Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Do not log Send/Receive passwords #339

Merged
merged 1 commit into from
Apr 26, 2024
Merged

Do not log Send/Receive passwords #339

merged 1 commit into from
Apr 26, 2024

Conversation

rmunn
Copy link
Contributor

@rmunn rmunn commented Apr 23, 2024
edited by jasonleenaylor
Loading

Fixes #337.

Most code paths use ServerSettingsModel.RemovePasswordForLog to replace the user's Send/Receive password with a string of asterisks, but there was one code path where this was missed. This PR fixes that omission. It is also extra-cautious trying to make sure that the debug logging doesn't throw exceptions: if simply calling RemovePasswordForLog ends up throwing an exception somehow, instead of returning the unmodified URI (which might still have a password in it), we simply do not log the URI. This might be over-cautious, but it's probably better to be safe.

This change is Reviewable

@rmunn
Do not log Send/Receive passwords
cec3350 
Most code paths replaced the user's Send/Receive password with a string
of asterisks, but there was one code path where this was missed.
@github-actions GitHub Actions
Copy link

Test Results

       4 files  ±0     412 suites  ±0   2h 46m 4s ⏱️ +8s
   881 tests ±0     858 ✔️ ±0    23 💤 ±0  0 ±0 
4 032 runs  ±0  3 898 ✔️ ±0  134 💤 ±0  0 ±0 

Results for commit cec3350. ± Comparison against base commit ccdf57d.

@rmunn rmunn self-assigned this Apr 24, 2024
myieye
myieye approved these changes Apr 25, 2024
View reviewed changes
Copy link
Contributor

@myieye myieye left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 🙂

@rmunn rmunn merged commit 38ecab3 into master Apr 26, 2024
5 checks passed
@rmunn rmunn deleted the bugfix/do-not-log-passwords branch April 26, 2024 08:20
@rmunn rmunn mentioned this pull request May 15, 2024
Closed
@jasonleenaylor
Copy link
Contributor

src/LibChorus/VcsDrivers/Mercurial/HgRepository.cs line 1084 at r1 (raw file):

				return ServerSettingsModel.RemovePasswordForLog(address.URI);
			}
			catch { /* Really don't throw trying to get extra information to log */ }

I don't believe there is any possible way that ServerSettingsModel.RemovePasswordForLog or anything on this line can throw.
A try/catch inside of a catch is pretty ugly if there isn't a good reason.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@myieye myieye myieye approved these changes

Assignees

@rmunn rmunn

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Send/Receive credentials logged in clear text
3 participants
@rmunn @jasonleenaylor @myieye