From 8beed56835f1a1dd5f31cfa03164ceb5ce59b859 Mon Sep 17 00:00:00 2001 From: Vsevolod Stakhov Date: Tue, 15 Sep 2015 18:01:27 +0100 Subject: [PATCH] Stop logging of encrypted passwords. --- src/controller.c | 26 ++------------------------ 1 file changed, 2 insertions(+), 24 deletions(-) diff --git a/src/controller.c b/src/controller.c index 54664273b..5109fdb8c 100644 --- a/src/controller.c +++ b/src/controller.c @@ -2067,9 +2067,6 @@ rspamd_controller_password_sane (struct rspamd_controller_worker_ctx *ctx, const gchar *password, const gchar *type) { const struct rspamd_controller_pbkdf *pbkdf = &pbkdf_list[0]; - GString *msg; - guchar *salt, *key; - gchar *encoded_salt, *encoded_key; if (password == NULL) { msg_warn_ctx ("%s is not set, so you should filter controller " @@ -2082,28 +2079,9 @@ rspamd_controller_password_sane (struct rspamd_controller_worker_ctx *ctx, if (!rspamd_is_encrypted_password (password, NULL)) { /* Suggest encryption to a user */ - msg = g_string_new (NULL); - rspamd_printf_gstring (msg, "your %s is not encrypted, we strongly " - "recommend to replace it with the encrypted version: ", type); - salt = g_alloca (pbkdf->salt_len); - key = g_alloca (pbkdf->key_len); - ottery_rand_bytes (salt, pbkdf->salt_len); - /* Derive key */ - rspamd_cryptobox_pbkdf (password, strlen (password), - salt, pbkdf->salt_len, key, pbkdf->key_len, pbkdf->rounds); - - encoded_salt = rspamd_encode_base32 (salt, pbkdf->salt_len); - encoded_key = rspamd_encode_base32 (key, pbkdf->key_len); - - rspamd_printf_gstring (msg, "$%d$%s$%s", pbkdf->id, encoded_salt, - encoded_key); - - msg_warn_ctx ("%v", msg); - - g_string_free (msg, TRUE); - g_free (encoded_salt); - g_free (encoded_key); + msg_warn_ctx ("your %s is not encrypted, we strongly " + "recommend to replace it with the encrypted one", type); } } -- 2.39.5