From 53235b396dfb5d2c46e96379f7177a3aa315f88c Mon Sep 17 00:00:00 2001 From: Tollef Fog Heen Date: Tue, 27 Oct 2009 21:03:19 +0100 Subject: [PATCH] Don't log the OTP publically The OTP might not be an OTP, but an actual password, so don't log it publically. --- src/main.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main.c b/src/main.c index 174a896..993c4c7 100644 --- a/src/main.c +++ b/src/main.c @@ -373,7 +373,7 @@ static int handle_request(void * UNUSED(data), otp = MHD_lookup_connection_value(conn, MHD_GET_ARGUMENT_KIND, "otp"); h = MHD_lookup_connection_value(conn, MHD_GET_ARGUMENT_KIND, "h"); syslog(LOG_DEBUG, "Got new connection with parameters: " - "url=%s id=%s otp=%s, h=%s\n", url, id, otp, h); + "url=%s id=%s otp=, h=%s\n", url, id, h); /* Do query to grab shared secret, we need this later anyway */ if (get_shared_secret(id, &shared_secret, &shared_secret_len) < 0) { -- 2.39.5