- (djm) Don't log SSH2 PAM KbdInt responses to debug, they may contain

passwords.
author: Damien Miller <djm@mindrot.org> 2001-01-31 10:50:49 +1100
committer: Damien Miller <djm@mindrot.org> 2001-01-31 10:50:49 +1100
commit: bf75776d415126a415ac92fb767c70dc67feba4f (patch)
tree: ac0483c36737d48e5a58c9be36a2687ce0e27002
parent: 709528ab6a271ce39155fc494d40689f578f9d38 (diff)
2 files changed, 3 insertions, 2 deletions
diff --git a/ChangeLog b/ChangeLog
index 0e854e2f1..7ac2bf354 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -6,6 +6,8 @@
 - (djm) Fix autoconf logic for --with-lastlog=no Report and diagnosis from
   Philipp Buehler <lists@fips.de> and Kevin Steves <stevesk@sweden.hp.com>
   respectively.
+ - (djm) Don't log SSH2 PAM KbdInt responses to debug, they may contain
+   passwords.
 20000130
 - (djm) OpenBSD CVS Sync:
diff --git a/auth2-pam.c b/auth2-pam.c
index c54ad31a2..d7a5ff7a4 100644
--- a/auth2-pam.c
+++ b/auth2-pam.c
@@ -1,5 +1,5 @@
 #include "includes.h"
-RCSID("$Id: auth2-pam.c,v 1.6 2001/01/22 05:34:40 mouring Exp $");
+RCSID("$Id: auth2-pam.c,v 1.7 2001/01/30 23:50:49 djm Exp $");
 #ifdef USE_PAM
 #include <security/pam_appl.h>
@@ -152,7 +152,6 @@ input_userauth_info_response_pam(int type, int plen, void *ctxt)
        for (i = 0; i < nresp; i++) {
                int j = context_pam2.prompts[i];
                resp = packet_get_string(&rlen);
-                debug("response ssh-%d(pam-%d) = \"%s\"", i, j, resp);
                context_pam2.responses[j].resp_retcode = PAM_SUCCESS;
                context_pam2.responses[j].resp = xstrdup(resp);
                xfree(resp);
author	Damien Miller <djm@mindrot.org>	2001-01-31 10:50:49 +1100
committer	Damien Miller <djm@mindrot.org>	2001-01-31 10:50:49 +1100
commit	bf75776d415126a415ac92fb767c70dc67feba4f (patch)
tree	ac0483c36737d48e5a58c9be36a2687ce0e27002
parent	709528ab6a271ce39155fc494d40689f578f9d38 (diff)