commit 5a58e0c1d9d5da1b0c1983360b88ad8bea13575e
Author: David Fifield <david(a)bamsoftware.com>
Date: Wed Jul 4 05:08:00 2012 -0700
Scrub IP addresses by default in the facilitator.
Add an --unsafe-logging option to retain addresses.
---
facilitator.py | 35 +++++++++++++++++++++++------------
1 files changed, 23 insertions(+), 12 deletions(-)
diff --git a/facilitator.py b/facilitator.py
index 5ab7449..582dbd8 100755
--- a/facilitator.py
+++ b/facilitator.py
@@ -27,6 +27,7 @@ class options(object):
relay_spec = None
daemonize = True
pid_filename = None
+ safe_logging = True
@staticmethod
def set_relay_spec(spec):
@@ -45,7 +46,8 @@ and serve them out again with HTTP GET. Listen on HOST and PORT, by default
-h, --help show this help.
-l, --log FILENAME write log to FILENAME (default \"%(log)s\").
--pidfile FILENAME write PID to FILENAME after daemonizing.
- -r, --relay RELAY send RELAY (host:port) to proxies as the relay to use.\
+ -r, --relay RELAY send RELAY (host:port) to proxies as the relay to use.
+ --unsafe-logging don't scrub IP addresses from logs.\
""" % {
"progname": sys.argv[0],
"addr": DEFAULT_ADDRESS,
@@ -53,6 +55,13 @@ and serve them out again with HTTP GET. Listen on HOST and PORT, by default
"log": DEFAULT_LOG_FILENAME,
}
+def safe_str(s):
+ """Return s if options.safe_logging is true, and "[scrubbed]" otherwise."""
+ if options.safe_logging:
+ return "[scrubbed]"
+ else:
+ return s
+
log_lock = threading.Lock()
def log(msg):
log_lock.acquire()
@@ -186,17 +195,17 @@ class Handler(BaseHTTPServer.BaseHTTPRequestHandler):
def do_GET(self):
proxy_addr_s = format_addr(self.client_address)
- log(u"proxy %s connects" % proxy_addr_s)
+ log(u"proxy %s connects" % safe_str(proxy_addr_s))
path = urlparse.urlsplit(self.path)[2]
reg = REGS.fetch()
if reg:
log(u"proxy %s gets %s, relay %s (now %d)" %
- (proxy_addr_s, unicode(reg), options.relay_spec, len(REGS)))
+ (safe_str(proxy_addr_s), safe_str(unicode(reg)), options.relay_spec, len(REGS)))
self.send_client(reg)
else:
- log(u"proxy %s gets none" % proxy_addr_s)
+ log(u"proxy %s gets none" % safe_str(proxy_addr_s))
self.send_client(None)
def do_POST(self):
@@ -207,7 +216,7 @@ class Handler(BaseHTTPServer.BaseHTTPRequestHandler):
client_spec = data.getfirst("client")
if client_spec is None:
- log(u"client %s missing \"client\" param" % client_addr_s)
+ log(u"client %s missing \"client\" param" % safe_str(client_addr_s))
self.send_error(400)
return
@@ -215,18 +224,18 @@ class Handler(BaseHTTPServer.BaseHTTPRequestHandler):
reg = Reg.parse(client_spec, self.client_address[0])
except ValueError, e:
log(u"client %s syntax error in %s: %s"
- % (client_addr_s, repr(client_spec), repr(str(e))))
+ % (safe_str(client_addr_s), safe_str(repr(client_spec)), repr(str(e))))
self.send_error(400)
return
log(u"client %s regs %s -> %s"
- % (client_addr_s, repr(client_spec), unicode(reg)))
+ % (safe_str(client_addr_s), safe_str(repr(client_spec)), safe_str(unicode(reg))))
if REGS.add(reg):
log(u"client %s %s (now %d)"
- % (client_addr_s, unicode(reg), len(REGS)))
+ % (safe_str(client_addr_s), safe_str(unicode(reg)), len(REGS)))
else:
log(u"client %s %s (already present, now %d)"
- % (client_addr_s, unicode(reg), len(REGS)))
+ % (safe_str(client_addr_s), safe_str(unicode(reg)), len(REGS)))
self.send_response(200)
self.end_headers()
@@ -244,7 +253,7 @@ class Handler(BaseHTTPServer.BaseHTTPRequestHandler):
except (AttributeError, KeyError):
referer = "-"
log(u"resp %s %s %d %s"
- % (addr_s, repr(self.requestline), code, repr(referer)))
+ % (safe_str(addr_s), repr(self.requestline), code, repr(referer)))
def log_message(self, format, *args):
msg = format % args
@@ -286,7 +295,7 @@ class Handler(BaseHTTPServer.BaseHTTPRequestHandler):
raise
if err_num != errno.EPIPE:
raise
- log(u"%s broken pipe" % format_addr(self.client_address))
+ log(u"%s broken pipe" % safe_str(format_addr(self.client_address)))
return ret
handle = catch_epipe(BaseHTTPServer.BaseHTTPRequestHandler.handle)
finish = catch_epipe(BaseHTTPServer.BaseHTTPRequestHandler.finish)
@@ -294,7 +303,7 @@ class Handler(BaseHTTPServer.BaseHTTPRequestHandler):
REGS = RegSet()
opts, args = getopt.gnu_getopt(sys.argv[1:], "dhl:r:",
- ["debug", "help", "log=", "pidfile=", "relay="])
+ ["debug", "help", "log=", "pidfile=", "relay=", "unsafe-logging"])
for o, a in opts:
if o == "-d" or o == "--debug":
options.daemonize = False
@@ -312,6 +321,8 @@ for o, a in opts:
except socket.gaierror, e:
print >> sys.stderr, u"Can't resolve relay %s: %s" % (repr(a), str(e))
sys.exit(1)
+ elif o == "--unsafe-logging":
+ options.safe_logging = False
if not options.relay_spec:
print >> sys.stderr, """\