Passwords in Clear Text in Logfile #13550
Description
Server configuration
Nextcloud version: (see Nextcloud admin page)
Docker - nextcloud:15-fpm-alpine
Issue
I have setup a fresh installation using docker and apparently upon startup a network issue caused a timeout which was logged into the logfile. The trace inside the logfile contains several sensitive information in clear text as the database and admin password. I have replaced the actual data in the log output with CLEAR-TEXT-DATA.
Log Output
{
"reqId": "2fWonwmbiTI4kqliYH45",
"level": 1,
"time": "2019-01-12T21:05:42+00:00",
"remoteAddr": "x.x.x.x",
"user": "--",
"app": "appstoreFetcher",
"method": "POST",
"url": "\/index.php",
"message": {
"Exception": "GuzzleHttp\\Exception\\ConnectException",
"Message": "cURL error 28: Connection timed out after 10001 milliseconds (see http:\/\/curl.haxx.se\/libcurl\/c\/libcurl-errors.html)",
"Code": 0,
"Trace": [
{
"file": "\/var\/www\/html\/3rdparty\/guzzlehttp\/guzzle\/src\/Handler\/CurlFactory.php",
"line": 149,
"function": "createRejection",
"class": "GuzzleHttp\\Handler\\CurlFactory",
"type": "::",
"args": [
{
"sink": {
"__class__": "GuzzleHttp\\Psr7\\Stream"
},
"headers": [],
"response": null,
"request": {
"__class__": "GuzzleHttp\\Psr7\\Request"
},
"options": {
"verify": "\/var\/www\/html\/resources\/config\/ca-bundle.crt",
"timeout": 10,
"synchronous": true,
"handler": {
"__class__": "GuzzleHttp\\HandlerStack"
},
"allow_redirects": {
"max": 5,
"protocols": [
"http",
"https"
],
"strict": false,
"referer": false,
"track_redirects": false
},
"http_errors": true,
"decode_content": true,
"cookies": false
},
"errno": 28,
"onHeadersException": null,
"__class__": "GuzzleHttp\\Handler\\EasyHandle"
},
{
"errno": 28,
"error": "Connection timed out after 10001 milliseconds",
"url": "https:\/\/apps.nextcloud.com\/api\/v1\/platform\/15.0.2\/apps.json",
"content_type": null,
"http_code": 0,
"header_size": 0,
"request_size": 0,
"filetime": -1,
"ssl_verify_result": 0,
"redirect_count": 0,
"total_time": 10.001563,
"namelookup_time": 0.031685,
"connect_time": 0,
"pretransfer_time": 0,
"size_upload": 0,
"size_download": 0,
"speed_download": 0,
"speed_upload": 0,
"download_content_length": -1,
"upload_content_length": -1,
"starttransfer_time": 0,
"redirect_time": 0,
"redirect_url": "",
"primary_ip": "",
"certinfo": [],
"primary_port": 0,
"local_ip": "",
"local_port": 0
}
]
},
{
"file": "\/var\/www\/html\/3rdparty\/guzzlehttp\/guzzle\/src\/Handler\/CurlFactory.php",
"line": 102,
"function": "finishError",
"class": "GuzzleHttp\\Handler\\CurlFactory",
"type": "::",
"args": [
{
"__class__": "GuzzleHttp\\Handler\\CurlHandler"
},
{
"sink": {
"__class__": "GuzzleHttp\\Psr7\\Stream"
},
"headers": [],
"response": null,
"request": {
"__class__": "GuzzleHttp\\Psr7\\Request"
},
"options": {
"verify": "\/var\/www\/html\/resources\/config\/ca-bundle.crt",
"timeout": 10,
"synchronous": true,
"handler": {
"__class__": "GuzzleHttp\\HandlerStack"
},
"allow_redirects": {
"max": 5,
"protocols": [
"http",
"https"
],
"strict": false,
"referer": false,
"track_redirects": false
},
"http_errors": true,
"decode_content": true,
"cookies": false
},
"errno": 28,
"onHeadersException": null,
"__class__": "GuzzleHttp\\Handler\\EasyHandle"
},
{
"__class__": "GuzzleHttp\\Handler\\CurlFactory"
}
]
},
{
"file": "\/var\/www\/html\/3rdparty\/guzzlehttp\/guzzle\/src\/Handler\/CurlHandler.php",
