improve AuthToken display in P2P --debug

Using an empty string to obscure the AuthToken made it impossible to
tell if one was really being presented or not.

diff --git a/P2P/IO.hs b/P2P/IO.hs
index 956c4192c85b6487afc87441257d338ec23d9f91..83d0839a7a64d39285c1f808bd2b30c5aaae6d6a 100644 (file)
--- a/P2P/IO.hs
+++ b/P2P/IO.hs
@@ -349,7 +349,7 @@ debugMessage conn prefix m = do
                ]
   where
        safem = case m of
-               AUTH u _ -> AUTH u nullAuthToken
+               AUTH u _ -> AUTH u displayAuthToken
                _ -> m
        ConnIdent mident = connIdent conn
 

diff --git a/Utility/AuthToken.hs b/Utility/AuthToken.hs
index 116e361bbe41307438170de77d134f8f7c8ac4bf..0e3506c37c72b3fa6bfbc0c8dea64cdeb4ed01c3 100644 (file)
--- a/Utility/AuthToken.hs
+++ b/Utility/AuthToken.hs
@@ -1,6 +1,6 @@
 {- authentication tokens
  -
- - Copyright 2016 Joey Hess <id@joeyh.name>
+ - Copyright 2016-2025 Joey Hess <id@joeyh.name>
  -
  - License: BSD-2-clause
  -}
@@ -12,6 +12,7 @@ module Utility.AuthToken (
        toAuthToken,
        fromAuthToken,
        nullAuthToken,
+       displayAuthToken,
        genAuthToken,
        AllowedAuthTokens,
        allowedAuthTokens,
@@ -69,6 +70,10 @@ toAuthToken t
 nullAuthToken :: AuthToken
 nullAuthToken = AuthToken $ secureMemFromByteString $ TE.encodeUtf8 T.empty
 
+-- | Display in place of a real AuthToken in protocol dumps.
+displayAuthToken :: AuthToken
+displayAuthToken = AuthToken $ secureMemFromByteString $ TE.encodeUtf8 $ T.pack "<AUTHTOKEN>"
+
 -- | Generates an AuthToken of a specified length. This is done by
 -- generating a random bytestring, hashing it with sha2 512, and truncating
 -- to the specified length.