Merge pull request #9676 from bmaxwell/WFLY-8161

[WFLY-8161] use JDR Santizer to obsecure system property passwords an…
wildfly · Feb 20, 2017 · 9bcdf58 · 9bcdf58
2 parents 8aacf6c + c887c5f
commit 9bcdf58
Show file tree

Hide file tree

Showing 3 changed files with 49 additions and 12 deletions.
diff --git a/jdr/jboss-as-jdr/src/main/java/org/jboss/as/jdr/commands/SystemProperties.java b/jdr/jboss-as-jdr/src/main/java/org/jboss/as/jdr/commands/SystemProperties.java
@@ -21,20 +21,33 @@
  */
 package org.jboss.as.jdr.commands;
 
+import java.io.ByteArrayInputStream;
+import java.io.InputStream;
 import java.io.PrintWriter;
 import java.io.StringWriter;
-
+import java.nio.charset.StandardCharsets;
 import java.util.Enumeration;
+import java.util.LinkedList;
 import java.util.Properties;
 
+import org.jboss.as.jdr.util.Sanitizer;
+import org.jboss.as.jdr.util.Utils;
+
 /**
  * Add the JVM System properties to the JDR report
  *
  * @author Brad Maxwell
  */
 public class SystemProperties extends JdrCommand {
 
-    private static String REDACTED = "<Redacted>";
+    private LinkedList<Sanitizer> sanitizers = new LinkedList<Sanitizer>();
+
+    public SystemProperties sanitizer(Sanitizer ... sanitizers) {
+        for (Sanitizer s : sanitizers) {
+            this.sanitizers.add(s);
+        }
+        return this;
+    }
 
     @Override
     public void execute() throws Exception {
@@ -43,16 +56,20 @@ public void execute() throws Exception {
 
         StringWriter stringWriter = new StringWriter();
         PrintWriter printWriter = new PrintWriter(stringWriter);
-
         Properties properties = System.getProperties();
+
         Enumeration<?> names = properties.propertyNames();
         while(names.hasMoreElements()) {
             String name = (String) names.nextElement();
-            if(name.matches(".*password.*")) {
-                properties.setProperty(name, REDACTED);
-            }
             printWriter.println(name + "=" + properties.getProperty(name));
         }
-        this.env.getZip().add(stringWriter.toString(), "system-properties.txt");
+        InputStream stream = new ByteArrayInputStream(stringWriter.toString().getBytes(StandardCharsets.UTF_8));
+
+        for (Sanitizer sanitizer : this.sanitizers) {
+            stream = sanitizer.sanitize(stream);
+        }
+
+        this.env.getZip().addAsString(stream, "system-properties.txt");
+        Utils.safelyClose(stream);
     }
-}
+}
diff --git a/jdr/jboss-as-jdr/src/main/java/org/jboss/as/jdr/plugins/AS7Plugin.java b/jdr/jboss-as-jdr/src/main/java/org/jboss/as/jdr/plugins/AS7Plugin.java
@@ -22,6 +22,9 @@
 
 package org.jboss.as.jdr.plugins;
 
+import java.util.Arrays;
+import java.util.List;
+
 import org.jboss.as.jdr.commands.CallAS7;
 import org.jboss.as.jdr.commands.CollectFiles;
 import org.jboss.as.jdr.commands.DeploymentDependencies;
@@ -34,9 +37,6 @@
 import org.jboss.as.jdr.util.Sanitizers;
 import org.jboss.as.jdr.util.Utils;
 
-import java.util.Arrays;
-import java.util.List;
-
 public class AS7Plugin implements JdrPlugin {
 
     private final PluginId pluginId = new PluginId("AS7_PLUGIN", 1, 0, null);
@@ -63,7 +63,7 @@ public List<JdrCommand> getCommands() throws Exception {
             new CollectFiles("*/modules/system/*/.overlays/.overlays"),
             new CollectFiles("*/.installation/*.conf"),
             new CollectFiles("*/.installation/*.txt"),
-            new SystemProperties(),
+            new SystemProperties().sanitizer(passwordSanitizer),
             new DeploymentDependencies(),
             new LocalModuleDependencies()
         );

diff --git a/jdr/jboss-as-jdr/src/main/java/org/jboss/as/jdr/util/JdrZipFile.java b/jdr/jboss-as-jdr/src/main/java/org/jboss/as/jdr/util/JdrZipFile.java
@@ -146,6 +146,26 @@ public void add(String content, String path) throws Exception {
         this.add(new ByteArrayInputStream(content.getBytes()), name.toString());
     }
 
+    /**
+     * Adds content to the zipfile at path
+     *
+     * path is prepended with the directory reserved for generated text files in JDR
+     *
+     * @param stream
+     * @param path
+     * @throws Exception
+     */
+    public void addAsString(InputStream stream, String path) throws Exception {
+        StringBuilder name = new StringBuilder("sos_strings/");
+
+        name.append(this.env.getProductName().replace(" ", "_").toLowerCase());
+        name.append("-");
+        name.append(this.env.getProductVersion().split("\\.")[0]);
+        name.append("/");
+        name.append(path);
+
+        this.add(stream, name.toString());
+    }
 
     /**
      * Adds content to the zipfile in a file named logName