From 5e9856fb43c2228783ff777e0ddfd50e54bbb62b Mon Sep 17 00:00:00 2001 From: Pan Date: Tue, 12 Apr 2016 07:03:28 -0400 Subject: [PATCH] Barbican server logs Secret Payload contents Barbican server logs Secret Payload contents in PolicyNotAuthorized Exception message Change-Id: I597f5912d7bb3c4b7df191b2cd38bf53f86a3ee7 Closes-Bug: #1568648 --- barbican/api/controllers/__init__.py | 8 ++++++++ barbican/plugin/crypto/simple_crypto.py | 2 +- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/barbican/api/controllers/__init__.py b/barbican/api/controllers/__init__.py index 967f6517e..e4af34b5e 100644 --- a/barbican/api/controllers/__init__.py +++ b/barbican/api/controllers/__init__.py @@ -11,6 +11,7 @@ # under the License. import collections +from oslo_policy import policy import pecan from webob import exc @@ -103,6 +104,13 @@ def handle_exceptions(operation_name=u._('System')): except exc.HTTPError: LOG.exception(u._LE('Webob error seen')) raise # Already converted to Webob exception, just reraise + # In case PolicyNotAuthorized, we do not want to expose payload by + # logging exception, so just LOG.error + except policy.PolicyNotAuthorized as pna: + status, message = api.generate_safe_exception_message( + operation_name, pna) + LOG.error(message) + pecan.abort(status, message) except Exception as e: # In case intervening modules have disabled logging. LOG.logger.disabled = False diff --git a/barbican/plugin/crypto/simple_crypto.py b/barbican/plugin/crypto/simple_crypto.py index 8b38de881..72e054d0f 100644 --- a/barbican/plugin/crypto/simple_crypto.py +++ b/barbican/plugin/crypto/simple_crypto.py @@ -32,7 +32,7 @@ simple_crypto_plugin_opts = [ cfg.StrOpt('kek', default=b'dGhpcnR5X3R3b19ieXRlX2tleWJsYWhibGFoYmxhaGg=', help=u._('Key encryption key to be used by Simple Crypto ' - 'Plugin')) + 'Plugin'), secret=True) ] CONF.register_group(simple_crypto_plugin_group) CONF.register_opts(simple_crypto_plugin_opts, group=simple_crypto_plugin_group)