Merge pull request #775 from mwhudson/logged-passwords-lp-1879381
do not log wifi passwords from existing configs
This commit is contained in:
commit
acd6ee0032
|
@ -29,7 +29,6 @@ from subiquitycore.file_util import write_file
|
|||
from subiquitycore.models.network import (
|
||||
BondParameters,
|
||||
NetDevAction,
|
||||
sanitize_config,
|
||||
)
|
||||
from subiquitycore import netplan
|
||||
from subiquitycore.ui.views.network import (
|
||||
|
@ -342,7 +341,9 @@ class NetworkController(BaseController):
|
|||
config = self.model.render_config()
|
||||
|
||||
log.debug("network config: \n%s",
|
||||
yaml.dump(sanitize_config(config), default_flow_style=False))
|
||||
yaml.dump(
|
||||
netplan.sanitize_config(config),
|
||||
default_flow_style=False))
|
||||
|
||||
for p in netplan.configs_in_root(self.root, masked=True):
|
||||
if p == self.netplan_path:
|
||||
|
|
|
@ -13,7 +13,6 @@
|
|||
# You should have received a copy of the GNU Affero General Public License
|
||||
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
import copy
|
||||
import enum
|
||||
import ipaddress
|
||||
import logging
|
||||
|
@ -44,27 +43,6 @@ class NetDevAction(enum.Enum):
|
|||
DELETE = _("Delete")
|
||||
|
||||
|
||||
def _sanitize_inteface_config(iface_config):
|
||||
for ap, ap_config in iface_config.get('access-points', {}).items():
|
||||
if 'password' in ap_config:
|
||||
ap_config['password'] = '<REDACTED>'
|
||||
|
||||
|
||||
def sanitize_interface_config(iface_config):
|
||||
iface_config = copy.deepcopy(iface_config)
|
||||
_sanitize_inteface_config(iface_config)
|
||||
return iface_config
|
||||
|
||||
|
||||
def sanitize_config(config):
|
||||
"""Return a copy of config with passwords redacted."""
|
||||
config = copy.deepcopy(config)
|
||||
interfaces = config.get('network', {}).get('wifis', {}).items()
|
||||
for iface, iface_config in interfaces:
|
||||
_sanitize_inteface_config(iface_config)
|
||||
return config
|
||||
|
||||
|
||||
class BondParameters:
|
||||
# Just a place to hang various data about how bonds can be
|
||||
# configured.
|
||||
|
@ -308,7 +286,7 @@ class NetworkModel(object):
|
|||
dev.config = config
|
||||
log.debug("new_link %s %s with config %s",
|
||||
ifindex, link.name,
|
||||
sanitize_interface_config(dev.config))
|
||||
netplan.sanitize_interface_config(dev.config))
|
||||
self.devices_by_name[link.name] = dev
|
||||
return dev
|
||||
|
||||
|
|
|
@ -8,6 +8,27 @@ import yaml
|
|||
log = logging.getLogger("subiquitycore.netplan")
|
||||
|
||||
|
||||
def _sanitize_inteface_config(iface_config):
|
||||
for ap, ap_config in iface_config.get('access-points', {}).items():
|
||||
if 'password' in ap_config:
|
||||
ap_config['password'] = '<REDACTED>'
|
||||
|
||||
|
||||
def sanitize_interface_config(iface_config):
|
||||
iface_config = copy.deepcopy(iface_config)
|
||||
_sanitize_inteface_config(iface_config)
|
||||
return iface_config
|
||||
|
||||
|
||||
def sanitize_config(config):
|
||||
"""Return a copy of config with passwords redacted."""
|
||||
config = copy.deepcopy(config)
|
||||
interfaces = config.get('network', {}).get('wifis', {}).items()
|
||||
for iface, iface_config in interfaces:
|
||||
_sanitize_inteface_config(iface_config)
|
||||
return config
|
||||
|
||||
|
||||
class Config:
|
||||
"""A NetplanConfig represents the network config for a system.
|
||||
|
||||
|
@ -85,7 +106,9 @@ class _PhysicalDevice:
|
|||
self.match_mac = match.get('macaddress')
|
||||
self.match_driver = match.get('driver')
|
||||
self.config = config
|
||||
log.debug("config for %s = %s" % (name, self.config))
|
||||
log.debug(
|
||||
"config for %s = %s" % (
|
||||
name, sanitize_interface_config(self.config)))
|
||||
|
||||
def matches_link(self, link):
|
||||
if self.match_name is not None:
|
||||
|
@ -107,7 +130,9 @@ class _VirtualDevice:
|
|||
def __init__(self, name, config):
|
||||
self.name = name
|
||||
self.config = config
|
||||
log.debug("config for %s = %s" % (name, self.config))
|
||||
log.debug(
|
||||
"config for %s = %s" % (
|
||||
name, sanitize_interface_config(self.config)))
|
||||
|
||||
|
||||
def configs_in_root(root, masked=False):
|
||||
|
|
Loading…
Reference in New Issue