From commits-return-51406-apmail-directory-commits-archive=directory.apache.org@directory.apache.org Wed Nov 6 14:33:00 2019 Return-Path: X-Original-To: apmail-directory-commits-archive@www.apache.org Delivered-To: apmail-directory-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [207.244.88.153]) by minotaur.apache.org (Postfix) with SMTP id 3428E10F4A for ; Wed, 6 Nov 2019 14:33:00 +0000 (UTC) Received: (qmail 76769 invoked by uid 500); 6 Nov 2019 14:32:59 -0000 Delivered-To: apmail-directory-commits-archive@directory.apache.org Received: (qmail 76681 invoked by uid 500); 6 Nov 2019 14:32:59 -0000 Mailing-List: contact commits-help@directory.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@directory.apache.org Delivered-To: mailing list commits@directory.apache.org Received: (qmail 76430 invoked by uid 99); 6 Nov 2019 14:32:58 -0000 Received: from ec2-52-202-80-70.compute-1.amazonaws.com (HELO gitbox.apache.org) (52.202.80.70) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 06 Nov 2019 14:32:58 +0000 Received: by gitbox.apache.org (ASF Mail Server at gitbox.apache.org, from userid 33) id D34FF80620; Wed, 6 Nov 2019 14:32:58 +0000 (UTC) Date: Wed, 06 Nov 2019 14:33:06 +0000 To: "commits@directory.apache.org" Subject: [directory-server] 08/09: Remove the credentials from the toString() method (security breach) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit From: elecharny@apache.org In-Reply-To: <157305077858.14144.8253923289078448818@gitbox.apache.org> References: <157305077858.14144.8253923289078448818@gitbox.apache.org> X-Git-Host: gitbox.apache.org X-Git-Repo: directory-server X-Git-Refname: refs/heads/master X-Git-Reftype: branch X-Git-Rev: b459d853750e3b8ddd15b97811439e650cadf208 X-Git-NotificationType: diff X-Git-Multimail-Version: 1.5.dev Auto-Submitted: auto-generated Message-Id: <20191106143258.D34FF80620@gitbox.apache.org> This is an automated email from the ASF dual-hosted git repository. elecharny pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/directory-server.git commit b459d853750e3b8ddd15b97811439e650cadf208 Author: emmanuel lecharny AuthorDate: Wed Nov 6 15:32:01 2019 +0100 Remove the credentials from the toString() method (security breach) --- .../server/core/api/interceptor/context/BindOperationContext.java | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/core-api/src/main/java/org/apache/directory/server/core/api/interceptor/context/BindOperationContext.java b/core-api/src/main/java/org/apache/directory/server/core/api/interceptor/context/BindOperationContext.java index 52eb221..918ae48 100644 --- a/core-api/src/main/java/org/apache/directory/server/core/api/interceptor/context/BindOperationContext.java +++ b/core-api/src/main/java/org/apache/directory/server/core/api/interceptor/context/BindOperationContext.java @@ -199,8 +199,7 @@ public class BindOperationContext extends AbstractOperationContext @Override public String toString() { - return "BindContext for Dn '" + getDn().getName() + "', credentials <" - + ( credentials != null ? Strings.dumpBytes( credentials ) : "" ) + ">" + return "BindContext for Dn '" + getDn().getName() + ( saslMechanism != null ? ", saslMechanism : <" + saslMechanism + ">" : "" ) + ( saslAuthId != null ? ", saslAuthId <" + saslAuthId + ">" : "" ); }