Mirrors/sftpgo
1
0
Fork 0
mirror of https://github.com/drakkan/sftpgo.git synced 2025-12-07 23:00:55 +03:00
Code Issues Packages Projects Releases Wiki Activity

redact credentials within hooks

Browse Source 
go-retryablehttp does not redact credentials, so we still log them
when we use it

https://github.com/hashicorp/go-retryablehttp/pull/133
This commit is contained in:
Nicola Murino
2021-05-12 22:44:17 +02:00
parent fa45c9c138
commit 0540b8780e
7 changed files with 56 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
config/config.go
View File

@@ -384,7 +384,16 @@ func HasServicesToStart() bool {
func getRedactedGlobalConf() globalConfig {
conf := globalConf
conf.Common.Actions.Hook = utils.GetRedactedURL(conf.Common.Actions.Hook)
conf.Common.StartupHook = utils.GetRedactedURL(conf.Common.StartupHook)
conf.Common.PostConnectHook = utils.GetRedactedURL(conf.Common.PostConnectHook)
conf.SFTPD.KeyboardInteractiveHook = utils.GetRedactedURL(conf.SFTPD.KeyboardInteractiveHook)
conf.ProviderConf.Password = "[redacted]"
conf.ProviderConf.Actions.Hook = utils.GetRedactedURL(conf.ProviderConf.Actions.Hook)
conf.ProviderConf.ExternalAuthHook = utils.GetRedactedURL(conf.ProviderConf.ExternalAuthHook)
conf.ProviderConf.PreLoginHook = utils.GetRedactedURL(conf.ProviderConf.PreLoginHook)
conf.ProviderConf.PostLoginHook = utils.GetRedactedURL(conf.ProviderConf.PostLoginHook)
conf.ProviderConf.CheckPasswordHook = utils.GetRedactedURL(conf.ProviderConf.CheckPasswordHook)
return conf
}