Hello community,
here is the log from the commit of package yast2-iscsi-lio-server for openSUSE:Factory checked in at 2014-09-02 08:22:23
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/yast2-iscsi-lio-server (Old)
and /work/SRC/openSUSE:Factory/.yast2-iscsi-lio-server.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "yast2-iscsi-lio-server"
Changes:
--------
--- /work/SRC/openSUSE:Factory/yast2-iscsi-lio-server/yast2-iscsi-lio-server.changes 2014-07-28 16:21:33.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.yast2-iscsi-lio-server.new/yast2-iscsi-lio-server.changes 2014-09-02 08:22:30.000000000 +0200
@@ -1,0 +2,6 @@
+Wed Aug 27 12:26:10 CEST 2014 - gs(a)suse.de
+
+- do not write user/password info to YaST log-file (bnc #893362)
+- 3.1.9
+
+-------------------------------------------------------------------
Old:
----
yast2-iscsi-lio-server-3.1.8.tar.bz2
New:
----
yast2-iscsi-lio-server-3.1.9.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ yast2-iscsi-lio-server.spec ++++++
--- /var/tmp/diff_new_pack.ItlwMG/_old 2014-09-02 08:22:31.000000000 +0200
+++ /var/tmp/diff_new_pack.ItlwMG/_new 2014-09-02 08:22:31.000000000 +0200
@@ -17,7 +17,7 @@
Name: yast2-iscsi-lio-server
-Version: 3.1.8
+Version: 3.1.9
Release: 0
BuildRoot: %{_tmppath}/%{name}-%{version}-build
++++++ yast2-iscsi-lio-server-3.1.8.tar.bz2 -> yast2-iscsi-lio-server-3.1.9.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-iscsi-lio-server-3.1.8/package/yast2-iscsi-lio-server.changes new/yast2-iscsi-lio-server-3.1.9/package/yast2-iscsi-lio-server.changes
--- old/yast2-iscsi-lio-server-3.1.8/package/yast2-iscsi-lio-server.changes 2014-07-28 13:30:42.000000000 +0200
+++ new/yast2-iscsi-lio-server-3.1.9/package/yast2-iscsi-lio-server.changes 2014-09-01 16:25:10.000000000 +0200
@@ -1,4 +1,10 @@
-------------------------------------------------------------------
+Wed Aug 27 12:26:10 CEST 2014 - gs(a)suse.de
+
+- do not write user/password info to YaST log-file (bnc #893362)
+- 3.1.9
+
+-------------------------------------------------------------------
Thu Jul 24 11:59:18 CEST 2014 - gs(a)suse.de
- bind all IP addresses to a target if requested by user
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-iscsi-lio-server-3.1.8/package/yast2-iscsi-lio-server.spec new/yast2-iscsi-lio-server-3.1.9/package/yast2-iscsi-lio-server.spec
--- old/yast2-iscsi-lio-server-3.1.8/package/yast2-iscsi-lio-server.spec 2014-07-28 13:30:42.000000000 +0200
+++ new/yast2-iscsi-lio-server-3.1.9/package/yast2-iscsi-lio-server.spec 2014-09-01 16:25:10.000000000 +0200
@@ -17,7 +17,7 @@
Name: yast2-iscsi-lio-server
-Version: 3.1.8
+Version: 3.1.9
Release: 0
BuildRoot: %{_tmppath}/%{name}-%{version}-build
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-iscsi-lio-server-3.1.8/src/include/iscsi-lio-server/widgets.rb new/yast2-iscsi-lio-server-3.1.9/src/include/iscsi-lio-server/widgets.rb
--- old/yast2-iscsi-lio-server-3.1.8/src/include/iscsi-lio-server/widgets.rb 2014-07-28 13:30:42.000000000 +0200
+++ new/yast2-iscsi-lio-server-3.1.9/src/include/iscsi-lio-server/widgets.rb 2014-09-01 16:25:10.000000000 +0200
@@ -568,7 +568,7 @@
else
lmap = IscsiLioData.GetAuth(@curr_target, @curr_tpg, clnt)
end
- Builtins.y2milestone("ClntAuthDialog map:%1", lmap)
+ Builtins.y2milestone("ClntAuthDialog auth already set") if !lmap.empty?
