Mercurial > pidgin
changeset 24890:3a4070656d61
Don't log passwords for XMPP when using SASL PLAIN or old-style IQ Auth so
that debug logs are clean. This doesn't affect DIGEST-MD5. Fixes #7836.
committer: John Bailey <rekkanoryo@rekkanoryo.org>
| author | Paul Aurich <paul@darkrain42.org> |
|---|---|
| date | Thu, 01 Jan 2009 17:27:54 +0000 |
| parents | c260fe3ac5c8 |
| children | a33943427c90 |
| files | libpurple/protocols/jabber/jabber.c |
| diffstat | 1 files changed, 27 insertions(+), 3 deletions(-) [+] |
line wrap: on
line diff
--- a/libpurple/protocols/jabber/jabber.c Thu Jan 01 17:03:44 2009 +0000 +++ b/libpurple/protocols/jabber/jabber.c Thu Jan 01 17:27:54 2009 +0000 @@ -351,9 +351,33 @@ { /* because printing a tab to debug every minute gets old */ - if(strcmp(data, "\t")) - purple_debug(PURPLE_DEBUG_MISC, "jabber", "Sending%s: %s\n", - js->gsc ? " (ssl)" : "", data); + if(strcmp(data, "\t")) { + char *text = NULL, *last_part = NULL, *tag_start = NULL; + + /* Because debug logs with plaintext passwords make me sad */ + if(js->state != JABBER_STREAM_CONNECTED && + /* Either <auth> or <query><password>... */ + (((tag_start = strstr(data, "<auth ")) && + strstr(data, "xmlns='urn:ietf:params:xml:ns:xmpp-sasl'")) || + ((tag_start = strstr(data, "<query ")) && + strstr(data, "xmlns='jabber:iq:auth'>") && + (tag_start = strstr(tag_start, "<password>"))))) { + char *data_start, *tag_end = strchr(tag_start, '>'); + text = g_strdup(data); + + data_start = text + (tag_end - data) + 1; + + last_part = strchr(data_start, '<'); + *data_start = '\0'; + } + + purple_debug(PURPLE_DEBUG_MISC, "jabber", "Sending%s: %s%s%s\n", + js->gsc ? " (ssl)" : "", text ? text : data, + last_part ? "password removed" : "", + last_part ? last_part : ""); + + g_free(text); + } /* If we've got a security layer, we need to encode the data, * splitting it on the maximum buffer length negotiated */