TestMaskSecretKeys: add more test-cases

Add tests for

- case-insensitive matching of fields
- recursive masking

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit db5f811216e70bcb4a10e477c1558d6c68f618c5)
Signed-off-by: Tibor Vass <tibor@docker.com>
(cherry picked from commit 18dac2cf32faeaada3bd4e8e2bffa576ad4329fe)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Origin: upstream, https://github.com/docker/engine/pull/298

Gbp-Pq: Name cve-2019-13509-01-TestMaskSecretKeys-add-more-test-cases.patch

diff --git a/engine/api/server/middleware/debug_test.go b/engine/api/server/middleware/debug_test.go
index a64b73e0d718b2b59efc8cf63bd77d0b181af834..3d78d7e08450341fa025fe2a58067cdc3782dcc7 100644 (file)
--- a/engine/api/server/middleware/debug_test.go
+++ b/engine/api/server/middleware/debug_test.go
@@ -23,7 +23,6 @@ func TestMaskSecretKeys(t *testing.T) {
                        input:    map[string]interface{}{"Data": "foo", "Name": "name", "Labels": map[string]interface{}{}},
                        expected: map[string]interface{}{"Data": "*****", "Name": "name", "Labels": map[string]interface{}{}},
                },
-
                {
                        path:     "/secrets/create?key=val",
                        input:    map[string]interface{}{"Data": "foo", "Name": "name", "Labels": map[string]interface{}{}},
@@ -32,8 +31,13 @@ func TestMaskSecretKeys(t *testing.T) {
                {
                        path: "/v1.30/some/other/path",
                        input: map[string]interface{}{
-                               "password": "pass",
+                               "password":     "pass",
+                               "secret":       "secret",
+                               "jointoken":    "jointoken",
+                               "unlockkey":    "unlockkey",
+                               "signingcakey": "signingcakey",
                                "other": map[string]interface{}{
+                                       "password":     "pass",
                                        "secret":       "secret",
                                        "jointoken":    "jointoken",
                                        "unlockkey":    "unlockkey",
@@ -41,8 +45,13 @@ func TestMaskSecretKeys(t *testing.T) {
                                },
                        },
                        expected: map[string]interface{}{
-                               "password": "*****",
+                               "password":     "*****",
+                               "secret":       "*****",
+                               "jointoken":    "*****",
+                               "unlockkey":    "*****",
+                               "signingcakey": "*****",
                                "other": map[string]interface{}{
+                                       "password":     "*****",
                                        "secret":       "*****",
                                        "jointoken":    "*****",
                                        "unlockkey":    "*****",
@@ -50,6 +59,21 @@ func TestMaskSecretKeys(t *testing.T) {
                                },
                        },
                },
+               {
+                       path: "/v1.30/some/other/path",
+                       input: map[string]interface{}{
+                               "PASSWORD": "pass",
+                               "other": map[string]interface{}{
+                                       "PASSWORD": "pass",
+                               },
+                       },
+                       expected: map[string]interface{}{
+                               "PASSWORD": "*****",
+                               "other": map[string]interface{}{
+                                       "PASSWORD": "*****",
+                               },
+                       },
+               },
        }
 
        for _, testcase := range tests {