[Pidgin] #7836: Don't log XMPP plaintext passwords
Pidgin
trac at pidgin.im
Sat Dec 20 17:00:40 EST 2008
#7836: Don't log XMPP plaintext passwords
------------------------+---------------------------------------------------
Reporter: darkrain42 | Owner: deryni
Type: patch | Status: new
Component: XMPP | Version: 2.5.2
Keywords: |
------------------------+---------------------------------------------------
Patch to prevent SASL PLAIN/old-style IQ Auth plaintext passwords from
being displayed in the debug log.
The output looks something like this (for PLAIN, DIGEST-MD5 is
unmodified):
{{{
(13:56:18) jabber: Sending (ssl): <auth xmlns='urn:ietf:params:xml:ns
:xmpp-sasl' mechanism='PLAIN'
xmlns:ga='http://www.google.com/talk/protocol/auth' ga:client-uses-full-
bind-result='true'>password removed</auth>
}}}
--
Ticket URL: <http://developer.pidgin.im/ticket/7836>
Pidgin <http://pidgin.im>
Pidgin
More information about the Tracker
mailing list