Committed on 4.0, 515. For 505, I'm not sure fix by Chip will work as logging
into api.log happens by the servlet (APIServlet) some fix like this should work:
diff --git a/server/src/com/cloud/api/ApiServlet.java
b/server/src/com/cloud/api/ApiServlet.java
index 8a1d4de..3ab6497 100755
--- a/server/src/com/cloud/api/ApiServlet.java
+++ b/server/src/com/cloud/api/ApiServlet.java
@@ -103,6 +103,13 @@ public class ApiServlet extends HttpServlet {
}
}
+ /*
+ * Strips off sensitive content based on
+ */
+ private String stripSensitiveContent(String str) {
+
+ }
+
@SuppressWarnings("unchecked")
private void processRequest(HttpServletRequest req, HttpServletResponse
resp) {
StringBuffer auditTrailSb = new StringBuffer();
@@ -334,7 +341,7 @@ public class ApiServlet extends HttpServlet {
auditTrailSb.append(" unknown exception writing api response");
}
} finally {
- s_accessLogger.info(auditTrailSb.toString());
+
s_accessLogger.info(stripSensitiveContent(auditTrailSb.toString()));
// cleanup user context to prevent from being peeked in other
request context
UserContext.unregisterContext();
}
Some work on refactoring the api layer is going on api_refactoring, the goal is
to separate policy from mechanism and separate tightly coupled security checks
using annotations, and also fix and automate docs. Because this the
APIServlet.java will have a function, one point to strip out sensitive data
like passwords and ssh-keys from logs instead of not logging them completely.
I'll start another thread on api_refactoring and this issue.
Regards.
On 29-Nov-2012, at 9:34 AM, Chip Childers <[email protected]> wrote:
> On Wed, Nov 28, 2012 at 7:41 PM, Joe Brockmeier <[email protected]> wrote:
>> On Thu, Nov 29, 2012 at 11:56:39AM -0500, Chip Childers wrote:
>>> I'll look at 505.
>>
>> Great, thanks!
>
> Fix committed to master and 4.0 branches (from the air no-less) ;-)
>
> -chip
