From 4239fee0af5480199c53da2fd8cca4c03af015e9 Mon Sep 17 00:00:00 2001 From: Jonathan Lennox Date: Tue, 9 Jul 2024 16:59:22 -0400 Subject: [PATCH 1/2] Feat: Redact remote endpoint IP addresses in log messages. --- .../java/org/jitsi/videobridge/Conference.java | 14 ++++++++++++-- .../org/jitsi/videobridge/VideobridgeConfig.kt | 5 +++++ jvb/src/main/resources/application.conf | 1 + jvb/src/main/resources/reference.conf | 3 +++ pom.xml | 4 ++-- 5 files changed, 23 insertions(+), 4 deletions(-) diff --git a/jvb/src/main/java/org/jitsi/videobridge/Conference.java b/jvb/src/main/java/org/jitsi/videobridge/Conference.java index 4e751391c7..c4de0972e3 100644 --- a/jvb/src/main/java/org/jitsi/videobridge/Conference.java +++ b/jvb/src/main/java/org/jitsi/videobridge/Conference.java @@ -224,7 +224,13 @@ public Conference(Videobridge videobridge, { try { - logger.info("RECV colibri2 request: " + XmlStringBuilderUtil.toStringOpt(request.getRequest())); + logger.info( () -> { + String reqStr = XmlStringBuilderUtil.toStringOpt(request.getRequest()); + if (VideobridgeConfig.getRedactRemoteAddresses()) { + reqStr = RedactColibriIp.Companion.redact(reqStr); + } + return "RECV colibri2 request: " + reqStr; + }); long start = System.currentTimeMillis(); Pair p = colibri2Handler.handleConferenceModifyIQ(request.getRequest()); IQ response = p.getFirst(); @@ -236,8 +242,12 @@ public Conference(Videobridge videobridge, request.getTotalDelayStats().addDelay(totalDelay); if (processingDelay > 100) { + String reqStr = XmlStringBuilderUtil.toStringOpt(request.getRequest()); + if (VideobridgeConfig.getRedactRemoteAddresses()) { + reqStr = RedactColibriIp.Companion.redact(reqStr); + } logger.warn("Took " + processingDelay + " ms to process an IQ (total delay " - + totalDelay + " ms): " + XmlStringBuilderUtil.toStringOpt(request.getRequest())); + + totalDelay + " ms): " + reqStr); } logger.info("SENT colibri2 response: " + XmlStringBuilderUtil.toStringOpt(response)); request.getCallback().invoke(response); diff --git a/jvb/src/main/kotlin/org/jitsi/videobridge/VideobridgeConfig.kt b/jvb/src/main/kotlin/org/jitsi/videobridge/VideobridgeConfig.kt index 228c041744..212a6f170e 100644 --- a/jvb/src/main/kotlin/org/jitsi/videobridge/VideobridgeConfig.kt +++ b/jvb/src/main/kotlin/org/jitsi/videobridge/VideobridgeConfig.kt @@ -24,5 +24,10 @@ class VideobridgeConfig private constructor() { val initialDrainMode: Boolean by config { "videobridge.initial-drain-mode".from(JitsiConfig.newConfig) } + + @JvmStatic + val redactRemoteAddresses: Boolean by config { + "videobridge.redact-remote-addresses".from(JitsiConfig.newConfig) + } } } diff --git a/jvb/src/main/resources/application.conf b/jvb/src/main/resources/application.conf index 9afb3c9bf8..09d391d298 100644 --- a/jvb/src/main/resources/application.conf +++ b/jvb/src/main/resources/application.conf @@ -19,4 +19,5 @@ ice4j { use-dynamic-ports = false } } + redact-remote-addresses = ${videobridge.redact-remote-addresses} } diff --git a/jvb/src/main/resources/reference.conf b/jvb/src/main/resources/reference.conf index cfff64409c..9c0cc72fea 100644 --- a/jvb/src/main/resources/reference.conf +++ b/jvb/src/main/resources/reference.conf @@ -388,6 +388,9 @@ videobridge { # size for which the filter is enabled. stats-filter-threshold = 20 + # Whether to redact remote endpoint IP addresses from logs + redact-remote-addresses = true + ssrc-limit { # maximum number of SSRCs to send to an endpoint for video video = 50 diff --git a/pom.xml b/pom.xml index 855cd6c104..3a00efafcb 100644 --- a/pom.xml +++ b/pom.xml @@ -106,12 +106,12 @@ ${project.groupId} ice4j - 3.0-69-ga53b402 + 3.0-72-g824cd4b ${project.groupId} jitsi-xmpp-extensions - 1.0-80-g0ce9883 + 1.0-81-g3816e5a From 4b9cb6fdb1815042f250aef4ca8624c6eb8ce9b8 Mon Sep 17 00:00:00 2001 From: Jonathan Lennox Date: Tue, 9 Jul 2024 17:10:22 -0400 Subject: [PATCH 2/2] Squash: checkstyle fixes. --- jvb/src/main/java/org/jitsi/videobridge/Conference.java | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/jvb/src/main/java/org/jitsi/videobridge/Conference.java b/jvb/src/main/java/org/jitsi/videobridge/Conference.java index c4de0972e3..cb5ff73882 100644 --- a/jvb/src/main/java/org/jitsi/videobridge/Conference.java +++ b/jvb/src/main/java/org/jitsi/videobridge/Conference.java @@ -226,7 +226,8 @@ public Conference(Videobridge videobridge, { logger.info( () -> { String reqStr = XmlStringBuilderUtil.toStringOpt(request.getRequest()); - if (VideobridgeConfig.getRedactRemoteAddresses()) { + if (VideobridgeConfig.getRedactRemoteAddresses()) + { reqStr = RedactColibriIp.Companion.redact(reqStr); } return "RECV colibri2 request: " + reqStr; @@ -243,7 +244,8 @@ public Conference(Videobridge videobridge, if (processingDelay > 100) { String reqStr = XmlStringBuilderUtil.toStringOpt(request.getRequest()); - if (VideobridgeConfig.getRedactRemoteAddresses()) { + if (VideobridgeConfig.getRedactRemoteAddresses()) + { reqStr = RedactColibriIp.Companion.redact(reqStr); } logger.warn("Took " + processingDelay + " ms to process an IQ (total delay "