02ce407 CVE-2019-10195: Don't log passwords embedded in commands in calls using batch

1 file Authored by rcritten 4 years ago, Committed by abbra 4 years ago,
    CVE-2019-10195: Don't log passwords embedded in commands in calls using batch
    
    A raw batch request was fully logged which could expose parameters
    we don't want logged, like passwords.
    
    Override _repr_iter to use the individual commands to log the
    values so that values are properly obscured.
    
    In case of errors log the full value on when the server is in
    debug mode.
    
    Reported by Jamison Bennett from Cloudera
    
    Signed-off-by: Rob Crittenden <rcritten@redhat.com>
    Reviewed-by:  Florence Blanc-Renaud <frenaud@redhat.com>
    
        
file modified
+72 -24