Makefile.am | 14 +++ common/Log.cpp | 35 ++------- common/Log.hpp | 137 ++++++++++++++++++++++++++++++----- common/Seccomp.cpp | 7 + common/Seccomp.hpp | 3 common/Session.cpp | 69 +++++++++++------- common/Session.hpp | 16 +++- common/Util.cpp | 78 +++++++++++++++++--- common/Util.hpp | 21 +++++ configure.ac | 22 +++++ kit/ChildSession.cpp | 32 ++++---- kit/ChildSession.hpp | 2 kit/ForKit.cpp | 27 ++++++- kit/Kit.cpp | 124 ++++++++++++++++++++++---------- kit/Kit.hpp | 6 + kit/KitHelper.hpp | 2 loolwsd.xml.in | 4 + net/Socket.cpp | 9 +- test/WhiteBoxTests.cpp | 2 wsd/Admin.cpp | 2 wsd/AdminModel.cpp | 9 +- wsd/ClientSession.cpp | 18 ++-- wsd/DocumentBroker.cpp | 141 +++++++++++++++++++----------------- wsd/DocumentBroker.hpp | 4 - wsd/LOOLWSD.cpp | 187 +++++++++++++++++++++++++++++-------------------- wsd/LOOLWSD.hpp | 15 +++ wsd/Storage.cpp | 170 +++++++++++++++++++++++++++++++------------- wsd/Storage.hpp | 10 +- wsd/TileCache.cpp | 8 +- 29 files changed, 818 insertions(+), 356 deletions(-)
New commits: commit 8442d7896271f16101d90c5f79286cf40ca33417 Author: Jan Holesovsky <[email protected]> Date: Fri Jun 15 16:31:22 2018 +0200 anonymization: Anonymize docKey's in adminmodel. Change-Id: Ibbefb93aa378f6faecbdb8b8c4f59013696b73c7 diff --git a/wsd/Admin.cpp b/wsd/Admin.cpp index ba24004ec..c1a7133ea 100644 --- a/wsd/Admin.cpp +++ b/wsd/Admin.cpp @@ -453,7 +453,7 @@ void Admin::rmDoc(const std::string& docKey, const std::string& sessionId) void Admin::rmDoc(const std::string& docKey) { - LOG_INF("Removing complete doc [" << docKey << "] from Admin."); + LOG_INF("Removing complete doc [" << LOOLWSD::anonymizeUrl(docKey) << "] from Admin."); addCallback([=]{ _model.removeDocument(docKey); }); } diff --git a/wsd/AdminModel.cpp b/wsd/AdminModel.cpp index 843ce1271..7d31b6196 100644 --- a/wsd/AdminModel.cpp +++ b/wsd/AdminModel.cpp @@ -179,7 +179,7 @@ void AdminModel::assertCorrectThread() const AdminModel::~AdminModel() { - LOG_DBG("History:\n\n" << getAllHistory() << '\n'); + LOG_TRC("History:\n\n" << getAllHistory() << '\n'); LOG_INF("AdminModel dtor."); } @@ -470,7 +470,7 @@ void AdminModel::addDocument(const std::string& docKey, Poco::Process::PID pid, const auto ret = _documents.emplace(docKey, Document(docKey, pid, filename)); ret.first->second.takeSnapshot(); ret.first->second.addView(sessionId, userName, userId); - LOG_DBG("Added admin document [" << docKey << "]."); + LOG_DBG("Added admin document [" << LOOLWSD::anonymizeUrl(docKey) << "]."); std::string encodedUsername; std::string encodedFilename; @@ -554,7 +554,7 @@ void AdminModel::removeDocument(const std::string& docKey) docIt->second.expireView(pair.first); } - LOG_DBG("Removed admin document [" << docKey << "]."); + LOG_DBG("Removed admin document [" << LOOLWSD::anonymizeUrl(docKey) << "]."); _expiredDocuments.emplace(*docIt); _documents.erase(docIt); } commit ecb339e53203f5763716a1d712ad42b7967daf82 Author: Jan Holesovsky <[email protected]> Date: Fri Jun 15 16:28:55 2018 +0200 anonymization: Anonymize uri's in the tilecache. Change-Id: I927d05e0329e3b2375f8d04f23b4356f2fd31764 diff --git a/wsd/TileCache.cpp b/wsd/TileCache.cpp index 5689084a7..4a183fdd9 100644 --- a/wsd/TileCache.cpp +++ b/wsd/TileCache.cpp @@ -51,10 +51,12 @@ TileCache::TileCache(const std::string& docURL, _docURL(docURL), _cacheDir(cacheDir) { - LOG_INF("TileCache ctor for uri [" << _docURL << +#ifndef BUILDING_TESTS + LOG_INF("TileCache ctor for uri [" << LOOLWSD::anonymizeUrl(_docURL) << "], cacheDir: [" << _cacheDir << "], modifiedTime=" << (modifiedTime.raw()/1000000) << " getLastModified()=" << (getLastModified().raw()/1000000)); +#endif File directory(_cacheDir); std::string unsaved; if (directory.exists() && @@ -73,7 +75,9 @@ TileCache::TileCache(const std::string& docURL, TileCache::~TileCache() { _owner = std::thread::id(0); - LOG_INF("~TileCache dtor for uri [" << _docURL << "]."); +#ifndef BUILDING_TESTS + LOG_INF("~TileCache dtor for uri [" << LOOLWSD::anonymizeUrl(_docURL) << "]."); +#endif } void TileCache::completeCleanup() const commit bf8fe5f973fb2b9d1fbfa129466a60c494f46549 Author: Jan Holesovsky <[email protected]> Date: Fri Jun 15 16:26:52 2018 +0200 anonymization: Anonymize uri's and docKeys in the documentbroker. Change-Id: I1940b3eeb1761ec399716f237514020e97a785b1 diff --git a/wsd/ClientSession.cpp b/wsd/ClientSession.cpp index 171712606..87bf4e1db 100644 --- a/wsd/ClientSession.cpp +++ b/wsd/ClientSession.cpp @@ -889,7 +889,7 @@ void ClientSession::onDisconnect() try { // Connection terminated. Destroy session. - LOG_DBG(getName() << " on docKey [" << docKey << "] terminated. Cleaning up."); + LOG_DBG(getName() << " on docKey [" << LOOLWSD::anonymizeUrl(docKey) << "] terminated. Cleaning up."); docBroker->removeSession(getId()); } @@ -930,7 +930,7 @@ void ClientSession::onDisconnect() } catch (const std::exception& exc) { - LOG_WRN(getName() << ": Exception while closing socket for docKey [" << docKey << "]: " << exc.what()); + LOG_WRN(getName() << ": Exception while closing socket for docKey [" << LOOLWSD::anonymizeUrl(docKey) << "]: " << exc.what()); } } diff --git a/wsd/DocumentBroker.cpp b/wsd/DocumentBroker.cpp index 35e9068c2..60e480294 100644 --- a/wsd/DocumentBroker.cpp +++ b/wsd/DocumentBroker.cpp @@ -171,8 +171,8 @@ DocumentBroker::DocumentBroker(const std::string& uri, assert(!_docKey.empty()); assert(!_childRoot.empty()); - LOG_INF("DocumentBroker [" << _uriPublic.toString() << - "] created with docKey [" << _docKey << "] and root [" << _childRoot << "]"); + LOG_INF("DocumentBroker [" << LOOLWSD::anonymizeUrl(_uriPublic.toString()) << + "] created with docKey [" << LOOLWSD::anonymizeUrl(_docKey) << "] and root [" << _childRoot << "]"); } void DocumentBroker::startThread() @@ -188,7 +188,7 @@ void DocumentBroker::assertCorrectThread() const // The inner heart of the DocumentBroker - our poll loop. void DocumentBroker::pollThread() { - LOG_INF("Starting docBroker polling thread for docKey [" << _docKey << "]."); + LOG_INF("Starting docBroker polling thread for docKey [" << LOOLWSD::anonymizeUrl(_docKey) << "]."); _threadStart = std::chrono::steady_clock::now(); @@ -229,12 +229,12 @@ void DocumentBroker::pollThread() // Async cleanup. LOOLWSD::doHousekeeping(); - LOG_INF("Finished docBroker polling thread for docKey [" << _docKey << "]."); + LOG_INF("Finished docBroker polling thread for docKey [" << LOOLWSD::anonymizeUrl(_docKey) << "]."); return; } _childProcess->setDocumentBroker(shared_from_this()); - LOG_INF("Doc [" << _docKey << "] attached to child [" << _childProcess->getPid() << "]."); + LOG_INF("Doc [" << LOOLWSD::anonymizeUrl(_docKey) << "] attached to child [" << _childProcess->getPid() << "]."); static const bool AutoSaveEnabled = !std::getenv("LOOL_NO_AUTOSAVE"); static const size_t IdleDocTimeoutSecs = LOOLWSD::getConfigValue<int>( @@ -264,7 +264,7 @@ void DocumentBroker::pollThread() // connection drop transiently reduces this. (sent > adminSent ? (sent - adminSent): uint64_t(0)), (recv > adminRecv ? (recv - adminRecv): uint64_t(0))); - LOG_DBG("Doc [" << _docKey << "] added sent: " << sent << " recv: " << recv << " bytes to totals"); + LOG_DBG("Doc [" << LOOLWSD::anonymizeUrl(_docKey) << "] added sent: " << sent << " recv: " << recv << " bytes to totals"); adminSent = sent; adminRecv = recv; } @@ -280,10 +280,10 @@ void DocumentBroker::pollThread() if (ShutdownRequestFlag || _closeRequest) { const std::string reason = ShutdownRequestFlag ? "recycling" : _closeReason; - LOG_INF("Autosaving DocumentBroker for docKey [" << getDocKey() << "] for " << reason); + LOG_INF("Autosaving DocumentBroker for docKey [" << LOOLWSD::anonymizeUrl(getDocKey()) << "] for " << reason); if (!autoSave(isPossiblyModified())) { - LOG_INF("Terminating DocumentBroker for docKey [" << getDocKey() << "]."); + LOG_INF("Terminating DocumentBroker for docKey [" << LOOLWSD::anonymizeUrl(getDocKey()) << "]."); stop(reason); } } @@ -300,22 +300,22 @@ void DocumentBroker::pollThread() if (idle) { // Stop if there is nothing to save. - LOG_INF("Autosaving idle DocumentBroker for docKey [" << getDocKey() << "] to kill."); + LOG_INF("Autosaving idle DocumentBroker for docKey [" << LOOLWSD::anonymizeUrl(getDocKey()) << "] to kill."); if (!autoSave(isPossiblyModified())) { - LOG_INF("Terminating idle DocumentBroker for docKey [" << getDocKey() << "]."); + LOG_INF("Terminating idle DocumentBroker for docKey [" << LOOLWSD::anonymizeUrl(getDocKey()) << "]."); stop("idle"); } } else if (_sessions.empty() && (isLoaded() || _markToDestroy)) { // If all sessions have been removed, no reason to linger. - LOG_INF("Terminating dead DocumentBroker for docKey [" << getDocKey() << "]."); + LOG_INF("Terminating dead DocumentBroker for docKey [" << LOOLWSD::anonymizeUrl(getDocKey()) << "]."); stop("dead"); } } - LOG_INF("Finished polling doc [" << _docKey << "]. stop: " << _stop << ", continuePolling: " << + LOG_INF("Finished polling doc [" << LOOLWSD::anonymizeUrl(_docKey) << "]. stop: " << _stop << ", continuePolling: " << _poll->continuePolling() << ", ShutdownRequestFlag: " << ShutdownRequestFlag << ", TerminationFlag: " << TerminationFlag << ", closeReason: " << _closeReason << ". Flushing socket."); @@ -339,7 +339,7 @@ void DocumentBroker::pollThread() _poll->poll(std::min(flushTimeoutMs - elapsedMs, POLL_TIMEOUT_MS / 5)); } - LOG_INF("Finished flushing socket for doc [" << _docKey << "]. stop: " << _stop << ", continuePolling: " << + LOG_INF("Finished flushing socket for doc [" << LOOLWSD::anonymizeUrl(_docKey) << "]. stop: " << _stop << ", continuePolling: " << _poll->continuePolling() << ", ShutdownRequestFlag: " << ShutdownRequestFlag << ", TerminationFlag: " << TerminationFlag << ". Terminating child with reason: [" << _closeReason << "]."); @@ -357,7 +357,7 @@ void DocumentBroker::pollThread() if (_tileCache && !LOOLWSD::TileCachePersistent) _tileCache->completeCleanup(); - LOG_INF("Finished docBroker polling thread for docKey [" << _docKey << "]."); + LOG_INF("Finished docBroker polling thread for docKey [" << LOOLWSD::anonymizeUrl(_docKey) << "]."); } bool DocumentBroker::isAlive() const @@ -375,7 +375,7 @@ DocumentBroker::~DocumentBroker() Admin::instance().rmDoc(_docKey); - LOG_INF("~DocumentBroker [" << _docKey << + LOG_INF("~DocumentBroker [" << LOOLWSD::anonymizeUrl(_docKey) << "] destroyed with " << _sessions.size() << " sessions left."); // Do this early - to avoid operating on _childProcess from two threads. @@ -383,7 +383,7 @@ DocumentBroker::~DocumentBroker() if (!