From: Neha Ojha <nojha@redhat.com>
Date: Thu, 3 Dec 2020 19:18:04 +0000 (+0000)
Subject: messages/MMonCommand, MMonCommandAck: don't log values for "config set" and "config... 
X-Git-Tag: v14.2.17~113^2~5
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=b579cddca07a19d8de2613eb7713de9e33d67d0d;p=ceph.git

messages/MMonCommand, MMonCommandAck: don't log values for "config set" and "config-key set"

This acts like a big hammer to avoid adding sensitive information, like passwords
into mon/mgr/cluster logs when using "config set" and "config-key set" to set keys
whose values should be secure.

Fixes: https://tracker.ceph.com/issues/37503
Signed-off-by: Neha Ojha <nojha@redhat.com>
(cherry picked from commit 3d54660ca1a9a7ae54e884c3181fca17a40d8cd3)

 Conflicts:
	src/messages/MMonCommand.h - trivial resolution
	src/messages/MMonCommandAck.h - trivial resolution
---

diff --git a/src/messages/MMonCommand.h b/src/messages/MMonCommand.h
index afb3142b49d..189008325f0 100644
--- a/src/messages/MMonCommand.h
+++ b/src/messages/MMonCommand.h
@@ -15,6 +15,7 @@
 #ifndef CEPH_MMONCOMMAND_H
 #define CEPH_MMONCOMMAND_H
 
+#include "common/cmdparse.h"
 #include "messages/PaxosServiceMessage.h"
 
 #include <vector>
@@ -39,10 +40,26 @@ private:
 public:  
   std::string_view get_type_name() const override { return "mon_command"; }
   void print(ostream& o) const override {
+    cmdmap_t cmdmap;
+    stringstream ss;
+    string prefix;
+    cmdmap_from_json(cmd, &cmdmap, ss);
+    cmd_getval(g_ceph_context, cmdmap, "prefix", prefix);
+    // Some config values contain sensitive data, so don't log them
     o << "mon_command(";
-    for (unsigned i=0; i<cmd.size(); i++) {
-      if (i) o << ' ';
-      o << cmd[i];
+    if (prefix == "config set") {
+      string name;
+      cmd_getval(g_ceph_context, cmdmap, "name", name);
+      o << "[{prefix=" << prefix << ", name=" << name << "}]";
+    } else if (prefix == "config-key set") {
+      string key;
+      cmd_getval(g_ceph_context, cmdmap, "key", key);
+      o << "[{prefix=" << prefix << ", key=" << key << "}]";
+    } else {
+      for (unsigned i=0; i<cmd.size(); i++) {
+        if (i) o << ' ';
+        o << cmd[i];
+      }
     }
     o << " v " << version << ")";
   }
diff --git a/src/messages/MMonCommandAck.h b/src/messages/MMonCommandAck.h
index cc7a15fce5f..7802e6e0d22 100644
--- a/src/messages/MMonCommandAck.h
+++ b/src/messages/MMonCommandAck.h
@@ -15,6 +15,7 @@
 #ifndef CEPH_MMONCOMMANDACK_H
 #define CEPH_MMONCOMMANDACK_H
 
+#include "common/cmdparse.h"
 #include "messages/PaxosServiceMessage.h"
 
 class MMonCommandAck : public MessageInstance<MMonCommandAck, PaxosServiceMessage> {
@@ -35,7 +36,28 @@ private:
 public:
   std::string_view get_type_name() const override { return "mon_command"; }
   void print(ostream& o) const override {
-    o << "mon_command_ack(" << cmd << "=" << r << " " << rs << " v" << version << ")";
+    cmdmap_t cmdmap;
+    stringstream ss;
+    string prefix;
+    cmdmap_from_json(cmd, &cmdmap, ss);
+    cmd_getval(g_ceph_context, cmdmap, "prefix", prefix);
+    // Some config values contain sensitive data, so don't log them
+    o << "mon_command_ack(";
+    if (prefix == "config set") {
+      string name;
+      cmd_getval(g_ceph_context, cmdmap, "name", name);
+      o << "[{prefix=" << prefix
+        << ", name=" << name << "}]"
+        << "=" << r << " " << rs << " v" << version << ")";
+    } else if (prefix == "config-key set") {
+      string key;
+      cmd_getval(g_ceph_context, cmdmap, "key", key);
+      o << "[{prefix=" << prefix << ", key=" << key << "}]"
+        << "=" << r << " " << rs << " v" << version << ")";
+    } else {
+      o << cmd;
+    }
+    o << "=" << r << " " << rs << " v" << version << ")";
   }
   
   void encode_payload(uint64_t features) override {