diff options
author | Roman Sandler <rsandler@zendesk.com> | 2016-04-22 10:13:29 +1000 |
---|---|---|
committer | Roman Sandler <rsandler@zendesk.com> | 2016-06-18 18:13:04 +0800 |
commit | 75a556a127eb7a1b81e1fe6f7e8560f976ba311d (patch) | |
tree | 97927e51195499229ce34ac2e6c627be993d82a3 /lib | |
parent | e45c11f34b350ac74d661b03927e8345c2f7da4c (diff) | |
download | bundler-75a556a127eb7a1b81e1fe6f7e8560f976ba311d.tar.gz |
Do not log the credentials used to contact a gem server
Adds a filter_uri method to HTTPError backed by the
URICredentialsFilter to be used when preparing error output.
In the tests, replace a double object with a real URI and
change a test hostname to be valid so that older versions of
Ruby's URI module don't choke on it. It would be cool to somehow
replace this work with the `anonymized_uri` in the
Bundler::Source::Rubygems::Remote class.
Diffstat (limited to 'lib')
-rw-r--r-- | lib/bundler/errors.rb | 7 | ||||
-rw-r--r-- | lib/bundler/fetcher.rb | 3 | ||||
-rw-r--r-- | lib/bundler/fetcher/downloader.rb | 2 |
3 files changed, 10 insertions, 2 deletions
diff --git a/lib/bundler/errors.rb b/lib/bundler/errors.rb index 69eb57e844..1f0f5f8201 100644 --- a/lib/bundler/errors.rb +++ b/lib/bundler/errors.rb @@ -30,7 +30,12 @@ module Bundler class GemspecError < BundlerError; status_code(14); end class InvalidOption < BundlerError; status_code(15); end class ProductionError < BundlerError; status_code(16); end - class HTTPError < BundlerError; status_code(17); end + class HTTPError < BundlerError + status_code(17) + def filter_uri(uri) + URICredentialsFilter.credential_filtered_uri(uri) + end + end class RubyVersionMismatch < BundlerError; status_code(18); end class SecurityError < BundlerError; status_code(19); end class LockfileError < BundlerError; status_code(20); end diff --git a/lib/bundler/fetcher.rb b/lib/bundler/fetcher.rb index 19611b1725..ce9d30c141 100644 --- a/lib/bundler/fetcher.rb +++ b/lib/bundler/fetcher.rb @@ -19,6 +19,7 @@ module Bundler # This is the error raised if OpenSSL fails the cert verification class CertificateFailureError < HTTPError def initialize(remote_uri) + remote_uri = filter_uri(remote_uri) super "Could not verify the SSL certificate for #{remote_uri}.\nThere" \ " is a chance you are experiencing a man-in-the-middle attack, but" \ " most likely your system doesn't have the CA certificates needed" \ @@ -39,6 +40,7 @@ module Bundler # This error is raised if HTTP authentication is required, but not provided. class AuthenticationRequiredError < HTTPError def initialize(remote_uri) + remote_uri = filter_uri(remote_uri) super "Authentication is required for #{remote_uri}.\n" \ "Please supply credentials for this source. You can do this by running:\n" \ " bundle config #{remote_uri} username:password" @@ -47,6 +49,7 @@ module Bundler # This error is raised if HTTP authentication is provided, but incorrect. class BadAuthenticationError < HTTPError def initialize(remote_uri) + remote_uri = filter_uri(remote_uri) super "Bad username or password for #{remote_uri}.\n" \ "Please double-check your credentials and correct them." end diff --git a/lib/bundler/fetcher/downloader.rb b/lib/bundler/fetcher/downloader.rb index 204e33387e..a4ba4f3af8 100644 --- a/lib/bundler/fetcher/downloader.rb +++ b/lib/bundler/fetcher/downloader.rb @@ -58,7 +58,7 @@ module Bundler raise NetworkDownError, "Could not reach host #{uri.host}. Check your network " \ "connection and try again." else - raise HTTPError, "Network error while fetching #{uri}" + raise HTTPError, "Network error while fetching #{URICredentialsFilter.credential_filtered_uri(uri)}" end end end |