_sessions.empty()) { - LOG_WRN("DocumentBroker [" << _docKey << "] still has unremoved sessions."); + LOG_WRN("DocumentBroker [" << LOOLWSD::anonymizeUrl(_docKey) << "] still has unremoved sessions."); } // Need to first make sure the child exited, socket closed, @@ -398,7 +398,7 @@ void DocumentBroker::joinThread() void DocumentBroker::stop(const std::string& reason) { - LOG_DBG("Closing DocumentBroker for docKey [" << _docKey << "] with reason: " << reason); + LOG_DBG("Closing DocumentBroker for docKey [" << LOOLWSD::anonymizeUrl(_docKey) << "] with reason: " << reason); _closeReason = reason; // used later in the polling loop _stop = true; _poll->wakeup(); @@ -410,7 +410,7 @@ bool DocumentBroker::load(const std::shared_ptr<ClientSession>& session, const s const std::string sessionId = session->getId(); - LOG_INF("Loading [" << _docKey << "] for session [" << sessionId << "] and jail [" << jailId << "]."); + LOG_INF("Loading [" << LOOLWSD::anonymizeUrl(_docKey) << "] for session [" << sessionId << "] and jail [" << jailId << "]."); { bool result; @@ -421,7 +421,7 @@ bool DocumentBroker::load(const std::shared_ptr<ClientSession>& session, const s if (_markToDestroy) { // Tearing down. - LOG_WRN("Will not load document marked to destroy. DocKey: [" << _docKey << "]."); + LOG_WRN("Will not load document marked to destroy. DocKey: [" << LOOLWSD::anonymizeUrl(_docKey) << "]."); return false; } @@ -442,13 +442,13 @@ bool DocumentBroker::load(const std::shared_ptr<ClientSession>& session, const s // Pass the public URI to storage as it needs to load using the token // and other storage-specific data provided in the URI. const Poco::URI& uriPublic = session->getPublicUri(); - LOG_DBG("Loading, and creating new storage instance for URI [" << uriPublic.toString() << "]."); + LOG_DBG("Loading, and creating new storage instance for URI [" << LOOLWSD::anonymizeUrl(uriPublic.toString()) << "]."); _storage = StorageBase::create(uriPublic, jailRoot, jailPath.toString()); if (_storage == nullptr) { // We should get an exception, not null. - LOG_ERR("Failed to create Storage instance for [" << _docKey << "] in " << jailPath.toString()); + LOG_ERR("Failed to create Storage instance for [" << LOOLWSD::anonymizeUrl(_docKey) << "] in " << jailPath.toString()); return false; } firstInstance = true; @@ -578,7 +578,7 @@ bool DocumentBroker::load(const std::shared_ptr<ClientSession>& session, const s fileInfo._modifiedTime != Zero && _documentLastModifiedTime != fileInfo._modifiedTime) { - LOG_TRC("Document " << _docKey << "] has been modified behind our back. " << + LOG_DBG("Document " << LOOLWSD::anonymizeUrl(_docKey) << "] has been modified behind our back. " << "Informing all clients. Expected: " << _documentLastModifiedTime << ", Actual: " << fileInfo._modifiedTime); @@ -654,7 +654,7 @@ bool DocumentBroker::load(const std::shared_ptr<ClientSession>& session, const s Poco::DigestOutputStream dos(sha1); Poco::StreamCopier::copyStream(istr, dos); dos.close(); - LOG_INF("SHA1 for DocKey [" << _docKey << "] of [" << LOOLWSD::anonymizeUrl(localPath) << "]: " << + LOG_INF("SHA1 for DocKey [" << LOOLWSD::anonymizeUrl(_docKey) << "] of [" << LOOLWSD::anonymizeUrl(localPath) << "]: " << Poco::DigestEngine::digestToHex(sha1.digest())); // LibreOffice can't open files with '#' in the name @@ -736,11 +736,11 @@ bool DocumentBroker::saveToStorageInternal(const std::string& sessionId, // If save requested, but core didn't save because document was unmodified // notify the waiting thread, if any. - LOG_TRC("Saving to storage docKey [" << _docKey << "] for session [" << sessionId << + LOG_TRC("Saving to storage docKey [" << LOOLWSD::anonymizeUrl(_docKey) << "] for session [" << sessionId << "]. Success: " << success << ", result: " << result); if (!success && result == "unmodified") { - LOG_DBG("Save skipped as document [" << _docKey << "] was not modified."); + LOG_DBG("Save skipped as document [" << LOOLWSD::anonymizeUrl(_docKey) << "] was not modified."); _lastSaveTime = std::chrono::steady_clock::now(); _poll->wakeup(); return true; @@ -749,14 +749,14 @@ bool DocumentBroker::saveToStorageInternal(const std::string& sessionId, const auto it = _sessions.find(sessionId); if (it == _sessions.end()) { - LOG_ERR("Session with sessionId [" << sessionId << "] not found while saving docKey [" << _docKey << "]."); + LOG_ERR("Session with sessionId [" << sessionId << "] not found while saving docKey [" << LOOLWSD::anonymizeUrl(_docKey) << "]."); return false; } // Check that we are actually about to upload a successfully saved document. if (!success) { - LOG_ERR("Cannot save docKey [" << _docKey << "], the .uno:Save has failed in LOK."); + LOG_ERR("Cannot save docKey [" << LOOLWSD::anonymizeUrl(_docKey) << "], the .uno:Save has failed in LOK."); it->second->sendTextFrame("error: cmd=storage kind=savefailed"); return false; } @@ -770,13 +770,13 @@ bool DocumentBroker::saveToStorageInternal(const std::string& sessionId, if (!isSaveAs && newFileModifiedTime == _lastFileModifiedTime) { // Nothing to do. - LOG_DBG("Skipping unnecessary saving to URI [" << uriAnonym << "] with docKey [" << _docKey << + LOG_DBG("Skipping unnecessary saving to URI [" << uriAnonym << "] with docKey [" << LOOLWSD::anonymizeUrl(_docKey) << "]. File last modified " << _lastFileModifiedTime.elapsed() / 1000000 << " seconds ago."); _poll->wakeup(); return true; } - LOG_DBG("Persisting [" << _docKey << "] after saving to URI [" << uriAnonym << "]."); + LOG_DBG("Persisting [" << LOOLWSD::anonymizeUrl(_docKey) << "] after saving to URI [" << uriAnonym << "]."); assert(_storage && _tileCache); StorageBase::SaveResult storageSaveResult = _storage->saveLocalFileToStorage(auth, saveAsPath, saveAsFilename); @@ -796,7 +796,7 @@ bool DocumentBroker::saveToStorageInternal(const std::string& sessionId, // After a successful save, we are sure that document in the storage is same as ours _documentChangedInStorage = false; - LOG_DBG("Saved docKey [" << _docKey << "] to URI [" << uriAnonym << "] and updated timestamps. " << + LOG_DBG("Saved docKey [" << LOOLWSD::anonymizeUrl(_docKey) << "] to URI [" << uriAnonym << "] and updated timestamps. " << " Document modified timestamp: " << _documentLastModifiedTime); // Resume polling. @@ -819,7 +819,7 @@ bool DocumentBroker::saveToStorageInternal(const std::string& sessionId, << " xfilename=" << filenameAnonym; it->second->sendTextFrame(oss.str()); - LOG_DBG("Saved As docKey [" << _docKey << "] to URI [" << url << + LOG_DBG("Saved As docKey [" << LOOLWSD::anonymizeUrl(_docKey) << "] to URI [" << LOOLWSD::anonymizeUrl(url) << "] with name [" << filenameAnonym << "] successfully."); } @@ -827,7 +827,7 @@ bool DocumentBroker::saveToStorageInternal(const std::string& sessionId, } else if (storageSaveResult.getResult() == StorageBase::SaveResult::DISKFULL) { - LOG_WRN("Disk full while saving docKey [" << _docKey << "] to URI [" << uriAnonym << + LOG_WRN("Disk full while saving docKey [" << LOOLWSD::anonymizeUrl(_docKey) << "] to URI [" << uriAnonym << "]. Making all sessions on doc read-only and notifying clients."); // Make everyone readonly and tell everyone that storage is low on diskspace. @@ -839,14 +839,14 @@ bool DocumentBroker::saveToStorageInternal(const std::string& sessionId, } else if (storageSaveResult.getResult() == StorageBase::SaveResult::UNAUTHORIZED) { - LOG_ERR("Cannot save docKey [" << _docKey << "] to storage URI [" << uriAnonym << + LOG_ERR("Cannot save docKey [" << LOOLWSD::anonymizeUrl(_docKey) << "] to storage URI [" << uriAnonym << "]. Invalid or expired access token. Notifying client."); it->second->sendTextFrame("error: cmd=storage kind=saveunauthorized"); } else if (storageSaveResult.getResult() == StorageBase::SaveResult::FAILED) { //TODO: Should we notify all clients? - LOG_ERR("Failed to save docKey [" << _docKey << "] to URI [" << uriAnonym << "]. Notifying client."); + LOG_ERR("Failed to save docKey [" << LOOLWSD::anonymizeUrl(_docKey) << "] to URI [" << uriAnonym << "]. Notifying client."); it->second->sendTextFrame("error: cmd=storage kind=savefailed"); } else if (storageSaveResult.getResult() == StorageBase::SaveResult::DOC_CHANGED) @@ -883,12 +883,12 @@ bool DocumentBroker::autoSave(const bool force) !_childProcess->isAlive() || (!_isModified && !force)) { // Nothing to do. - LOG_TRC("Nothing to autosave [" << _docKey << "]."); + LOG_TRC("Nothing to autosave [" << LOOLWSD::anonymizeUrl(_docKey) << "]."); return false; } // Remember the last save time, since this is the predicate. - LOG_TRC("Checking to autosave [" << _docKey << "]."); + LOG_TRC("Checking to autosave [" << LOOLWSD::anonymizeUrl(_docKey) << "]."); // Which session to use when auto saving ? std::string savingSessionId; @@ -911,7 +911,7 @@ bool DocumentBroker::autoSave(const bool force) bool sent = false; if (force) { - LOG_TRC("Sending forced save command for [" << _docKey << "]."); + LOG_TRC("Sending forced save command for [" << LOOLWSD::anonymizeUrl(_docKey) << "]."); // Don't terminate editing as this can be invoked by the admin OOM, but otherwise force saving anyway. sent = sendUnoSave(savingSessionId, /*dontTerminateEdit=*/ true, /*dontSaveIfUnmodified=*/ true, /*isAutosave=*/ false); } @@ -920,7 +920,7 @@ bool DocumentBroker::autoSave(const bool force) const auto now = std::chrono::steady_clock::now(); const auto inactivityTimeMs = std::chrono::duration_cast<std::chrono::milliseconds>(now - _lastActivityTime).count(); const auto timeSinceLastSaveMs = std::chrono::duration_cast<std::chrono::milliseconds>(now - _lastSaveTime).count(); - LOG_TRC("Time since last save of docKey [" << _docKey << "] is " << timeSinceLastSaveMs << + LOG_TRC("Time since last save of docKey [" << LOOLWSD::anonymizeUrl(_docKey) << "] is " << timeSinceLastSaveMs << "ms and most recent activity was " << inactivityTimeMs << "ms ago."); static const auto idleSaveDurationMs = LOOLWSD::getConfigValue<int>("per_document.idlesave_duration_secs", 30) * 1000; @@ -929,7 +929,7 @@ bool DocumentBroker::autoSave(const bool force) if (inactivityTimeMs >= idleSaveDurationMs || timeSinceLastSaveMs >= autoSaveDurationMs) { - LOG_TRC("Sending timed save command for [" << _docKey << "]."); + LOG_TRC("Sending timed save command for [" << LOOLWSD::anonymizeUrl(_docKey) << "]."); sent = sendUnoSave(savingSessionId, /*dontTerminateEdit=*/ true, /*dontSaveIfUnmodified=*/ true, /*isAutosave=*/ true); } } @@ -941,7 +941,7 @@ bool DocumentBroker::sendUnoSave(const std::string& sessionId, bool dontTerminat { assertCorrectThread(); - LOG_INF("Saving doc [" << _docKey << "]."); + LOG_INF("Saving doc [" << LOOLWSD::anonymizeUrl(_docKey) << "]."); if (_sessions.find(sessionId) != _sessions.end()) { @@ -989,7 +989,7 @@ bool DocumentBroker::sendUnoSave(const std::string& sessionId, bool dontTerminat return true; } - LOG_ERR("Failed to save doc [" << _docKey << "]: No valid sessions."); + LOG_ERR("Failed to save doc [" << LOOLWSD::anonymizeUrl(_docKey) << "]: No valid sessions."); return false; } @@ -1007,10 +1007,10 @@ size_t DocumentBroker::addSession(const