From 9df464267bac62d0685025a9feb9bc103b427daa Mon Sep 17 00:00:00 2001
From: Paul Bourke <paul.bourke@oracle.com>
Date: Wed, 19 Oct 2016 14:51:10 +0100
Subject: [PATCH] Redact password from opendaylight client logging

The opendaylight client is printing debug that can potentially contain
the user password. This should be redacted for security.

Change-Id: Id07b8fc6bc63dc6bb799c4489b938253c5e15476
Closes-Bug: #1634907
---
 ceilometer/network/statistics/opendaylight/client.py | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/ceilometer/network/statistics/opendaylight/client.py b/ceilometer/network/statistics/opendaylight/client.py
index 21c9298ba1..3e78636a03 100644
--- a/ceilometer/network/statistics/opendaylight/client.py
+++ b/ceilometer/network/statistics/opendaylight/client.py
@@ -199,8 +199,7 @@ class Client(object):
             else:
                 curl_command.append('--digest ')
 
-            curl_command.append('--user "%s":"%s" ' % (auth_class.username,
-                                                       auth_class.password))
+            curl_command.append('--user "%s":"***" ' % auth_class.username)
 
         for name, value in six.iteritems(self._req_params['headers']):
             curl_command.append('-H "%s: %s" ' % (name, value))