[tor-commits] [bridgedb/master] Only read emails into logger if configured to log emails.

[isis at torproject.org]

commit ac9aa95dab176e5aeb263ba9b482b7dea71a00b6
Author: Isis Lovecruft <isis at torproject.org>
Date:   Sun Mar 16 18:29:03 2014 +0000

    Only read emails into logger if configured to log emails.
    
    The variable name and logging text stating that the "email body" was
    being logged was untrue ― the entire email text was logged, including
    headers, which completely nullified all the other efforts to use
    SAFE_LOGGING and keep client email addresses out of BridgeDB's log
    files.
    
    In commit 3a3fe60e159bfcb93f51cff861a0db794b867ad4, these lines were
    changed to use `Util.logSafely(f.read())`. However, this is
    inefficient. We shouldn't bother reading the entire email file if the
    `Util.logSafely()` is only going to rewrite those contents with the
    string `[scrubbed]`.
    
     * CHANGE the way the `bridgedb.EmailServer.composeEmail()` function
       logs email contents to use SAFE_LOGGING more efficiently.
---
 lib/bridgedb/EmailServer.py |   10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/lib/bridgedb/EmailServer.py b/lib/bridgedb/EmailServer.py
index 82a99ed..f301eb8 100644
--- a/lib/bridgedb/EmailServer.py
+++ b/lib/bridgedb/EmailServer.py
@@ -427,9 +427,15 @@ def composeEmail(fromAddr, clientAddr, subject, body, msgID=False,
     else:
         mailbody.write(body)
 
+    # Only log the email text (including all headers) if SAFE_LOGGING is
+    # disabled:
+    if not Util.safe_logging:
+        f.seek(0)
+        logging.debug("Email contents:\n%s" % f.read())
+    else:
+        logging.debug("Email text for %r created." % Util.logSafely(clientAddr))
     f.seek(0)
-    logging.debug("Email body:\n%s" % Util.logSafely(f.read()))
-    f.seek(0)
+
     return clientAddr, f
 
 def getGPGContext(cfg):