commit ac9aa95dab176e5aeb263ba9b482b7dea71a00b6 Author: Isis Lovecruft isis@torproject.org Date: Sun Mar 16 18:29:03 2014 +0000

Only read emails into logger if configured to log emails.

The variable name and logging text stating that the "email body" was being logged was untrue ― the entire email text was logged, including headers, which completely nullified all the other efforts to use SAFE_LOGGING and keep client email addresses out of BridgeDB's log files.

In commit 3a3fe60e159bfcb93f51cff861a0db794b867ad4, these lines were changed to use `Util.logSafely(f.read())`. However, this is inefficient. We shouldn't bother reading the entire email file if the `Util.logSafely()` is only going to rewrite those contents with the string `[scrubbed]`.

* CHANGE the way the `bridgedb.EmailServer.composeEmail()` function logs email contents to use SAFE_LOGGING more efficiently. --- lib/bridgedb/EmailServer.py | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/lib/bridgedb/EmailServer.py b/lib/bridgedb/EmailServer.py index 82a99ed..f301eb8 100644 --- a/lib/bridgedb/EmailServer.py +++ b/lib/bridgedb/EmailServer.py @@ -427,9 +427,15 @@ def composeEmail(fromAddr, clientAddr, subject, body, msgID=False, else: mailbody.write(body)

+ # Only log the email text (including all headers) if SAFE_LOGGING is + # disabled: + if not Util.safe_logging: + f.seek(0) + logging.debug("Email contents:\n%s" % f.read()) + else: + logging.debug("Email text for %r created." % Util.logSafely(clientAddr)) f.seek(0) - logging.debug("Email body:\n%s" % Util.logSafely(f.read())) - f.seek(0) + return clientAddr, f

def getGPGContext(cfg):