svn commit: samba r24438 - in branches: SAMBA_3_2/source/nsswitch SAMBA_3_2_0/source/nsswitch

gd at samba.org gd at samba.org
Tue Aug 14 20:43:04 GMT 2007


Author: gd
Date: 2007-08-14 20:43:02 +0000 (Tue, 14 Aug 2007)
New Revision: 24438

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=24438

Log:
Use dump_data_pw() instead of dump_data() on sensitive data in winbindd.

Guenther

Modified:
   branches/SAMBA_3_2/source/nsswitch/winbindd_cache.c
   branches/SAMBA_3_2/source/nsswitch/winbindd_creds.c
   branches/SAMBA_3_2/source/nsswitch/winbindd_pam.c
   branches/SAMBA_3_2_0/source/nsswitch/winbindd_cache.c
   branches/SAMBA_3_2_0/source/nsswitch/winbindd_creds.c
   branches/SAMBA_3_2_0/source/nsswitch/winbindd_pam.c


Changeset:
Modified: branches/SAMBA_3_2/source/nsswitch/winbindd_cache.c
===================================================================
--- branches/SAMBA_3_2/source/nsswitch/winbindd_cache.c	2007-08-14 20:26:35 UTC (rev 24437)
+++ branches/SAMBA_3_2/source/nsswitch/winbindd_cache.c	2007-08-14 20:43:02 UTC (rev 24438)
@@ -1015,12 +1015,11 @@
 		*cached_salt = NULL;
 	}
 
-#if DEBUG_PASSWORD
-	dump_data(100, *cached_nt_pass, NT_HASH_LEN);
+	dump_data_pw("cached_nt_pass", *cached_nt_pass, NT_HASH_LEN);
 	if (*cached_salt) {
-		dump_data(100, *cached_salt, NT_HASH_LEN);
+		dump_data_pw("cached_salt", *cached_salt, NT_HASH_LEN);
 	}
-#endif
+
 	status = centry->status;
 
 	DEBUG(10,("wcache_get_creds: [Cached] - cached creds for user %s status: %s\n",
@@ -1056,9 +1055,7 @@
 		return NT_STATUS_INTERNAL_DB_ERROR;
 	}
 
-#if DEBUG_PASSWORD
-	dump_data(100, nt_pass, NT_HASH_LEN);
-#endif
+	dump_data_pw("nt_pass", nt_pass, NT_HASH_LEN);
 
 	centry_put_time(centry, time(NULL));
 

Modified: branches/SAMBA_3_2/source/nsswitch/winbindd_creds.c
===================================================================
--- branches/SAMBA_3_2/source/nsswitch/winbindd_creds.c	2007-08-14 20:26:35 UTC (rev 24437)
+++ branches/SAMBA_3_2/source/nsswitch/winbindd_creds.c	2007-08-14 20:43:02 UTC (rev 24438)
@@ -117,9 +117,7 @@
 
 		E_md4hash(pass, nt_pass);
 
-#if DEBUG_PASSWORD
-		dump_data(100, nt_pass, NT_HASH_LEN);
-#endif
+		dump_data_pw("nt_pass", nt_pass, NT_HASH_LEN);
 
 		status = wcache_save_creds(domain, mem_ctx, &cred_sid, nt_pass);
 		if (!NT_STATUS_IS_OK(status)) {

Modified: branches/SAMBA_3_2/source/nsswitch/winbindd_pam.c
===================================================================
--- branches/SAMBA_3_2/source/nsswitch/winbindd_pam.c	2007-08-14 20:26:35 UTC (rev 24437)
+++ branches/SAMBA_3_2/source/nsswitch/winbindd_pam.c	2007-08-14 20:43:02 UTC (rev 24438)
@@ -686,13 +686,11 @@
 
 	E_md4hash(state->request.data.auth.pass, new_nt_pass);
 