std::shared_ptr<ClientSession>& session) } catch (const std::exception& exc) { - LOG_ERR("Failed to add session to [" << _docKey << "] with URI [" << session->getPublicUri().toString() << "]: " << exc.what()); + LOG_ERR("Failed to add session to [" << LOOLWSD::anonymizeUrl(_docKey) << "] with URI [" << LOOLWSD::anonymizeUrl(session->getPublicUri().toString()) << "]: " << exc.what()); if (_sessions.empty()) { - LOG_INF("Doc [" << _docKey << "] has no more sessions. Marking to destroy."); + LOG_INF("Doc [" << LOOLWSD::anonymizeUrl(_docKey) << "] has no more sessions. Marking to destroy."); _markToDestroy = true; } @@ -1060,7 +1060,7 @@ size_t DocumentBroker::addSessionInternal(const std::shared_ptr<ClientSession>& const auto count = _sessions.size(); LOG_TRC("Added " << (session->isReadOnly() ? "readonly" : "non-readonly") << " session [" << id << "] to docKey [" << - _docKey << "] to have " << count << " sessions."); + LOOLWSD::anonymizeUrl(_docKey) << "] to have " << count << " sessions."); return count; } @@ -1083,7 +1083,7 @@ size_t DocumentBroker::removeSession(const std::string& id) const bool lastEditableSession = !it->second->isReadOnly() && !haveAnotherEditableSession(id); - LOG_INF("Removing session [" << id << "] on docKey [" << _docKey << + LOG_INF("Removing session [" << id << "] on docKey [" << LOOLWSD::anonymizeUrl(_docKey) << "]. Have " << _sessions.size() << " sessions. markToDestroy: " << _markToDestroy << ", LastEditableSession: " << lastEditableSession); @@ -1123,7 +1123,7 @@ size_t DocumentBroker::removeSessionInternal(const std::string& id) { logger << "Removed " << (readonly ? "readonly" : "non-readonly") << " session [" << id << "] from docKey [" - << _docKey << "] to have " << count << " sessions:"; + << LOOLWSD::anonymizeUrl(_docKey) << "] to have " << count << " sessions:"; for (const auto& pair : _sessions) logger << pair.second->getId() << ' '; @@ -1139,7 +1139,7 @@ size_t DocumentBroker::removeSessionInternal(const std::string& id) else { LOG_TRC("Session [" << id << "] not found to remove from docKey [" << - _docKey << "]. Have " << _sessions.size() << " sessions."); + LOOLWSD::anonymizeUrl(_docKey) << "]. Have " << _sessions.size() << " sessions."); } } catch (const std::exception& ex) @@ -1169,7 +1169,7 @@ void DocumentBroker::alertAllUsers(const std::string& msg) auto payload = std::make_shared<Message>(msg, Message::Dir::Out); - LOG_DBG("Alerting all users of [" << _docKey << "]: " << msg); + LOG_DBG("Alerting all users of [" << LOOLWSD::anonymizeUrl(_docKey) << "]: " << msg); for (auto& it : _sessions) { it.second->enqueueSendMessage(payload); @@ -1547,7 +1547,7 @@ bool DocumentBroker::forwardToClient(const std::shared_ptr<Message>& payload) void DocumentBroker::shutdownClients(const std::string& closeReason) { assertCorrectThread(); - LOG_INF("Terminating " << _sessions.size() << " clients of doc [" << _docKey << "] with reason: " << closeReason); + LOG_INF("Terminating " << _sessions.size() << " clients of doc [" << LOOLWSD::anonymizeUrl(_docKey) << "] with reason: " << closeReason); // First copy into local container, since removeSession // will erase from _sessions, but will leave the last. @@ -1577,7 +1577,7 @@ void DocumentBroker::childSocketTerminated() if (!_childProcess->isAlive()) { - LOG_ERR("Child for doc [" << _docKey << "] terminated prematurely."); + LOG_ERR("Child for doc [" << LOOLWSD::anonymizeUrl(_docKey) << "] terminated prematurely."); } // We could restore the kit if this was unexpected. @@ -1589,14 +1589,14 @@ void DocumentBroker::terminateChild(const std::string& closeReason) { assertCorrectThread(); - LOG_INF("Terminating doc [" << _docKey << "] with reason: " << closeReason); + LOG_INF("Terminating doc [" << LOOLWSD::anonymizeUrl(_docKey) << "] with reason: " << closeReason); // Close all running sessions first. shutdownClients(closeReason); if (_childProcess) { - LOG_INF("Terminating child [" << getPid() << "] of doc [" << _docKey << "]."); + LOG_INF("Terminating child [" << getPid() << "] of doc [" << LOOLWSD::anonymizeUrl(_docKey) << "]."); // First flag to stop as it might be waiting on our lock // to process some incoming message. @@ -1611,7 +1611,7 @@ void DocumentBroker::closeDocument(const std::string& reason) { assertCorrectThread(); - LOG_DBG("Closing DocumentBroker for docKey [" << _docKey << "] with reason: " << reason); + LOG_DBG("Closing DocumentBroker for docKey [" << LOOLWSD::anonymizeUrl(_docKey) << "] with reason: " << reason); _closeReason = reason; _closeRequest = true; } commit 7b79e0b8275c915f2b2cbd81e00820d12989a4e1 Author: Jan Holesovsky <[email protected]> Date: Fri Jun 15 16:12:30 2018 +0200 anonymization: Anonymize uri's and docKey's in loolwsd. Change-Id: I1d5d41ee8c3a3af1d437ec400fc8e27eb3de99db diff --git a/wsd/LOOLWSD.cpp b/wsd/LOOLWSD.cpp index 778a5d71d..0a7de556b 100644 --- a/wsd/LOOLWSD.cpp +++ b/wsd/LOOLWSD.cpp @@ -269,7 +269,7 @@ void cleanupDocBrokers() // Remove only when not alive. if (!docBroker->isAlive()) { - LOG_INF("Removing DocumentBroker for docKey [" << it->first << "]."); + LOG_INF("Removing DocumentBroker for docKey [" << LOOLWSD::anonymizeUrl(it->first) << "]."); it = DocBrokers.erase(it); continue; } else { @@ -1454,8 +1454,8 @@ static std::shared_ptr<DocumentBroker> findOrCreateDocBroker(WebSocketHandler& w const std::string& id, const Poco::URI& uriPublic) { - LOG_INF("Find or create DocBroker for docKey [" << docKey << - "] for session [" << id << "] on url [" << uriPublic.toString() << "]."); + LOG_INF("Find or create DocBroker for docKey [" << LOOLWSD::anonymizeUrl(docKey) << + "] for session [" << id << "] on url [" << LOOLWSD::anonymizeUrl(uriPublic.toString()) << "]."); std::unique_lock<std::mutex> docBrokersLock(DocBrokersMutex); @@ -1474,13 +1474,13 @@ static std::shared_ptr<DocumentBroker> findOrCreateDocBroker(WebSocketHandler& w if (it != DocBrokers.end() && it->second) { // Get the DocumentBroker from the Cache. - LOG_DBG("Found DocumentBroker with docKey [" << docKey << "]."); + LOG_DBG("Found DocumentBroker with docKey [" << LOOLWSD::anonymizeUrl(docKey) << "]."); docBroker = it->second; // Destroying the document? Let the client reconnect. if (docBroker->isMarkedToDestroy()) { - LOG_WRN("DocBroker with docKey [" << docKey << "] that is marked to be destroyed. Rejecting client request."); + LOG_WRN("DocBroker with docKey [" << LOOLWSD::anonymizeUrl(docKey) << "] that is marked to be destroyed. Rejecting client request."); ws.sendMessage("error: cmd=load kind=docunloading"); ws.shutdown(WebSocketHandler::StatusCodes::ENDPOINT_GOING_AWAY, "error: cmd=load kind=docunloading"); return nullptr; @@ -1488,7 +1488,7 @@ static std::shared_ptr<DocumentBroker> findOrCreateDocBroker(WebSocketHandler& w } else { - LOG_DBG("No DocumentBroker with docKey [" << docKey << "] found. New Child and Document."); + LOG_DBG("No DocumentBroker with docKey [" << LOOLWSD::anonymizeUrl(docKey) << "] found. New Child and Document."); } if (TerminationFlag) @@ -1516,10 +1516,10 @@ static std::shared_ptr<DocumentBroker> findOrCreateDocBroker(WebSocketHandler& w } // Set the one we just created. - LOG_DBG("New DocumentBroker for docKey [" << docKey << "]."); + LOG_DBG("New DocumentBroker for docKey [" << LOOLWSD::anonymizeUrl(docKey) << "]."); docBroker = std::make_shared<DocumentBroker>(uri, uriPublic, docKey, LOOLWSD::ChildRoot); DocBrokers.emplace(docKey, docBroker); - LOG_TRC("Have " << DocBrokers.size() << " DocBrokers after inserting [" << docKey << "]."); + LOG_TRC("Have " << DocBrokers.size() << " DocBrokers after inserting [" << LOOLWSD::anonymizeUrl(docKey) << "]."); } return docBroker; @@ -1660,7 +1660,7 @@ private: { logger << "#" << socket->getFD() << ": Prisoner HTTP Request: " << request.getMethod() << ' ' - << request.getURI() << ' ' + << LOOLWSD::anonymizeUrl(request.getURI()) << ' ' << request.getVersion(); for (const auto& it : request) @@ -1671,7 +1671,7 @@ private: LOG_END(logger); } - LOG_TRC("Child connection with URI [" << request.getURI() << "]."); + LOG_TRC("Child connection with URI [" << LOOLWSD::anonymizeUrl(request.getURI()) << "]."); if (request.getURI().find(NEW_CHILD_URI) != 0) { LOG_ERR("Invalid incoming URI."); @@ -1700,13 +1700,13 @@ private: if (pid <= 0) { - LOG_ERR("Invalid PID in child URI [" << request.getURI() << "]."); + LOG_ERR("Invalid PID in child URI [" << LOOLWSD::anonymizeUrl(request.getURI()) << "]."); return; } if (jailId.empty()) { - LOG_ERR("Invalid JailId in child URI [" << request.getURI() << "]."); + LOG_ERR("Invalid JailId in child URI [" << LOOLWSD::anonymizeUrl(request.getURI()) << "]."); return; } @@ -1816,7 +1816,7 @@ private: { request.read(message); - auto logger = Log::info(); + auto logger = Log::trace(); // must be trace for anonymization if (logger.enabled()) { logger << "#" << socket->getFD() << ": Client HTTP Request: " @@ -2086,7 +2086,7 @@ private: void handlePostRequest(const Poco::Net::HTTPRequest& request, Poco::MemoryInputStream& message, SocketDisposition &disposition) { - LOG_INF("Post request: [" << request.getURI() << "]"); + LOG_INF("Post request: [" << LOOLWSD::anonymizeUrl(request.getURI()) << "]"); Poco::Net::HTTPResponse response; auto socket = _socket.lock(); @@ -2118,14 +2118,14 @@ private: // In that case, we can use a pool and index by publicPath. std::unique_lock<std::mutex> docBrokersLock(DocBrokersMutex); - LOG_DBG("New DocumentBroker for docKey [" << docKey << "]."); + LOG_DBG("New DocumentBroker for docKey [" << LOOLWSD::anonymizeUrl(docKey) << "]."); auto docBroker = std::make_shared<DocumentBroker>(fromPath, uriPublic, docKey, LOOLWSD::ChildRoot); cleanupDocBrokers(); - LOG_DBG("New DocumentBroker for docKey [" << docKey << "]."); + LOG_DBG("New DocumentBroker for docKey [" << LOOLWSD::anonymizeUrl(docKey) << "]."); DocBrokers.emplace(docKey, docBroker); - LOG_TRC("Have " << DocBrokers.size() << " DocBrokers after inserting [" << docKey << "]."); + LOG_TRC("Have " << DocBrokers.size() << " DocBrokers after inserting [" << LOOLWSD::anonymizeUrl(docKey) << "]."); // Load the document. // TODO: Move to DocumentBroker. @@ -2178,7 +2178,7 @@ private: sent = true; } else - LOG_WRN("Failed to create Client Session with id [" << _id << "] on docKey [" << docKey << "]."); + LOG_WRN("Failed to create Client Session with id [" << _id << "] on docKey [" << LOOLWSD::anonymizeUrl(docKey) << "]."); } } @@ -2212,7 +2212,7 @@ private: // Maybe just free the client from sending childid in form ? if (docBrokerIt == DocBrokers.end() || docBrokerIt->second->getJailId() != formChildid) { - throw BadRequestException("DocKey [" + docKey + "] or childid [" + formChildid + "] is invalid."); + throw BadRequestException("DocKey [" + LOOLWSD::anonymizeUrl(docKey) + "] or childid [" + formChildid + "] is