"line": 43,
"function": "finish",
"class": "GuzzleHttp\\Handler\\CurlFactory",
"type": "::",
"args": [
{
"__class__": "GuzzleHttp\\Handler\\CurlHandler"
},
{
"sink": {
"__class__": "GuzzleHttp\\Psr7\\Stream"
},
"headers": [],
"response": null,
"request": {
"__class__": "GuzzleHttp\\Psr7\\Request"
},
"options": {
"verify": "\/var\/www\/html\/resources\/config\/ca-bundle.crt",
"timeout": 10,
"synchronous": true,
"handler": {
"__class__": "GuzzleHttp\\HandlerStack"
},
"allow_redirects": {
"max": 5,
"protocols": [
"http",
"https"
],
"strict": false,
"referer": false,
"track_redirects": false
},
"http_errors": true,
"decode_content": true,
"cookies": false
},
"errno": 28,
"onHeadersException": null,
"__class__": "GuzzleHttp\\Handler\\EasyHandle"
},
{
"__class__": "GuzzleHttp\\Handler\\CurlFactory"
}
]
},
{
"file": "\/var\/www\/html\/3rdparty\/guzzlehttp\/guzzle\/src\/Handler\/Proxy.php",
"line": 28,
"function": "__invoke",
"class": "GuzzleHttp\\Handler\\CurlHandler",
"type": "->",
"args": [
"*** sensitive parameter replaced ***",
"*** sensitive parameter replaced ***"
]
},
{
"file": "\/var\/www\/html\/3rdparty\/guzzlehttp\/guzzle\/src\/Handler\/Proxy.php",
"line": 51,
"function": "GuzzleHttp\\Handler\\{closure}",
"class": "GuzzleHttp\\Handler\\Proxy",
"type": "::",
"args": [
"*** sensitive parameters replaced ***"
]
},
{
"file": "\/var\/www\/html\/3rdparty\/guzzlehttp\/guzzle\/src\/PrepareBodyMiddleware.php",
"line": 37,
"function": "GuzzleHttp\\Handler\\{closure}",
"class": "GuzzleHttp\\Handler\\Proxy",
"type": "::",
"args": [
"*** sensitive parameters replaced ***"
]
},
{
"file": "\/var\/www\/html\/3rdparty\/guzzlehttp\/guzzle\/src\/Middleware.php",
"line": 30,
"function": "__invoke",
"class": "GuzzleHttp\\PrepareBodyMiddleware",
"type": "->",
"args": [
"*** sensitive parameter replaced ***",
"*** sensitive parameter replaced ***"
]
},
{
"file": "\/var\/www\/html\/3rdparty\/guzzlehttp\/guzzle\/src\/RedirectMiddleware.php",
"line": 70,
"function": "GuzzleHttp\\{closure}",
"class": "GuzzleHttp\\Middleware",
"type": "::",
"args": [
"*** sensitive parameters replaced ***"
]
},
{
"file": "\/var\/www\/html\/3rdparty\/guzzlehttp\/guzzle\/src\/Middleware.php",
"line": 60,
"function": "__invoke",
"class": "GuzzleHttp\\RedirectMiddleware",
"type": "->",
"args": [
"*** sensitive parameter replaced ***",
"*** sensitive parameter replaced ***"
]
},
{
"file": "\/var\/www\/html\/3rdparty\/guzzlehttp\/guzzle\/src\/HandlerStack.php",
"line": 67,
"function": "GuzzleHttp\\{closure}",
"class": "GuzzleHttp\\Middleware",
"type": "::",
"args": [
"*** sensitive parameters replaced ***"
]
},
{
"file": "\/var\/www\/html\/3rdparty\/guzzlehttp\/guzzle\/src\/Client.php",
"line": 277,
"function": "__invoke",
"class": "GuzzleHttp\\HandlerStack",
"type": "->",
"args": [
"*** sensitive parameter replaced ***",
"*** sensitive parameter replaced ***"
]
},
{
"file": "\/var\/www\/html\/3rdparty\/guzzlehttp\/guzzle\/src\/Client.php",
"line": 125,
"function": "transfer",
"class": "GuzzleHttp\\Client",
"type": "->",
"args": [
"*** sensitive parameter replaced ***",
"*** sensitive parameter replaced ***"
]
},
{
"file": "\/var\/www\/html\/3rdparty\/guzzlehttp\/guzzle\/src\/Client.php",
"line": 131,
"function": "requestAsync",
"class": "GuzzleHttp\\Client",
"type": "->",
"args": [
"get",
{
"__class__": "GuzzleHttp\\Psr7\\Uri"
},
{
