diff --git a/src/DIRAC/Resources/LogFilters/SensitiveDataFilter.py b/src/DIRAC/Resources/LogFilters/SensitiveDataFilter.py index 8240c24b88c..eed05e10ec3 100644 --- a/src/DIRAC/Resources/LogFilters/SensitiveDataFilter.py +++ b/src/DIRAC/Resources/LogFilters/SensitiveDataFilter.py @@ -43,6 +43,7 @@ def __filter(self, record): # a list of sensitive words to replace sensitiveData = [ r"-----BEGIN CERTIFICATE-----.*?-----END CERTIFICATE-----", + r"-----BEGIN PRIVATE KEY-----.*?-----END PRIVATE KEY-----", ] # record.args can be a tuple diff --git a/src/DIRAC/Resources/LogFilters/test/Test_LogFilter.py b/src/DIRAC/Resources/LogFilters/test/Test_LogFilter.py index 748b4f27791..4cebee7da2a 100644 --- a/src/DIRAC/Resources/LogFilters/test/Test_LogFilter.py +++ b/src/DIRAC/Resources/LogFilters/test/Test_LogFilter.py @@ -93,6 +93,14 @@ def test_pf(pf, record, result): ("blablabla ***REDACTED*** blablabla", "Variable message"), # should not display the certificate ), + ( + ( + "blablabla -----BEGIN PRIVATE KEY-----\n12345\n45678\n-----END PRIVATE KEY----- blablabla", + "Variable message", + ), + ("blablabla ***REDACTED*** blablabla", "Variable message"), + # should not display the certificate + ), ((5, ""), ("5", "")), # special case (("", 5), ("", "5")), # special case (({"ce": "test"}, ""), ("{'ce': 'test'}", "")), # special case