From 7477bbd89847801b93ac0130b1a1649a37448453 Mon Sep 17 00:00:00 2001
From: Robert Varga <robert.varga@pantheon.tech>
Date: Sun, 15 Oct 2023 20:34:17 +0200
Subject: [PATCH] Log hello message as confidential

Just as with any on-wire message, we have no idea whether or not it
contains confidential information.

Mark log output as condidential and clean up surrounding code a bit.

Change-Id: I15e85449ecd7795a4a01b1267a46e4909d1049e7
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
---
 netconf/netconf-netty-util/pom.xml            |  4 ++++
 .../NetconfXMLToHelloMessageDecoder.java      | 23 ++++++++++---------
 2 files changed, 16 insertions(+), 11 deletions(-)

diff --git a/netconf/netconf-netty-util/pom.xml b/netconf/netconf-netty-util/pom.xml
index bba3b3f70c..928dd18857 100644
--- a/netconf/netconf-netty-util/pom.xml
+++ b/netconf/netconf-netty-util/pom.xml
@@ -64,6 +64,10 @@
       <groupId>org.opendaylight.aaa</groupId>
       <artifactId>aaa-encrypt-service</artifactId>
     </dependency>
+    <dependency>
+      <groupId>org.opendaylight.odlparent</groupId>
+      <artifactId>logging-markers</artifactId>
+    </dependency>
     <dependency>
       <groupId>org.opendaylight.yangtools</groupId>
       <artifactId>util</artifactId>
diff --git a/netconf/netconf-netty-util/src/main/java/org/opendaylight/netconf/nettyutil/handler/NetconfXMLToHelloMessageDecoder.java b/netconf/netconf-netty-util/src/main/java/org/opendaylight/netconf/nettyutil/handler/NetconfXMLToHelloMessageDecoder.java
index 5b13003c2f..89f441cb7b 100644
--- a/netconf/netconf-netty-util/src/main/java/org/opendaylight/netconf/nettyutil/handler/NetconfXMLToHelloMessageDecoder.java
+++ b/netconf/netconf-netty-util/src/main/java/org/opendaylight/netconf/nettyutil/handler/NetconfXMLToHelloMessageDecoder.java
@@ -8,8 +8,6 @@
 package org.opendaylight.netconf.nettyutil.handler;
 
 import com.google.common.annotations.VisibleForTesting;
-import com.google.common.base.Preconditions;
-import com.google.common.collect.ImmutableList;
 import io.netty.buffer.ByteBuf;
 import io.netty.buffer.ByteBufUtil;
 import io.netty.channel.ChannelHandlerContext;
@@ -25,6 +23,7 @@ import org.opendaylight.netconf.api.messages.HelloMessage;
 import org.opendaylight.netconf.api.messages.NetconfHelloMessageAdditionalHeader;
 import org.opendaylight.netconf.api.messages.NetconfMessage;
 import org.opendaylight.netconf.api.xml.XmlUtil;
+import org.opendaylight.odlparent.logging.markers.Markers;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.w3c.dom.Document;
@@ -42,10 +41,10 @@ import org.xml.sax.SAXException;
 public final class NetconfXMLToHelloMessageDecoder extends ByteToMessageDecoder {
     private static final Logger LOG = LoggerFactory.getLogger(NetconfXMLToHelloMessageDecoder.class);
 
-    private static final List<byte[]> POSSIBLE_ENDS = ImmutableList.of(
+    private static final List<byte[]> POSSIBLE_ENDS = List.of(
             new byte[] { ']', '\n' },
             new byte[] { ']', '\r', '\n' });
-    private static final List<byte[]> POSSIBLE_STARTS = ImmutableList.of(
+    private static final List<byte[]> POSSIBLE_STARTS = List.of(
             new byte[] { '[' },
             new byte[] { '\r', '\n', '[' },
             new byte[] { '\n', '[' });
@@ -92,15 +91,17 @@ public final class NetconfXMLToHelloMessageDecoder extends ByteToMessageDecoder
 
             final NetconfMessage message = getNetconfMessage(additionalHeader, doc);
             if (message instanceof HelloMessage) {
-                Preconditions.checkState(!helloReceived,
-                        "Multiple hello messages received, unexpected hello: %s", message);
+                if (helloReceived) {
+                    throw new IllegalStateException("Multiple hello messages received, unexpected hello: " + message);
+                }
                 out.add(message);
                 helloReceived = true;
-            // Non hello message, suspend the message and insert into cache
-            } else {
-                Preconditions.checkState(helloReceived, "Hello message not received, instead received: %s", message);
+            } else if (helloReceived) {
+                // Non hello message, suspend the message and insert into cache
                 LOG.debug("Netconf message received during negotiation, caching {}", message);
                 nonHelloMessages.add(message);
+            } else {
+                throw new IllegalStateException("Hello message not received, instead received: " + message);
             }
         } finally {
             in.discardReadBytes();
@@ -159,8 +160,8 @@ public final class NetconfXMLToHelloMessageDecoder extends ByteToMessageDecoder
 
     private static void logMessage(final byte[] bytes) {
         if (LOG.isDebugEnabled()) {
-            String string = StandardCharsets.UTF_8.decode(ByteBuffer.wrap(bytes)).toString();
-            LOG.debug("Parsing message \n{}", string);
+            LOG.debug(Markers.confidential(), "Parsing message \n{}",
+                StandardCharsets.UTF_8.decode(ByteBuffer.wrap(bytes)).toString());
         }
     }
 
-- 
2.36.6