jenkins/sap-jenkins-library
1
0
Fork 0
mirror of https://github.com/SAP/jenkins-library.git synced 2024-12-12 10:55:20 +02:00
Code Issues Releases Activity

Ensure passwords are not leaked directly in debug mode when url encoding alters password

Browse Source
This commit is contained in:
Marcus Holl 2019-07-16 14:08:39 +02:00
parent fa188c06b3
commit ae34803025
1 changed files with 11 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
vars/artifactSetVersion.groovy
View File

@ -260,17 +260,21 @@ void call(Map parameters = [:], Closure body = null) {
gitConfig.add('-c http.sslVerify=false')
}
if(config.debug) { // known issue: in case somebody provides the stringish 'false' we get the boolean value 'true' here.
echo 'Debug mode enabled. This is not recommanded for productive usage. This might reveal security sensitive information.'
gitDebug ='git config --list; env |grep proxy; GIT_CURL_VERBOSE=1 GIT_TRACE=1 '
gitPushFlags.add('--verbose')
}
if(encodedVersionsDiffers && ! config.debug) {
if(encodedVersionsDiffers) {
if(config.debug) { // known issue: in case somebody provides the stringish 'false' we get the boolean value 'true' here.
echo 'Debug flag set, but encoded username/password differs from unencoded version. Cannot provide debug output in this case. ' +
'In order to enable debug output switch to a username/password which is not altered by url encoding.'
}
hashbangFlags = '-e'
streamhandling ='&>/dev/null'
gitPushFlags.add('--quiet')
echo 'Performing git push in quiet mode.'
} else {
if(config.debug) { // known issue: in case somebody provides the stringish 'false' we get the boolean value 'true' here.
echo 'Debug mode enabled. This is not recommanded for productive usage. This might reveal security sensitive information.'
gitDebug ='git config --list; env |grep proxy; GIT_CURL_VERBOSE=1 GIT_TRACE=1 '
gitPushFlags.add('--verbose')
}
}
gitConfig = gitConfig.join(' ')