invalid."); } docBrokersLock.unlock(); @@ -2244,7 +2244,7 @@ private: auto docBrokerIt = DocBrokers.find(docKey); if (docBrokerIt == DocBrokers.end()) { - throw BadRequestException("DocKey [" + docKey + "] is invalid."); + throw BadRequestException("DocKey [" + LOOLWSD::anonymizeUrl(docKey) + "] is invalid."); } // 2. Cross-check if received child id is correct @@ -2308,11 +2308,12 @@ private: auto socket = _socket.lock(); if (!socket) { - LOG_WRN("No socket to handle client WS upgrade for request: " << request.getURI() << ", url: " << url); + LOG_WRN("No socket to handle client WS upgrade for request: " << LOOLWSD::anonymizeUrl(request.getURI()) << ", url: " << url); return; } - LOG_INF("Client WS request: " << request.getURI() << ", url: " << url << ", socket #" << socket->getFD()); + // must be trace for anonymization + LOG_TRC("Client WS request: " << request.getURI() << ", url: " << url << ", socket #" << socket->getFD()); // First Upgrade. WebSocketHandler ws(_socket, request); @@ -2329,7 +2330,7 @@ private: #endif } - LOG_INF("Starting GET request handler for session [" << _id << "] on url [" << url << "]."); + LOG_INF("Starting GET request handler for session [" << _id << "] on url [" << LOOLWSD::anonymizeUrl(url) << "]."); // Indicate to the client that document broker is searching. const std::string status("statusindicator: find"); @@ -2338,8 +2339,8 @@ private: const auto uriPublic = DocumentBroker::sanitizeURI(url); const auto docKey = DocumentBroker::getDocKey(uriPublic); - LOG_INF("Sanitized URI [" << url << "] to [" << uriPublic.toString() << - "] and mapped to docKey [" << docKey << "] for session [" << _id << "]."); + LOG_INF("Sanitized URI [" << LOOLWSD::anonymizeUrl(url) << "] to [" << LOOLWSD::anonymizeUrl(uriPublic.toString()) << + "] and mapped to docKey [" << LOOLWSD::anonymizeUrl(docKey) << "] for session [" << _id << "]."); // Check if readonly session is required bool isReadOnly = false; @@ -2352,7 +2353,7 @@ private: } } - LOG_INF("URL [" << url << "] is " << (isReadOnly ? "readonly" : "writable") << "."); + LOG_INF("URL [" << LOOLWSD::anonymizeUrl(url) << "] is " << (isReadOnly ? "readonly" : "writable") << "."); // Request a kit process for this doc. auto docBroker = findOrCreateDocBroker(ws, url, docKey, _id, uriPublic); @@ -2408,13 +2409,13 @@ private: } else { - LOG_WRN("Failed to create Client Session with id [" << _id << "] on docKey [" << docKey << "]."); + LOG_WRN("Failed to create Client Session with id [" << _id << "] on docKey [" << LOOLWSD::anonymizeUrl(docKey) << "]."); cleanupDocBrokers(); } } else { - throw ServiceUnavailableException("Failed to create DocBroker with docKey [" + docKey + "]."); + throw ServiceUnavailableException("Failed to create DocBroker with docKey [" + LOOLWSD::anonymizeUrl(docKey) + "]."); } } catch (const std::exception& exc) commit 01fd653cbd42d30a6c67fca94c5757eaae79020e Author: Jan Holesovsky <[email protected]> Date: Fri Jun 15 15:54:44 2018 +0200 anonymization: Anonymize uri's in the storage. Change-Id: Ifba57c5c765b9f2291255cc7de567520a21370ef diff --git a/wsd/Storage.cpp b/wsd/Storage.cpp index 422d5a863..5df06c91e 100644 --- a/wsd/Storage.cpp +++ b/wsd/Storage.cpp @@ -43,7 +43,6 @@ #include "Auth.hpp" #include "Common.hpp" #include "Exceptions.hpp" -#include "LOOLWSD.hpp" #include "Log.hpp" #include "Unit.hpp" #include "Util.hpp" @@ -186,7 +185,7 @@ std::unique_ptr<StorageBase> StorageBase::create(const Poco::URI& uri, const std } else if (uri.isRelative() || uri.getScheme() == "file") { - LOG_INF("Public URI [" << uri.toString() << "] is a file."); + LOG_INF("Public URI [" << LOOLWSD::anonymizeUrl(uri.toString()) << "] is a file."); #if ENABLE_DEBUG if (std::getenv("FAKE_UNAUTHORIZED")) @@ -210,7 +209,7 @@ std::unique_ptr<StorageBase> StorageBase::create(const Poco::URI& uri, const std if (pathSegments.size() == 4 && pathSegments[0] == "tmp" && pathSegments[1] == "convert-to") { - LOG_INF("Public URI [" << normalizedUri.toString() << "] is actually a convert-to tempfile."); + LOG_INF("Public URI [" << LOOLWSD::anonymizeUrl(normalizedUri.toString()) << "] is actually a convert-to tempfile."); return std::unique_ptr<StorageBase>(new LocalStorage(normalizedUri, jailRoot, jailPath)); } } @@ -219,7 +218,7 @@ std::unique_ptr<StorageBase> StorageBase::create(const Poco::URI& uri, const std } else if (WopiEnabled) { - LOG_INF("Public URI [" << uri.toString() << "] considered WOPI."); + LOG_INF("Public URI [" << LOOLWSD::anonymizeUrl(uri.toString()) << "] considered WOPI."); const auto& targetHost = uri.getHost(); if (WopiHosts.match(targetHost) || isLocalhost(targetHost)) { @@ -237,7 +236,7 @@ std::atomic<unsigned> LocalStorage::LastLocalStorageId; std::unique_ptr<LocalStorage::LocalFileInfo> LocalStorage::getLocalFileInfo() { const auto path = Poco::Path(_uri.getPath()); - LOG_DBG("Getting info for local uri [" << _uri.toString() << "], path [" << path.toString() << "]."); + LOG_DBG("Getting info for local uri [" << LOOLWSD::anonymizeUrl(_uri.toString()) << "], path [" << LOOLWSD::anonymizeUrl(path.toString()) << "]."); const auto& filename = path.getFileName(); const auto file = Poco::File(path); @@ -256,7 +255,7 @@ std::string LocalStorage::loadStorageFileToLocal(const Authorization& /*auth*/) const auto filename = Poco::Path(_uri.getPath()).getFileName(); _jailedFilePath = Poco::Path(getLocalRootPath(), filename).toString(); _jailedFilePathAnonym = LOOLWSD::anonymizeUrl(_jailedFilePath); - LOG_INF("Public URI [" << _uri.getPath() << + LOG_INF("Public URI [" << LOOLWSD::anonymizeUrl(_uri.getPath()) << "] jailed to [" << _jailedFilePathAnonym << "]."); // Despite the talk about URIs it seems that _uri is actually just a pathname here @@ -267,11 +266,11 @@ std::string LocalStorage::loadStorageFileToLocal(const Authorization& /*auth*/) throw StorageSpaceLowException("Low disk space for " + _jailedFilePathAnonym); } - LOG_INF("Linking " << publicFilePath << " to " << _jailedFilePathAnonym); + LOG_INF("Linking " << LOOLWSD::anonymizeUrl(publicFilePath) << " to " << _jailedFilePathAnonym); if (!Poco::File(_jailedFilePath).exists() && link(publicFilePath.c_str(), _jailedFilePath.c_str()) == -1) { // Failed - LOG_WRN("link(\"" << publicFilePath << "\", \"" << _jailedFilePathAnonym << "\") failed. Will copy. " + LOG_WRN("link(\"" << LOOLWSD::anonymizeUrl(publicFilePath) << "\", \"" << _jailedFilePathAnonym << "\") failed. Will copy. " "Linking error: " << errno << " " << strerror(errno)); } @@ -280,14 +279,14 @@ std::string LocalStorage::loadStorageFileToLocal(const Authorization& /*auth*/) // Fallback to copying. if (!Poco::File(_jailedFilePath).exists()) { - LOG_INF("Copying " << publicFilePath << " to " << _jailedFilePathAnonym); + LOG_INF("Copying " << LOOLWSD::anonymizeUrl(publicFilePath) << " to " << _jailedFilePathAnonym); Poco::File(publicFilePath).copyTo(_jailedFilePath); _isCopy = true; } } catch (const Poco::Exception& exc) { - LOG_ERR("copyTo(\"" << publicFilePath << "\", \"" << _jailedFilePathAnonym << "\") failed: " << exc.displayText()); + LOG_ERR("copyTo(\"" << LOOLWSD::anonymizeUrl(publicFilePath) << "\", \"" << _jailedFilePathAnonym << "\") failed: " << exc.displayText()); throw; } @@ -311,7 +310,7 @@ StorageBase::SaveResult LocalStorage::saveLocalFileToStorage(const Authorization // Copy the file back. if (_isCopy && Poco::File(_jailedFilePath).exists()) { - LOG_INF("Copying " << _jailedFilePathAnonym << " to " << _uri.getPath()); + LOG_INF("Copying " << _jailedFilePathAnonym << " to " << LOOLWSD::anonymizeUrl(_uri.getPath())); Poco::File(_jailedFilePath).copyTo(_uri.getPath()); } @@ -322,7 +321,7 @@ StorageBase::SaveResult LocalStorage::saveLocalFileToStorage(const Authorization } catch (const Poco::Exception& exc) { - LOG_ERR("copyTo(\"" << _jailedFilePathAnonym << "\", \"" << _uri.getPath() << + LOG_ERR("copyTo(\"" << _jailedFilePathAnonym << "\", \"" << LOOLWSD::anonymizeUrl(_uri.getPath()) << "\") failed: " << exc.displayText()); return StorageBase::SaveResult::FAILED; } diff --git a/wsd/Storage.hpp b/wsd/Storage.hpp index 066958990..e939478cf 100644 --- a/wsd/Storage.hpp +++ b/wsd/Storage.hpp @@ -18,6 +18,7 @@ #include <Poco/Util/Application.h> #include "Auth.hpp" +#include "LOOLWSD.hpp" #include "Log.hpp" #include "Util.hpp" @@ -121,7 +122,7 @@ public: _isUserModified(false), _isAutosave(false) { - LOG_DBG("Storage ctor: " << uri.toString()); + LOG_DBG("Storage ctor: " << LOOLWSD::anonymizeUrl(uri.toString())); } virtual ~StorageBase() {} @@ -211,7 +212,7 @@ public: _isCopy(false) { LOG_INF("LocalStorage ctor with localStorePath: [" << localStorePath << - "], jailPath: [" << jailPath << "], uri: [" << uri.toString() << "]."); + "], jailPath: [" << jailPath << "], uri: [" << LOOLWSD::anonymizeUrl(uri.toString()) << "]."); } class LocalFileInfo @@ -254,7 +255,7 @@ public: _wopiLoadDuration(0) { LOG_INF("WopiStorage ctor with localStorePath: [" << localStorePath << - "], jailPath: [" << jailPath << "], uri: [" << uri.toString() << "]."); + "], jailPath: [" << jailPath << "], uri: [" << LOOLWSD::anonymizeUrl(uri.toString()) << "]."); } class WOPIFileInfo @@ -360,7 +361,7 @@ public: _authAgent(std::move(authAgent)) { LOG_INF("WebDAVStorage ctor with localStorePath: [" << localStorePath << - "], jailPath: [" << jailPath << "], uri: [" << uri.toString() << "]."); + "], jailPath: [" << jailPath << "], uri: [" << LOOLWSD::anonymizeUrl(uri.toString()) << "]."); } // Implement me commit 6ca8cc1dfdb44079d2bdf437eda546047c6815af Author: Jan Holesovsky <[email protected]> Date: Fri Jun 15 15:26:47 2018 +0200 anonymization: Anonymize dockey and urls in Kit.cpp. Change-Id: I02c24e53664dbc971e8b5b4bdc3e607a53769bd0 diff --git a/kit/Kit.cpp b/kit/Kit.cpp index b75be40e4..24be99808 100644 --- a/kit/Kit.cpp +++ b/kit/Kit.cpp @@ -717,8 +717,8 @@ public: _editorId(-1), _editorChangeWarning(false) { - LOG_INF("Document ctor for [" << _docKey << - "] url [" << _url << "] on child [" << _jailId << + LOG_INF("Document ctor for [" << anonymizeUrl(_docKey) << + "] url [" << anonymizeUrl(_url) << "] on child [" << _jailId << "] and id [" << _docId << "]."); assert(_loKit); @@ -727,8 +727,8 @@ public: ~Document() { - LOG_INF("~Document dtor for [" << _docKey << - "] url [" << _url << "] on child [" << _jailId << + LOG_INF("~Document dtor for [" << anonymizeUrl(_docKey) << + "] url [" << anonymizeUrl(_url) << "] on child [" << _jailId << "] and id [" << _docId << "]. There are " << _sessions.size() << " views."); @@ -749,12 +749,12 @@ public: { if (_sessions.find(sessionId) != _sessions.end()) { - LOG_WRN("Session [" << sessionId << "] on url [" << _url << "] already exists."); + LOG_WRN("Session [" << sessionId << "] on url [" << anonymizeUrl(_url) << "] already exists."); return true; } LOG_INF("Creating " << (_sessions.empty() ? "first" : "new") << - " session