Home Explore Help
Register Sign In
Apq
/
389-ds-base
mirror of https://github.com/389ds/389-ds-base.git
1
0
Fork 0
Files Issues 0 Wiki
Browse Source

Ticket 365 - passwords in clear text in the audit log

Bug Description:  after changing a user password, an additional modify is added to the
                  mods: "unhashed#user#password: <clear text password>"

                  e.g.  PSEUDO_ATTR_UNHASHEDUSERPASSWORD

Fix Description:  Added new config param "nsslapd-audit-logging-hide-unhashed-pw".
                  The default is "off".  When "on" that single modify op is skipped from
                  the audit logging.

https://fedorahosted.org/389/ticket/365

Reviewed by: Noriko (Thanks!)
Mark Reynolds 13 years ago
parent
dc379838f8
commit
43fb648fd4
4 changed files with 41 additions and 0 deletions
Split View Show Diff Stats
  1. 17 0
      ldap/servers/slapd/auditlog.c
  2. 19 0
      ldap/servers/slapd/libglobs.c
  3. 3 0
      ldap/servers/slapd/proto-slap.h
  4. 2 0
      ldap/servers/slapd/slap.h

+ 17 - 0
ldap/servers/slapd/auditlog.c
View File 

@@ -55,6 +55,7 @@ char	*attr_changetype	= ATTR_CHANGETYPE;
 
 char	*attr_newrdn		= ATTR_NEWRDN;
 
 char	*attr_deleteoldrdn	= ATTR_DELETEOLDRDN;
 
 char	*attr_modifiersname = ATTR_MODIFIERSNAME;
 
+static int hide_unhashed_pw = 0;
 
 
 /* Forward Declarations */
 
 static void write_audit_file( int optype, const char *dn, void *change, int flag, time_t curtime );
 
@@ -152,6 +153,10 @@ write_audit_file(
 
     	for ( j = 0; mods[j] != NULL; j++ )
 
 		{
 
 			int operationtype= mods[j]->mod_op & ~LDAP_MOD_BVALUES;
 
+
 
+			if((strcmp(mods[j]->mod_type, PSEUDO_ATTR_UNHASHEDUSERPASSWORD) == 0) && hide_unhashed_pw){
 
+				continue;
 
+			}
 
     	    switch ( operationtype )
 
 			{
 
     	    case LDAP_MOD_ADD:
 
@@ -246,3 +251,15 @@ write_audit_file(
 
 
     lenstr_free( &l );
 
 }
 
+
 
+void
 
+auditlog_hide_unhashed_pw()
 
+{
 
+	hide_unhashed_pw = 1;
 
+}
 
+
 
+void
 
+auditlog_expose_unhashed_pw()
 
+{
 
+	hide_unhashed_pw = 0;
 
+}

+ 19 - 0
ldap/servers/slapd/libglobs.c
View File 

@@ -459,6 +459,9 @@ static struct config_get_and_set {
 
 	{CONFIG_AUDITLOG_LOGGING_ENABLED_ATTRIBUTE, NULL,
 
 		log_set_logging, SLAPD_AUDIT_LOG,
 
 		(void**)&global_slapdFrontendConfig.auditlog_logging_enabled, CONFIG_ON_OFF, NULL},
 
+	{CONFIG_AUDITLOG_LOGGING_HIDE_UNHASHED_PW, config_set_auditlog_unhashed_pw,
 
+		NULL, 0,
 
+		(void**)&global_slapdFrontendConfig.auditlog_logging_hide_unhashed_pw, CONFIG_ON_OFF, NULL},
 
 	{CONFIG_ACCESSLOG_BUFFERING_ATTRIBUTE, config_set_accesslogbuffering,
 
 		NULL, 0,
 
 		(void**)&global_slapdFrontendConfig.accesslogbuffering, CONFIG_ON_OFF, NULL},
 
@@ -1072,6 +1075,7 @@ FrontendConfig_init () {
 
   cfg->auditlog_minfreespace = 5;
 
   cfg->auditlog_exptime = 1;
 
   cfg->auditlog_exptimeunit = slapi_ch_strdup("month");
 
