From 88c9871069014e6e4ac1a0c78593feb708a1e3b3 Mon Sep 17 00:00:00 2001 From: Matthew Wild Date: Sat, 13 Feb 2010 19:35:12 +0000 Subject: mod_saslauth: Don't print raw SASL data to avoid logging passwords unnecessarily --- plugins/mod_saslauth.lua | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'plugins') diff --git a/plugins/mod_saslauth.lua b/plugins/mod_saslauth.lua index beb59dd2..be324b24 100644 --- a/plugins/mod_saslauth.lua +++ b/plugins/mod_saslauth.lua @@ -69,13 +69,13 @@ local anonymous_authentication_profile = { local function build_reply(status, ret, err_msg) local reply = st.stanza(status, {xmlns = xmlns_sasl}); if status == "challenge" then - log("debug", "%s", ret or ""); + --log("debug", "CHALLENGE: %s", ret or ""); reply:text(base64.encode(ret or "")); elseif status == "failure" then reply:tag(ret):up(); if err_msg then reply:tag("text"):text(err_msg); end elseif status == "success" then - log("debug", "%s", ret or ""); + --log("debug", "SUCCESS: %s", ret or ""); reply:text(base64.encode(ret or "")); else module:log("error", "Unknown sasl status: %s", status); @@ -123,7 +123,7 @@ local function sasl_handler(session, stanza) local text = stanza[1]; if text then text = base64.decode(text); - log("debug", "%s", text:gsub("[%z\001-\008\011\012\014-\031]", " ")); + --log("debug", "AUTH: %s", text:gsub("[%z\001-\008\011\012\014-\031]", " ")); if not text then session.sasl_handler = nil; session.send(build_reply("failure", "incorrect-encoding")); -- cgit v1.2.3