Archive-Team
/
sonarr-repo-only
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fixed: API keys should be more reliably cleansed from the logs

This commit is contained in:
Mark McDowall 2014-05-24 23:17:59 -07:00
parent fe8555d3ea
commit a40b9a306e
10 changed files with 42 additions and 52 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
src/NzbDrone.Common/Instrumentation/CleanseLogMessage.cs Normal file
View File

@ -0,0 +1,20 @@
using System.Text.RegularExpressions;
namespace NzbDrone.Common.Instrumentation
{
public class CleanseLogMessage
{
//TODO: remove password=
private static readonly Regex CleansingRegex = new Regex(@"(?<=apikey=)(\w+?)(?=\W|$|_)", RegexOptions.Compiled | RegexOptions.IgnoreCase);
public static string Cleanse(string message)
{
if (message.IsNullOrWhiteSpace())
{
return message;
}
return CleansingRegex.Replace(message, "<removed>");
}
}
}

2
src/NzbDrone.Common/Instrumentation/LogTargets.cs
View File

@ -78,7 +78,7 @@ namespace NzbDrone.Common.Instrumentation
private static void RegisterAppFile(IAppFolderInfo appFolderInfo)
{
var fileTarget = new FileTarget();
var fileTarget = new NzbDroneFileTarget();
fileTarget.Name = "rollingFileLogger";
fileTarget.FileName = Path.Combine(appFolderInfo.GetLogFolder(), "nzbdrone.txt");

13
src/NzbDrone.Common/Instrumentation/NzbDroneFileTarget.cs Normal file
View File

@ -0,0 +1,13 @@
using NLog;
using NLog.Targets;
namespace NzbDrone.Common.Instrumentation
{
public class NzbDroneFileTarget : FileTarget
{
protected override string GetFormattedMessage(LogEventInfo logEvent)
{
return CleanseLogMessage.Cleanse(Layout.Render(logEvent));
}
}
}

2
src/NzbDrone.Common/NzbDrone.Common.csproj
View File

@ -97,9 +97,11 @@
<SubType>Component</SubType>
</Compile>
<Compile Include="IEnumerableExtensions.cs" />
<Compile Include="Instrumentation\CleanseLogMessage.cs" />
<Compile Include="Instrumentation\GlobalExceptionHandlers.cs" />
<Compile Include="Instrumentation\ExceptronTarget.cs" />
<Compile Include="Instrumentation\LogEventExtensions.cs" />
<Compile Include="Instrumentation\NzbDroneFileTarget.cs" />
<Compile Include="Instrumentation\NzbDroneLogger.cs" />
<Compile Include="Instrumentation\LogTargets.cs" />
<Compile Include="Messaging\IEvent.cs" />

2
src/NzbDrone.Core/Download/Clients/Sabnzbd/SabnzbdProxy.cs
View File

@ -135,7 +135,7 @@ namespace NzbDrone.Core.Download.Clients.Sabnzbd
action,
authentication);
_logger.CleansedDebug(url);
_logger.Debug(url);
return new RestClient(url);
}

2
src/NzbDrone.Core/Indexers/IndexerFetchService.cs
View File

@ -117,7 +117,7 @@ namespace NzbDrone.Core.Indexers
{
try
{
_logger.CleansedDebug("Downloading Feed " + url);
_logger.Debug("Downloading Feed " + url);
var xml = _httpProvider.DownloadString(url);
if (!string.IsNullOrWhiteSpace(xml))
{

3
src/NzbDrone.Core/Instrumentation/DatabaseTarget.cs
View File

@ -5,6 +5,7 @@ using NLog.Config;
using NLog;
using NLog.Layouts;
using NLog.Targets;
using NzbDrone.Common.Instrumentation;
using NzbDrone.Core.Lifecycle;
using NzbDrone.Core.Messaging.Events;
@ -52,7 +53,7 @@ namespace NzbDrone.Core.Instrumentation
{
var log = new Log();
log.Time = logEvent.TimeStamp;
log.Message = logEvent.FormattedMessage;
log.Message = CleanseLogMessage.Cleanse(logEvent.FormattedMessage);
log.Method = Layout.Render(logEvent);
log.Logger = logEvent.LoggerName;

45
src/NzbDrone.Core/Instrumentation/Extensions/LoggerCleansedExtensions.cs
View File

@ -1,45 +0,0 @@
using System;
using System.Text.RegularExpressions;
using NLog;
namespace NzbDrone.Core.Instrumentation.Extensions
{
public static class LoggerCleansedExtensions
{
private static readonly Regex CleansingRegex = new Regex(@"(?<=apikey=)(\w+?)(?=\W|$|_)", RegexOptions.Compiled | RegexOptions.IgnoreCase);
public static void CleansedInfo(this Logger logger, string message, params object[] args)
{
var formattedMessage = String.Format(message, args);
LogCleansedMessage(logger, LogLevel.Info, formattedMessage);
}
public static void CleansedDebug(this Logger logger, string message, params object[] args)
{
var formattedMessage = String.Format(message, args);
LogCleansedMessage(logger, LogLevel.Debug, formattedMessage);
}
public static void CleansedTrace(this Logger logger, string message, params object[] args)
{
var formattedMessage = String.Format(message, args);
LogCleansedMessage(logger, LogLevel.Trace, formattedMessage);
}
private static void LogCleansedMessage(Logger logger, LogLevel level, string message)
{
message = Cleanse(message);
var logEvent = new LogEventInfo(level, logger.Name, message);
logger.Log(logEvent);
}
private static string Cleanse(string message)
{
//TODO: password=
return CleansingRegex.Replace(message, "<removed>");
}
}
}

4
src/NzbDrone.Core/Instrumentation/SetLoggingLevel.cs
View File

@ -2,7 +2,7 @@
using System.Linq;
using NLog;
using NLog.Config;
using NLog.Targets;
using NzbDrone.Common.Instrumentation;
using NzbDrone.Core.Configuration;
using NzbDrone.Core.Configuration.Events;
using NzbDrone.Core.Lifecycle;
@ -29,7 +29,7 @@ namespace NzbDrone.Core.Instrumentation
var minimumLogLevel = LogLevel.FromString(_configFileProvider.LogLevel);
var rules = LogManager.Configuration.LoggingRules;
var rollingFileLogger = rules.Single(s => s.Targets.Any(t => t is FileTarget));
var rollingFileLogger = rules.Single(s => s.Targets.Any(t => t is NzbDroneFileTarget));
rollingFileLogger.EnableLoggingForLevel(LogLevel.Trace);
SetMinimumLogLevel(rollingFileLogger, minimumLogLevel);

1
src/NzbDrone.Core/NzbDrone.Core.csproj
View File

@ -324,7 +324,6 @@
<Compile Include="Instrumentation\Commands\DeleteLogFilesCommand.cs" />
<Compile Include="Instrumentation\Commands\TrimLogCommand.cs" />
<Compile Include="Instrumentation\DeleteLogFilesService.cs" />
<Compile Include="Instrumentation\Extensions\LoggerCleansedExtensions.cs" />
<Compile Include="Instrumentation\Extensions\LoggerProgressExtensions.cs" />
<Compile Include="MediaFiles\Commands\RenameSeriesCommand.cs" />
<Compile Include="MediaFiles\Commands\RescanSeriesCommand.cs" />