diff --git a/CMakeLists.txt b/CMakeLists.txt index 221303a128..5f969582ed 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -170,8 +170,6 @@ set (SOURCE_FILES_PUT_GET cpp/logger/SFAwsLogger.hpp cpp/logger/SFLogger.cpp cpp/logger/SFLogger.hpp - cpp/logger/SecretDetector.cpp - cpp/logger/SecretDetector.hpp include/snowflake/IFileTransferAgent.hpp include/snowflake/ISFLogger.hpp include/snowflake/IStatementPutGet.hpp diff --git a/ci/dev/CentOS-Base.repo b/ci/dev/CentOS-Base.repo new file mode 100755 index 0000000000..93e8e241a7 --- /dev/null +++ b/ci/dev/CentOS-Base.repo @@ -0,0 +1,24 @@ +# yum repo file for snowflake internal backup yum repo +# Used as a temporary fix for ODBC docker before moving docker +# maintenace to Engineer Infra Team + +[base] +name=CentOS-$releasever - Base +baseurl=http://repo.int.snowflakecomputing.com:81/repos/base +gpgcheck=1 +priority=10 +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6 + +[updates] +name=CentOS-$releasever - Updates +baseurl=http://repo.int.snowflakecomputing.com:81/repos/updates +gpgcheck=1 +priority=10 +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6 + +[extras] +name=CentOS-$releasever - Extras +baseurl=http://repo.int.snowflakecomputing.com:81/repos/extras +gpgcheck=1 +priority=10 +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6 diff --git a/ci/dev/Dockerfile b/ci/dev/Dockerfile index 144cdbeebe..caabb05882 100644 --- a/ci/dev/Dockerfile +++ b/ci/dev/Dockerfile @@ -1,6 +1,19 @@ ARG BASE_IMAGE_NAME FROM $BASE_IMAGE_NAME ARG LOCAL_USER_ID + +# replace outdated yum repo link with snowflake internal links +COPY CentOS-Base.repo /etc/yum.repos.d/ +CMD chmod 644 /etc/yum.repos.d/CentOS-Base.repo +RUN yum-config-manager --disable centos* +RUN yum-config-manager --disable WANdisco-git +RUN yum-config-manager --disable okay +RUN yum-config-manager --disable base +RUN yum-config-manager --disable updates +RUN yum-config-manager --enable base +RUN yum-config-manager --enable updates +RUN yum-config-manager --enable extras + # setup ssh server for debugging RUN yum install -y openssh-server diff --git a/ci/dev/README.rst b/ci/dev/README.rst index 04200b6dab..2f6abad91d 100644 --- a/ci/dev/README.rst +++ b/ci/dev/README.rst @@ -30,6 +30,7 @@ Setup .. code-block:: bash + $ export NEXUS_PASSWORD='your LDAP password' $ ./ci/dev/start.sh Type `pwd` if the password is asked. @@ -87,6 +88,7 @@ Setup .. code-block:: bash cd /home/debugger/libsnowflakeclient + export BUILD_TYPE='Debug' # or 'Release' for release build source ./ci/dev/docker_init.sh ./ci/build/build.sh diff --git a/cpp/logger/SFLogger.cpp b/cpp/logger/SFLogger.cpp index 8680f2fdab..590b2ef6a8 100644 --- a/cpp/logger/SFLogger.cpp +++ b/cpp/logger/SFLogger.cpp @@ -3,7 +3,6 @@ */ #include "SFLogger.hpp" -#include "SecretDetector.hpp" Snowflake::Client::ISFLogger * Snowflake::Client::SFLogger::m_externalLogger = nullptr; @@ -17,46 +16,3 @@ Snowflake::Client::ISFLogger * Snowflake::Client::SFLogger::getExternalLogger() { return m_externalLogger; } - -void log_masked_va_list(FILE* fp, const char *fmt, va_list args) -{ - std::string maskedMsg = Snowflake::Client::SFLogger::getMaskedMsgVA(fmt, args); - fprintf(fp, "%s", maskedMsg.c_str()); -} - -std::string Snowflake::Client::SFLogger::getMaskedMsg(const char* fmt, ...) -{ - va_list args; - va_start(args, fmt); - std::string maskedMsg = getMaskedMsgVA(fmt, args); - va_end(args); - - return maskedMsg; -} - -std::string Snowflake::Client::SFLogger::getMaskedMsgVA(const char* fmt, va_list args) -{ - size_t bufLen = 4096; - // Just in case not to fall into dead loop. 8MB would be large enough for - // single log. - const int MAX_LOG_LEN = 8 * 1024 * 1024; - std::vector buf(bufLen); - - int ret = -1; - while ((ret < 0) && (bufLen <= MAX_LOG_LEN)) - { - // va_list can only be consumed once. Make a copy here in case need to retry - // with larger buffer size. - va_list copy; - va_copy(copy, args); - ret = sb_vsnprintf(buf.data(), bufLen, bufLen - 1, fmt, copy); - va_end(copy); - if (ret < 0) - { - bufLen *= 2; - buf.resize(bufLen); - } - } - - return SecretDetector::maskSecrets(std::string(buf.data())); -} diff --git a/cpp/logger/SFLogger.hpp b/cpp/logger/SFLogger.hpp index 024093091c..ab13a7d809 100644 --- a/cpp/logger/SFLogger.hpp +++ b/cpp/logger/SFLogger.hpp @@ -7,7 +7,6 @@ #include "snowflake/ISFLogger.hpp" #include "snowflake/logger.h" -#include namespace Snowflake { @@ -21,18 +20,13 @@ class SFLogger static ISFLogger * getExternalLogger(); - static std::string getMaskedMsg(const char* fmt, ...); - - static std::string getMaskedMsgVA(const char* fmt, va_list args); - private: static ISFLogger * m_externalLogger; #define CXX_LOG_FATAL(...) \ if (SFLogger::getExternalLogger() != NULL) \ { \ - SFLogger::getExternalLogger()->logLine(SF_LOG_LEVEL::SF_LOG_FATAL, __FILE__, \ - SFLogger::getMaskedMsg(__VA_ARGS__).c_str()); \ + SFLogger::getExternalLogger()->logLine(SF_LOG_LEVEL::SF_LOG_FATAL, __FILE__, __VA_ARGS__); \ } else { \ sf_log_fatal(CXX_LOG_NS, __VA_ARGS__); \ } \ @@ -40,8 +34,7 @@ class SFLogger #define CXX_LOG_ERROR(...) \ if (SFLogger::getExternalLogger() != NULL) \ { \ - SFLogger::getExternalLogger()->logLine(SF_LOG_LEVEL::SF_LOG_ERROR, __FILE__, \ - SFLogger::getMaskedMsg(__VA_ARGS__).c_str()); \ + SFLogger::getExternalLogger()->logLine(SF_LOG_LEVEL::SF_LOG_ERROR, __FILE__, __VA_ARGS__); \ } else { \ sf_log_error(CXX_LOG_NS, __VA_ARGS__); \ } \ @@ -49,8 +42,7 @@ class SFLogger #define CXX_LOG_WARN(...) \ if (SFLogger::getExternalLogger() != NULL) \ { \ - SFLogger::getExternalLogger()->logLine(SF_LOG_LEVEL::SF_LOG_WARN, __FILE__, \ - SFLogger::getMaskedMsg(__VA_ARGS__).c_str()); \ + SFLogger::getExternalLogger()->logLine(SF_LOG_LEVEL::SF_LOG_WARN, __FILE__, __VA_ARGS__); \ } else { \ sf_log_warn(CXX_LOG_NS, __VA_ARGS__); \ } \ @@ -58,8 +50,7 @@ class SFLogger #define CXX_LOG_INFO(...) \ if (SFLogger::getExternalLogger() != NULL) \ { \ - SFLogger::getExternalLogger()->logLine(SF_LOG_LEVEL::SF_LOG_INFO, __FILE__, \ - SFLogger::getMaskedMsg(__VA_ARGS__).c_str()); \ + SFLogger::getExternalLogger()->logLine(SF_LOG_LEVEL::SF_LOG_INFO, __FILE__, __VA_ARGS__); \ } else { \ sf_log_info(CXX_LOG_NS, __VA_ARGS__); \ } \ @@ -67,8 +58,7 @@ class SFLogger #define CXX_LOG_DEBUG(...) \ if (SFLogger::getExternalLogger() != NULL) \ { \ - SFLogger::getExternalLogger()->logLine(SF_LOG_LEVEL::SF_LOG_DEBUG, __FILE__, \ - SFLogger::getMaskedMsg(__VA_ARGS__).c_str()); \ + SFLogger::getExternalLogger()->logLine(SF_LOG_LEVEL::SF_LOG_DEBUG, __FILE__, __VA_ARGS__); \ } else { \ sf_log_debug(CXX_LOG_NS, __VA_ARGS__); \ } \ @@ -76,8 +66,7 @@ class SFLogger #define CXX_LOG_TRACE(...) \ if (SFLogger::getExternalLogger() != NULL) \ { \ - SFLogger::getExternalLogger()->logLine(SF_LOG_LEVEL::SF_LOG_TRACE, __FILE__, \ - SFLogger::getMaskedMsg(__VA_ARGS__).c_str()); \ + SFLogger::getExternalLogger()->logLine(SF_LOG_LEVEL::SF_LOG_TRACE, __FILE__, __VA_ARGS__); \ } else { \ sf_log_trace(CXX_LOG_NS, __VA_ARGS__); \ } \ diff --git a/cpp/logger/SecretDetector.cpp b/cpp/logger/SecretDetector.cpp deleted file mode 100644 index efad847728..0000000000 --- a/cpp/logger/SecretDetector.cpp +++ /dev/null @@ -1,90 +0,0 @@ -/* -* Copyright (c) 2021 Snowflake Computing, Inc. All rights reserved. -*/ -#include "SecretDetector.hpp" - -namespace Snowflake -{ -namespace Client -{ - std::regex SecretDetector::AWS_KEY_PATTERN = std::regex("(aws_key_id|aws_secret_key|access_key_id|secret_access_key)(\\s*=\\s*)'([^']+)'", std::regex::icase); - - std::regex SecretDetector::AWS_TOKEN_PATTERN = std::regex("(accessToken|tempToken|keySecret)\"\\s*:\\s*\"([A-Za-z0-9/+]{32,}={0,2})\"", std::regex::icase); - - std::regex SecretDetector::SAS_TOKEN_PATTERN = std::regex("(sig|signature|AWSAccessKeyId|password|passcode)=([A-Za-z0-9%/+]{16,})", std::regex::icase); - - std::regex SecretDetector::PRIVATE_KEY_PATTERN = std::regex("-----BEGIN PRIVATE KEY-----\\\\n([A-Za-z0-9/+=\\\\n]{32,})\\\\n-----END PRIVATE KEY-----", std::regex::extended | std::regex::icase); - - std::regex SecretDetector::PRIVATE_KEY_DATA_PATTERN = std::regex("\"privateKeyData\": \"([A-Za-z0-9/+=\\\\n]{10,})\"", std::regex::extended | std::regex::icase); - - std::regex SecretDetector::CONNECTION_TOKEN_PATTERN = std::regex("(token|assertion content)(['\"\\s:=]+)([A-Za-z0-9=/_+-]{8,})", std::regex::icase); - - std::regex SecretDetector::PASSWORD_PATTERN = std::regex("(password|passcode|pwd)(['\"\\s:=]+)([A-Za-z0-9!\"#$%&'\\()*+,-./:;<=>?