From c08d466be03805222b53b5465f4103368dc6f706 Mon Sep 17 00:00:00 2001 From: Luckydonald <2737108+luckydonald@users.noreply.github.com> Date: Tue, 15 Dec 2020 17:43:20 +0100 Subject: [PATCH] Stats: hide sensible data (#24) Adds the --stats-hide-sensible-data flag (Docker: $TELEGRAM_STAT_HIDE_SENSIBLE_DATA=1), removing the bot token and the webhook url from the stats endpoint. --- README.md | 3 +++ docker-entrypoint.sh | 3 +++ telegram-bot-api/ClientManager.cpp | 14 +++++++++++--- telegram-bot-api/ClientParameters.h | 1 + telegram-bot-api/telegram-bot-api.cpp | 2 ++ 5 files changed, 20 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index f6e6a52..f2125c7 100644 --- a/README.md +++ b/README.md @@ -107,6 +107,9 @@ Allow http connection in non-local mode ##### Flag `--max-batch-operations=` maximum number of batch operations (default 10000) +##### Executable parameter `--stats-hide-sensible-data` +Makes the stats page (if enabled) hide the bot token and the webhook url to no leak user secrets, when served publicly. + #### Existing Command Line Parameters Which are not properly documented, so they are written down here. diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh index 6470b67..3a46051 100755 --- a/docker-entrypoint.sh +++ b/docker-entrypoint.sh @@ -19,6 +19,9 @@ CUSTOM_ARGS="" if [ -n "$TELEGRAM_STAT" ]; then CUSTOM_ARGS="${CUSTOM_ARGS} --http-stat-port=8082" fi +if [ -n "$TELEGRAM_STAT_HIDE_SENSIBLE_DATA" ]; then + CUSTOM_ARGS="${CUSTOM_ARGS} --stats-hide-sensible-data" +fi if [ -n "$TELEGRAM_FILTER" ]; then CUSTOM_ARGS="${CUSTOM_ARGS} --filter=$TELEGRAM_FILTER" fi diff --git a/telegram-bot-api/ClientManager.cpp b/telegram-bot-api/ClientManager.cpp index ee2e3d0..18daacc 100644 --- a/telegram-bot-api/ClientManager.cpp +++ b/telegram-bot-api/ClientManager.cpp @@ -1,5 +1,5 @@ // -// Copyright Aliaksei Levin (levlam@telegram.org), Arseny Smirnov (arseny30@gmail.com) 2014-2020 +// Copyright Aliaksei Levin (levlam@telegram.org), Arseny Smirnov (arseny30@gmail.com) 2014-2020, Luckydonald (tdlight-telegram-bot-api+code@luckydonald.de) 2020 // // Distributed under the Boost Software License, Version 1.0. (See accompanying // file LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt) @@ -289,9 +289,17 @@ void ClientManager::get_stats(td::PromiseActor promise, sb << "\n"; sb << "id\t" << bot_info.id_ << "\n"; sb << "uptime\t" << now - bot_info.start_time_ << "\n"; - sb << "token\t" << bot_info.token_ << "\n"; + if (!parameters_->stats_hide_sensible_data_) { + sb << "token\t" << bot_info.token_ << "\n"; + } sb << "username\t" << bot_info.username_ << "\n"; - sb << "webhook\t" << bot_info.webhook_ << "\n"; + if (!parameters_->stats_hide_sensible_data_) { + sb << "webhook\t" << bot_info.webhook_ << "\n"; + } else if (bot_info.webhook_.empty()) { + sb << "webhook disabled" << "\n"; + } else { + sb << "webhook enabled" << "\n"; + } sb << "has_custom_certificate\t" << bot_info.has_webhook_certificate_ << "\n"; sb << "head_update_id\t" << bot_info.head_update_id_ << "\n"; sb << "tail_update_id\t" << bot_info.tail_update_id_ << "\n"; diff --git a/telegram-bot-api/ClientParameters.h b/telegram-bot-api/ClientParameters.h index 72b2305..ec17e54 100644 --- a/telegram-bot-api/ClientParameters.h +++ b/telegram-bot-api/ClientParameters.h @@ -61,6 +61,7 @@ struct ClientParameters { bool no_file_limit_ = true; bool allow_users_ = false; bool allow_users_registration_ = false; + bool stats_hide_sensible_data_ = false; td::int32 api_id_ = 0; td::string api_hash_; diff --git a/telegram-bot-api/telegram-bot-api.cpp b/telegram-bot-api/telegram-bot-api.cpp index 3b158fe..a3d3971 100644 --- a/telegram-bot-api/telegram-bot-api.cpp +++ b/telegram-bot-api/telegram-bot-api.cpp @@ -180,6 +180,8 @@ int main(int argc, char *argv[]) { options.add_option('\0', "allow-users-registration", "allow user accounts to be registered on the API", [&] { parameters->allow_users_registration_ = true; }); + options.add_option('\0', "stats-hide-sensible-data", "in the stats hide sensible data like bot token and webhook url", [&] { parameters->stats_hide_sensible_data_ = true; }); + options.add_checked_option( '\0', "api-id", "application identifier for Telegram API access, which can be obtained at https://my.telegram.org (defaults to "