Skip to content

GitLab

  • Projects
  • Groups
  • Snippets
  • Help
    • Loading...
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in / Register
Kea
Kea
  • Project overview
    • Project overview
    • Details
    • Activity
    • Releases
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 457
    • Issues 457
    • List
    • Boards
    • Labels
    • Service Desk
    • Milestones
  • Merge Requests 75
    • Merge Requests 75
  • Operations
    • Operations
    • Incidents
  • Packages & Registries
    • Packages & Registries
    • Container Registry
  • Analytics
    • Analytics
    • Repository
    • Value Stream
  • Wiki
    • Wiki
  • Snippets
    • Snippets
  • Members
    • Members
  • Activity
  • Graph
  • Create a new issue
  • Commits
  • Issue Boards
Collapse sidebar
  • ISC Open Source Projects
  • KeaKea
  • Issues
  • #1721

Closed
Open
Created Feb 22, 2021 by Andrei Pavel@andrei🐧Maintainer

Obfuscate passwords in logs that show configuration

There seem to be only two types of logging that could expose passwords: configuration logs and dbaccess logs.

INFO [kea-dhcp4.dhcpsrv] DHCPSRV_MYSQL_DB opening MySQL lease database: host=127.0.0.1 max-reconnect-tries=3 name=keatest password=***** port=3306 reconnect-wait-time=3000 type=mysql universe=4 user=keatest

dbaccess logs are covered, but config logs have the password exposed. except for this kea-ctrl-agent configuration log which also obfuscates:

DEBUG [kea-ctrl-agent.dctl] DCTL_CONFIG_START parsing new configuration: { "authentication": { "clients": [ { "password": "*****", "user": "superadmin" } ], ... }

So this seems like a slip-up in hiding passwords everywhere?

Something to note in the code is that there might be some places where passwords can't be hidden like this place where the problem seems to be that it might rethrow:

        } catch (const std::exception& ex) {
            // We'd obscure the password if we could parse the access string.
            DB_LOG_ERROR(DB_INVALID_ACCESS).arg(dbaccess);
            throw;
        }

Is this a similar case?

RT#17595

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
kea1.9.7
Milestone
kea1.9.7
Assign milestone
Time tracking
None
Due date
None