Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

HTTPCLIENT-2337: Sanitize X500Principal Logging in SSLConnectionSocketFactory #581

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

HTTPCLIENT-2337: Sanitize X500Principal Logging in SSLConnectionSocketFactory #581

wants to merge 1 commit into from
+146 −2

Conversation

arturobernalg
Copy link
Member

This PR addresses HTTPCLIENT-2337, which involves potentially unsafe logging of X500Principal in SSLConnectionSocketFactory. The issue is caused by control characters in the X500Principal being logged without sanitization, which could interfere with log readability.

@ok2c
Copy link
Member

ok2c commented Sep 20, 2024

@arturobernalg I think we have kind of decided to not do it, but if no one objects I see no reason to not merge this change-set

@arturobernalg
Copy link
Member Author

please @garydgregory do another pass.

garydgregory
garydgregory approved these changes Sep 20, 2024
View reviewed changes
Copy link
Member

@garydgregory garydgregory left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, TY @arturobernalg

garydgregory
garydgregory reviewed Sep 20, 2024
View reviewed changes
httpclient5/src/main/java/org/apache/hc/client5/http/ssl/SSLConnectionSocketFactory.java Outdated
final X500Principal peer = x509.getSubjectX500Principal();
LOG.debug("Sanitized peer principal: {}", toEscapedString(peer));
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

"Sanitized" -> "Escaped"?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done

garydgregory
garydgregory approved these changes Sep 20, 2024
View reviewed changes
Copy link
Member

@garydgregory garydgregory left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM.

garydgregory
garydgregory reviewed Sep 21, 2024
View reviewed changes
httpclient5/src/main/java/org/apache/hc/client5/http/ssl/SSLConnectionSocketFactory.java Outdated
final StringBuilder sanitizedPrincipal = new StringBuilder(principalValue.length());
for (final char c : principalValue.toCharArray()) {
if (Character.isISOControl(c)) {
sanitizedPrincipal.append("\\x").append(String.format("%02x", (int) c));
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I just remembered that we already do this kind of cleaning/escaping in org.apache.hc.core5.testing.nio.LoggingIOSession.logData(ByteBuffer, String). There may be an opportunity for some refactoring so that we use the same semantics for printing raw data.

@ok2c
Copy link
Member

ok2c commented Sep 21, 2024

@arturobernalg SSLConnectionSocketFactory has been deprecated in favor of DefaultClientTlsStrategy. I really think your time and efforts could be better spent elsewhere but if you really want to do it please move all these changes from SSLConnectionSocketFactory to AbstractClientTlsStrategy.

@arturobernalg
HTTPCLIENT-2337: Add sanitizeX500Principal method to escape control c…
9acd96c 
…haracters in X500Principal. Escapes ISO control characters in X500Principal using hexadecimal representation.
@arturobernalg
Copy link
Member Author

@arturobernalg SSLConnectionSocketFactory has been deprecated in favor of DefaultClientTlsStrategy. I really think your time and efforts could be better spent elsewhere but if you really want to do it please move all these changes from SSLConnectionSocketFactory to AbstractClientTlsStrategy.

@ok2c
Please check again.
Thank you.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@garydgregory garydgregory garydgregory approved these changes

@ok2c ok2c Awaiting requested review from ok2c

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@arturobernalg @ok2c @garydgregory