Merge pull request #1087 from qorelanguage/bugfix/1086_http_rest_pass…

…word_masking refs #1086 added logic to attempt to mask passwords in log messages i…
qorelanguage · Jul 20, 2016 · 67d5667 · 67d5667
2 parents a5b3b0e + 18e190a
commit 67d5667
Show file tree

Hide file tree

Showing 3 changed files with 24 additions and 5 deletions.
diff --git a/doxygen/lang/900_release_notes.dox.tmpl b/doxygen/lang/900_release_notes.dox.tmpl
@@ -62,8 +62,12 @@
     - fixed a bug causing @ref Qore::AbstractQuantifiedBidirectionalIterator "AbstractQuantifiedBidirectionalIterator" not being available (<a href="https://github.com/qorelanguage/qore/issues/968">issue 968</a>)
     - <a href="../../modules/CsvUtil/html/index.html">CsvUtil</a> module fixes:
       - fixed a bug in an error message validating input data (<a href="https://github.com/qorelanguage/qore/issues/1062">issue 1062</a>)
+    - <a href="../../modules/HttpServer/html/index.html">HttpServer</a> module fixes:
+      - added logic to attempt to mask passwords in log messages (<a href="https://github.com/qorelanguage/qore/issues/1086">issue 1086</a>)
     - <a href="../../modules/HttpServerUtil/html/index.html">HttpServerUtil</a> module fixes:
       - fixed a bug where the \a msg arg to \c AbstractAuthenticator::do401() was ignored (<a href="https://github.com/qorelanguage/qore/issues/1047">issue 1047</a>)
+    - <a href="../../modules/RestHandler/html/index.html">RestHandler</a> module fixes:
+      - added logic to attempt to mask passwords in debug log messages (<a href="https://github.com/qorelanguage/qore/issues/1086">issue 1086</a>)
     - <a href="../../modules/SqlUtil/html/index.html">SqlUtil</a> module fixes:
       - fixed a bug in update and upsert statement generation when the given data does not have enough columns to use the unique index found, an error message is generated that contains all the columns names instead of just the column names required by the index (<a href="https://github.com/qorelanguage/qore/issues/1013">issue 1013</a>)
     - <a href="../../modules/TableMapper/html/index.html">TableMapper</a> module fixes:

diff --git a/qlib/HttpServer.qm b/qlib/HttpServer.qm
@@ -114,6 +114,7 @@ log("started listener on %s", lh.desc);
 
     @subsection http0311 HttpServer 0.3.12
     - added a minimal substring of string bodies received to the log message when logging HTTP requests
+    - added logic to attempt to mask passwords in log messages (<a href="https://github.com/qorelanguage/qore/issues/1086">issue 1086</a>)
 
     @subsection http0311 HttpServer 0.3.11
     - fixed a bug setting the response encoding in @ref HttpServer::HttpServer::setReplyHeaders() where the Socket encoding was not set properly and therefore the encoding in the \c Content-Type in the response header did not necessarily match the encoding of the response
@@ -2188,10 +2189,14 @@ class HttpServer::HttpListener inherits Qore::Socket, HttpServer::HttpListenerIn
                     log("cid %d: RECV BODY: %y", cx.id, body);
 
                 {
+                    # attempt to mask any password in the URI path
+                    orig_path =~ s/(pass(?:word)?)=.*/$1=<masked>/g; #/;
                     string lstr = sprintf("cid %d src %y: %s %s HTTP/%s (agent: %y", cx.id, cx."peer-info".address_desc, hdr.method, orig_path, hdr.http_version, hdr."user-agent");
                     if (body) {
                         if (body.typeCode() == NT_STRING) {
                             string bstr = body.size() > BodyLogLimit ? body.substr(0, BodyLogLimit) + "..." : body;
+                            # attempt to mask any password
+                            bstr =~ s/(pass\w*[=:\s]*).*/$1<masked>.../; #/;
                             bstr = replace(bstr, "\n", "\\n");
                             bstr = replace(bstr, "\r", "\\r");
                             bstr = replace(bstr, "\t", "\\t");

diff --git a/qlib/RestHandler.qm b/qlib/RestHandler.qm
@@ -23,7 +23,7 @@
 */
 
 # minimum qore version
-%requires qore >= 0.8.12
+%requires qore >= 0.8.13
 
 # use new-style
 %new-style
@@ -51,7 +51,7 @@
 %endtry
 
 module RestHandler {
-    version = "1.1";
+    version = "1.2";
     desc = "user module for implementing REST services with the Qore HTTP server";
     author = "David Nichols <david@qore.org>";
     url = "http://qore.org";
@@ -301,6 +301,9 @@ Content-Length: 36
 
     @section resthandler_relnotes RestHandler Release Notes
 
+    @subsection rh_1_2 RestHandler v1.2
+    - added logic to attempt to mask passwords in debug log messages (<a href="https://github.com/qorelanguage/qore/issues/1086">issue 1086</a>)
+
     @subsection rh_1_1 RestHandler v1.1
     - added support for the HTTP \c OPTIONS method
     - return an error if an unsupported HTTP method is used in a REST call
@@ -604,7 +607,10 @@ public namespace RestHandler {
                 return cls.handleRequest(listener, rh, s, cl, mn, cx, args);
             }
 
-            rh.logDebug("REST DBG: class %y: dispatching method %y args: %y", name(), mn, args);
+            # try to mask passwords in args
+            string astr = sprintf("%y", args);
+            astr =~ s/(pass\w*[=:\s]*).*/$1<masked>.../; #/;
+            rh.logDebug("REST DBG: class %y: dispatching method %y args: %s", name(), mn, astr);
             return dispatchStream(listener, rh, s, mn, args, cx);
         }
 
@@ -810,8 +816,12 @@ public namespace RestHandler {
         hash handleRequest(HttpListenerInterface listener, Socket s, hash cx, hash hdr, *data b) {
             #logDebug("REST DBG: cx: %N", cx);
             #logDebug("REST DBG: hdr: %N", hdr);
-            if (b)
-                logDebug("REST DBG: body: %s", b.typeCode() == NT_STRING ? trim(b) : sprintf("%y", b));
+            if (b) {
+                string bstr = b.typeCode() == NT_STRING ? trim(b) : sprintf("%y", b);
+                # try to mask passwords in the message body
+                bstr =~ s/(pass\w*[=:\s]*).*/$1<masked>.../; #/;
+                logDebug("REST DBG: body: %s", bstr);
+            }
 
             any body = b;