Merge pull request #12 from keeshux/omit-sensitive-push-reply

Omit sensitive data from PUSH_REPLY log
This commit is contained in:
Davide De Rosa 2018-09-02 12:51:11 +02:00 committed by GitHub
commit be97972f18
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 26 additions and 4 deletions

View File

@ -161,7 +161,7 @@ extension SessionProxy {
// XXX: parsing is very optimistic
struct PushReply: SessionReply {
struct PushReply: SessionReply, CustomStringConvertible {
private enum Topology: String {
case net30
@ -170,6 +170,8 @@ extension SessionProxy {
case subnet
}
private static let prefix = "PUSH_REPLY,"
private static let topologyRegexp = try! NSRegularExpression(pattern: "topology (net30|p2p|subnet)", options: [])
private static let ifconfigRegexp = try! NSRegularExpression(pattern: "ifconfig [\\d\\.]+ [\\d\\.]+", options: [])
@ -190,6 +192,8 @@ extension SessionProxy {
private static let cipherRegexp = try! NSRegularExpression(pattern: "cipher [^\\s]+", options: [])
private let original: String
let ipv4: IPv4Settings?
let ipv6: IPv6Settings?
@ -203,9 +207,11 @@ extension SessionProxy {
let cipher: SessionProxy.Cipher?
init?(message: String) throws {
guard message.hasPrefix("PUSH_REPLY") else {
guard message.hasPrefix(PushReply.prefix) else {
return nil
}
let prefixOffset = message.index(message.startIndex, offsetBy: PushReply.prefix.count)
original = String(message[prefixOffset..<message.endIndex])
var optTopologyArguments: [String]?
var optIfconfig4Arguments: [String]?
@ -380,6 +386,19 @@ extension SessionProxy {
self.peerId = peerId
self.cipher = cipher
}
// MARK: CustomStringConvertible
var description: String {
let stripped = NSMutableString(string: original)
PushReply.authTokenRegexp.replaceMatches(
in: stripped,
options: [],
range: NSMakeRange(0, stripped.length),
withTemplate: "auth-token"
)
return stripped as String
}
}
}

View File

@ -875,7 +875,9 @@ public class SessionProxy {
return
}
if CoreConfiguration.logsSensitiveData {
log.debug("Received control message: \"\(message)\"")
}
let reply: PushReply
do {
@ -883,6 +885,7 @@ public class SessionProxy {
return
}
reply = optionalReply
log.debug("Received PUSH_REPLY: \"\(reply)\"")
} catch let e {
deferStop(.shutdown, e)
return