From 092de856370949eb3dbfb36591be91f21c3465ba Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Pablo=20Fern=C3=A1ndez=20Rodr=C3=ADguez?=
 <pafernan@redhat.com>
Date: Fri, 13 Dec 2024 10:40:45 +0100
Subject: [PATCH] [foreman] Obfuscate http_proxy passwords. PR-3878 improvement
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Improve `do_paths_http_sub` function to replace multiple BASIC_AUTH occurrences
on URLs

Related: SAT-30137
Closes: #3878

Signed-off-by: Pablo Fernández Rodríguez <pafernan@redhat.com>
---
 sos/report/plugins/__init__.py | 8 ++++----
 sos/report/plugins/foreman.py  | 8 --------
 2 files changed, 4 insertions(+), 12 deletions(-)

diff --git a/sos/report/plugins/__init__.py b/sos/report/plugins/__init__.py
index dd467d3e3..69b692bf2 100644
--- a/sos/report/plugins/__init__.py
+++ b/sos/report/plugins/__init__.py
@@ -1317,9 +1317,9 @@ def do_file_sub(self, srcpath, regexp, subst):
         return replacements
 
     def do_paths_http_sub(self, pathspecs):
-        """ Obfuscate credentials in *_PROXY variables in all files in the
-        given list. Proxy setting without protocol is ignored, since that
-        is not recommended setting and obfuscating that one can hit false
+        """ Obfuscate Basic_AUTH URL credentials in all files in the given
+        list. Proxy setting without protocol is ignored, since that is
+        not recommended setting and obfuscating that one can hit false
         positives.
 
         :param pathspecs: A filepath to obfuscate credentials in
@@ -1329,7 +1329,7 @@ def do_paths_http_sub(self, pathspecs):
             pathspecs = [pathspecs]
         for path in pathspecs:
             self.do_path_regex_sub(
-                path, r"(http(s)?://)\S+:\S+(@.*)", r"\1******:******\3")
+                path, r"http(s)?://\S+:\S+@", r"http\1://******:******@")
 
     def do_path_regex_sub(self, pathexp, regexp, subst):
         """Apply a regexp substituation to a set of files archived by
diff --git a/sos/report/plugins/foreman.py b/sos/report/plugins/foreman.py
index bd6bb60da..1795b4d73 100644
--- a/sos/report/plugins/foreman.py
+++ b/sos/report/plugins/foreman.py
@@ -331,14 +331,6 @@ def postproc(self):
         self.do_paths_http_sub([
             '/var/log/foreman/production.log*',
         ])
-        # .. even those appearing TWICE in the logfile, in format (one-line):
-        # Setting (7) update event on value --- https://USER:PASS@foobar:443,\
-        # --- https://USER:PASS@foobar:3128
-        self.do_path_regex_sub(
-            '/var/log/foreman/production.log*',
-            r", --- (http(s)?://)\S+:\S+(@.*)",
-            r"\1******:******\3"
-        )
         # hide proxy credentials from http_proxy setting
         self.do_cmd_output_sub(
             "from settings where",