hcq/MaxScale
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Logged statement is truncated if contains 'password'

Browse Source 
Logged statement is truncated if contains 'password'
This commit is contained in:
MassimilianoPinto
2015-07-28 13:25:14 +02:00
parent 8d7def654a
commit 9ef43c9d9e
2 changed files with 36 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
server/modules/routing/binlog/blr_master.c
View File

@ -619,7 +619,9 @@ char query[128];
"%s: Request binlog records from %s at " "%s: Request binlog records from %s at "
"position %lu from master server %s:%d", "position %lu from master server %s:%d",
router->service->name, router->binlog_name, router->service->name, router->binlog_name,
router->binlog_position, router->service->dbref->server->name))); router->binlog_position,
router->service->dbref->server->name,
router->service->dbref->server->port)));
break; break;
case BLRM_BINLOGDUMP: case BLRM_BINLOGDUMP:
// Main body, we have received a binlog record from the master // Main body, we have received a binlog record from the master

35
server/modules/routing/binlog/blr_slave.c
View File

@ -245,14 +245,45 @@ char *qtext, *query_text;
char *sep = " ,="; char *sep = " ,=";
char *word, *brkb; char *word, *brkb;
int query_len; int query_len;
char *ptr;
extern char *strcasestr();
qtext = GWBUF_DATA(queue); qtext = GWBUF_DATA(queue);
query_len = extract_field((uint8_t *)qtext, 24) - 1; query_len = extract_field((uint8_t *)qtext, 24) - 1;
qtext += 5; // Skip header and first byte of the payload qtext += 5; // Skip header and first byte of the payload
query_text = strndup(qtext, query_len); query_text = strndup(qtext, query_len);
LOGIF(LT, (skygw_log_write( qtext = GWBUF_DATA(queue);
LOGFILE_TRACE, "Execute statement from the slave '%s'", query_text))); query_len = extract_field((uint8_t *)qtext, 24) - 1;
qtext += 5; // Skip header and first byte of the payload
query_text = strndup(qtext, query_len);
/* Don't log the full statement containg 'password', just trucate it */
ptr = strcasestr(query_text, "password");
if (ptr != NULL) {
char *new_text = strdup(query_text);
int trucate_at = (ptr - query_text);
if (trucate_at > 0) {
if ( (trucate_at + 3) <= strlen(new_text)) {
int i;
for (i = 0; i < 3; i++) {
new_text[trucate_at + i] = '.';
}
new_text[trucate_at+3] = '\0';
} else {
new_text[trucate_at] = '\0';
}
}
LOGIF(LT, (skygw_log_write(
LOGFILE_TRACE, "Execute statement (truncated, it contains password)"
" from the slave '%s'", new_text)));
free(new_text);
} else {
LOGIF(LT, (skygw_log_write(
LOGFILE_TRACE, "Execute statement from the slave '%s'", query_text)));
}
/* /*
* Implement a very rudimental "parsing" of the query text by extarcting the * Implement a very rudimental "parsing" of the query text by extarcting the
* words from the statement and matchng them against the subset of queries we * words from the statement and matchng them against the subset of queries we