heimoshuiyu/postmoogle
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update deps; experiment: log security

Browse Source
This commit is contained in:
Aine
2022-11-16 23:00:58 +02:00
parent 225ba2ee9b
commit 99a89ef87a
55 changed files with 883 additions and 308 deletions
Download Patch File Download Diff File Expand all files Collapse all files

47
vendor/gitlab.com/etke.cc/linkpearl/accountdata.go generated vendored
View File

@@ -10,18 +10,17 @@ import (
func (l *Linkpearl) GetAccountData(name string) (map[string]string, error) {
cached, ok := l.acc.Get(name)
if ok {
l.log.Debug("GetAccountData(%s) from cache (data): %+v", name, cached)
l.logAccountData(l.log.Debug, "GetAccountData(%q) cached:", cached, name)
if cached == nil {
return map[string]string{}, nil
}
return cached, nil
}
l.log.Debug("GetAccountData(%s) from API", name)
var data map[string]string
err := l.GetClient().GetAccountData(name, &data)
if err != nil {
l.log.Debug("GetAccountData(%s) from API (error): %v", name, err)
l.logAccountData(l.log.Debug, "GetAccountData(%q) error: %v", nil, name, err)
data = map[string]string{}
if strings.Contains(err.Error(), "M_NOT_FOUND") {
l.acc.Add(name, data)
@@ -30,7 +29,7 @@ func (l *Linkpearl) GetAccountData(name string) (map[string]string, error) {
return data, err
}
data = l.decryptAccountData(data)
l.log.Debug("GetAccountData(%s) from API (data): %+v", name, data)
l.logAccountData(l.log.Debug, "GetAccountData(%q):", data, name)
l.acc.Add(name, data)
return data, err
@@ -40,7 +39,7 @@ func (l *Linkpearl) GetAccountData(name string) (map[string]string, error) {
func (l *Linkpearl) SetAccountData(name string, data map[string]string) error {
l.acc.Add(name, data)
l.log.Debug("SetAccountData(%s) to API (data): %+v", name, data)
l.logAccountData(l.log.Debug, "SetAccountData(%q):", data, name)
data = l.encryptAccountData(data)
return l.GetClient().SetAccountData(name, data)
}
@@ -50,18 +49,17 @@ func (l *Linkpearl) GetRoomAccountData(roomID id.RoomID, name string) (map[strin
key := roomID.String() + name
cached, ok := l.acc.Get(key)
if ok {
l.log.Debug("GetRoomAccountData(%s, %s) from cache (data): %+v", roomID, name, cached)
l.logAccountData(l.log.Debug, "GetRoomAccountData(%q, %q) cached:", cached, roomID, name)
if cached == nil {
return map[string]string{}, nil
}
return cached, nil
}
l.log.Debug("GetRoomAccountData(%s, %s) from API", roomID, name)
var data map[string]string
err := l.GetClient().GetRoomAccountData(roomID, name, &data)
if err != nil {
l.log.Debug("GetRoomAccountData(%s, %s) from API (error): %v", roomID, name, err)
l.logAccountData(l.log.Debug, "GetRoomAccountData(%q, %q) error: %v", nil, roomID, name, err)
data = map[string]string{}
if strings.Contains(err.Error(), "M_NOT_FOUND") {
l.acc.Add(key, data)
@@ -70,7 +68,7 @@ func (l *Linkpearl) GetRoomAccountData(roomID id.RoomID, name string) (map[strin
return data, err
}
data = l.decryptAccountData(data)
l.log.Debug("GetRoomAccountData(%s,%s) from API (data): %+v", roomID, name, data)
l.logAccountData(l.log.Debug, "GetRoomAccountData(%q, %q):", data, roomID, name)
l.acc.Add(key, data)
return data, err
@@ -81,7 +79,7 @@ func (l *Linkpearl) SetRoomAccountData(roomID id.RoomID, name string, data map[s
key := roomID.String() + name
l.acc.Add(key, data)
l.log.Debug("SetRoomAccountData(%s, %s) to API (data): %+v", roomID, name, data)
l.logAccountData(l.log.Debug, "SetRoomAccountData(%q, %q):", data, roomID, name)
data = l.encryptAccountData(data)
return l.GetClient().SetRoomAccountData(roomID, name, data)
}
@@ -95,11 +93,11 @@ func (l *Linkpearl) encryptAccountData(data map[string]string) map[string]string
for k, v := range data {
ek, err := l.acr.Encrypt(k)
if err != nil {
l.log.Error("cannot encrypt account data (key=%s): %v", k, err)
l.log.Error("cannot encrypt account data (key=%q): %v", k, err)
}
ev, err := l.acr.Encrypt(v)
if err != nil {
l.log.Error("cannot encrypt account data (key=%s): %v", k, err)
l.log.Error("cannot encrypt account data (key=%q): %v", k, err)
}
encrypted[ek] = ev // worst case: plaintext value
}
@@ -116,14 +114,35 @@ func (l *Linkpearl) decryptAccountData(data map[string]string) map[string]string
for ek, ev := range data {
k, err := l.acr.Decrypt(ek)
if err != nil {
l.log.Error("cannot decrypt account data (key=%s): %v", k, err)
l.log.Error("cannot decrypt account data (key=%q): %v", k, err)
}
v, err := l.acr.Decrypt(ev)
if err != nil {
l.log.Error("cannot decrypt account data (key=%s): %v", k, err)
l.log.Error("cannot decrypt account data (key=%q): %v", k, err)
}
decrypted[k] = v // worst case: encrypted value, usual case: migration from plaintext to encrypted account data
}
return decrypted
}
func (l *Linkpearl) logAccountData(method func(string, ...any), message string, data map[string]string, args ...any) {
if len(data) == 0 {
method(message, args...)
return
}
safeData := make(map[string]string, len(data))
for k, v := range data {
sv, ok := l.aclr[k]
if ok {
safeData[k] = sv
continue
}
safeData[k] = v
}
args = append(args, safeData)
method(message+" %+v", args...)
}