From a7e67a6ce2c025fb058c9c9620a10ac453607542 Mon Sep 17 00:00:00 2001
From: Johannes Schlichenmaier <johannes@schlichenmaier.info>
Date: Thu, 26 Oct 2017 23:13:37 +0200
Subject: [PATCH 1/2] Added additional methods for removal of sensitive info

Signed-off-by: Johannes Schlichenmaier <johannes@schlichenmaier.info>
---
 lib/private/Log.php | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/lib/private/Log.php b/lib/private/Log.php
index d93b29414e6b3..6da23bfbaeea6 100644
--- a/lib/private/Log.php
+++ b/lib/private/Log.php
@@ -69,6 +69,8 @@ class Log implements ILogger {
 		'loginWithPassword',
 		'updatePrivateKeyPassword',
 		'validateUserPass',
+		'loginWithToken',
+		'\{closure\}',
 
 		// TokenProvider
 		'getToken',
@@ -96,6 +98,10 @@ class Log implements ILogger {
 		'bind',
 		'areCredentialsValid',
 		'invokeLDAPMethod',
+
+		// Encryption
+		'storeKeyPair',
+		'setupUser',
 	];
 
 	/**

From 903d7fcd6a6866abb992610de311710e0ad4a48d Mon Sep 17 00:00:00 2001
From: Joas Schilling <coding@schilljs.com>
Date: Fri, 27 Oct 2017 11:46:20 +0200
Subject: [PATCH 2/2] Unit tests for #6977

Signed-off-by: Joas Schilling <coding@schilljs.com>
---
 tests/lib/LoggerTest.php | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)

diff --git a/tests/lib/LoggerTest.php b/tests/lib/LoggerTest.php
index da9cedc9f56d8..3a30bbd1d3b22 100644
--- a/tests/lib/LoggerTest.php
+++ b/tests/lib/LoggerTest.php
@@ -138,6 +138,32 @@ public function testDetecttryLogin($user, $password) {
 		}
 	}
 
+	/**
+	 * @dataProvider userAndPasswordData
+	 */
+	public function testDetectclosure($user, $password) {
+		$a = function($user, $password) {
+			throw new \Exception('test');
+		};
+
+		try {
+			$a($user, $password);
+		} catch (\Exception $e) {
+			$this->logger->logException($e);
+		}
+		$logLines = $this->getLogs();
+
+		foreach($logLines as $logLine) {
+			$log = explode('\n', $logLine);
+			unset($log[1]); // Remove `testDetectclosure(` because we are not testing this here, but the closure on stack trace 0
+			$logLine = implode('\n', $log);
+
+			$this->assertNotContains($user, $logLine);
+			$this->assertNotContains($password, $logLine);
+			$this->assertContains('{closure}(*** sensitive parameters replaced ***)', $logLine);
+		}
+	}
+
 	public function dataGetLogClass() {
 		return [
 			['file', \OC\Log\File::class],