Do not log OTPs unless requested

author Tollef Fog Heen <tfheen@err.no>

Tue, 27 Oct 2009 20:36:16 +0000 (21:36 +0100)

committer Tollef Fog Heen <tfheen@err.no>

Tue, 27 Oct 2009 20:36:16 +0000 (21:36 +0100)
author Tollef Fog Heen <tfheen@err.no>
Tue, 27 Oct 2009 20:36:16 +0000 (21:36 +0100)
committer Tollef Fog Heen <tfheen@err.no>
Tue, 27 Oct 2009 20:36:16 +0000 (21:36 +0100)
diff --git a/src/main.c b/src/main.c

index d3c5f99413d7f0088da415dfb60af45c3b038d6c..b5d88137f91619df8162ce3b3430c12a3713ab63 100644 (file)
--- a/src/main.c
+++ b/src/main.c
@@ -385,7 +385,8 @@ static int handle_request(void * priv,
         otp = MHD_lookup_connection_value(conn, MHD_GET_ARGUMENT_KIND, "otp");
         h = MHD_lookup_connection_value(conn, MHD_GET_ARGUMENT_KIND, "h");
         syslog(LOG_DEBUG, "Got new connection with parameters: "
-              "url=%s id=%s otp=<hidden>, h=%s\n", url, id, h);
+              "url=%s id=%s otp=%s, h=%s\n", url, id,
+              (conf->log_otp ? otp : "<hidden>"),  h);
  
         /* Do query to grab shared secret, we need this later anyway */
         if (get_shared_secret(id, &shared_secret, &shared_secret_len) < 0) {
@@ -551,6 +552,10 @@ int parse_config(const char *file, struct ykc_config *c)
                         c->port = strtol(value, NULL, 0);
                         continue;
                 }
+               if (strcmp(key, "log_otp") == 0) {
+                       c->log_otp = strtol(value, NULL, 0);
+                       continue;
+               }
         }
         return 0;
  }
author	Tollef Fog Heen <tfheen@err.no>
	Tue, 27 Oct 2009 20:36:16 +0000 (21:36 +0100)
committer	Tollef Fog Heen <tfheen@err.no>
	Tue, 27 Oct 2009 20:36:16 +0000 (21:36 +0100)