diff options
| author | Guilhem Moulin <guilhem@fripost.org> | 2019-11-06 02:55:18 +0100 |
|---|---|---|
| committer | Guilhem Moulin <guilhem@fripost.org> | 2019-11-06 03:21:13 +0100 |
| commit | 2f8350700091e766bdab24e7e8d8e051701da9e2 (patch) | |
| tree | 8016ba7ef9b1cd0ca01847d01c1e14870f27c62a /lib | |
| parent | 67e0d741f21bd589a2cbb4d23f07f5fb5eae889b (diff) | |
pullimap, interimap: redact AUTHENTICATE and LOGIN commands
In --debug mode in order to avoid inadvertently receiving credentials in
bug reports. --debug can be set twice to spell out these commands in
full.
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/Net/IMAP/InterIMAP.pm | 17 |
1 files changed, 15 insertions, 2 deletions
diff --git a/lib/Net/IMAP/InterIMAP.pm b/lib/Net/IMAP/InterIMAP.pm index aacc8e7..76135ea 100644 --- a/lib/Net/IMAP/InterIMAP.pm +++ b/lib/Net/IMAP/InterIMAP.pm @@ -436,8 +436,21 @@ sub new($%) { $self->fail("Unsupported authentication mechanism: $mech"); } + my $dbg; delete $self->{password}; # no need to remember passwords + if (($self->{debug} // 0) == 1) { + $dbg = $self->{debug}--; + my $cmd = $command =~ /\A(LOGIN) / ? $1 + : $command =~ /\A(AUTHENTICATE \S+)(?: .*)?\z/ ? $1 + : $self->panic(); + $self->logger('C: xxx ', $cmd, ' [REDACTED]'); + } $self->_send($command, $callback); + if (defined $dbg) { + $self->logger('S: xxx ', $IMAP_text); + $self->{debug} = $dbg; + } + unless ($IMAP_text =~ /\A\Q$IMAP_cond\E \[CAPABILITY /) { # refresh the CAPABILITY list since the previous one had only pre-login capabilities delete $self->{_CAPABILITIES}; @@ -1826,8 +1839,8 @@ sub _cmd_extend($$) { $self->_cmd_extend_($args); } else { - # server supports LITERAL+: flush the command before each - # literal + # server doesn't supports LITERAL+: flush the command before + # each literal my ($offset, $litlen) = (0, 0); while ( (my $idx = index($$args, "\n", $offset+$litlen)) >= 0 ) { my $line = substr($$args, $offset, $idx+1-$offset); |