kotovalexarian-likes-github/mperham--sidekiq
1
0
Fork 0
mirror of https://github.com/mperham/sidekiq.git synced 2022-11-09 13:52:34 -05:00
Code Releases Activity

Deep clone options, fixes #4499

Browse source 
Ensures any password mangling doesn't affect the runtime options
This commit is contained in:
Mike Perham 2020-04-01 08:11:44 -07:00
parent 432f95f3f2
commit 3f9c4bf90b
3 changed files with 17 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
Changes.md
View file

@ -8,6 +8,7 @@ HEAD
- Refactor systemd integration to work better with custom binaries [#4511] - Refactor systemd integration to work better with custom binaries [#4511]
- Don't connect to Redis at process exit if not needed [#4502] - Don't connect to Redis at process exit if not needed [#4502]
- Remove Redis connection naming [#4479] - Remove Redis connection naming [#4479]
- Fix Redis Sentinel password redaction [#4499]
6.0.6 6.0.6
--------- ---------

5
lib/sidekiq/redis_connection.rb
View file

@ -94,9 +94,10 @@ module Sidekiq
end end
def log_info(options) def log_info(options)
# Don't log Redis AUTH password
redacted = "REDACTED" redacted = "REDACTED"
scrubbed_options = options.dup
# deep clone so we can muck with these options all we want
scrubbed_options = Marshal.load(Marshal.dump(options))
if scrubbed_options[:url] && (uri = URI.parse(scrubbed_options[:url])) && uri.password if scrubbed_options[:url] && (uri = URI.parse(scrubbed_options[:url])) && uri.password
uri.password = redacted uri.password = redacted
scrubbed_options[:url] = uri.to_s scrubbed_options[:url] = uri.to_s

23
test/test_redis_connection.rb
View file

@ -190,19 +190,22 @@ describe Sidekiq::RedisConnection do
describe 'logging redis options' do describe 'logging redis options' do
it 'redacts credentials' do it 'redacts credentials' do
options = {
role: 'master',
master_name: 'mymaster',
sentinels: [
{ host: 'host1', port: 26379, password: 'secret'},
{ host: 'host2', port: 26379, password: 'secret'},
{ host: 'host3', port: 26379, password: 'secret'},
],
password: 'secret'
}
output = capture_logging do output = capture_logging do
Sidekiq::RedisConnection.create( Sidekiq::RedisConnection.create(options)
role: 'master',
master_name: 'mymaster',
sentinels: [
{ host: 'host1', port: 26379, password: 'secret'},
{ host: 'host2', port: 26379, password: 'secret'},
{ host: 'host3', port: 26379, password: 'secret'},
],
password: 'secret'
)
end end
refute_includes(options.inspect, "REDACTED")
assert_includes(output, ':host=>"host1", :port=>26379, :password=>"REDACTED"') assert_includes(output, ':host=>"host1", :port=>26379, :password=>"REDACTED"')
assert_includes(output, ':host=>"host2", :port=>26379, :password=>"REDACTED"') assert_includes(output, ':host=>"host2", :port=>26379, :password=>"REDACTED"')
assert_includes(output, ':host=>"host3", :port=>26379, :password=>"REDACTED"') assert_includes(output, ':host=>"host3", :port=>26379, :password=>"REDACTED"')