From bf6fccd7bb28edd70bb2a898fc3d37753f3030cb Mon Sep 17 00:00:00 2001 From: Howard Chu Date: Sat, 13 Apr 2002 10:56:16 +0000 Subject: [PATCH] ITS#1740 --- doc/man/man8/slapd.8 | 3 +++ servers/slapd/config.c | 27 +++++++++++++++------------ 2 files changed, 18 insertions(+), 12 deletions(-) diff --git a/doc/man/man8/slapd.8 b/doc/man/man8/slapd.8 index 5735f22fc8..e28d597336 100644 --- a/doc/man/man8/slapd.8 +++ b/doc/man/man8/slapd.8 @@ -66,6 +66,9 @@ will not fork or disassociate from the invoking terminal. Some general operation and status messages are printed for any value of \fIdebug\-level\fP. \fIdebug\-level\fP is taken as a bit string, with each bit corresponding to a different kind of debugging information. See for details. +Remember that if you turn on packet logging, packets containing bind passwords +will be output, so if you redirect the log to a logfile, that file should +be read-protected. .TP .BI \-s " syslog\-level" This option tells diff --git a/servers/slapd/config.c b/servers/slapd/config.c index 84a33a057e..06016c0a76 100644 --- a/servers/slapd/config.c +++ b/servers/slapd/config.c @@ -67,7 +67,7 @@ int use_reverse_lookup = 0; static char *fp_getline(FILE *fp, int *lineno); static void fp_getline_init(int *lineno); -static int fp_parse_line(char *line, int *argcp, char **argv); +static int fp_parse_line(int lineno, char *line, int *argcp, char **argv); static char *strtok_quote(char *line, char *sep); static int load_ucdata(char *path); @@ -119,18 +119,10 @@ read_config( const char *fname ) continue; } -#ifdef NEW_LOGGING - LDAP_LOG(( "config", LDAP_LEVEL_DETAIL1, - "line %d (%s)\n", lineno, line )); -#else - Debug( LDAP_DEBUG_CONFIG, "line %d (%s)\n", lineno, line, 0 ); -#endif - - /* fp_parse_line is destructive, we save a copy */ saveline = ch_strdup( line ); - if ( fp_parse_line( line, &cargc, cargv ) != 0 ) { + if ( fp_parse_line( lineno, line, &cargc, cargv ) != 0 ) { return( 1 ); } @@ -2360,16 +2352,27 @@ read_config( const char *fname ) static int fp_parse_line( + int lineno, char *line, int *argcp, char **argv ) { char * token; + char * logline; *argcp = 0; - for ( token = strtok_quote( line, " \t" ); token != NULL; - token = strtok_quote( NULL, " \t" ) ) { + token = strtok_quote( line, " \t" ); + + logline = (!token || strcasecmp(token, "rootpw") ? line : "rootpw *"); +#ifdef NEW_LOGGING + LDAP_LOG(( "config", LDAP_LEVEL_DETAIL1, + "line %d (%s)\n", lineno, logline )); +#else + Debug( LDAP_DEBUG_CONFIG, "line %d (%s)\n", lineno, logline, 0 ); +#endif + + for ( ; token != NULL; token = strtok_quote( NULL, " \t" ) ) { if ( *argcp == MAXARGS ) { #ifdef NEW_LOGGING LDAP_LOG(( "config", LDAP_LEVEL_CRIT, -- 2.39.5