No matter how special this session key is, it's not worth a level 0.

Hide it behind a level 10, with #ifdef DEBUG_PASSWORD instead.

Andrew Bartlett
(This used to be commit 9d4e327850fb00083241f3e68f866590c44e1823)

diff --git a/source3/libads/kerberos_verify.c b/source3/libads/kerberos_verify.c
index a262e27526ac1d78039f73f71a7f7ee3c96124ef..65b557af574b30c1077027c15fb8aa3f69b1d29e 100644 (file)
--- a/source3/libads/kerberos_verify.c
+++ b/source3/libads/kerberos_verify.c
@@ -139,8 +139,10 @@ NTSTATUS ads_verify_ticket(ADS_STRUCT *ads, const DATA_BLOB *ticket,
        free(packet.data);
 
        get_krb5_smb_session_key(context, auth_context, session_key);
-       DEBUG(0,("SMB session key (from ticket) follows:\n"));
-       dump_data(0, session_key, 16);
+#ifdef DEBUG_PASSWORD
+       DEBUG(10,("SMB session key (from ticket) follows:\n"));
+       dump_data(10, session_key, 16);
+#endif
 
 #if 0
        file_save("/tmp/ticket.dat", ticket->data, ticket->length);