Commit 7aacc6e3 authored by Nick Mathewson's avatar Nick Mathewson 🦀
Browse files

Implement a safe-logging facility. 

This is a rough first-cut of an API that I think might help us with
keeping limited categories of sensitive information out of our logs.
I'll refine it based on experiences with using it.
parent de2b2364

Cargo.lock

+66 −0
Original line number Diff line number Diff line
@@ -1158,6 +1158,12 @@ version = "0.7.0" 
source = "registry+https://github.com/rust-lang/crates.io-index"

checksum = "c1d53499e94f9a7828e63c574adf62bcade7f358c3738f9ea70d7c2edb61023d"



[[package]]

name = "fluid-let"

version = "1.0.0"

source = "registry+https://github.com/rust-lang/crates.io-index"

checksum = "749cff877dc1af878a0b31a41dd221a753634401ea0ef2f87b62d3171522485a"



[[package]]

name = "fnv"

version = "1.0.7"
@@ -2353,6 +2359,30 @@ version = "0.2.16" 
source = "registry+https://github.com/rust-lang/crates.io-index"

checksum = "eb9f9e6e233e5c4a35559a617bf40a4ec447db2e84c20b55a6f83167b7e57872"



[[package]]

name = "proc-macro-error"

version = "1.0.4"

source = "registry+https://github.com/rust-lang/crates.io-index"

checksum = "da25490ff9892aab3fcf7c36f08cfb902dd3e71ca0f9f9517bea02a73a5ce38c"

dependencies = [

 "proc-macro-error-attr",

 "proc-macro2",

 "quote",

 "syn",

 "version_check",

]



[[package]]

name = "proc-macro-error-attr"

version = "1.0.4"

source = "registry+https://github.com/rust-lang/crates.io-index"

checksum = "a1be40180e52ecc98ad80b184934baf3d0d29f979574e439af5a55274b35f869"

dependencies = [

 "proc-macro2",

 "quote",

 "version_check",

]



[[package]]

name = "proc-macro-hack"

version = "0.5.19"
@@ -2653,6 +2683,18 @@ version = "1.0.9" 
source = "registry+https://github.com/rust-lang/crates.io-index"

checksum = "73b4b750c782965c211b42f022f59af1fbceabdd026623714f104152f1ec149f"



[[package]]

name = "safelog"

version = "0.2.0"

dependencies = [

 "educe",

 "fluid-let",

 "serde",

 "serial_test",

 "static_assertions",

 "thiserror",

]



[[package]]

name = "same-file"

version = "1.0.6"
@@ -2767,6 +2809,30 @@ dependencies = [ 
 "serde",

]



[[package]]

name = "serial_test"

version = "0.6.0"

source = "registry+https://github.com/rust-lang/crates.io-index"

checksum = "e5bcc41d18f7a1d50525d080fd3e953be87c4f9f1a974f3c21798ca00d54ec15"

dependencies = [

 "lazy_static",

 "parking_lot 0.11.2",

 "serial_test_derive",

]



[[package]]

name = "serial_test_derive"

version = "0.6.0"

source = "registry+https://github.com/rust-lang/crates.io-index"

checksum = "2881bccd7d60fb32dfa3d7b3136385312f8ad75e2674aab2852867a09790cae8"

dependencies = [

 "proc-macro-error",

 "proc-macro2",

 "quote",

 "rustversion",

 "syn",

]



[[package]]

name = "sha-1"

version = "0.10.0"

Cargo.toml

+1 −0
Original line number Diff line number Diff line
@@ -9,6 +9,7 @@ members = [ 
    "crates/tor-basic-utils",

    "crates/caret",

    "crates/fs-mistrust",

    "crates/safelog",

    "crates/retry-error",

    "crates/tor-error",

    "crates/tor-config",

crates/safelog/Cargo.toml

0 → 100644
+26 −0
Original line number Diff line number Diff line 
[package]

name = "safelog"

version = "0.2.0"

authors = ["The Tor Project, Inc.", "Nick Mathewson <nickm@torproject.org>"]

edition = "2021"

rust-version = "1.56"

license = "MIT OR Apache-2.0"

homepage = "https://gitlab.torproject.org/tpo/core/arti/-/wikis/home"

description = "Conditionally suppress confidential information from logs"

keywords = ["tor", "arti", "logging", "privacy"]

# We must put *something* here and this will do

categories = ["rust-patterns"]

repository = "https://gitlab.torproject.org/tpo/core/arti.git/"



[features]

default = []



[dependencies]

educe = "0.4.6"

thiserror = "1"

fluid-let = "1"

serde = { version = "1.0.103", optional = true, features = ["derive"] }



[dev-dependencies]

serial_test = "0.6"

static_assertions = "1"

crates/safelog/README.md

0 → 100644
+1 −0
Original line number Diff line number Diff line 
Temporary file, to be replaced.

crates/safelog/src/err.rs

0 → 100644
+24 −0
Original line number Diff line number Diff line 
//! Declare an error type.



/// An error returned when attempting to enforce or disable safe logging.

#[derive(Clone, Debug, thiserror::Error)]

#[non_exhaustive]

pub enum Error {

    /// Tried to call [`disable_safe_logging`](crate::disable_safe_logging), but

    /// `enforce_safe_logging` was already called.

    #[error("Cannot enable unsafe logging: safe logging is already enforced.")]

    AlreadySafe,



    /// Tried to call [`enforce_safe_logging`](crate::enforce_safe_logging), but

    /// `disable_safe_logging` was already called.

    #[error("Cannot enforce safe logging: unsafe logging is already enabled.")]

    AlreadyUnsafe,



    /// One of the `enable`/`disable` functions was called so many times that we

    /// could not keep count of how many guards there were.

    ///

    /// This should generally be impossible, and probably represents an error in

    /// your program.

    #[error("Too many calls to enforce or disable safe logging.")]

    Overflow,

}