From 28497adc33eadc53da9013ca9b805ead07619732 Mon Sep 17 00:00:00 2001
From: Cyril Roelandt <cyril@redhat.com>
Date: Wed, 27 Mar 2024 19:37:25 +0100
Subject: [PATCH] Do not leak X-Auth-Token when logging curl requests

We pass *encoded* headers to log_curl_request, but then compare them to
*unencoded* sensitive headers that must be redacted (basically comparing
bytes to strings). This means no header is ever redacted.

Store sensitive headers as bytes rather than strings to fix this issue.

Change-Id: I06785704750e8c4b23d1276514949655e6dcb7ab
Closes-Bug: #2051712
---
 glanceclient/common/utils.py | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/glanceclient/common/utils.py b/glanceclient/common/utils.py
index cebc9dff..8d2b8006 100644
--- a/glanceclient/common/utils.py
+++ b/glanceclient/common/utils.py
@@ -42,7 +42,10 @@ from glanceclient import exc
 
 _memoized_property_lock = threading.Lock()
 
-SENSITIVE_HEADERS = ('X-Auth-Token', )
+# NOTE(cyril): Sensitive headers must be bytes, not strings, because when we
+# compare them to actual headers in safe_header, headers have already been
+# encoded.
+SENSITIVE_HEADERS = (b'X-Auth-Token', )
 REQUIRED_FIELDS_ON_DATA = ('disk_format', 'container_format')