Skip to content

Commit

Permalink
Do not log secrets in filebeat linux enrollment
Browse files Browse the repository at this point in the history
  • Loading branch information
@np5
np5 committed May 24, 2022
1 parent 36dbc7d commit ab48a12
Showing 1 changed file with 3 additions and 3 deletions.
6 changes: 3 additions & 3 deletions zentral/contrib/filebeat/linux_script/template.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -157,7 +157,7 @@ def get_post_data(secret, serial_number, uuid):


def start_enrollment(serial_number, uuid):
print("START ENROLLMENT", ENROLLMENT_SECRET)
print("START ENROLLMENT")
req = urllib.request.Request(START_ENROLLMENT_URL,
get_post_data(ENROLLMENT_SECRET, serial_number, uuid),
DEFAULT_HEADERS)
Expand Down Expand Up @@ -209,7 +209,7 @@ def build_csr(tmpdir, serial_number, cn, org, challenge):


def get_certificate(serial_number, cn, org, challenge, url):
print("GET CERTIFICATE", cn, org, challenge, url)
print("GET CERTIFICATE", cn, org, url)
if not os.path.isdir(FILEBEAT_HOME):
os.makedirs(FILEBEAT_HOME)
old_umask = os.umask(0o077)
Expand All @@ -233,7 +233,7 @@ def get_certificate(serial_number, cn, org, challenge, url):


def complete_enrollment(client_cert, client_key, enrollment_session_secret, serial_number, uuid):
print("COMPLETE ENROLLMENT", client_cert, client_key, enrollment_session_secret)
print("COMPLETE ENROLLMENT")
req = urllib.request.Request(COMPLETE_ENROLLMENT_URL,
get_post_data(enrollment_session_secret, serial_number, uuid),
DEFAULT_HEADERS)
Expand Down

0 comments on commit ab48a12

Please sign in to comment.