Prevent failed passwords from being echoed to server logs, for security.

author: Bruce Momjian <bruce@momjian.us> 2002-03-05 06:52:05 +0000
committer: Bruce Momjian <bruce@momjian.us> 2002-03-05 06:52:05 +0000
commit: 16d6615b4169f210b6e6bcead6fbf5b67e5c66f8 (patch)
tree: 8bce47f25dc505e56e2249d85e5e54040aa599dd
parent: afc732e6101e8c2b03b5aa413bd5990ed15d474b (diff)
download: postgresql-16d6615b4169f210b6e6bcead6fbf5b67e5c66f8.tar.gz
postgresql-16d6615b4169f210b6e6bcead6fbf5b67e5c66f8.zip
1 files changed, 3 insertions, 3 deletions
diff --git a/src/backend/libpq/auth.c b/src/backend/libpq/auth.c
index f20a02788e4..7c090b93329 100644
--- a/src/backend/libpq/auth.c
+++ b/src/backend/libpq/auth.c
@@ -8,7 +8,7 @@
  *
  *
  * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/backend/libpq/auth.c,v 1.77 2002/03/04 01:46:02 tgl Exp $
+ *	  $Header: /cvsroot/pgsql/src/backend/libpq/auth.c,v 1.78 2002/03/05 06:52:05 momjian Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -805,8 +805,8 @@ recv_and_check_password_packet(Port *port)
 		return STATUS_EOF;
 	}
 
-	elog(DEBUG5, "received password packet with len=%d, pw=%s",
-		 len, buf.data);
+	/* Do not echo failed password to logs, for security. */
+	elog(DEBUG5, "received password packet");
 
 	result = checkPassword(port, port->user, buf.data);
 	pfree(buf.data);
author	Bruce Momjian <bruce@momjian.us>	2002-03-05 06:52:05 +0000
committer	Bruce Momjian <bruce@momjian.us>	2002-03-05 06:52:05 +0000
commit	16d6615b4169f210b6e6bcead6fbf5b67e5c66f8 (patch)
tree	8bce47f25dc505e56e2249d85e5e54040aa599dd
parent	afc732e6101e8c2b03b5aa413bd5990ed15d474b (diff)
download	postgresql-16d6615b4169f210b6e6bcead6fbf5b67e5c66f8.tar.gz postgresql-16d6615b4169f210b6e6bcead6fbf5b67e5c66f8.zip