From 7f0fe4403fc5b21a7d206e98661d89ae08a3a693 Mon Sep 17 00:00:00 2001
From: Randall Meyer <rrm@apache.org>
Date: Tue, 29 Jun 2021 10:42:51 -0700
Subject: [PATCH] Make it slightly harder to dump private keys to logs

Change the debug tag for logging secerts so that "ssl" doesn't
also include sensitive data (like private keys)
---
 iocore/net/SSLSecret.cc | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/iocore/net/SSLSecret.cc b/iocore/net/SSLSecret.cc
index ebcd355a900..f58ed696b26 100644
--- a/iocore/net/SSLSecret.cc
+++ b/iocore/net/SSLSecret.cc
@@ -81,7 +81,7 @@ SSLSecret::setSecret(const std::string &name, const char *data, int data_len)
     return false;
   }
   iter->second.assign(data, data_len);
-  Debug("ssl_secret", "Set secret=%10.s... to %*.s", name.c_str(), static_cast<int>(iter->second.size()), iter->second.data());
+  Debug("secret_ssl", "Set secret=%10.s... to %*.s", name.c_str(), static_cast<int>(iter->second.size()), iter->second.data());
   return true;
 }
 
@@ -100,7 +100,7 @@ SSLSecret::getSecret(const std::string &name, std::string_view &data) const
 {
   const std::string *data_item = this->getSecretItem(name);
   if (data_item) {
-    Debug("ssl_secret", "Get secret=%10.s...  %s(%zd)", name.c_str(), data_item->data(), data_item->length());
+    Debug("secret_ssl", "Get secret=%10.s...  %s(%zd)", name.c_str(), data_item->data(), data_item->length());
     data = *data_item;
   } else {
     data = std::string_view{};