diff options
| author | Michael Still <mikal@stillhq.com> | 2013-01-02 20:21:28 +1100 |
|---|---|---|
| committer | Michael Still <mikal@stillhq.com> | 2013-01-04 09:34:38 +1100 |
| commit | 008500197a82a0ec15822bf17a35c5a283c50910 (patch) | |
| tree | bad5da79b55b8d8f831d7ddcc26ebd1e21046ece /openstack | |
| parent | fdc74c07d63ff897f42405b6dde0ffa46d6e26c3 (diff) | |
| download | oslo-008500197a82a0ec15822bf17a35c5a283c50910.tar.gz oslo-008500197a82a0ec15822bf17a35c5a283c50910.tar.xz oslo-008500197a82a0ec15822bf17a35c5a283c50910.zip | |
Sanitize cells calls.
Cells puts the data to be sanitized deeper into the message. We
should get this into oslo ready for when cells lands.
Change-Id: Ic5d111f11c979a179e0edcb314feb3f9d93f66ce
Diffstat (limited to 'openstack')
| -rw-r--r-- | openstack/common/rpc/common.py | 26 |
1 files changed, 16 insertions, 10 deletions
diff --git a/openstack/common/rpc/common.py b/openstack/common/rpc/common.py index a3a3699..7434a2d 100644 --- a/openstack/common/rpc/common.py +++ b/openstack/common/rpc/common.py @@ -212,8 +212,12 @@ class Connection(object): def _safe_log(log_func, msg, msg_data): """Sanitizes the msg_data field before logging.""" - SANITIZE = {'set_admin_password': ('new_pass',), - 'run_instance': ('admin_password',), } + SANITIZE = {'set_admin_password': [('args', 'new_pass')], + 'run_instance': [('args', 'admin_password')], + 'route_message': [('args', 'message', 'args', 'method_info', + 'method_kwargs', 'password'), + ('args', 'message', 'args', 'method_info', + 'method_kwargs', 'admin_password')]} has_method = 'method' in msg_data and msg_data['method'] in SANITIZE has_context_token = '_context_auth_token' in msg_data @@ -225,14 +229,16 @@ def _safe_log(log_func, msg, msg_data): msg_data = copy.deepcopy(msg_data) if has_method: - method = msg_data['method'] - if method in SANITIZE: - args_to_sanitize = SANITIZE[method] - for arg in args_to_sanitize: - try: - msg_data['args'][arg] = "<SANITIZED>" - except KeyError: - pass + for arg in SANITIZE.get(msg_data['method'], []): + try: + d = msg_data + for elem in arg[:-1]: + d = d[elem] + d[arg[-1]] = '<SANITIZED>' + except KeyError, e: + LOG.info(_('Failed to sanitize %(item)s. Key error %(err)s'), + {'item': arg, + 'err': e}) if has_context_token: msg_data['_context_auth_token'] = '<SANITIZED>' |