aboutsummaryrefslogtreecommitdiff
path: root/pam_sql
diff options
context:
space:
mode:
authorSergey Poznyakoff <gray@gnu.org.ua>2008-03-16 22:12:43 +0000
committerSergey Poznyakoff <gray@gnu.org.ua>2008-03-16 22:12:43 +0000
commitd3b8bcfd1f88a5f8aadb99f465c55cf3138eb37c (patch)
tree48893b39220fcc0e6347903a5977f1890cdc89de /pam_sql
parentf5f42d1c7b56fdd3e9a72e065fa4c0280df815d7 (diff)
downloadpam-modules-d3b8bcfd1f88a5f8aadb99f465c55cf3138eb37c.tar.gz
pam-modules-d3b8bcfd1f88a5f8aadb99f465c55cf3138eb37c.tar.bz2
* pam_fshadow/pam_fshadow.c, pam_sql/pam_mysql.c,
pam_sql/pam_sql.c, pam_regex/pam_regex.c: Ensure passwords might get divulged only at debugging level 100. git-svn-id: file:///svnroot/pam-modules/trunk@87 56984be4-0537-0410-a56c-fcb268c96130
Diffstat (limited to 'pam_sql')
-rw-r--r--pam_sql/pam_mysql.c4
-rw-r--r--pam_sql/pam_sql.c8
2 files changed, 7 insertions, 5 deletions
diff --git a/pam_sql/pam_mysql.c b/pam_sql/pam_mysql.c
index e1f0756..e723f04 100644
--- a/pam_sql/pam_mysql.c
+++ b/pam_sql/pam_mysql.c
@@ -294,6 +294,7 @@ verify_user_pass(pam_handle_t *pamh, const char *password, const char *query)
return PAM_SERVICE_ERR;
}
+ DEBUG(10,("Executing %s", query));
if (mysql_query(&mysql, query)) {
_pam_log(LOG_ERR, "MySQL: %s", mysql_error(&mysql));
mysql_close(&mysql);
@@ -358,6 +359,7 @@ sql_acct(pam_handle_t *pamh, const char *query)
return PAM_SERVICE_ERR;
}
+ DEBUG(10,("Executing %s", query));
if (mysql_query(&mysql, query)) {
_pam_log(LOG_ERR, "MySQL: %s", mysql_error(&mysql));
mysql_close(&mysql);
@@ -372,7 +374,7 @@ sql_acct(pam_handle_t *pamh, const char *query)
} else {
size_t n = mysql_num_rows(result);
mysql_free_result(result);
- DEBUG(10, ("query affected %lu tuples", n));
+ _pam_debug("query affected %lu tuples", n);
}
}
mysql_close(&mysql);
diff --git a/pam_sql/pam_sql.c b/pam_sql/pam_sql.c
index 3038105..2c550ed 100644
--- a/pam_sql/pam_sql.c
+++ b/pam_sql/pam_sql.c
@@ -73,7 +73,7 @@ _pam_get_password(pam_handle_t *pamh, char **password, const char *prompt)
struct pam_response *resp;
int i, replies;
- DEBUG(100,("enter _pam_get_password"));
+ DEBUG(90,("enter _pam_get_password"));
if (cntl_flags & CNTL_AUTHTOK) {
/*
@@ -114,7 +114,7 @@ _pam_get_password(pam_handle_t *pamh, char **password, const char *prompt)
if (resp != NULL) {
if (retval == PAM_SUCCESS) { /* a good conversation */
token = XSTRDUP(resp[i - replies].resp);
- DEBUG(10,("app returned [%s]", token));
+ DEBUG(100,("app returned [%s]", token));
PAM_DROP_REPLY(resp, 1);
} else {
_pam_log(LOG_ERR, "conversation error: %s",
@@ -149,7 +149,7 @@ _pam_get_password(pam_handle_t *pamh, char **password, const char *prompt)
pam_strerror(pamh, retval));
}
- DEBUG(100,("exit _pam_get_password: %d", retval));
+ DEBUG(90,("exit _pam_get_password: %d", retval));
return retval;
}
@@ -384,7 +384,7 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv)
/* Get the username */
retval = pam_get_user(pamh, &username, NULL);
if (retval != PAM_SUCCESS || !username) {
- _pam_log(LOG_DEBUG, "can not get the username");
+ DEBUG(1, ("can not get the username"));
return PAM_SERVICE_ERR;
}

Return to:

Send suggestions and report system problems to the System administrator.