projects / exim.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Avoid exposing passwords in log, on failing ldap lookup expansion. Bug 165
[exim.git] / src / src / deliver.c
diff --git a/src/src/deliver.c b/src/src/deliver.c
index c6de1b901f81ae85db9adff8e11dbdf0a1bf6e22..743fc83e81d8ea3a97b79774614c1155516a67c3 100644 (file)
--- a/src/src/deliver.c
+++ b/src/src/deliver.c
@@ -1076,23 +1076,9 @@ malformed, it won't ever have gone near LDAP.) */
 if (addr->message)
   {
   const uschar * s = string_printing(addr->message);
-  if (s != addr->message)
-    addr->message = US s;
-    /* deconst cast ok as string_printing known to have alloc'n'copied */
-  if (  (  Ustrstr(s, "failed to expand") != NULL
-       || Ustrstr(s, "expansion of ")    != NULL
-       )
-     && (  Ustrstr(s, "mysql")   != NULL
-        || Ustrstr(s, "pgsql")   != NULL
-       || Ustrstr(s, "redis")   != NULL
-       || Ustrstr(s, "sqlite")  != NULL
-       || Ustrstr(s, "ldap:")   != NULL
-       || Ustrstr(s, "ldaps:")  != NULL
-       || Ustrstr(s, "ldapi:")  != NULL
-       || Ustrstr(s, "ldapdn:") != NULL
-       || Ustrstr(s, "ldapm:")  != NULL
-     )  )
-    addr->message = US"Temporary internal error";
+
+  /* deconst cast ok as string_printing known to have alloc'n'copied */
+  addr->message = expand_hide_passwords(US s);
   }
 
 /* If we used a transport that has one of the "return_output" options set, and
Unnamed repository; edit this file 'description' to name the repository.