auth_dialog = VBox(
MarginBox(6, 2, AuthTerm(false)),
ButtonBox(
@@ -605,7 +605,6 @@
end
UI.CloseDialog
Ops.set(@changed_auth, clnt, lmap) if lmap != nil
- Builtins.y2milestone("ClntAuthDialog ret:%1", lmap)
deep_copy(lmap)
end
@@ -1349,8 +1348,8 @@
s = Ops.get_string(it, 1, "")
Builtins.y2milestone("handleClient pos:%1 clnt:%2", edit_pos, s)
auth = ClntAuthDialog(s)
- Builtins.y2milestone("handleClient auth:%1", auth)
if auth != nil
+ Builtins.y2milestone("handleClient auth is set")
Ops.set(it, 3, GetAuthString(auth))
Ops.set(items, edit_pos, it)
UI.ChangeWidget(:clnt_table, :Items, items)
@@ -1539,8 +1538,7 @@
Ops.get_string(ca, ["outgoing", 0], "") ||
Ops.get_string(m, ["outgoing", 1], "") !=
Ops.get_string(ca, ["outgoing", 1], "")
- Builtins.y2milestone("storeClient auth c:%1", c)
- Builtins.y2milestone("storeClient cur:%1 new:%2", ca, m)
+ Builtins.y2milestone("storeClient set auth for client:%1", c)
chg = true
if !IscsiLioData.SetAuth(
@curr_target,
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-iscsi-lio-server-3.1.8/src/modules/IscsiLioData.rb new/yast2-iscsi-lio-server-3.1.9/src/modules/IscsiLioData.rb
--- old/yast2-iscsi-lio-server-3.1.8/src/modules/IscsiLioData.rb 2014-07-28 13:30:42.000000000 +0200
+++ new/yast2-iscsi-lio-server-3.1.9/src/modules/IscsiLioData.rb 2014-09-01 16:25:10.000000000 +0200
@@ -261,8 +261,16 @@
Ops.get_boolean(@data, ["tgt", tgt, tpg, "ep", "enabled"], false)
end
- def LogExecCmd(cmd)
- Builtins.y2milestone("Executing cmd:%1", cmd)
+ # Execute given command (using SCR.Execute) and return result.
+ # Logs the command to YaST log-file if allowed.
+ #
+ # @param [String] cmd Command to be excuted (make sure to quote correctly,
+ # for example "ls 'filename with spaces'")
+ # @param [Boolean] do_log: logging to y2log allowed?
+ # @return [Hash] hash containing keys "exit", "stdout", "stderr"
+ #
+ def LogExecCmd(cmd, do_log: true)
+ Builtins.y2milestone("Executing cmd:%1", cmd) if do_log
ret = Convert.convert(
SCR.Execute(path(".target.bash_output"), cmd),
:from => "any",
@@ -314,8 +322,7 @@
m = Ops.get_map(m, ["clnt", clnt], {}) if !Builtins.isempty(clnt)
ret = !Builtins.isempty(Ops.get_list(m, "incoming", []))
Builtins.y2milestone(
- "HasIncomingAuth m:%1 ret:%2",
- Ops.get_list(m, "incoming", []),
+ "HasIncomingAuth ret:%1",
ret
)
ret
@@ -326,8 +333,7 @@
m = Ops.get_map(m, ["clnt", clnt], {}) if !Builtins.isempty(clnt)
ret = Ops.greater_than(Builtins.size(Ops.get_list(m, "outgoing", [])), 1)
Builtins.y2milestone(
- "HasOutgoingAuth m:%1 ret:%2",
- Ops.get_list(m, "outgoing", []),
+ "HasOutgoingAuth ret:%1",
ret
)
ret
@@ -377,7 +383,9 @@
end
def GetNetworkPortal(tgt, tpg)
- Builtins.y2milestone("Data: %1, tgt: %2, tpg: %3", @data, tgt, tpg)
+ Builtins.y2milestone("target: %1, target portal group: %2", tgt, tpg)
+ # log complete data only for debugging purposes (contains password/user info)
+ Builtins.y2debug("Data: %1", @data)
ret = Builtins.maplist(
Ops.get_list(@data, ["tgt", tgt, tpg, "ep", "np"], [])
) do |n|
@@ -1248,68 +1256,59 @@
ret
end
- def SetAuth(tgt, tpg, clnt, inc, out)
- inc = deep_copy(inc)
- out = deep_copy(out)
+ def SetAuth(tgt, tpg, clnt, incoming, outgoing)
+ incoming = deep_copy(incoming)
+ if incoming.empty?
