CLOUDSTACK-6163 obfuscation of passwords in log

2014-02-25 22:49:41 +01:00 · 2014-02-25 22:49:41 +01:00 · 5436878e88
parent bb01aad377
commit 5436878e88
1 changed files with 27 additions and 1 deletions
--- a/core/src/com/cloud/agent/transport/Request.java
+++ b/core/src/com/cloud/agent/transport/Request.java
@ -23,6 +23,7 @@ import java.io.StringReader;
 import java.lang.reflect.Type;
 import java.nio.ByteBuffer;
 import java.util.ArrayList;
+import java.util.Collections;
 import java.util.Iterator;
 import java.util.List;
 import java.util.zip.GZIPInputStream;
@ -38,6 +39,7 @@ import com.cloud.exception.UnsupportedVersionException;
 import com.cloud.serializer.GsonHelper;
 import com.cloud.utils.NumbersUtil;
 import com.cloud.utils.Pair;
+import com.cloud.utils.StringUtils;
 import com.cloud.utils.exception.CloudRuntimeException;
 import com.google.gson.Gson;
 import com.google.gson.JsonArray;
@ -424,11 +426,35 @@ public class Request {
        buf.append(", MgmtId: ").append(_mgmtId).append(", via: ").append(_via);
        buf.append(", Ver: ").append(_ver.toString());
        buf.append(", Flags: ").append(Integer.toBinaryString(getFlags())).append(", ");
-        buf.append(content);
+        String cleanContent = content.toString();
+        if(cleanContent.contains("password")) {
+            buf.append(cleanPassword(cleanContent));
+        } else {
+            buf.append(content);
+        }
        buf.append(" }");
        return buf.toString();
    }

+    public static String cleanPassword(String logString) {
+        String cleanLogString = null;
+        if (logString != null) {
+            cleanLogString = logString;
+            String[] temp = logString.split(",");
+            int i = 0;
+            if (temp != null) {
+                while (i < temp.length) {
+                    temp[i] = StringUtils.cleanString(temp[i]);
+                    i++;
+                }
+                List<String> stringList = new ArrayList<String>();
+                Collections.addAll(stringList, temp);
+                cleanLogString = StringUtils.join(stringList, ",");
+            }
+        }
+        return cleanLogString;
+    }
+
    /**
     * Factory method for Request and Response. It expects the bytes to be
     * correctly formed so it's possible that it throws underflow exceptions