diff options
| -rw-r--r-- | nova/rpc/amqp.py | 2 | ||||
| -rw-r--r-- | nova/rpc/common.py | 41 |
2 files changed, 29 insertions, 14 deletions
diff --git a/nova/rpc/amqp.py b/nova/rpc/amqp.py index e620ea36c..444ade480 100644 --- a/nova/rpc/amqp.py +++ b/nova/rpc/amqp.py @@ -185,7 +185,7 @@ def unpack_context(msg): context_dict[key[9:]] = value context_dict['msg_id'] = msg.pop('_msg_id', None) ctx = RpcContext.from_dict(context_dict) - LOG.debug(_('unpacked context: %s'), ctx.to_dict()) + rpc_common._safe_log(LOG.debug, _('unpacked context: %s'), ctx.to_dict()) return ctx diff --git a/nova/rpc/common.py b/nova/rpc/common.py index aeb533aad..03fe14e17 100644 --- a/nova/rpc/common.py +++ b/nova/rpc/common.py @@ -127,18 +127,33 @@ class Connection(object): def _safe_log(log_func, msg, msg_data): """Sanitizes the msg_data field before logging.""" - SANITIZE = { - 'set_admin_password': ('new_pass',), - 'run_instance': ('admin_password',), - } - method = msg_data['method'] - if method in SANITIZE: - msg_data = copy.deepcopy(msg_data) - args_to_sanitize = SANITIZE[method] - for arg in args_to_sanitize: - try: - msg_data['args'][arg] = "<SANITIZED>" - except KeyError: - pass + has_method = 'method' in msg_data + has_context_token = '_context_auth_token' in msg_data + has_token = 'auth_token' in msg_data + + if not any([has_method, has_context_token, has_token]): + return log_func(msg, msg_data) + + msg_data = copy.deepcopy(msg_data) + + if has_method: + SANITIZE = { + 'set_admin_password': ('new_pass',), + 'run_instance': ('admin_password',), + } + method = msg_data['method'] + if method in SANITIZE: + args_to_sanitize = SANITIZE[method] + for arg in args_to_sanitize: + try: + msg_data['args'][arg] = "<SANITIZED>" + except KeyError: + pass + + if has_context_token: + msg_data['_context_auth_token'] = '<SANITIZED>' + + if has_token: + msg_data['auth_token'] = '<SANITIZED>' return log_func(msg, msg_data) |