From 53151a67bf7f05d1cd66e4e9c19c4b507488b393 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcel=20M=C3=A4rtens?= Date: Sat, 27 May 2023 14:17:00 +0200 Subject: [PATCH] remove the complete ip address from the logs in case they are gonna made public. First we though about hashing it together with the username, but we dont have the username. hope that removing 50% of the information is enough to identify 2 addresses as equal or different without knowing the exact address --- network/src/channel.rs | 25 +++++++++++++++++++++++-- 1 file changed, 23 insertions(+), 2 deletions(-) diff --git a/network/src/channel.rs b/network/src/channel.rs index e366432e87..8431eab186 100644 --- a/network/src/channel.rs +++ b/network/src/channel.rs @@ -67,6 +67,23 @@ pub(crate) type C2cMpscConnect = ( ); pub(crate) type C2sProtocol = (Protocols, ConnectAddr, Cid); +fn anonymize_addr(addr: &SocketAddr) -> String { + use std::net::IpAddr; + match addr.ip() { + IpAddr::V4(ip) => { + let [o0, _, o2, _] = ip.octets(); + format!("{o0}.xxx.{o2}.xxx:{}", addr.port()) + }, + IpAddr::V6(ip) => { + let [s0, s1, _, _, s4, s5, _, _] = ip.segments(); + format!( + "[{s0:04x}:{s1:04x}:xxxx:xxxx:{s4:04x}:{s5:04x}:xxxx:xxxx]:{}", + addr.port() + ) + }, + } +} + impl Protocols { const MPSC_CHANNEL_BOUND: usize = 1000; @@ -131,7 +148,11 @@ impl Protocols { ); } let cid = cids.fetch_add(1, Ordering::Relaxed); - info!(?remote_addr, ?cid, "Accepting Tcp from"); + info!( + remote_addr = anonymize_addr(&remote_addr), + ?cid, + "Accepting Tcp from" + ); let metrics = ProtocolMetricCache::new(&cid.to_string(), Arc::clone(&metrics)); let _ = c2s_protocol_s.send(( Self::new_tcp(stream, metrics.clone()), @@ -295,7 +316,7 @@ impl Protocols { next = listener.next().fuse() => Some(next), _ = &mut end_receiver => None, } { - let remote_addr = connecting.remote_address(); + let remote_addr = anonymize_addr(&connecting.remote_address()); let connection = match connecting.await { Ok(c) => c, Err(e) => {