archive
/
tailscale
mirror of https://github.com/tailscale/tailscale/
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

cmd/tailscaled: appease a security scanner

Browse Source 
There are two reasons this can't ever go to actual logs,
but rewrite it to make it happy.

Fixes tailscale/corp#2695

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
pull/2910/head
Brad Fitzpatrick 3 years ago committed by Dave Anderson
parent 1eabb5b2d9
commit 9ca334a560
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File

9
cmd/tailscaled/debug.go
Unescape Escape View File

@ -138,11 +138,18 @@ func getURL(ctx context.Context, urlStr string) error {
if err == nil && auth != "" { if err == nil && auth != "" {
tr.ProxyConnectHeader.Set("Proxy-Authorization", auth) tr.ProxyConnectHeader.Set("Proxy-Authorization", auth)
} }
log.Printf("tshttpproxy.GetAuthHeader(%v) got: auth of %d bytes, err=%v", proxyURL, len(auth), err)
const truncLen = 20 const truncLen = 20
if len(auth) > truncLen { if len(auth) > truncLen {
auth = fmt.Sprintf("%s...(%d total bytes)", auth[:truncLen], len(auth)) auth = fmt.Sprintf("%s...(%d total bytes)", auth[:truncLen], len(auth))
} }
log.Printf("tshttpproxy.GetAuthHeader(%v) for Proxy-Auth: = %q, %v", proxyURL, auth, err) if auth != "" {
// We used log.Printf above (for timestamps).
// Use fmt.Printf here instead just to appease
// a security scanner, despite log.Printf only
// going to stdout.
fmt.Printf("... Proxy-Authorization = %q\n", auth)
}
} }
res, err := tr.RoundTrip(req) res, err := tr.RoundTrip(req)
if err != nil { if err != nil {

Write Preview
Loading…
Cancel
Save