db/pgbackrest
1
0
Fork 0
mirror of https://github.com/pgbackrest/pgbackrest.git synced 2026-05-22 10:15:16 +02:00
Code Issues Releases Activity

Redact secure options in check --report.

Browse Source 
For this to be practically useful secure options must be redacted. Otherwise, no user is likely to share the report.

Since this feature is still internal, there is no real world impact.
This commit is contained in:
David Steele
2024-03-13 12:06:23 +13:00
parent ff47450402
commit de55902fb3
2 changed files with 14 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/command/check/report.c
+5
View File
@@ -48,6 +48,7 @@ checkReportConfigVal(JsonWrite *const json, const String *const optionName, cons
if (option.multi)
{
ASSERT(strLstSize(valueList) >= 1);
ASSERT(!cfgParseOptionSecure(option.id));
// Split environment values
if (env)
@@ -68,6 +69,10 @@ checkReportConfigVal(JsonWrite *const json, const String *const optionName, cons
else
{
ASSERT(strLstSize(valueList) == 1);
if (cfgParseOptionSecure(option.id))
jsonWriteStr(json, strNewFmt("<%s>", strZ(optionName)));
else
jsonWriteStr(json, strLstGet(valueList, 0));
}
}
test/src/module/command/checkTest.c
+8
View File
@@ -38,6 +38,8 @@ testRun(void)
storageTest, "pgbackrest.conf",
"[global]\n"
"repo1-path=" TEST_PATH "/repo1\n"
"repo1-cipher-type=aes-256-cbc\n"
"repo1-cipher-pass=ULmO7pKuimOzPEqHH9HUqQln\n"
"repo1-block=y\n"
"no-repo1-block=bogus\n"
"bogus=y\n"
@@ -156,6 +158,12 @@ testRun(void)
"\"repo1-block\":{"
"\"val\":\"y\""
"},"
"\"repo1-cipher-pass\":{"
"\"val\":\"<repo1-cipher-pass>\""
"},"
"\"repo1-cipher-type\":{"
"\"val\":\"aes-256-cbc\""
"},"
"\"repo1-path\":{"
"\"val\":\"" TEST_PATH "/repo1\""
"}"