daemon: move maskCredentials to config package
This allows the utility to be used in other places. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This commit is contained in:
parent
aef8e48172
commit
a6ce7eff65
4 changed files with 59 additions and 66 deletions
|
@ -5,6 +5,7 @@ import (
|
|||
"encoding/json"
|
||||
"fmt"
|
||||
"net"
|
||||
"net/url"
|
||||
"os"
|
||||
"reflect"
|
||||
"strings"
|
||||
|
@ -645,3 +646,13 @@ func (conf *Config) GetDefaultRuntimeName() string {
|
|||
|
||||
return rt
|
||||
}
|
||||
|
||||
// MaskCredentials masks credentials that are in an URL.
|
||||
func MaskCredentials(rawURL string) string {
|
||||
parsedURL, err := url.Parse(rawURL)
|
||||
if err != nil || parsedURL.User == nil {
|
||||
return rawURL
|
||||
}
|
||||
parsedURL.User = url.UserPassword("xxxxx", "xxxxx")
|
||||
return parsedURL.String()
|
||||
}
|
||||
|
|
|
@ -578,3 +578,49 @@ func TestReloadWithDuplicateLabels(t *testing.T) {
|
|||
err := Reload(configFile, flags, func(c *Config) {})
|
||||
assert.Check(t, err)
|
||||
}
|
||||
|
||||
func TestMaskURLCredentials(t *testing.T) {
|
||||
tests := []struct {
|
||||
rawURL string
|
||||
maskedURL string
|
||||
}{
|
||||
{
|
||||
rawURL: "",
|
||||
maskedURL: "",
|
||||
}, {
|
||||
rawURL: "invalidURL",
|
||||
maskedURL: "invalidURL",
|
||||
}, {
|
||||
rawURL: "http://proxy.example.com:80/",
|
||||
maskedURL: "http://proxy.example.com:80/",
|
||||
}, {
|
||||
rawURL: "http://USER:PASSWORD@proxy.example.com:80/",
|
||||
maskedURL: "http://xxxxx:xxxxx@proxy.example.com:80/",
|
||||
}, {
|
||||
rawURL: "http://PASSWORD:PASSWORD@proxy.example.com:80/",
|
||||
maskedURL: "http://xxxxx:xxxxx@proxy.example.com:80/",
|
||||
}, {
|
||||
rawURL: "http://USER:@proxy.example.com:80/",
|
||||
maskedURL: "http://xxxxx:xxxxx@proxy.example.com:80/",
|
||||
}, {
|
||||
rawURL: "http://:PASSWORD@proxy.example.com:80/",
|
||||
maskedURL: "http://xxxxx:xxxxx@proxy.example.com:80/",
|
||||
}, {
|
||||
rawURL: "http://USER@docker:password@proxy.example.com:80/",
|
||||
maskedURL: "http://xxxxx:xxxxx@proxy.example.com:80/",
|
||||
}, {
|
||||
rawURL: "http://USER%40docker:password@proxy.example.com:80/",
|
||||
maskedURL: "http://xxxxx:xxxxx@proxy.example.com:80/",
|
||||
}, {
|
||||
rawURL: "http://USER%40docker:pa%3Fsword@proxy.example.com:80/",
|
||||
maskedURL: "http://xxxxx:xxxxx@proxy.example.com:80/",
|
||||
}, {
|
||||
rawURL: "http://USER%40docker:pa%3Fsword@proxy.example.com:80/hello%20world",
|
||||
maskedURL: "http://xxxxx:xxxxx@proxy.example.com:80/hello%20world",
|
||||
},
|
||||
}
|
||||
for _, test := range tests {
|
||||
maskedURL := MaskCredentials(test.rawURL)
|
||||
assert.Equal(t, maskedURL, test.maskedURL)
|
||||
}
|
||||
}
|
||||
|
|
|
@ -2,7 +2,6 @@ package daemon // import "github.com/docker/docker/daemon"
|
|||
|
||||
import (
|
||||
"fmt"
|
||||
"net/url"
|
||||
"os"
|
||||
"runtime"
|
||||
"strings"
|
||||
|
@ -64,8 +63,8 @@ func (daemon *Daemon) SystemInfo() *types.Info {
|
|||
