From 1f89726e848c174d1be4b41edaf0bcdaab0077ef Mon Sep 17 00:00:00 2001

From: Pavel Grunt <pgrunt@redhat.com>

Date: Tue, 17 Jan 2017 18:42:51 +0100

Subject: [PATCH 15/26] Do not print password in the debug log

Do not show a length since it is sensitive info as well.

Resolves: rhbz#1410030

Acked-by: Christophe Fergeau <cfergeau@redhat.com>

---

 src/virt-viewer.c | 11 ++++++++++-

 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/src/virt-viewer.c b/src/virt-viewer.c

index 1121146..1f99552 100644

--- a/src/virt-viewer.c

+++ b/src/virt-viewer.c

@@ -928,6 +928,11 @@ virt_viewer_auth_libvirt_credentials(virConnectCredentialPtr cred,

     }

     for (i = 0 ; i < ncred ; i++) {

+        const char *cred_type_to_str[] = {

+            [VIR_CRED_USERNAME] = "Identity to act as",

+            [VIR_CRED_AUTHNAME] = "Identify to authorize as",

+            [VIR_CRED_PASSPHRASE] = "Passphrase secret",

+        };

         switch (cred[i].type) {

         case VIR_CRED_AUTHNAME:

         case VIR_CRED_USERNAME:

@@ -936,7 +941,11 @@ virt_viewer_auth_libvirt_credentials(virConnectCredentialPtr cred,

                 cred[i].resultlen = strlen(cred[i].result);

             else

                 cred[i].resultlen = 0;

-            g_debug("Got '%s' %d %d", cred[i].result, cred[i].resultlen, cred[i].type);

+            g_debug("Got %s '%s' %d",

+                    cred_type_to_str[cred[i].type],

+                    /* hide password */

+                    (cred[i].type == VIR_CRED_PASSPHRASE) ? "*****" : cred[i].result,

+                    cred[i].type);

             break;

         }

     }

-- 

2.12.0