diff options
| author | Joseph Hunkeler <jhunkeler@gmail.com> | 2024-04-15 13:33:36 -0400 |
|---|---|---|
| committer | Joseph Hunkeler <jhunkeler@gmail.com> | 2024-04-15 13:33:36 -0400 |
| commit | cabcd35daa18bb883f0d348b2adf93c5828af69f (patch) | |
| tree | a8a1c2e5142662244fcab2e928754dc48db05e4b /include/utils.h | |
| parent | 208962dfdbd24788a6decf1839ecbbf584fb2e09 (diff) | |
| download | stasis-cabcd35daa18bb883f0d348b2adf93c5828af69f.tar.gz | |
Move artifactory authentication redaction code into its own function: redact_sensitive()
Diffstat (limited to 'include/utils.h')
| -rw-r--r-- | include/utils.h | 43 |
1 files changed, 43 insertions, 0 deletions
diff --git a/include/utils.h b/include/utils.h index 61f5948..37ba50a 100644 --- a/include/utils.h +++ b/include/utils.h @@ -265,4 +265,47 @@ int fix_tox_conf(const char *filename, char **result); char *collapse_whitespace(char **s); +/** + * Write ***REDACTED*** in dest for each occurrence of to_redacted token present in src + * + * ```c + * char command[PATH_MAX] = {0}; + * char command_redacted[PATH_MAX] = {0}; + * const char *password = "abc123"; + * const char *host = "myhostname"; + * const char *to_redact_case1[] = {password, host, NULL}; + * const char *to_redact_case2[] = {password, "--host", NULL}; + * const char *to_redact_case3[] = {password, "--host", host, NULL}; + * + * sprintf(command, "echo %s | program --host=%s -", password, host); + * + * // CASE 1 + * redact_sensitive(to_redact_case1, command, command_redacted, sizeof(command_redacted) - 1); + * printf("executing: %s\n", command_redacted); + * // User sees: + * // executing: echo ***REDACTED*** | program --host=***REDACTED*** - + * system(command); + * + * // CASE 2 remove an entire argument + * redact_sensitive(to_redact_case2, command, command_redacted, sizeof(command_redacted) - 1); + * printf("executing: %s\n", command_redacted); + * // User sees: + * // executing: echo ***REDACTED*** | program ***REDACTED*** - + * system(command); + * + * // CASE 3 remove it all (noisy) + * redact_sensitive(to_redact_case3, command, command_redacted, sizeof(command_redacted) - 1); + * printf("executing: %s\n", command_redacted); + * // User sees: + * // executing: echo ***REDACTED*** | program ***REDACTED***=***REDACTED*** - + * system(command); + * ``` + * + * @param to_redact array of tokens to redact + * @param src input string + * @param dest output string + * @param maxlen maximum length of dest byte array + * @return 0 on success, -1 on error + */ +int redact_sensitive(const char **to_redact, char *src, char *dest, size_t maxlen); #endif //OMC_UTILS_H |