1. 08 Aug, 2016 2 commits
    • Aaron Wells's avatar
      Bug 1570221 Don't print parameter values to logs when in production mode · 9a297249
      Aaron Wells authored
      The best way to prevent sensitive data from being printed to the logs
      is to avoid printing the value of *any* parameter. For instance, a
      password parameter may have an unusual name, or it may be passed
      through a general-purpose function like "strlen()".
      Since parameter values are useful for debugging, we can still print
      them when not in production mode (although with known password
      params still scrubbed out).
      Note this patch both scrubs likely password params, and hides their
      scrubbed value. That's mostly because I'm lazy, but it also obscures
      the password's actual length.
      Change-Id: I4a1ab4c89a169c6b29a7b63384c2412cee761ab7
      behatnotneeded: Can't test with behat
    • Robert Lyon's avatar
  2. 06 Aug, 2016 1 commit
  3. 04 Aug, 2016 11 commits
  4. 03 Aug, 2016 3 commits
  5. 02 Aug, 2016 1 commit
  6. 01 Aug, 2016 20 commits
  7. 29 Jul, 2016 1 commit
    • Ghada El-Zoghbi's avatar
      bug#1607669: Validate the results of ldap_search() and ldap_list() when syncing users. · 1daee33a
      Ghada El-Zoghbi authored
      When retrieving data from the LDAP server, check the results retrieved from
      ldap_search() and ldap_list(). If there is an error, do not continue.
      Otherwise, the sync_users() will assume that zero users were retrieved
      from LDAP. It will then deleted or suspended users when
      'If a user is no longer present in LDAP' is set to either suspend
      users or delete them.
      Change-Id: Ib57901c61f769d96720cf932d2e0d7f643853a56
  8. 28 Jul, 2016 1 commit