From 5f0160bdde1eda10858ce0985ed816e8cc071d10 Mon Sep 17 00:00:00 2001 From: John Dickinson Date: Tue, 20 May 2014 17:28:19 -0700 Subject: [PATCH] Change the default token logged length to 16 Based on comments from deployers at the Juno OpenStack summit, limiting the default logged token length (to, by default, prevent tokens from being fully logged) is a good idea. Change-Id: I58980e85329d99de41f1c08f75e85973452317b1 --- etc/proxy-server.conf-sample | 2 +- swift/common/middleware/proxy_logging.py | 3 +-- .../unit/common/middleware/test_proxy_logging.py | 16 ++++++++++++++-- 3 files changed, 16 insertions(+), 5 deletions(-) diff --git a/etc/proxy-server.conf-sample b/etc/proxy-server.conf-sample index 4600ef0437..7cb87ac68e 100644 --- a/etc/proxy-server.conf-sample +++ b/etc/proxy-server.conf-sample @@ -484,7 +484,7 @@ use = egg:swift#proxy_logging # by '...' in the log). # Note: reveal_sensitive_prefix will not affect the value # logged with access_log_headers=True. -# reveal_sensitive_prefix = 8192 +# reveal_sensitive_prefix = 16 # # What HTTP methods are allowed for StatsD logging (comma-sep); request methods # not in this list will have "BAD_METHOD" for the portion of the metric. diff --git a/swift/common/middleware/proxy_logging.py b/swift/common/middleware/proxy_logging.py index d8a8b8736d..b0509fe079 100644 --- a/swift/common/middleware/proxy_logging.py +++ b/swift/common/middleware/proxy_logging.py @@ -78,7 +78,6 @@ from swift.common.swob import Request from swift.common.utils import (get_logger, get_remote_client, get_valid_utf8_str, config_true_value, InputProxy, list_from_csv) -from swift.common import constraints QUOTE_SAFE = '/:' @@ -119,7 +118,7 @@ class ProxyLoggingMiddleware(object): log_route='proxy-access') self.access_logger.set_statsd_prefix('proxy-server') self.reveal_sensitive_prefix = int( - conf.get('reveal_sensitive_prefix', constraints.MAX_HEADER_SIZE)) + conf.get('reveal_sensitive_prefix', 16)) def method_from_req(self, req): return req.environ.get('swift.orig_req_method', req.method) diff --git a/test/unit/common/middleware/test_proxy_logging.py b/test/unit/common/middleware/test_proxy_logging.py index 4fa5b2b8f7..8b2b16eab6 100644 --- a/test/unit/common/middleware/test_proxy_logging.py +++ b/test/unit/common/middleware/test_proxy_logging.py @@ -23,6 +23,7 @@ from test.unit import FakeLogger from swift.common.utils import get_logger from swift.common.middleware import proxy_logging from swift.common.swob import Request, Response +from swift.common import constraints class FakeApp(object): @@ -658,7 +659,7 @@ class TestProxyLogging(unittest.TestCase): def test_log_auth_token(self): auth_token = 'b05bf940-0464-4c0e-8c70-87717d2d73e8' - # Default - no reveal_sensitive_prefix in config + # Default - reveal_sensitive_prefix is 16 # No x-auth-token header app = proxy_logging.ProxyLoggingMiddleware(FakeApp(), {}) app.access_logger = FakeLogger() @@ -675,7 +676,7 @@ class TestProxyLogging(unittest.TestCase): resp = app(req.environ, start_response) resp_body = ''.join(resp) log_parts = self._log_parts(app) - self.assertEquals(log_parts[9], auth_token) + self.assertEquals(log_parts[9], 'b05bf940-0464-4c...') # Truncate to first 8 characters app = proxy_logging.ProxyLoggingMiddleware(FakeApp(), { @@ -707,6 +708,17 @@ class TestProxyLogging(unittest.TestCase): log_parts = self._log_parts(app) self.assertEquals(log_parts[9], auth_token) + # No effective limit on auth token + app = proxy_logging.ProxyLoggingMiddleware(FakeApp(), { + 'reveal_sensitive_prefix': constraints.MAX_HEADER_SIZE}) + app.access_logger = FakeLogger() + req = Request.blank('/', environ={'REQUEST_METHOD': 'GET', + 'HTTP_X_AUTH_TOKEN': auth_token}) + resp = app(req.environ, start_response) + resp_body = ''.join(resp) + log_parts = self._log_parts(app) + self.assertEquals(log_parts[9], auth_token) + # Don't log x-auth-token app = proxy_logging.ProxyLoggingMiddleware(FakeApp(), { 'reveal_sensitive_prefix': '0'})