberStream *js, const char *data, int len) |
351 { | 351 { |
352 | 352 |
353 /* because printing a tab to debug every minute gets old */ | 353 /* because printing a tab to debug every minute gets old */ |
354 if(strcmp(data, "\t")) | 354 if(strcmp(data, "\t")) { |
355 purple_debug(PURPLE_DEBUG_MISC, "jabber", "Sending%s: %s\n", | 355 char *text = NULL, *last_part = NULL, *tag_start = NULL; |
356 js->gsc ? " (ssl)" : "", data); | 356 |
357 /* Because debug logs with plaintext passwords make me sad */ | |
358 if(js->state != JABBER_STREAM_CONNECTED && | |
359 /* Either <auth> or <query><password>... */ | |
360 (((tag_start = strstr(data, "<auth ")) && | |
361 strstr(data, "xmlns='urn:ietf:params:xml:ns:xmpp-sasl'")) || | |
362 ((tag_start = strstr(data, "<query ")) && | |
363 strstr(data, "xmlns='jabber:iq:auth'>") && | |
364 (tag_start = strstr(tag_start, "<password>"))))) { | |
365 char *data_start, *tag_end = strchr(tag_start, '>'); | |
366 text = g_strdup(data); | |
367 | |
368 data_start = text + (tag_end - data) + 1; | |
369 | |
370 last_part = strchr(data_start, '<'); | |
371 *data_start = '\0'; | |
372 } | |
373 | |
374 purple_debug(PURPLE_DEBUG_MISC, "jabber", "Sending%s: %s%s%s\n", | |
375 js->gsc ? " (ssl)" : "", text ? text : data, | |
376 last_part ? "password removed" : "", | |
377 last_part ? last_part : ""); | |
378 | |
379 g_free(text); | |
380 } | |
357 | 381 |
358 /* If we've got a security layer, we need to encode the data, | 382 /* If we've got a security layer, we need to encode the data, |
359 * splitting it on the maximum buffer length negotiated */ | 383 * splitting it on the maximum buffer length negotiated */ |
360 | 384 |
361 purple_signal_emit(my_protocol, "jabber-sending-text", js->gc, &data); | 385 purple_signal_emit(my_protocol, "jabber-sending-text", js->gc, &data); |