From 240c391abdab2e5421d1d0ea4899606873c1f213 Mon Sep 17 00:00:00 2001 From: Peter Hormanns Date: Wed, 7 Mar 2018 15:10:47 +0100 Subject: [PATCH] hide passwords in logs --- hsarback/src/de/hsadmin/core/qserv/CommandShell.java | 7 ++++++- hsarback/src/de/hsadmin/core/util/TextUtil.java | 4 ++-- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/hsarback/src/de/hsadmin/core/qserv/CommandShell.java b/hsarback/src/de/hsadmin/core/qserv/CommandShell.java index 862c0c0..79633e8 100644 --- a/hsarback/src/de/hsadmin/core/qserv/CommandShell.java +++ b/hsarback/src/de/hsadmin/core/qserv/CommandShell.java @@ -9,6 +9,8 @@ import java.io.PrintWriter; import java.util.logging.Level; import java.util.logging.Logger; +import de.hsadmin.core.util.TextUtil; + public class CommandShell { private static final Logger logger = Logger.getLogger("de.hsadmin.core.qserv"); @@ -28,7 +30,10 @@ public class CommandShell { if (logCommand != null && (logCommand.startsWith("newusers") || logCommand.startsWith("chpasswd"))) { // escape new password ! final String[] strings = stdInput.split("\\:", 3); - logCommand += "< 1) { + logCommand += ":" + TextUtil.hidePassword(strings[1]) + ":"; + } if (strings.length > 2) { logCommand += strings[2] + "EOF"; } diff --git a/hsarback/src/de/hsadmin/core/util/TextUtil.java b/hsarback/src/de/hsadmin/core/util/TextUtil.java index 55b953f..1c80168 100644 --- a/hsarback/src/de/hsadmin/core/util/TextUtil.java +++ b/hsarback/src/de/hsadmin/core/util/TextUtil.java @@ -77,8 +77,8 @@ public class TextUtil { } public static synchronized String hidePassword(String passwd) { - StringBuffer val = new StringBuffer(passwd.substring(0, 2)); - for (int i = 2; i < passwd.length(); i++) { + final StringBuffer val = new StringBuffer(passwd.substring(0, 2)); + for (int i = 2; i < 6; i++) { val.append('*'); } return val.toString();