kotovalexarian-likes-github/moby--moby
1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2022-11-09 12:21:53 -05:00
Code Releases Activity

daemon: move maskCredentials to config package

Browse source 
This allows the utility to be used in other places.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This commit is contained in:
Sebastiaan van Stijn 2021-08-31 14:05:49 +02:00
parent aef8e48172
commit a6ce7eff65
No known key found for this signature in database
GPG key ID: 76698F39D527CE8C
4 changed files with 59 additions and 66 deletions
Download patch file Download diff file Expand all files Collapse all files

11
daemon/config/config.go
View file

@ -5,6 +5,7 @@ import (
"encoding/json" "encoding/json"
"fmt" "fmt"
"net" "net"
"net/url"
"os" "os"
"reflect" "reflect"
"strings" "strings"
@ -645,3 +646,13 @@ func (conf *Config) GetDefaultRuntimeName() string {
return rt return rt
} }
// MaskCredentials masks credentials that are in an URL.
func MaskCredentials(rawURL string) string {
parsedURL, err := url.Parse(rawURL)
if err != nil || parsedURL.User == nil {
return rawURL
}
parsedURL.User = url.UserPassword("xxxxx", "xxxxx")
return parsedURL.String()
}

46
daemon/config/config_test.go
View file

@ -578,3 +578,49 @@ func TestReloadWithDuplicateLabels(t *testing.T) {
err := Reload(configFile, flags, func(c *Config) {}) err := Reload(configFile, flags, func(c *Config) {})
assert.Check(t, err) assert.Check(t, err)
} }
func TestMaskURLCredentials(t *testing.T) {
tests := []struct {
rawURL string
maskedURL string
}{
{
rawURL: "",
maskedURL: "",
}, {
rawURL: "invalidURL",
maskedURL: "invalidURL",
}, {
rawURL: "http://proxy.example.com:80/",
maskedURL: "http://proxy.example.com:80/",
}, {
rawURL: "http://USER:PASSWORD@proxy.example.com:80/",
maskedURL: "http://xxxxx:xxxxx@proxy.example.com:80/",
}, {
rawURL: "http://PASSWORD:PASSWORD@proxy.example.com:80/",
maskedURL: "http://xxxxx:xxxxx@proxy.example.com:80/",
}, {
rawURL: "http://USER:@proxy.example.com:80/",
maskedURL: "http://xxxxx:xxxxx@proxy.example.com:80/",
}, {
rawURL: "http://:PASSWORD@proxy.example.com:80/",
maskedURL: "http://xxxxx:xxxxx@proxy.example.com:80/",
}, {
rawURL: "http://USER@docker:password@proxy.example.com:80/",
maskedURL: "http://xxxxx:xxxxx@proxy.example.com:80/",
}, {
rawURL: "http://USER%40docker:password@proxy.example.com:80/",
maskedURL: "http://xxxxx:xxxxx@proxy.example.com:80/",
}, {
rawURL: "http://USER%40docker:pa%3Fsword@proxy.example.com:80/",
maskedURL: "http://xxxxx:xxxxx@proxy.example.com:80/",
}, {
rawURL: "http://USER%40docker:pa%3Fsword@proxy.example.com:80/hello%20world",
maskedURL: "http://xxxxx:xxxxx@proxy.example.com:80/hello%20world",
},
}
for _, test := range tests {
maskedURL := MaskCredentials(test.rawURL)
assert.Equal(t, maskedURL, test.maskedURL)
}
}

15
daemon/info.go
View file

@ -2,7 +2,6 @@ package daemon // import "github.com/docker/docker/daemon"
import ( import (
"fmt" "fmt"
"net/url"
"os" "os"
"runtime" "runtime"
"strings" "strings"
@ -64,8 +63,8 @@ func (daemon *Daemon) SystemInfo() *types.Info {
Labels: daemon.configStore.Labels, Labels: daemon.configStore.Labels,
ExperimentalBuild: daemon.configStore.Experimental, ExperimentalBuild: daemon.configStore.Experimental,
ServerVersion: dockerversion.Version, ServerVersion: dockerversion.Version,
HTTPProxy: maskCredentials(getEnvAny("HTTP_PROXY", "http_proxy")), HTTPProxy: config.MaskCredentials(getEnvAny("HTTP_PROXY", "http_proxy")),
HTTPSProxy: maskCredentials(getEnvAny("HTTPS_PROXY", "https_proxy")), HTTPSProxy: config.MaskCredentials(getEnvAny("HTTPS_PROXY", "https_proxy")),
NoProxy: getEnvAny("NO_PROXY", "no_proxy"), NoProxy: getEnvAny("NO_PROXY", "no_proxy"),
LiveRestoreEnabled: daemon.configStore.LiveRestoreEnabled, LiveRestoreEnabled: daemon.configStore.LiveRestoreEnabled,
Isolation: daemon.defaultIsolation, Isolation: daemon.defaultIsolation,
@ -289,16 +288,6 @@ func osVersion() (version string) {
return version return version
} }
func maskCredentials(rawURL string) string {
parsedURL, err := url.Parse(rawURL)
if err != nil || parsedURL.User == nil {
return rawURL
}
parsedURL.User = url.UserPassword("xxxxx", "xxxxx")
maskedURL := parsedURL.String()
return maskedURL
}
func getEnvAny(names ...string) string { func getEnvAny(names ...string) string {
for _, n := range names { for _, n := range names {
if val := os.Getenv(n); val != "" { if val := os.Getenv(n); val != "" {

53
daemon/info_test.go
View file

@ -1,53 +0,0 @@
package daemon
import (
"testing"
"gotest.tools/v3/assert"
)
func TestMaskURLCredentials(t *testing.T) {
tests := []struct {
rawURL string
maskedURL string
}{
{
rawURL: "",
maskedURL: "",
}, {
rawURL: "invalidURL",
maskedURL: "invalidURL",
}, {
rawURL: "http://proxy.example.com:80/",
maskedURL: "http://proxy.example.com:80/",
}, {
rawURL: "http://USER:PASSWORD@proxy.example.com:80/",
maskedURL: "http://xxxxx:xxxxx@proxy.example.com:80/",
}, {
rawURL: "http://PASSWORD:PASSWORD@proxy.example.com:80/",
maskedURL: "http://xxxxx:xxxxx@proxy.example.com:80/",
}, {
rawURL: "http://USER:@proxy.example.com:80/",
maskedURL: "http://xxxxx:xxxxx@proxy.example.com:80/",
}, {
rawURL: "http://:PASSWORD@proxy.example.com:80/",
maskedURL: "http://xxxxx:xxxxx@proxy.example.com:80/",
}, {
rawURL: "http://USER@docker:password@proxy.example.com:80/",
maskedURL: "http://xxxxx:xxxxx@proxy.example.com:80/",
}, {
rawURL: "http://USER%40docker:password@proxy.example.com:80/",
maskedURL: "http://xxxxx:xxxxx@proxy.example.com:80/",
}, {
rawURL: "http://USER%40docker:pa%3Fsword@proxy.example.com:80/",
maskedURL: "http://xxxxx:xxxxx@proxy.example.com:80/",
}, {
rawURL: "http://USER%40docker:pa%3Fsword@proxy.example.com:80/hello%20world",
maskedURL: "http://xxxxx:xxxxx@proxy.example.com:80/hello%20world",
},
}
for _, test := range tests {
maskedURL := maskCredentials(test.rawURL)
assert.Equal(t, maskedURL, test.maskedURL)
}
}