Closed K0HAX closed 9 years ago
dotwaffle
commented
9 years ago Hi there,
Any chance you can give me a sample or two of the configs you're trying to remove? Feel free to change the passwords etc, but the structure should be the same. 5-10 lines either side would be good also.
I'm just thinking it might be preferable to remove just the password rather than the entire line.
Cheers!
K0HAX
commented
9 years ago I absolutely agree. It would ideally be something like this.
ip ddns update method dnsMethod
HTTP
add http://username:password@dns.example.com/dns/update.php?hostname=
ip ddns update method dnsMethod
HTTP
add http://username:CENSORED@dns.example.com/dns/update.php?hostname=
dotwaffle
commented
9 years ago So, I can see two ways of doing this:
\sadd \w+:\/\/\w+:(.)@.*
That will get rid of just the password (the capture group there contains the password, so just put brackets round everything else instead if you wanted the line. Or, do it the way you suggest and remove the whole line.
Whichever you suggest, I'll do -- sounds like a smart thing to be doing!
K0HAX
commented
9 years ago Does that work with the ProcessHistory way of dealing with passwords? That seems to be the canonical way of doing it. I'm relatively bad at regexp and rancid's ProcessHistory() function.
You know.. I think the correct regexp would be something like this
/^\s(add \w+:\/\/\w+:).(@.)/
and then the ProcessHistory would be
ProcessHistory("","","","$1
I'll test it out and if that works I'll update the pull request.
K0HAX
commented
9 years ago That latest commit did the trick! It logs the whole line except for the password, and comments it out.
dotwaffle
commented
9 years ago Thanks!
If someone can figure out a better method than the one I'm using, so it leaves the rest of the http://(username):removed>@host/path?option=<h stuff that would be great! Otherwise, this works well.
Signed-off-by: Michael Englehorn Michael@englehorn.com