summaryrefslogtreecommitdiffstats
path: root/src/lib/process/redact_config.h
blob: a0d1d0a33e673e9925841d2e462678567d577dbb (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
// Copyright (C) 2021 Internet Systems Consortium, Inc. ("ISC")
//
// This Source Code Form is subject to the terms of the Mozilla Public
// License, v. 2.0. If a copy of the MPL was not distributed with this
// file, You can obtain one at http://mozilla.org/MPL/2.0/.

#ifndef REDACT_CONFIG_H
#define REDACT_CONFIG_H

#include <cc/data.h>
#include <list>

namespace isc {
namespace process {

/// @brief Redact a configuration.
///
/// This method walks on the configuration tree:
///  - it copies only subtrees where a change was done.
///  - it replaces passwords and secrets by asterisks.
///  - it skips user context.
///  - if a not empty list of keywords is given it follows only them.
///
/// @param element initially the Element tree structure that describe the
/// configuration and smaller subtrees in recursive calls.
/// @param json_path JSON path to redact
///
/// @return a copy of the config where passwords and secrets were replaced by
/// asterisks so it can be safely logged to an unprivileged place.
isc::data::ConstElementPtr
redactConfig(isc::data::ConstElementPtr const& element,
             std::list<std::string> const& json_path = {"*"});

} // namespace process
} // namespace isc

#endif // REDACT_CONFIG_H