From: Tollef Fog Heen <tfheen@err.no>
Date: Tue, 27 Oct 2009 20:36:16 +0000 (+0100)
Subject: Do not log OTPs unless requested
X-Git-Url: https://err.no/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=55604c827caca69aeece680593a68ff288ab2668;p=yubikey-server-c

Do not log OTPs unless requested
---

diff --git a/src/main.c b/src/main.c
index d3c5f99..b5d8813 100644
--- a/src/main.c
+++ b/src/main.c
@@ -385,7 +385,8 @@ static int handle_request(void * priv,
 	otp = MHD_lookup_connection_value(conn, MHD_GET_ARGUMENT_KIND, "otp");
 	h = MHD_lookup_connection_value(conn, MHD_GET_ARGUMENT_KIND, "h");
 	syslog(LOG_DEBUG, "Got new connection with parameters: "
-	       "url=%s id=%s otp=<hidden>, h=%s\n", url, id, h);
+	       "url=%s id=%s otp=%s, h=%s\n", url, id,
+	       (conf->log_otp ? otp : "<hidden>"),  h);
 
 	/* Do query to grab shared secret, we need this later anyway */
 	if (get_shared_secret(id, &shared_secret, &shared_secret_len) < 0) {
@@ -551,6 +552,10 @@ int parse_config(const char *file, struct ykc_config *c)
 			c->port = strtol(value, NULL, 0);
 			continue;
 		}
+		if (strcmp(key, "log_otp") == 0) {
+			c->log_otp = strtol(value, NULL, 0);
+			continue;
+		}
 	}
 	return 0;
 }