Password Logging

[Geoff Silver]

I did this for an rlm_syslog module, since I didn't want password logged in
the clear.  I added a "hidepasswd" config option so it could be
enabled/disabled at will, but basically it's just:

                if ((strstr(buf, "User-Password") != 0) &&
                    (strcmp(inst->hidepasswd, "yes") == 0)) {
                        pair->next;
                }


Craig T. Hancock wrote:
> I also want to remove the password from the log file. I am trying to
> modify the rlm_detail file. I beileve the section that needs modifying
> is at line 280. Before modification I just need to understand the
> following lines after 280. The code with the comment
> 
> /* Don't Print passwords in old format */
> 
> What is the old format compared to the new format.
> 
> As far as what to change what is the pair->attribute
> for User-Password statement. I would presume it would be
> PW_PASSWORD_REQUEST.
> 
> My thinking is is to do something like this
> 
> if (compat && (pair->attribute == PW_PASSWORD_REQUEST)) {
>     pair = pair->next;
>     continue;
> 
> 
> Is that correct?
> 
> 
> 
> 
> Alan DeKok wrote:
> 
>> andre kip <xu178 at yahoo.de> wrote:
>>
>>> 1. Where is the rlm_detail module? I only see *.so and
>>> *.la files which seem not to be the ones. man
>>> rlm_detail doesn't help either.
>>
>>
>>
>>   Try looking at the source.
>>
>>
>>> 2. I managed to use encrypted passwords in the user
>>> file. Is it possible to store encrypted shared secret
>>> both in server and client?
>>
>>
>>
>>   No.
>>
>>   Alan DeKok.
>> - List info/subscribe/unsubscribe? See
>> http://www.freeradius.org/list/users.html
>>
> 
> - List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html