Open Stack

Reviewed:  https://review.openstack.org/54954
Committed: http://github.com/openstack/nova/commit/5a385f23101dc99e0bc97975e664d3ef242888d3
Submitter: Jenkins
Branch:    stable/havana

commit 5a385f23101dc99e0bc97975e664d3ef242888d3
Author: Davanum Srinivas <dims at linux.vnet.ibm.com>
Date:   Thu Oct 3 22:28:58 2013 -0400

    Sanitize passwords when logging payload in wsgi
    
    adminPass (or admin_pass) can be either part of a json object or
    an xml element or xml attribute. The patch includes
    regexps to support all these cases and adds tests
    as well
    
    Change-Id: Ic119f986a03863c1d13b566b4c005f3bc77d83d0
    Closes-Bug: 1231263
    (cherry picked from commit c6d82083295e9b1b42f22d3a2d25a1ab7d341a13)


** Tags added: in-stable-havana

-- 
You received this bug notification because you are a member of OpenStack
Security Group, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/1231263

Title:
  Clear text password has been print in log by some API call

Status in OpenStack Compute (Nova):
  Fix Committed

Bug description:
  In current implementation, when perform some api call, like change server password, or rescue server, the password has been print in log in nova.
  i.e:

  2013-09-26 13:48:01.711 DEBUG routes.middleware [-] Match dict: {'action': u'action', 'controller': <nova.api.openstack.wsgi.Resource object at 0x46d09d0>, 'project_id': u'05004a24b3304cd9b55a0fcad08107b3', 'id': u'8c4a1dfa-147a-4f
  f8-8116-010d8c346115'} from (pid=10629) __call__ /usr/local/lib/python2.7/dist-packages/routes/middleware.py:103
  2013-09-26 13:48:01.711 DEBUG nova.api.openstack.wsgi [req-10ebd201-ba52-453f-b1ce-1e41fbef8cdd admin demo] Action: 'action', body: {"changePassword": {"adminPass": "1234567"}} from (pid=10629) _process_stack /opt/stack/nova/nova/api/openstack/wsgi.py:926

  This is not secue which the password should be replaced by ***

To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1231263/+subscriptions