diff options
| -rw-r--r-- | changes/bug_3416-do-not-log-pass | 1 | ||||
| -rw-r--r-- | src/leap/mail/imap/service/imap.py | 10 |
2 files changed, 10 insertions, 1 deletions
diff --git a/changes/bug_3416-do-not-log-pass b/changes/bug_3416-do-not-log-pass new file mode 100644 index 0000000..137b7a3 --- /dev/null +++ b/changes/bug_3416-do-not-log-pass @@ -0,0 +1 @@ + o Avoid logging dummy password on imap server. Closes: #3416 diff --git a/src/leap/mail/imap/service/imap.py b/src/leap/mail/imap/service/imap.py index a4ffed6..1a8c15c 100644 --- a/src/leap/mail/imap/service/imap.py +++ b/src/leap/mail/imap/service/imap.py @@ -17,6 +17,8 @@ """ Imap service initialization """ +from copy import copy + import logging logger = logging.getLogger(__name__) @@ -71,7 +73,13 @@ class LeapIMAPServer(imap4.IMAP4Server): #self.theAccount = theAccount def lineReceived(self, line): - log.msg('rcv: %s' % line) + if "login" in line: + # avoid to log the pass, even though we are using a dummy auth + # by now. + msg = line[:7] + " [...]" + else: + msg = copy(line) + log.msg('rcv: %s' % msg) imap4.IMAP4Server.lineReceived(self, line) def authenticateLogin(self, username, password): |