Labels: daemon.configStore.Labels,
|
||||
ExperimentalBuild: daemon.configStore.Experimental,
|
||||
ServerVersion: dockerversion.Version,
|
||||
HTTPProxy: maskCredentials(getEnvAny("HTTP_PROXY", "http_proxy")),
|
||||
HTTPSProxy: maskCredentials(getEnvAny("HTTPS_PROXY", "https_proxy")),
|
||||
HTTPProxy: config.MaskCredentials(getEnvAny("HTTP_PROXY", "http_proxy")),
|
||||
HTTPSProxy: config.MaskCredentials(getEnvAny("HTTPS_PROXY", "https_proxy")),
|
||||
NoProxy: getEnvAny("NO_PROXY", "no_proxy"),
|
||||
LiveRestoreEnabled: daemon.configStore.LiveRestoreEnabled,
|
||||
Isolation: daemon.defaultIsolation,
|
||||
|
@ -289,16 +288,6 @@ func osVersion() (version string) {
|
|||
return version
|
||||
}
|
||||
|
||||
func maskCredentials(rawURL string) string {
|
||||
parsedURL, err := url.Parse(rawURL)
|
||||
if err != nil || parsedURL.User == nil {
|
||||
return rawURL
|
||||
}
|
||||
parsedURL.User = url.UserPassword("xxxxx", "xxxxx")
|
||||
maskedURL := parsedURL.String()
|
||||
return maskedURL
|
||||
}
|
||||
|
||||
func getEnvAny(names ...string) string {
|
||||
for _, n := range names {
|
||||
if val := os.Getenv(n); val != "" {
|
||||
|
|
|
@ -1,53 +0,0 @@
|
|||
package daemon
|
||||
|
||||
import (
|
||||
"testing"
|
||||
|
||||
"gotest.tools/v3/assert"
|
||||
)
|
||||
|
||||
func TestMaskURLCredentials(t *testing.T) {
|
||||
tests := []struct {
|
||||
rawURL string
|
||||
maskedURL string
|
||||
}{
|
||||
{
|
||||
rawURL: "",
|
||||
maskedURL: "",
|
||||
}, {
|
||||
rawURL: "invalidURL",
|
||||
maskedURL: "invalidURL",
|
||||
}, {
|
||||
rawURL: "http://proxy.example.com:80/",
|
||||
maskedURL: "http://proxy.example.com:80/",
|
||||
}, {
|
||||
rawURL: "http://USER:PASSWORD@proxy.example.com:80/",
|
||||
maskedURL: "http://xxxxx:xxxxx@proxy.example.com:80/",
|
||||
}, {
|
||||
rawURL: "http://PASSWORD:PASSWORD@proxy.example.com:80/",
|
||||
maskedURL: "http://xxxxx:xxxxx@proxy.example.com:80/",
|
||||
}, {
|
||||
rawURL: "http://USER:@proxy.example.com:80/",
|
||||
maskedURL: "http://xxxxx:xxxxx@proxy.example.com:80/",
|
||||
}, {
|
||||
rawURL: "http://:PASSWORD@proxy.example.com:80/",
|
||||
maskedURL: "http://xxxxx:xxxxx@proxy.example.com:80/",
|
||||
}, {
|
||||
rawURL: "http://USER@docker:password@proxy.example.com:80/",
|
||||
maskedURL: "http://xxxxx:xxxxx@proxy.example.com:80/",
|
||||
}, {
|
||||
rawURL: "http://USER%40docker:password@proxy.example.com:80/",
|
||||
maskedURL: "http://xxxxx:xxxxx@proxy.example.com:80/",
|
||||
}, {
|
||||
rawURL: "http://USER%40docker:pa%3Fsword@proxy.example.com:80/",
|
||||
maskedURL: "http://xxxxx:xxxxx@proxy.example.com:80/",
|
||||
}, {
|
||||
rawURL: "http://USER%40docker:pa%3Fsword@proxy.example.com:80/hello%20world",
|
||||
maskedURL: "http://xxxxx:xxxxx@proxy.example.com:80/hello%20world",
|
||||
},
|
||||
}
|
||||
for _, test := range tests {
|
||||
maskedURL := maskCredentials(test.rawURL)
|
||||
assert.Equal(t, maskedURL, test.maskedURL)
|
||||
}
|
||||
}
|
Loading…
Reference in a new issue