Skip to content
Permalink
Browse files Browse the repository at this point in the history
Merge pull request #26486 from thusoy/git-confidential-auth
Git: Don't leak https user/pw to log
  • Loading branch information
basepi committed Aug 20, 2015
2 parents 679ba5e + 5289165 commit 28aa9b1
Show file tree
Hide file tree
Showing 2 changed files with 32 additions and 3 deletions.
17 changes: 14 additions & 3 deletions salt/modules/git.py
Expand Up @@ -6,6 +6,7 @@

# Import python libs
import os
import re
import subprocess

# Import salt libs
Expand Down Expand Up @@ -62,6 +63,7 @@ def _git_run(cmd, cwd=None, runas=None, identity=None, **kwargs):
result = __salt__['cmd.run_all'](cmd,
cwd=cwd,
runas=runas,
output_loglevel='quiet',
env=env,
python_shell=False,
**kwargs)
Expand All @@ -73,7 +75,8 @@ def _git_run(cmd, cwd=None, runas=None, identity=None, **kwargs):
if result['retcode'] == 0:
return result['stdout']
else:
stderrs.append(result['stderr'])
stderr = _remove_sensitive_data(result['stderr'])
stderrs.append(stderr)

# we've tried all IDs and still haven't passed, so error out
raise CommandExecutionError("\n\n".join(stderrs))
Expand All @@ -82,6 +85,7 @@ def _git_run(cmd, cwd=None, runas=None, identity=None, **kwargs):
result = __salt__['cmd.run_all'](cmd,
cwd=cwd,
runas=runas,
output_loglevel='quiet',
env=env,
python_shell=False,
**kwargs)
Expand All @@ -90,9 +94,16 @@ def _git_run(cmd, cwd=None, runas=None, identity=None, **kwargs):
if retcode == 0:
return result['stdout']
else:
stderr = _remove_sensitive_data(result['stderr'])
raise CommandExecutionError(
'Command {0!r} failed. Stderr: {1!r}'.format(cmd,
result['stderr']))
'Command {0!r} failed. Stderr: {1!r}'.format(cmd, stderr))


def _remove_sensitive_data(sensitive_output):
'''
Remove HTTP user and password.
'''
return re.sub('(https?)://.*@', r'\1://<redacted>@', sensitive_output)


def _git_getdir(cwd, user=None):
Expand Down
18 changes: 18 additions & 0 deletions tests/unit/modules/git_test.py
Expand Up @@ -37,6 +37,24 @@ def test_http_basic_authentication(self):
result = git._add_http_basic_auth(**kwargs)
self.assertEqual(result, expected)

def test_https_user_and_pw_is_confidential(self):
sensitive_outputs = (
'https://deadbeaf@example.com',
'https://user:pw@example.com',
)
sanitized = 'https://<redacted>@example.com'
for sensitive_output in sensitive_outputs:
result = git._remove_sensitive_data(sensitive_output)
self.assertEqual(result, sanitized)

def test_git_ssh_user_is_not_treated_as_sensitive(self):
not_sensitive_outputs = (
'ssh://user@example.com',
)
for not_sensitive_output in not_sensitive_outputs:
result = git._remove_sensitive_data(not_sensitive_output)
self.assertEqual(result, not_sensitive_output)


if __name__ == '__main__':
from integration import run_tests
Expand Down

0 comments on commit 28aa9b1

Please sign in to comment.