diff options
| author | Madelyn Olson <34459052+madolson@users.noreply.github.com> | 2021-03-15 22:00:29 -0700 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-03-15 22:00:29 -0700 |
| commit | e1d98bca5a54bb71ff10a69337863d5543ad4373 (patch) | |
| tree | 1426b7f688fef57f5ba103543bf5d1ebd02eedf7 /src/server.c | |
| parent | dba33a943d508bc5929db4950b4abadf6278ef02 (diff) | |
| download | redis-e1d98bca5a54bb71ff10a69337863d5543ad4373.tar.gz | |
Redact slowlog entries for config with sensitive data. (#8584)
Redact config set requirepass/masterauth/masteruser from slowlog in addition to showing ACL commands without sensitive values.
Diffstat (limited to 'src/server.c')
| -rw-r--r-- | src/server.c | 17 |
1 files changed, 15 insertions, 2 deletions
diff --git a/src/server.c b/src/server.c index 5cfb13bbb..f535b525b 100644 --- a/src/server.c +++ b/src/server.c @@ -901,7 +901,7 @@ struct redisCommand redisCommandTable[] = { 0,NULL,0,0,0,0,0,0}, {"hello",helloCommand,-1, - "no-auth no-script fast no-monitor ok-loading ok-stale no-slowlog @connection", + "no-auth no-script fast no-monitor ok-loading ok-stale @connection", 0,NULL,0,0,0,0,0,0}, /* EVAL can modify the dataset, however it is not flagged as a write @@ -1091,7 +1091,7 @@ struct redisCommand redisCommandTable[] = { 0,NULL,0,0,0,0,0,0}, {"acl",aclCommand,-2, - "admin no-script no-slowlog ok-loading ok-stale", + "admin no-script ok-loading ok-stale", 0,NULL,0,0,0,0,0,0}, {"stralgo",stralgoCommand,-2, @@ -3619,6 +3619,12 @@ void preventCommandPropagation(client *c) { c->flags |= CLIENT_PREVENT_PROP; } +/* Avoid logging any information about this client's arguments + * since they contain sensitive information. */ +void preventCommandLogging(client *c) { + c->flags |= CLIENT_PREVENT_LOGGING; +} + /* AOF specific version of preventCommandPropagation(). */ void preventCommandAOF(client *c) { c->flags |= CLIENT_PREVENT_AOF_PROP; @@ -3731,6 +3737,13 @@ void call(client *c, int flags) { server.lua_caller->flags |= CLIENT_FORCE_AOF; } + /* Some commands may contain sensitive data that should + * not be available in the slowlog. */ + if ((c->flags & CLIENT_PREVENT_LOGGING) && !(c->flags & CLIENT_BLOCKED)) { + c->flags &= ~CLIENT_PREVENT_LOGGING; + flags &= ~CMD_CALL_SLOWLOG; + } + /* Log the command into the Slow log if needed, and populate the * per-command statistics that we show in INFO commandstats. */ if (flags & CMD_CALL_SLOWLOG && !(c->cmd->flags & CMD_SKIP_SLOWLOG)) { |