diff options
| author | Martin Holst Swende <martin@swende.se> | 2018-09-25 21:54:58 +0800 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2018-09-25 21:54:58 +0800 |
| commit | d3441ebb563439bac0837d70591f92e2c6080303 (patch) | |
| tree | cec46689f8ec4fd4570322e79ad7167c3b792c74 /signer/core/auditlog.go | |
| parent | a95a601f35c49be6045de522138f639fbb68c885 (diff) | |
| download | dexon-d3441ebb563439bac0837d70591f92e2c6080303.tar dexon-d3441ebb563439bac0837d70591f92e2c6080303.tar.gz dexon-d3441ebb563439bac0837d70591f92e2c6080303.tar.bz2 dexon-d3441ebb563439bac0837d70591f92e2c6080303.tar.lz dexon-d3441ebb563439bac0837d70591f92e2c6080303.tar.xz dexon-d3441ebb563439bac0837d70591f92e2c6080303.tar.zst dexon-d3441ebb563439bac0837d70591f92e2c6080303.zip | |
cmd/clef, signer: security fixes (#17554)
* signer: remove local path disclosure from extapi
* signer: show more data in cli ui
* rpc: make http server forward UA and Origin via Context
* signer, clef/core: ui changes + display UA and Origin
* signer: cliui - indicate less trust in remote headers, see https://github.com/ethereum/go-ethereum/issues/17637
* signer: prevent possibility swap KV-entries in aes_gcm storage, fixes #17635
* signer: remove ecrecover from external API
* signer,clef: default reject instead of warn + valideate new passwords. fixes #17632 and #17631
* signer: check calldata length even if no ABI signature is present
* signer: fix failing testcase
* clef: remove account import from external api
* signer: allow space in passwords, improve error messsage
* signer/storage: fix typos
Diffstat (limited to 'signer/core/auditlog.go')
| -rw-r--r-- | signer/core/auditlog.go | 29 |
1 files changed, 10 insertions, 19 deletions
diff --git a/signer/core/auditlog.go b/signer/core/auditlog.go index d0ba733d2..1f9c90918 100644 --- a/signer/core/auditlog.go +++ b/signer/core/auditlog.go @@ -33,11 +33,10 @@ type AuditLogger struct { api ExternalAPI } -func (l *AuditLogger) List(ctx context.Context) (Accounts, error) { +func (l *AuditLogger) List(ctx context.Context) ([]common.Address, error) { l.log.Info("List", "type", "request", "metadata", MetadataFromContext(ctx).String()) res, e := l.api.List(ctx) - - l.log.Info("List", "type", "response", "data", res.String()) + l.log.Info("List", "type", "response", "data", res) return res, e } @@ -72,14 +71,6 @@ func (l *AuditLogger) Sign(ctx context.Context, addr common.MixedcaseAddress, da return b, e } -func (l *AuditLogger) EcRecover(ctx context.Context, data, sig hexutil.Bytes) (common.Address, error) { - l.log.Info("EcRecover", "type", "request", "metadata", MetadataFromContext(ctx).String(), - "data", common.Bytes2Hex(data)) - a, e := l.api.EcRecover(ctx, data, sig) - l.log.Info("EcRecover", "type", "response", "addr", a.String(), "error", e) - return a, e -} - func (l *AuditLogger) Export(ctx context.Context, addr common.Address) (json.RawMessage, error) { l.log.Info("Export", "type", "request", "metadata", MetadataFromContext(ctx).String(), "addr", addr.Hex()) @@ -89,14 +80,14 @@ func (l *AuditLogger) Export(ctx context.Context, addr common.Address) (json.Raw return j, e } -func (l *AuditLogger) Import(ctx context.Context, keyJSON json.RawMessage) (Account, error) { - // Don't actually log the json contents - l.log.Info("Import", "type", "request", "metadata", MetadataFromContext(ctx).String(), - "keyJSON size", len(keyJSON)) - a, e := l.api.Import(ctx, keyJSON) - l.log.Info("Import", "type", "response", "addr", a.String(), "error", e) - return a, e -} +//func (l *AuditLogger) Import(ctx context.Context, keyJSON json.RawMessage) (Account, error) { +// // Don't actually log the json contents +// l.log.Info("Import", "type", "request", "metadata", MetadataFromContext(ctx).String(), +// "keyJSON size", len(keyJSON)) +// a, e := l.api.Import(ctx, keyJSON) +// l.log.Info("Import", "type", "response", "addr", a.String(), "error", e) +// return a, e +//} func NewAuditLogger(path string, api ExternalAPI) (*AuditLogger, error) { l := log.New("api", "signer") |