diff options
| author | Thomas Bruederli <thomas@roundcube.net> | 2014-02-03 15:34:55 +0100 |
|---|---|---|
| committer | Thomas Bruederli <thomas@roundcube.net> | 2014-05-12 09:00:13 +0200 |
| commit | 0d9ccfd8f76170adfeaa104668fce0e0b4f66a33 (patch) | |
| tree | 59df04bd56b7cc3928e769cf7f4abe08bc9ccd6f /program/lib/Roundcube/rcube_smtp.php | |
| parent | c94971bc6fe68c777cc066f51a7d88cc1149813f (diff) | |
Don't EVER log passwords
Diffstat (limited to 'program/lib/Roundcube/rcube_smtp.php')
| -rw-r--r-- | program/lib/Roundcube/rcube_smtp.php | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/program/lib/Roundcube/rcube_smtp.php b/program/lib/Roundcube/rcube_smtp.php index 5f1200b38..70f15dc7b 100644 --- a/program/lib/Roundcube/rcube_smtp.php +++ b/program/lib/Roundcube/rcube_smtp.php @@ -29,6 +29,7 @@ class rcube_smtp private $conn = null; private $response; private $error; + private $anonymize_log = 0; // define headers delimiter const SMTP_MIME_CRLF = "\r\n"; @@ -111,6 +112,7 @@ class rcube_smtp if ($rcube->config->get('smtp_debug')) { $this->conn->setDebug(true, array($this, 'debug_handler')); + $this->anonymize_log = 0; } // register authentication methods @@ -330,6 +332,15 @@ class rcube_smtp */ public function debug_handler(&$smtp, $message) { + // catch AUTH commands and set anonymization flag for subsequent sends + if (preg_match('/^Send: AUTH ([A-Z]+)/', $message, $m)) { + $this->anonymize_log = $m[1] == 'LOGIN' ? 2 : 1; + } + // anonymize this log entry + else if ($this->anonymize_log > 0 && strpos($message, 'Send:') === 0 && --$this->anonymize_log == 0) { + $message = sprintf('Send: ****** [%d]', strlen($message) - 8); + } + if (($len = strlen($message)) > self::DEBUG_LINE_LENGTH) { $diff = $len - self::DEBUG_LINE_LENGTH; $message = substr($message, 0, self::DEBUG_LINE_LENGTH) |