TheArchive/restic
1
0
Fork 0
mirror of https://github.com/restic/restic.git synced 2025-10-11 03:12:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

redacted keys/token in backend config debug log

Browse Source
This commit is contained in:
Michael Eischer
2021-08-04 22:56:18 +02:00
parent 0936d864a4
commit 5a11d14082
14 changed files with 124 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
internal/options/secret_string.go Normal file
View File

@@ -0,0 +1,24 @@
package options
type SecretString struct {
s *string
}
func NewSecretString(s string) SecretString {
return SecretString{s: &s}
}
func (s SecretString) GoString() string {
return `"` + s.String() + `"`
}
func (s SecretString) String() string {
if len(*s.s) == 0 {
return ``
}
return `**redacted**`
}
func (s *SecretString) Unwrap() string {
return *s.s
}

55
internal/options/secret_string_test.go Normal file
View File

@@ -0,0 +1,55 @@
package options_test
import (
"fmt"
"strings"
"testing"
"github.com/restic/restic/internal/options"
"github.com/restic/restic/internal/test"
)
type secretTest struct {
str options.SecretString
}
func assertNotIn(t *testing.T, str string, substr string) {
if strings.Contains(str, substr) {
t.Fatalf("'%s' should not contain '%s'", str, substr)
}
}
func TestSecretString(t *testing.T) {
keyStr := "secret-key"
secret := options.NewSecretString(keyStr)
test.Equals(t, "**redacted**", secret.String())
test.Equals(t, `"**redacted**"`, secret.GoString())
test.Equals(t, "**redacted**", fmt.Sprint(secret))
test.Equals(t, "**redacted**", fmt.Sprintf("%v", secret))
test.Equals(t, `"**redacted**"`, fmt.Sprintf("%#v", secret))
test.Equals(t, keyStr, secret.Unwrap())
}
func TestSecretStringStruct(t *testing.T) {
keyStr := "secret-key"
secretStruct := &secretTest{
str: options.NewSecretString(keyStr),
}
assertNotIn(t, fmt.Sprint(secretStruct), keyStr)
assertNotIn(t, fmt.Sprintf("%v", secretStruct), keyStr)
assertNotIn(t, fmt.Sprintf("%#v", secretStruct), keyStr)
}
func TestSecretStringEmpty(t *testing.T) {
keyStr := ""
secret := options.NewSecretString(keyStr)
test.Equals(t, "", secret.String())
test.Equals(t, `""`, secret.GoString())
test.Equals(t, "", fmt.Sprint(secret))
test.Equals(t, "", fmt.Sprintf("%v", secret))
test.Equals(t, `""`, fmt.Sprintf("%#v", secret))
test.Equals(t, keyStr, secret.Unwrap())
}