Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions .github/workflows/cont_integration.yml
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,7 @@ jobs:
run: |
cargo update -p openssl --precise "0.10.78"
cargo update -p openssl-sys --precise "0.9.114"
cargo update -p zeroize --precise "1.8.2"
- name: Test
run: cargo test --verbose --all-features

Expand Down Expand Up @@ -72,6 +73,7 @@ jobs:
run: |
cargo update -p openssl --precise "0.10.78"
cargo update -p openssl-sys --precise "0.9.114"
cargo update -p zeroize --precise "1.8.2"
- name: Check features
run: cargo check --verbose ${{ matrix.features }}

Expand Down
91 changes: 88 additions & 3 deletions src/raw_client.rs
Original file line number Diff line number Diff line change
Expand Up @@ -88,6 +88,45 @@ macro_rules! impl_batch_call {
}};
}

const REDACTED_AUTHORIZATION: &str = "<redacted>";
const REDACTION_FAILED: &[u8] = b"<request redaction failed>";

/// Redacts authorization values from serialized, newline-delimited JSON-RPC requests.
///
/// The input is produced by serializing [`Request`] values, so malformed JSON is not expected.
/// Nevertheless, redaction fails closed to ensure a request containing credentials is never
/// written to the log if its format changes unexpectedly.
fn redact_authorization(raw: &[u8]) -> Vec<u8> {
let mut redacted = Vec::with_capacity(raw.len());

for (index, raw_request) in raw.split(|byte| *byte == b'\n').enumerate() {
if index > 0 {
redacted.push(b'\n');
}
if raw_request.is_empty() {
continue;
}

let mut request: serde_json::Value = match serde_json::from_slice(raw_request) {
Ok(request) => request,
Err(_) => return REDACTION_FAILED.to_vec(),
};

match request.get_mut("authorization") {
Some(authorization) => {
*authorization = serde_json::Value::String(REDACTED_AUTHORIZATION.to_owned());
match serde_json::to_vec(&request) {
Ok(request) => redacted.extend(request),
Err(_) => return REDACTION_FAILED.to_vec(),
}
}
None => redacted.extend(raw_request),
}
}

redacted
}

/// A trait for [`ToSocketAddrs`](https://doc.rust-lang.org/std/net/trait.ToSocketAddrs.html) that
/// can also be turned into a domain. Used when an SSL client needs to validate the server's
/// certificate.
Expand Down Expand Up @@ -795,7 +834,10 @@ impl<S: Read + Write> RawClient<S> {
let req = req.with_auth(authorization);

let mut raw = serde_json::to_vec(&req)?;
trace!("==> {}", String::from_utf8_lossy(&raw));
trace!(
"==> {}",
String::from_utf8_lossy(&redact_authorization(&raw))
);

raw.extend_from_slice(b"\n");
let mut stream = self.stream.lock()?;
Expand Down Expand Up @@ -951,7 +993,10 @@ impl<T: Read + Write> ElectrumApi for RawClient<T> {
return Ok(vec![]);
}

trace!("==> {}", String::from_utf8_lossy(&raw));
trace!(
"==> {}",
String::from_utf8_lossy(&redact_authorization(&raw))
);

let mut stream = self.stream.lock()?;
stream.write_all(&raw)?;
Expand Down Expand Up @@ -1411,7 +1456,7 @@ mod test {

use crate::utils;

use super::{ElectrumSslStream, RawClient};
use super::{redact_authorization, ElectrumSslStream, RawClient, REDACTION_FAILED};
use crate::api::ElectrumApi;
use crate::config::AuthProvider;

Expand Down Expand Up @@ -1439,6 +1484,46 @@ mod test {
.expect("should build the `RawClient` successfully!")
}

#[test]
fn test_redact_authorization() {
let raw = br#"{"jsonrpc":"2.0","id":1,"method":"server.version","params":[],"authorization":"Bearer secret-token"}"#;
let redacted = redact_authorization(raw);
let request: serde_json::Value = serde_json::from_slice(&redacted).unwrap();

assert_eq!(request["authorization"], "<redacted>");
assert!(!String::from_utf8_lossy(&redacted).contains("secret-token"));
}

#[test]
fn test_redact_authorization_preserves_unauthenticated_request() {
let raw = br#"{"jsonrpc":"2.0","id":1,"method":"server.version","params":[]}"#;

assert_eq!(redact_authorization(raw), raw);
}

#[test]
fn test_redact_authorization_from_batch() {
let raw = b"{\"id\":1,\"authorization\":\"Bearer batch-secret\"}\n\
{\"id\":2}\n";
let redacted = redact_authorization(raw);
let requests: Vec<serde_json::Value> = redacted
.split(|byte| *byte == b'\n')
.filter(|request| !request.is_empty())
.map(|request| serde_json::from_slice(request).unwrap())
.collect();

assert_eq!(requests[0]["authorization"], "<redacted>");
assert!(requests[1].get("authorization").is_none());
assert!(!String::from_utf8_lossy(&redacted).contains("batch-secret"));
}

#[test]
fn test_redact_authorization_fails_closed() {
let raw = b"{\"authorization\":\"Bearer secret-token\"";

assert_eq!(redact_authorization(raw), REDACTION_FAILED);
}

#[test]
fn test_server_features_simple() {
let client = get_test_client();
Expand Down
Loading