----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/57431/#review168333 -----------------------------------------------------------
Any test changes? We probably can create a integrated/dunit test that would start a server with those ssl properties (including passwords) turned on, and have debug level truned on, and security truned on as well, and have gfsh connect to it using username and password, and see if any of the password show up in the logs. - Jinmei Liao On March 8, 2017, 8:58 p.m., Kevin Duling wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/57431/ > ----------------------------------------------------------- > > (Updated March 8, 2017, 8:58 p.m.) > > > Review request for geode, Jinmei Liao, Jared Stewart, Ken Howe, and Kirk Lund. > > > Repository: geode > > > Description > ------- > > GEODE-2633: When turning on fine logging, GEODE logs the keystore password in > clear text > > > Diffs > ----- > > geode-core/src/main/java/org/apache/geode/internal/net/SocketCreator.java > 742e7f3e93e595844675d0789b995e4ceb4431ac > > geode-core/src/main/java/org/apache/geode/internal/util/ArgumentRedactor.java > 419f3f976159e601c95a2042bafd96cc9fe9465f > > > Diff: https://reviews.apache.org/r/57431/diff/1/ > > > Testing > ------- > > precheckin running > > > Thanks, > > Kevin Duling > >