Obfuscate credentials in shovel worker states to avoid plaintext pass… #3476
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
…words being logged on crashes
When a shovel is configured incorrectly (either with incorrect username/password, or the targeted broker is down or unreachable), rabbit_shovel_worker crashes with its full state including URIs with plain text passwords being logged in the crash log, and sometimes also in the default log.
The issue was reported in the past: #2709
Proposed Changes
The following change is an implementation to avoid plain text passwords being logged with the shovel workers' states upon crashing. Specifically, the change is to only store obfuscated URIs in the shovel workers' states and deobfuscate them when accessed. As a result, when shovel workers crash, the passwords will not be logged in plain text. The error logs from the shovel plugin will tell users what went wrong.
For example, when the targeted broker's DNS is not correct, the error message in default log indicates what the problem is:
The crash log will not show the password in plain text:
Types of Changes
What types of changes does your code introduce to this project?
Put an
x
in the boxes that applyChecklist
Put an
x
in the boxes that apply.You can also fill these out after creating the PR.
If you're unsure about any of them, don't hesitate to ask on the mailing list.
We're here to help!
This is simply a reminder of what we are going to look for before merging your code.
CONTRIBUTING.md
documentFurther Comments
If this is a relatively large or complex change, kick off the discussion by explaining why you chose the solution you did and what alternatives you considered, etc.