sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2024-12-25 23:21:54 +03:00
Code

repl_meta_data: Use ldb_ldif_message_redacted_string() to avoid printing secrets in logs

Browse Source 
This avoids printing un-encrypted secret values in logs

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
This commit is contained in:
Andrew Bartlett 2017-09-06 15:38:14 +12:00
parent ba54816875
commit cc78de5581
1 changed files with 15 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
source4/dsdb/samdb/ldb_modules/repl_meta_data.c
View File

@ -4984,7 +4984,9 @@ static int replmd_replicated_apply_add(struct replmd_replicated_request *ar)
if (DEBUGLVL(4)) {
struct GUID_txt_buf guid_txt;
char *s = ldb_ldif_message_string(ldb, ar, LDB_CHANGETYPE_ADD, msg);
char *s = ldb_ldif_message_redacted_string(ldb, ar,
LDB_CHANGETYPE_ADD,
msg);
DEBUG(4, ("DRS replication add message of %s:\n%s\n",
GUID_buf_string(&ar->objs->objects[ar->index_current].object_guid, &guid_txt),
s));
@ -5556,7 +5558,8 @@ static int replmd_replicated_apply_merge(struct replmd_replicated_request *ar)
if (DEBUGLVL(5)) {
struct GUID_txt_buf guid_txt;
char *s = ldb_ldif_message_string(ldb, ar, LDB_CHANGETYPE_MODIFY, msg);
char *s = ldb_ldif_message_redacted_string(ldb, ar,
LDB_CHANGETYPE_MODIFY, msg);
DEBUG(5, ("Initial DRS replication modify message of %s is:\n%s\n"
"%s\n"
"%s\n",
@ -5832,7 +5835,9 @@ static int replmd_replicated_apply_merge(struct replmd_replicated_request *ar)
if (DEBUGLVL(4)) {
struct GUID_txt_buf guid_txt;
char *s = ldb_ldif_message_string(ldb, ar, LDB_CHANGETYPE_MODIFY, msg);
char *s = ldb_ldif_message_redacted_string(ldb, ar,
LDB_CHANGETYPE_MODIFY,
msg);
DEBUG(4, ("Final DRS replication modify message of %s:\n%s\n",
GUID_buf_string(&ar->objs->objects[ar->index_current].object_guid, &guid_txt),
s));
@ -6499,7 +6504,9 @@ static int replmd_replicated_uptodate_modify(struct replmd_replicated_request *a
nrf_el->flags = LDB_FLAG_MOD_REPLACE;
if (CHECK_DEBUGLVL(4)) {
char *s = ldb_ldif_message_string(ldb, ar, LDB_CHANGETYPE_MODIFY, msg);
char *s = ldb_ldif_message_redacted_string(ldb, ar,
LDB_CHANGETYPE_MODIFY,
msg);
DEBUG(4, ("DRS replication uptodate modify message:\n%s\n", s));
talloc_free(s);
}
@ -7312,7 +7319,10 @@ static int replmd_process_linked_attribute(struct ldb_module *module,
if (ret != LDB_SUCCESS) {
ldb_debug(ldb, LDB_DEBUG_WARNING, "Failed to apply linked attribute change '%s'\n%s\n",
ldb_errstring(ldb),
ldb_ldif_message_string(ldb, tmp_ctx, LDB_CHANGETYPE_MODIFY, msg));
ldb_ldif_message_redacted_string(ldb,
tmp_ctx,
LDB_CHANGETYPE_MODIFY,
msg));
talloc_free(tmp_ctx);
return ret;
}