filter potential passwords in connstr before logging it

author anti.veeranna <anti.veeranna@skype.net>

Tue, 6 Dec 2011 08:17:40 +0000 (10:17 +0200)

committer anti.veeranna <anti.veeranna@skype.net>

Tue, 6 Dec 2011 08:17:40 +0000 (10:17 +0200)
author anti.veeranna <anti.veeranna@skype.net>
Tue, 6 Dec 2011 08:17:40 +0000 (10:17 +0200)
committer anti.veeranna <anti.veeranna@skype.net>
Tue, 6 Dec 2011 08:17:40 +0000 (10:17 +0200)
diff --git a/python/skytools/scripting.py b/python/skytools/scripting.py

index b0badda9ebd7a355f5aab2d7a01e21aabe03f7c4..8bce30fe93c0a9b52015c5cc8350e54a4f8d81f2 100644 (file)
--- a/python/skytools/scripting.py
+++ b/python/skytools/scripting.py
@@ -3,7 +3,7 @@
  
  """
  
-import sys, os, signal, optparse, time, errno, select
+import sys, os, signal, optparse, time, errno, select, re
  import logging, logging.handlers, logging.config
  
  import skytools
@@ -712,7 +712,9 @@ class DBScript(BaseScript):
          else:
              if not connstr:
                  connstr = self.cf.get(dbname)
-            self.log.debug("Connect '%s' to '%s'" % (cache, connstr))
+            # connstr might contain password, it is not a good idea to log it
+            filtered_connstr = re.sub(' password=\S+', ' password=***HIDDEN***', connstr)
+            self.log.debug("Connect '%s' to '%s'" % (cache, filtered_connstr))
              dbc = DBCachedConn(cache, connstr, params['max_age'], setup_func = self.connection_hook)
              self.db_cache[cache] = dbc
author	anti.veeranna <anti.veeranna@skype.net>
	Tue, 6 Dec 2011 08:17:40 +0000 (10:17 +0200)
committer	anti.veeranna <anti.veeranna@skype.net>
	Tue, 6 Dec 2011 08:17:40 +0000 (10:17 +0200)