r24438: Use dump_data_pw() instead of dump_data() on sensitive data in winbindd.

Guenther

source/nsswitch/winbindd_cache.c

@@ -1015,12 +1015,11 @@ NTSTATUS wcache_get_creds(struct winbindd_domain *domain,
 		*cached_salt = NULL;
 	}
 
-#if DEBUG_PASSWORD
-	dump_data(100, *cached_nt_pass, NT_HASH_LEN);
+	dump_data_pw("cached_nt_pass", *cached_nt_pass, NT_HASH_LEN);
 	if (*cached_salt) {
-		dump_data(100, *cached_salt, NT_HASH_LEN);
+		dump_data_pw("cached_salt", *cached_salt, NT_HASH_LEN);
 	}
-#endif
+
 	status = centry->status;
 
 	DEBUG(10,("wcache_get_creds: [Cached] - cached creds for user %s status: %s\n",
@@ -1056,9 +1055,7 @@ NTSTATUS wcache_save_creds(struct winbindd_domain *domain,
 		return NT_STATUS_INTERNAL_DB_ERROR;
 	}
 
-#if DEBUG_PASSWORD
-	dump_data(100, nt_pass, NT_HASH_LEN);
-#endif
+	dump_data_pw("nt_pass", nt_pass, NT_HASH_LEN);
 
 	centry_put_time(centry, time(NULL));
 

source/nsswitch/winbindd_creds.c

@@ -117,9 +117,7 @@ NTSTATUS winbindd_store_creds(struct winbindd_domain *domain,
 
 		E_md4hash(pass, nt_pass);
 
-#if DEBUG_PASSWORD
-		dump_data(100, nt_pass, NT_HASH_LEN);
-#endif
+		dump_data_pw("nt_pass", nt_pass, NT_HASH_LEN);
 
 		status = wcache_save_creds(domain, mem_ctx, &cred_sid, nt_pass);
 		if (!NT_STATUS_IS_OK(status)) {

source/nsswitch/winbindd_pam.c

@@ -686,13 +686,11 @@ NTSTATUS winbindd_dual_pam_auth_cached(struct winbindd_domain *domain,
 
 	E_md4hash(state->request.data.auth.pass, new_nt_pass);
 
-#if DEBUG_PASSWORD
-	dump_data(100, new_nt_pass, NT_HASH_LEN);
-	dump_data(100, cached_nt_pass, NT_HASH_LEN);
+	dump_data_pw("new_nt_pass", new_nt_pass, NT_HASH_LEN);
+	dump_data_pw("cached_nt_pass", cached_nt_pass, NT_HASH_LEN);
 	if (cached_salt) {
-		dump_data(100, cached_salt, NT_HASH_LEN);
+		dump_data_pw("cached_salt", cached_salt, NT_HASH_LEN);
 	}
-#endif
 
 	if (cached_salt) {
 		/* In this case we didn't store the nt_hash itself,