Bug 489063 - Smart card formatting/enrollment spits user password to the debug log
Smart card formatting/enrollment spits user password to the debug log
Status: CLOSED ERRATA
Product: Dogtag Certificate System
Classification: Community
Component: TPS (Show other bugs)
1.1
All Linux
urgent Severity medium
: ---
: ---
Assigned To: Matthew Harmsen
Chandrasekar Kannan
:
Depends On:
Blocks: 443788
  Show dependency treegraph
 
Reported: 2009-03-06 19:37 EST by Asha Akkiangady
Modified: 2015-01-04 18:37 EST (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2009-07-22 19:32:56 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
TPS diffs (799 bytes, patch)
2009-04-17 14:53 EDT, Matthew Harmsen
no flags Details | Diff
TPS spec file diffs (986 bytes, patch)
2009-04-17 14:54 EDT, Matthew Harmsen
no flags Details | Diff

  None (edit)
Description Asha Akkiangady 2009-03-06 19:37:21 EST
Description of problem:
During smart card formatting/enrollment it spits user password to the tps-debug.log

Version-Release number of selected component (if applicable):
8.0

How reproducible:


Steps to Reproduce:
1.Enroll a smart card
2.
3.
  
Actual results:
tps-debug.log has user's password.

Expected results:
Code should not spit password to the log file.

Additional info:
Comment 2 Matthew Harmsen 2009-04-17 14:53:21 EDT
Created attachment 340069 [details]
TPS diffs
Comment 3 Matthew Harmsen 2009-04-17 14:54:05 EDT
Created attachment 340070 [details]
TPS spec file diffs
Comment 4 Jack Magne 2009-04-17 16:30:12 EDT
Attachments (id=340069) (id=340070) +jmagne.
Comment 5 Matthew Harmsen 2009-04-17 16:34:42 EDT
cd pki/base/tps

% svn status | grep -v ^$ | grep -v ^P | grep -v ^X | grep -v ^?
M      src/authentication/LDAP_Authentication.cpp

% svn commit
Sending        tps/src/authentication/LDAP_Authentication.cpp
Transmitting file data .
Committed revision 395.

cd pki/dogtag/tps

% svn status | grep -v ^$ | grep -v ^P | grep -v ^X | grep -v ^?
M      pki-tps.spec

% svn commit
Sending        tps/pki-tps.spec
Transmitting file data .
Committed revision 396.
Comment 6 Asha Akkiangady 2009-05-29 18:02:09 EDT
Verified.

Passwords are not written to log file.

Tps debug log has this:

[2009-05-29 06:53:58] c9307a90 LDAP_Authentication::Authenticate - User bind required 'uid=TVradmin0, ou=Accounting, dc=dot.test,dc=redhat,dc=com' '(sensitive)'

Note You need to log in before you can comment on or make changes to this bug.