do not log wifi passwords from existing configs
This commit is contained in:
parent
71ee369c7f
commit
e588d6475f
|
@ -29,7 +29,6 @@ from subiquitycore.file_util import write_file
|
||||||
from subiquitycore.models.network import (
|
from subiquitycore.models.network import (
|
||||||
BondParameters,
|
BondParameters,
|
||||||
NetDevAction,
|
NetDevAction,
|
||||||
sanitize_config,
|
|
||||||
)
|
)
|
||||||
from subiquitycore import netplan
|
from subiquitycore import netplan
|
||||||
from subiquitycore.ui.views.network import (
|
from subiquitycore.ui.views.network import (
|
||||||
|
@ -342,7 +341,9 @@ class NetworkController(BaseController):
|
||||||
config = self.model.render_config()
|
config = self.model.render_config()
|
||||||
|
|
||||||
log.debug("network config: \n%s",
|
log.debug("network config: \n%s",
|
||||||
yaml.dump(sanitize_config(config), default_flow_style=False))
|
yaml.dump(
|
||||||
|
netplan.sanitize_config(config),
|
||||||
|
default_flow_style=False))
|
||||||
|
|
||||||
for p in netplan.configs_in_root(self.root, masked=True):
|
for p in netplan.configs_in_root(self.root, masked=True):
|
||||||
if p == self.netplan_path:
|
if p == self.netplan_path:
|
||||||
|
|
|
@ -13,7 +13,6 @@
|
||||||
# You should have received a copy of the GNU Affero General Public License
|
# You should have received a copy of the GNU Affero General Public License
|
||||||
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
|
||||||
import copy
|
|
||||||
import enum
|
import enum
|
||||||
import ipaddress
|
import ipaddress
|
||||||
import logging
|
import logging
|
||||||
|
@ -44,27 +43,6 @@ class NetDevAction(enum.Enum):
|
||||||
DELETE = _("Delete")
|
DELETE = _("Delete")
|
||||||
|
|
||||||
|
|
||||||
def _sanitize_inteface_config(iface_config):
|
|
||||||
for ap, ap_config in iface_config.get('access-points', {}).items():
|
|
||||||
if 'password' in ap_config:
|
|
||||||
ap_config['password'] = '<REDACTED>'
|
|
||||||
|
|
||||||
|
|
||||||
def sanitize_interface_config(iface_config):
|
|
||||||
iface_config = copy.deepcopy(iface_config)
|
|
||||||
_sanitize_inteface_config(iface_config)
|
|
||||||
return iface_config
|
|
||||||
|
|
||||||
|
|
||||||
def sanitize_config(config):
|
|
||||||
"""Return a copy of config with passwords redacted."""
|
|
||||||
config = copy.deepcopy(config)
|
|
||||||
interfaces = config.get('network', {}).get('wifis', {}).items()
|
|
||||||
for iface, iface_config in interfaces:
|
|
||||||
_sanitize_inteface_config(iface_config)
|
|
||||||
return config
|
|
||||||
|
|
||||||
|
|
||||||
class BondParameters:
|
class BondParameters:
|
||||||
# Just a place to hang various data about how bonds can be
|
# Just a place to hang various data about how bonds can be
|
||||||
# configured.
|
# configured.
|
||||||
|
@ -293,7 +271,7 @@ class NetworkModel(object):
|
||||||
dev.config = config
|
dev.config = config
|
||||||
log.debug("new_link %s %s with config %s",
|
log.debug("new_link %s %s with config %s",
|
||||||
ifindex, link.name,
|
ifindex, link.name,
|
||||||
sanitize_interface_config(dev.config))
|
netplan.sanitize_interface_config(dev.config))
|
||||||
self.devices_by_name[link.name] = dev
|
self.devices_by_name[link.name] = dev
|
||||||
return dev
|
return dev
|
||||||
|
|
||||||
|
|
|
@ -8,6 +8,27 @@ import yaml
|
||||||
log = logging.getLogger("subiquitycore.netplan")
|
log = logging.getLogger("subiquitycore.netplan")
|
||||||
|
|
||||||
|
|
||||||
|
def _sanitize_inteface_config(iface_config):
|
||||||
|
for ap, ap_config in iface_config.get('access-points', {}).items():
|
||||||
|
if 'password' in ap_config:
|
||||||
|
ap_config['password'] = '<REDACTED>'
|
||||||
|
|
||||||
|
|
||||||
|
def sanitize_interface_config(iface_config):
|
||||||
|
iface_config = copy.deepcopy(iface_config)
|
||||||
|
_sanitize_inteface_config(iface_config)
|
||||||
|
return iface_config
|
||||||
|
|
||||||
|
|
||||||
|
def sanitize_config(config):
|
||||||
|
"""Return a copy of config with passwords redacted."""
|
||||||
|
config = copy.deepcopy(config)
|
||||||
|
interfaces = config.get('network', {}).get('wifis', {}).items()
|
||||||
|
for iface, iface_config in interfaces:
|
||||||
|
_sanitize_inteface_config(iface_config)
|
||||||
|
return config
|
||||||
|
|
||||||
|
|
||||||
class Config:
|
class Config:
|
||||||
"""A NetplanConfig represents the network config for a system.
|
"""A NetplanConfig represents the network config for a system.
|
||||||
|
|
||||||
|
@ -85,7 +106,9 @@ class _PhysicalDevice:
|
||||||
self.match_mac = match.get('macaddress')
|
self.match_mac = match.get('macaddress')
|
||||||
self.match_driver = match.get('driver')
|
self.match_driver = match.get('driver')
|
||||||
self.config = config
|
self.config = config
|
||||||
log.debug("config for %s = %s" % (name, self.config))
|
log.debug(
|
||||||
|
"config for %s = %s" % (
|
||||||
|
name, sanitize_interface_config(self.config)))
|
||||||
|
|
||||||
def matches_link(self, link):
|
def matches_link(self, link):
|
||||||
if self.match_name is not None:
|
if self.match_name is not None:
|
||||||
|
@ -107,7 +130,9 @@ class _VirtualDevice:
|
||||||
def __init__(self, name, config):
|
def __init__(self, name, config):
|
||||||
self.name = name
|
self.name = name
|
||||||
self.config = config
|
self.config = config
|
||||||
log.debug("config for %s = %s" % (name, self.config))
|
log.debug(
|
||||||
|
"config for %s = %s" % (
|
||||||
|
name, sanitize_interface_config(self.config)))
|
||||||
|
|
||||||
|
|
||||||
def configs_in_root(root, masked=False):
|
def configs_in_root(root, masked=False):
|
||||||
|
|
Loading…
Reference in New Issue