rlm_unix and logging of bad passwords
A.L.M.Buxey at lboro.ac.uk
A.L.M.Buxey at lboro.ac.uk
Fri Mar 7 17:53:36 CET 2014
Hi,
> figure what could be done to prevent the line from being logged:
>
> //line371ff
> if (fr_crypt_check((char *) request->password->vp_strvalue,
> (char *) vp->vp_strvalue) != 0) {
> radlog_request(L_AUTH, 0, request, "invalid password
> \"%s\"",
> request->password->vp_strvalue);
> return RLM_MODULE_REJECT;
> }
as Phil says...or if you really must, change that to..
if (fr_crypt_check((char *) request->password->vp_strvalue,
(char *) vp->vp_strvalue) != 0) {
radlog_request(L_AUTH, 0, request, "invalid password \"PASSWORD\"");
return RLM_MODULE_REJECT;
}
though this should only be logging invalid passwords anyway???...
alan
More information about the Freeradius-Users
mailing list