Item10637: Implement an obfuscating logger

This implements http://foswiki.org/Development/SupportStrippingIPsFromLogfiles.

git-svn-id: http://svn.foswiki.org/branches/Release01x01@12651 0b4bb1d4-4e5a-0410-9cc4-b2b747904278

core/lib/Foswiki.spec

@@ -749,22 +749,34 @@ $Foswiki::cfg{AntiSpam}{RobotsAreWelcome} = $TRUE;
 # cycled once a month.
 $Foswiki::cfg{Log}{Dir} = '$Foswiki::cfg{WorkingDir}/logs';
 
-# **SELECTCLASS none,Foswiki::Logger::* **
+# **SELECTCLASS none,Foswiki::Logger::*,Foswiki::Logger::PlainFile::* **
 # Foswiki supports different implementations of log files. It can be
 # useful to be able to plug in a database implementation, for example,
 # for a large site, or even provide your own custom logger. Select the
 # implementation to be used here. Most sites should be OK with the
 # PlainFile logger, which automatically rotates the logs every month.<p />
+# The <tt>PlainFile::Obfuscating</tt> logger is identical to the <tt>PlainFile</tt>
+# logger except that IP addresses are either obfuscated by replacing the IP Address
+# with a MD5 Hash, or by completely masking it to x.x.x.x.  If your regulatory domain
+# prohibits tracking of IP Addresses, use the Obfuscating logger. Note that
+# Authentication Errors are never obfuscated.<p />
 # Note: the Foswiki 1.0 implementation of logfiles is still supported,
 # through use of the <tt>Foswiki::Logger::Compatibility</tt> logger.
 # Foswiki will automatically select the Compatibility logger if it detects
 # a setting for <tt>{WarningFileName}</tt> in your LocalSite.cfg.
-# You are recommended to change to the PlainFile logger at your earliest 
-# convenience by removing <tt>{WarningFileName}</tt>, 
+# You are recommended to change to the PlainFile logger at your earliest
+# convenience by removing <tt>{WarningFileName}</tt>,
 # <tt>{LogFileName}</tt> and <tt>{DebugFileName}</tt>
 # from LocalSite.cfg and re-running configure.
 $Foswiki::cfg{Log}{Implementation} = 'Foswiki::Logger::PlainFile';
 
+# **BOOLEAN EXPERT**
+# The Obfuscating logger can either replace IP addresses with a hashed address
+# that cannot be easily reversed to the original IP,  or the IP address can
+# be completely masked as <tt>x.x.x.x</tt>.  Enable this parameter to replace
+# The IP address with the literal string <tt>x.x.x.x</tt>.
+$Foswiki::cfg{Log}{Obfuscating}{MaskIP} = $FALSE;
+
 # **PERL EXPERT**
 # Whether or not to log different actions in the events log.
 # Information in the events log is used in gathering web statistics,

core/lib/Foswiki/Logger/PlainFile/Obfuscating.pm

@@ -0,0 +1,113 @@
+# See bottom of file for license and copyright information
+package Foswiki::Logger::PlainFile::Obfuscating;
+
+use strict;
+use warnings;
+use Assert;
+
+use Foswiki::Logger            ();
+use Foswiki::Logger::PlainFile ();
+use Foswiki::Configure::Load;
+use Digest::MD5 qw( md5_hex );
+
+our @ISA = ('Foswiki::Logger::PlainFile');
+
+=begin TML
+
+---+ package Foswiki::Logger::PlainFile
+
+Plain file implementation of the Foswiki Logger interface. Mostly
+compatible with TWiki (and Foswiki 1.0.0) log files, except that dates
+are recorded using ISO format, and include the time, and it dies when
+a log can't be written (rather than printing a warning).
+
+This logger implementation maps groups of levels to a single logfile, viz.
+   * =debug= messages are output to $Foswiki::cfg{Log}{Dir}/debug.log
+   * =info= messages are output to $Foswiki::cfg{Log}{Dir}/events.log
+   * =warning=, =error=, =critical=, =alert=, =emergency= messages are
+     output to $Foswiki::cfg{Log}{Dir}/error.log.
+   * =error=, =critical=, =alert=, and =emergency= messages are also
+     written to standard error (the webserver log file, usually)
+
+=cut
+
+sub new {
+    my $class = shift;
+    return bless( {}, $class );
+}
+
+=begin TML
+
+---++ ObjectMethod log($level, @fields)
+
+See Foswiki::Logger for the interface.
+
+=cut
+
+sub log {
+
+    #my ( $this, $level, @fields ) = @_;
+    my $this = shift;
+
+    #foreach my $field ( @_ )  {
+    #    print STDERR "field $field \n";
+    #    }
+
+    unless ( $_[4] =~ /^AUTHENTICATION FAILURE/ ) {
+
+        if ( $Foswiki::cfg{Log}{Obfuscating}{MaskIP} ) {
+            $_[5] = 'x.x.x.x';
+        }
+        else {
+            my $md5hex = md5_hex( $_[5] );
+            $_[5] =
+                hex( substr( $md5hex, 0, 2 ) ) . '.'
+              . hex( substr( $md5hex, 2, 2 ) ) . '.'
+              . hex( substr( $md5hex, 4, 2 ) ) . '.'
+              . hex( substr( $md5hex, 6, 2 ) );
+        }
+    }
+
+    $this->SUPER::log(@_);
+}
+
+=begin TML
+
+---++ StaticMethod eachEventSince($time, $level) -> $iterator
+
+See Foswiki::Logger for the interface.
+
+This logger implementation maps groups of levels to a single logfile, viz.
+   * =info= messages are output together.
+   * =warning=, =error=, =critical=, =alert=, =emergency= messages are
+     output together.
+This method cannot 
+
+=cut
+
+sub eachEventSince {
+
+    #my ( $this, $time, $level ) = @_;
+    my $this = shift;
+    $this->SUPER::eachEventSince(@_);
+}
+
+1;
+__END__
+Module of Foswiki - The Free and Open Source Wiki, http://foswiki.org/
+
+Copyright (C) 2008-2010 Foswiki Contributors. Foswiki Contributors
+are listed in the AUTHORS file in the root of this distribution.
+NOTE: Please extend that file, not this notice.
+
+This program is free software; you can redistribute it and/or
+modify it under the terms of the GNU General Public License
+as published by the Free Software Foundation; either version 2
+of the License, or (at your option) any later version. For
+more details read LICENSE in the root of this distribution.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+
+As per the GPL, removal of this notice is prohibited.