From c41089e005986269bd3141392d7c67e2ac3e2607 Mon Sep 17 00:00:00 2001
From: delvh <dev.lh@web.de>
Date: Sun, 29 Mar 2020 10:28:05 +0200
Subject: [PATCH] fixed security vulnerability (complete password hash is
 printed)

---
 src/main/java/envoy/data/LoginCredentials.java | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/main/java/envoy/data/LoginCredentials.java b/src/main/java/envoy/data/LoginCredentials.java
index 8007796..438dd15 100644
--- a/src/main/java/envoy/data/LoginCredentials.java
+++ b/src/main/java/envoy/data/LoginCredentials.java
@@ -54,8 +54,8 @@ public class LoginCredentials implements Serializable {
 	public String toString() {
 		try (Formatter form = new Formatter()) {
 			form.format("LoginCredentials[identifier=%s,passwordHash=", identifier);
-			for (byte element : passwordHash)
-				form.format("%02x", element);
+			for (int i = 0; i < 3; i++)
+				form.format("%02x", passwordHash[i]);
 			return form.format(",registration=%b]", registration).toString();
 		}
 	}