-#if DEBUG_PASSWORD
-	dump_data(100, new_nt_pass, NT_HASH_LEN);
-	dump_data(100, cached_nt_pass, NT_HASH_LEN);
+	dump_data_pw("new_nt_pass", new_nt_pass, NT_HASH_LEN);
+	dump_data_pw("cached_nt_pass", cached_nt_pass, NT_HASH_LEN);
 	if (cached_salt) {
-		dump_data(100, cached_salt, NT_HASH_LEN);
+		dump_data_pw("cached_salt", cached_salt, NT_HASH_LEN);
 	}
-#endif
 
 	if (cached_salt) {
 		/* In this case we didn't store the nt_hash itself,

Modified: branches/SAMBA_3_2_0/source/nsswitch/winbindd_cache.c
===================================================================
--- branches/SAMBA_3_2_0/source/nsswitch/winbindd_cache.c	2007-08-14 20:26:35 UTC (rev 24437)
+++ branches/SAMBA_3_2_0/source/nsswitch/winbindd_cache.c	2007-08-14 20:43:02 UTC (rev 24438)
@@ -1015,12 +1015,11 @@
 		*cached_salt = NULL;
 	}
 
-#if DEBUG_PASSWORD
-	dump_data(100, *cached_nt_pass, NT_HASH_LEN);
+	dump_data_pw("cached_nt_pass", *cached_nt_pass, NT_HASH_LEN);
 	if (*cached_salt) {
-		dump_data(100, *cached_salt, NT_HASH_LEN);
+		dump_data_pw("cached_salt", *cached_salt, NT_HASH_LEN);
 	}
-#endif
+
 	status = centry->status;
 
 	DEBUG(10,("wcache_get_creds: [Cached] - cached creds for user %s status: %s\n",
@@ -1056,9 +1055,7 @@
 		return NT_STATUS_INTERNAL_DB_ERROR;
 	}
 
-#if DEBUG_PASSWORD
-	dump_data(100, nt_pass, NT_HASH_LEN);
-#endif
+	dump_data_pw("nt_pass", nt_pass, NT_HASH_LEN);
 
 	centry_put_time(centry, time(NULL));
 

Modified: branches/SAMBA_3_2_0/source/nsswitch/winbindd_creds.c
===================================================================
--- branches/SAMBA_3_2_0/source/nsswitch/winbindd_creds.c	2007-08-14 20:26:35 UTC (rev 24437)
+++ branches/SAMBA_3_2_0/source/nsswitch/winbindd_creds.c	2007-08-14 20:43:02 UTC (rev 24438)
@@ -117,9 +117,7 @@
 
 		E_md4hash(pass, nt_pass);
 
-#if DEBUG_PASSWORD
-		dump_data(100, nt_pass, NT_HASH_LEN);
-#endif
+		dump_data_pw("nt_pass", nt_pass, NT_HASH_LEN);
 
 		status = wcache_save_creds(domain, mem_ctx, &cred_sid, nt_pass);
 		if (!NT_STATUS_IS_OK(status)) {

Modified: branches/SAMBA_3_2_0/source/nsswitch/winbindd_pam.c
===================================================================
--- branches/SAMBA_3_2_0/source/nsswitch/winbindd_pam.c	2007-08-14 20:26:35 UTC (rev 24437)
+++ branches/SAMBA_3_2_0/source/nsswitch/winbindd_pam.c	2007-08-14 20:43:02 UTC (rev 24438)
@@ -686,13 +686,11 @@
 
 	E_md4hash(state->request.data.auth.pass, new_nt_pass);
 
-#if DEBUG_PASSWORD
-	dump_data(100, new_nt_pass, NT_HASH_LEN);
-	dump_data(100, cached_nt_pass, NT_HASH_LEN);
+	dump_data_pw("new_nt_pass", new_nt_pass, NT_HASH_LEN);
+	dump_data_pw("cached_nt_pass", cached_nt_pass, NT_HASH_LEN);
 	if (cached_salt) {
-		dump_data(100, cached_salt, NT_HASH_LEN);
+		dump_data_pw("cached_salt", cached_salt, NT_HASH_LEN);
 	}
-#endif
 
 	if (cached_salt) {
 		/* In this case we didn't store the nt_hash itself,



More information about the samba-cvs mailing list