Added additional rules to cleanse confidential details from log file messages.

This commit is contained in:
Taloth Saldono 2014-07-20 14:14:47 +02:00 committed by Mark McDowall
parent 9a649cf58e
commit 6c8c87d2e2
4 changed files with 63 additions and 3 deletions

View File

@ -0,0 +1,34 @@
using System;
using System.Linq;
using System.Text;
using System.Collections.Generic;
using NUnit.Framework;
using NzbDrone.Common.Instrumentation;
using FluentAssertions;
namespace NzbDrone.Common.Test.InstrumentationTests
{
[TestFixture]
public class CleanseLogMessageFixture
{
[TestCase(@"http://127.0.0.1:1234/api/call?vv=1&apikey=mySecret")]
[TestCase(@"http://127.0.0.1:1234/api/call?vv=1&ma_username=mySecret&ma_password=mySecret")]
// NzbGet
[TestCase(@"{ ""Name"" : ""ControlUsername"", ""Value"" : ""mySecret"" }, { ""Name"" : ""ControlPassword"", ""Value"" : ""mySecret"" }, ")]
[TestCase(@"{ ""Name"" : ""Server1.Username"", ""Value"" : ""mySecret"" }, { ""Name"" : ""Server1.Password"", ""Value"" : ""mySecret"" }, ")]
// Sabnzbd
[TestCase(@"""config"":{""newzbin"":{""username"":""mySecret"",""password"":""mySecret""}")]
[TestCase(@"""nzbxxx"":{""username"":""mySecret"",""apikey"":""mySecret""}")]
[TestCase(@"""growl"":{""growl_password"":""mySecret"",""growl_server"":""""}")]
[TestCase(@"""nzbmatrix"":{""username"":""mySecret"",""apikey"":""mySecret""}")]
[TestCase(@"""misc"":{""username"":""mySecret"",""api_key"":""mySecret"",""password"":""mySecret"",""nzb_key"":""mySecret""}")]
[TestCase(@"""servers"":[{""username"":""mySecret"",""password"":""mySecret""}]")]
[TestCase(@"""misc"":{""email_account"":""mySecret"",""email_to"":[],""email_from"":"""",""email_pwd"":""mySecret""}")]
public void should_clean_message(String message)
{
var cleansedMessage = CleanseLogMessage.Cleanse(message);
cleansedMessage.Should().NotContain("mySecret");
}
}
}

View File

@ -67,6 +67,7 @@
<Compile Include="EnsureTest\PathExtensionFixture.cs" />
<Compile Include="EnvironmentTests\StartupArgumentsFixture.cs" />
<Compile Include="EnvironmentTests\EnvironmentProviderTest.cs" />
<Compile Include="InstrumentationTests\CleanseLogMessageFixture.cs" />
<Compile Include="LevenshteinDistanceFixture.cs" />
<Compile Include="ReflectionExtensions.cs" />
<Compile Include="PathExtensionFixture.cs" />

View File

@ -4,8 +4,21 @@ namespace NzbDrone.Common.Instrumentation
{
public class CleanseLogMessage
{
//TODO: remove password=
private static readonly Regex CleansingRegex = new Regex(@"(?<=apikey=)(\w+?)(?=\W|$|_)", RegexOptions.Compiled | RegexOptions.IgnoreCase);
private static readonly Regex[] CleansingRules = new[]
{
// Url
new Regex(@"(<=\?|&)apikey=(?<secret>\w+?)(?=\W|$|_)", RegexOptions.Compiled | RegexOptions.IgnoreCase),
new Regex(@"(<=\?|&)[^=]*?(username|password)=(?<secret>\w+?)(?=\W|$|_)", RegexOptions.Compiled | RegexOptions.IgnoreCase),
// NzbGet
new Regex(@"""Name""\s*:\s*""[^""]*(username|password)""\s*,\s*""Value""\s*:\s*""(?<secret>[^""]+?)""", RegexOptions.Compiled | RegexOptions.IgnoreCase),
// Sabnzbd
new Regex(@"""[^""]*(username|password|api_?key|nzb_key)""\s*:\s*""(?<secret>[^""]+?)""", RegexOptions.Compiled | RegexOptions.IgnoreCase),
new Regex(@"""email_(account|to|from|pwd)""\s*:\s*""(?<secret>[^""]+?)""", RegexOptions.Compiled | RegexOptions.IgnoreCase)
};
//private static readonly Regex CleansingRegex = new Regex(@"(?<=apikey=)(\w+?)(?=\W|$|_)", RegexOptions.Compiled | RegexOptions.IgnoreCase);
public static string Cleanse(string message)
{
@ -14,7 +27,12 @@ namespace NzbDrone.Common.Instrumentation
return message;
}
return CleansingRegex.Replace(message, "<removed>");
foreach (var regex in CleansingRules)
{
message = regex.Replace(message, m => m.Value.Replace(m.Groups["secret"].Index - m.Index, m.Groups["secret"].Length, "<removed>"));
}
return message;
}
}
}

View File

@ -32,6 +32,13 @@ namespace NzbDrone.Common
private static readonly Regex CollapseSpace = new Regex(@"\s+", RegexOptions.Compiled);
public static string Replace(this string text, int index, int length, string replacement)
{
text = text.Remove(index, length);
text = text.Insert(index, replacement);
return text;
}
public static string RemoveAccent(this string text)
{
var normalizedString = text.Normalize(NormalizationForm.FormD);