@\\[\\]^_`\\{|\\}~]{6,})", std::regex::icase); - - std::regex SecretDetector::ESCAPE_PATTERN = std::regex("(\\\\|%)", std::regex::icase); - - std::string SecretDetector::maskAwsKeys(std::string text) - { - return std::regex_replace(text, SecretDetector::AWS_KEY_PATTERN, "$1$2'****'"); - } - - std::string SecretDetector::maskAwsTokens(std::string text) - { - return std::regex_replace(text, SecretDetector::AWS_TOKEN_PATTERN, "$1\":\"XXXX\""); - } - - std::string SecretDetector::maskSasTokens(std::string text) - { - return std::regex_replace(text, SecretDetector::SAS_TOKEN_PATTERN, "$1=****"); - } - - std::string SecretDetector::maskPrivateKey(std::string text) - { - return std::regex_replace(text, SecretDetector::PRIVATE_KEY_PATTERN, "-----BEGIN PRIVATE KEY-----\\nXXXX\\n-----END PRIVATE KEY-----"); - } - - std::string SecretDetector::maskPrivateKeyData(std::string text) - { - return std::regex_replace(text, SecretDetector::PRIVATE_KEY_DATA_PATTERN, "\"privateKeyData\": \"XXXX\""); - } - - std::string SecretDetector::maskConnectionToken(std::string text) - { - return std::regex_replace(text, SecretDetector::CONNECTION_TOKEN_PATTERN, "$1$2****"); - } - - std::string SecretDetector::maskPassword(std::string text) - { - return std::regex_replace(text, SecretDetector::PASSWORD_PATTERN, "$1$2****"); - } - - /* the output string will finally used by fprintf and having any % or \ will cause issue - * replace % with %% and \ with \\ - */ - std::string SecretDetector::escape(std::string text) - { - return std::regex_replace(text, SecretDetector::ESCAPE_PATTERN, "$1$1"); - } - - std::string SecretDetector::maskSecrets(std::string text) - { - return SecretDetector::escape( - SecretDetector::maskAwsKeys( - SecretDetector::maskAwsTokens( - SecretDetector::maskSasTokens( - SecretDetector::maskPrivateKey( - SecretDetector::maskPrivateKeyData( - SecretDetector::maskConnectionToken( - SecretDetector::maskPassword( - text - ) - ) - ) - ) - ) - ) - ) - ); - } -} -} diff --git a/cpp/logger/SecretDetector.hpp b/cpp/logger/SecretDetector.hpp deleted file mode 100644 index a34febeaea..0000000000 --- a/cpp/logger/SecretDetector.hpp +++ /dev/null @@ -1,45 +0,0 @@ -/* -* Copyright (c) 2021 Snowflake Computing, Inc. All rights reserved. -*/ - -#ifndef SNOWFLAKECLIENT_SECRETDETECTOR_HPP -#define SNOWFLAKECLIENT_SECRETDETECTOR_HPP - -#include - -namespace Snowflake -{ -namespace Client -{ -/** - * Class SecretDetector - */ -class SecretDetector -{ - public: - static std::string maskSecrets(std::string); - - private: - static std::regex AWS_KEY_PATTERN; - static std::regex AWS_TOKEN_PATTERN; - static std::regex SAS_TOKEN_PATTERN; - static std::regex PRIVATE_KEY_PATTERN; - static std::regex PRIVATE_KEY_DATA_PATTERN; - static std::regex CONNECTION_TOKEN_PATTERN; - static std::regex PASSWORD_PATTERN; - static std::regex