From d37defe6592992e886cc5cc8fec444d34875fd4d Mon Sep 17 00:00:00 2001
From: Jaroslav Balaz <jaroslav.balaz@otrs.com>
Date: Mon, 23 Mar 2020 18:55:45 +0100
Subject: [PATCH] Mask user credentials in the SupportBundle.

---
 CHANGES.md                              |  1 +
 Kernel/System/SupportBundleGenerator.pm |  3 +++
 scripts/test/SupportBundleGenerator.t   | 12 ++++++++++++
 3 files changed, 16 insertions(+)

--- a/Kernel/System/SupportBundleGenerator.pm
+++ b/Kernel/System/SupportBundleGenerator.pm
@@ -350,6 +350,9 @@ sub GenerateCustomFilesArchive {
     #             UserPw => 'xxx',
     $Config =~ s/((?:Password|Pw)\d*\s*=>\s*)\'.*?\'/$1\'xxx\'/mg;
 
+    # Obfuscate user login data to avoid showing it.
+    $Config =~ s{://\w+:\w+@}{://[user]:[password]@}smxg;
+
     $TarObject->replace_content( $HomeWithoutSlash . '/Kernel/Config.pm', $Config );
 
     my $Write = $TarObject->write( $CustomFilesArchive, 0 );
--- a/scripts/test/SupportBundleGenerator.t
+++ b/scripts/test/SupportBundleGenerator.t
@@ -312,6 +312,10 @@ for my $Test (@Tests) {
             Test => $TestPackage,
         },
     },
+    {
+        Name   => 'DNS (Document search nodes)',
+        Result => "DNS  => 'https://[user]:[password]\@localhost:9200'"
+    }
 );
 
 for my $Test (@Tests) {