From e1d98bca5a54bb71ff10a69337863d5543ad4373 Mon Sep 17 00:00:00 2001
From: Madelyn Olson <34459052+madolson@users.noreply.github.com>
Date: Mon, 15 Mar 2021 22:00:29 -0700
Subject: Redact slowlog entries for config with sensitive data. (#8584)

Redact config set requirepass/masterauth/masteruser from slowlog in addition to showing ACL commands without sensitive values.
---
 src/blocked.c | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

(limited to 'src/blocked.c')

diff --git a/src/blocked.c b/src/blocked.c
index 09e17213c..2009c9a24 100644
--- a/src/blocked.c
+++ b/src/blocked.c
@@ -106,12 +106,20 @@ void blockClient(client *c, int btype) {
 void updateStatsOnUnblock(client *c, long blocked_us, long reply_us){
     const ustime_t total_cmd_duration = c->duration + blocked_us + reply_us;
     c->lastcmd->microseconds += total_cmd_duration;
+
     /* Log the command into the Slow log if needed. */
-    if (!(c->lastcmd->flags & CMD_SKIP_SLOWLOG)) {
+    if (!(c->lastcmd->flags & CMD_SKIP_SLOWLOG) &&
+        !(c->flags & CLIENT_PREVENT_LOGGING))
+    {
         slowlogPushEntryIfNeeded(c,c->argv,c->argc,total_cmd_duration);
         /* Log the reply duration event. */
         latencyAddSampleIfNeeded("command-unblocking",reply_us/1000);
     }
+
+    /* Always clear the prevent logging field now. */
+    if (c->flags & CLIENT_PREVENT_LOGGING) {
+        c->flags &= ~CLIENT_PREVENT_LOGGING;
+    }
 }
 
 /* This function is called in the beforeSleep() function of the event loop
-- 
cgit v1.2.1