summaryrefslogtreecommitdiff
path: root/vpn
diff options
context:
space:
mode:
authorJukka Rissanen <jukka.rissanen@linux.intel.com>2013-02-13 17:28:59 +0200
committerPatrik Flykt <patrik.flykt@linux.intel.com>2013-02-19 12:51:39 +0200
commit0973548ef45ccc4c51bf1d091b725647c916f358 (patch)
treee712800778bec6dd979d1c68780dfe786bcd7922 /vpn
parentdb653221c8fe867f05b5e05d47d07fe1e0e6e22a (diff)
downloadconnman-0973548ef45ccc4c51bf1d091b725647c916f358.tar.gz
connman-0973548ef45ccc4c51bf1d091b725647c916f358.tar.bz2
connman-0973548ef45ccc4c51bf1d091b725647c916f358.zip
vpn-provider: Avoid printing password to log files
Add a variant to vpn_provider_set_string() that does not print sensitive data like password in clear text to log files.
Diffstat (limited to 'vpn')
-rw-r--r--vpn/plugins/l2tp.c3
-rw-r--r--vpn/plugins/pptp.c3
-rw-r--r--vpn/vpn-provider.c19
-rw-r--r--vpn/vpn-provider.h2
4 files changed, 22 insertions, 5 deletions
diff --git a/vpn/plugins/l2tp.c b/vpn/plugins/l2tp.c
index 0a7ebf11..2a16ca6c 100644
--- a/vpn/plugins/l2tp.c
+++ b/vpn/plugins/l2tp.c
@@ -643,7 +643,8 @@ static int run_connect(struct vpn_provider *provider,
}
vpn_provider_set_string(provider, "L2TP.User", username);
- vpn_provider_set_string(provider, "L2TP.Password", password);
+ vpn_provider_set_string_hide_value(provider, "L2TP.Password",
+ password);
DBG("username %s password %p", username, password);
diff --git a/vpn/plugins/pptp.c b/vpn/plugins/pptp.c
index 0e6b07a7..c0d7c003 100644
--- a/vpn/plugins/pptp.c
+++ b/vpn/plugins/pptp.c
@@ -442,7 +442,8 @@ static int run_connect(struct vpn_provider *provider,
}
vpn_provider_set_string(provider, "PPTP.User", username);
- vpn_provider_set_string(provider, "PPTP.Password", password);
+ vpn_provider_set_string_hide_value(provider, "PPTP.Password",
+ password);
DBG("username %s password %p", username, password);
diff --git a/vpn/vpn-provider.c b/vpn/vpn-provider.c
index 36db938b..8b68dba3 100644
--- a/vpn/vpn-provider.c
+++ b/vpn/vpn-provider.c
@@ -2007,10 +2007,11 @@ const char * __vpn_provider_get_ident(struct vpn_provider *provider)
return provider->identifier;
}
-int vpn_provider_set_string(struct vpn_provider *provider,
- const char *key, const char *value)
+static int set_string(struct vpn_provider *provider,
+ const char *key, const char *value, gboolean hide_value)
{
- DBG("provider %p key %s value %s", provider, key, value);
+ DBG("provider %p key %s value %s", provider, key,
+ hide_value ? "<not printed>" : value);
if (g_str_equal(key, "Type") == TRUE) {
g_free(provider->type);
@@ -2030,6 +2031,18 @@ int vpn_provider_set_string(struct vpn_provider *provider,
return 0;
}
+int vpn_provider_set_string(struct vpn_provider *provider,
+ const char *key, const char *value)
+{
+ return set_string(provider, key, value, FALSE);
+}
+
+int vpn_provider_set_string_hide_value(struct vpn_provider *provider,
+ const char *key, const char *value)
+{
+ return set_string(provider, key, value, TRUE);
+}
+
const char *vpn_provider_get_string(struct vpn_provider *provider,
const char *key)
{
diff --git a/vpn/vpn-provider.h b/vpn/vpn-provider.h
index 2889428c..56266454 100644
--- a/vpn/vpn-provider.h
+++ b/vpn/vpn-provider.h
@@ -73,6 +73,8 @@ void vpn_provider_unref_debug(struct vpn_provider *provider,
int vpn_provider_set_string(struct vpn_provider *provider,
const char *key, const char *value);
+int vpn_provider_set_string_hide_value(struct vpn_provider *provider,
+ const char *key, const char *value);
const char *vpn_provider_get_string(struct vpn_provider *provider,
const char *key);