From 1510aa69d909c7ca20986fa1d119ee163fd44911 Mon Sep 17 00:00:00 2001 From: Guilherme Bueno Date: Wed, 7 Jun 2023 09:49:16 -0300 Subject: [PATCH 1/2] Remove password from failed connection exception --- src/clj_ssh/ssh.clj | 24 ++++++++++++++---------- test/clj_ssh/ssh_test.clj | 9 +++++++++ 2 files changed, 23 insertions(+), 10 deletions(-) diff --git a/src/clj_ssh/ssh.clj b/src/clj_ssh/ssh.clj index ede056c..95bdd82 100644 --- a/src/clj_ssh/ssh.clj +++ b/src/clj_ssh/ssh.clj @@ -430,21 +430,25 @@ keys. All other option key pairs will be passed as SSH config options." (finally (disconnect session#))))) +(defn clean-sensitive-data [hosts] + (map #(dissoc % :password) hosts)) + ;;; Jump Hosts (defn- jump-connect [agent hosts sessions timeout] (let [host (first hosts) s (session agent (:hostname host) (dissoc host :hostname)) throw-e (fn [e s] - (throw - (ex-info - (str "Failed to connect " - (.getUserName s) "@" - (.getHost s) ":" - (.getPort s) - " " (pr-str (into [] (.getIdentityNames agent))) - " " (pr-str hosts)) - {:hosts hosts} - e)))] + (let [clear-hosts (clean-sensitive-data hosts)] + (throw + (ex-info + (str "Failed to connect " + (.getUserName s) "@" + (.getHost s) ":" + (.getPort s) + " " (pr-str (into [] (.getIdentityNames agent))) + " " (pr-str clear-hosts)) + {:hosts clear-hosts} + e))))] (swap! sessions (fnil conj []) s) (try (connect s timeout) diff --git a/test/clj_ssh/ssh_test.clj b/test/clj_ssh/ssh_test.clj index d5ed773..6f251ce 100644 --- a/test/clj_ssh/ssh_test.clj +++ b/test/clj_ssh/ssh_test.clj @@ -636,3 +636,12 @@ ":channel not connected") (is (zero? (exit-status (:channel proc))) "zero exit status"))))))) + +(deftest clean-sensitive-data-test + (are [?in ?out] + (= ?out (clean-sensitive-data ?in)) + [{:hostname "host", :username "user", :password "pass123", :strict-host-key-checking :no}] [{:hostname "host", :username "user", :strict-host-key-checking :no}] + [{:hostname "host", :username "user", :password "pass123"}] [{:hostname "host", :username "user"}] + [{:hostname "host"}] [{:hostname "host"}] + {:some-other-key "some-value"} {:some-other-key "some-value"} + {:some-key "some-value"} {:some-key "some-value"})) From dd648e31c4c9be430d3dc701ca00c68f8ffed667 Mon Sep 17 00:00:00 2001 From: Guilherme Bueno Date: Wed, 7 Jun 2023 09:56:03 -0300 Subject: [PATCH 2/2] Add docstring --- src/clj_ssh/ssh.clj | 1 + test/clj_ssh/ssh_test.clj | 7 ++----- 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/src/clj_ssh/ssh.clj b/src/clj_ssh/ssh.clj index 95bdd82..8e5a8cf 100644 --- a/src/clj_ssh/ssh.clj +++ b/src/clj_ssh/ssh.clj @@ -431,6 +431,7 @@ keys. All other option key pairs will be passed as SSH config options." (disconnect session#))))) (defn clean-sensitive-data [hosts] + "Remove password from hosts vector" (map #(dissoc % :password) hosts)) ;;; Jump Hosts diff --git a/test/clj_ssh/ssh_test.clj b/test/clj_ssh/ssh_test.clj index 6f251ce..e9577c2 100644 --- a/test/clj_ssh/ssh_test.clj +++ b/test/clj_ssh/ssh_test.clj @@ -640,8 +640,5 @@ (deftest clean-sensitive-data-test (are [?in ?out] (= ?out (clean-sensitive-data ?in)) - [{:hostname "host", :username "user", :password "pass123", :strict-host-key-checking :no}] [{:hostname "host", :username "user", :strict-host-key-checking :no}] - [{:hostname "host", :username "user", :password "pass123"}] [{:hostname "host", :username "user"}] - [{:hostname "host"}] [{:hostname "host"}] - {:some-other-key "some-value"} {:some-other-key "some-value"} - {:some-key "some-value"} {:some-key "some-value"})) + [{:hostname "host", :username "user", :password "pass123"}] [{:hostname "host", :username "user"}] + [{:hostname "host"}] [{:hostname "host"}]))