ESCAPE_PATTERN; - - static std::string maskAwsKeys(std::string text); - static std::string maskAwsTokens(std::string text); - static std::string maskSasTokens(std::string text); - static std::string maskPrivateKey(std::string text); - static std::string maskPrivateKeyData(std::string text); - static std::string maskConnectionToken(std::string text); - static std::string maskPassword(std::string text); - static std::string escape(std::string text); -}; - -} -} - -#endif /* SNOWFLAKECLIENT_SECRETDETECTOR_HPP */ diff --git a/include/snowflake/logger.h b/include/snowflake/logger.h index b11ec1a14c..c65be0b8a3 100644 --- a/include/snowflake/logger.h +++ b/include/snowflake/logger.h @@ -90,8 +90,6 @@ void log_log_va_list(int level, const char *file, int line, const char *ns, const char *fmt, va_list args); -void log_masked_va_list(FILE* fp, const char *fmt, va_list args); - SF_LOG_LEVEL log_from_str_to_level(const char *level_in_str); void log_set_path(const char* path); diff --git a/lib/http_perform.c b/lib/http_perform.c index 14cc16844f..8fd09b5c8c 100644 --- a/lib/http_perform.c +++ b/lib/http_perform.c @@ -274,21 +274,21 @@ sf_bool STDCALL http_perform(CURL *curl, break; } -#ifndef _WIN32 - // If insecure mode is set to true, skip OCSP check not matter the value of SF_OCSP_CHECK (global OCSP variable) - sf_bool ocsp_check; - if (insecure_mode) { - ocsp_check = SF_BOOLEAN_FALSE; - } else { - ocsp_check = SF_OCSP_CHECK; - } - res = curl_easy_setopt(curl, CURLOPT_SSL_SF_OCSP_CHECK, ocsp_check); - if (res != CURLE_OK) { - log_error("Unable to set OCSP check enable/disable [%s]", - curl_easy_strerror(res)); - break; - } -#endif +//#ifndef _WIN32 +// // If insecure mode is set to true, skip OCSP check not matter the value of SF_OCSP_CHECK (global OCSP variable) +// sf_bool ocsp_check; +// if (insecure_mode) { +// ocsp_check = SF_BOOLEAN_FALSE; +// } else { +// ocsp_check = SF_OCSP_CHECK; +// } +// res = curl_easy_setopt(curl, CURLOPT_SSL_SF_OCSP_CHECK, ocsp_check); +// if (res != CURLE_OK) { +// log_error("Unable to set OCSP check enable/disable [%s]", +// curl_easy_strerror(res)); +// break; +// } +//#endif // Set chunk downloader specific stuff here if (chunk_downloader) { @@ -371,6 +371,14 @@ sf_bool STDCALL http_perform(CURL *curl, my_sleep_ms(next_sleep_in_secs * 1000); } else { + char msg[1024]; + sb_sprintf(msg, sizeof(msg), + "Exceeded the retry_timeout , http code: [%d]", + http_code); + SET_SNOWFLAKE_ERROR(error, + SF_STATUS_ERROR_RETRY, + msg, + SF_SQLSTATE_UNABLE_TO_CONNECT); retry = SF_BOOLEAN_FALSE; } } else { diff --git a/lib/logger.c b/lib/logger.c index f20d81ce06..04a186f2f3 100644 --- a/lib/logger.c +++ b/lib/logger.c @@ -133,7 +133,7 @@ log_log_va_list(int level, const char *file, int line, const char *ns, // console and file logging are turned on. va_list copy; va_copy(copy, args); - log_masked_va_list(stderr, fmt, copy); + vfprintf(stderr, fmt, copy); va_end(copy); fprintf(stderr, "\n"); fflush(stderr); @@ -159,7 +159,7 @@ log_log_va_list(int level, const char *file, int line, const char *ns, fprintf( L.fp, SF_LOG_TIMESTAMP_FORMAT, tsbuf, level_names[level], ns, basename, line); - log_masked_va_list(L.fp, fmt, args); + vfprintf(L.fp, fmt, args); fprintf(L.fp, "\n"); fflush(L.fp); } diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index 531ca46da6..a1eb022e1c 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -120,17 +120,9 @@ if (APPLE) ${OOB_LIB} ${SSL_LIB} ${CRYPTO_LIB} pthread ${AWS_CORE_LIB} ${AWS_S3_LIB} ${AZURE_STORAGE_LITE_LIB} ${UUID_LIB}) endif() if (WIN32) - if (WIN32_DEBUG) - if(CMAKE_SIZEOF_VOID_P EQUAL 4) - set(TESTLIB_OPTS_C snowflakeclient ${CMOCKA_LIB} ${OOB_LIB} ${CURL_LIB} ${SSL_LIB} ${CRYPTO_LIB} ${ZLIB_LIB} ucrtd.lib) - set(TESTLIB_OPTS_CXX snowflakeclient ${CMOCKA_LIB} ${OOB_LIB} ${CURL_LIB} ${SSL_LIB} ${CRYPTO_LIB} ${ZLIB_LIB} ${AWS_S3_LIB} ${AWS_CORE_LIB} ${AZURE_STORAGE_LITE_LIB} - Version.lib Userenv.lib Bcrypt.lib ucrtd.lib) - endif() - else() - set(TESTLIB_OPTS_C snowflakeclient ${CMOCKA_LIB} ${OOB_LIB} ${CURL_LIB} ${SSL_LIB} ${CRYPTO_LIB} ${ZLIB_LIB}) - set(TESTLIB_OPTS_CXX snowflakeclient ${CMOCKA_LIB} ${OOB_LIB} ${CURL_LIB} ${SSL_LIB} ${CRYPTO_LIB} ${ZLIB_LIB} ${AWS_S3_LIB} ${AWS_CORE_LIB} ${AZURE_STORAGE_LITE_LIB} - Version.lib Userenv.lib Bcrypt.lib) - endif() + set(TESTLIB_OPTS_C snowflakeclient ${CMOCKA_LIB} ${OOB_LIB} ${CURL_LIB} ${SSL_LIB} ${CRYPTO_LIB} ${ZLIB_LIB}) + set(TESTLIB_OPTS_CXX snowflakeclient ${CMOCKA_LIB} ${OOB_LIB} ${CURL_LIB} ${SSL_LIB} ${CRYPTO_LIB} ${ZLIB_LIB} ${AWS_S3_LIB} ${AWS_CORE_LIB} ${AZURE_STORAGE_LITE_LIB} + Version.lib Userenv.lib Bcrypt.lib) endif() if (MOCK) diff --git a/tests/test_unit_logger.c b/tests/test_unit_logger.c index 1e756b618d..ec7bb36cf4 100644 --- a/tests/test_unit_logger.c +++ b/tests/test_unit_logger.c @@ -50,91 +50,6 @@ void test_log_creation(void **unused) { remove(logname); } - -/** - * Tests masking secret information in log - */ -void test_mask_secret_log(void **unused) { - FILE* fp = fopen("dummy.log", "w+"); - assert_non_null(fp); - log_set_lock(NULL); - log_set_level(SF_LOG_TRACE); - log_set_quiet(1); - log_set_fp(fp); - - const char * logtext[][2] = { - {//0 - "Secure log record!", - "Secure log record!" - }, - {//1 - "Token =ETMsDgAAAXI0IS9NABRBRVMvQ0JDL1BLQ1M1UGFkZGluZwCAABAAEEb/xAQlmT+mwIx9G32E+ikAAACA/CPlEkq//+jWZnQkOj5VhjayruDsCVRGS/B6GzHUugXLc94EfEwuto94gS/oKSVrUg/JRPekypLAx4Afa1KW8n1RqXRF9Hzy1VVLmVEBMtei3yFJPNSHtfbeFHSr9eVB/OL8dOGbxQluGCh6XmaqTjyrh3fqUTWz7+n74+gu2ugAFFZ18iT+DStK0TTdmy4vBC6xUcHQ", - "Token =****" - }, - {//2 - "idToken : ETMsDgAAAXI0IS9NABRBRVMvQ0JDL1BLQ1M1UGFkZGluZwCAABAAEEb/xAQlmT+mwIx9G32E+ikAAACA/CPlEkq//+jWZnQkOj5VhjayruDsCVRGS/B6GzHUugXLc94EfEwuto94gS/oKSVrUg/JRPekypLAx4Afa1KW8n1RqXRF9Hzy1VVLmVEBMtei3yFJPNSHtfbeFHSr9eVB/OL8dOGbxQluGCh6XmaqTjyrh3fqUTWz7+n74+gu2ugAFFZ18iT+DStK0TTdmy4vBC6xUcHQ", - "idToken : ****" - }, - {//3 - "sessionToken:ETMsDgAAAXI0IS9NABRBRVMvQ0JDL1BLQ1M1UGFkZGluZwCAABAAEEb/xAQlmT+mwIx9G32E+ikAAACA/CPlEkq//+jWZnQkOj5VhjayruDsCVRGS/B6GzHUugXLc94EfEwuto94gS/oKSVrUg/JRPekypLAx4Afa1KW8n1RqXRF9Hzy1VVLmVEBMtei3yFJPNSHtfbeFHSr9eVB/OL8dOGbxQluGCh6XmaqTjyrh3fqUTWz7+n74+gu2ugAFFZ18iT+DStK0TTdmy4vBC6xUcHQ", - "sessionToken:****" - }, - {//4 - "masterToken : 'ETMsDgAAAXI0IS9NABRBRVMvQ0JDL1BLQ1M1UGFkZGluZwCAABAAEEb/xAQlmT+mwIx9G32E+ikAAACA/CPlEkq//+jWZnQkOj5VhjayruDsCVRGS/B6GzHUugXLc94EfEwuto94gS/oKSVrUg/JRPekypLAx4Afa1KW8n1RqXRF9Hzy1VVLmVEBMtei3yFJPNSHtfbeFHSr9eVB/OL8dOGbxQluGCh6XmaqTjyrh3fqUTWz7+n74+gu2ugAFFZ18iT+DStK0TTdmy4vBC6xUcHQ'", - "masterToken : '****'" - }, - {//5 - "assertion content:\"ETMsDgAAAXI0IS9NABRBRVMvQ0JDL1BLQ1M1UGFkZGluZwCAABAAEEb/xAQlmT+mwIx9G32E+ikAAACA/CPlEkq//+jWZnQkOj5VhjayruDsCVRGS/B6GzHUugXLc94EfEwuto94gS/oKSVrUg/JRPekypLAx4Afa1KW8n1RqXRF9Hzy1VVLmVEBMtei3yFJPNSHtfbeFHSr9eVB/OL8dOGbxQluGCh6XmaqTjyrh3fqUTWz7+n74+gu2ugAFFZ18iT+DStK0TTdmy4vBC6xUcHQ\"", - "assertion content:\"****\"" - }, - {//6 - "password: random!TEST/-pwd=123++#", - "password: ****" - }, - {//7 - "pwd =\"random!TEST/-pwd=123++#", - "pwd =\"****" - }, - {//8 - "AWSAccessKeyId=ABCD%efg+1234/567", - "AWSAccessKeyId=****" - }, - {//9 - "https://sfc-fake.s3.fakeamazon.com/012345xx-012x-012x-0123-1a2b3c4d/fake/data_fake?x-amz-server-side-encryption-customer-algorithm=fakealgo&response-content-encoding=fakezip&AWSAccessKeyId=ABCD%efg+1234/567&Expires=123456789&Signature=ABCD%efg+1234/567ABCD%efg+1234/567", - "https://sfc-fake.s3.fakeamazon.com/012345xx-012x-012x-0123-1a2b3c4d/fake/data_fake?x-amz-server-side-encryption-customer-algorithm=fakealgo&response-content-encoding=fakezip&AWSAccessKeyId=****&Expires=123456789&Signature=****" - }, - {//10 - "aws_key_id='afhl124lomsafho0582'", - "aws_key_id='****'" - }, - {//11 - "aws_secret_key = 'dfhuwaojm753omsdfh30oi+fj'", - "aws_secret_key = '****'" - }, - {//12 - "\"privateKeyData\": \"abcdefghijk\"", - "\"privateKeyData\": \"XXXX\"" - }, - }; - - char * line = NULL; - size_t len = 0; - for (int i = 0; i < 13; i++) - { - fseek(fp, 0, SEEK_SET); - log_trace("%s", logtext[i][0]); - fseek(fp, 0, SEEK_SET); - getline(&line, &len, fp); - if (i != 0) - { - assert_null(strstr(line, logtext[i][0])); - } - assert_non_null(strstr(line, logtext[i][1])); - } - - free(line); - fclose(fp); -} #endif int main(void) { @@ -142,7 +57,6 @@ int main(void) { cmocka_unit_test(test_log_str_to_level), #ifndef _WIN32 cmocka_unit_test(test_log_creation), - cmocka_unit_test(test_mask_secret_log), #endif }; return cmocka_run_group_tests(tests, NULL, NULL);