+ log_incoming = []
+ else
+ log_incoming = ["*****", "*****"]
+ end
+ outgoing = deep_copy(outgoing)
+ if outgoing.empty?
+ log_outgoing = []
+ else
+ log_outgoing = ["*****", "*****"]
+ end
Builtins.y2milestone(
"SetAuth tgt:%1 tpg:%2 clnt:%3 in:%4 out:%5",
tgt,
tpg,
clnt,
- inc,
- out
+ log_incoming,
+ log_outgoing
)
cmd = ""
ret = true
if Builtins.isempty(tgt)
- cmd = "lio_node --setchapdiscauth "
- if !Builtins.isempty(inc)
- ret = LogExecCmd(
- Ops.add(
- Ops.add(Ops.add(cmd, Ops.get_string(inc, 0, "")), " "),
- Ops.get_string(inc, 1, "")
- )
- ) && ret
+ cmd = "lio_node --setchapdiscauth"
+ if !Builtins.isempty(incoming)
+ ret = LogExecCmd("#{cmd} #{incoming[0]} #{incoming[1]}", do_log: false) && ret
+ Builtins.y2milestone("Executing cmd: #{cmd} ***** *****")
elsif HasIncomingAuth("", 0, "")
- ret = LogExecCmd(Ops.add(cmd, "\"\" \"\" ")) && ret
+ ret = LogExecCmd("#{cmd} \"\" \"\" ") && ret
end
- cmd = "lio_node --setchapdiscmutualauth "
- if !Builtins.isempty(out)
- ret = LogExecCmd(
- Ops.add(
- Ops.add(Ops.add(cmd, Ops.get_string(out, 0, "")), " "),
- Ops.get_string(out, 1, "")
- )
- ) && ret
+ cmd = "lio_node --setchapdiscmutualauth"
+ if !Builtins.isempty(outgoing)
+ ret = LogExecCmd("#{cmd} #{outgoing[0]} #{outgoing[1]}", do_log: false) && ret
+ Builtins.y2milestone("Executing cmd: #{cmd} ***** *****")
elsif HasOutgoingAuth("", 0, "")
- ret = LogExecCmd(Ops.add(cmd, "\"\" \"\" ")) && ret
+ ret = LogExecCmd("#{cmd} \"\" \"\" ") && ret
end
else
- param = Ops.add(
- Ops.add(Ops.add(Ops.add(Ops.add(tgt, " "), tpg), " "), clnt),
- " "
- )
- cmd = Ops.add("lio_node --setchapauth ", param)
- if !Builtins.isempty(inc)
- ret = LogExecCmd(
- Ops.add(
- Ops.add(Ops.add(cmd, Ops.get_string(inc, 0, "")), " "),
- Ops.get_string(inc, 1, "")
- )
- ) && ret
+ param = "#{tgt} #{tpg} #{clnt}"
+ cmd = "lio_node --setchapauth #{param}"
+ if !Builtins.isempty(incoming)
+ ret = LogExecCmd("#{cmd} #{incoming[0]} #{incoming[1]}", do_log: false) && ret
+ Builtins.y2milestone("Executing cmd: #{cmd} ***** *****")
elsif HasIncomingAuth(tgt, tpg, clnt)
- ret = LogExecCmd(Ops.add(cmd, "\"\" \"\" ")) && ret
+ ret = LogExecCmd("#{cmd} \"\" \"\" ") && ret
end
- cmd = Ops.add("lio_node --setchapmutualauth ", param)
- if !Builtins.isempty(out)
- ret = LogExecCmd(
- Ops.add(
- Ops.add(Ops.add(cmd, Ops.get_string(out, 0, "")), " "),
- Ops.get_string(out, 1, "")
- )
- ) && ret
+ cmd = "lio_node --setchapmutualauth #{param}"
+ if !Builtins.isempty(outgoing)
+ ret = LogExecCmd("#{cmd} #{outgoing[0]} #{outgoing[1]}", do_log: false) && ret
+ Builtins.y2milestone("Executing cmd: #{cmd} ***** *****")
elsif HasOutgoingAuth(tgt, tpg, clnt)
- ret = LogExecCmd(Ops.add(cmd, "\"\" \"\" ")) && ret
+ ret = LogExecCmd("#{cmd} \"\" \"\" ") && ret
end
end
Builtins.y2milestone("SetAuth ret:%1", ret)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-iscsi-lio-server-3.1.8/test/LogExecCmd_spec.rb new/yast2-iscsi-lio-server-3.1.9/test/LogExecCmd_spec.rb
--- old/yast2-iscsi-lio-server-3.1.8/test/LogExecCmd_spec.rb 1970-01-01 01:00:00.000000000 +0100
