diff options
| -rw-r--r-- | MANIFEST | 1 | ||||
| -rw-r--r-- | lib/PublicInbox/NetReader.pm | 3 | ||||
| -rw-r--r-- | xt/lei-auth-fail.t | 20 |
3 files changed, 24 insertions, 0 deletions
@@ -466,6 +466,7 @@ xt/git_async_cmp.t xt/httpd-async-stream.t xt/imapd-mbsync-oimap.t xt/imapd-validate.t +xt/lei-auth-fail.t xt/lei-sigpipe.t xt/mem-imapd-tls.t xt/mem-msgview.t diff --git a/lib/PublicInbox/NetReader.pm b/lib/PublicInbox/NetReader.pm index ad8c18d0..61ea538b 100644 --- a/lib/PublicInbox/NetReader.pm +++ b/lib/PublicInbox/NetReader.pm @@ -89,6 +89,9 @@ sub mic_for { # mic = Mail::IMAPClient $self->{mic_arg}->{uri_section($uri)} = $mic_arg; } else { $err = "E: <$url> LOGIN: $@\n"; + if ($cred && defined($cred->{password})) { + $err =~ s/\Q$cred->{password}\E/*******/g; + } $mic = undef; } $cred->run($mic ? 'approve' : 'reject') if $cred; diff --git a/xt/lei-auth-fail.t b/xt/lei-auth-fail.t new file mode 100644 index 00000000..5308d0f9 --- /dev/null +++ b/xt/lei-auth-fail.t @@ -0,0 +1,20 @@ +#!perl -w +# Copyright (C) 2021 all contributors <meta@public-inbox.org> +# License: AGPL-3.0+ <https://www.gnu.org/licenses/agpl-3.0.txt> +use strict; use v5.10.1; use PublicInbox::TestCommon; + +# TODO: mock IMAP server which fails at authentication so we don't +# have to make external connections to test this: +my $imap_fail = $ENV{TEST_LEI_IMAP_FAIL_URL} // + 'imaps://AzureDiamond:Hunter2@public-inbox.org:994/INBOX'; +test_lei(sub { + ok(!lei(qw(convert -o mboxrd:/dev/stdout), $imap_fail), + 'IMAP auth failure on convert'); + like($lei_err, qr!\bE:.*?imaps://.*?!sm, 'error shown'); + unlike($lei_err, qr!Hunter2!s, 'password not shown'); + is($lei_out, '', 'nothing output'); + ok(!lei(qw(import), $imap_fail), 'IMAP auth failure on import'); + like($lei_err, qr!\bE:.*?imaps://.*?!sm, 'error shown'); + unlike($lei_err, qr!Hunter2!s, 'password not shown'); +}); +done_testing; |