tarantool
/
tarantool
/
18135352191
88%
master: 88%
master: 88%
|
Ran
|
Jobs
1
|
Files
519
|
Run time
2min
|
Badge
Embed ▾
README BADGES
|
coverage: 87.562% (+0.04%) from 87.524%
push
github
sergepetrenkossl: eliminate sensitive data leak in cfg options Before this patch sensitive ssl data (password, paths to certificates, path to private key) could leak into log file during configuring `listen` and `replication` option of box.cfg. This could lead to serious security risks. Now we fix this issue by extending the functionality of the `purge_ensitive_data_from_uri` function so that it can process not only string uris, but also table uris with `uri` and `params` options. After this patch next uri parameters will not be printed in log file: `password` and all params which contain "ssl_" prefix. Also we rename main cleaner functions so that user can understand that it can purge not only `uri.password`, but also other sensitive params (e.g. ssl params). Needed for tarantool/tarantool-ee#1438 NO_DOC=<ee bugfix> NO_TEST=<ee bugfix> NO_CHANGELOG=<ee bugfix> (cherry picked from commit 23b5585c3)
70179 of 123607 branches covered (56.78%)
103423 of 118114 relevant lines covered (87.56%)
1636450.55 hits per line
Uncovered Existing Lines
| Lines | Coverage | ∆ | File |
|---|---|---|---|
| 1 |
90.38 |
-1.77% | src/lib/core/trigger.cc |
| 1 |
99.04 |
0.02% | src/lib/uri/uri.c |
| 2 |
89.25 |
-0.11% | src/box/xrow.c |
| 2 |
92.94 |
0.02% | src/lib/core/fiber.c |
| 3 |
90.9 |
-0.31% | src/box/vy_scheduler.c |
| 3 |
97.15 |
-0.3% | src/lib/msgpuck/msgpuck.h |
Jobs
| ID | Job ID | Ran | Files | Coverage | |
|---|---|---|---|---|---|
| 1 | 18135352191.1 | 519 |
87.56 |
GitHub Action Run |
