[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-commits] [bridgedb/develop] Only read emails into logger if configured to log emails.
commit ac9aa95dab176e5aeb263ba9b482b7dea71a00b6
Author: Isis Lovecruft <isis@xxxxxxxxxxxxxx>
Date: Sun Mar 16 18:29:03 2014 +0000
Only read emails into logger if configured to log emails.
The variable name and logging text stating that the "email body" was
being logged was untrue â?? the entire email text was logged, including
headers, which completely nullified all the other efforts to use
SAFE_LOGGING and keep client email addresses out of BridgeDB's log
files.
In commit 3a3fe60e159bfcb93f51cff861a0db794b867ad4, these lines were
changed to use `Util.logSafely(f.read())`. However, this is
inefficient. We shouldn't bother reading the entire email file if the
`Util.logSafely()` is only going to rewrite those contents with the
string `[scrubbed]`.
* CHANGE the way the `bridgedb.EmailServer.composeEmail()` function
logs email contents to use SAFE_LOGGING more efficiently.
---
lib/bridgedb/EmailServer.py | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/lib/bridgedb/EmailServer.py b/lib/bridgedb/EmailServer.py
index 82a99ed..f301eb8 100644
--- a/lib/bridgedb/EmailServer.py
+++ b/lib/bridgedb/EmailServer.py
@@ -427,9 +427,15 @@ def composeEmail(fromAddr, clientAddr, subject, body, msgID=False,
else:
mailbody.write(body)
+ # Only log the email text (including all headers) if SAFE_LOGGING is
+ # disabled:
+ if not Util.safe_logging:
+ f.seek(0)
+ logging.debug("Email contents:\n%s" % f.read())
+ else:
+ logging.debug("Email text for %r created." % Util.logSafely(clientAddr))
f.seek(0)
- logging.debug("Email body:\n%s" % Util.logSafely(f.read()))
- f.seek(0)
+
return clientAddr, f
def getGPGContext(cfg):
_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits