Issue #5012: ssl_client_key printed in the logs - Pulp

Agile board
Agile charts

Agile boards

Pulp 2 QE Agile Board
Pulp 2 QE Agile Board - Priority View
Pulp 3 QE Agile Board
Pulp 3 RPM Tests Agile Board
Sprint 112 Agile Board

Custom queries

[All Projects] All Test Trackers
2.21.4 - Next Bugfix Release
2.21.4 MODIFIED
2.21.5
3.14.3
CI/CD
Easy Fix
FIPS open
Functional Tests
Galaxy NG
Groomed
Installer - Triage
Installer Items
Issues for Triage
Katello Integration
Next Docs Day
Operator issues
POST/ASSIGNED - no Sprint - Pulp2
POST/ASSIGNED - no Sprint - Pulp3
Prioritized Bugs
Pulp 3 Docs issues
Pulp2 issues available for next release
Pulpcore
SELinux related
Sprint 111
Sprint 112
Sprint Candidates (also groomed)
Un-Triaged Bugs
Verification Required

Actions

Send by e-mail Copy link

Issue #5012

closed

ssl_client_key printed in the logs

Added by dkliban@redhat.com over 5 years ago. Updated almost 5 years ago.

Status:

CLOSED - CURRENTRELEASE

Priority:

Normal

Assignee:

amacdona@redhat.com

Category:

Sprint/Milestone:

3.0.0

Start date:

Due date:

Estimated time:

Severity:

2. Medium

Version:

Platform Release:

OS:

Triaged:

Yes

Groomed:

Sprint Candidate:

Tags:

Sprint:

Sprint 57

Quarter:

Description

I noticed that when I performa PATCH request to update a FIle Remote, the ssl_client_key is printed in the logs at INFO level.

History
Notes
Property changes
Associated revisions

Actions

Copy link

Updated by amacdona@redhat.com over 5 years ago

Triaged changed from No to Yes
Sprint set to Sprint 55

Actions

Copy link

Updated by dkliban@redhat.com over 5 years ago

Sprint changed from Sprint 55 to Sprint 56

Actions

Copy link

Updated by rchan over 5 years ago

Sprint changed from Sprint 56 to Sprint 57

Actions

Copy link

Updated by amacdona@redhat.com over 5 years ago

Status changed from NEW to ASSIGNED
Assignee set to amacdona@redhat.com

Added by amacdona@redhat.com over 5 years ago

Revision a6fd4fbd | View on GitHub

Prevent rq from logging secrets

Though the issue is specific about certain cases that shouldn't be logged, we do not have fine control over what rq logs, so the solution is to disable logging of the description (which includes the job arguments).

https://pulp.plan.io/issues/5012 fixes #5012

Actions

Copy link

Updated by amacdona@redhat.com over 5 years ago

Status changed from ASSIGNED to MODIFIED

Applied in changeset ansible-pulp3|a6fd4fbda0302d1ed24215fc7d718d00c7cbd036.

Actions

Copy link

Updated by amacdona@redhat.com over 5 years ago

Status changed from MODIFIED to POST

https://github.com/pulp/ansible-pulp/pull/139

Added by amacdona@redhat.com over 5 years ago

Revision a1838b13 | View on GitHub

Prevent rq from logging secrets

https://pulp.plan.io/issues/5012 fixes #5012

Added by amacdona@redhat.com over 5 years ago

Revision a1838b13 | View on GitHub

Prevent rq from logging secrets

https://pulp.plan.io/issues/5012 fixes #5012

Actions

Copy link

Updated by amacdona@redhat.com over 5 years ago

Status changed from POST to MODIFIED

Applied in changeset ansible-pulp3|a1838b13a37b21b5b0d76178f3a0fbbdeb52291b.

Actions

Copy link

Updated by bmbouter almost 5 years ago

Sprint/Milestone set to 3.0.0

Actions

Copy link

Updated by bmbouter almost 5 years ago

Status changed from MODIFIED to CLOSED - CURRENTRELEASE

Actions

Send by e-mail Copy link

Also available in: Atom PDF

Project

Profile

Help

Pulp

Agile boards

Custom queries

Issue #5012

ssl_client_key printed in the logs

Updated by amacdona@redhat.com over 5 years ago

Updated by dkliban@redhat.com over 5 years ago

Updated by rchan over 5 years ago

Updated by amacdona@redhat.com over 5 years ago

Added by amacdona@redhat.com over 5 years ago

Updated by amacdona@redhat.com over 5 years ago

Updated by amacdona@redhat.com over 5 years ago

Added by amacdona@redhat.com over 5 years ago

Added by amacdona@redhat.com over 5 years ago

Updated by amacdona@redhat.com over 5 years ago

Updated by bmbouter almost 5 years ago

Updated by bmbouter almost 5 years ago