From df5293373d49c3a875d6fba3fec44babfff7b4f6 Mon Sep 17 00:00:00 2001
From: Noriko Hosoi <nhosoi@totoro.usersys.redhat.com>
Date: Jun 20 2012 16:53:52 +0000
Subject: audit log does not log unhashed password: enabled, by default.


---

diff --git a/ldap/servers/slapd/auditlog.c b/ldap/servers/slapd/auditlog.c
index 81afe3e..f6afd10 100644
--- a/ldap/servers/slapd/auditlog.c
+++ b/ldap/servers/slapd/auditlog.c
@@ -55,7 +55,7 @@ char	*attr_changetype	= ATTR_CHANGETYPE;
 char	*attr_newrdn		= ATTR_NEWRDN;
 char	*attr_deleteoldrdn	= ATTR_DELETEOLDRDN;
 char	*attr_modifiersname = ATTR_MODIFIERSNAME;
-static int hide_unhashed_pw = 0;
+static int hide_unhashed_pw = 1;
 
 /* Forward Declarations */
 static void write_audit_file( int optype, const char *dn, void *change, int flag, time_t curtime );
diff --git a/ldap/servers/slapd/libglobs.c b/ldap/servers/slapd/libglobs.c
index 282fc0d..3226ede 100644
--- a/ldap/servers/slapd/libglobs.c
+++ b/ldap/servers/slapd/libglobs.c
@@ -1080,7 +1080,7 @@ FrontendConfig_init () {
   cfg->auditlog_minfreespace = 5;
   cfg->auditlog_exptime = 1;
   cfg->auditlog_exptimeunit = slapi_ch_strdup("month");
-  cfg->auditlog_logging_hide_unhashed_pw = LDAP_OFF;
+  cfg->auditlog_logging_hide_unhashed_pw = LDAP_ON;
 
   cfg->entryusn_global = LDAP_OFF; 
   cfg->entryusn_import_init = slapi_ch_strdup("0");