diff options
author | Jukka Rissanen <jukka.rissanen@linux.intel.com> | 2013-02-13 17:28:59 +0200 |
---|---|---|
committer | Patrik Flykt <patrik.flykt@linux.intel.com> | 2013-02-19 12:51:39 +0200 |
commit | 0973548ef45ccc4c51bf1d091b725647c916f358 (patch) | |
tree | e712800778bec6dd979d1c68780dfe786bcd7922 /vpn | |
parent | db653221c8fe867f05b5e05d47d07fe1e0e6e22a (diff) | |
download | connman-0973548ef45ccc4c51bf1d091b725647c916f358.tar.gz connman-0973548ef45ccc4c51bf1d091b725647c916f358.tar.bz2 connman-0973548ef45ccc4c51bf1d091b725647c916f358.zip |
vpn-provider: Avoid printing password to log files
Add a variant to vpn_provider_set_string() that does not print
sensitive data like password in clear text to log files.
Diffstat (limited to 'vpn')
-rw-r--r-- | vpn/plugins/l2tp.c | 3 | ||||
-rw-r--r-- | vpn/plugins/pptp.c | 3 | ||||
-rw-r--r-- | vpn/vpn-provider.c | 19 | ||||
-rw-r--r-- | vpn/vpn-provider.h | 2 |
4 files changed, 22 insertions, 5 deletions
diff --git a/vpn/plugins/l2tp.c b/vpn/plugins/l2tp.c index 0a7ebf11..2a16ca6c 100644 --- a/vpn/plugins/l2tp.c +++ b/vpn/plugins/l2tp.c @@ -643,7 +643,8 @@ static int run_connect(struct vpn_provider *provider, } vpn_provider_set_string(provider, "L2TP.User", username); - vpn_provider_set_string(provider, "L2TP.Password", password); + vpn_provider_set_string_hide_value(provider, "L2TP.Password", + password); DBG("username %s password %p", username, password); diff --git a/vpn/plugins/pptp.c b/vpn/plugins/pptp.c index 0e6b07a7..c0d7c003 100644 --- a/vpn/plugins/pptp.c +++ b/vpn/plugins/pptp.c @@ -442,7 +442,8 @@ static int run_connect(struct vpn_provider *provider, } vpn_provider_set_string(provider, "PPTP.User", username); - vpn_provider_set_string(provider, "PPTP.Password", password); + vpn_provider_set_string_hide_value(provider, "PPTP.Password", + password); DBG("username %s password %p", username, password); diff --git a/vpn/vpn-provider.c b/vpn/vpn-provider.c index 36db938b..8b68dba3 100644 --- a/vpn/vpn-provider.c +++ b/vpn/vpn-provider.c @@ -2007,10 +2007,11 @@ const char * __vpn_provider_get_ident(struct vpn_provider *provider) return provider->identifier; } -int vpn_provider_set_string(struct vpn_provider *provider, - const char *key, const char *value) +static int set_string(struct vpn_provider *provider, + const char *key, const char *value, gboolean hide_value) { - DBG("provider %p key %s value %s", provider, key, value); + DBG("provider %p key %s value %s", provider, key, + hide_value ? "<not printed>" : value); if (g_str_equal(key, "Type") == TRUE) { g_free(provider->type); @@ -2030,6 +2031,18 @@ int vpn_provider_set_string(struct vpn_provider *provider, return 0; } +int vpn_provider_set_string(struct vpn_provider *provider, + const char *key, const char *value) +{ + return set_string(provider, key, value, FALSE); +} + +int vpn_provider_set_string_hide_value(struct vpn_provider *provider, + const char *key, const char *value) +{ + return set_string(provider, key, value, TRUE); +} + const char *vpn_provider_get_string(struct vpn_provider *provider, const char *key) { diff --git a/vpn/vpn-provider.h b/vpn/vpn-provider.h index 2889428c..56266454 100644 --- a/vpn/vpn-provider.h +++ b/vpn/vpn-provider.h @@ -73,6 +73,8 @@ void vpn_provider_unref_debug(struct vpn_provider *provider, int vpn_provider_set_string(struct vpn_provider *provider, const char *key, const char *value); +int vpn_provider_set_string_hide_value(struct vpn_provider *provider, + const char *key, const char *value); const char *vpn_provider_get_string(struct vpn_provider *provider, const char *key); |