"verify": "\/var\/www\/html\/resources\/config\/ca-bundle.crt",
"timeout": 10,
"synchronous": true,
"handler": {
"__class__": "GuzzleHttp\\HandlerStack"
},
"allow_redirects": {
"max": 5,
"protocols": [
"http",
"https"
],
"strict": false,
"referer": false,
"track_redirects": false
},
"http_errors": true,
"decode_content": true,
"cookies": false,
"_conditional": {
"User-Agent": "GuzzleHttp\/6.3.3 curl\/7.61.1 PHP\/7.2.14"
}
}
]
},
{
"file": "\/var\/www\/html\/lib\/private\/Http\/Client\/Client.php",
"line": 161,
"function": "request",
"class": "GuzzleHttp\\Client",
"type": "->",
"args": [
"get",
"https:\/\/apps.nextcloud.com\/api\/v1\/platform\/15.0.2\/apps.json",
{
"verify": "\/var\/www\/html\/resources\/config\/ca-bundle.crt",
"timeout": 10,
"synchronous": true
}
]
},
{
"file": "\/var\/www\/html\/lib\/private\/App\/AppStore\/Fetcher\/Fetcher.php",
"line": 106,
"function": "get",
"class": "OC\\Http\\Client\\Client",
"type": "->",
"args": [
"https:\/\/apps.nextcloud.com\/api\/v1\/platform\/15.0.2\/apps.json",
{
"timeout": 10
}
]
},
{
"file": "\/var\/www\/html\/lib\/private\/App\/AppStore\/Fetcher\/AppFetcher.php",
"line": 80,
"function": "fetch",
"class": "OC\\App\\AppStore\\Fetcher\\Fetcher",
"type": "->",
"args": [
"",
""
]
},
{
"file": "\/var\/www\/html\/lib\/private\/App\/AppStore\/Fetcher\/Fetcher.php",
"line": 170,
"function": "fetch",
"class": "OC\\App\\AppStore\\Fetcher\\AppFetcher",
"type": "->",
"args": [
"",
""
]
},
{
"file": "\/var\/www\/html\/lib\/private\/Installer.php",
"line": 199,
"function": "get",
"class": "OC\\App\\AppStore\\Fetcher\\Fetcher",
"type": "->",
"args": []
},
{
"file": "\/var\/www\/html\/lib\/private\/Installer.php",
"line": 480,
"function": "downloadApp",
"class": "OC\\Installer",
"type": "->",
"args": [
"bruteforcesettings"
]
},
{
"file": "\/var\/www\/html\/lib\/private\/Setup.php",
"line": 391,
"function": "installAppBundle",
"class": "OC\\Installer",
"type": "->",
"args": [
{
"__class__": "OC\\App\\AppStore\\Bundles\\CoreBundle"
}
]
},
{
"file": "\/var\/www\/html\/core\/Controller\/SetupController.php",
"line": 67,
"function": "install",
"class": "OC\\Setup",
"type": "->",
"args": [
{
"install": "true",
"adminlogin": "CLEAR-TEXT-DATA",
"adminpass": "CLEAR-TEXT-DATA",
"adminpass-clone": "CLEAR-TEXT-DATA",
"directory": "CLEAR-TEXT-DATA",
"dbtype": "CLEAR-TEXT-DATA",
"dbuser": "CLEAR-TEXT-DATA",
"dbpass": "CLEAR-TEXT-DATA",
"dbname": "CLEAR-TEXT-DATA",
"dbhost": "CLEAR-TEXT-DATA",
"dbIsSet": true,
"directoryIsSet": true
}
]
},
{
"file": "\/var\/www\/html\/lib\/base.php",
"line": 925,
"function": "run",
"class": "OC\\Core\\Controller\\SetupController",
"type": "->",
"args": [
{
"install": "true",
"adminlogin": "CLEAR-TEXT-DATA",
"adminpass": "CLEAR-TEXT-DATA",
"adminpass-clone": "CLEAR-TEXT-DATA",
"directory": "CLEAR-TEXT-DATA",
"dbtype": "CLEAR-TEXT-DATA",
"dbuser": "CLEAR-TEXT-DATA",
"dbpass": "CLEAR-TEXT-DATA",
"dbname": "CLEAR-TEXT-DATA",
"dbhost": "CLEAR-TEXT-DATA",
"dbIsSet": true,
"directoryIsSet": true
}
]
},
{
"file": "\/var\/www\/html\/index.php",
"line": 42,
"function": "handleRequest",
"class": "OC",
"type": "::",
"args": []
}
],
"File": "\/var\/www\/html\/3rdparty\/guzzlehttp\/guzzle\/src\/Handler\/CurlFactory.php",
"Line": 185,
"CustomMessage": "Could not connect to appstore"
},
"userAgent": "Mozilla\/5.0 (X11; Fedora; Linux x86_64; rv:60.0) Gecko\/20100101 Firefox\/60.0",
"version": "15.0.2.0"
}