for url: " << _url << " for sessionId: " << + " session for url: " << anonymizeUrl(_url) << " for sessionId: " << sessionId << " on jailId: " << _jailId); auto session = std::make_shared<ChildSession>(sessionId, _jailId, *this); @@ -770,7 +770,7 @@ public: catch (const std::exception& ex) { LOG_ERR("Exception while creating session [" << sessionId << - "] on url [" << _url << "] - '" << ex.what() << "'."); + "] on url [" << anonymizeUrl(_url) << "] - '" << ex.what() << "'."); return false; } } @@ -810,7 +810,7 @@ public: num_sessions = _sessions.size(); if (num_sessions == 0) { - LOG_INF("Document [" << _url << "] has no more views, exiting bluntly."); + LOG_INF("Document [" << anonymizeUrl(_url) << "] has no more views, exiting bluntly."); std::_Exit(Application::EXIT_OK); } } @@ -1271,7 +1271,7 @@ private: void onUnload(const ChildSession& session) override { const auto& sessionId = session.getId(); - LOG_INF("Unloading session [" << sessionId << "] on url [" << _url << "]."); + LOG_INF("Unloading session [" << sessionId << "] on url [" << anonymizeUrl(_url) << "]."); const auto viewId = session.getViewId(); _tileQueue->removeCursorPosition(viewId); @@ -1292,14 +1292,14 @@ private: std::unique_lock<std::mutex> lock(_mutex); if (_sessions.empty()) { - LOG_INF("Document [" << _url << "] has no more views, exiting bluntly."); + LOG_INF("Document [" << anonymizeUrl(_url) << "] has no more views, exiting bluntly."); std::_Exit(Application::EXIT_OK); } - LOG_INF("Document [" << _url << "] has no more views, but has " << + LOG_INF("Document [" << anonymizeUrl(_url) << "] has no more views, but has " << _sessions.size() << " sessions still. Destroying the document."); _loKitDocument.reset(); - LOG_INF("Document [" << _url << "] session [" << sessionId << "] unloaded Document."); + LOG_INF("Document [" << anonymizeUrl(_url) << "] session [" << sessionId << "] unloaded Document."); return; } else @@ -1313,7 +1313,7 @@ private: // _viewIdToCallbackDescr.erase(viewId); viewCount = _loKitDocument->getViewsCount(); - LOG_INF("Document [" << _url << "] session [" << + LOG_INF("Document [" << anonymizeUrl(_url) << "] session [" << sessionId << "] unloaded view [" << viewId << "]. Have " << viewCount << " view" << (viewCount != 1 ? "s." : ".")); @@ -1596,7 +1596,7 @@ private: } LOG_INF("Initializing for rendering session [" << sessionId << "] on document url [" << - _url << "] with: [" << makeRenderParams(_renderOpts, userNameAnonym) << "]."); + anonymizeUrl(_url) << "] with: [" << makeRenderParams(_renderOpts, userNameAnonym) << "]."); // initializeForRendering() should be called before // registerCallback(), as the previous creates a new view in Impress. @@ -1616,7 +1616,7 @@ private: _loKitDocument->registerCallback(ViewCallback, _viewIdToCallbackDescr[viewId].get()); const int viewCount = _loKitDocument->getViewsCount(); - LOG_INF("Document url [" << _url << "] for session [" << + LOG_INF("Document url [" << anonymizeUrl(_url) << "] for session [" << sessionId << "] loaded view [" << viewId << "]. Have " << viewCount << " view" << (viewCount != 1 ? "s." : ".")); @@ -1878,8 +1878,8 @@ private: { if (!_loKitDocument) { - LOG_ERR("Document [" << _docKey << "] is not loaded."); - throw std::runtime_error("Document " + _docKey + " is not loaded."); + LOG_ERR("Document [" << anonymizeUrl(_docKey) << "] is not loaded."); + throw std::runtime_error("Document " + anonymizeUrl(_docKey) + " is not loaded."); } return _loKitDocument; @@ -2226,7 +2226,7 @@ void lokit_main(const std::string& childRoot, } #endif - LOG_DBG(socketName << ": recv [" << LOOLProtocol::getAbbreviatedMessage(message) << "]."); + LOG_TRC(socketName << ": recv [" << LOOLProtocol::getAbbreviatedMessage(message) << "]."); std::vector<std::string> tokens = LOOLProtocol::tokenize(message); // Note: Syntax or parsing errors here are unexpected and fatal. @@ -2242,7 +2242,7 @@ void lokit_main(const std::string& childRoot, std::string url; URI::decode(docKey, url); - LOG_INF("New session [" << sessionId << "] request on url [" << url << "]."); + LOG_INF("New session [" << sessionId << "] request on url [" << anonymizeUrl(url) << "]."); if (!document) { commit c25660a01691d77c7f82ae98b326c516cc85fba1 Author: Jan Holesovsky <[email protected]> Date: Fri Jun 15 12:52:42 2018 +0200 Add a helpful warning for the dev builds. Change-Id: I07d9c4d84e1edf9807a0683667d8d24d4c39ff38 diff --git a/wsd/LOOLWSD.cpp b/wsd/LOOLWSD.cpp index 0d5a5aa35..778a5d71d 100644 --- a/wsd/LOOLWSD.cpp +++ b/wsd/LOOLWSD.cpp @@ -770,8 +770,13 @@ void LOOLWSD::initialize(Application& self) { if (LogLevel == "trace") { - LOG_FTL("Anonymization and trace-level logging are incompatible. " - "Please reduce logging level to debug or lower to prevent leaking sensitive user data."); + const char failure[] = "Anonymization and trace-level logging are incompatible. " + "Please reduce logging level to debug or lower in loolwsd.xml to prevent leaking sensitive user data."; + LOG_FTL(failure); + std::cerr << '\n' << failure << std::endl; +#if ENABLE_DEBUG + std::cerr << "\nIf you have used 'make run', edit loolwsd.xml and make sure you have removed '--o:logging.level=trace' from the command line in Makefile.am.\n" << std::endl; +#endif _exit(Application::EXIT_SOFTWARE); } } commit b9b5d40e11cc044ad100258c15f31a34b2332f0a Author: Jan Holesovsky <[email protected]> Date: Wed Apr 25 13:46:48 2018 +0200 Targed for running loolwsd under gdb. Change-Id: Id3e946f90b7e61d67b2cee34276a58501380b96d Reviewed-on: https://gerrit.libreoffice.org/53447 Reviewed-by: Jan Holesovsky <[email protected]> Tested-by: Jan Holesovsky <[email protected]> diff --git a/Makefile.am b/Makefile.am index e811e0010..3e12d50e5 100644 --- a/Makefile.am +++ b/Makefile.am @@ -262,6 +262,20 @@ run-valgrind: all @JAILS_PATH@ @SYSTEMPLATE_PATH@/system_stamp --o:admin_console.username=admin --o:admin_console.password=admin \ --o:logging.file[@enable]=false --o:logging.level=trace +run-gdb: all @JAILS_PATH@ @SYSTEMPLATE_PATH@/system_stamp + @echo "Launching loolwsd under valgrind's callgrind" + @fc-cache "@LO_PATH@"/share/fonts/truetype + @cp $(abs_top_srcdir)/test/data/hello.odt $(abs_top_srcdir)/test/data/hello-world.odt + gdb --tui --args \ + ./loolwsd --nocaps \ + --o:sys_template_path="@SYSTEMPLATE_PATH@" --o:lo_template_path="@LO_PATH@" \ + --o:child_root_path="@JAILS_PATH@" --o:storage.filesystem[@allow]=true \ + --o:ssl.cert_file_path="$(abs_top_srcdir)/etc/cert.pem" \ + --o:ssl.key_file_path="$(abs_top_srcdir)/etc/key.pem" \ + --o:ssl.ca_file_path="$(abs_top_srcdir)/etc/ca-chain.cert.pem" \ + --o:admin_console.username=admin --o:admin_console.password=admin \ + --o:logging.file[@enable]=false --o:logging.level=error + run-callgrind: all @JAILS_PATH@ @SYSTEMPLATE_PATH@/system_stamp @echo "Launching loolwsd under valgrind's callgrind" @fc-cache "@LO_PATH@"/share/fonts/truetype commit 2b46475ced9d13d257467c559a73fb5f1b4cb58a Author: Ashod Nakashian <[email protected]> Date: Sun Jun 10 22:40:32 2018 -0400 wsd: anonymize saveas Change-Id: I58e349781952a97c3251b0e52e26abb34d44e9c0 diff --git a/kit/ChildSession.cpp b/kit/ChildSession.cpp index 57c1326bb..b273c86f0 100644 --- a/kit/ChildSession.cpp +++ b/kit/ChildSession.cpp @@ -1127,6 +1127,8 @@ bool ChildSession::saveAs(const char* /*buffer*/, int /*length*/, const std::vec return false; } + const std::string urlAnonym = anonymizeUrl(url); + // if the url is a 'wopi:///something/blah.odt', then save to a temporary Poco::URI wopiURL(url); if (wopiURL.getScheme() == "wopi") @@ -1162,13 +1164,13 @@ bool ChildSession::saveAs(const char* /*buffer*/, int /*length*/, const std::vec getLOKitDocument()->setView(_viewId); - LOG_DBG("Calling LOK's saveAs with: '" << url.c_str() << "', '" << + LOG_DBG("Calling LOK's saveAs with: '" << urlAnonym << "', '" << (format.size() == 0 ? "(nullptr)" : format.c_str()) << "', '" << (filterOptions.size() == 0 ? "(nullptr)" : filterOptions.c_str()) << "'."); success = getLOKitDocument()->saveAs(url.c_str(), - format.size() == 0 ? nullptr :format.c_str(), - filterOptions.size() == 0 ? nullptr : filterOptions.c_str()); + format.empty() ? nullptr : format.c_str(), + filterOptions.empty() ? nullptr : filterOptions.c_str()); if (!success) { diff --git a/wsd/Storage.cpp b/wsd/Storage.cpp index f1fe5d79e..422d5a863 100644 --- a/wsd/Storage.cpp +++ b/wsd/Storage.cpp @@ -722,7 +722,6 @@ StorageBase::SaveResult WopiStorage::saveLocalFileToStorage(const Authorization& LOG_INF("Uploading URI via WOPI [" << uriAnonym << "] from [" << filePathAnonym + "]."); - std::ostringstream oss; StorageBase::SaveResult saveResult(StorageBase::SaveResult::FAILED); try { @@ -794,13 +793,35 @@ StorageBase::SaveResult WopiStorage::saveLocalFileToStorage(const Authorization& Poco::Net::HTTPResponse response; std::istream& rs = psession->receiveResponse(response); + + std::ostringstream oss; Poco::StreamCopier::copyStream(rs, oss); + std::string responseString = oss.str(); + + const std::string wopiLog(isSaveAs ? "WOPI::PutRelativeFile" : "WOPI::PutFile"); + + if (Log::infoEnabled()) + { + if (LOOLWSD::AnonymizeFilenames) + { + Poco::JSON::Object::Ptr object; + if (parseJSON(responseString, object)) + { + // Anonymize the filename + std::string filename; + getWOPIValue(object, "Name", filename); + object->set("Name", LOOLWSD::anonymizeUsername(filename)); + // Stringify to log. + std::ostringstream ossResponse; + object->stringify(ossResponse); + responseString = ossResponse.str(); + } + } - std::string wopiLog(isSaveAs? "WOPI::PutRelativeFile": "WOPI::PutFile"); - LOG_INF(wopiLog << " response: " << oss.str()); - LOG_INF(wopiLog << " uploaded " << size << " bytes from [" << filePathAnonym << - "] -> [" << uriAnonym << "]: " << - response.getStatus() << " " << response.getReason()); + LOG_INF(wopiLog << " response: " << responseString); + LOG_INF(wopiLog << " uploaded " << size << " bytes from [" << filePathAnonym << + "] -> [" << uriAnonym << "]: " << response.getStatus() << " " << response.getReason()); + } if (response.getStatus() == Poco::Net::HTTPResponse::HTTP_OK) { @@ -815,10 +836,10 @@ StorageBase::SaveResult WopiStorage::saveLocalFileToStorage(const Authorization& if (isSaveAs) { const std::string name = getJSONValue<std::string>(object, "Name"); - LOG_TRC(wopiLog << " returns Name [" << name << "]."); + LOG_TRC(wopiLog << " returns Name [" << LOOLWSD::anonymizeUrl(name) << "]."); const std::string url = getJSONValue<std::string>(object, "Url"); - LOG_TRC(wopiLog << " returns Url [" << url << "]."); + LOG_TRC(wopiLog << " returns Url [" << LOOLWSD::anonymizeUrl(url) << "]."); saveResult.setSaveAsResult(name, url); } commit b8dfb55ba6c76de9916047e2ca46cf58b24ae241 Author: Ashod Nakashian <[email protected]> Date: Sun Jun 10 22:30:42 2018 -0400 wsd: anonymize downloadas Change-Id: I6dff7189d78d339f1f5db7afef2b62da4df23759 diff --git a/kit/ChildSession.cpp b/kit/ChildSession.cpp index 19950fe22..57c1326bb 100644 --- a/kit/ChildSession.cpp +++ b/kit/ChildSession.cpp @@ -664,18 +664,20 @@ bool ChildSession::downloadAs(const char* /*buffer*/, int /*length*/, const std: // Prevent user inputting anything funny here. // A "name" should always be a name, not a path const Poco::Path filenameParam(name); - const auto url = JAILED_DOCUMENT_ROOT + tmpDir + "/" + filenameParam.getFileName(); + const std::string url = JAILED_DOCUMENT_ROOT + tmpDir + "/" + filenameParam.getFileName(); + const std::string nameAnonym = anonymizeUrl(name); + const std::string urlAnonym = JAILED_DOCUMENT_ROOT + tmpDir + "/" + Poco::Path(nameAnonym).getFileName(); { std::unique_lock<std::mutex> lock(_docManager.getDocumentMutex()); - LOG_DBG("Calling LOK's downloadAs with: '" << url.c_str() << "', '" << - (format.size() == 0 ? "(nullptr)" : format.c_str()) << "', '" << - (filterOptions.size() == 0 ? "(nullptr)" : filterOptions.c_str()) << "'."); + LOG_DBG("Calling LOK's downloadAs with: url='" << urlAnonym << "', format='" << + (format.empty() ? "(nullptr)" : format.c_str()) << "', ' filterOptions=" << + (filterOptions.empty() ? "(nullptr)" : filterOptions.c_str()) << "'."); getLOKitDocument()->saveAs(url.c_str(), - format.size() == 0 ? nullptr :format.c_str(), - filterOptions.size() == 0 ? nullptr : filterOptions.c_str()); + format.empty() ? nullptr : format.c_str(), + filterOptions.empty() ? nullptr : filterOptions.c_str()); } sendTextFrame("downloadas: jail=" + _jailId + " dir=" + tmpDir + " name=" + name + diff --git a/kit/Kit.cpp b/kit/Kit.cpp index f7a1f5821..b75be40e4 100644 --- a/kit/Kit.cpp +++ b/kit/Kit.cpp @@ -2412,6 +2412,25 @@ bool globalPreinit(const std::string &loTemplate) return true; } +std::string anonymizeUrl(const std::string& url) +{ +#ifndef BUILDING_TESTS + return AnonymizeFilenames ? Util::anonymizeUrl(url) : url; +#else + return url; +#endif +} + +/// Anonymize usernames. +std::string anonymizeUsername(const std::string& username) +{ +#ifndef BUILDING_TESTS + return AnonymizeUsernames ? Util::anonymize(username) : username; +#else + return username; +#endif +} + #if !defined(BUILDING_TESTS) && !defined(KIT_IN_PROCESS) namespace Util { diff --git a/kit/Kit.hpp b/kit/Kit.hpp index ac80b4869..d5ca5b9a4 100644 --- a/kit/Kit.hpp +++ b/kit/Kit.hpp @@ -72,6 +72,12 @@ void forkLibreOfficeKit(const std::string& childRoot, const std::string& loSubPath, int limit = 0); +/// Anonymize the basename of filenames, preserving the path and extension. +std::string anonymizeUrl(const std::string& url); + +/// Anonymize usernames. +std::string anonymizeUsername(const std::string& username); + #endif /* vim:set shiftwidth=4 softtabstop=4 expandtab: */ diff --git a/kit/KitHelper.hpp b/kit/KitHelper.hpp index d386ea067..12af0e92b 100644 --- a/kit/KitHelper.hpp +++ b/kit/KitHelper.hpp @@ -194,7 +194,7 @@ namespace LOKitHelper return oss.str(); } -}; +} #endif diff --git a/wsd/ClientSession.cpp b/wsd/ClientSession.cpp index 010e927fa..171712606 100644 --- a/wsd/ClientSession.cpp +++ b/wsd/ClientSession.cpp @@ -479,8 +479,8 @@ bool ClientSession::filterMessage(const std::string& message) const } else { - allowed = false; - LOG_WRN("No value of id in downloadas message"); + allowed = false; + LOG_WRN("No value of id in downloadas message"); } } else if (tokens[0] == "gettextselection") diff --git a/wsd/LOOLWSD.cpp b/wsd/LOOLWSD.cpp index 59d3025da..0d5a5aa35 100644 --- a/wsd/LOOLWSD.cpp +++ b/wsd/LOOLWSD.cpp @@ -2258,11 +2258,12 @@ private: docBrokersLock.unlock(); std::string fileName; - bool responded = false; URI::decode(tokens[5], fileName); const Path filePath(LOOLWSD::ChildRoot + tokens[3] + JAILED_DOCUMENT_ROOT + tokens[4] + "/" + fileName); - LOG_INF("HTTP request for: " << filePath.toString()); + const std::string filePathAnonym = LOOLWSD::anonymizeUrl(filePath.toString()); + LOG_INF("HTTP request for: " << filePathAnonym); + bool responded = false; if (filePath.isAbsolute() && File(filePath).exists()) { // Instruct browsers to download the file, not display it @@ -2287,7 +2288,7 @@ private: } else { - LOG_ERR("Download file [" << filePath.toString() << "] not found."); + LOG_ERR("Download file [" << filePathAnonym << "] not found."); } (void)responded; return; commit fb0538cf985f683da25ebcd78ab4e1746d7a9103 Author: Ashod Nakashian <[email protected]> Date: Sun Jun 10 20:55:52 2018 -0400 wsd: anonymize document saving Change-Id: Ic819883e39a544ec16d6ac144a08ed9f9f568cc0 diff --git a/wsd/DocumentBroker.cpp b/wsd/DocumentBroker.cpp index 6fb482c3c..35e9068c2 100644 --- a/wsd/DocumentBroker.cpp +++ b/wsd/DocumentBroker.cpp @@ -762,20 +762,21 @@ bool DocumentBroker::saveToStorageInternal(const std::string& sessionId, } const Authorization auth = it->second->getAuthorization(); - const auto uri = isSaveAs? saveAsPath: it->second->getPublicUri().toString(); + const std::string uri = isSaveAs ? saveAsPath : it->second->getPublicUri().toString(); + const std::string uriAnonym = LOOLWSD::anonymizeUrl(uri); // If the file timestamp hasn't changed, skip saving. const auto newFileModifiedTime = Poco::File(_storage->getRootFilePath()).getLastModified(); if (!isSaveAs && newFileModifiedTime == _lastFileModifiedTime) { // Nothing to do. - LOG_DBG("Skipping unnecessary saving to URI [" << uri << "] with docKey [" << _docKey << + LOG_DBG("Skipping unnecessary saving to URI [" << uriAnonym << "] with docKey [" << _docKey << "]. File last modified " << _lastFileModifiedTime.elapsed() / 1000000 << " seconds ago."); _poll->wakeup(); return true; } - LOG_DBG("Persisting [" << _docKey << "] after saving to URI [" << uri << "]."); + LOG_DBG("Persisting [" << _docKey << "] after saving to URI [" << uriAnonym << "]."); assert(_storage && _tileCache); StorageBase::SaveResult storageSaveResult = _storage->saveLocalFileToStorage(auth, saveAsPath, saveAsFilename); @@ -795,7 +796,7 @@ bool DocumentBroker::saveToStorageInternal(const std::string& sessionId, // After a successful save, we are sure that document in the storage is same as ours _documentChangedInStorage = false; - LOG_DBG("Saved docKey [" << _docKey << "] to URI [" << uri << "] and updated timestamps. " << + LOG_DBG("Saved docKey [" << _docKey << "] to URI [" << uriAnonym << "] and updated timestamps. " << " Document modified timestamp: " << _documentLastModifiedTime); // Resume polling. @@ -804,22 +805,29 @@ bool DocumentBroker::saveToStorageInternal(const std::string& sessionId, else { // normalize the url (mainly to " " -> "%20") - std::string url = Poco::URI(storageSaveResult.getSaveAsUrl()).toString(); + const std::string url = Poco::URI(storageSaveResult.getSaveAsUrl()).toString(); + + const std::string filename = storageSaveResult.getSaveAsName(); // encode the name std::string encodedName; - Poco::URI::encode(storageSaveResult.getSaveAsName(), "", encodedName); + Poco::URI::encode(filename, "", encodedName); + const std::string filenameAnonym = LOOLWSD::anonymizeUrl(filename); - it->second->sendTextFrame("saveas: url=" + url + " filename=" + encodedName); + std::ostringstream oss; + oss << "saveas: url=" << url << " filename=" << encodedName + << " xfilename=" << filenameAnonym; + it->second->sendTextFrame(oss.str()); LOG_DBG("Saved As docKey [" << _docKey << "] to URI [" << url << - " with name '" << encodedName << "'] successfully."); + "] with name [" << filenameAnonym << "] successfully."); } + return true; } else if (storageSaveResult.getResult() == StorageBase::SaveResult::DISKFULL) { - LOG_WRN("Disk full while saving docKey [" << _docKey << "] to URI [" << uri << + LOG_WRN("Disk full while saving docKey [" << _docKey << "] to URI [" << uriAnonym << "]. Making all sessions on doc read-only and notifying clients."); // Make everyone readonly and tell everyone that storage is low on diskspace. @@ -831,13 +839,14 @@ bool DocumentBroker::saveToStorageInternal(const std::string& sessionId, } else if (storageSaveResult.getResult() == StorageBase::SaveResult::UNAUTHORIZED) { - LOG_ERR("Cannot save docKey [" << _docKey << "] to storage URI [" << uri << "]. Invalid or expired access token. Notifying client."); + LOG_ERR("Cannot save docKey [" << _docKey << "] to storage URI [" << uriAnonym << + "]. Invalid or expired access token. Notifying client."); it->second->sendTextFrame("error: cmd=storage kind=saveunauthorized"); } else if (storageSaveResult.getResult() == StorageBase::SaveResult::FAILED) { //TODO: Should we notify all clients? - LOG_ERR("Failed to save docKey [" << _docKey << "] to URI [" << uri << "]. Notifying client."); + LOG_ERR("Failed to save docKey [" << _docKey << "] to URI [" << uriAnonym << "]. Notifying client."); it->second->sendTextFrame("error: cmd=storage kind=savefailed"); } else if (storageSaveResult.getResult() == StorageBase::SaveResult::DOC_CHANGED) diff --git a/wsd/Storage.cpp b/wsd/Storage.cpp index ef8e76793..f1fe5d79e 100644 --- a/wsd/Storage.cpp +++ b/wsd/Storage.cpp @@ -488,8 +488,9 @@ std::unique_ptr<WopiStorage::WOPIFileInfo> WopiStorage::getWOPIFileInfo(const Au // update the access_token to the one matching to the session Poco::URI uriObject(_uri); auth.authorizeURI(uriObject); + const std::string uriAnonym = LOOLWSD::anonymizeUrl(uriObject.toString()); - LOG_DBG("Getting info for wopi uri [" << uriObject.toString() << "]."); + LOG_DBG("Getting info for wopi uri [" << uriAnonym << "]."); std::string wopiResponse; std::chrono::duration<double> callDuration(0); @@ -513,7 +514,7 @@ std::unique_ptr<WopiStorage::WOPIFileInfo> WopiStorage::getWOPIFileInfo(const Au auto logger = Log::trace(); if (logger.enabled()) { - logger << "WOPI::CheckFileInfo header for URI [" << uriObject.toString() << "]:\n"; + logger << "WOPI::CheckFileInfo header for URI [" << uriAnonym << "]:\n"; for (const auto& pair : response) { logger << '\t' << pair.first << ": " << pair.second << " / "; @@ -530,10 +531,10 @@ std::unique_ptr<WopiStorage::WOPIFileInfo> WopiStorage::getWOPIFileInfo(const Au Poco::StreamCopier::copyToString(rs, wopiResponse); } - catch(const Poco::Exception& pexc) + catch (const Poco::Exception& pexc) { - LOG_ERR("Cannot get file info from WOPI storage uri [" << uriObject.toString() << "]. Error: " << pexc.displayText() << - (pexc.nested() ? " (" + pexc.nested()->displayText() + ")" : "")); + LOG_ERR("Cannot get file info from WOPI storage uri [" << uriAnonym << "]. Error: " << + pexc.displayText() << (pexc.nested() ? " (" + pexc.nested()->displayText() + ")" : "")); throw; } @@ -623,7 +624,7 @@ std::unique_ptr<WopiStorage::WOPIFileInfo> WopiStorage::getWOPIFileInfo(const Au else LOG_ERR("WOPI::CheckFileInfo failed or no valid JSON payload returned. Access denied. " "Original response: [" << wopiResponse << "]."); - throw UnauthorizedRequestException("Access denied. WOPI::CheckFileInfo failed on: " + uriObject.toString()); + throw UnauthorizedRequestException("Access denied. WOPI::CheckFileInfo failed on: " + uriAnonym); } const Poco::Timestamp modifiedTime = iso8601ToTimestamp(lastModifiedTime); @@ -640,8 +641,9 @@ std::string WopiStorage::loadStorageFileToLocal(const Authorization& auth) Poco::URI uriObject(_uri); uriObject.setPath(uriObject.getPath() + "/contents"); auth.authorizeURI(uriObject); + const std::string uriAnonym = LOOLWSD::anonymizeUrl(uriObject.toString()); - LOG_DBG("Wopi requesting: " << uriObject.toString()); + LOG_DBG("Wopi requesting: " << uriAnonym); const auto startTime = std::chrono::steady_clock::now(); try @@ -662,7 +664,7 @@ std::string WopiStorage::loadStorageFileToLocal(const Authorization& auth) auto logger = Log::trace(); if (logger.enabled()) { - logger << "WOPI::GetFile header for URI [" << uriObject.toString() << "]:\n"; + logger << "WOPI::GetFile header for URI [" << uriAnonym << "]:\n"; for (const auto& pair : response) { logger << '\t' << pair.first << ": " << pair.second << " / "; @@ -685,8 +687,8 @@ std::string WopiStorage::loadStorageFileToLocal(const Authorization& auth) std::istreambuf_iterator<char>(), std::ostreambuf_iterator<char>(ofs)); ofs.close(); - LOG_INF("WOPI::GetFile downloaded " << getFileSize(_jailedFilePath) << " bytes from [" << uriObject.toString() << - "] -> " << _jailedFilePathAnonym << " in " << diff.count() << "s"); + LOG_INF("WOPI::GetFile downloaded " << getFileSize(_jailedFilePath) << " bytes from [" << + uriAnonym << "] -> " << _jailedFilePathAnonym << " in " << diff.count() << "s"); _isLoaded = true; // Now return the jailed path. @@ -695,8 +697,8 @@ std::string WopiStorage::loadStorageFileToLocal(const Authorization& auth) } catch(const Poco::Exception& pexc) { - LOG_ERR("Cannot load document from WOPI storage uri [" + uriObject.toString() + "]. Error: " << pexc.displayText() << - (pexc.nested() ? " (" + pexc.nested()->displayText() + ")" : "")); + LOG_ERR("Cannot load document from WOPI storage uri [" + uriAnonym + "]. Error: " << + pexc.displayText() << (pexc.nested() ? " (" + pexc.nested()->displayText() + ")" : "")); throw; } @@ -708,15 +710,17 @@ StorageBase::SaveResult WopiStorage::saveLocalFileToStorage(const Authorization& // TODO: Check if this URI has write permission (canWrite = true) const bool isSaveAs = !saveAsPath.empty() && !saveAsFilename.empty(); - const std::string filePath(isSaveAs? saveAsPath: _jailedFilePath); + const std::string filePath(isSaveAs ? saveAsPath : _jailedFilePath); + const std::string filePathAnonym = LOOLWSD::anonymizeUrl(filePath); const auto size = getFileSize(filePath); Poco::URI uriObject(_uri); uriObject.setPath(isSaveAs? uriObject.getPath(): uriObject.getPath() + "/contents"); auth.authorizeURI(uriObject); + const std::string uriAnonym = LOOLWSD::anonymizeUrl(uriObject.toString()); - LOG_INF("Uploading URI via WOPI [" << LOOLWSD::anonymizeUrl(uriObject.toString()) << "] from [" << filePath + "]."); + LOG_INF("Uploading URI via WOPI [" << uriAnonym << "] from [" << filePathAnonym + "]."); std::ostringstream oss; StorageBase::SaveResult saveResult(StorageBase::SaveResult::FAILED); @@ -794,8 +798,8 @@ StorageBase::SaveResult WopiStorage::saveLocalFileToStorage(const Authorization& std::string wopiLog(isSaveAs? "WOPI::PutRelativeFile": "WOPI::PutFile"); LOG_INF(wopiLog << " response: " << oss.str()); - LOG_INF(wopiLog << " uploaded " << size << " bytes from [" << filePath << - "] -> [" << LOOLWSD::anonymizeUrl(uriObject.toString()) << "]: " << + LOG_INF(wopiLog << " uploaded " << size << " bytes from [" << filePathAnonym << + "] -> [" << uriAnonym << "]: " << response.getStatus() << " " << response.getReason()); if (response.getStatus() == Poco::Net::HTTPResponse::HTTP_OK) @@ -825,7 +829,7 @@ StorageBase::SaveResult WopiStorage::saveLocalFileToStorage(const Authorization& } else { - LOG_WRN("Invalid or missing JSON in " << wopiLog << " HTTP_OK response"); + LOG_WRN("Invalid or missing JSON in " << wopiLog << " HTTP_OK response."); } } else if (response.getStatus() == Poco::Net::HTTPResponse::HTTP_REQUESTENTITYTOOLARGE) @@ -850,14 +854,14 @@ StorageBase::SaveResult WopiStorage::saveLocalFileToStorage(const Authorization& } else { - LOG_WRN("Invalid or missing JSON in " << wopiLog << " HTTP_CONFLICT response"); + LOG_WRN("Invalid or missing JSON in " << wopiLog << " HTTP_CONFLICT response."); } } } catch(const Poco::Exception& pexc) { - LOG_ERR("Cannot save file to WOPI storage uri [" + uriObject.toString() + "]. Error: " << pexc.displayText() << - (pexc.nested() ? " (" + pexc.nested()->displayText() + ")" : "")); + LOG_ERR("Cannot save file to WOPI storage uri [" << uriAnonym << "]. Error: " << + pexc.displayText() << (pexc.nested() ? " (" + pexc.nested()->displayText() + ")" : "")); saveResult.setResult(StorageBase::SaveResult::FAILED); } commit 7ee6314a404f1e9b8316235414d59cdbc67b5cf8 Author: Ashod Nakashian <[email protected]> Date: Sun Jun 10 20:24:04 2018 -0400 wsd: anonymize jailed filename Change-Id: I0af46ae6779caf9851e3142889940e4f774f9eb9 diff --git a/wsd/AdminModel.cpp b/wsd/AdminModel.cpp index 4b52ab82b..843ce1271 100644 --- a/wsd/AdminModel.cpp +++ b/wsd/AdminModel.cpp @@ -25,6 +25,7 @@ #include "Log.hpp" #include "Unit.hpp" #include "Util.hpp" +#include <wsd/LOOLWSD.hpp> void Document::addView(const std::string& sessionId, const std::string& userName, const std::string& userId) { @@ -88,7 +89,7 @@ const std::string Document::getHistory() const std::ostringstream oss; oss << "{"; oss << "\"docKey\"" << ":\"" << _docKey << "\","; - oss << "\"filename\"" << ":\"" << getFilename() << "\","; + oss << "\"filename\"" << ":\"" << LOOLWSD::anonymizeUrl(getFilename()) << "\","; oss << "\"start\"" << ":" << _start << ","; oss << "\"end\"" << ":" << _end << ","; oss << "\"pid\"" << ":" << getPid() << ","; diff --git a/wsd/DocumentBroker.cpp b/wsd/DocumentBroker.cpp index d2cab234b..6fb482c3c 100644 --- a/wsd/DocumentBroker.cpp +++ b/wsd/DocumentBroker.cpp @@ -654,7 +654,7 @@ bool DocumentBroker::load(const std::shared_ptr<ClientSession>& session, const s Poco::DigestOutputStream dos(sha1); Poco::StreamCopier::copyStream(istr, dos); dos.close(); - LOG_INF("SHA1 for DocKey [" << _docKey << "] of [" << localPath << "]: " << + LOG_INF("SHA1 for DocKey [" << _docKey << "] of [" << LOOLWSD::anonymizeUrl(localPath) << "]: " << Poco::DigestEngine::digestToHex(sha1.digest())); // LibreOffice can't open files with '#' in the name diff --git a/wsd/Storage.cpp b/wsd/Storage.cpp index e56e29c87..ef8e76793 100644 --- a/wsd/Storage.cpp +++ b/wsd/Storage.cpp @@ -255,22 +255,24 @@ std::string LocalStorage::loadStorageFileToLocal(const Authorization& /*auth*/) // /chroot/jailId/user/doc/childId/file.ext const auto filename = Poco::Path(_uri.getPath()).getFileName(); _jailedFilePath = Poco::Path(getLocalRootPath(), filename).toString(); + _jailedFilePathAnonym = LOOLWSD::anonymizeUrl(_jailedFilePath); LOG_INF("Public URI [" << _uri.getPath() << - "] jailed to [" << _jailedFilePath << "]."); + "] jailed to [" << _jailedFilePathAnonym << "]."); // Despite the talk about URIs it seems that _uri is actually just a pathname here const auto publicFilePath = _uri.getPath(); if (!FileUtil::checkDiskSpace(_jailedFilePath)) { - throw StorageSpaceLowException("Low disk space for " + _jailedFilePath); + throw StorageSpaceLowException("Low disk space for " + _jailedFilePathAnonym); } - LOG_INF("Linking " << publicFilePath << " to " << _jailedFilePath); + LOG_INF("Linking " << publicFilePath << " to " << _jailedFilePathAnonym); if (!Poco::File(_jailedFilePath).exists() && link(publicFilePath.c_str(), _jailedFilePath.c_str()) == -1) { // Failed - LOG_WRN("link(\"" << publicFilePath << "\", \"" << _jailedFilePath << "\") failed. Will copy."); + LOG_WRN("link(\"" << publicFilePath << "\", \"" << _jailedFilePathAnonym << "\") failed. Will copy. " + "Linking error: " << errno << " " << strerror(errno)); } try @@ -278,14 +280,14 @@ std::string LocalStorage::loadStorageFileToLocal(const Authorization& /*auth*/) // Fallback to copying. if (!Poco::File(_jailedFilePath).exists()) { - LOG_INF("Copying " << publicFilePath << " to " << _jailedFilePath); + LOG_INF("Copying " << publicFilePath << " to " << _jailedFilePathAnonym); Poco::File(publicFilePath).copyTo(_jailedFilePath); _isCopy = true; } } catch (const Poco::Exception& exc) { - LOG_ERR("copyTo(\"" << publicFilePath << "\", \"" << _jailedFilePath << "\") failed: " << exc.displayText()); + LOG_ERR("copyTo(\"" << publicFilePath << "\", \"" << _jailedFilePathAnonym << "\") failed: " << exc.displayText()); throw; } @@ -305,11 +307,11 @@ StorageBase::SaveResult LocalStorage::saveLocalFileToStorage(const Authorization { try { - LOG_TRC("Saving local file to local file storage " << _isCopy << " for " << _jailedFilePath); + LOG_TRC("Saving local file to local file storage (isCopy: " << _isCopy << ") for " << _jailedFilePathAnonym); // Copy the file back. if (_isCopy && Poco::File(_jailedFilePath).exists()) { - LOG_INF("Copying " << _jailedFilePath << " to " << _uri.getPath()); + LOG_INF("Copying " << _jailedFilePathAnonym << " to " << _uri.getPath()); Poco::File(_jailedFilePath).copyTo(_uri.getPath()); } @@ -320,7 +322,7 @@ StorageBase::SaveResult LocalStorage::saveLocalFileToStorage(const Authorization } catch (const Poco::Exception& exc) { - LOG_ERR("copyTo(\"" << _jailedFilePath << "\", \"" << _uri.getPath() << + LOG_ERR("copyTo(\"" << _jailedFilePathAnonym << "\", \"" << _uri.getPath() << "\") failed: " << exc.displayText()); return StorageBase::SaveResult::FAILED; } @@ -677,13 +679,14 @@ std::string WopiStorage::loadStorageFileToLocal(const Authorization& auth) else // Successful { _jailedFilePath = Poco::Path(getLocalRootPath(), _fileInfo._filename).toString(); + _jailedFilePathAnonym = LOOLWSD::anonymizeUrl(_jailedFilePath); std::ofstream ofs(_jailedFilePath); std::copy(std::istreambuf_iterator<char>(rs), std::istreambuf_iterator<char>(), std::ostreambuf_iterator<char>(ofs)); ofs.close(); LOG_INF("WOPI::GetFile downloaded " << getFileSize(_jailedFilePath) << " bytes from [" << uriObject.toString() << - "] -> " << _jailedFilePath << " in " << diff.count() << "s"); + "] -> " << _jailedFilePathAnonym << " in " << diff.count() << "s"); _isLoaded = true; // Now return the jailed path. @@ -713,7 +716,7 @@ StorageBase::SaveResult WopiStorage::saveLocalFileToStorage(const Authorization& uriObject.setPath(isSaveAs? uriObject.getPath(): uriObject.getPath() + "/contents"); auth.authorizeURI(uriObject); - LOG_INF("Uploading URI via WOPI [" << uriObject.toString() << "] from [" << filePath + "]."); + LOG_INF("Uploading URI via WOPI [" << LOOLWSD::anonymizeUrl(uriObject.toString()) << "] from [" << filePath + "]."); std::ostringstream oss; StorageBase::SaveResult saveResult(StorageBase::SaveResult::FAILED); @@ -792,7 +795,7 @@ StorageBase::SaveResult WopiStorage::saveLocalFileToStorage(const Authorization& std::string wopiLog(isSaveAs? "WOPI::PutRelativeFile": "WOPI::PutFile"); LOG_INF(wopiLog << " response: " << oss.str()); LOG_INF(wopiLog << " uploaded " << size << " bytes from [" << filePath << - "] -> [" << uriObject.toString() << "]: " << + "] -> [" << LOOLWSD::anonymizeUrl(uriObject.toString()) << "]: " << response.getStatus() << " " << response.getReason()); if (response.getStatus() == Poco::Net::HTTPResponse::HTTP_OK) diff --git a/wsd/Storage.hpp b/wsd/Storage.hpp index e55e3047f..066958990 100644 --- a/wsd/Storage.hpp +++ b/wsd/Storage.hpp @@ -183,6 +183,7 @@ protected: std::string _localStorePath; std::string _jailPath; std::string _jailedFilePath; + std::string _jailedFilePathAnonym; FileInfo _fileInfo; bool _isLoaded; bool _forceSave; commit 7847a77181de44397ff1f6455ad371ad37a39d80 Author: Ashod Nakashian <[email protected]> Date: Sun Jun 10 14:02:02 2018 -0400 kit: anonymize usernames and filenames in Kit Change-Id: Id7928136db71ded7bf6b1a5e8e387db7251f8a35 diff --git a/common/Util.hpp b/common/Util.hpp index c9e38d789..fb7f7c27d 100644 --- a/common/Util.hpp +++ b/common/Util.hpp @@ -10,6 +10,7 @@ #ifndef INCLUDED_UTIL_HPP #define INCLUDED_UTIL_HPP +#include <cstring> #include <atomic> #include <cassert> #include <cstring> @@ -224,11 +225,24 @@ namespace Util return trimmed(std::string(s)); } + /// Return true iff s starts with t. inline bool startsWith(const std::string& s, const std::string& t) { return s.length() >= t.length() && memcmp(s.c_str(), t.c_str(), t.length()) == 0; } + /// Return true iff s starts with t. + inline bool startsWith(const std::string& s, const char* t) + { + if (t != nullptr && !s.empty()) + { + const size_t len = std::strlen(t); + return s.length() >= len && memcmp(s.c_str(), t, len) == 0; + } + + return false; + } + /// Check for the URI scheme validity. /// For now just a basic sanity check, can be extended if necessary. bool isValidURIScheme(const std::string& scheme); diff --git a/kit/ChildSession.cpp b/kit/ChildSession.cpp index 1ba5a08ef..19950fe22 100644 --- a/kit/ChildSession.cpp +++ b/kit/ChildSession.cpp @@ -361,16 +361,18 @@ bool ChildSession::loadDocument(const char * /*buffer*/, int /*length*/, const s std::unique_lock<std::recursive_mutex> lock(Mutex); - bool loaded = _docManager.onLoad(getId(), _jailedFilePath, _userName, - _docPassword, renderOpts, _haveDocPassword, _lang, _watermarkText); + const bool loaded = _docManager.onLoad(getId(), _jailedFilePath, _jailedFilePathAnonym, + _userName, _userNameAnonym, + _docPassword, renderOpts, _haveDocPassword, + _lang, _watermarkText); if (!loaded || _viewId < 0) { - LOG_ERR("Failed to get LoKitDocument instance."); + LOG_ERR("Failed to get LoKitDocument instance for [" << _jailedFilePathAnonym << "]."); return false; } LOG_INF("Created new view with viewid: [" << _viewId << "] for username: [" << - _userName << "] in session: [" << getId() << "]."); + _userNameAnonym << "] in session: [" << getId() << "]."); std::unique_lock<std::mutex> lockLokDoc(_docManager.getDocumentMutex()); diff --git a/kit/ChildSession.hpp b/kit/ChildSession.hpp index d8ae37b10..a5390dff7 100644 --- a/kit/ChildSession.hpp +++ b/kit/ChildSession.hpp @@ -40,7 +40,9 @@ public: /// Reqest loading a document, or a new view, if one exists. virtual bool onLoad(const std::string& sessionId, const std::string& jailedFilePath, + const std::string& jailedFilePathAnonym, const std::string& userName, + const std::string& userNameAnonym, const std::string& docPassword, const std::string& renderOpts, const bool haveDocPassword, diff --git a/kit/Kit.cpp b/kit/Kit.cpp index 90b306323..f7a1f5821 100644 --- a/kit/Kit.cpp +++ b/kit/Kit.cpp @@ -100,11 +100,16 @@ using Poco::Process; #endif using namespace LOOLProtocol; +using std::size_t; // We only host a single document in our lifetime. class Document; static std::shared_ptr<Document> document; static LokHookFunction2* initFunction = nullptr; +#ifndef BUILDING_TESTS +static bool AnonymizeFilenames = false; +static bool AnonymizeUsernames = false; +#endif #if ENABLE_DEBUG # define ADD_DEBUG_RENDERID(s) ((s)+ " renderid=" + Util::UniqueId()) @@ -1209,7 +1214,9 @@ private: /// Load a document (or view) and register callbacks. bool onLoad(const std::string& sessionId, const std::string& uri, + const std::string& uriAnonym, const std::string& userName, + const std::string& userNameAnonym, const std::string& docPassword, const std::string& renderOpts, const bool haveDocPassword, @@ -1218,7 +1225,7 @@ private: { std::unique_lock<std::mutex> lock(_mutex); - LOG_INF("Loading url [" << uri << "] for session [" << sessionId << + LOG_INF("Loading url [" << uriAnonym << "] for session [" << sessionId << "] which has " << (_sessions.size() - 1) << " sessions. Another load in progress: " << _isLoading); @@ -1243,14 +1250,14 @@ private: try { - if (!load(session, uri, userName, docPassword, renderOpts, haveDocPassword, lang, watermarkText)) + if (!load(session, uri, uriAnonym, userName, userNameAnonym, docPassword, renderOpts, haveDocPassword, lang, watermarkText)) { return false; } } catch (const std::exception& exc) { - LOG_ERR("Exception while loading url [" << uri << + LOG_ERR("Exception while loading url [" << uriAnonym << "] for session [" << sessionId << "]: " << exc.what()); return false; } @@ -1481,7 +1488,9 @@ private: std::shared_ptr<lok::Document> load(const std::shared_ptr<ChildSession>& session, const std::string& uri, + const std::string& uriAnonym, const std::string& userName, + const std::string& userNameAnonym, const std::string& docPassword, const std::string& renderOpts, const bool haveDocPassword, @@ -1495,7 +1504,7 @@ private: if (!_loKitDocument) { // This is the first time we are loading the document - LOG_INF("Loading new document from URI: [" << uri << "] for session [" << sessionId << "]."); + LOG_INF("Loading new document from URI: [" << uriAnonym << "] for session [" << sessionId << "]."); _loKit->registerCallback(GlobalCallback, this); @@ -1517,22 +1526,22 @@ private: if (!lang.empty()) options = "Language=" + lang; - LOG_DBG("Calling lokit::documentLoad(" << uri << ", \"" << options << "\")."); + LOG_DBG("Calling lokit::documentLoad(" << uriAnonym << ", \"" << options << "\")."); Timestamp timestamp; _loKitDocument.reset(_loKit->documentLoad(uri.c_str(), options.c_str())); - LOG_DBG("Returned lokit::documentLoad(" << uri << ") in " << (timestamp.elapsed() / 1000.) << "ms."); + LOG_DBG("Returned lokit::documentLoad(" << uriAnonym << ") in " << (timestamp.elapsed() / 1000.) << "ms."); if (!_loKitDocument || !_loKitDocument->get()) { - LOG_ERR("Failed to load: " << uri << ", error: " << _loKit->getError()); + LOG_ERR("Failed to load: " << uriAnonym << ", error: " << _loKit->getError()); // Checking if wrong password or no password was reason for failure. if (_isDocPasswordProtected) { - LOG_INF("Document [" << uri << "] is password protected."); + LOG_INF("Document [" << uriAnonym << "] is password protected."); if (!_haveDocPassword) { - LOG_INF("No password provided for password-protected document [" << uri << "]."); + LOG_INF("No password provided for password-protected document [" << uriAnonym << "]."); std::string passwordFrame = "passwordrequired:"; if (_docPasswordType == PasswordType::ToView) passwordFrame += "to-view"; @@ -1542,7 +1551,7 @@ private: } else { - LOG_INF("Wrong password for password-protected document [" << uri << "]."); + LOG_INF("Wrong password for password-protected document [" << uriAnonym << "]."); session->sendTextFrame("error: cmd=load kind=wrongpassword"); } } @@ -1559,7 +1568,7 @@ private: } else { - LOG_INF("Document with url [" << uri << "] already loaded. Need to create new view for session [" << sessionId << "]."); + LOG_INF("Document with url [" << uriAnonym << "] already loaded. Need to create new view for session [" << sessionId << "]."); // Check if this document requires password if (_isDocPasswordProtected) @@ -1581,17 +1590,17 @@ private: } } - LOG_INF("Creating view to url [" << uri << "] for session [" << sessionId << "]."); + LOG_INF("Creating view to url [" << uriAnonym << "] for session [" << sessionId << "]."); _loKitDocument->createView(); - LOG_TRC("View to url [" << uri << "] created."); + LOG_TRC("View to url [" << uriAnonym << "] created."); } - const std::string renderParams = makeRenderParams(_renderOpts, userName); LOG_INF("Initializing for rendering session [" << sessionId << "] on document url [" << - _url << "] with: [" << renderParams << "]."); + _url << "] with: [" << makeRenderParams(_renderOpts, userNameAnonym) << "]."); // initializeForRendering() should be called before // registerCallback(), as the previous creates a new view in Impress. + const std::string renderParams = makeRenderParams(_renderOpts, userName); _loKitDocument->initializeForRendering(renderParams.c_str()); const int viewId = _loKitDocument->getView(); @@ -1974,6 +1983,11 @@ void lokit_main(const std::string& childRoot, LOG_INF("Setting log-level to [trace] and delaying setting to configured [" << LogLevel << "] until after Kit initialization."); } + AnonymizeFilenames = std::getenv("LOOL_ANONYMIZE_FILENAMES") != nullptr; + LOG_INF("Filename anonymization is " << (AnonymizeFilenames ? "enabled." : "disabled.")); + AnonymizeUsernames = std::getenv("LOOL_ANONYMIZE_USERNAMES") != nullptr; + LOG_INF("Username anonymization is " << (AnonymizeUsernames ? "enabled." : "disabled.")); + assert(!childRoot.empty()); assert(!sysTemplate.empty()); assert(!loTemplate.empty()); diff --git a/test/WhiteBoxTests.cpp b/test/WhiteBoxTests.cpp index ba8b1603b..925f9e818 100644 --- a/test/WhiteBoxTests.cpp +++ b/test/WhiteBoxTests.cpp @@ -335,7 +335,9 @@ public: } bool onLoad(const std::string& /*sessionId*/, const std::string& /*jailedFilePath*/, + const std::string& /*jailedFilePathAnonym*/, const std::string& /*userName*/, + const std::string& /*userNameAnonym*/, const std::string& /*docPassword*/, const std::string& /*renderOpts*/, const bool /*haveDocPassword*/, commit 879259bb82d2095002252dec7e9ed0118f376e12 Author: Ashod Nakashian <[email protected]> Date: Sun Jun 10 11:42:15 2018 -0400 wsd: anonymize WOPI::CheckFileInfo Change-Id: I2c23e9f159456176ae85967cc49ec876b1e4ecf4 diff --git a/wsd/DocumentBroker.cpp b/wsd/DocumentBroker.cpp index 4bab22b5e..d2cab234b 100644 --- a/wsd/DocumentBroker.cpp +++ b/wsd/DocumentBroker.cpp ... etc. - the rest is truncated _______________________________________________ Libreoffice-commits mailing list [email protected] https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits
