Mask vncPasswd being logged in agent.log (apache#12404)

sudo87 · Locharla, Sandeep · commit aa7624a6dea5 · 2026-02-06T12:38:44.000+05:30
diff --git a/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtMigrateCommandWrapper.java b/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtMigrateCommandWrapper.java
@@ -163,7 +163,7 @@ Use VIR_DOMAIN_XML_SECURE (value = 1) prior to v1.0.0.
             final String target = command.getDestinationIp();
             xmlDesc = dm.getXMLDesc(xmlFlag);
             if (logger.isDebugEnabled()) {
-                logger.debug(String.format("VM [%s] with XML configuration [%s] will be migrated to host [%s].", vmName, xmlDesc, target));
+                logger.debug("VM {} with XML configuration {} will be migrated to host {}.", vmName, maskSensitiveInfoInXML(xmlDesc), target);
             }
 
             // Limit the VNC password in case the length is greater than 8 characters
@@ -178,7 +178,7 @@ Use VIR_DOMAIN_XML_SECURE (value = 1) prior to v1.0.0.
                 logger.debug(String.format("Editing mount path of ISO from %s to %s", oldIsoVolumePath, newIsoVolumePath));
                 xmlDesc = replaceDiskSourceFile(xmlDesc, newIsoVolumePath, vmName);
                 if (logger.isDebugEnabled()) {
-                    logger.debug(String.format("Replaced disk mount point [%s] with [%s] in Instance [%s] XML configuration. New XML configuration is [%s].", oldIsoVolumePath, newIsoVolumePath, vmName, xmlDesc));
+                    logger.debug("Replaced disk mount point {} with {} in Instance {} XML configuration. New XML configuration is {}.", oldIsoVolumePath, newIsoVolumePath, vmName, maskSensitiveInfoInXML(xmlDesc));
                 }
             }
 
@@ -209,23 +209,23 @@ Use VIR_DOMAIN_XML_SECURE (value = 1) prior to v1.0.0.
 
             if (migrateStorage) {
                 if (logger.isDebugEnabled()) {
-                    logger.debug(String.format("Changing VM [%s] volumes during migration to host: [%s].", vmName, target));
+                    logger.debug("Changing VM {} volumes during migration to host: {}.", vmName, target);
                 }
                 xmlDesc = replaceStorage(xmlDesc, mapMigrateStorage, migrateStorageManaged);
                 if (logger.isDebugEnabled()) {
-                    logger.debug(String.format("Changed VM [%s] XML configuration of used storage. New XML configuration is [%s].", vmName, xmlDesc));
+                    logger.debug("Changed VM {} XML configuration of used storage. New XML configuration is {}.", vmName, maskSensitiveInfoInXML(xmlDesc));
                 }
                 migrateDiskLabels = getMigrateStorageDeviceLabels(disks, mapMigrateStorage);
             }
 
             Map<String, DpdkTO> dpdkPortsMapping = command.getDpdkInterfaceMapping();
             if (MapUtils.isNotEmpty(dpdkPortsMapping)) {
                 if (logger.isTraceEnabled()) {
-                    logger.trace(String.format("Changing VM [%s] DPDK interfaces during migration to host: [%s].", vmName, target));
+                    logger.trace("Changing VM {} DPDK interfaces during migration to host: {}.", vmName, target);
                 }
                 xmlDesc = replaceDpdkInterfaces(xmlDesc, dpdkPortsMapping);
                 if (logger.isDebugEnabled()) {
-                    logger.debug(String.format("Changed VM [%s] XML configuration of DPDK interfaces. New XML configuration is [%s].", vmName, xmlDesc));
+                    logger.debug("Changed VM {} XML configuration of DPDK interfaces. New XML configuration is {}.", vmName, maskSensitiveInfoInXML(xmlDesc));
                 }
             }
 
@@ -240,7 +240,7 @@ Use VIR_DOMAIN_XML_SECURE (value = 1) prior to v1.0.0.
             }
 
             //run migration in thread so we can monitor it
-            logger.info(String.format("Starting live migration of instance [%s] to destination host [%s] having the final XML configuration: [%s].", vmName, dconn.getURI(), xmlDesc));
+            logger.info("Starting live migration of instance {} to destination host {} having the final XML configuration: {}.", vmName, dconn.getURI(), maskSensitiveInfoInXML(xmlDesc));
             final ExecutorService executor = Executors.newFixedThreadPool(1);
             boolean migrateNonSharedInc = command.isMigrateNonSharedInc() && !migrateStorageManaged;
 
@@ -715,9 +715,7 @@ String replaceIpForVNCInDescFileAndNormalizePassword(String xmlDesc, final Strin
                     graphElem = graphElem.replaceAll("passwd='([^\\s]+)'", "passwd='" + vncPassword + "'");
                 }
                 xmlDesc = xmlDesc.replaceAll(GRAPHICS_ELEM_START + CONTENTS_WILDCARD + GRAPHICS_ELEM_END, graphElem);
-                if (logger.isDebugEnabled()) {
-                    logger.debug(String.format("Replaced the VNC IP address [%s] with [%s] in VM [%s].", originalGraphElem, graphElem, vmName));
-                }
+                logger.debug("Replaced the VNC IP address {} with {} in VM {}.", maskSensitiveInfoInXML(originalGraphElem), maskSensitiveInfoInXML(graphElem), vmName);
             }
         }
         return xmlDesc;
@@ -1036,4 +1034,10 @@ private boolean findSourceNode(Document doc, Node diskNode, String vmName, Strin
         }
         return false;
     }
+
+    public static String maskSensitiveInfoInXML(String xmlDesc) {
+        if (xmlDesc == null) return null;
+        return xmlDesc.replaceAll("(graphics\\s+[^>]*type=['\"]vnc['\"][^>]*passwd=['\"])([^'\"]*)(['\"])",
+                "$1*****$3");
+    }
 }
diff --git a/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtStartCommandWrapper.java b/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtStartCommandWrapper.java
@@ -84,8 +84,9 @@ public Answer execute(final StartCommand command, final LibvirtComputingResource
             }
 
             libvirtComputingResource.createVifs(vmSpec, vm);
-
-            logger.debug("starting " + vmName + ": " + vm.toString());
+            if (logger.isDebugEnabled()) {
+                logger.debug("Starting {} : {}", vmName, LibvirtMigrateCommandWrapper.maskSensitiveInfoInXML(vm.toString()));
+            }
             String vmInitialSpecification = vm.toString();
             String vmFinalSpecification = performXmlTransformHook(vmInitialSpecification, libvirtComputingResource);
             libvirtComputingResource.startVM(conn, vmName, vmFinalSpecification);

