Repository: cloudstack Updated Branches: refs/heads/master 62f57d235 -> e1cc673ea
CLOUDSTACK-9023 filtering privatekey info from logging Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/a5803308 Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/a5803308 Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/a5803308 Branch: refs/heads/master Commit: a580330864780582ec33d723c7da044d935d4f22 Parents: 7e42978 Author: Daan Hoogland <[email protected]> Authored: Thu Nov 5 14:23:11 2015 +0100 Committer: Daan Hoogland <[email protected]> Committed: Tue Nov 10 12:08:01 2015 +0100 ---------------------------------------------------------------------- .../api/command/admin/resource/UploadCustomCertificateCmd.java | 2 +- utils/src/main/java/com/cloud/utils/StringUtils.java | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cloudstack/blob/a5803308/api/src/org/apache/cloudstack/api/command/admin/resource/UploadCustomCertificateCmd.java ---------------------------------------------------------------------- diff --git a/api/src/org/apache/cloudstack/api/command/admin/resource/UploadCustomCertificateCmd.java b/api/src/org/apache/cloudstack/api/command/admin/resource/UploadCustomCertificateCmd.java index e11876a..e8d6cc5 100644 --- a/api/src/org/apache/cloudstack/api/command/admin/resource/UploadCustomCertificateCmd.java +++ b/api/src/org/apache/cloudstack/api/command/admin/resource/UploadCustomCertificateCmd.java @@ -32,7 +32,7 @@ import com.cloud.user.Account; @APICommand(name = "uploadCustomCertificate", responseObject = CustomCertificateResponse.class, description = "Uploads a custom certificate for the console proxy VMs to use for SSL. Can be used to upload a single certificate signed by a known CA. Can also be used, through multiple calls, to upload a chain of certificates from CA to the custom certificate itself.", - requestHasSensitiveInfo = false, responseHasSensitiveInfo = false) + requestHasSensitiveInfo = true, responseHasSensitiveInfo = false) public class UploadCustomCertificateCmd extends BaseAsyncCmd { public static final Logger s_logger = Logger.getLogger(UploadCustomCertificateCmd.class.getName()); http://git-wip-us.apache.org/repos/asf/cloudstack/blob/a5803308/utils/src/main/java/com/cloud/utils/StringUtils.java ---------------------------------------------------------------------- diff --git a/utils/src/main/java/com/cloud/utils/StringUtils.java b/utils/src/main/java/com/cloud/utils/StringUtils.java index c598be8..71cebe1 100644 --- a/utils/src/main/java/com/cloud/utils/StringUtils.java +++ b/utils/src/main/java/com/cloud/utils/StringUtils.java @@ -186,7 +186,7 @@ public class StringUtils { private static final Pattern REGEX_PASSWORD_QUERYSTRING = Pattern.compile("(&|%26)?[^(&|%26)]*((p|P)assword|accesskey|secretkey)(=|%3D).*?(?=(%26|[&'\"]|$))"); // removes a password/accesskey/ property from a response json object - private static final Pattern REGEX_PASSWORD_JSON = Pattern.compile("\"((p|P)assword|accesskey|secretkey)\":\\s?\".*?\",?"); + private static final Pattern REGEX_PASSWORD_JSON = Pattern.compile("\"((p|P)assword|privatekey|accesskey|secretkey)\":\\s?\".*?\",?"); private static final Pattern REGEX_PASSWORD_DETAILS = Pattern.compile("(&|%26)?details(\\[|%5B)\\d*(\\]|%5D)\\.key(=|%3D)((p|P)assword|accesskey|secretkey)(?=(%26|[&'\"]))");
