Uploaded image for project: 'PHP Driver: Extension'
  1. PHP Driver: Extension
  2. PHPC-1425

Sanitize URI and certificate passwords in debug logs

    • Type: Icon: Improvement Improvement
    • Resolution: Unresolved
    • Priority: Icon: Major - P3 Major - P3
    • None
    • Affects Version/s: None
    • Component/s: None
    • None

      The following debug lines may reveal the password from a connection string:

      • PHONGO: DEBUG > Connection string:
      • PHONGO: DEBUG > Created client hash:

      Moreover, the "pem_pwd" key in the $driverOptions parameter to the Manager constructor can end up in the client hash. After PHPC-1288, that same value may be expressed via the "tlsCertificateKeyFilePassword" connection string and/or URI option.

      If possible, we should attempt to sanitize both of these strings (URI password and certificate passwords) before emitting them in the debug logs.

      The debug logs also includes raw socket communication; however, the original password is never sent in the clear by any auth mechanisms. The auth exchanges use nonces, so it should not be possible to replay them from the raw socket data; however, the logs may certainly still contain sensitive information since they expose raw document data exchanged with the server (e.g. inserted documents, queries).

            Assignee:
            Unassigned Unassigned
            Reporter:
            jmikola@mongodb.com Jeremy Mikola
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated: