mirror of
https://github.com/apache/cloudstack.git
synced 2025-10-26 08:42:29 +01:00
CLOUDSTACK-5942: The agent at places logs the password of the user. It should mask the
password from the message string before writing to the log. Made a change to do so.
This commit is contained in:
Devdeep Singh
parent
dad98ef4de
commit
aab881be21
@ -254,7 +254,7 @@ namespace HypervResource
|
||||
// Assert
|
||||
if (result.dataStore == null || (result.primaryDataStore == null && result.nfsDataStore == null))
|
||||
{
|
||||
String errMsg = "VolumeObjectTO missing dataStore in spec " + volumeObjectTOJson.ToString();
|
||||
String errMsg = "VolumeObjectTO missing dataStore in spec " + Utils.CleanString(volumeObjectTOJson.ToString());
|
||||
logger.Error(errMsg);
|
||||
throw new ArgumentNullException(errMsg);
|
||||
}
|
||||
@ -292,7 +292,7 @@ namespace HypervResource
|
||||
}
|
||||
else
|
||||
{
|
||||
String errMsg = "VolumeObjectTO missing dataStore in spec " + volInfo.ToString();
|
||||
String errMsg = "VolumeObjectTO missing dataStore in spec " + Utils.CleanString(volInfo.ToString());
|
||||
logger.Error(errMsg);
|
||||
throw new ArgumentNullException(errMsg);
|
||||
}
|
||||
|
||||
@ -207,7 +207,7 @@ namespace HypervResource
|
||||
{
|
||||
using (log4net.NDC.Push(Guid.NewGuid().ToString()))
|
||||
{
|
||||
logger.Info(CloudStackTypes.AttachCommand + cmd.ToString());
|
||||
logger.Info(CloudStackTypes.AttachCommand + Utils.CleanString(cmd.ToString()));
|
||||
|
||||
string details = null;
|
||||
bool result = false;
|
||||
@ -268,7 +268,7 @@ namespace HypervResource
|
||||
{
|
||||
using (log4net.NDC.Push(Guid.NewGuid().ToString()))
|
||||
{
|
||||
logger.Info(CloudStackTypes.DettachCommand + cmd.ToString());
|
||||
logger.Info(CloudStackTypes.DettachCommand + Utils.CleanString(cmd.ToString()));
|
||||
|
||||
string details = null;
|
||||
bool result = false;
|
||||
@ -485,7 +485,7 @@ namespace HypervResource
|
||||
{
|
||||
JObject ansObj = Utils.CreateCloudStackObject(ansType, ansContent);
|
||||
JArray answer = new JArray(ansObj);
|
||||
logger.Info(ansObj.ToString());
|
||||
logger.Info(Utils.CleanString(ansObj.ToString()));
|
||||
return answer;
|
||||
}
|
||||
|
||||
@ -496,7 +496,7 @@ namespace HypervResource
|
||||
{
|
||||
using (log4net.NDC.Push(Guid.NewGuid().ToString()))
|
||||
{
|
||||
logger.Info(CloudStackTypes.CreateCommand + cmd.ToString());
|
||||
logger.Info(CloudStackTypes.CreateCommand + Utils.CleanString(cmd.ToString()));
|
||||
|
||||
string details = null;
|
||||
bool result = false;
|
||||
@ -603,7 +603,7 @@ namespace HypervResource
|
||||
{
|
||||
using (log4net.NDC.Push(Guid.NewGuid().ToString()))
|
||||
{
|
||||
logger.Info(CloudStackTypes.PrimaryStorageDownloadCommand + cmd.ToString());
|
||||
logger.Info(CloudStackTypes.PrimaryStorageDownloadCommand + Utils.CleanString(cmd.ToString()));
|
||||
string details = null;
|
||||
bool result = false;
|
||||
long size = 0;
|
||||
@ -871,7 +871,7 @@ namespace HypervResource
|
||||
{
|
||||
using (log4net.NDC.Push(Guid.NewGuid().ToString()))
|