Original file line number	Diff line number	Diff line change
`@@ -163,7 +163,7 @@ Use VIR_DOMAIN_XML_SECURE (value = 1) prior to v1.0.0.`
`163`	`163`	`final String target = command.getDestinationIp();`
`164`	`164`	`xmlDesc = dm.getXMLDesc(xmlFlag);`
`165`	`165`	`if (logger.isDebugEnabled()) {`
`166`		`- logger.debug(String.format("VM [%s] with XML configuration [%s] will be migrated to host [%s].", vmName, xmlDesc, target));`
	`166`	`+ logger.debug("VM {} with XML configuration {} will be migrated to host {}.", vmName, maskSensitiveInfoInXML(xmlDesc), target);`
`167`	`167`	`}`
`168`	`168`
`169`	`169`	`// Limit the VNC password in case the length is greater than 8 characters`
`@@ -178,7 +178,7 @@ Use VIR_DOMAIN_XML_SECURE (value = 1) prior to v1.0.0.`
`178`	`178`	`logger.debug(String.format("Editing mount path of ISO from %s to %s", oldIsoVolumePath, newIsoVolumePath));`
`179`	`179`	`xmlDesc = replaceDiskSourceFile(xmlDesc, newIsoVolumePath, vmName);`
`180`	`180`	`if (logger.isDebugEnabled()) {`
`181`		`- logger.debug(String.format("Replaced disk mount point [%s] with [%s] in Instance [%s] XML configuration. New XML configuration is [%s].", oldIsoVolumePath, newIsoVolumePath, vmName, xmlDesc));`
	`181`	`+ logger.debug("Replaced disk mount point {} with {} in Instance {} XML configuration. New XML configuration is {}.", oldIsoVolumePath, newIsoVolumePath, vmName, maskSensitiveInfoInXML(xmlDesc));`
`182`	`182`	`}`
`183`	`183`	`}`
`184`	`184`
`@@ -209,23 +209,23 @@ Use VIR_DOMAIN_XML_SECURE (value = 1) prior to v1.0.0.`
`209`	`209`
`210`	`210`	`if (migrateStorage) {`
`211`	`211`	`if (logger.isDebugEnabled()) {`
`212`		`- logger.debug(String.format("Changing VM [%s] volumes during migration to host: [%s].", vmName, target));`
	`212`	`+ logger.debug("Changing VM {} volumes during migration to host: {}.", vmName, target);`
`213`	`213`	`}`
`214`	`214`	`xmlDesc = replaceStorage(xmlDesc, mapMigrateStorage, migrateStorageManaged);`
`215`	`215`	`if (logger.isDebugEnabled()) {`
`216`		`- logger.debug(String.format("Changed VM [%s] XML configuration of used storage. New XML configuration is [%s].", vmName, xmlDesc));`
	`216`	`+ logger.debug("Changed VM {} XML configuration of used storage. New XML configuration is {}.", vmName, maskSensitiveInfoInXML(xmlDesc));`
`217`	`217`	`}`
`218`	`218`	`migrateDiskLabels = getMigrateStorageDeviceLabels(disks, mapMigrateStorage);`
`219`	`219`	`}`
`220`	`220`
`221`	`221`	`Map<String, DpdkTO> dpdkPortsMapping = command.getDpdkInterfaceMapping();`
`222`	`222`	`if (MapUtils.isNotEmpty(dpdkPortsMapping)) {`
`223`	`223`	`if (logger.isTraceEnabled()) {`
`224`		`- logger.trace(String.format("Changing VM [%s] DPDK interfaces during migration to host: [%s].", vmName, target));`
	`224`	`+ logger.trace("Changing VM {} DPDK interfaces during migration to host: {}.", vmName, target);`
`225`	`225`	`}`
`226`	`226`	`xmlDesc = replaceDpdkInterfaces(xmlDesc, dpdkPortsMapping);`
`227`	`227`	`if (logger.isDebugEnabled()) {`
`228`		`- logger.debug(String.format("Changed VM [%s] XML configuration of DPDK interfaces. New XML configuration is [%s].", vmName, xmlDesc));`
	`228`	`+ logger.debug("Changed VM {} XML configuration of DPDK interfaces. New XML configuration is {}.", vmName, maskSensitiveInfoInXML(xmlDesc));`
`229`	`229`	`}`
`230`	`230`	`}`
`231`	`231`
`@@ -240,7 +240,7 @@ Use VIR_DOMAIN_XML_SECURE (value = 1) prior to v1.0.0.`
`240`	`240`	`}`
`241`	`241`
`242`	`242`	`//run migration in thread so we can monitor it`
`243`		`- logger.info(String.format("Starting live migration of instance [%s] to destination host [%s] having the final XML configuration: [%s].", vmName, dconn.getURI(), xmlDesc));`
	`243`	`+ logger.info("Starting live migration of instance {} to destination host {} having the final XML configuration: {}.", vmName, dconn.getURI(), maskSensitiveInfoInXML(xmlDesc));`
`244`	`244`	`final ExecutorService executor = Executors.newFixedThreadPool(1);`
`245`	`245`	`boolean migrateNonSharedInc = command.isMigrateNonSharedInc() && !migrateStorageManaged;`
`246`	`246`
`@@ -715,9 +715,7 @@ String replaceIpForVNCInDescFileAndNormalizePassword(String xmlDesc, final Strin`
`715`	`715`	`graphElem = graphElem.replaceAll("passwd='([^\\s]+)'", "passwd='" + vncPassword + "'");`
`716`	`716`	`}`
`717`	`717`	`xmlDesc = xmlDesc.replaceAll(GRAPHICS_ELEM_START + CONTENTS_WILDCARD + GRAPHICS_ELEM_END, graphElem);`
`718`		`- if (logger.isDebugEnabled()) {`
`719`		`- logger.debug(String.format("Replaced the VNC IP address [%s] with [%s] in VM [%s].", originalGraphElem, graphElem, vmName));`
`720`		`- }`
	`718`	`+ logger.debug("Replaced the VNC IP address {} with {} in VM {}.", maskSensitiveInfoInXML(originalGraphElem), maskSensitiveInfoInXML(graphElem), vmName);`
`721`	`719`	`}`
`722`	`720`	`}`
`723`	`721`	`return xmlDesc;`
`@@ -1036,4 +1034,10 @@ private boolean findSourceNode(Document doc, Node diskNode, String vmName, Strin`
`1036`	`1034`	`}`
`1037`	`1035`	`return false;`
`1038`	`1036`	`}`
	`1037`	`+`
	`1038`	`+ public static String maskSensitiveInfoInXML(String xmlDesc) {`
	`1039`	`+ if (xmlDesc == null) return null;`
	`1040`	`+ return xmlDesc.replaceAll("(graphics\\s+[^>]type=['\"]vnc['\"][^>]passwd=['\"])([^'\"]*)(['\"])",`
	`1041`	`+ "$1*****$3");`
	`1042`	`+ }`
`1039`	`1043`	`}`