Ravi Nori has uploaded a new change for review.
Change subject: tools: engine-manage-domains should not write passwd to log
......................................................................
tools: engine-manage-domains should not write passwd to log
Running "engine-manage-domains -action=validate" records
password in log in clear text.
Change-Id: Iff044f9c331dad9cc3b923c955dcad41fabdf48d
Signed-off-by: Ravi Nori <rn...@redhat.com>
---
M
backend/manager/tools/engine-config/src/main/java/org/ovirt/engine/core/config/EngineConfigLogic.java
M
backend/manager/tools/engine-config/src/main/java/org/ovirt/engine/core/config/entity/ConfigKey.java
2 files changed, 17 insertions(+), 1 deletion(-)
git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/57/10157/1
diff --git
a/backend/manager/tools/engine-config/src/main/java/org/ovirt/engine/core/config/EngineConfigLogic.java
b/backend/manager/tools/engine-config/src/main/java/org/ovirt/engine/core/config/EngineConfigLogic.java
index bf76f27..cc4d667 100644
---
a/backend/manager/tools/engine-config/src/main/java/org/ovirt/engine/core/config/EngineConfigLogic.java
+++
b/backend/manager/tools/engine-config/src/main/java/org/ovirt/engine/core/config/EngineConfigLogic.java
@@ -215,14 +215,20 @@
}
StringBuilder buffer = new StringBuilder();
+ boolean isPasswordKey = false;
for (ConfigKey configKey : keysForName) {
buffer.append(String.format("%s: %s version: %s\n",
key,
configKey.getDisplayValue(),
configKey.getVersion()));
+ isPasswordKey = isPasswordKey || configKey.isPasswordKey();
}
buffer.deleteCharAt(buffer.length() - 1);
- log.info(buffer);
+ if (isPasswordKey) {
+ System.out.print(buffer);
+ } else {
+ log.info(buffer);
+ }
}
/**
@@ -307,6 +313,9 @@
log.debug("getValue: error fetching " + key + " value: no such
entry with version '" + version + "'.");
throw new RuntimeException("Error fetching " + key + " value: no
such entry with version '" + version
+ "'.");
+ }
+ if (configKey.isPasswordKey()) {
+ System.out.println(configKey.getDisplayValue());
} else {
log.info(configKey.getDisplayValue());
}
diff --git
a/backend/manager/tools/engine-config/src/main/java/org/ovirt/engine/core/config/entity/ConfigKey.java
b/backend/manager/tools/engine-config/src/main/java/org/ovirt/engine/core/config/entity/ConfigKey.java
index fadcbb5..45864b9 100644
---
a/backend/manager/tools/engine-config/src/main/java/org/ovirt/engine/core/config/entity/ConfigKey.java
+++
b/backend/manager/tools/engine-config/src/main/java/org/ovirt/engine/core/config/entity/ConfigKey.java
@@ -8,6 +8,8 @@
import org.apache.commons.lang.StringUtils;
import org.apache.log4j.Logger;
import org.ovirt.engine.core.config.EngineConfigCLIParser;
+import org.ovirt.engine.core.config.entity.helper.CompositePasswordValueHelper;
+import org.ovirt.engine.core.config.entity.helper.PasswordValueHelper;
import org.ovirt.engine.core.config.entity.helper.ValidationResult;
import org.ovirt.engine.core.config.entity.helper.ValueHelper;
@@ -154,4 +156,9 @@
public boolean isReloadable() {
return reloadable;
}
+
+ public boolean isPasswordKey() {
+ return
CompositePasswordValueHelper.class.isAssignableFrom(valueHelper.getClass()) ||
+
PasswordValueHelper.class.isAssignableFrom(valueHelper.getClass());
+ }
}
--
To view, visit http://gerrit.ovirt.org/10157
To unsubscribe, visit http://gerrit.ovirt.org/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: Iff044f9c331dad9cc3b923c955dcad41fabdf48d
Gerrit-PatchSet: 1
Gerrit-Project: ovirt-engine
Gerrit-Branch: master
Gerrit-Owner: Ravi Nori <rn...@redhat.com>
_______________________________________________
Engine-patches mailing list
Engine-patches@ovirt.org
http://lists.ovirt.org/mailman/listinfo/engine-patches
