diff options
author | Arttu Tarkiainen <arttu.tarkiainen@qt.io> | 2024-05-03 09:45:30 +0300 |
---|---|---|
committer | Arttu Tarkiainen <arttu.tarkiainen@qt.io> | 2024-05-06 16:20:25 +0300 |
commit | 1d28d83bcfdcd1d076f6501f4aef72f1f8bc9410 (patch) | |
tree | f619775b49db46fe43bfef61c16d417775a27276 | |
parent | 8f5c951f344196681d1e17e9402e64988c75e876 (diff) |
Hide JWT in the logs
In case of 'debug' logging level, the raw requests from clients were
printed to stdout and file. Hide sensitive information in the
logging print.
Task-number: QLS-934
Pick-to: 3.1
Change-Id: Ibda32f718b27f84ad12304c52ff712bb5845660e
Reviewed-by: Iikka Eklund <iikka.eklund@qt.io>
-rw-r--r-- | src/libs/qlicenseservice/licenser.cpp | 26 |
1 files changed, 25 insertions, 1 deletions
diff --git a/src/libs/qlicenseservice/licenser.cpp b/src/libs/qlicenseservice/licenser.cpp index af96de3..a3f702c 100644 --- a/src/libs/qlicenseservice/licenser.cpp +++ b/src/libs/qlicenseservice/licenser.cpp @@ -25,6 +25,29 @@ using namespace QLicenseCore; namespace QLicenseService { +static std::string replaceOptionValue(const std::string &request, const std::string &option) +{ + std::string replaced = request; + + const size_t pos = request.find(option); + if (pos != std::string::npos) { + // Find the start of the value + const size_t valueStart = request.find(' ', pos); + if (valueStart != std::string::npos) { + // Find the end of the value + size_t valueEnd = request.find(' ', valueStart + 1); + if (valueEnd == std::string::npos) + valueEnd = request.length(); + + // Replace the value with asterisks + replaced.replace(valueStart + 1, valueEnd - valueStart - 1, "*****"); + } + } + + return replaced; +} + + Licenser::Licenser(DaemonRunMode runMode, uint16_t tcpPort, const std::string &workDir) : m_runMode(runMode) , m_state(DaemonState::Starting) @@ -211,7 +234,8 @@ int Licenser::onTcpReadyRead(uint16_t socketId) return 0; } - logDebug("Got a request: %s", input.c_str()); + if (Logger::getInstance()->logLevel() >= LogLevel::LOGLEVEL_DEBUG) + logDebug("Got a request: %s", replaceOptionValue(input, "-jwt").c_str()); // Parse very basic info from input RequestInfo request = preParseInput(response, socketId, input); |