http_log_request will print debug info include pki certificate which is unsafety
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
keystoneauth |
Invalid
|
Undecided
|
Unassigned |
Bug Description
when i use pki token,i find nova debug log include the whole pki certificate info,is this safety?need to modify?
my request is
curl -g -i -X GET https:/
debug.log such as:
RESP BODY: {"signed": "-----BEGIN CMS----
code session.py:
if response is not None:
if not status_code:
if not headers:
if not text:
# NOTE(samueldmq): If the response does not provide enough info
# about the content type to decide whether it is useful and
# safe to log it or not, just do not log the body. Trying to
# read the response body anyways may result on reading a long
# stream of bytes and getting an unexpected MemoryError. See
# bug 1616105 for further details.
# NOTE(lamt): Per [1], the Content-Type header can be of the
# form Content-Type := type "/" subtype *[";" parameter]
# [1] https:/
for log_type in _LOG_CONTENT_TYPES:
if json:
text = self._json.
if status_code:
if headers:
for header in six.iteritems(
if text:
description: | updated |
description: | updated |
Changed in keystoneauth: | |
status: | New → Invalid |
information type: | Public → Private Security |
information type: | Private Security → Private |
tags: | removed: security |
information type: | Private → Public |