aboutsummaryrefslogtreecommitdiffstats
path: root/lib
diff options
context:
space:
mode:
authorGuilhem Moulin <guilhem@fripost.org>2019-11-06 02:55:18 +0100
committerGuilhem Moulin <guilhem@fripost.org>2019-11-06 03:21:13 +0100
commit2f8350700091e766bdab24e7e8d8e051701da9e2 (patch)
tree8016ba7ef9b1cd0ca01847d01c1e14870f27c62a /lib
parent67e0d741f21bd589a2cbb4d23f07f5fb5eae889b (diff)
pullimap, interimap: redact AUTHENTICATE and LOGIN commands
In --debug mode in order to avoid inadvertently receiving credentials in bug reports. --debug can be set twice to spell out these commands in full.
Diffstat (limited to 'lib')
-rw-r--r--lib/Net/IMAP/InterIMAP.pm17
1 files changed, 15 insertions, 2 deletions
diff --git a/lib/Net/IMAP/InterIMAP.pm b/lib/Net/IMAP/InterIMAP.pm
index aacc8e7..76135ea 100644
--- a/lib/Net/IMAP/InterIMAP.pm
+++ b/lib/Net/IMAP/InterIMAP.pm
@@ -436,8 +436,21 @@ sub new($%) {
$self->fail("Unsupported authentication mechanism: $mech");
}
+ my $dbg;
delete $self->{password}; # no need to remember passwords
+ if (($self->{debug} // 0) == 1) {
+ $dbg = $self->{debug}--;
+ my $cmd = $command =~ /\A(LOGIN) / ? $1
+ : $command =~ /\A(AUTHENTICATE \S+)(?: .*)?\z/ ? $1
+ : $self->panic();
+ $self->logger('C: xxx ', $cmd, ' [REDACTED]');
+ }
$self->_send($command, $callback);
+ if (defined $dbg) {
+ $self->logger('S: xxx ', $IMAP_text);
+ $self->{debug} = $dbg;
+ }
+
unless ($IMAP_text =~ /\A\Q$IMAP_cond\E \[CAPABILITY /) {
# refresh the CAPABILITY list since the previous one had only pre-login capabilities
delete $self->{_CAPABILITIES};
@@ -1826,8 +1839,8 @@ sub _cmd_extend($$) {
$self->_cmd_extend_($args);
}
else {
- # server supports LITERAL+: flush the command before each
- # literal
+ # server doesn't supports LITERAL+: flush the command before
+ # each literal
my ($offset, $litlen) = (0, 0);
while ( (my $idx = index($$args, "\n", $offset+$litlen)) >= 0 ) {
my $line = substr($$args, $offset, $idx+1-$offset);