summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorWen Hui <wen.hui.ware@gmail.com>2021-10-26 06:13:12 -0400
committerOran Agra <oran@redislabs.com>2022-12-12 17:02:54 +0200
commit389c5e14ad231892862cb6b3979cfa546170a173 (patch)
treeb998c5105ebff78a18a3d59b5576325de343f6de
parent64c657a8af03c6d58507b9620947491f36e75037 (diff)
downloadredis-389c5e14ad231892862cb6b3979cfa546170a173.tar.gz
Sentinel: don't log auth-pass value for better security (#9652)
(cherry picked from commit 43b22f17dc3eb77a255f140fa37765f306541b7a)
Diffstat
-rw-r--r--src/sentinel.c5
1 files changed, 4 insertions, 1 deletions
diff --git a/src/sentinel.c b/src/sentinel.c
index 50ac18d9f..982be9741 100644
--- a/src/sentinel.c
+++ b/src/sentinel.c
@@ -4024,6 +4024,7 @@ void sentinelSetCommand(client *c) {
int j, changes = 0;
int badarg = 0; /* Bad argument position for error reporting. */
char *option;
+ int redacted;
if ((ri = sentinelGetMasterByNameOrReplyError(c,c->argv[2]))
== NULL) return;
@@ -4034,6 +4035,7 @@ void sentinelSetCommand(client *c) {
option = c->argv[j]->ptr;
long long ll;
int old_j = j; /* Used to know what to log as an event. */
+ redacted = 0;
if (!strcasecmp(option,"down-after-milliseconds") && moreargs > 0) {
/* down-after-millisecodns <milliseconds> */
@@ -4108,6 +4110,7 @@ void sentinelSetCommand(client *c) {
sdsfree(ri->auth_pass);
ri->auth_pass = strlen(value) ? sdsnew(value) : NULL;
changes++;
+ redacted = 1;
} else if (!strcasecmp(option,"auth-user") && moreargs > 0) {
/* auth-user <username> */
char *value = c->argv[++j]->ptr;
@@ -4155,7 +4158,7 @@ void sentinelSetCommand(client *c) {
switch(numargs) {
case 2:
sentinelEvent(LL_WARNING,"+set",ri,"%@ %s %s",(char*)c->argv[old_j]->ptr,
- (char*)c->argv[old_j+1]->ptr);
+ redacted ? "******" : (char*)c->argv[old_j+1]->ptr);
break;
case 3:
sentinelEvent(LL_WARNING,"+set",ri,"%@ %s %s %s",(char*)c->argv[old_j]->ptr,
View Lorry Controller Status