Password obfuscation done right (closes: #147)

2025-07-10 16:22:33 +03:00 · 2007-02-11 08:11:22 +00:00 · 2007-02-11 08:11:22 +00:00 · 09c866221c
commit 09c866221c
parent 3a94e747d7
2 changed files with 21 additions and 10 deletions
--- a/5
+++ b/5
@ -1,3 +1,8 @@
 2007-02-11  Federico Di Gregorio  <fog@initd.org>
 	* psycopg/connection_type.c: now the password is obfuscated after we try
 	to connect to the backend. This really fixes #147.
 2007-01-20  Federico Di Gregorio  <fog@initd.org>
 	* Release 2.0.6b1.
--- a/psycopg/connection_type.c
+++ b/psycopg/connection_type.c
@ -287,6 +287,7 @@ static int
 connection_setup(connectionObject *self, char *dsn)
 {
    char *pos;
    int res;
    Dprintf("connection_setup: init connection object at %p, refcnt = %d",
            self, ((PyObject *)self)->ob_refcnt);
@ -301,22 +302,27 @@ connection_setup(connectionObject *self, char *dsn)
    self->pgconn = NULL;
    self->mark = 0;
    pthread_mutex_init(&(self->lock), NULL);
    if (conn_connect(self) != 0) {
        Dprintf("connection_init: FAILED");
        res = -1;
    }
    else {
        Dprintf("connection_setup: good connection object at %p, refcnt = %d",
            self, ((PyObject *)self)->ob_refcnt);
        res = 0;
    }
    /* here we obfuscate the password even if there was a connection error */
    pos = strstr(self->dsn, "password");
    if (pos != NULL) {
        for (pos = pos+9 ; *pos != '\0' && *pos != ' '; pos++)
            *pos = 'x';
    }
-    pthread_mutex_init(&(self->lock), NULL);
+    return res;
    if (conn_connect(self) != 0) {
        Dprintf("connection_init: FAILED");
        return -1;
    }
    Dprintf("connection_setup: good connection object at %p, refcnt = %d",
            self, ((PyObject *)self)->ob_refcnt);
    return 0;
 }
 static void