Home Explore Help
Sign In
oid
/
snowflake
mirror of https://git.torproject.org/pluggable-transports/snowflake.git/
Watch 1
Star 0
Fork 0
Files Issues 0 Wiki
Tree: webext-0.0
Branches Tags
snowflake
/
common
/
safelog
/
log.go

log.go 2.0 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172 
  1. //Package for a safer logging wrapper around the standard logging package
    2. 

  2. 

  3. //import "git.torproject.org/pluggable-transports/snowflake.git/common/safelog"
    4. 

  4. package safelog
    5. 

  5. 

  6. import (
    7. 

  7. 	"bytes"
    8. 

  8. 	"io"
    9. 

  9. 	"regexp"
    10. 

  10. 	"sync"
    11. 

  11. )
    12. 

  12. 

  13. const ipv4Address = `\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}`
    14. 

  14. const ipv6Address = `([0-9a-fA-F]{0,4}:){5,7}([0-9a-fA-F]{0,4})?`
    15. 

  15. const ipv6Compressed = `([0-9a-fA-F]{0,4}:){0,5}([0-9a-fA-F]{0,4})?(::)([0-9a-fA-F]{0,4}:){0,5}([0-9a-fA-F]{0,4})?`
    16. 

  16. const ipv6Full = `(` + ipv6Address + `(` + ipv4Address + `))` +
    17. 

  17. 	`|(` + ipv6Compressed + `(` + ipv4Address + `))` +
    18. 

  18. 	`|(` + ipv6Address + `)` + `|(` + ipv6Compressed + `)`
    19. 

  19. const optionalPort = `(:\d{1,5})?`
    20. 

  20. const addressPattern = `((` + ipv4Address + `)|(\[(` + ipv6Full + `)\])|(` + ipv6Full + `))` + optionalPort
    21. 

  21. const fullAddrPattern = `(^|\s|[^\w:])` + addressPattern + `(\s|(:\s)|[^\w:]|$)`
    22. 

  22. 

  23. var scrubberPatterns = []*regexp.Regexp{
    24. 

  24. 	regexp.MustCompile(fullAddrPattern),
    25. 

  25. }
    26. 

  26. 

  27. var addressRegexp = regexp.MustCompile(addressPattern)
    28. 

  28. 

  29. // An io.Writer that can be used as the output for a logger that first
    30. 

  30. // sanitizes logs and then writes to the provided io.Writer
    31. 

  31. type LogScrubber struct {
    32. 

  32. 	Output io.Writer
    33. 

  33. 	buffer []byte
    34. 

  34. 

  35. 	lock sync.Mutex
    36. 

  36. }
    37. 

  37. 

  38. func (ls *LogScrubber) Lock()   { (*ls).lock.Lock() }
    39. 

  39. func (ls *LogScrubber) Unlock() { (*ls).lock.Unlock() }
    40. 

  40. 

  41. func scrub(b []byte) []byte {
    42. 

  42. 	scrubbedBytes := b
    43. 

  43. 	for _, pattern := range scrubberPatterns {
    44. 

  44. 		// this is a workaround since go does not yet support look ahead or look
    45. 

  45. 		// behind for regular expressions.
    46. 

  46. 		scrubbedBytes = pattern.ReplaceAllFunc(scrubbedBytes, func(b []byte) []byte {
    47. 

  47. 			return addressRegexp.ReplaceAll(b, []byte("[scrubbed]"))
    48. 

  48. 		})
    49. 

  49. 	}
    50. 

  50. 	return scrubbedBytes
    51. 

  51. }
    52. 

  52. 

  53. func (ls *LogScrubber) Write(b []byte) (n int, err error) {
    54. 

  54. 	ls.Lock()
    55. 

  55. 	defer ls.Unlock()
    56. 

  56. 

  57. 	n = len(b)
    58. 

  58. 	ls.buffer = append(ls.buffer, b...)
    59. 

  59. 	for {
    60. 

  60. 		i := bytes.LastIndexByte(ls.buffer, '\n')
    61. 

  61. 		if i == -1 {
    62. 

  62. 			return
    63. 

  63. 		}
    64. 

  64. 		fullLines := ls.buffer[:i+1]
    65. 

  65. 		_, err = ls.Output.Write(scrub(fullLines))
    66. 

  66. 		if err != nil {
    67. 

  67. 			return
    68. 

  68. 		}
    69. 

  69. 		ls.buffer = ls.buffer[i+1:]
    70. 

  70. 	}
    71. 

  71. }
    72. 

  72.