Add option to force hide sensitive info like user password in log file

[mremond]

Sensitive info are not log in production log level mode. However, when troubleshoot or on server with little traffic, some admins prefer getting more log.

Having the option to force hide sensitive info everywhere make sense.

This relates to #452.

[drdaeman]

This patch hides IP addresses (not a big deal for me) but doesn't hide authentication credentials, e.g. what issue title says. ;)

In debug logs one could still see lines like those:

[debug] <0.18075.2>@ejabberd_receiver:process_data:349 Received XML on stream = <<"<auth xmlns='urn:ietf:params:xml:ns:xmpp-sasl' mechanism='PLAIN'>ouch64</auth>">>
[debug] <0.12273.2>@extauth:loop:124 extauth call '[<<"auth">>,<<"romeo">>,<<"montague.lit">>,<<"ouch">>]' received data response: [0,1]

I know, it's not trivial to handle this in process_data/2, and debug logs aren't meant to be used in production environments, but sometimes it's necessary to enable those and see what's going on the wire.

Maybe this issue should be reopened?

[badlop]

Do you understand what you are asking? In those log lines, the function that printed them does not know what is printing, as it is raw data, uncategorised. The only solution to your query is to delete those DEBUG lines in the source code.

[drdaeman]

Sorry.

Sure, I do understand it's raw binary data, and that's why I said it's not trivial.

I just noticed that credentials are there, and found this issue (referred from https://www.ejabberd.im/node/24803) talking about passwords. Thought, if it exists, and specifically talks about passwords, I could raise a point that passwords are still logged.

I see two possible approaches here:

1. Possibly, make that raw XML output optional and controlled with an extra option. Most actually important packets are also logged by do_route anyway.
2. Possibly, behave differently if Data starts with "<auth" followed by a whitespace character and hide_sensitive_log_data option is set. I know, this is ugly.

Both aren't perfect, but could do the trick.

[lock]

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.