Skip to content

Commit 16d6615

Browse files
bmomjianbmomjian
committed
Prevent failed passwords from being echoed to server logs, for security.
1 parent afc732e commit 16d6615

File tree

1 file changed

+3
-3
lines changed

1 file changed

+3
-3
lines changed

src/backend/libpq/auth.c

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88
*
99
*
1010
* IDENTIFICATION
11-
* $Header: /cvsroot/pgsql/src/backend/libpq/auth.c,v 1.77 2002/03/04 01:46:02 tgl Exp $
11+
* $Header: /cvsroot/pgsql/src/backend/libpq/auth.c,v 1.78 2002/03/05 06:52:05 momjian Exp $
1212
*
1313
*-------------------------------------------------------------------------
1414
*/
@@ -805,8 +805,8 @@ recv_and_check_password_packet(Port *port)
805805
return STATUS_EOF;
806806
}
807807

808-
elog(DEBUG5, "received password packet with len=%d, pw=%s",
809-
len, buf.data);
808+
/* Do not echo failed password to logs, for security. */
809+
elog(DEBUG5, "received password packet");
810810

811811
result = checkPassword(port, port->user, buf.data);
812812
pfree(buf.data);

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy