From cf33650eb354795b7a5a19bf356f563908075cca Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Peter=20M=C3=BCller?= <peter.mueller@ipfire.org>
Date: Sat, 11 Apr 2020 12:20:01 +0200
Subject: [PATCH] Pakfire: do not leak upstream proxy password in log messages
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
---
 src/pakfire/lib/functions.pl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/pakfire/lib/functions.pl b/src/pakfire/lib/functions.pl
index 17a420c33..4d5c6219a 100644
--- a/src/pakfire/lib/functions.pl
+++ b/src/pakfire/lib/functions.pl
@@ -162,7 +162,7 @@ sub fetchfile {
 			logger("DOWNLOAD INFO: Upstream proxy: \"$proxysettings{'UPSTREAM_PROXY'}\"");
 			if ($proxysettings{'UPSTREAM_USER'}) {
 				$ua->proxy(["http", "https"], "http://$proxysettings{'UPSTREAM_USER'}:$proxysettings{'UPSTREAM_PASSWORD'}@"."$proxysettings{'UPSTREAM_PROXY'}/");
-				logger("DOWNLOAD INFO: Logging in with: \"$proxysettings{'UPSTREAM_USER'}\" - \"$proxysettings{'UPSTREAM_PASSWORD'}\"");
+				logger("DOWNLOAD INFO: Logging in with \"$proxysettings{'UPSTREAM_USER'}\" against \"$proxysettings{'UPSTREAM_PROXY'}\"");
 			} else {
 				$ua->proxy(["http", "https"], "http://$proxysettings{'UPSTREAM_PROXY'}/");
 			}