+++ new/yast2-iscsi-lio-server-3.1.9/test/LogExecCmd_spec.rb 2014-09-01 16:25:10.000000000 +0200
@@ -0,0 +1,37 @@
+#! /usr/bin/rspec
+require_relative '../src/modules/IscsiLioData'
+
+describe Yast::IscsiLioDataClass do
+
+ before :each do
+ @iscsilib = Yast::IscsiLioDataClass.new
+ @iscsilib.main()
+
+ @test_class = @iscsilib
+ end
+
+ describe "#LogExecCmd" do
+ context "when told not to write command to YaST log" do
+ it "executes command and doesn't write to y2log" do
+ cmd = "lio-node --setchap hugo 12345"
+
+ expect(Yast::Builtins).not_to receive(:y2milestone)
+ expect(Yast::SCR).to receive(:Execute).once
+ @iscsilib.LogExecCmd(cmd, do_log: false)
+ end
+ end
+ end
+
+ describe "#LogExecCmd" do
+ context "when called with command not containing sensitive data" do
+ it "executes command and write command to y2log" do
+ cmd = "lio-node --list"
+
+ expect(Yast::Builtins).to receive(:y2milestone).once
+ expect(Yast::SCR).to receive(:Execute).once
+ @iscsilib.LogExecCmd(cmd)
+ end
+ end
+ end
+
+end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-iscsi-lio-server-3.1.8/test/Makefile.am new/yast2-iscsi-lio-server-3.1.9/test/Makefile.am
--- old/yast2-iscsi-lio-server-3.1.8/test/Makefile.am 2014-07-28 13:30:43.000000000 +0200
+++ new/yast2-iscsi-lio-server-3.1.9/test/Makefile.am 2014-09-01 16:25:10.000000000 +0200
@@ -1,5 +1,7 @@
TESTS = \
- GetIpAddr_spec.rb
+ GetIpAddr_spec.rb \
+ SetAuth_spec.rb \
+ LogExecCmd_spec.rb
TEST_EXTENSIONS = .rb
RB_LOG_COMPILER = rspec
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-iscsi-lio-server-3.1.8/test/SetAuth_spec.rb new/yast2-iscsi-lio-server-3.1.9/test/SetAuth_spec.rb
--- old/yast2-iscsi-lio-server-3.1.8/test/SetAuth_spec.rb 1970-01-01 01:00:00.000000000 +0100
+++ new/yast2-iscsi-lio-server-3.1.9/test/SetAuth_spec.rb 2014-09-01 16:25:10.000000000 +0200
@@ -0,0 +1,54 @@
+#! /usr/bin/rspec
+require_relative '../src/modules/IscsiLioData'
+
+describe Yast::IscsiLioDataClass do
+
+ before :each do
+ @iscsilib = Yast::IscsiLioDataClass.new
+ @iscsilib.main()
+
+ @test_class = @iscsilib
+ end
+
+ describe "#SetAuth" do
+ context "when called with user and password info" do
+ it "filters out sensitive data" do
+ tgt = ""
+ tpg = -42
+ clnt = ""
+ inc = ["SECRET1"]
+ out = ["SECRET2"]
+ expect(Yast::Builtins).to receive(:y2milestone) do |*args|
+ expect(args.to_s).not_to match /SECRET/
+ end.at_least(2).times
+
+ expect(@iscsilib).
+ to receive(:LogExecCmd).
+ twice.
+ and_return true
+
+ expect((a)iscsilib.SetAuth(tgt, tpg, clnt, inc, out)).to be true
+ end
+ end
+ end
+
+ describe "#SetAuth" do
+ context "when called with user and password info" do
+ it "calls LogExecCmd correctly" do
+ tgt = ""
+ tpg = -42
+ clnt = ""
+ inc = ["User", "Password"]
+ out = []
+
+ expect((a)iscsilib).to receive(:LogExecCmd) do |*args|
+ expect(args).to eq ["lio_node --setchapdiscauth User Password", {:do_log=>false}]
+ end
+
+ @iscsilib.SetAuth(tgt, tpg, clnt, inc, out)
+ end
+ end
+ end
+
+
+end
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-commit+help(a)opensuse.org