From 5436878e888318dffb1cd01b9e8701c7f0890cf4 Mon Sep 17 00:00:00 2001
From: Daan Hoogland <daan@onecht.net>
Date: Tue, 25 Feb 2014 22:49:41 +0100
Subject: [PATCH] CLOUDSTACK-6163 obfuscation of passwords in log

---
 .../com/cloud/agent/transport/Request.java    | 28 ++++++++++++++++++-
 1 file changed, 27 insertions(+), 1 deletion(-)

diff --git a/core/src/com/cloud/agent/transport/Request.java b/core/src/com/cloud/agent/transport/Request.java
index b0fa4cc2960..a25f6abacbf 100755
--- a/core/src/com/cloud/agent/transport/Request.java
+++ b/core/src/com/cloud/agent/transport/Request.java
@@ -23,6 +23,7 @@ import java.io.StringReader;
 import java.lang.reflect.Type;
 import java.nio.ByteBuffer;
 import java.util.ArrayList;
+import java.util.Collections;
 import java.util.Iterator;
 import java.util.List;
 import java.util.zip.GZIPInputStream;
@@ -38,6 +39,7 @@ import com.cloud.exception.UnsupportedVersionException;
 import com.cloud.serializer.GsonHelper;
 import com.cloud.utils.NumbersUtil;
 import com.cloud.utils.Pair;
+import com.cloud.utils.StringUtils;
 import com.cloud.utils.exception.CloudRuntimeException;
 import com.google.gson.Gson;
 import com.google.gson.JsonArray;
@@ -424,11 +426,35 @@ public class Request {
         buf.append(", MgmtId: ").append(_mgmtId).append(", via: ").append(_via);
         buf.append(", Ver: ").append(_ver.toString());
         buf.append(", Flags: ").append(Integer.toBinaryString(getFlags())).append(", ");
-        buf.append(content);
+        String cleanContent = content.toString();
+        if(cleanContent.contains("password")) {
+            buf.append(cleanPassword(cleanContent));
+        } else {
+            buf.append(content);
+        }
         buf.append(" }");
         return buf.toString();
     }
 
+    public static String cleanPassword(String logString) {
+        String cleanLogString = null;
+        if (logString != null) {
+            cleanLogString = logString;
+            String[] temp = logString.split(",");
+            int i = 0;
+            if (temp != null) {
+                while (i < temp.length) {
+                    temp[i] = StringUtils.cleanString(temp[i]);
+                    i++;
+                }
+                List<String> stringList = new ArrayList<String>();
+                Collections.addAll(stringList, temp);
+                cleanLogString = StringUtils.join(stringList, ",");
+            }
+        }
+        return cleanLogString;
+    }
+
     /**
      * Factory method for Request and Response. It expects the bytes to be
      * correctly formed so it's possible that it throws underflow exceptions