From 6bce748cc1d86df064d7a7677d9985c50bf2921b Mon Sep 17 00:00:00 2001
From: Moritz Bunkus <m.bunkus@linet-services.de>
Date: Fri, 15 Jun 2012 11:52:22 +0200
Subject: [PATCH] Admin-Passwort in Closure speichern, um versehentliche
 Ausgabe beim Dumpen zu vermeiden

---
 SL/Auth.pm | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/SL/Auth.pm b/SL/Auth.pm
index 9ed86d665..7df576b1f 100644
--- a/SL/Auth.pm
+++ b/SL/Auth.pm
@@ -102,6 +102,10 @@ sub _read_auth_config {
   my $self = shift;
 
   map { $self->{$_} = $::lx_office_conf{authentication}->{$_} } keys %{ $::lx_office_conf{authentication} };
+
+  # Prevent password leakage to log files when dumping Auth instances.
+  $self->{admin_password} = sub { $::lx_office_conf{authentication}->{admin_password} };
+
   $self->{DB_config}   = $::lx_office_conf{'authentication/database'};
   $self->{LDAP_config} = $::lx_office_conf{'authentication/ldap'};
 
@@ -143,7 +147,7 @@ sub authenticate_root {
   my ($self, $password) = @_;
 
   $password             = SL::Auth::Password->hash_if_unhashed(login => 'root', password => $password);
-  my $admin_password    = SL::Auth::Password->hash_if_unhashed(login => 'root', password => $self->{admin_password});
+  my $admin_password    = SL::Auth::Password->hash_if_unhashed(login => 'root', password => $self->{admin_password}->());
 
   $main::lxdebug->leave_sub();
 
-- 
2.20.1