Added additional rules to cleanse confidential details from log file messages.

10 years ago · 6c8c87d2e2
parent 9a649cf58e
commit 6c8c87d2e2
4 changed files with 63 additions and 3 deletions
--- a/src/NzbDrone.Common.Test/InstrumentationTests/CleanseLogMessageFixture.cs
+++ b/src/NzbDrone.Common.Test/InstrumentationTests/CleanseLogMessageFixture.cs
@ -0,0 +1,34 @@
+using System;
+using System.Linq;
+using System.Text;
+using System.Collections.Generic;
+using NUnit.Framework;
+using NzbDrone.Common.Instrumentation;
+using FluentAssertions;
+
+namespace NzbDrone.Common.Test.InstrumentationTests
+{
+    [TestFixture]
+    public class CleanseLogMessageFixture
+    {
+        [TestCase(@"http://127.0.0.1:1234/api/call?vv=1&apikey=mySecret")]
+        [TestCase(@"http://127.0.0.1:1234/api/call?vv=1&ma_username=mySecret&ma_password=mySecret")]
+        // NzbGet
+        [TestCase(@"{ ""Name"" : ""ControlUsername"", ""Value"" : ""mySecret"" }, { ""Name"" : ""ControlPassword"", ""Value"" : ""mySecret"" }, ")]
+        [TestCase(@"{ ""Name"" : ""Server1.Username"", ""Value"" : ""mySecret"" }, { ""Name"" : ""Server1.Password"", ""Value"" : ""mySecret"" }, ")]
+        // Sabnzbd
+        [TestCase(@"""config"":{""newzbin"":{""username"":""mySecret"",""password"":""mySecret""}")]
+        [TestCase(@"""nzbxxx"":{""username"":""mySecret"",""apikey"":""mySecret""}")]
+        [TestCase(@"""growl"":{""growl_password"":""mySecret"",""growl_server"":""""}")]
+        [TestCase(@"""nzbmatrix"":{""username"":""mySecret"",""apikey"":""mySecret""}")]
+        [TestCase(@"""misc"":{""username"":""mySecret"",""api_key"":""mySecret"",""password"":""mySecret"",""nzb_key"":""mySecret""}")]
+        [TestCase(@"""servers"":[{""username"":""mySecret"",""password"":""mySecret""}]")]
+        [TestCase(@"""misc"":{""email_account"":""mySecret"",""email_to"":[],""email_from"":"""",""email_pwd"":""mySecret""}")]
+        public void should_clean_message(String message)
+        {
+            var cleansedMessage = CleanseLogMessage.Cleanse(message);
+
+            cleansedMessage.Should().NotContain("mySecret");
+        }
+    }
+}
--- a/src/NzbDrone.Common.Test/NzbDrone.Common.Test.csproj
+++ b/src/NzbDrone.Common.Test/NzbDrone.Common.Test.csproj
@ -67,6 +67,7 @@
    <Compile Include="EnsureTest\PathExtensionFixture.cs" />
    <Compile Include="EnvironmentTests\StartupArgumentsFixture.cs" />
    <Compile Include="EnvironmentTests\EnvironmentProviderTest.cs" />
+    <Compile Include="InstrumentationTests\CleanseLogMessageFixture.cs" />
    <Compile Include="LevenshteinDistanceFixture.cs" />
    <Compile Include="ReflectionExtensions.cs" />
    <Compile Include="PathExtensionFixture.cs" />
--- a/src/NzbDrone.Common/Instrumentation/CleanseLogMessage.cs
+++ b/src/NzbDrone.Common/Instrumentation/CleanseLogMessage.cs
@ -4,8 +4,21 @@ namespace NzbDrone.Common.Instrumentation
 {
    public class CleanseLogMessage
    {
-        //TODO: remove password=
-        private static readonly Regex CleansingRegex = new Regex(@"(?<=apikey=)(\w+?)(?=\W|$|_)", RegexOptions.Compiled | RegexOptions.IgnoreCase);
+        private static readonly Regex[] CleansingRules = new[] 
+            {
+                // Url
+                new Regex(@"(<=\?|&)apikey=(?<secret>\w+?)(?=\W|$|_)", RegexOptions.Compiled | RegexOptions.IgnoreCase),
+                new Regex(@"(<=\?|&)[^=]*?(username|password)=(?<secret>\w+?)(?=\W|$|_)", RegexOptions.Compiled | RegexOptions.IgnoreCase),
+                
+                // NzbGet
+                new Regex(@"""Name""\s*:\s*""[^""]*(username|password)""\s*,\s*""Value""\s*:\s*""(?<secret>[^""]+?)""", RegexOptions.Compiled | RegexOptions.IgnoreCase),
+
+                // Sabnzbd
+                new Regex(@"""[^""]*(username|password|api_?key|nzb_key)""\s*:\s*""(?<secret>[^""]+?)""", RegexOptions.Compiled | RegexOptions.IgnoreCase),
+                new Regex(@"""email_(account|to|from|pwd)""\s*:\s*""(?<secret>[^""]+?)""", RegexOptions.Compiled | RegexOptions.IgnoreCase)
+            };
+
+        //private static readonly Regex CleansingRegex = new Regex(@"(?<=apikey=)(\w+?)(?=\W|$|_)", RegexOptions.Compiled | RegexOptions.IgnoreCase);

        public static string Cleanse(string message)
        {
@ -14,7 +27,12 @@ namespace NzbDrone.Common.Instrumentation
                return message;
            }

-            return CleansingRegex.Replace(message, "<removed>");
+            foreach (var regex in CleansingRules)
+            {
+                message = regex.Replace(message, m => m.Value.Replace(m.Groups["secret"].Index - m.Index, m.Groups["secret"].Length, "<removed>"));
+            }
+
+            return message;
        }
    }
 }
--- a/src/NzbDrone.Common/StringExtensions.cs
+++ b/src/NzbDrone.Common/StringExtensions.cs
@ -32,6 +32,13 @@ namespace NzbDrone.Common

        private static readonly Regex CollapseSpace = new Regex(@"\s+", RegexOptions.Compiled);

+        public static string Replace(this string text, int index, int length, string replacement)
+        {
+            text = text.Remove(index, length);
+            text = text.Insert(index, replacement);
+            return text;
+        }
+
        public static string RemoveAccent(this string text)
        {
            var normalizedString = text.Normalize(NormalizationForm.FormD);