bughz
/
code-server
mirror of https://github.com/coder/code-server.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Redact sensitive args from handshake debug log

This commit is contained in:
Asher 2023-05-04 10:54:41 -08:00
parent 8c99f41b90
commit 3f7db15fde
No known key found for this signature in database
GPG Key ID: D63C1EF81242354A
2 changed files with 21 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
src/node/cli.ts
View File

@ -435,15 +435,22 @@ export const parse = (
logger.debug(() => [ logger.debug(() => [
`parsed ${opts?.configFile ? "config" : "command line"}`, `parsed ${opts?.configFile ? "config" : "command line"}`,
field("args", { field("args", redactArgs(args)),
])
return args
}
/**
* Redact sensitive information from arguments for logging.
*/
export const redactArgs = (args: UserProvidedArgs): UserProvidedArgs => {
return {
...args, ...args,
password: args.password ? "<redacted>" : undefined, password: args.password ? "<redacted>" : undefined,
"hashed-password": args["hashed-password"] ? "<redacted>" : undefined, "hashed-password": args["hashed-password"] ? "<redacted>" : undefined,
"github-auth": args["github-auth"] ? "<redacted>" : undefined, "github-auth": args["github-auth"] ? "<redacted>" : undefined,
}), }
])
return args
} }
/** /**

12
src/node/wrapper.ts
View File

@ -3,7 +3,7 @@ import * as cp from "child_process"
import * as path from "path" import * as path from "path"
import * as rfs from "rotating-file-stream" import * as rfs from "rotating-file-stream"
import { Emitter } from "../common/emitter" import { Emitter } from "../common/emitter"
import { DefaultedArgs } from "./cli" import { DefaultedArgs, redactArgs } from "./cli"
import { paths } from "./util" import { paths } from "./util"
const timeoutInterval = 10000 // 10s, matches VS Code's timeouts. const timeoutInterval = 10000 // 10s, matches VS Code's timeouts.
@ -44,10 +44,11 @@ export function onMessage<M, T extends M>(
} }
const onMessage = (message: M) => { const onMessage = (message: M) => {
;(customLogger || logger).debug("got message", field("message", message))
if (fn(message)) { if (fn(message)) {
cleanup() cleanup()
resolve(message) resolve(message)
} else {
;(customLogger || logger).debug("got unhandled message", field("message", message))
} }
} }
@ -181,6 +182,10 @@ export class ChildProcess extends Process {
}, },
this.logger, this.logger,
) )
this.logger.debug("got message", field("message", {
type: message.type,
args: redactArgs(message.args),
}))
return message.args return message.args
} }
@ -339,13 +344,14 @@ export class ParentProcess extends Process {
if (!this.args) { if (!this.args) {
throw new Error("started without args") throw new Error("started without args")
} }
await onMessage<ChildMessage, ChildHandshakeMessage>( const message = await onMessage<ChildMessage, ChildHandshakeMessage>(
child, child,
(message): message is ChildHandshakeMessage => { (message): message is ChildHandshakeMessage => {
return message.type === "handshake" return message.type === "handshake"
}, },
this.logger, this.logger,
) )
this.logger.debug("got message", field("message", message))
this.send(child, { type: "handshake", args: this.args }) this.send(child, { type: "handshake", args: this.args })
} }