From: Aki Tuomi Date: Wed, 30 May 2018 11:10:41 +0000 (+0300) Subject: doveconf: Hide URL userpart X-Git-Tag: 2.3.9~1668 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7ddf62d2b2e2670eb1b41038834f1764b5bd1fbd;p=thirdparty%2Fdovecot%2Fcore.git doveconf: Hide URL userpart --- diff --git a/src/config/doveconf.c b/src/config/doveconf.c index 7f6f22a72b..73e7b1261c 100644 --- a/src/config/doveconf.c +++ b/src/config/doveconf.c @@ -51,6 +51,9 @@ static const char *const secrets[] = { "key", "secret", "pass", + "http://", + "https://", + "ftp://", NULL }; @@ -189,6 +192,50 @@ static const char *find_next_secret(const char *input, const char **secret_r) return NULL; } +static bool +hide_url_userpart_from_value(struct ostream *output, const char **_ptr, + const char **optr, bool quote) +{ + const char *ptr = *_ptr; + const char *start_of_user = ptr; + const char *start_of_host = NULL; + string_t *quoted = NULL; + + if (quote) + quoted = t_str_new(256); + + /* it's a URL, see if there is a userpart */ + while(*ptr != '\0' && !i_isspace(*ptr) && *ptr != '/') { + if (*ptr == '@') { + start_of_host = ptr; + break; + } + ptr++; + } + + if (quote) { + str_truncate(quoted, 0); + str_append_escaped(quoted, *optr, start_of_user - (*optr)); + o_stream_nsend(output, quoted->data, quoted->used); + } else { + o_stream_nsend(output, *optr, start_of_user - (*optr)); + } + + if (start_of_host != NULL && start_of_host != start_of_user) { + o_stream_nsend_str(output, "#hidden_use-P_to_show#"); + } else if (quote) { + str_truncate(quoted, 0); + str_append_escaped(quoted, start_of_user, ptr - start_of_user); + o_stream_nsend(output, quoted->data, quoted->used); + } else { + o_stream_nsend(output, start_of_user, ptr - start_of_user); + } + + *optr = ptr; + *_ptr = ptr; + return TRUE; +} + static bool hide_secrets_from_value(struct ostream *output, const char *key, const char *value) @@ -209,6 +256,11 @@ hide_secrets_from_value(struct ostream *output, const char *key, etc. but not something like nonsecret. */ optr = ptr = value; while((ptr = find_next_secret(ptr, &secret)) != NULL) { + if (strstr(secret, "://") != NULL) { + ptr += strlen(secret); + if ((ret = hide_url_userpart_from_value(output, &ptr, &optr, quote))) + continue; + } /* we have found something that we hide, and will deal with output here. */ ret = TRUE;