byterazor
/
qpsmtpd
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Prevent credentials being logged in plain text (#249) 

* Prevent credentials being logged in plain text
except in the highest debug level

* Fix missing semicolon
This commit is contained in:
Daniel B 2016-04-20 06:10:28 +02:00 committed by Matt Simerson
parent 044fff9aa8
commit 260bd6cdd6
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
lib/Qpsmtpd/TcpServer.pm
View File

@ -120,7 +120,10 @@ sub read_input {
while (<STDIN>) {
alarm 0;
$_ =~ s/\r?\n$//s; # advanced chomp
$self->log(LOGINFO, "dispatching $_");
my $log = $_;
$log =~ s/AUTH PLAIN (.*)/AUTH PLAIN <hidden credentials>/
unless ($self->config('loglevel') || '6') >= 7;
$self->log(LOGINFO, "dispatching $log");
$self->connection->notes('original_string', $_);
defined $self->dispatch(split / +/, $_, 2)
or $self->respond(502, "command unrecognized: '$_'");