On Wed, Oct 07, 2015 at 12:29:05PM +0200, Patrick Wagner wrote: > I've posted on the cyrus-sasl list and now created a new bug report [1] > for the issue, with the proposed patch by Viktor Dukhovni as a starting > point (after all, the other modules might need to be patched as well - > didn't check).
Thanks. It may be sensible to also ask the Cyrus developers to enforce the log_level limits *before* calling the application callback, so that the boiler-plate code provided by Alexey in his post would not need to be cargo-culted by every application that uses logging callbacks, and any sensitive password materiel is better protected from accidental logging. -- Viktor.