||||
{
|
||||
logger.Info(CloudStackTypes.CreateStoragePoolCommand + cmd.ToString());
|
||||
logger.Info(CloudStackTypes.CreateStoragePoolCommand + Utils.CleanString(cmd.ToString()));
|
||||
object ansContent = new
|
||||
{
|
||||
result = true,
|
||||
@ -889,7 +889,7 @@ namespace HypervResource
|
||||
{
|
||||
using (log4net.NDC.Push(Guid.NewGuid().ToString()))
|
||||
{
|
||||
logger.Info(CloudStackTypes.ModifyStoragePoolCommand + cmd.ToString());
|
||||
logger.Info(CloudStackTypes.ModifyStoragePoolCommand + Utils.CleanString(cmd.ToString()));
|
||||
string details = null;
|
||||
string localPath;
|
||||
StoragePoolType poolType;
|
||||
@ -1045,7 +1045,7 @@ namespace HypervResource
|
||||
{
|
||||
using (log4net.NDC.Push(Guid.NewGuid().ToString()))
|
||||
{
|
||||
logger.Info(CloudStackTypes.StartCommand + cmd.ToString()); // TODO: Security hole? VM data printed to log
|
||||
logger.Info(CloudStackTypes.StartCommand + Utils.CleanString(cmd.ToString()));
|
||||
string details = null;
|
||||
bool result = false;
|
||||
|
||||
@ -1144,7 +1144,7 @@ namespace HypervResource
|
||||
{
|
||||
using (log4net.NDC.Push(Guid.NewGuid().ToString()))
|
||||
{
|
||||
logger.Info(CloudStackTypes.CreateObjectCommand + cmd.ToString());
|
||||
logger.Info(CloudStackTypes.CreateObjectCommand + Utils.CleanString(cmd.ToString()));
|
||||
|
||||
bool result = false;
|
||||
string details = null;
|
||||
@ -1315,7 +1315,7 @@ namespace HypervResource
|
||||
using (log4net.NDC.Push(Guid.NewGuid().ToString()))
|
||||
{
|
||||
// Log command *after* we've removed security details from the command.
|
||||
logger.Info(CloudStackTypes.CopyCommand + cmd.ToString());
|
||||
logger.Info(CloudStackTypes.CopyCommand + Utils.CleanString(cmd.ToString()));
|
||||
|
||||
bool result = false;
|
||||
string details = null;
|
||||
@ -1691,7 +1691,7 @@ namespace HypervResource
|
||||
{
|
||||
using (log4net.NDC.Push(Guid.NewGuid().ToString()))
|
||||
{
|
||||
logger.Info(CloudStackTypes.GetStorageStatsCommand + cmd.ToString());
|
||||
logger.Info(CloudStackTypes.GetStorageStatsCommand + Utils.CleanString(cmd.ToString()));
|
||||
bool result = false;
|
||||
string details = null;
|
||||
long capacity = 0;
|
||||
|
||||
@ -164,6 +164,16 @@ namespace HypervResource
|
||||
capacity = totalNumberOfBytes > 0 ? (long)totalNumberOfBytes : 0;
|
||||
}
|
||||
|
||||
public static string CleanString(string stringToClean)
|
||||
{
|
||||
string cleanString = null;
|
||||
string regexQueryString = "(&|%26)?(password|accesskey|secretkey)(=|%3D).*?(?=(%26|[&'\"]))";
|
||||
string regexJson = "\"(password|accesskey|secretkey)\":\".*?\",?";
|
||||
cleanString = System.Text.RegularExpressions.Regex.Replace(stringToClean, regexQueryString, "");
|
||||
cleanString = System.Text.RegularExpressions.Regex.Replace(cleanString, regexJson, "");
|
||||
return cleanString;
|
||||
}
|
||||
|
||||
// from http://stackoverflow.com/a/2541569/939250
|
||||
#region imports
|
||||
[DllImport("advapi32.dll", SetLastError = true)]
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user