postgresql_extensible: Censor also other security related conn params

While these aren't quite as sensitive as passwords, they do tend to be
long filesystem paths that shouldn't be reported along with
every measurement.
This commit is contained in:
Hannu Valtonen 2016-04-24 00:40:10 +03:00 committed by Cameron Sparr
parent c159460b2c
commit 01b01c5969
1 changed files with 2 additions and 2 deletions

View File

@ -184,7 +184,7 @@ type scanner interface {
Scan(dest ...interface{}) error
}
var passwordKVMatcher, _ = regexp.Compile("password=\\S+ ?")
var KVMatcher, _ = regexp.Compile("(password|sslcert|sslkey|sslmode|sslrootcert)=\\S+ ?")
func (p *Postgresql) SanitizedAddress() (_ string, err error) {
var canonicalizedAddress string
@ -196,7 +196,7 @@ func (p *Postgresql) SanitizedAddress() (_ string, err error) {
} else {
canonicalizedAddress = p.Address
}
p.sanitizedAddress = passwordKVMatcher.ReplaceAllString(canonicalizedAddress, "")
p.sanitizedAddress = KVMatcher.ReplaceAllString(canonicalizedAddress, "")
return p.sanitizedAddress, err
}