+  cfg->auditlog_logging_hide_unhashed_pw = LDAP_OFF;
 
 
   cfg->entryusn_global = LDAP_OFF; 
   cfg->entryusn_import_init = slapi_ch_strdup("0"); 
@@ -1171,6 +1175,21 @@ get_entry_point( int ep_name, caddr_t *ep_addr )
 
     return rc;
 
 }
 
 
+int
 
+config_set_auditlog_unhashed_pw(const char *attrname, char *value, char *errorbuf, int apply)
 
+{
 
+	slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig();
 
+	int retVal = LDAP_SUCCESS;
 
+
 
+	retVal = config_set_onoff ( attrname, value, &(slapdFrontendConfig->auditlog_logging_hide_unhashed_pw),
 
+								errorbuf, apply);
 
+	if(strcasecmp(value,"on") == 0){
 
+		auditlog_hide_unhashed_pw();
 
+	} else {
 
+		auditlog_expose_unhashed_pw();
 
+	}
 
+	return retVal;
 
+}
 
 
 /*
 
  * Utility function called by many of the config_set_XXX() functions.

+ 3 - 0
ldap/servers/slapd/proto-slap.h
View File 

@@ -387,6 +387,7 @@ int config_set_disk_threshold( const char *attrname, char *value, char *errorbuf
 
 int config_set_disk_grace_period( const char *attrname, char *value, char *errorbuf, int apply );
 
 int config_set_disk_preserve_logging( const char *attrname, char *value, char *errorbuf, int apply );
 
 int config_set_disk_logging_critical( const char *attrname, char *value, char *errorbuf, int apply );
 
+int config_set_auditlog_unhashed_pw(const char *attrname, char *value, char *errorbuf, int apply);
 
 
 #if !defined(_WIN32) && !defined(AIX)
 
 int config_set_maxdescriptors( const char *attrname, char *value, char *errorbuf, int apply );
 
@@ -1190,6 +1191,8 @@ void factory_destroy_extension(int type,void *object,void *parent,void **extensi
 
  */
 
 
 void write_audit_log_entry( Slapi_PBlock *pb);
 
+void auditlog_hide_unhashed_pw();
 
+void auditlog_expose_unhashed_pw();
 
 
 /*
 
  * eventq.c

+ 2 - 0
ldap/servers/slapd/slap.h
View File 

@@ -1874,6 +1874,7 @@ typedef struct _slapdEntryPoints {
 
 #define CONFIG_ACCESSLOG_LOGGING_ENABLED_ATTRIBUTE "nsslapd-accesslog-logging-enabled"
 
 #define CONFIG_ERRORLOG_LOGGING_ENABLED_ATTRIBUTE "nsslapd-errorlog-logging-enabled"
 
 #define CONFIG_AUDITLOG_LOGGING_ENABLED_ATTRIBUTE "nsslapd-auditlog-logging-enabled"
 
+#define CONFIG_AUDITLOG_LOGGING_HIDE_UNHASHED_PW "nsslapd-auditlog-logging-hide-unhashed-pw"
 
 #define CONFIG_ROOTDN_ATTRIBUTE "nsslapd-rootdn"
 
 #define CONFIG_ROOTPW_ATTRIBUTE "nsslapd-rootpw"
 
 #define CONFIG_ROOTPWSTORAGESCHEME_ATTRIBUTE "nsslapd-rootpwstoragescheme"
 
@@ -2163,6 +2164,7 @@ typedef struct _slapdFrontendConfig {
 
   int  auditlog_minfreespace;
 
   int  auditlog_exptime;
 
   char *auditlog_exptimeunit;
 
+  int  auditlog_logging_hide_unhashed_pw;
 
 
   int return_exact_case;	/* Return attribute names with the same case 
 				 * as they appear in at.conf */