mirror of
https://github.com/samba-team/samba.git
synced 2025-08-04 08:22:08 +03:00
auth/credentials: Do not print passwords in a talloc memory dump
The fact that a password was created here is enough information, so overwrite with the function name and line. Andrew Bartlett
This commit is contained in:
@ -371,6 +371,10 @@ _PUBLIC_ bool cli_credentials_set_password(struct cli_credentials *cred,
|
||||
{
|
||||
if (obtained >= cred->password_obtained) {
|
||||
cred->password = talloc_strdup(cred, val);
|
||||
if (cred->password) {
|
||||
/* Don't print the actual password in talloc memory dumps */
|
||||
talloc_set_name_const(cred->password, "password set via cli_credentials_set_password");
|
||||
}
|
||||
cred->password_obtained = obtained;
|
||||
cli_credentials_invalidate_ccache(cred, cred->password_obtained);
|
||||
|
||||
@ -416,6 +420,10 @@ _PUBLIC_ bool cli_credentials_set_old_password(struct cli_credentials *cred,
|
||||
enum credentials_obtained obtained)
|
||||
{
|
||||
cred->old_password = talloc_strdup(cred, val);
|
||||
if (cred->old_password) {
|
||||
/* Don't print the actual password in talloc memory dumps */
|
||||
talloc_set_name_const(cred->old_password, "password set via cli_credentials_set_old_password");
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
|
Reference in New Issue
Block a user