Updating terminated TLS listener may leak sensitive data in logs for task_flow
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
octavia |
New
|
Undecided
|
Unassigned |
Bug Description
When creating a terminated TLS listener, the certificate, private key and passphrase might be leaked to the worker.log
We found those information as the taskflow was transitioning from RUNNING to FAILURE and the atoms were logged with
2023-07-24 14:00:43.380 1784274 WARNING octavia.
3 predecessors (most recent first):
Atom 'octavia.
|__Atom 'octavia.
Leaked data in this atom and below, e.g. all information in default_
Hi,
We did a patch for similar issues https:/ /review. opendev. org/c/openstack /octavia/ +/871468 non-WARNING messages, it replaces the value of the private elements in a dict with '***'
but it covers only non-ERROR/
For this particular case, it's a dump of the flow and its atoms by taskflow, it's more complicated as the strings are directly formatted in taskflow, there's no way to change the value of the dict.